diff options
author | Wiktor Kwapisiewicz <wiktor@metacode.biz> | 2021-03-18 11:54:09 +0100 |
---|---|---|
committer | Wiktor Kwapisiewicz <wiktor@metacode.biz> | 2021-03-18 11:55:33 +0100 |
commit | f617d9c9b0b9950e975cfe28736367b7361c1c71 (patch) | |
tree | f8abcd26f4d998e80435e7d27da49833845b6612 /openpgp | |
parent | 5140997e88b191eb7108e47ec1a3bdf7b129cd9b (diff) |
openpgp: Use time-constant comparison for MDC.
- This avoids side-channel attacks on the MDC computed digest.
Diffstat (limited to 'openpgp')
-rw-r--r-- | openpgp/src/packet/mdc.rs | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/openpgp/src/packet/mdc.rs b/openpgp/src/packet/mdc.rs index 16fdcd7b..5c3544ca 100644 --- a/openpgp/src/packet/mdc.rs +++ b/openpgp/src/packet/mdc.rs @@ -1,4 +1,7 @@ +use std::cmp::Ordering; + use crate::crypto; +use crate::crypto::mem; use crate::packet; use crate::Packet; @@ -67,7 +70,7 @@ impl MDC { // return false. false } else { - self.computed_digest == self.digest + mem::secure_cmp(&self.computed_digest, &self.digest) == Ordering::Equal } } } |