summaryrefslogtreecommitdiff
path: root/lib/dns/hmac_link.c
diff options
context:
space:
mode:
Diffstat (limited to 'lib/dns/hmac_link.c')
-rw-r--r--lib/dns/hmac_link.c45
1 files changed, 20 insertions, 25 deletions
diff --git a/lib/dns/hmac_link.c b/lib/dns/hmac_link.c
index bc0e9a04ed07..a40a131d36df 100644
--- a/lib/dns/hmac_link.c
+++ b/lib/dns/hmac_link.c
@@ -1,5 +1,5 @@
/*
- * Portions Copyright (C) 2004-2011 Internet Systems Consortium, Inc. ("ISC")
+ * Portions Copyright (C) 2004-2011, 2013, 2014 Internet Systems Consortium, Inc. ("ISC")
* Portions Copyright (C) 1999-2002 Internet Software Consortium.
*
* Permission to use, copy, modify, and/or distribute this software for any
@@ -42,6 +42,7 @@
#include <isc/md5.h>
#include <isc/sha1.h>
#include <isc/mem.h>
+#include <isc/safe.h>
#include <isc/string.h>
#include <isc/util.h>
@@ -138,7 +139,7 @@ hmacmd5_compare(const dst_key_t *key1, const dst_key_t *key2) {
else if (hkey1 == NULL || hkey2 == NULL)
return (ISC_FALSE);
- if (memcmp(hkey1->key, hkey2->key, ISC_SHA1_BLOCK_LENGTH) == 0)
+ if (isc_safe_memcmp(hkey1->key, hkey2->key, ISC_SHA1_BLOCK_LENGTH))
return (ISC_TRUE);
else
return (ISC_FALSE);
@@ -227,9 +228,8 @@ hmacmd5_fromdns(dst_key_t *key, isc_buffer_t *data) {
isc_md5_update(&md5ctx, r.base, r.length);
isc_md5_final(&md5ctx, hkey->key);
keylen = ISC_MD5_DIGESTLENGTH;
- }
- else {
- memcpy(hkey->key, r.base, r.length);
+ } else {
+ memmove(hkey->key, r.base, r.length);
keylen = r.length;
}
@@ -414,7 +414,7 @@ hmacsha1_compare(const dst_key_t *key1, const dst_key_t *key2) {
else if (hkey1 == NULL || hkey2 == NULL)
return (ISC_FALSE);
- if (memcmp(hkey1->key, hkey2->key, ISC_SHA1_BLOCK_LENGTH) == 0)
+ if (isc_safe_memcmp(hkey1->key, hkey2->key, ISC_SHA1_BLOCK_LENGTH))
return (ISC_TRUE);
else
return (ISC_FALSE);
@@ -503,9 +503,8 @@ hmacsha1_fromdns(dst_key_t *key, isc_buffer_t *data) {
isc_sha1_update(&sha1ctx, r.base, r.length);
isc_sha1_final(&sha1ctx, hkey->key);
keylen = ISC_SHA1_DIGESTLENGTH;
- }
- else {
- memcpy(hkey->key, r.base, r.length);
+ } else {
+ memmove(hkey->key, r.base, r.length);
keylen = r.length;
}
@@ -690,7 +689,7 @@ hmacsha224_compare(const dst_key_t *key1, const dst_key_t *key2) {
else if (hkey1 == NULL || hkey2 == NULL)
return (ISC_FALSE);
- if (memcmp(hkey1->key, hkey2->key, ISC_SHA224_BLOCK_LENGTH) == 0)
+ if (isc_safe_memcmp(hkey1->key, hkey2->key, ISC_SHA224_BLOCK_LENGTH))
return (ISC_TRUE);
else
return (ISC_FALSE);
@@ -781,9 +780,8 @@ hmacsha224_fromdns(dst_key_t *key, isc_buffer_t *data) {
isc_sha224_update(&sha224ctx, r.base, r.length);
isc_sha224_final(hkey->key, &sha224ctx);
keylen = ISC_SHA224_DIGESTLENGTH;
- }
- else {
- memcpy(hkey->key, r.base, r.length);
+ } else {
+ memmove(hkey->key, r.base, r.length);
keylen = r.length;
}
@@ -968,7 +966,7 @@ hmacsha256_compare(const dst_key_t *key1, const dst_key_t *key2) {
else if (hkey1 == NULL || hkey2 == NULL)
return (ISC_FALSE);
- if (memcmp(hkey1->key, hkey2->key, ISC_SHA256_BLOCK_LENGTH) == 0)
+ if (isc_safe_memcmp(hkey1->key, hkey2->key, ISC_SHA256_BLOCK_LENGTH))
return (ISC_TRUE);
else
return (ISC_FALSE);
@@ -1059,9 +1057,8 @@ hmacsha256_fromdns(dst_key_t *key, isc_buffer_t *data) {
isc_sha256_update(&sha256ctx, r.base, r.length);
isc_sha256_final(hkey->key, &sha256ctx);
keylen = ISC_SHA256_DIGESTLENGTH;
- }
- else {
- memcpy(hkey->key, r.base, r.length);
+ } else {
+ memmove(hkey->key, r.base, r.length);
keylen = r.length;
}
@@ -1246,7 +1243,7 @@ hmacsha384_compare(const dst_key_t *key1, const dst_key_t *key2) {
else if (hkey1 == NULL || hkey2 == NULL)
return (ISC_FALSE);
- if (memcmp(hkey1->key, hkey2->key, ISC_SHA384_BLOCK_LENGTH) == 0)
+ if (isc_safe_memcmp(hkey1->key, hkey2->key, ISC_SHA384_BLOCK_LENGTH))
return (ISC_TRUE);
else
return (ISC_FALSE);
@@ -1337,9 +1334,8 @@ hmacsha384_fromdns(dst_key_t *key, isc_buffer_t *data) {
isc_sha384_update(&sha384ctx, r.base, r.length);
isc_sha384_final(hkey->key, &sha384ctx);
keylen = ISC_SHA384_DIGESTLENGTH;
- }
- else {
- memcpy(hkey->key, r.base, r.length);
+ } else {
+ memmove(hkey->key, r.base, r.length);
keylen = r.length;
}
@@ -1524,7 +1520,7 @@ hmacsha512_compare(const dst_key_t *key1, const dst_key_t *key2) {
else if (hkey1 == NULL || hkey2 == NULL)
return (ISC_FALSE);
- if (memcmp(hkey1->key, hkey2->key, ISC_SHA512_BLOCK_LENGTH) == 0)
+ if (isc_safe_memcmp(hkey1->key, hkey2->key, ISC_SHA512_BLOCK_LENGTH))
return (ISC_TRUE);
else
return (ISC_FALSE);
@@ -1615,9 +1611,8 @@ hmacsha512_fromdns(dst_key_t *key, isc_buffer_t *data) {
isc_sha512_update(&sha512ctx, r.base, r.length);
isc_sha512_final(hkey->key, &sha512ctx);
keylen = ISC_SHA512_DIGESTLENGTH;
- }
- else {
- memcpy(hkey->key, r.base, r.length);
+ } else {
+ memmove(hkey->key, r.base, r.length);
keylen = r.length;
}
generated by cgit v1.2.3 (git 2.25.1) at 2025-10-07 12:47:14 +0000