/* Returns TRUE iff x would result in NullKey or DeleteKey when encrypted with FileKey. FALSE otherwise */ static int BogusKey(RPC2_EncryptionKey x) { RPC2_EncryptionKey temp; int nul, del; rpc2_Encrypt((char *)x, (char *)temp, RPC2_KEYSIZE, FileKey, RPC2_XOR); nul = secure_compare(temp, RPC2_KEYSIZE, NullKey, RPC2_KEYSIZE); del = secure_compare(temp, RPC2_KEYSIZE, DeleteKey, RPC2_KEYSIZE); if (nul | del) return TRUE; else return FALSE; }
/* Returns TRUE iff viceId corr to a deleted Vice user(==> key of all 1's) */ static int IsADeletedUser(int viceId) { if (viceId < 0 || viceId >= PWLen) return (FALSE); if (secure_compare(PWArray[viceId], RPC2_KEYSIZE, DeleteKey, RPC2_KEYSIZE)) return TRUE; return FALSE; }
/** * \brief Determine if two curve points are equal. * * \param p The first curve point. * \param q The second curve point. * * \return Returns true if \a p and \a q are equal; false otherwise. */ bool Ed25519::equal(const Point &p, const Point &q) { limb_t a[NUM_LIMBS_256BIT]; limb_t b[NUM_LIMBS_256BIT]; bool result = true; Curve25519::mul(a, p.x, q.z); Curve25519::mul(b, q.x, p.z); result &= secure_compare(a, b, sizeof(a)); Curve25519::mul(a, p.y, q.z); Curve25519::mul(b, q.y, p.z); result &= secure_compare(a, b, sizeof(a)); clean(a); clean(b); return result; }
/* The C implementation of secure compare, don't use! * * The return type is a Fixnum to avoid certain optimizations that cause the * branch predictor to potentially leak timing information. * * @param [String] rb_str_a * @param [String] rb_str_b * @return [Fixnum] Zero for success, other values for failure. * @api private */ VALUE oroku_saki_secure_compare(VALUE rb_module, VALUE rb_str_a, VALUE rb_str_b) { raise_unless_string(rb_str_a, "OrokuSaki.secure_compare"); raise_unless_string(rb_str_b, "OrokuSaki.secure_compare"); if (RSTRING_LEN(rb_str_a) != RSTRING_LEN(rb_str_b)) { return INT2FIX(-1); } return INT2FIX(secure_compare(rb_str_a, rb_str_b)); }
bool Acorn128::checkTag(const void *tag, size_t len) { // Can never match if the expected tag length is too long. if (len > 16) return false; // Compute the authentication tag and check it. uint8_t temp[16]; computeTag(temp, len); bool equal = secure_compare(temp, tag, len); clean(temp); return equal; }