Use FixedTimeEquals

author: Peter Dettman <peter.dettman@bouncycastle.org> 2022-11-23 21:08:34 +0700
committer: Peter Dettman <peter.dettman@bouncycastle.org> 2022-11-23 21:08:34 +0700
commit: 29a112bef25c63c03da142e665f027f00bd496b0 (patch)
tree: f5e2d730f84fc9f720a1e20b6b381c2bdefbee71 /crypto/src/tls
parent: Round 4 modifications to HQC + removed some redundancy (diff)
download: BouncyCastle.NET-ed25519-29a112bef25c63c03da142e665f027f00bd496b0.tar.xz
9 files changed, 11 insertions, 11 deletions
diff --git a/crypto/src/tls/DtlsClientProtocol.cs b/crypto/src/tls/DtlsClientProtocol.cs
index 0a4a711ae..92478dc46 100644
--- a/crypto/src/tls/DtlsClientProtocol.cs
+++ b/crypto/src/tls/DtlsClientProtocol.cs
@@ -805,7 +805,7 @@ namespace Org.BouncyCastle.Tls
                      */
                     securityParameters.m_secureRenegotiation = true;
 
-                    if (!Arrays.ConstantTimeAreEqual(renegExtData,
+                    if (!Arrays.FixedTimeEquals(renegExtData,
                         TlsProtocol.CreateRenegotiationInfo(TlsUtilities.EmptyBytes)))
                     {
                         throw new TlsFatalAlert(AlertDescription.handshake_failure);
diff --git a/crypto/src/tls/DtlsProtocol.cs b/crypto/src/tls/DtlsProtocol.cs
index 3d72bca9f..745535148 100644
--- a/crypto/src/tls/DtlsProtocol.cs
+++ b/crypto/src/tls/DtlsProtocol.cs
@@ -21,7 +21,7 @@ namespace Org.BouncyCastle.Tls
 
             TlsProtocol.AssertEmpty(buf);
 
-            if (!Arrays.ConstantTimeAreEqual(expected_verify_data, verify_data))
+            if (!Arrays.FixedTimeEquals(expected_verify_data, verify_data))
                 throw new TlsFatalAlert(AlertDescription.handshake_failure);
         }
 
diff --git a/crypto/src/tls/DtlsServerProtocol.cs b/crypto/src/tls/DtlsServerProtocol.cs
index 5edd5595e..43d4e5539 100644
--- a/crypto/src/tls/DtlsServerProtocol.cs
+++ b/crypto/src/tls/DtlsServerProtocol.cs
@@ -769,7 +769,7 @@ namespace Org.BouncyCastle.Tls
                      */
                     securityParameters.m_secureRenegotiation = true;
 
-                    if (!Arrays.ConstantTimeAreEqual(renegExtData,
+                    if (!Arrays.FixedTimeEquals(renegExtData,
                         TlsProtocol.CreateRenegotiationInfo(TlsUtilities.EmptyBytes)))
                     {
                         throw new TlsFatalAlert(AlertDescription.handshake_failure);
diff --git a/crypto/src/tls/DtlsVerifier.cs b/crypto/src/tls/DtlsVerifier.cs
index edadeae70..e691685e6 100644
--- a/crypto/src/tls/DtlsVerifier.cs
+++ b/crypto/src/tls/DtlsVerifier.cs
@@ -57,14 +57,14 @@ namespace Org.BouncyCastle.Tls
                         //}
                         //case 1:
                         //{
-                        //    if (Arrays.ConstantTimeAreEqual(expectedCookie, request.ClientHello.Cookie))
+                        //    if (Arrays.FixedTimeEquals(expectedCookie, request.ClientHello.Cookie))
                         //        return request;
 
                         //    break;
                         //}
                         //}
 
-                        if (Arrays.ConstantTimeAreEqual(expectedCookie, request.ClientHello.Cookie))
+                        if (Arrays.FixedTimeEquals(expectedCookie, request.ClientHello.Cookie))
                             return request;
 
                         DtlsReliableHandshake.SendHelloVerifyRequest(sender, request.RecordSeq, expectedCookie);
diff --git a/crypto/src/tls/PskIdentity.cs b/crypto/src/tls/PskIdentity.cs
index 1887d0af4..2d4a0b0c7 100644
--- a/crypto/src/tls/PskIdentity.cs
+++ b/crypto/src/tls/PskIdentity.cs
@@ -58,7 +58,7 @@ namespace Org.BouncyCastle.Tls
                 return false;
 
             return this.m_obfuscatedTicketAge == that.m_obfuscatedTicketAge
-                && Arrays.ConstantTimeAreEqual(this.m_identity, that.m_identity);
+                && Arrays.FixedTimeEquals(this.m_identity, that.m_identity);
         }
 
         public override int GetHashCode()
diff --git a/crypto/src/tls/TlsClientProtocol.cs b/crypto/src/tls/TlsClientProtocol.cs
index b7295bcc5..ec1cd28d5 100644
--- a/crypto/src/tls/TlsClientProtocol.cs
+++ b/crypto/src/tls/TlsClientProtocol.cs
@@ -1211,7 +1211,7 @@ namespace Org.BouncyCastle.Tls
                      */
                     securityParameters.m_secureRenegotiation = true;
 
-                    if (!Arrays.ConstantTimeAreEqual(renegExtData, CreateRenegotiationInfo(TlsUtilities.EmptyBytes)))
+                    if (!Arrays.FixedTimeEquals(renegExtData, CreateRenegotiationInfo(TlsUtilities.EmptyBytes)))
                         throw new TlsFatalAlert(AlertDescription.handshake_failure);
                 }
             }
diff --git a/crypto/src/tls/TlsProtocol.cs b/crypto/src/tls/TlsProtocol.cs
index 437a51447..16bc1385e 100644
--- a/crypto/src/tls/TlsProtocol.cs
+++ b/crypto/src/tls/TlsProtocol.cs
@@ -1517,7 +1517,7 @@ namespace Org.BouncyCastle.Tls
             /*
              * Compare both checksums.
              */
-            if (!Arrays.ConstantTimeAreEqual(expected_verify_data, verify_data))
+            if (!Arrays.FixedTimeEquals(expected_verify_data, verify_data))
             {
                 /*
                  * Wrong checksum in the finished message.
@@ -1557,7 +1557,7 @@ namespace Org.BouncyCastle.Tls
             /*
              * Compare both checksums.
              */
-            if (!Arrays.ConstantTimeAreEqual(expected_verify_data, verify_data))
+            if (!Arrays.FixedTimeEquals(expected_verify_data, verify_data))
             {
                 /*
                  * Wrong checksum in the finished message.
diff --git a/crypto/src/tls/TlsServerProtocol.cs b/crypto/src/tls/TlsServerProtocol.cs
index bf4b9119a..72c1b2ea5 100644
--- a/crypto/src/tls/TlsServerProtocol.cs
+++ b/crypto/src/tls/TlsServerProtocol.cs
@@ -512,7 +512,7 @@ namespace Org.BouncyCastle.Tls
                      */
                     securityParameters.m_secureRenegotiation = true;
 
-                    if (!Arrays.ConstantTimeAreEqual(clientRenegExtData,
+                    if (!Arrays.FixedTimeEquals(clientRenegExtData,
                         CreateRenegotiationInfo(TlsUtilities.EmptyBytes)))
                     {
                         throw new TlsFatalAlert(AlertDescription.handshake_failure);
diff --git a/crypto/src/tls/TlsUtilities.cs b/crypto/src/tls/TlsUtilities.cs
index e1a8ead58..424fca133 100644
--- a/crypto/src/tls/TlsUtilities.cs
+++ b/crypto/src/tls/TlsUtilities.cs
@@ -5630,7 +5630,7 @@ namespace Org.BouncyCastle.Tls
                             byte[] calculatedBinder = CalculatePskBinder(crypto, isExternalPsk, pskCryptoHashAlgorithm,
                                 earlySecret, transcriptHash);
 
-                            if (Arrays.ConstantTimeAreEqual(calculatedBinder, binder))
+                            if (Arrays.FixedTimeEquals(calculatedBinder, binder))
                                 return new OfferedPsks.SelectedConfig(index, psk, pskKeyExchangeModes, earlySecret);
                         }
                     }
author	Peter Dettman <peter.dettman@bouncycastle.org>	2022-11-23 21:08:34 +0700
committer	Peter Dettman <peter.dettman@bouncycastle.org>	2022-11-23 21:08:34 +0700
commit	29a112bef25c63c03da142e665f027f00bd496b0 (patch)
tree	f5e2d730f84fc9f720a1e20b6b381c2bdefbee71 /crypto/src/tls
parent	Round 4 modifications to HQC + removed some redundancy (diff)
download	BouncyCastle.NET-ed25519-29a112bef25c63c03da142e665f027f00bd496b0.tar.xz