summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--common/password.c5
1 files changed, 3 insertions, 2 deletions
diff --git a/common/password.c b/common/password.c
index 3f05b81c0..aea7c7ff5 100644
--- a/common/password.c
+++ b/common/password.c
@@ -18,6 +18,7 @@
#include <init.h>
#include <stdlib.h>
#include <globalvar.h>
+#include <crypto.h>
#include <generated/passwd.h>
#include <crypto/pbkdf2.h>
@@ -311,7 +312,7 @@ static int check_passwd(unsigned char *passwd, size_t length)
if (ret)
goto err;
- if (strncmp(passwd1_sum, key, keylen) == 0)
+ if (!crypto_memneq(passwd1_sum, key, keylen))
ret = 1;
} else {
ret = digest_digest(d, passwd, length, passwd1_sum);
@@ -319,7 +320,7 @@ static int check_passwd(unsigned char *passwd, size_t length)
if (ret)
goto err;
- if (strncmp(passwd1_sum, passwd2_sum, hash_len) == 0)
+ if (!crypto_memneq(passwd1_sum, passwd2_sum, hash_len))
ret = 1;
}