feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Constant compare the HMAC result when using NULL cipher and TLS 1.3

Browse Source
This commit is contained in:
Sean Parkinson
2019-08-09 11:50:07 -06:00
parent 51dfc35aac
commit dd48c825ed
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/tls13.c
View File

@@ -1935,7 +1935,7 @@ static int Tls13IntegrityOnly_Decrypt(WOLFSSL* ssl, byte* output,
if (ret == 0) if (ret == 0)
ret = wc_HmacFinal(ssl->decrypt.hmac, hmac); ret = wc_HmacFinal(ssl->decrypt.hmac, hmac);
/* Check authentication tag matches */ /* Check authentication tag matches */
if (ret == 0 && XMEMCMP(tagIn, hmac, ssl->specs.hash_size) != 0) if (ret == 0 && ConstantCompare(tagIn, hmac, ssl->specs.hash_size) != 0)
ret = DECRYPT_ERROR; ret = DECRYPT_ERROR;
/* Copy the input to output if not the same buffer */ /* Copy the input to output if not the same buffer */
if (ret == 0 && output != input) if (ret == 0 && output != input)