Use constant-time comparisons for checksums

author: Greg Hudson <ghudson@mit.edu> 2013-10-02 17:58:06 -0400
committer: Greg Hudson <ghudson@mit.edu> 2013-10-03 15:26:00 -0400
commit: 07d68eec2788bfe80686608813f644838707c168 (patch)
tree: 59c01da03dc85a005b5936ecf836eac4fe71c98b /src/lib/crypto/krb/enc_dk_cmac.c
parent: ac7d07c2cc54e9f07fe81ac4c50bcc80ecc7ac54 (diff)
download: krb5-07d68eec2788bfe80686608813f644838707c168.zip
krb5-07d68eec2788bfe80686608813f644838707c168.tar.gz
krb5-07d68eec2788bfe80686608813f644838707c168.tar.bz2
1 files changed, 1 insertions, 1 deletions
diff --git a/src/lib/crypto/krb/enc_dk_cmac.c b/src/lib/crypto/krb/enc_dk_cmac.c
index e27c862..9bb3dba 100644
--- a/src/lib/crypto/krb/enc_dk_cmac.c
+++ b/src/lib/crypto/krb/enc_dk_cmac.c
@@ -169,7 +169,7 @@ krb5int_dk_cmac_decrypt(const struct krb5_keytypes *ktp, krb5_key key,
     ret = krb5int_cmac_checksum(enc, ki, data, num_data, &cksum);
     if (ret != 0)
         goto cleanup;
-    if (!data_eq(cksum, trailer->data))
+    if (k5_bcmp(cksum.data, trailer->data.data, enc->block_size) != 0)
         ret = KRB5KRB_AP_ERR_BAD_INTEGRITY;
 
 cleanup:
author	Greg Hudson <ghudson@mit.edu>	2013-10-02 17:58:06 -0400
committer	Greg Hudson <ghudson@mit.edu>	2013-10-03 15:26:00 -0400
commit	07d68eec2788bfe80686608813f644838707c168 (patch)
tree	59c01da03dc85a005b5936ecf836eac4fe71c98b /src/lib/crypto/krb/enc_dk_cmac.c
parent	ac7d07c2cc54e9f07fe81ac4c50bcc80ecc7ac54 (diff)
download	krb5-07d68eec2788bfe80686608813f644838707c168.zip krb5-07d68eec2788bfe80686608813f644838707c168.tar.gz krb5-07d68eec2788bfe80686608813f644838707c168.tar.bz2