mirror of
https://github.com/RGBCube/serenity
synced 2025-07-27 21:07:34 +00:00
LibCrypto: Use AK::timing_safe_compare to validate sensitive data
Addresses one FIXME in GCM, and another similar issue in EMSA_PSS. We should be using constant time memory comparisons in all of our crypto code.
This commit is contained in:
parent
3ab2b90744
commit
0a5321b3f9
2 changed files with 4 additions and 3 deletions
|
@ -8,6 +8,7 @@
|
|||
|
||||
#include <AK/Array.h>
|
||||
#include <AK/Format.h>
|
||||
#include <AK/Memory.h>
|
||||
#include <AK/Random.h>
|
||||
#include <AK/Vector.h>
|
||||
#include <LibCrypto/PK/Code/Code.h>
|
||||
|
@ -140,7 +141,7 @@ public:
|
|||
hash_fn.update(m_prime_buffer);
|
||||
auto H_prime = hash_fn.digest();
|
||||
|
||||
if (__builtin_memcmp(message_hash.data, H_prime.data, HashFunction::DigestSize) != 0)
|
||||
if (!timing_safe_compare(message_hash.data, H_prime.data, HashFunction::DigestSize))
|
||||
return VerificationConsistency::Inconsistent;
|
||||
|
||||
return VerificationConsistency::Consistent;
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue