~mdw / secnet / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
memcmp: Introduce and use consttime_memeq
[secnet] / transform.c
diff --git a/transform.c b/transform.c
index 289b02e..012f618 100644 (file)
--- a/transform.c
+++ b/transform.c
@@ -220,7 +220,7 @@ static uint32_t transform_reverse(void *sst, struct buffer_if *buf,
        serpent_encrypt(&ti->mackey,macplain,macacc);
     }
     serpent_encrypt(&ti->mackey,macacc,macacc);
-    if (memcmp(macexpected,macacc,16)!=0) {
+    if (!consttime_memeq(macexpected,macacc,16)!=0) {
        *errmsg="invalid MAC";
        return 1;
     }
Secnet virtual private network: clone of http://www.chiark.greenend.org.uk/ucgi/~ian/git/secnet.git/