server: Compare MAC tags in constant time.

[tripe] / server / keyset.c

diff --git a/server/keyset.c b/server/keyset.c
index c54febdc73bde4a38c4d1051d3df2547b346a1a5..66a59618492e2b9ed71b12c820901f7a1ccb0b0e 100644 (file)
--- a/server/keyset.c
+++ b/server/keyset.c
@@ -201,7 +201,7 @@ static int dodecrypt(keyset *ks, unsigned ty, buf *b, buf *bb, uint32 *seq)
     GH_HASH(h, t, sizeof(t));
     GH_HASH(h, pseq, SEQSZ + ivsz + sz);
     mac = GH_DONE(h, 0);
-    eq = !memcmp(mac, pmac, tagsz);
+    eq = ct_memeq(mac, pmac, tagsz);
     IF_TRACING(T_KEYSET, {
       trace_block(T_CRYPTO, "crypto: computed MAC", mac, tagsz);
     })