Make all hash checking in programs constant-time

2025-08-01 10:06:53 +03:00 · 2013-10-28 12:51:32 +01:00
parent 424cd6943c
commit 291f9af935
5 changed files with 35 additions and 5 deletions
--- a/programs/aes/aescrypt2.c
+++ b/programs/aes/aescrypt2.c
@ -75,6 +75,7 @@ int main( int argc, char *argv[] )
    unsigned char key[512];
    unsigned char digest[32];
    unsigned char buffer[1024];
+    unsigned char diff;

    aes_context aes_ctx;
    sha256_context sha_ctx;
@ -397,7 +398,12 @@ int main( int argc, char *argv[] )
            goto exit;
        }

-        if( memcmp( digest, buffer, 32 ) != 0 )
+        /* Use constant-time buffer comparison */
+        diff = 0;
+        for( i = 0; i < 32; i++ )
+            diff |= digest[i] ^ buffer[i];
+
+        if( diff != 0 )
        {
            fprintf( stderr, "HMAC check failed: wrong key, "
                             "or file corrupted.\n" );