Use CRYPTO_memcmp for the integrity-tag check to close a byte-by-byte timing oracle over an attacker-controlled plaintext prefix, and ngx_memcpy for the expiry timestamp to avoid an unaligned 64-bit read.