diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib.rs | 6 |
1 files changed, 4 insertions, 2 deletions
@@ -84,6 +84,8 @@ //! ``` use std::iter; +use constant_time_eq::constant_time_eq; + mod block; #[cfg(test)] mod testvectors; @@ -234,7 +236,7 @@ fn decrypt(key: &Key, nonce: &[u8], ad: &[&[u8]], tau: u32, ciphertext: &[u8]) - tweaks.extend(ad); if ciphertext.len() == tau as usize { - if ciphertext == aez_prf(key, &tweaks, tau) { + if constant_time_eq(&ciphertext, &aez_prf(key, &tweaks, tau)) { return Some(Vec::new()); } else { return None; @@ -244,7 +246,7 @@ fn decrypt(key: &Key, nonce: &[u8], ad: &[&[u8]], tau: u32, ciphertext: &[u8]) - let x = decipher(key, &tweaks, ciphertext); let (m, auth) = x.split_at(ciphertext.len() - tau as usize); assert!(auth.len() == tau as usize); - if auth.iter().all(|x| *x == 0) { + if constant_time_eq(&auth, &vec![0; tau as usize]) { Some(Vec::from(m)) } else { None |