ref: 57c9ee901f7cb1c19ec18e96e874a848112bad01
parent: 75f994da92fbf6bdab36f079ae896c2726d71f5d
author: cinap_lenrek <cinap_lenrek@felloff.net>
date: Wed Jan 13 16:48:09 EST 2016
devssl: use tsmemcmp() to compare mac to close timing side channel
--- a/sys/src/9/port/devssl.c
+++ b/sys/src/9/port/devssl.c
@@ -1439,7 +1439,7 @@
*p = n;
(*s->hf)(msgid, 4, digest, &ss);
- if(memcmp(digest, bin->rp, s->diglen) != 0)
+ if(tsmemcmp(digest, bin->rp, s->diglen) != 0)
error("bad digest");}
--
⑨