crypto: improve ccmp.

lib/bcoin/crypto.js

@@ -400,8 +400,7 @@ crypto.hkdfExpand = function hkdfExpand(prk, info, len, alg) {
  */
 
 crypto.ccmp = function ccmp(a, b) {
-  var res = 0;
-  var i;
+  var i, res;
 
   if (!Buffer.isBuffer(a))
     return false;
@@ -409,13 +408,13 @@ crypto.ccmp = function ccmp(a, b) {
   if (!Buffer.isBuffer(b))
     return false;
 
-  // It's assumed the target length
-  // would be known to an attacker anyway.
-  if (a.length !== b.length)
-    return false;
+  if (b.length === 0)
+    return a.length === 0;
+
+  res = a.length ^ b.length;
 
   for (i = 0; i < a.length; i++)
-    res |= a[i] ^ b[i];
+    res |= a[i] ^ b[i % b.length];
 
   return res === 0;
 };