chiark
/
gitweb
/
~mdw
/
udpkey
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Use constant-time comparison for checking MAC tags.
[udpkey]
/
udpkey.c
diff --git
a/udpkey.c
b/udpkey.c
index d8845e1a9222b4b2d8f1baaa98314b5777f513b8..452a85701d1ddeaf18eb6d1b62cc3927a1109449 100644
(file)
--- a/
udpkey.c
+++ b/
udpkey.c
@@
-59,6
+59,7
@@
#include <mLib/tv.h>
#include <catacomb/buf.h>
#include <mLib/tv.h>
#include <catacomb/buf.h>
+#include <catacomb/ct.h>
#include <catacomb/dh.h>
#include <catacomb/ec.h>
#include <catacomb/ec-keys.h>
#include <catacomb/dh.h>
#include <catacomb/ec.h>
#include <catacomb/ec-keys.h>
@@
-1044,7
+1045,7
@@
static int doquery(int argc, char *argv[])
h = GM_INIT(m);
GH_HASH(h, p, n);
tt = GH_DONE(h, 0);
h = GM_INIT(m);
GH_HASH(h, p, n);
tt = GH_DONE(h, 0);
- if (
memcmp(t, tt, s->k.tagsz) != 0
) {
+ if (
!ct_memeq(t, tt, s->k.tagsz)
) {
moan("incorrect tag from %s:%d",
inet_ntoa(sin.sin_addr), ntohs(sin.sin_port));
goto again;
moan("incorrect tag from %s:%d",
inet_ntoa(sin.sin_addr), ntohs(sin.sin_port));
goto again;