diff options
| author | Daniel Schadt <kingdread@gmx.de> | 2025-04-08 22:20:56 +0200 |
|---|---|---|
| committer | Daniel Schadt <kingdread@gmx.de> | 2025-04-08 22:20:56 +0200 |
| commit | bf603424e9d82a4760c8fd12a7eb1e3b0a6a5d5a (patch) | |
| tree | 9a5da35282ca7a8da96091c51d6f3df2f1c4b497 /src/lib.rs | |
| parent | 861a0a8452d161a2211b82d3883a62581b432eaa (diff) | |
| download | zears-bf603424e9d82a4760c8fd12a7eb1e3b0a6a5d5a.tar.gz zears-bf603424e9d82a4760c8fd12a7eb1e3b0a6a5d5a.tar.bz2 zears-bf603424e9d82a4760c8fd12a7eb1e3b0a6a5d5a.zip | |
use constant_time_eq in decryption function
Diffstat (limited to 'src/lib.rs')
| -rw-r--r-- | src/lib.rs | 6 |
1 files changed, 4 insertions, 2 deletions
@@ -84,6 +84,8 @@ //! ``` use std::iter; +use constant_time_eq::constant_time_eq; + mod block; #[cfg(test)] mod testvectors; @@ -234,7 +236,7 @@ fn decrypt(key: &Key, nonce: &[u8], ad: &[&[u8]], tau: u32, ciphertext: &[u8]) - tweaks.extend(ad); if ciphertext.len() == tau as usize { - if ciphertext == aez_prf(key, &tweaks, tau) { + if constant_time_eq(&ciphertext, &aez_prf(key, &tweaks, tau)) { return Some(Vec::new()); } else { return None; @@ -244,7 +246,7 @@ fn decrypt(key: &Key, nonce: &[u8], ad: &[&[u8]], tau: u32, ciphertext: &[u8]) - let x = decipher(key, &tweaks, ciphertext); let (m, auth) = x.split_at(ciphertext.len() - tau as usize); assert!(auth.len() == tau as usize); - if auth.iter().all(|x| *x == 0) { + if constant_time_eq(&auth, &vec![0; tau as usize]) { Some(Vec::from(m)) } else { None |