Add constant time memcmp and use it for comparing keys.

There is perhaps no problem now, but it is a good practise to use constant time for key comaprison to avoid possible side channel issues.
2025-12-06 00:10:04 +01:00 · 2022-04-27 23:05:02 +02:00
parent 4f44bb40b7
commit 2bf0f537f6
12 changed files with 65 additions and 5 deletions
--- a/lib/crypto_backend/crypto_nettle.c
+++ b/lib/crypto_backend/crypto_nettle.c
@@ -26,6 +26,7 @@
 #include <nettle/sha3.h>
 #include <nettle/hmac.h>
 #include <nettle/pbkdf2.h>
+#include <nettle/memops.h>
 #include "crypto_backend_internal.h"

 #if HAVE_NETTLE_VERSION_H
@@ -446,3 +447,9 @@ int crypt_bitlk_decrypt_key(const void *key, size_t key_length,
 	return crypt_bitlk_decrypt_key_kernel(key, key_length, in, out, length,
 					      iv, iv_length, tag, tag_length);
 }
+
+int crypt_backend_memeq(const void *m1, const void *m2, size_t n)
+{
+	/* The logic is inverse to memcmp... */
+	return !memeql_sec(m1, m2, n);
+}