serpent_encrypt(&ti->mackey,macplain,macacc);
}
serpent_encrypt(&ti->mackey,macacc,macacc);
- if (memcmp(macexpected,macacc,16)!=0) {
+ if (!consttime_memeq(macexpected,macacc,16)!=0) {
*errmsg="invalid MAC";
return 1;
}
return 1;
}
- padp=buf_unappend(buf,padlen-1);
- for (i=0; i<padlen-1; i++) {
- if (*++padp != padlen) {
- *errmsg="pkcs5: corrupted padding";
- return 1;
- }
- }
+ buf_unappend(buf,padlen-1);
/* Sequence number must be within max_skew of lastrecvseq; lastrecvseq
is only allowed to increase. */