]> granicus.if.org Git - openssl/commit
Add and use a constant-time memcmp.
authorBen Laurie <ben@links.org>
Mon, 28 Jan 2013 17:30:38 +0000 (17:30 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Wed, 6 Feb 2013 14:16:55 +0000 (14:16 +0000)
commit7c770d572a719fa40fa9c82807a0bd3840baf4a0
treebc4d2be0bd12ef55460d16c760d87ff9ae954aa0
parentea34a58385058748c51037bfb2c3208ee639f5f1
Add and use a constant-time memcmp.

This change adds CRYPTO_memcmp, which compares two vectors of bytes in
an amount of time that's independent of their contents. It also changes
several MAC compares in the code to use this over the standard memcmp,
which may leak information about the size of a matching prefix.
(cherry picked from commit 2ee798880a246d648ecddadc5b91367bee4a5d98)
crypto/cryptlib.c
crypto/crypto.h
crypto/rsa/rsa_oaep.c
ssl/d1_pkt.c
ssl/s2_clnt.c
ssl/s2_pkt.c
ssl/s3_both.c
ssl/s3_pkt.c
ssl/t1_lib.c