Replace remaining CRYPTO_memcmp() calls with timingsafe_memcmp().

ok doug@ deraadt@
author: jsing <> 2015-06-20 12:01:14 +0000
committer: jsing <> 2015-06-20 12:01:14 +0000
commit: 2112d12656f65e1a6af5948a65656faad29b38b4 (patch)
tree: d277b5bd406ae47b77e084fa58edf42d3d2d2acc /src/lib/libcrypto/rsa/rsa_oaep.c
parent: 73cef548cdfd8de314b5aba376df5f39c4bf1b6e (diff)
download: openbsd-2112d12656f65e1a6af5948a65656faad29b38b4.tar.gz
openbsd-2112d12656f65e1a6af5948a65656faad29b38b4.tar.bz2
openbsd-2112d12656f65e1a6af5948a65656faad29b38b4.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/src/lib/libcrypto/rsa/rsa_oaep.c b/src/lib/libcrypto/rsa/rsa_oaep.c
index 8585d7c3aa..86e2bfc34f 100644
--- a/src/lib/libcrypto/rsa/rsa_oaep.c
+++ b/src/lib/libcrypto/rsa/rsa_oaep.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rsa_oaep.c,v 1.24 2014/10/22 13:02:04 jsing Exp $ */
+/* $OpenBSD: rsa_oaep.c,v 1.25 2015/06/20 12:01:14 jsing Exp $ */
 /* Written by Ulf Moeller. This software is distributed on an "AS IS"
   basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. */
@@ -154,7 +154,7 @@ RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen,
        if (!EVP_Digest((void *)param, plen, phash, NULL, EVP_sha1(), NULL))
                return -1;
-        if (CRYPTO_memcmp(db, phash, SHA_DIGEST_LENGTH) != 0 || bad)
+        if (timingsafe_memcmp(db, phash, SHA_DIGEST_LENGTH) != 0 || bad)
                goto decoding_err;
        else {
                for (i = SHA_DIGEST_LENGTH; i < dblen; i++)
author	jsing <>	2015-06-20 12:01:14 +0000
committer	jsing <>	2015-06-20 12:01:14 +0000
commit	2112d12656f65e1a6af5948a65656faad29b38b4 (patch)
tree	d277b5bd406ae47b77e084fa58edf42d3d2d2acc /src/lib/libcrypto/rsa/rsa_oaep.c
parent	73cef548cdfd8de314b5aba376df5f39c4bf1b6e (diff)
download	openbsd-2112d12656f65e1a6af5948a65656faad29b38b4.tar.gz openbsd-2112d12656f65e1a6af5948a65656faad29b38b4.tar.bz2 openbsd-2112d12656f65e1a6af5948a65656faad29b38b4.zip

diff --git a/src/lib/libcrypto/rsa/rsa_oaep.c b/src/lib/libcrypto/rsa/rsa_oaep.c index 8585d7c3aa..86e2bfc34f 100644 --- a/src/lib/libcrypto/rsa/rsa_oaep.c +++ b/src/lib/libcrypto/rsa/rsa_oaep.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: rsa_oaep.c,v 1.24 2014/10/22 13:02:04 jsing Exp $ */	1	/* $OpenBSD: rsa_oaep.c,v 1.25 2015/06/20 12:01:14 jsing Exp $ */
2	/* Written by Ulf Moeller. This software is distributed on an "AS IS"	2	/* Written by Ulf Moeller. This software is distributed on an "AS IS"
3	basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. */	3	basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. */
4		4
@@ -154,7 +154,7 @@ RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen,
154	if (!EVP_Digest((void *)param, plen, phash, NULL, EVP_sha1(), NULL))	154	if (!EVP_Digest((void *)param, plen, phash, NULL, EVP_sha1(), NULL))
155	return -1;	155	return -1;
156		156
157	if (CRYPTO_memcmp(db, phash, SHA_DIGEST_LENGTH) != 0 \|\| bad)	157	if (timingsafe_memcmp(db, phash, SHA_DIGEST_LENGTH) != 0 \|\| bad)
158	goto decoding_err;	158	goto decoding_err;
159	else {	159	else {
160	for (i = SHA_DIGEST_LENGTH; i < dblen; i++)	160	for (i = SHA_DIGEST_LENGTH; i < dblen; i++)