use timing-safe compares for checking results in signature verification

(there are no known attacks, this is just inexpensive prudence) feedback and ok tb@ jsing@
author: djm <> 2018-09-05 00:55:33 +0000
committer: djm <> 2018-09-05 00:55:33 +0000
commit: 500c35c4f020d87efbd1b5f638d51d78cce1b5ea (patch)
tree: e041735a97a92c3a22eab8257b329a2e73d4f9b0 /src/lib/libcrypto/rsa/rsa_pmeth.c
parent: a707e9b3b7839a52fa4e75b9c174d23c7dd8b683 (diff)
download: openbsd-500c35c4f020d87efbd1b5f638d51d78cce1b5ea.tar.gz
openbsd-500c35c4f020d87efbd1b5f638d51d78cce1b5ea.tar.bz2
openbsd-500c35c4f020d87efbd1b5f638d51d78cce1b5ea.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/src/lib/libcrypto/rsa/rsa_pmeth.c b/src/lib/libcrypto/rsa/rsa_pmeth.c
index b4a4e730c0..ea6401b3da 100644
--- a/src/lib/libcrypto/rsa/rsa_pmeth.c
+++ b/src/lib/libcrypto/rsa/rsa_pmeth.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rsa_pmeth.c,v 1.20 2017/08/28 17:41:59 jsing Exp $ */
+/* $OpenBSD: rsa_pmeth.c,v 1.21 2018/09/05 00:55:33 djm Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project 2006.
 */
@@ -296,7 +296,7 @@ pkey_rsa_verify(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen,
                        return 0;
        }
-        if (rslen != tbslen || memcmp(tbs, rctx->tbuf, rslen))
+        if (rslen != tbslen || timingsafe_bcmp(tbs, rctx->tbuf, rslen))
                return 0;
        return 1;
author	djm <>	2018-09-05 00:55:33 +0000
committer	djm <>	2018-09-05 00:55:33 +0000
commit	500c35c4f020d87efbd1b5f638d51d78cce1b5ea (patch)
tree	e041735a97a92c3a22eab8257b329a2e73d4f9b0 /src/lib/libcrypto/rsa/rsa_pmeth.c
parent	a707e9b3b7839a52fa4e75b9c174d23c7dd8b683 (diff)
download	openbsd-500c35c4f020d87efbd1b5f638d51d78cce1b5ea.tar.gz openbsd-500c35c4f020d87efbd1b5f638d51d78cce1b5ea.tar.bz2 openbsd-500c35c4f020d87efbd1b5f638d51d78cce1b5ea.zip

diff --git a/src/lib/libcrypto/rsa/rsa_pmeth.c b/src/lib/libcrypto/rsa/rsa_pmeth.c index b4a4e730c0..ea6401b3da 100644 --- a/src/lib/libcrypto/rsa/rsa_pmeth.c +++ b/src/lib/libcrypto/rsa/rsa_pmeth.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: rsa_pmeth.c,v 1.20 2017/08/28 17:41:59 jsing Exp $ */	1	/* $OpenBSD: rsa_pmeth.c,v 1.21 2018/09/05 00:55:33 djm Exp $ */
2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL	2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3	* project 2006.	3	* project 2006.
4	*/	4	*/
@@ -296,7 +296,7 @@ pkey_rsa_verify(EVP_PKEY_CTX ctx, const unsigned char sig, size_t siglen,
296	return 0;	296	return 0;
297	}	297	}
298		298
299	if (rslen != tbslen \|\| memcmp(tbs, rctx->tbuf, rslen))	299	if (rslen != tbslen \|\| timingsafe_bcmp(tbs, rctx->tbuf, rslen))
300	return 0;	300	return 0;
301		301
302	return 1;	302	return 1;