Use CRYPTO_memcmp when comparing authenticators (1e4a355d) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

crypto/evp/e_aes.c

+3 −2

Original line number	Original line	Diff line number	Diff line
	@@ -50,6 +50,7 @@

	#include <openssl/opensslconf.h>		#include <openssl/opensslconf.h>
	#ifndef OPENSSL_NO_AES		#ifndef OPENSSL_NO_AES
			#include <openssl/crypto.h>
	# include <openssl/evp.h>		# include <openssl/evp.h>
	# include <openssl/err.h>		# include <openssl/err.h>
	# include <string.h>		# include <string.h>
	@@ -1555,7 +1556,7 @@ static int aes_gcm_tls_cipher(EVP_CIPHER_CTX ctx, unsigned char out,
	/* Retrieve tag */		/* Retrieve tag */
	CRYPTO_gcm128_tag(&gctx->gcm, ctx->buf, EVP_GCM_TLS_TAG_LEN);		CRYPTO_gcm128_tag(&gctx->gcm, ctx->buf, EVP_GCM_TLS_TAG_LEN);
	/* If tag mismatch wipe buffer */		/* If tag mismatch wipe buffer */
	if (memcmp(ctx->buf, in + len, EVP_GCM_TLS_TAG_LEN)) {		if (CRYPTO_memcmp(ctx->buf, in + len, EVP_GCM_TLS_TAG_LEN)) {
	OPENSSL_cleanse(out, len);		OPENSSL_cleanse(out, len);
	goto err;		goto err;
	}		}
	@@ -1990,7 +1991,7 @@ static int aes_ccm_cipher(EVP_CIPHER_CTX ctx, unsigned char out,
	!CRYPTO_ccm128_decrypt(ccm, in, out, len)) {		!CRYPTO_ccm128_decrypt(ccm, in, out, len)) {
	unsigned char tag[16];		unsigned char tag[16];
	if (CRYPTO_ccm128_tag(ccm, tag, cctx->M)) {		if (CRYPTO_ccm128_tag(ccm, tag, cctx->M)) {
	if (!memcmp(tag, ctx->buf, cctx->M))		if (!CRYPTO_memcmp(tag, ctx->buf, cctx->M))
	rv = len;		rv = len;
	}		}
	}		}

+2 −1

Original line number	Original line	Diff line number	Diff line
	@@ -54,6 +54,7 @@

	#if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_MD5)		#if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_MD5)

			# include <openssl/crypto.h>
	# include <openssl/evp.h>		# include <openssl/evp.h>
	# include <openssl/objects.h>		# include <openssl/objects.h>
	# include <openssl/rc4.h>		# include <openssl/rc4.h>
	@@ -209,7 +210,7 @@ static int rc4_hmac_md5_cipher(EVP_CIPHER_CTX ctx, unsigned char out,
	MD5_Update(&key->md, mac, MD5_DIGEST_LENGTH);		MD5_Update(&key->md, mac, MD5_DIGEST_LENGTH);
	MD5_Final(mac, &key->md);		MD5_Final(mac, &key->md);

	if (memcmp(out + plen, mac, MD5_DIGEST_LENGTH))		if (CRYPTO_memcmp(out + plen, mac, MD5_DIGEST_LENGTH))
	return 0;		return 0;
	} else {		} else {
	MD5_Update(&key->md, out + md5_off, len - md5_off);		MD5_Update(&key->md, out + md5_off, len - md5_off);

+1 −1

Original line number	Original line	Diff line number	Diff line
	@@ -1685,7 +1685,7 @@ int CRYPTO_gcm128_finish(GCM128_CONTEXT ctx, const unsigned char tag,
	ctx->Xi.u[1] ^= ctx->EK0.u[1];		ctx->Xi.u[1] ^= ctx->EK0.u[1];

	if (tag && len <= sizeof(ctx->Xi))		if (tag && len <= sizeof(ctx->Xi))
	return memcmp(ctx->Xi.c, tag, len);		return CRYPTO_memcmp(ctx->Xi.c, tag, len);
	else		else
	return -1;		return -1;
	}		}

+2 −1

Original line number	Original line	Diff line number	Diff line
	@@ -59,6 +59,7 @@

	# include <stdio.h>		# include <stdio.h>
	# include "internal/cryptlib.h"		# include "internal/cryptlib.h"
			#include <openssl/crypto.h>
	# include <openssl/hmac.h>		# include <openssl/hmac.h>
	# include <openssl/rand.h>		# include <openssl/rand.h>
	# include <openssl/pkcs12.h>		# include <openssl/pkcs12.h>
	@@ -123,7 +124,7 @@ int PKCS12_verify_mac(PKCS12 p12, const char pass, int passlen)
	return 0;		return 0;
	}		}
	if ((maclen != (unsigned int)p12->mac->dinfo->digest->length)		if ((maclen != (unsigned int)p12->mac->dinfo->digest->length)
	\|\| memcmp(mac, p12->mac->dinfo->digest->data, maclen))		\|\| CRYPTO_memcmp(mac, p12->mac->dinfo->digest->data, maclen))
	return 0;		return 0;
	return 1;		return 1;
	}		}