oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

use constant time memcmp

Browse Source
This commit is contained in:
Love Hornquist Astrand
2009-08-17 12:01:06 +02:00
parent 42cec58cb4
commit a6bfd9bb41
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
lib/krb5/crypto.c
View File

@@ -1295,7 +1295,7 @@ des_verify(krb5_context context,
EVP_DigestUpdate(m, data, len); EVP_DigestUpdate(m, data, len);
EVP_DigestFinal_ex (m, res, NULL); EVP_DigestFinal_ex (m, res, NULL);
EVP_MD_CTX_destroy(m); EVP_MD_CTX_destroy(m);
if(memcmp(res, tmp + 8, sizeof(res)) != 0) { if(ct_memcmp(res, tmp + 8, sizeof(res)) != 0) {
krb5_clear_error_message (context); krb5_clear_error_message (context);
ret = KRB5KRB_AP_ERR_BAD_INTEGRITY; ret = KRB5KRB_AP_ERR_BAD_INTEGRITY;
} }
@@ -1885,7 +1885,7 @@ verify_checksum(krb5_context context,
} }
if(c.checksum.length != cksum->checksum.length || if(c.checksum.length != cksum->checksum.length ||
memcmp(c.checksum.data, cksum->checksum.data, c.checksum.length)) { ct_memcmp(c.checksum.data, cksum->checksum.data, c.checksum.length)) {
krb5_clear_error_message (context); krb5_clear_error_message (context);
ret = KRB5KRB_AP_ERR_BAD_INTEGRITY; ret = KRB5KRB_AP_ERR_BAD_INTEGRITY;
} else { } else {
@@ -2269,7 +2269,7 @@ ARCFOUR_subdecrypt(krb5_context context,
memset (k2_c_data, 0, sizeof(k2_c_data)); memset (k2_c_data, 0, sizeof(k2_c_data));
memset (k3_c_data, 0, sizeof(k3_c_data)); memset (k3_c_data, 0, sizeof(k3_c_data));
if (memcmp (cksum.checksum.data, data, 16) != 0) { if (ct_memcmp (cksum.checksum.data, data, 16) != 0) {
krb5_clear_error_message (context); krb5_clear_error_message (context);
return KRB5KRB_AP_ERR_BAD_INTEGRITY; return KRB5KRB_AP_ERR_BAD_INTEGRITY;
} else { } else {