1c1
< /* $OpenBSD: ssh-rsa.c,v 1.40 2010/02/26 20:29:54 djm Exp $ */
---
> /* $OpenBSD: ssh-rsa.c,v 1.44 2010/07/16 14:07:35 djm Exp $ */
32a33
> #include "misc.h"
49,51c50,51
< if (key == NULL ||
< (key->type != KEY_RSA && key->type != KEY_RSA_CERT) ||
< key->rsa == NULL) {
---
> if (key == NULL || key->rsa == NULL || (key->type != KEY_RSA &&
> key->type != KEY_RSA_CERT && key->type != KEY_RSA_CERT_V00)) {
118,120c118,119
< if (key == NULL ||
< (key->type != KEY_RSA && key->type != KEY_RSA_CERT) ||
< key->rsa == NULL) {
---
> if (key == NULL || key->rsa == NULL || (key->type != KEY_RSA &&
> key->type != KEY_RSA_CERT && key->type != KEY_RSA_CERT_V00)) {
215c214
< int len;
---
> int len, oidmatch, hashmatch;
254c253,255
< if (memcmp(decrypted, oid, oidlen) != 0) {
---
> oidmatch = timingsafe_bcmp(decrypted, oid, oidlen) == 0;
> hashmatch = timingsafe_bcmp(decrypted + oidlen, hash, hlen) == 0;
> if (!oidmatch) {
258c259
< if (memcmp(decrypted + oidlen, hash, hlen) != 0) {
---
> if (!hashmatch) {
< /* $OpenBSD: ssh-rsa.c,v 1.40 2010/02/26 20:29:54 djm Exp $ */
---
> /* $OpenBSD: ssh-rsa.c,v 1.44 2010/07/16 14:07:35 djm Exp $ */
32a33
> #include "misc.h"
49,51c50,51
< if (key == NULL ||
< (key->type != KEY_RSA && key->type != KEY_RSA_CERT) ||
< key->rsa == NULL) {
---
> if (key == NULL || key->rsa == NULL || (key->type != KEY_RSA &&
> key->type != KEY_RSA_CERT && key->type != KEY_RSA_CERT_V00)) {
118,120c118,119
< if (key == NULL ||
< (key->type != KEY_RSA && key->type != KEY_RSA_CERT) ||
< key->rsa == NULL) {
---
> if (key == NULL || key->rsa == NULL || (key->type != KEY_RSA &&
> key->type != KEY_RSA_CERT && key->type != KEY_RSA_CERT_V00)) {
215c214
< int len;
---
> int len, oidmatch, hashmatch;
254c253,255
< if (memcmp(decrypted, oid, oidlen) != 0) {
---
> oidmatch = timingsafe_bcmp(decrypted, oid, oidlen) == 0;
> hashmatch = timingsafe_bcmp(decrypted + oidlen, hash, hlen) == 0;
> if (!oidmatch) {
258c259
< if (memcmp(decrypted + oidlen, hash, hlen) != 0) {
---
> if (!hashmatch) {