diff options
author | Greg Hudson <ghudson@mit.edu> | 2013-10-02 17:58:06 -0400 |
---|---|---|
committer | Greg Hudson <ghudson@mit.edu> | 2013-10-03 15:26:00 -0400 |
commit | 07d68eec2788bfe80686608813f644838707c168 (patch) | |
tree | 59c01da03dc85a005b5936ecf836eac4fe71c98b /src/lib/crypto/krb/checksum_confounder.c | |
parent | ac7d07c2cc54e9f07fe81ac4c50bcc80ecc7ac54 (diff) | |
download | krb5-07d68eec2788bfe80686608813f644838707c168.tar.gz krb5-07d68eec2788bfe80686608813f644838707c168.tar.xz krb5-07d68eec2788bfe80686608813f644838707c168.zip |
Use constant-time comparisons for checksums
Diffstat (limited to 'src/lib/crypto/krb/checksum_confounder.c')
-rw-r--r-- | src/lib/crypto/krb/checksum_confounder.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/lib/crypto/krb/checksum_confounder.c b/src/lib/crypto/krb/checksum_confounder.c index 31c7cd364..34941562c 100644 --- a/src/lib/crypto/krb/checksum_confounder.c +++ b/src/lib/crypto/krb/checksum_confounder.c @@ -148,7 +148,7 @@ krb5_error_code krb5int_confounder_verify(const struct krb5_cksumtypes *ctp, goto cleanup; /* Compare the decrypted hash to the computed one. */ - *valid = (memcmp(plaintext + blocksize, computed.data, hashsize) == 0); + *valid = (k5_bcmp(plaintext + blocksize, computed.data, hashsize) == 0); cleanup: zapfree(plaintext, input->length); |