diff options
-rw-r--r-- | crypto/cryptlib.c | 13 | ||||
-rw-r--r-- | crypto/crypto.h | 7 | ||||
-rw-r--r-- | crypto/rsa/rsa_oaep.c | 2 | ||||
-rw-r--r-- | ssl/d1_pkt.c | 4 | ||||
-rw-r--r-- | ssl/s2_clnt.c | 2 | ||||
-rw-r--r-- | ssl/s2_pkt.c | 3 | ||||
-rw-r--r-- | ssl/s3_both.c | 2 | ||||
-rw-r--r-- | ssl/s3_pkt.c | 2 | ||||
-rw-r--r-- | ssl/t1_lib.c | 2 |
9 files changed, 28 insertions, 9 deletions
diff --git a/crypto/cryptlib.c b/crypto/cryptlib.c index dd74ea8855..0566ec1f97 100644 --- a/crypto/cryptlib.c +++ b/crypto/cryptlib.c @@ -542,3 +542,16 @@ void OpenSSLDie(const char *file,int line,const char *assertion) } void *OPENSSL_stderr(void) { return stderr; } + +int CRYPTO_memcmp(const void *in_a, const void *in_b, size_t len) + { + size_t i; + const unsigned char *a = in_a; + const unsigned char *b = in_b; + unsigned char x = 0; + + for (i = 0; i < len; i++) + x |= a[i] ^ b[i]; + + return x; + } diff --git a/crypto/crypto.h b/crypto/crypto.h index fc1374fad5..6161697cdc 100644 --- a/crypto/crypto.h +++ b/crypto/crypto.h @@ -591,6 +591,13 @@ int OPENSSL_isservice(void); #define OPENSSL_HAVE_INIT 1 void OPENSSL_init(void); +/* CRYPTO_memcmp returns zero iff the |len| bytes at |a| and |b| are equal. It + * takes an amount of time dependent on |len|, but independent of the contents + * of |a| and |b|. Unlike memcmp, it cannot be used to put elements into a + * defined order as the return value when a != b is undefined, other than to be + * non-zero. */ +int CRYPTO_memcmp(const void *a, const void *b, size_t len); + /* BEGIN ERROR CODES */ /* The following lines are auto generated by the script mkerr.pl. Any changes * made after this point may be overwritten when the script is next run. diff --git a/crypto/rsa/rsa_oaep.c b/crypto/rsa/rsa_oaep.c index 546ae5fcb2..b8e3edc000 100644 --- a/crypto/rsa/rsa_oaep.c +++ b/crypto/rsa/rsa_oaep.c @@ -143,7 +143,7 @@ int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen, EVP_Digest((void *)param, plen, phash, NULL, EVP_sha1(), NULL); - if (memcmp(db, phash, SHA_DIGEST_LENGTH) != 0 || bad) + if (CRYPTO_memcmp(db, phash, SHA_DIGEST_LENGTH) != 0 || bad) goto decoding_err; else { diff --git a/ssl/d1_pkt.c b/ssl/d1_pkt.c index 65b1ef28cd..8e9ee5a77e 100644 --- a/ssl/d1_pkt.c +++ b/ssl/d1_pkt.c @@ -410,8 +410,8 @@ if ( (sess == NULL) || } else rr->length = 0; - s->method->ssl3_enc->mac(s,md,0); - if (mac == NULL || memcmp(md, mac, mac_size) != 0) + i=s->method->ssl3_enc->mac(s,md,0); + if (i < 0 || mac == NULL || CRYPTO_memcmp(md,mac,mac_size) != 0) { decryption_failed_or_bad_record_mac = 1; } diff --git a/ssl/s2_clnt.c b/ssl/s2_clnt.c index 782129cd5d..c13a640455 100644 --- a/ssl/s2_clnt.c +++ b/ssl/s2_clnt.c @@ -935,7 +935,7 @@ static int get_server_verify(SSL *s) s->msg_callback(0, s->version, 0, p, len, s, s->msg_callback_arg); /* SERVER-VERIFY */ p += 1; - if (memcmp(p,s->s2->challenge,s->s2->challenge_length) != 0) + if (CRYPTO_memcmp(p,s->s2->challenge,s->s2->challenge_length) != 0) { ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); SSLerr(SSL_F_GET_SERVER_VERIFY,SSL_R_CHALLENGE_IS_DIFFERENT); diff --git a/ssl/s2_pkt.c b/ssl/s2_pkt.c index a10929a757..7387d8b7c5 100644 --- a/ssl/s2_pkt.c +++ b/ssl/s2_pkt.c @@ -267,8 +267,7 @@ static int ssl2_read_internal(SSL *s, void *buf, int len, int peek) s->s2->ract_data_length-=mac_size; ssl2_mac(s,mac,0); s->s2->ract_data_length-=s->s2->padding; - if ( (memcmp(mac,s->s2->mac_data, - (unsigned int)mac_size) != 0) || + if ( (CRYPTO_memcmp(mac,s->s2->mac_data,mac_size) != 0) || (s->s2->rlength%EVP_CIPHER_CTX_block_size(s->enc_read_ctx) != 0)) { SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_BAD_MAC_DECODE); diff --git a/ssl/s3_both.c b/ssl/s3_both.c index 869a25d476..86ad59858c 100644 --- a/ssl/s3_both.c +++ b/ssl/s3_both.c @@ -242,7 +242,7 @@ int ssl3_get_finished(SSL *s, int a, int b) goto f_err; } - if (memcmp(p, s->s3->tmp.peer_finish_md, i) != 0) + if (CRYPTO_memcmp(p, s->s3->tmp.peer_finish_md, i) != 0) { al=SSL_AD_DECRYPT_ERROR; SSLerr(SSL_F_SSL3_GET_FINISHED,SSL_R_DIGEST_CHECK_FAILED); diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c index 5e3583c04d..0e041c0ce0 100644 --- a/ssl/s3_pkt.c +++ b/ssl/s3_pkt.c @@ -414,7 +414,7 @@ printf("\n"); #endif } i=s->method->ssl3_enc->mac(s,md,0); - if (mac == NULL || memcmp(md, mac, mac_size) != 0) + if (i < 0 || mac == NULL || CRYPTO_memcmp(md, mac, (size_t)mac_size) != 0) { decryption_failed_or_bad_record_mac = 1; } diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 00b8286acb..d56456e14d 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -1012,7 +1012,7 @@ static int tls_decrypt_ticket(SSL *s, const unsigned char *etick, int eticklen, HMAC_Update(&hctx, etick, eticklen); HMAC_Final(&hctx, tick_hmac, NULL); HMAC_CTX_cleanup(&hctx); - if (memcmp(tick_hmac, etick + eticklen, mlen)) + if (CRYPTO_memcmp(tick_hmac, etick + eticklen, mlen)) goto tickerr; /* Attempt to decrypt session data */ /* Move p after IV to start of encrypted ticket, update length */ |