Use constant_time_compare instead of same_mem

New name, same great operation

2 files changed, 6 insertions, 3 deletions

diff --git a/src/lib/misc/cryptobox/cryptobox.cpp b/src/lib/misc/cryptobox/cryptobox.cpp
index 944adef49..0ff6fe8f5 100644
--- a/src/lib/misc/cryptobox/cryptobox.cpp
+++ b/src/lib/misc/cryptobox/cryptobox.cpp
@@ -145,7 +145,7 @@ std::string decrypt(const uint8_t input[], size_t input_len,
    uint8_t computed_mac[MAC_OUTPUT_LEN];
    BOTAN_ASSERT_EQUAL(MAC_OUTPUT_LEN, pipe.read(computed_mac, MAC_OUTPUT_LEN, 1), "MAC size");
 
-   if(!same_mem(computed_mac,
+   if(!constant_time_compare(computed_mac,
                 &ciphertext[VERSION_CODE_LEN + PBKDF_SALT_LEN],
                 MAC_OUTPUT_LEN))
       throw Decoding_Error("CryptoBox integrity failure");
diff --git a/src/lib/misc/tss/tss.cpp b/src/lib/misc/tss/tss.cpp
index a7b0c4eac..2039e5fea 100644
--- a/src/lib/misc/tss/tss.cpp
+++ b/src/lib/misc/tss/tss.cpp
@@ -250,9 +250,12 @@ RTSS_Share::reconstruct(const std::vector<RTSS_Share>& shares)
    hash->update(secret.data(), secret_len);
    secure_vector<uint8_t> hash_check = hash->final();
 
-   if(!same_mem(hash_check.data(),
-                &secret[secret_len], hash->output_length()))
+   if(!constant_time_compare(hash_check.data(),
+                             &secret[secret_len],
+                             hash->output_length()))
+      {
       throw Decoding_Error("RTSS hash check failed");
+      }
 
    return secure_vector<uint8_t>(secret.cbegin(), secret.cbegin() + secret_len);
    }