1 files changed, 2 insertions, 2 deletions
diff --git a/src/lib/libcrypto/evp/e_aes.c b/src/lib/libcrypto/evp/e_aes.c
index 85591cfcb7..0a9455a5d2 100644
--- a/src/lib/libcrypto/evp/e_aes.c
+++ b/src/lib/libcrypto/evp/e_aes.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: e_aes.c,v 1.27 2015/02/10 09:50:12 miod Exp $ */
+/* $OpenBSD: e_aes.c,v 1.28 2015/06/20 12:01:14 jsing Exp $ */
 /* ====================================================================
 * Copyright (c) 2001-2011 The OpenSSL Project.  All rights reserved.
 *
@@ -1499,7 +1499,7 @@ aead_aes_gcm_open(const EVP_AEAD_CTX *ctx, unsigned char *out, size_t *out_len,
        }
        CRYPTO_gcm128_tag(&gcm, tag, gcm_ctx->tag_len);
-        if (CRYPTO_memcmp(tag, in + plaintext_len, gcm_ctx->tag_len) != 0) {
+        if (timingsafe_memcmp(tag, in + plaintext_len, gcm_ctx->tag_len) != 0) {
                EVPerr(EVP_F_AEAD_AES_GCM_OPEN, EVP_R_BAD_DECRYPT);
                return 0;
        }

diff --git a/src/lib/libcrypto/evp/e_aes.c b/src/lib/libcrypto/evp/e_aes.c index 85591cfcb7..0a9455a5d2 100644 --- a/src/lib/libcrypto/evp/e_aes.c +++ b/src/lib/libcrypto/evp/e_aes.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: e_aes.c,v 1.27 2015/02/10 09:50:12 miod Exp $ */	1	/* $OpenBSD: e_aes.c,v 1.28 2015/06/20 12:01:14 jsing Exp $ */
2	/* ====================================================================	2	/* ====================================================================
3	* Copyright (c) 2001-2011 The OpenSSL Project. All rights reserved.	3	* Copyright (c) 2001-2011 The OpenSSL Project. All rights reserved.
4	*	4	*
@@ -1499,7 +1499,7 @@ aead_aes_gcm_open(const EVP_AEAD_CTX ctx, unsigned char out, size_t *out_len,
1499	}	1499	}
1500		1500
1501	CRYPTO_gcm128_tag(&gcm, tag, gcm_ctx->tag_len);	1501	CRYPTO_gcm128_tag(&gcm, tag, gcm_ctx->tag_len);
1502	if (CRYPTO_memcmp(tag, in + plaintext_len, gcm_ctx->tag_len) != 0) {	1502	if (timingsafe_memcmp(tag, in + plaintext_len, gcm_ctx->tag_len) != 0) {
1503	EVPerr(EVP_F_AEAD_AES_GCM_OPEN, EVP_R_BAD_DECRYPT);	1503	EVPerr(EVP_F_AEAD_AES_GCM_OPEN, EVP_R_BAD_DECRYPT);
1504	return 0;	1504	return 0;
1505	}	1505	}