summaryrefslogtreecommitdiffstats
path: root/crypto/cryptlib.c
diff options
context:
space:
mode:
authorBen Laurie <ben@links.org>2013-01-28 18:30:38 +0100
committerDr. Stephen Henson <steve@openssl.org>2013-02-06 15:16:55 +0100
commit7c770d572a719fa40fa9c82807a0bd3840baf4a0 (patch)
treebc4d2be0bd12ef55460d16c760d87ff9ae954aa0 /crypto/cryptlib.c
parentFix for trace code: SSL3 doesn't include a length value for (diff)
downloadopenssl-7c770d572a719fa40fa9c82807a0bd3840baf4a0.tar.xz
openssl-7c770d572a719fa40fa9c82807a0bd3840baf4a0.zip
Add and use a constant-time memcmp.
This change adds CRYPTO_memcmp, which compares two vectors of bytes in an amount of time that's independent of their contents. It also changes several MAC compares in the code to use this over the standard memcmp, which may leak information about the size of a matching prefix. (cherry picked from commit 2ee798880a246d648ecddadc5b91367bee4a5d98)
Diffstat (limited to 'crypto/cryptlib.c')
-rw-r--r--crypto/cryptlib.c13
1 files changed, 13 insertions, 0 deletions
diff --git a/crypto/cryptlib.c b/crypto/cryptlib.c
index 07b0a66217..56d82adfcd 100644
--- a/crypto/cryptlib.c
+++ b/crypto/cryptlib.c
@@ -397,3 +397,16 @@ void OpenSSLDie(const char *file,int line,const char *assertion)
#ifndef OPENSSL_FIPSCANISTER
void *OPENSSL_stderr(void) { return stderr; }
#endif
+
+int CRYPTO_memcmp(const void *in_a, const void *in_b, size_t len)
+ {
+ size_t i;
+ const unsigned char *a = in_a;
+ const unsigned char *b = in_b;
+ unsigned char x = 0;
+
+ for (i = 0; i < len; i++)
+ x |= a[i] ^ b[i];
+
+ return x;
+ }