lib/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2025-11-29 01:03:57 +03:00
Code Activity

chachapoly: Use secure_memcmp() to compare auth tag

Browse Source 
When checking the authentication tag, use secure_memcmp() instead of
memcmp().

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
This commit is contained in:
Anderson Toshiyuki Sasaki
2020-12-11 12:39:57 +01:00
parent 486ad81974
commit c50cfe7fc7
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/chachapoly.c
View File

@@ -164,7 +164,7 @@ static int chacha20_poly1305_aead_decrypt(struct ssh_cipher_struct *cipher,
ssh_log_hexdump("received tag", mac, POLY1305_TAGLEN); ssh_log_hexdump("received tag", mac, POLY1305_TAGLEN);
#endif #endif
cmp = memcmp(tag, mac, POLY1305_TAGLEN); cmp = secure_memcmp(tag, mac, POLY1305_TAGLEN);
if(cmp != 0) { if(cmp != 0) {
/* mac error */ /* mac error */
SSH_LOG(SSH_LOG_PACKET,"poly1305 verify error"); SSH_LOG(SSH_LOG_PACKET,"poly1305 verify error");