Use CRYPTO_memcmp when comparing authenticators

Pointed out by Victor Vasiliev (vasilvv@mit.edu) via Adam Langley (Google). Reviewed-by: Rich Salz <rsalz@openssl.org>
author: Emilia Kasper <emilia@openssl.org> 2015-05-27 17:12:13 +0200
committer: Emilia Kasper <emilia@openssl.org> 2015-06-08 14:55:50 +0200
commit: 1e4a355dcabe2f75df5bb8b41b394d37037169d2 (patch)
tree: aac26a71e92cf32f361342fbe2c3fe4edde4395d /crypto/evp/e_aes.c
parent: 65d3941f4aa199d0fcd615b074876f8ff2886d11 (diff)
1 files changed, 3 insertions, 2 deletions
diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c
index 0b7838e455..895e8ee4a7 100644
--- a/crypto/evp/e_aes.c
+++ b/crypto/evp/e_aes.c
@@ -50,6 +50,7 @@
 
 #include <openssl/opensslconf.h>
 #ifndef OPENSSL_NO_AES
+#include <openssl/crypto.h>
 # include <openssl/evp.h>
 # include <openssl/err.h>
 # include <string.h>
@@ -1555,7 +1556,7 @@ static int aes_gcm_tls_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
         /* Retrieve tag */
         CRYPTO_gcm128_tag(&gctx->gcm, ctx->buf, EVP_GCM_TLS_TAG_LEN);
         /* If tag mismatch wipe buffer */
-        if (memcmp(ctx->buf, in + len, EVP_GCM_TLS_TAG_LEN)) {
+        if (CRYPTO_memcmp(ctx->buf, in + len, EVP_GCM_TLS_TAG_LEN)) {
             OPENSSL_cleanse(out, len);
             goto err;
         }
@@ -1990,7 +1991,7 @@ static int aes_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
             !CRYPTO_ccm128_decrypt(ccm, in, out, len)) {
             unsigned char tag[16];
             if (CRYPTO_ccm128_tag(ccm, tag, cctx->M)) {
-                if (!memcmp(tag, ctx->buf, cctx->M))
+                if (!CRYPTO_memcmp(tag, ctx->buf, cctx->M))
                     rv = len;
             }
         }
author	Emilia Kasper <emilia@openssl.org>	2015-05-27 17:12:13 +0200
committer	Emilia Kasper <emilia@openssl.org>	2015-06-08 14:55:50 +0200
commit	1e4a355dcabe2f75df5bb8b41b394d37037169d2 (patch)
tree	aac26a71e92cf32f361342fbe2c3fe4edde4395d /crypto/evp/e_aes.c
parent	65d3941f4aa199d0fcd615b074876f8ff2886d11 (diff)