X-Git-Url: https://git.distorted.org.uk/~mdw/catacomb/blobdiff_plain/9c1437f372e62f0b3b3a7162aabee73bdc96ce4b..bd6d65e32b835551677456bf286d09ced6859882:/pub/x25519.c

diff --git a/pub/x25519.c b/pub/x25519.c
index 8e9649ec..cfdfea6f 100644
--- a/pub/x25519.c
+++ b/pub/x25519.c
@@ -111,23 +111,28 @@ void x25519(octet zz[X25519_OUTSZ],
 #include <stdio.h>
 #include <string.h>
 
+#include <mLib/macros.h>
 #include <mLib/report.h>
 #include <mLib/testrig.h>
 
+#include "ct.h"
+
 static int vrf_x25519(dstr dv[])
 {
   dstr dz = DSTR_INIT;
   int ok = 1;
 
-  if (dv[0].len != 32) die(1, "bad key length");
-  if (dv[1].len != 32) die(1, "bad public length");
-  if (dv[2].len != 32) die(1, "bad result length");
+  if (dv[0].len != X25519_KEYSZ) die(1, "bad key length");
+  if (dv[1].len != X25519_PUBSZ) die(1, "bad public length");
+  if (dv[2].len != X25519_OUTSZ) die(1, "bad result length");
 
-  dstr_ensure(&dz, 32); dz.len = 32;
+  ct_poison(dv[0].buf, dv[0].len);
+  dstr_ensure(&dz, X25519_OUTSZ); dz.len = X25519_OUTSZ;
   x25519((octet *)dz.buf,
 	 (const octet *)dv[0].buf,
 	 (const octet *)dv[1].buf);
-  if (memcmp(dz.buf, dv[2].buf, 32) != 0) {
+  ct_remedy(dz.buf, dz.len);
+  if (MEMCMP(dz.buf, !=, dv[2].buf, X25519_OUTSZ)) {
     ok = 0;
     fprintf(stderr, "failed!");
     fprintf(stderr, "\n\t   k = "); type_hex.dump(&dv[0], stderr);
@@ -143,7 +148,7 @@ static int vrf_x25519(dstr dv[])
 
 static int vrf_mct(dstr dv[])
 {
-  octet b0[32], b1[32], *k = b0, *x = b1, *t;
+  octet b0[X25519_OUTSZ], b1[X25519_OUTSZ], *k = b0, *x = b1, *t;
   unsigned long i, niter;
   dstr d = DSTR_INIT;
   int ok = 1;
@@ -154,7 +159,7 @@ static int vrf_mct(dstr dv[])
   memcpy(b0, dv[0].buf, sizeof(b0));
   memcpy(b1, dv[1].buf, sizeof(b1));
   niter = *(unsigned long *)dv[2].buf;
-  dstr_ensure(&d, 32); d.len = 32; t = (octet *)d.buf;
+  dstr_ensure(&d, X25519_OUTSZ); d.len = X25519_OUTSZ; t = (octet *)d.buf;
 
   for (i = 0; i < niter; i++) {
     x[31] &= 0x7f;
@@ -163,7 +168,7 @@ static int vrf_mct(dstr dv[])
   }
   memcpy(d.buf, k, d.len);
 
-  if (memcmp(d.buf, dv[3].buf, d.len) != 0) {
+  if (MEMCMP(d.buf, !=, dv[3].buf, d.len)) {
     ok = 0;
     fprintf(stderr, "failed...");
     fprintf(stderr, "\n\tinitial k = "); type_hex.dump(&dv[0], stderr);