KEYS: encrypted: use constant-time HMAC comparison (0f534e4a) · Commits · e / devices / android_kernel_oneplus_sm7250

security/keys/encrypted-keys/encrypted.c

+3 −2

Original line number	Diff line number	Diff line
		@@ -30,6 +30,7 @@
		#include <linux/scatterlist.h>
		#include <linux/ctype.h>
		#include <crypto/aes.h>
		#include <crypto/algapi.h>
		#include <crypto/hash.h>
		#include <crypto/sha.h>
		#include <crypto/skcipher.h>
		@@ -534,8 +535,8 @@ static int datablob_hmac_verify(struct encrypted_key_payload *epayload,
		ret = calc_hmac(digest, derived_key, sizeof derived_key, p, len);
		if (ret < 0)
		goto out;
		ret = memcmp(digest, epayload->format + epayload->datablob_len,
		sizeof digest);
		ret = crypto_memneq(digest, epayload->format + epayload->datablob_len,
		sizeof(digest));
		if (ret) {
		ret = -EINVAL;
		dump_hmac("datablob",