generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Add and use a constant-time memcmp.

Browse Source 
This change adds CRYPTO_memcmp, which compares two vectors of bytes in
an amount of time that's independent of their contents. It also changes
several MAC compares in the code to use this over the standard memcmp,
which may leak information about the size of a matching prefix.
(cherry picked from commit 2ee798880a)
This commit is contained in:
Ben Laurie
2013-01-28 17:30:38 +00:00
committed by Dr. Stephen Henson
parent 115f7fa562
commit f5cd3561ba
9 changed files with 27 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
ssl/t1_lib.c
View File

@@ -3123,7 +3123,7 @@ static int tls_decrypt_ticket(SSL *s, const unsigned char *etick, int eticklen,
HMAC_Update(&hctx, etick, eticklen);
HMAC_Final(&hctx, tick_hmac, NULL);
HMAC_CTX_cleanup(&hctx);
if (memcmp(tick_hmac, etick + eticklen, mlen))
if (CRYPTO_memcmp(tick_hmac, etick + eticklen, mlen))
return 2;
/* Attempt to decrypt session data */
/* Move p after IV to start of encrypted ticket, update length */