progs/catcrypt.c, progs/cc-sig.c: Compare MAC tags in constant time.

[catacomb] / progs / catcrypt.c

diff --git a/progs/catcrypt.c b/progs/catcrypt.c
index f4d10c9..5879ecb 100644 (file)
--- a/progs/catcrypt.c
+++ b/progs/catcrypt.c
@@ -44,6 +44,7 @@
 #include <mLib/sub.h>
 
 #include "buf.h"
+#include "ct.h"
 #include "rand.h"
 #include "noise.h"
 #include "mprand.h"
@@ -534,7 +535,7 @@ static int decrypt(int argc, char *argv[])
       exit(EXIT_FAILURE);
     }
     GH_HASH(h, BCUR(&b), BLEFT(&b));
-    if (memcmp(tag, GH_DONE(h, 0), GM_CLASS(m)->hashsz) != 0) {
+    if (!ct_memeq(tag, GH_DONE(h, 0), GM_CLASS(m)->hashsz)) {
       if (f & f_progress) fprogress_done(&ff);
       if (verb)
        printf("FAIL bad ciphertext chunk: authentication failure\n");