~mdw
/
udpkey
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Use constant-time comparison for checking MAC tags.
[udpkey]
/
udpkey.c
diff --git
a/udpkey.c
b/udpkey.c
index
d8845e1
..
452a857
100644
(file)
--- a/
udpkey.c
+++ b/
udpkey.c
@@
-59,6
+59,7
@@
#include <mLib/tv.h>
#include <catacomb/buf.h>
#include <mLib/tv.h>
#include <catacomb/buf.h>
+#include <catacomb/ct.h>
#include <catacomb/dh.h>
#include <catacomb/ec.h>
#include <catacomb/ec-keys.h>
#include <catacomb/dh.h>
#include <catacomb/ec.h>
#include <catacomb/ec-keys.h>
@@
-1044,7
+1045,7
@@
static int doquery(int argc, char *argv[])
h = GM_INIT(m);
GH_HASH(h, p, n);
tt = GH_DONE(h, 0);
h = GM_INIT(m);
GH_HASH(h, p, n);
tt = GH_DONE(h, 0);
- if (
memcmp(t, tt, s->k.tagsz) != 0
) {
+ if (
!ct_memeq(t, tt, s->k.tagsz)
) {
moan("incorrect tag from %s:%d",
inet_ntoa(sin.sin_addr), ntohs(sin.sin_port));
goto again;
moan("incorrect tag from %s:%d",
inet_ntoa(sin.sin_addr), ntohs(sin.sin_port));
goto again;