Merge "Fix HMAC Compare time attack" into udc-dev

author: Timothy Yiu <tyiu@google.com> 2023-04-03 23:17:25 +0000
committer: Android (Google) Code Review <android-gerrit@google.com> 2023-04-03 23:17:25 +0000
commit: a93641a813f44f590e5f7b9f39563065d9e5b1a0 (patch)
tree: d3b52e8c16c9ee0fe00d889c67dd3ae31336789a
parent: 75b18738f9b4bb557229d08b95b5eab0fd6a9b89 (diff)
parent: 1573a67beda9ae3d940002dcf9150e10567a27fa (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/services/inputflinger/dispatcher/InputDispatcher.cpp b/services/inputflinger/dispatcher/InputDispatcher.cpp
index 0f7991ae09..6e2f86223f 100644
--- a/services/inputflinger/dispatcher/InputDispatcher.cpp
+++ b/services/inputflinger/dispatcher/InputDispatcher.cpp
@@ -31,6 +31,7 @@
 #endif
 #include <input/InputDevice.h>
 #include <input/PrintTools.h>
+#include <openssl/mem.h>
 #include <powermanager/PowerManager.h>
 #include <unistd.h>
 #include <utils/Trace.h>
@@ -4630,7 +4631,7 @@ std::unique_ptr<VerifiedInputEvent> InputDispatcher::verifyInputEvent(const Inpu
     if (calculatedHmac == INVALID_HMAC) {
         return nullptr;
     }
-    if (calculatedHmac != event.getHmac()) {
+    if (0 != CRYPTO_memcmp(calculatedHmac.data(), event.getHmac().data(), calculatedHmac.size())) {
         return nullptr;
     }
     return result;
author	Timothy Yiu <tyiu@google.com>	2023-04-03 23:17:25 +0000
committer	Android (Google) Code Review <android-gerrit@google.com>	2023-04-03 23:17:25 +0000
commit	a93641a813f44f590e5f7b9f39563065d9e5b1a0 (patch)
tree	d3b52e8c16c9ee0fe00d889c67dd3ae31336789a
parent	75b18738f9b4bb557229d08b95b5eab0fd6a9b89 (diff)
parent	1573a67beda9ae3d940002dcf9150e10567a27fa (diff)