aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/misc
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/misc')
-rw-r--r--src/lib/misc/cryptobox/cryptobox.cpp2
-rw-r--r--src/lib/misc/tss/tss.cpp7
2 files changed, 6 insertions, 3 deletions
diff --git a/src/lib/misc/cryptobox/cryptobox.cpp b/src/lib/misc/cryptobox/cryptobox.cpp
index 944adef49..0ff6fe8f5 100644
--- a/src/lib/misc/cryptobox/cryptobox.cpp
+++ b/src/lib/misc/cryptobox/cryptobox.cpp
@@ -145,7 +145,7 @@ std::string decrypt(const uint8_t input[], size_t input_len,
uint8_t computed_mac[MAC_OUTPUT_LEN];
BOTAN_ASSERT_EQUAL(MAC_OUTPUT_LEN, pipe.read(computed_mac, MAC_OUTPUT_LEN, 1), "MAC size");
- if(!same_mem(computed_mac,
+ if(!constant_time_compare(computed_mac,
&ciphertext[VERSION_CODE_LEN + PBKDF_SALT_LEN],
MAC_OUTPUT_LEN))
throw Decoding_Error("CryptoBox integrity failure");
diff --git a/src/lib/misc/tss/tss.cpp b/src/lib/misc/tss/tss.cpp
index a7b0c4eac..2039e5fea 100644
--- a/src/lib/misc/tss/tss.cpp
+++ b/src/lib/misc/tss/tss.cpp
@@ -250,9 +250,12 @@ RTSS_Share::reconstruct(const std::vector<RTSS_Share>& shares)
hash->update(secret.data(), secret_len);
secure_vector<uint8_t> hash_check = hash->final();
- if(!same_mem(hash_check.data(),
- &secret[secret_len], hash->output_length()))
+ if(!constant_time_compare(hash_check.data(),
+ &secret[secret_len],
+ hash->output_length()))
+ {
throw Decoding_Error("RTSS hash check failed");
+ }
return secure_vector<uint8_t>(secret.cbegin(), secret.cbegin() + secret_len);
}
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-18 05:05:42 +0000