fix potential timing attacks in rsa, eax, ocb and ocb3

src/encauth/eax/eax_decrypt_verify_memory.c

@@ -82,7 +82,7 @@ int eax_decrypt_verify_memory(int cipher,
    }
 
    /* compare tags */
-   if (buflen >= taglen && XMEMCMP(buf, tag, taglen) == 0) {
+   if (buflen >= taglen && XMEM_NEQ(buf, tag, taglen) == 0) {
       *stat = 1;
    }
 

src/encauth/ocb/ocb_done_decrypt.c

@@ -55,7 +55,7 @@ int ocb_done_decrypt(ocb_state *ocb,
       goto LBL_ERR;
    }
 
-   if (taglen <= tagbuflen && XMEMCMP(tagbuf, tag, taglen) == 0) {
+   if (taglen <= tagbuflen && XMEM_NEQ(tagbuf, tag, taglen) == 0) {
       *stat = 1;
    }
 

src/encauth/ocb3/ocb3_decrypt_verify_memory.c

@@ -87,7 +87,7 @@ int ocb3_decrypt_verify_memory(int cipher,
    }
 
    /* compare tags */
-   if (buflen >= taglen && XMEMCMP(buf, tag, taglen) == 0) {
+   if (buflen >= taglen && XMEM_NEQ(buf, tag, taglen) == 0) {
       *stat = 1;
    }
 

src/pk/rsa/rsa_verify_hash.c

@@ -163,7 +163,7 @@ int rsa_verify_hash_ex(const unsigned char *sig,      unsigned long siglen,
     } else {
       /* only check if the hash is equal */
       if ((hashlen == outlen) &&
-          (XMEMCMP(out, hash, hashlen) == 0)) {
+          (XMEM_NEQ(out, hash, hashlen) == 0)) {
         *stat = 1;
       }
     }