From 273558efc6b757b5e9a96acac7e60ba19fc2fefc Mon Sep 17 00:00:00 2001 From: Stephen Lombardo Date: Tue, 2 Oct 2012 12:36:25 -0400 Subject: [PATCH] improvements to memory comparison --- src/crypto_impl.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/crypto_impl.c b/src/crypto_impl.c index 98119115..e5456fa9 100644 --- a/src/crypto_impl.c +++ b/src/crypto_impl.c @@ -139,15 +139,15 @@ int sqlcipher_ismemset(const unsigned char *a0, unsigned char value, int len) { return noMatch; } -/* fixed time memory comparison routine */ +/* constant time memory comparison routine. returns 0 if match, 1 if no match */ int sqlcipher_memcmp(const unsigned char *a0, const unsigned char *a1, int len) { - int i = 0, noMatch = 0; + int i = 0, result = 0; for(i = 0; i < len; i++) { - noMatch = (noMatch || (a0[i] != a1[i])); + result |= a0[i] ^ a1[i]; } - return noMatch; + return (result != 0); } /* generate a defined number of pseudorandom bytes */