~mdw
/
tripe
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
| inline |
side by side
server: Compare MAC tags in constant time.
[tripe]
/
server
/
keyset.c
diff --git
a/server/keyset.c
b/server/keyset.c
index
c54febd
..
66a5961
100644
(file)
--- a/
server/keyset.c
+++ b/
server/keyset.c
@@
-201,7
+201,7
@@
static int dodecrypt(keyset *ks, unsigned ty, buf *b, buf *bb, uint32 *seq)
GH_HASH(h, t, sizeof(t));
GH_HASH(h, pseq, SEQSZ + ivsz + sz);
mac = GH_DONE(h, 0);
- eq =
!memcmp
(mac, pmac, tagsz);
+ eq =
ct_memeq
(mac, pmac, tagsz);
IF_TRACING(T_KEYSET, {
trace_block(T_CRYPTO, "crypto: computed MAC", mac, tagsz);
})