From 69f438207d6cae9fb25c8e40b97090fc24c1bc26 Mon Sep 17 00:00:00 2001
From: Bob <bob.loosennospam@gmail.com>
Date: Sun, 5 Jun 2016 17:34:02 +0200
Subject: [PATCH] fixed: possible timing attack

---
 bitlair_doorduino/bitlair_doorduino.ino | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/bitlair_doorduino/bitlair_doorduino.ino b/bitlair_doorduino/bitlair_doorduino.ino
index 79bb7f8..2f6f253 100644
--- a/bitlair_doorduino/bitlair_doorduino.ino
+++ b/bitlair_doorduino/bitlair_doorduino.ino
@@ -283,6 +283,9 @@ void ListButtons()
   }
 }
 
+#define RANDOMDELAY_MIN  50
+#define RANDOMDELAY_MAX 200
+
 bool AuthenticateButton(uint8_t* addr, uint8_t* secret)
 {
   uint8_t mac_from_ibutton[SHA1SIZE];
@@ -317,13 +320,18 @@ bool AuthenticateButton(uint8_t* addr, uint8_t* secret)
   ((uint32_t*)mac_computed)[3] = htonl(ntohl(*(uint32_t *)(sha_computed+12)) - 0x10325476);
   ((uint32_t*)mac_computed)[4] = htonl(ntohl(*(uint32_t *)(sha_computed+16)) - 0xc3d2e1f0);
 
+  //this check should always take the same amount of time, to prevent a timing attack
+  bool macvalid = true;
   for (uint8_t i = 0; i < SHA1SIZE; i++)
   {
     if (mac_from_ibutton[i] != mac_computed[SHA1SIZE - 1 - i])
-      return false;
+      macvalid = false;
   }
 
-  return true;
+  //add a random delay
+  delayMicroseconds(Entropy.random(RANDOMDELAY_MIN, RANDOMDELAY_MAX));
+
+  return macvalid;
 }
 
 bool ReadCMD(char* cmdbuf, uint8_t* cmdbuffill)