From 3aa781a65267d72000009df0fa2feee5cb3bdd8d Mon Sep 17 00:00:00 2001
From: Andrey Andreev <narf@devilix.net>
Date: Thu, 6 Feb 2014 05:34:19 +0200
Subject: Make CI_Session's HMAC comparison time-attack-safe

---
 system/libraries/Session/drivers/Session_cookie.php | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

(limited to 'system/libraries/Session')

diff --git a/system/libraries/Session/drivers/Session_cookie.php b/system/libraries/Session/drivers/Session_cookie.php
index 971dfeabe..c8dfad6c9 100644
--- a/system/libraries/Session/drivers/Session_cookie.php
+++ b/system/libraries/Session/drivers/Session_cookie.php
@@ -395,7 +395,15 @@ class CI_Session_cookie extends CI_Session_driver {
 		$hmac	 = substr($session, $len);
 		$session = substr($session, 0, $len);
 
-		if ($hmac !== hash_hmac('sha1', $session, $this->encryption_key))
+		// Time-attack-safe comparison
+		$hmac_check = hash_hmac('sha1', $session, $this->encryption_key);
+		$diff = 0;
+		for ($i = 0; $i < 40; $i++)
+		{
+			$diff |= ord($hmac[$i]) ^ ord($hmac_check[$i]);
+		}
+
+		if ($diff !== 0)
 		{
 			log_message('error', 'The session cookie data did not match what was expected.');
 			$this->sess_destroy();
-- 
cgit v1.2.3-24-g4f1b