diff options
author | noloader <noloader@57ff6487-cd31-0410-9ec3-f628ee90f5f0> | 2015-06-29 03:01:29 +0000 |
---|---|---|
committer | noloader <noloader@57ff6487-cd31-0410-9ec3-f628ee90f5f0> | 2015-06-29 03:01:29 +0000 |
commit | c62d1c72423a662aa7f15d75be5b11f5f2412aa3 (patch) | |
tree | b5b47bd71ac5f77ada02feb5f46e6c3213af4fb0 /validat3.cpp | |
parent | c0bc47321c9f7bbdeeb3e950c2e0f67beb7bd1ba (diff) | |
download | cryptopp-c62d1c72423a662aa7f15d75be5b11f5f2412aa3.tar.gz |
Modified validation suite to use VerifyBufsEqual rather than memcmp. VerifyBufsEqual is a constant time compare, so it serves to educate users on the function to call to use
git-svn-id: svn://svn.code.sf.net/p/cryptopp/code/trunk/c5@552 57ff6487-cd31-0410-9ec3-f628ee90f5f0
Diffstat (limited to 'validat3.cpp')
-rw-r--r-- | validat3.cpp | 13 |
1 files changed, 7 insertions, 6 deletions
diff --git a/validat3.cpp b/validat3.cpp index 035b556..07b6334 100644 --- a/validat3.cpp +++ b/validat3.cpp @@ -21,6 +21,7 @@ #include "pwdbased.h" #include "filters.h" #include "hex.h" +#include "misc.h" #include "files.h" #include <iostream> @@ -54,7 +55,7 @@ bool HashModuleTest(HashTransformation &md, const HashTestTuple *testSet, unsign for (j=0; j<testSet[i].repeatTimes; j++) md.Update(testSet[i].input, testSet[i].inputLen); md.Final(digest); - fail = memcmp(digest, testSet[i].output, md.DigestSize()) != 0; + fail = !VerifyBufsEqual(digest, testSet[i].output, md.DigestSize()); pass = pass && !fail; cout << (fail ? "FAILED " : "passed "); @@ -377,7 +378,7 @@ bool ValidateMD5MAC() { mac.Update((byte *)TestVals[i], strlen(TestVals[i])); mac.Final(digest); - fail = memcmp(digest, output[k][i], MD5MAC::DIGESTSIZE) + fail = !VerifyBufsEqual(digest, output[k][i], MD5MAC::DIGESTSIZE) || !mac.VerifyDigest(output[k][i], (byte *)TestVals[i], strlen(TestVals[i])); pass = pass && !fail; cout << (fail ? "FAILED " : "passed "); @@ -448,7 +449,7 @@ bool ValidateXMACC() { mac.Update((byte *)TestVals[i], strlen(TestVals[i])); mac.Final(digest); - fail = memcmp(digest, output[k][i], XMACC_MD5::DIGESTSIZE) + fail = !VerifyBufsEqual(digest, output[k][i], XMACC_MD5::DIGESTSIZE) || !mac.VerifyDigest(output[k][i], (byte *)TestVals[i], strlen(TestVals[i])); pass = pass && !fail; cout << (fail ? "FAILED " : "passed "); @@ -494,11 +495,11 @@ bool ValidateTTMAC() cout << "\nTwo-Track-MAC validation suite running...\n"; TTMAC mac(key, sizeof(key)); - for (int k=0; k<sizeof(TestVals)/sizeof(TestVals[0]); k++) + for (size_t k=0; k<sizeof(TestVals)/sizeof(TestVals[0]); k++) { mac.Update((byte *)TestVals[k], strlen(TestVals[k])); mac.Final(digest); - fail = memcmp(digest, output[k], TTMAC::DIGESTSIZE) + fail = !VerifyBufsEqual(digest, output[k], TTMAC::DIGESTSIZE) || !mac.VerifyDigest(output[k], (byte *)TestVals[k], strlen(TestVals[k])); pass = pass && !fail; cout << (fail ? "FAILED " : "passed "); @@ -532,7 +533,7 @@ bool TestPBKDF(PasswordBasedKeyDerivationFunction &pbkdf, const PBKDF_TestTuple SecByteBlock derived(derivedKey.size()); pbkdf.DeriveKey(derived, derived.size(), tuple.purpose, (byte *)password.data(), password.size(), (byte *)salt.data(), salt.size(), tuple.iterations); - bool fail = memcmp(derived, derivedKey.data(), derived.size()) != 0; + bool fail = !VerifyBufsEqual(derived, reinterpret_cast<const unsigned char*>(derivedKey.data()), derived.size()); pass = pass && !fail; HexEncoder enc(new FileSink(cout)); |