Suyu/mbedtls
1
0
Fork 0
mirror of https://git.suyu.dev/suyu/mbedtls.git synced 2025-12-24 00:06:32 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Make all hash checking in programs constant-time

Browse source
This commit is contained in:
Manuel Pégourié-Gonnard 2013-10-28 12:51:32 +01:00 committed by Paul Bakker
parent 424cd6943c
commit 291f9af935
5 changed files with 35 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

8
programs/hash/md5sum.c
View file

@ -77,6 +77,7 @@ static int md5_check( char *filename )
int nb_tot1, nb_tot2;
unsigned char sum[16];
char buf[33], line[1024];
char diff;
if( ( f = fopen( filename, "rb" ) ) == NULL )
{
@ -117,7 +118,12 @@ static int md5_check( char *filename )
for( i = 0; i < 16; i++ )
sprintf( buf + i * 2, "%02x", sum[i] );
if( memcmp( line, buf, 32 ) != 0 )
/* Use constant-time buffer comparison */
diff = 0;
for( i = 0; i < 32; i++ )
diff |= line[i] ^ buf[i];
if( diff != 0 )
{
nb_err2++;
fprintf( stderr, "wrong checksum: %s\n", line + 34 );