From dd48c825ed2d298209c4c596a8b193d0afe97835 Mon Sep 17 00:00:00 2001 From: Sean Parkinson Date: Fri, 9 Aug 2019 11:50:07 -0600 Subject: [PATCH] Constant compare the HMAC result when using NULL cipher and TLS 1.3 --- src/tls13.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/tls13.c b/src/tls13.c index 234623601..1c4123b92 100644 --- a/src/tls13.c +++ b/src/tls13.c @@ -1935,7 +1935,7 @@ static int Tls13IntegrityOnly_Decrypt(WOLFSSL* ssl, byte* output, if (ret == 0) ret = wc_HmacFinal(ssl->decrypt.hmac, hmac); /* Check authentication tag matches */ - if (ret == 0 && XMEMCMP(tagIn, hmac, ssl->specs.hash_size) != 0) + if (ret == 0 && ConstantCompare(tagIn, hmac, ssl->specs.hash_size) != 0) ret = DECRYPT_ERROR; /* Copy the input to output if not the same buffer */ if (ret == 0 && output != input)