diff options
| author | djm <> | 2018-09-05 00:55:33 +0000 |
|---|---|---|
| committer | djm <> | 2018-09-05 00:55:33 +0000 |
| commit | 500c35c4f020d87efbd1b5f638d51d78cce1b5ea (patch) | |
| tree | e041735a97a92c3a22eab8257b329a2e73d4f9b0 /src/lib/libcrypto/rsa/rsa_pss.c | |
| parent | a707e9b3b7839a52fa4e75b9c174d23c7dd8b683 (diff) | |
| download | openbsd-500c35c4f020d87efbd1b5f638d51d78cce1b5ea.tar.gz openbsd-500c35c4f020d87efbd1b5f638d51d78cce1b5ea.tar.bz2 openbsd-500c35c4f020d87efbd1b5f638d51d78cce1b5ea.zip | |
use timing-safe compares for checking results in signature verification
(there are no known attacks, this is just inexpensive prudence)
feedback and ok tb@ jsing@
Diffstat (limited to 'src/lib/libcrypto/rsa/rsa_pss.c')
| -rw-r--r-- | src/lib/libcrypto/rsa/rsa_pss.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/src/lib/libcrypto/rsa/rsa_pss.c b/src/lib/libcrypto/rsa/rsa_pss.c index 870f634b8d..562f7b252c 100644 --- a/src/lib/libcrypto/rsa/rsa_pss.c +++ b/src/lib/libcrypto/rsa/rsa_pss.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: rsa_pss.c,v 1.12 2017/01/29 17:49:23 beck Exp $ */ | 1 | /* $OpenBSD: rsa_pss.c,v 1.13 2018/09/05 00:55:33 djm Exp $ */ |
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2005. | 3 | * project 2005. |
| 4 | */ | 4 | */ |
| @@ -163,7 +163,7 @@ RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const unsigned char *mHash, | |||
| 163 | } | 163 | } |
| 164 | if (!EVP_DigestFinal_ex(&ctx, H_, NULL)) | 164 | if (!EVP_DigestFinal_ex(&ctx, H_, NULL)) |
| 165 | goto err; | 165 | goto err; |
| 166 | if (memcmp(H_, H, hLen)) { | 166 | if (timingsafe_bcmp(H_, H, hLen)) { |
| 167 | RSAerror(RSA_R_BAD_SIGNATURE); | 167 | RSAerror(RSA_R_BAD_SIGNATURE); |
| 168 | ret = 0; | 168 | ret = 0; |
| 169 | } else | 169 | } else |