Add InspIRCd::TimingSafeCompare() function that compares strings in a timing-safe way

2 files changed, 25 insertions, 0 deletions

diff --git a/include/inspircd.h b/include/inspircd.h
index 584a330ba..b16df9d71 100644
--- a/include/inspircd.h
+++ b/include/inspircd.h
@@ -669,6 +669,15 @@ class CoreExport InspIRCd
 	 */
 	static std::string TimeString(time_t curtime, const char* format = NULL, bool utc = false);
 
+	/** Compare two strings in a timing-safe way. If the lengths of the strings differ, the function
+	 * returns false immediately (leaking information about the length), otherwise it compares each
+	 * character and only returns after all characters have been compared.
+	 * @param one First string
+	 * @param two Second string
+	 * @return True if the strings match, false if they don't
+	 */
+	static bool TimingSafeCompare(const std::string& one, const std::string& two);
+
 	/** Begin execution of the server.
 	 * NOTE: this function NEVER returns. Internally,
 	 * it will repeatedly loop.
diff --git a/src/inspstring.cpp b/src/inspstring.cpp
index 7fa4762c5..b59492738 100644
--- a/src/inspstring.cpp
+++ b/src/inspstring.cpp
@@ -108,3 +108,19 @@ std::string Base64ToBin(const std::string& data_str, const char* table)
 	}
 	return rv;
 }
+
+bool InspIRCd::TimingSafeCompare(const std::string& one, const std::string& two)
+{
+	if (one.length() != two.length())
+		return false;
+
+	unsigned int diff = 0;
+	for (std::string::const_iterator i = one.begin(), j = two.begin(); i != one.end(); ++i, ++j)
+	{
+		unsigned char a = static_cast<unsigned char>(*i);
+		unsigned char b = static_cast<unsigned char>(*j);
+		diff |= a ^ b;
+	}
+
+	return (diff == 0);
+}