chiark / gitweb /
~mdw / tripe / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
server: Compare MAC tags in constant time.
[tripe] / server / chal.c
diff --git a/server/chal.c b/server/chal.c
index 12b64e21ab4a7676c8a6182c794be8560ebdc864..e282f08548967e5cd8d4cd7722948a0cb5e4c01f 100644 (file)
--- a/server/chal.c
+++ b/server/chal.c
@@ -117,7 +117,7 @@ int c_check(buf *b)
   }
   h = GM_INIT(mac);
   GH_HASH(h, p, 4);
-  ok = (memcmp(GH_DONE(h, 0), p + 4, master->algs.tagsz) == 0);
+  ok = ct_memeq(GH_DONE(h, 0), p + 4, master->algs.tagsz);
   GH_DESTROY(h);
   if (!ok) {
     a_warn("CHAL", "incorrect-tag", A_END);
Trivial IP Encryption: a simple VPN