Add a compile-time check before using crypto_verify_16()

2014-06-30 16:43:33 -07:00 · 2014-06-30 16:43:33 -07:00 · 001177251e
commit 001177251e
parent 9154d7416e
1 changed files with 1 additions and 0 deletions
--- a/src/libsodium/crypto_aead/chacha20poly1305/sodium/aead_chacha20poly1305.c
+++ b/src/libsodium/crypto_aead/chacha20poly1305/sodium/aead_chacha20poly1305.c
@ -107,6 +107,7 @@ crypto_aead_chacha20poly1305_decrypt(unsigned char *m,
    crypto_onetimeauth_poly1305_final(&state, mac);
    sodium_memzero(&state, sizeof state);

+    (void) sizeof(int[sizeof mac == 16U ? 1 : -1]);
    ret = crypto_verify_16(mac,
                           c + clen - crypto_aead_chacha20poly1305_ABYTES);
    sodium_memzero(mac, sizeof mac);