Use CRYPTO_memcmp when comparing authenticators

Pointed out by Victor Vasiliev (vasilvv@mit.edu) via Adam Langley (Google). Reviewed-by: Rich Salz <rsalz@openssl.org> (cherry picked from commit 1e4a355dcabe2f75df5bb8b41b394d37037169d2)
author: Emilia Kasper <emilia@openssl.org> 2015-05-27 17:12:13 +0200
committer: Emilia Kasper <emilia@openssl.org> 2015-06-08 15:01:14 +0200
commit: ac32a77cd69784568090e934a31622ddfee49ca7 (patch)
tree: 395bb6bc89fde1ba17a2e6b686dad06e0e947099 /crypto/pkcs12
parent: f877da9cedb95df94105d7292f8e0963175e58dc (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/crypto/pkcs12/p12_mutl.c b/crypto/pkcs12/p12_mutl.c
index 256b210cce..5ab4bf290e 100644
--- a/crypto/pkcs12/p12_mutl.c
+++ b/crypto/pkcs12/p12_mutl.c
@@ -60,6 +60,7 @@
 #ifndef OPENSSL_NO_HMAC
 # include <stdio.h>
 # include "cryptlib.h"
+# include <openssl/crypto.h>
 # include <openssl/hmac.h>
 # include <openssl/rand.h>
 # include <openssl/pkcs12.h>
@@ -123,7 +124,7 @@ int PKCS12_verify_mac(PKCS12 *p12, const char *pass, int passlen)
         return 0;
     }
     if ((maclen != (unsigned int)p12->mac->dinfo->digest->length)
-        || memcmp(mac, p12->mac->dinfo->digest->data, maclen))
+        || CRYPTO_memcmp(mac, p12->mac->dinfo->digest->data, maclen))
         return 0;
     return 1;
 }
author	Emilia Kasper <emilia@openssl.org>	2015-05-27 17:12:13 +0200
committer	Emilia Kasper <emilia@openssl.org>	2015-06-08 15:01:14 +0200
commit	ac32a77cd69784568090e934a31622ddfee49ca7 (patch)
tree	395bb6bc89fde1ba17a2e6b686dad06e0e947099 /crypto/pkcs12
parent	f877da9cedb95df94105d7292f8e0963175e58dc (diff)