From cf8d06115d06d7cd4e7c605fa4acb85d5dd5f2f5 Mon Sep 17 00:00:00 2001 From: dxbjavid Date: Wed, 3 Jun 2026 14:52:35 +0530 Subject: [PATCH] scwallet: use constant-time comparison for secure channel MACs --- accounts/scwallet/securechannel.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/accounts/scwallet/securechannel.go b/accounts/scwallet/securechannel.go index 1e0230dc45..1d705e47b2 100644 --- a/accounts/scwallet/securechannel.go +++ b/accounts/scwallet/securechannel.go @@ -17,12 +17,12 @@ package scwallet import ( - "bytes" "crypto/aes" "crypto/cipher" "crypto/rand" "crypto/sha256" "crypto/sha512" + "crypto/subtle" "errors" "fmt" @@ -101,7 +101,7 @@ func (s *SecureChannelSession) Pair(pairingPassword []byte) error { cardCryptogram := response.Data[:32] cardChallenge := response.Data[32:64] - if !bytes.Equal(expectedCryptogram, cardCryptogram) { + if subtle.ConstantTimeCompare(expectedCryptogram, cardCryptogram) != 1 { return fmt.Errorf("invalid card cryptogram %v != %v", expectedCryptogram, cardCryptogram) } @@ -253,7 +253,7 @@ func (s *SecureChannelSession) transmitEncrypted(cla, ins, p1, p2 byte, data []b if err = s.updateIV(rmeta[:], rdata); err != nil { return nil, err } - if !bytes.Equal(s.iv, rmac) { + if subtle.ConstantTimeCompare(s.iv, rmac) != 1 { return nil, errors.New("invalid MAC in response") }