fix potential timing attacks in rsa, eax, ocb and ocb3

2017-06-20 15:55:35 +02:00 · 2017-06-20 15:55:35 +02:00 · 05e28d6cfa
commit 05e28d6cfa
parent b03b93099d
4 changed files with 4 additions and 4 deletions
--- a/src/encauth/eax/eax_decrypt_verify_memory.c
+++ b/src/encauth/eax/eax_decrypt_verify_memory.c
@ -82,7 +82,7 @@ int eax_decrypt_verify_memory(int cipher,
   }

   /* compare tags */
-   if (buflen >= taglen && XMEMCMP(buf, tag, taglen) == 0) {
+   if (buflen >= taglen && XMEM_NEQ(buf, tag, taglen) == 0) {
      *stat = 1;
   }

--- a/src/encauth/ocb/ocb_done_decrypt.c
+++ b/src/encauth/ocb/ocb_done_decrypt.c
@ -55,7 +55,7 @@ int ocb_done_decrypt(ocb_state *ocb,
      goto LBL_ERR;
   }

-   if (taglen <= tagbuflen && XMEMCMP(tagbuf, tag, taglen) == 0) {
+   if (taglen <= tagbuflen && XMEM_NEQ(tagbuf, tag, taglen) == 0) {
      *stat = 1;
   }

--- a/src/encauth/ocb3/ocb3_decrypt_verify_memory.c
+++ b/src/encauth/ocb3/ocb3_decrypt_verify_memory.c
@ -87,7 +87,7 @@ int ocb3_decrypt_verify_memory(int cipher,
   }

   /* compare tags */
-   if (buflen >= taglen && XMEMCMP(buf, tag, taglen) == 0) {
+   if (buflen >= taglen && XMEM_NEQ(buf, tag, taglen) == 0) {
      *stat = 1;
   }

--- a/src/pk/rsa/rsa_verify_hash.c
+++ b/src/pk/rsa/rsa_verify_hash.c
@ -163,7 +163,7 @@ int rsa_verify_hash_ex(const unsigned char *sig,      unsigned long siglen,
    } else {
      /* only check if the hash is equal */
      if ((hashlen == outlen) &&
-          (XMEMCMP(out, hash, hashlen) == 0)) {
+          (XMEM_NEQ(out, hash, hashlen) == 0)) {
        *stat = 1;
      }
    }