diff options
author | Emilia Kasper <emilia@openssl.org> | 2015-05-27 17:12:13 +0200 |
---|---|---|
committer | Emilia Kasper <emilia@openssl.org> | 2015-06-08 14:55:50 +0200 |
commit | 1e4a355dcabe2f75df5bb8b41b394d37037169d2 (patch) | |
tree | aac26a71e92cf32f361342fbe2c3fe4edde4395d /crypto/evp/e_rc4_hmac_md5.c | |
parent | 65d3941f4aa199d0fcd615b074876f8ff2886d11 (diff) |
Use CRYPTO_memcmp when comparing authenticators
Pointed out by Victor Vasiliev (vasilvv@mit.edu) via Adam Langley
(Google).
Reviewed-by: Rich Salz <rsalz@openssl.org>
Diffstat (limited to 'crypto/evp/e_rc4_hmac_md5.c')
-rw-r--r-- | crypto/evp/e_rc4_hmac_md5.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/crypto/evp/e_rc4_hmac_md5.c b/crypto/evp/e_rc4_hmac_md5.c index 1ba690da11..e3fe91835c 100644 --- a/crypto/evp/e_rc4_hmac_md5.c +++ b/crypto/evp/e_rc4_hmac_md5.c @@ -54,6 +54,7 @@ #if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_MD5) +# include <openssl/crypto.h> # include <openssl/evp.h> # include <openssl/objects.h> # include <openssl/rc4.h> @@ -209,7 +210,7 @@ static int rc4_hmac_md5_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, MD5_Update(&key->md, mac, MD5_DIGEST_LENGTH); MD5_Final(mac, &key->md); - if (memcmp(out + plen, mac, MD5_DIGEST_LENGTH)) + if (CRYPTO_memcmp(out + plen, mac, MD5_DIGEST_LENGTH)) return 0; } else { MD5_Update(&key->md, out + md5_off, len - md5_off); |