* <b>needle</b>, return a pointer to the first occurrence of the needle
* within the haystack, or NULL if there is no such occurrence.
*
+ * This function is <em>not</em> timing-safe.
+ *
* Requires that nlen be greater than zero.
*/
const void *
while ((p = memchr(p, first, end-p))) {
if (p+nlen > end)
return NULL;
- if (tor_memeq(p, needle, nlen))
+ if (fast_memeq(p, needle, nlen))
return p;
++p;
}
int i;
if (!sl) return 0;
for (i=0; i < sl->num_used; i++)
- if (tor_memcmp((const char*)sl->list[i],element,DIGEST_LEN)==0)
+ if (tor_memeq((const char*)sl->list[i],element,DIGEST_LEN))
return 1;
return 0;
}
tor_free(buf);
return -1;
}
- if (tor_memcmp(buf, digest, DIGEST_LEN)) {
+ if (tor_memneq(buf, digest, DIGEST_LEN)) {
log_warn(LD_CRYPTO, "Signature mismatched with digest.");
tor_free(buf);
return -1;
* implementation.
*/
#define fast_memcmp(a,b,c) (memcmp((a),(b),(c)))
+#define fast_memeq(a,b,c) (0==memcmp((a),(b),(c)))
+#define fast_memneq(a,b,c) (0!=memcmp((a),(b),(c)))
#endif
compress_method_t
detect_compression_method(const char *in, size_t in_len)
{
- if (in_len > 2 && tor_memeq(in, "\x1f\x8b", 2)) {
+ if (in_len > 2 && fast_memeq(in, "\x1f\x8b", 2)) {
return GZIP_METHOD;
} else if (in_len > 2 && (in[0] & 0x0f) == 8 &&
(ntohs(get_uint16(in)) % 31) == 0) {
return -1;
if (s1_len > s2_len)
return 1;
- return tor_memcmp(s1, s2, s2_len);
+ return fast_memcmp(s1, s2, s2_len);
}
/** Compares the first strlen(s2) characters of s1 with s2. Returns as for
/** Compare the value of the string <b>prefix</b> with the start of the
* <b>memlen</b>-byte memory chunk at <b>mem</b>. Return as for strcmp.
*
- * [As tor_memcmp(mem, prefix, strlen(prefix)) but returns -1 if memlen is less
- * than strlen(prefix).]
+ * [As fast_memcmp(mem, prefix, strlen(prefix)) but returns -1 if memlen is
+ * less than strlen(prefix).]
*/
int
-memcmpstart(const void *mem, size_t memlen,
+fast_memcmpstart(const void *mem, size_t memlen,
const char *prefix)
{
size_t plen = strlen(prefix);
if (memlen < plen)
return -1;
- return tor_memcmp(mem, prefix, plen);
+ return fast_memcmp(mem, prefix, plen);
}
/** Return a pointer to the first char of s that is not whitespace and
0,0,0,0, 0,0,0,0, 0,0,0,0, 0,0,0,0, 0,0,0,0, 0,0,0,0, 0,0,0,0, 0,0,0,0,
};
while (len >= sizeof(ZERO)) {
- if (tor_memcmp(mem, ZERO, sizeof(ZERO)))
+ /* It's safe to use fast_memcmp here, since the very worst thing an
+ * attacker could learn is how many initial bytes of a secret were zero */
+ if (fast_memcmp(mem, ZERO, sizeof(ZERO)))
return 0;
len -= sizeof(ZERO);
mem += sizeof(ZERO);
}
/* Deal with leftover bytes. */
if (len)
- return tor_memeq(mem, ZERO, len);
+ return fast_memeq(mem, ZERO, len);
return 1;
}
int
tor_digest_is_zero(const char *digest)
{
- return tor_mem_is_zero(digest, DIGEST_LEN);
+ static const uint8_t ZERO_DIGEST[] = {
+ 0,0,0,0, 0,0,0,0, 0,0,0,0, 0,0,0,0, 0,0,0,0
+ };
+ return tor_memeq(digest, ZERO_DIGEST, DIGEST_LEN);
}
/* Helper: common code to check whether the result of a strtol or strtoul or
int strcmpend(const char *s1, const char *s2) ATTR_PURE ATTR_NONNULL((1,2));
int strcasecmpend(const char *s1, const char *s2)
ATTR_PURE ATTR_NONNULL((1,2));
-int memcmpstart(const void *mem, size_t memlen,
- const char *prefix) ATTR_PURE;
+int fast_memcmpstart(const void *mem, size_t memlen,
+ const char *prefix) ATTR_PURE;
void tor_strstrip(char *s, const char *strip) ATTR_NONNULL((1,2));
long tor_parse_long(const char *s, int base, long min,
continue;
} else {
/* We expected a key. See if it's the right one. */
- if (tor_memcmp(or_conn->identity_digest,
+ if (tor_memneq(or_conn->identity_digest,
circ->n_hop->identity_digest, DIGEST_LEN))
continue;
}
continue;
} else {
/* We expected a key. See if it's the right one. */
- if (tor_memcmp(or_conn->identity_digest,
+ if (tor_memneq(or_conn->identity_digest,
circ->n_hop->identity_digest, DIGEST_LEN))
continue;
}
char digest[DIGEST_LEN];
if (hexdigest_to_digest(conn->chosen_exit_name, digest) < 0)
return 0; /* broken digest, we don't want it */
- if (tor_memcmp(digest, build_state->chosen_exit->identity_digest,
+ if (tor_memneq(digest, build_state->chosen_exit->identity_digest,
DIGEST_LEN))
return 0; /* this is a circuit to somewhere else */
if (tor_digest_is_zero(digest)) {
if (!edge_conn->want_onehop)
continue;
if (hexdigest_to_digest(edge_conn->chosen_exit_name, digest) < 0 ||
- tor_memcmp(digest, failed_digest, DIGEST_LEN))
+ tor_memneq(digest, failed_digest, DIGEST_LEN))
continue;
if (tor_digest_is_zero(digest)) {
/* we don't know the digest; have to compare addr:port */
if (conn->chosen_exit_name) {
routerinfo_t *chosen_exit =
router_get_by_nickname(conn->chosen_exit_name, 1);
- if (!chosen_exit || tor_memcmp(chosen_exit->cache_info.identity_digest,
+ if (!chosen_exit || tor_memneq(chosen_exit->cache_info.identity_digest,
exit->cache_info.identity_digest, DIGEST_LEN)) {
/* doesn't match */
// log_debug(LD_APP,"Requested node '%s', considering node '%s'. No.",
int as_advertised = 1;
tor_assert(has_cert);
tor_assert(has_identity);
- if (tor_memcmp(digest_rcvd_out, conn->identity_digest, DIGEST_LEN)) {
+ if (tor_memneq(digest_rcvd_out, conn->identity_digest, DIGEST_LEN)) {
/* I was aiming for a particular digest. I didn't get it! */
char seen[HEX_DIGEST_LEN+1];
char expected[HEX_DIGEST_LEN+1];
}
*outp++ = *data++;
}
- if (outp < *out+2 || tor_memcmp(outp-2, "\r\n", 2)) {
+ if (outp < *out+2 || fast_memcmp(outp-2, "\r\n", 2)) {
*outp++ = '\r';
*outp++ = '\n';
}
return;
}
len = strlen(buf);
- if (tor_memcmp("\r\n\0", buf+len-2, 3)) {
+ if (fast_memcmp("\r\n\0", buf+len-2, 3)) {
buf[CONNECTION_PRINTF_TO_BUF_BUFFERSIZE-1] = '\0';
buf[CONNECTION_PRINTF_TO_BUF_BUFFERSIZE-2] = '\n';
buf[CONNECTION_PRINTF_TO_BUF_BUFFERSIZE-3] = '\r';
}
len = strlen(buf);
- if (tor_memcmp("\r\n\0", buf+len-2, 3)) {
+ if (fast_memcmp("\r\n\0", buf+len-2, 3)) {
/* if it is not properly terminated, do it now */
buf[SEND_CONTROL1_EVENT_BUFFERSIZE-1] = '\0';
buf[SEND_CONTROL1_EVENT_BUFFERSIZE-2] = '\n';
goto err;
}
bad_cookie = 1;
- } else if (tor_memcmp(authentication_cookie, password, password_len)) {
+ } else if (tor_memneq(authentication_cookie, password, password_len)) {
if (!also_password) {
log_warn(LD_CONTROL, "Got mismatched authentication cookie");
errstr = "Authentication cookie did not match expected value.";
SMARTLIST_FOREACH(v->voters, networkstatus_voter_info_t *, vi, {
if (vi->signature &&
- tor_memeq(vi->identity_digest, want_digest, want_len)) {
+ fast_memeq(vi->identity_digest, want_digest, want_len)) {
have++;
break;
};
* every 10 or 60 seconds (FOO_DESCRIPTOR_RETRY_INTERVAL) in main.c. */
}
-/** Helper. Compare two fp_pair_t objects, and return -1, 0, or 1 as
- * appropriate. */
+/** Helper. Compare two fp_pair_t objects, and return negative, 0, or
+ * positive as appropriate. */
static int
_compare_pairs(const void **a, const void **b)
{
const fp_pair_t *fp1 = *a, *fp2 = *b;
int r;
- if ((r = tor_memcmp(fp1->first, fp2->first, DIGEST_LEN)))
+ if ((r = fast_memcmp(fp1->first, fp2->first, DIGEST_LEN)))
return r;
else
- return tor_memcmp(fp1->second, fp2->second, DIGEST_LEN);
+ return fast_memcmp(fp1->second, fp2->second, DIGEST_LEN);
}
/** Divide a string <b>res</b> of the form FP1-FP2+FP3-FP4...[.z], where each
char *cp = smartlist_get(fp_tmp, i);
char *last = smartlist_get(fp_tmp2, smartlist_len(fp_tmp2)-1);
- if ((decode_hex && tor_memcmp(cp, last, DIGEST_LEN))
+ if ((decode_hex && fast_memcmp(cp, last, DIGEST_LEN))
|| (!decode_hex && strcasecmp(cp, last)))
smartlist_add(fp_tmp2, cp);
else
id, dd);
return -1;
};
- if (tor_memcmp(desc->cache_info.signed_descriptor_digest,
+ if (fast_memcmp(desc->cache_info.signed_descriptor_digest,
rs->descriptor_digest,
DIGEST_LEN)) {
char rl_d[HEX_DIGEST_LEN+1];
"(router %s)\n",
rl_d, rs_d, id);
- tor_assert(tor_memeq(desc->cache_info.signed_descriptor_digest,
+ tor_assert(fast_memeq(desc->cache_info.signed_descriptor_digest,
rs->descriptor_digest,
DIGEST_LEN));
};
/* They're equal! Compare by identity digest, so there's a
* deterministic order and we avoid flapping. */
- return tor_memcmp(first->cache_info.identity_digest,
- second->cache_info.identity_digest,
- DIGEST_LEN);
+ return fast_memcmp(first->cache_info.identity_digest,
+ second->cache_info.identity_digest,
+ DIGEST_LEN);
}
/** Given a list of routerinfo_t in <b>routers</b>, return a new digestmap_t
SMARTLIST_FOREACH(rl->routers, routerinfo_t *, ri, {
if (!strcasecmp(address, ri->address) && or_port == ri->or_port &&
as_advertised &&
- tor_memeq(ri->cache_info.identity_digest, digest_rcvd, DIGEST_LEN)) {
+ fast_memeq(ri->cache_info.identity_digest, digest_rcvd, DIGEST_LEN)) {
/* correct digest. mark this router reachable! */
if (!bridge_auth || ri->purpose == ROUTER_PURPOSE_BRIDGE) {
log_info(LD_DIRSERV, "Found router %s to be reachable. Yay.",
_compare_votes_by_authority_id(const void **_a, const void **_b)
{
const networkstatus_t *a = *_a, *b = *_b;
- return tor_memcmp(get_voter(a)->identity_digest,
+ return fast_memcmp(get_voter(a)->identity_digest,
get_voter(b)->identity_digest, DIGEST_LEN);
}
a_id = a->is_legacy ? a_v->legacy_id_digest : a_v->identity_digest;
b_id = b->is_legacy ? b_v->legacy_id_digest : b_v->identity_digest;
- return tor_memcmp(a_id, b_id, DIGEST_LEN);
+ return fast_memcmp(a_id, b_id, DIGEST_LEN);
}
/** Given a sorted list of strings <b>in</b>, add every member to <b>out</b>
compare_vote_rs(const vote_routerstatus_t *a, const vote_routerstatus_t *b)
{
int r;
- if ((r = tor_memcmp(a->status.identity_digest, b->status.identity_digest,
+ if ((r = fast_memcmp(a->status.identity_digest, b->status.identity_digest,
DIGEST_LEN)))
return r;
- if ((r = tor_memcmp(a->status.descriptor_digest, b->status.descriptor_digest,
+ if ((r = fast_memcmp(a->status.descriptor_digest, b->status.descriptor_digest,
DIGEST_LEN)))
return r;
if ((r = (int)(b->status.published_on - a->status.published_on)))
strmap_set_lc(name_to_id_map, rs->status.nickname,
rs->status.identity_digest);
} else if (d != conflict &&
- tor_memcmp(d, rs->status.identity_digest, DIGEST_LEN)) {
+ fast_memcmp(d, rs->status.identity_digest, DIGEST_LEN)) {
/* Authorities disagree about this nickname. */
strmap_set_lc(name_to_id_map, rs->status.nickname, conflict);
} else {
} else if (!d) {
/* We have no name officially mapped to this digest. */
strmap_set_lc(name_to_id_map, rs->status.nickname, unknown);
- } else if (tor_memeq(d, rs->status.identity_digest, DIGEST_LEN)) {
+ } else if (fast_memeq(d, rs->status.identity_digest, DIGEST_LEN)) {
/* Authorities disagree about this nickname. */
strmap_set_lc(name_to_id_map, rs->status.nickname, conflict);
} else {
if (index[v_sl_idx] < size[v_sl_idx]) {
rs = smartlist_get(v->routerstatus_list, index[v_sl_idx]);
if (!lowest_id ||
- tor_memcmp(rs->status.identity_digest, lowest_id, DIGEST_LEN) < 0)
+ fast_memcmp(rs->status.identity_digest, lowest_id, DIGEST_LEN) < 0)
lowest_id = rs->status.identity_digest;
}
});
if (index[v_sl_idx] >= size[v_sl_idx])
continue; /* out of entries. */
rs = smartlist_get(v->routerstatus_list, index[v_sl_idx]);
- if (tor_memcmp(rs->status.identity_digest, lowest_id, DIGEST_LEN))
+ if (fast_memcmp(rs->status.identity_digest, lowest_id, DIGEST_LEN))
continue; /* doesn't include this router. */
/* At this point, we know that we're looking at a routerstatus with
* identity "lowest".
* routerinfo and its contents are. */
rs = compute_routerstatus_consensus(matching_descs);
/* Copy bits of that into rs_out. */
- tor_assert(tor_memeq(lowest_id, rs->status.identity_digest, DIGEST_LEN));
+ tor_assert(fast_memeq(lowest_id, rs->status.identity_digest, DIGEST_LEN));
memcpy(rs_out.identity_digest, lowest_id, DIGEST_LEN);
memcpy(rs_out.descriptor_digest, rs->status.descriptor_digest,
DIGEST_LEN);
const char *d = strmap_get_lc(name_to_id_map, rs_out.nickname);
if (!d) {
is_named = is_unnamed = 0;
- } else if (tor_memeq(d, lowest_id, DIGEST_LEN)) {
+ } else if (fast_memeq(d, lowest_id, DIGEST_LEN)) {
is_named = 1; is_unnamed = 0;
} else {
is_named = 0; is_unnamed = 1;
SMARTLIST_FOREACH(matching_descs, vote_routerstatus_t *, vsr, {
/* Check if the vote where this status comes from had the
* proper descriptor */
- tor_assert(tor_memeq(rs_out.identity_digest,
+ tor_assert(fast_memeq(rs_out.identity_digest,
vsr->status.identity_digest,
DIGEST_LEN));
if (vsr->status.has_exitsummary &&
- tor_memeq(rs_out.descriptor_digest,
+ fast_memeq(rs_out.descriptor_digest,
vsr->status.descriptor_digest,
DIGEST_LEN)) {
tor_assert(vsr->status.exitsummary);
return -1;
}
/* Are they the same consensus? */
- if (tor_memcmp(target->networkstatus_digest, sigs->networkstatus_digest,
+ if (fast_memcmp(target->networkstatus_digest, sigs->networkstatus_digest,
DIGEST_LEN)) {
*msg_out = "Digest mismatch when adding detached signatures to consensus";
return -1;
/* Now see whether we already have a vote from this authority. */
SMARTLIST_FOREACH(pending_vote_list, pending_vote_t *, v, {
- if (tor_memeq(v->vote->cert->cache_info.identity_digest,
+ if (fast_memeq(v->vote->cert->cache_info.identity_digest,
vote->cert->cache_info.identity_digest,
DIGEST_LEN)) {
networkstatus_voter_info_t *vi_old = get_voter(v->vote);
- if (tor_memeq(vi_old->vote_digest, vi->vote_digest, DIGEST_LEN)) {
+ if (fast_memeq(vi_old->vote_digest, vi->vote_digest, DIGEST_LEN)) {
/* Ah, it's the same vote. Not a problem. */
log_info(LD_DIR, "Discarding a vote we already have.");
if (*status_out < 200)
if (by_id) {
if (pending_vote_list && include_pending) {
SMARTLIST_FOREACH(pending_vote_list, pending_vote_t *, pv,
- if (tor_memeq(get_voter(pv->vote)->identity_digest, fp, DIGEST_LEN))
+ if (fast_memeq(get_voter(pv->vote)->identity_digest, fp, DIGEST_LEN))
return pv->vote_body);
}
if (previous_vote_list && include_previous) {
SMARTLIST_FOREACH(previous_vote_list, pending_vote_t *, pv,
- if (tor_memeq(get_voter(pv->vote)->identity_digest, fp, DIGEST_LEN))
+ if (fast_memeq(get_voter(pv->vote)->identity_digest, fp, DIGEST_LEN))
return pv->vote_body);
}
} else {
if (pending_vote_list && include_pending) {
SMARTLIST_FOREACH(pending_vote_list, pending_vote_t *, pv,
- if (tor_memeq(pv->vote->networkstatus_digest, fp, DIGEST_LEN))
+ if (fast_memeq(pv->vote->networkstatus_digest, fp, DIGEST_LEN))
return pv->vote_body);
}
if (previous_vote_list && include_previous) {
SMARTLIST_FOREACH(previous_vote_list, pending_vote_t *, pv,
- if (tor_memeq(pv->vote->networkstatus_digest, fp, DIGEST_LEN))
+ if (fast_memeq(pv->vote->networkstatus_digest, fp, DIGEST_LEN))
return pv->vote_body);
}
}
const struct sockaddr_in6 *sin1, *sin2;
sin1 = (const struct sockaddr_in6 *)sa1;
sin2 = (const struct sockaddr_in6 *)sa2;
- if (tor_memcmp(sin1->sin6_addr.s6_addr, sin2->sin6_addr.s6_addr, 16))
+ if (tor_memneq(sin1->sin6_addr.s6_addr, sin2->sin6_addr.s6_addr, 16))
return 0;
else if (include_port && sin1->sin6_port != sin2->sin6_port)
return 0;
if (!vote || !vote->voters)
return NULL;
SMARTLIST_FOREACH(vote->voters, networkstatus_voter_info_t *, voter,
- if (tor_memeq(voter->identity_digest, identity, DIGEST_LEN))
+ if (fast_memeq(voter->identity_digest, identity, DIGEST_LEN))
return voter);
return NULL;
}
size_t signed_digest_len;
if (crypto_pk_get_digest(cert->signing_key, d)<0)
return -1;
- if (tor_memcmp(voter->signing_key_digest, d, DIGEST_LEN))
+ if (tor_memneq(voter->signing_key_digest, d, DIGEST_LEN))
return -1;
signed_digest_len = crypto_pk_keysize(cert->signing_key);
signed_digest = tor_malloc(signed_digest_len);
signed_digest_len,
voter->signature,
voter->signature_len) != DIGEST_LEN ||
- tor_memcmp(signed_digest, consensus->networkstatus_digest, DIGEST_LEN)) {
+ tor_memneq(signed_digest, consensus->networkstatus_digest, DIGEST_LEN)) {
log_warn(LD_DIR, "Got a bad signature on a networkstatus vote");
voter->bad_signature = 1;
} else {
tor_assert(tor_memeq(a->identity_digest, b->identity_digest, DIGEST_LEN));
return strcmp(a->nickname, b->nickname) ||
- tor_memcmp(a->descriptor_digest, b->descriptor_digest, DIGEST_LEN) ||
+ fast_memneq(a->descriptor_digest, b->descriptor_digest, DIGEST_LEN) ||
a->addr != b->addr ||
a->or_port != b->or_port ||
a->dir_port != b->dir_port ||
if (len < 0)
goto err;
- if (tor_memcmp(key_material, handshake_reply+DH_KEY_LEN, DIGEST_LEN)) {
+ if (tor_memneq(key_material, handshake_reply+DH_KEY_LEN, DIGEST_LEN)) {
/* H(K) does *not* match. Something fishy. */
log_warn(LD_PROTOCOL,"Digest DOES NOT MATCH on onion handshake. "
"Bug or attack.");
if (crypto_expand_key_material(tmp, sizeof(tmp), out, out_len)) {
goto done;
}
- if (tor_memcmp(out, handshake_reply_out+DIGEST_LEN, DIGEST_LEN)) {
+ if (tor_memneq(out, handshake_reply_out+DIGEST_LEN, DIGEST_LEN)) {
/* H(K) does *not* match. Something fishy. */
log_warn(LD_PROTOCOL,"Digest DOES NOT MATCH on fast handshake. "
"Bug or attack.");
crypto_digest_add_bytes(digest, (char*) cell->payload, CELL_PAYLOAD_SIZE);
crypto_digest_get_digest(digest, calculated_integrity, 4);
- if (tor_memcmp(received_integrity, calculated_integrity, 4)) {
+ if (tor_memneq(received_integrity, calculated_integrity, 4)) {
// log_fn(LOG_INFO,"Recognized=0 but bad digest. Not recognizing.");
// (%d vs %d).", received_integrity, calculated_integrity);
/* restore digest to its old form */
goto err;
/* Check whether the digest is right... */
- if (tor_memcmp(keys, request+DH_KEY_LEN, DIGEST_LEN)) {
+ if (tor_memneq(keys, request+DH_KEY_LEN, DIGEST_LEN)) {
log_warn(LD_PROTOCOL, "Incorrect digest of key material.");
goto err;
}
log_warn(LD_BUG, "Internal error computing digest.");
goto err;
}
- if (tor_memcmp(expected_digest, request+2+asn1len, DIGEST_LEN)) {
+ if (tor_memneq(expected_digest, request+2+asn1len, DIGEST_LEN)) {
log_warn(LD_PROTOCOL, "Hash of session info was not as expected.");
reason = END_CIRC_REASON_TORPROTOCOL;
goto err;
/* first DIGEST_LEN bytes of request is intro or service pk digest */
crypto_pk_get_digest(intro_key, intro_key_digest);
- if (tor_memcmp(intro_key_digest, request, DIGEST_LEN)) {
+ if (tor_memneq(intro_key_digest, request, DIGEST_LEN)) {
base32_encode(serviceid, REND_SERVICE_ID_LEN_BASE32+1,
(char*)request, REND_SERVICE_ID_LEN);
log_warn(LD_REND, "Got an INTRODUCE2 cell for the wrong service (%s).",
return -1;
}
- if (tor_memcmp(intro->extend_info->identity_digest,
+ if (tor_memneq(intro->extend_info->identity_digest,
launched->build_state->chosen_exit->identity_digest, DIGEST_LEN)) {
char cann[HEX_DIGEST_LEN+1], orig[HEX_DIGEST_LEN+1];
base16_encode(cann, sizeof(cann),
{
or_history_t *hist;
- if (tor_mem_is_zero(id, DIGEST_LEN))
+ if (tor_digest_is_zero(id))
return NULL;
hist = digestmap_get(history_map, id);
orhist = get_or_history(from_id);
if (!orhist)
return NULL;
- if (tor_mem_is_zero(to_id, DIGEST_LEN))
+ if (tor_digest_is_zero(to_id))
return NULL;
lhist = (link_history_t*) digestmap_get(orhist->link_history_map, to_id);
if (!lhist) {
ds->type = type;
}
if (v3_digest_set && (ds->type & V3_AUTHORITY) &&
- tor_memcmp(v3_digest, ds->v3_identity_digest, DIGEST_LEN)) {
+ tor_memneq(v3_digest, ds->v3_identity_digest, DIGEST_LEN)) {
log_warn(LD_DIR, "V3 identity key does not match identity declared in "
"DirServer line. Adjusting.");
memcpy(ds->v3_identity_digest, v3_digest, DIGEST_LEN);
tor_assert(r);
if (!with_annotations) {
- if (tor_memcmp("router ", r, 7) && tor_memcmp("extra-info ", r, 11)) {
+ if (fast_memcmp("router ", r, 7) && fast_memcmp("extra-info ", r, 11)) {
char *cp = tor_strndup(r, 64);
log_err(LD_DIR, "descriptor at %p begins with unexpected string %s. "
"Is another process running in our data directory? Exiting.",
routerlist_insert(rl, ri_new);
return;
}
- if (tor_memcmp(ri_old->cache_info.identity_digest,
+ if (tor_memneq(ri_old->cache_info.identity_digest,
ri_new->cache_info.identity_digest, DIGEST_LEN)) {
/* digests don't match; digestmap_set won't replace */
rimap_remove(rl->identity_map, ri_old->cache_info.identity_digest);
if (!tor_digest_is_zero(sd->extra_info_digest))
sdmap_set(rl->desc_by_eid_map, sd->extra_info_digest, sd);
} else {
- if (tor_memcmp(ri_old->cache_info.signed_descriptor_digest,
+ if (tor_memneq(ri_old->cache_info.signed_descriptor_digest,
ri_new->cache_info.signed_descriptor_digest,
DIGEST_LEN)) {
/* digests don't match; digestmap_set didn't replace */
{
int i;
const signed_descriptor_t *r1 = *_a, *r2 = *_b;
- if ((i = tor_memcmp(r1->identity_digest, r2->identity_digest, DIGEST_LEN)))
+ if ((i = fast_memcmp(r1->identity_digest, r2->identity_digest, DIGEST_LEN)))
return i;
return (int)(r1->published_on - r2->published_on);
}
cur_id = r->identity_digest;
hi = i;
}
- if (tor_memcmp(cur_id, r->identity_digest, DIGEST_LEN)) {
+ if (tor_memneq(cur_id, r->identity_digest, DIGEST_LEN)) {
routerlist_remove_old_cached_routers_with_id(now,
cutoff, i+1, hi, retain);
cur_id = r->identity_digest;
routerinfo_t *ri;
++n_have;
if (!(ri = router_get_by_digest(rs->identity_digest)) ||
- tor_memcmp(ri->cache_info.signed_descriptor_digest,
+ tor_memneq(ri->cache_info.signed_descriptor_digest,
sd->signed_descriptor_digest, DIGEST_LEN)) {
/* We have a descriptor with this digest, but either there is no
* entry in routerlist with the same ID (!ri), or there is one,
/* The identity must match exactly to have been generated at the same time
* by the same router. */
- if (tor_memcmp(ri->cache_info.identity_digest, ei->cache_info.identity_digest,
+ if (tor_memneq(ri->cache_info.identity_digest, ei->cache_info.identity_digest,
DIGEST_LEN)) {
if (msg) *msg = "Extrainfo nickname or identity did not match routerinfo";
goto err; /* different servers */
if (crypto_pk_public_checksig(ri->identity_pkey,
signed_digest, sizeof(signed_digest),
ei->pending_sig, ei->pending_sig_len) != DIGEST_LEN ||
- tor_memcmp(signed_digest, ei->cache_info.signed_descriptor_digest,
+ tor_memneq(signed_digest, ei->cache_info.signed_descriptor_digest,
DIGEST_LEN)) {
ei->bad_sig = 1;
tor_free(ei->pending_sig);
_compare_routerinfo_by_id_digest(const void **a, const void **b)
{
routerinfo_t *first = *(routerinfo_t **)a, *second = *(routerinfo_t **)b;
- return tor_memcmp(first->cache_info.identity_digest,
+ return fast_memcmp(first->cache_info.identity_digest,
second->cache_info.identity_digest,
DIGEST_LEN);
}
}
// log_debug(LD_DIR,"Signed %s hash starts %s", doctype,
// hex_str(signed_digest,4));
- if (tor_memcmp(digest, signed_digest, DIGEST_LEN)) {
+ if (tor_memneq(digest, signed_digest, DIGEST_LEN)) {
log_warn(LD_DIR, "Error reading %s: signature does not match.", doctype);
tor_free(signed_digest);
return -1;
escaped(tok->args[0]));
goto err;
}
- if (tor_memcmp(d,router->cache_info.identity_digest, DIGEST_LEN)!=0) {
+ if (tor_memneq(d,router->cache_info.identity_digest, DIGEST_LEN)) {
log_warn(LD_DIR, "Fingerprint '%s' does not match identity digest.",
tok->args[0]);
goto err;
cert->cache_info.identity_digest))
goto err;
- if (tor_memcmp(cert->cache_info.identity_digest, fp_declared, DIGEST_LEN)) {
+ if (tor_memneq(cert->cache_info.identity_digest, fp_declared, DIGEST_LEN)) {
log_warn(LD_DIR, "Digest of certificate key didn't match declared "
"fingerprint");
goto err;
_compare_routerstatus_entries(const void **_a, const void **_b)
{
const routerstatus_t *a = *_a, *b = *_b;
- return tor_memcmp(a->identity_digest, b->identity_digest, DIGEST_LEN);
+ return fast_memcmp(a->identity_digest, b->identity_digest, DIGEST_LEN);
}
/** Helper: used in call to _smartlist_uniq to clear out duplicate entries. */
log_warn(LD_DIR, "Couldn't compute signing key digest");
goto err;
}
- if (tor_memcmp(tmp_digest, ns->identity_digest, DIGEST_LEN)) {
+ if (tor_memneq(tmp_digest, ns->identity_digest, DIGEST_LEN)) {
log_warn(LD_DIR,
"network-status fingerprint did not match dir-signing-key");
goto err;
goto err;
}
if (ns->type != NS_TYPE_CONSENSUS &&
- tor_memcmp(ns->cert->cache_info.identity_digest,
+ tor_memneq(ns->cert->cache_info.identity_digest,
voter->identity_digest, DIGEST_LEN)) {
log_warn(LD_DIR,"Mismatch between identities in certificate and vote");
goto err;
rs1 = smartlist_get(ns->routerstatus_list, i-1);
rs2 = smartlist_get(ns->routerstatus_list, i);
}
- if (tor_memcmp(rs1->identity_digest, rs2->identity_digest, DIGEST_LEN) >= 0) {
+ if (fast_memcmp(rs1->identity_digest, rs2->identity_digest, DIGEST_LEN)
+ >= 0) {
log_warn(LD_DIR, "Vote networkstatus entries not sorted by identity "
"digest");
goto err;
}
if (ns->type != NS_TYPE_CONSENSUS) {
- if (tor_memcmp(declared_identity, ns->cert->cache_info.identity_digest,
+ if (tor_memneq(declared_identity, ns->cert->cache_info.identity_digest,
DIGEST_LEN)) {
log_warn(LD_DIR, "Digest mismatch between declared and actual on "
"network-status vote.");
crypto_pk_get_digest(result->pk, public_key_hash);
rend_get_descriptor_id_bytes(test_desc_id, public_key_hash,
secret_id_part);
- if (tor_memcmp(desc_id_out, test_desc_id, DIGEST_LEN)) {
+ if (tor_memneq(desc_id_out, test_desc_id, DIGEST_LEN)) {
log_warn(LD_REND, "Parsed descriptor ID does not match "
"computed descriptor ID.");
goto err;
tor_free(dec);
return -1;
}
- if (memcmpstart(dec, declen, "introduction-point ")) {
+ if (fast_memcmpstart(dec, declen, "introduction-point ")) {
log_warn(LD_REND, "Decrypted introduction points don't "
"look like we could parse them.");
tor_free(dec);
parsed->intro_nodes = smartlist_create();
area = memarea_new();
- while (!memcmpstart(current_ipo, end_of_intro_points-current_ipo,
+ while (!fast_memcmpstart(current_ipo, end_of_intro_points-current_ipo,
"introduction-point ")) {
/* Determine end of string. */
const char *eos = tor_memstr(current_ipo, end_of_intro_points-current_ipo,
projects / thirdparty / tor.git / commitdiff
