[openssl-commits] [openssl] OpenSSL_1_0_2-stable update

Emilia Kasper emilia at openssl.org
Mon Jun 8 13:30:39 UTC 2015 

The branch OpenSSL_1_0_2-stable has been updated
       via  05627d57e55517eae21c251fe287760bd1137218 (commit)
       via  ac32a77cd69784568090e934a31622ddfee49ca7 (commit)
      from  f877da9cedb95df94105d7292f8e0963175e58dc (commit)


- Log -----------------------------------------------------------------
commit 05627d57e55517eae21c251fe287760bd1137218
Author: Emilia Kasper <emilia at openssl.org>
Date:   Mon Jun 8 15:04:28 2015 +0200

    Use CRYPTO_memcmp in s3_cbc.c
    
    Reviewed-by: Rich Salz <rsalz at openssl.org>

commit ac32a77cd69784568090e934a31622ddfee49ca7
Author: Emilia Kasper <emilia at openssl.org>
Date:   Wed May 27 17:12:13 2015 +0200

    Use CRYPTO_memcmp when comparing authenticators
    
    Pointed out by Victor Vasiliev (vasilvv at mit.edu) via Adam Langley
    (Google).
    
    Reviewed-by: Rich Salz <rsalz at openssl.org>
    (cherry picked from commit 1e4a355dcabe2f75df5bb8b41b394d37037169d2)

-----------------------------------------------------------------------

Summary of changes:
 crypto/evp/e_aes.c          | 5 +++--
 crypto/evp/e_rc4_hmac_md5.c | 3 ++-
 crypto/modes/gcm128.c       | 2 +-
 crypto/pkcs12/p12_mutl.c    | 3 ++-
 ssl/s3_cbc.c                | 2 +-
 5 files changed, 9 insertions(+), 6 deletions(-)

diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c
index af4aa18..33cbed8 100644
--- a/crypto/evp/e_aes.c
+++ b/crypto/evp/e_aes.c
@@ -50,6 +50,7 @@
 
 #include <openssl/opensslconf.h>
 #ifndef OPENSSL_NO_AES
+#include <openssl/crypto.h>
 # include <openssl/evp.h>
 # include <openssl/err.h>
 # include <string.h>
@@ -1455,7 +1456,7 @@ static int aes_gcm_tls_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
         /* Retrieve tag */
         CRYPTO_gcm128_tag(&gctx->gcm, ctx->buf, EVP_GCM_TLS_TAG_LEN);
         /* If tag mismatch wipe buffer */
-        if (memcmp(ctx->buf, in + len, EVP_GCM_TLS_TAG_LEN)) {
+        if (CRYPTO_memcmp(ctx->buf, in + len, EVP_GCM_TLS_TAG_LEN)) {
             OPENSSL_cleanse(out, len);
             goto err;
         }
@@ -1895,7 +1896,7 @@ static int aes_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
             !CRYPTO_ccm128_decrypt(ccm, in, out, len)) {
             unsigned char tag[16];
             if (CRYPTO_ccm128_tag(ccm, tag, cctx->M)) {
-                if (!memcmp(tag, ctx->buf, cctx->M))
+                if (!CRYPTO_memcmp(tag, ctx->buf, cctx->M))
                     rv = len;
             }
         }
diff --git a/crypto/evp/e_rc4_hmac_md5.c b/crypto/evp/e_rc4_hmac_md5.c
index e6b0cdf..2da1117 100644
--- a/crypto/evp/e_rc4_hmac_md5.c
+++ b/crypto/evp/e_rc4_hmac_md5.c
@@ -54,6 +54,7 @@
 
 #if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_MD5)
 
+# include <openssl/crypto.h>
 # include <openssl/evp.h>
 # include <openssl/objects.h>
 # include <openssl/rc4.h>
@@ -210,7 +211,7 @@ static int rc4_hmac_md5_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
             MD5_Update(&key->md, mac, MD5_DIGEST_LENGTH);
             MD5_Final(mac, &key->md);
 
-            if (memcmp(out + plen, mac, MD5_DIGEST_LENGTH))
+            if (CRYPTO_memcmp(out + plen, mac, MD5_DIGEST_LENGTH))
                 return 0;
         } else {
             MD5_Update(&key->md, out + md5_off, len - md5_off);
diff --git a/crypto/modes/gcm128.c b/crypto/modes/gcm128.c
index 24a84a7..881b223 100644
--- a/crypto/modes/gcm128.c
+++ b/crypto/modes/gcm128.c
@@ -1704,7 +1704,7 @@ int CRYPTO_gcm128_finish(GCM128_CONTEXT *ctx, const unsigned char *tag,
     ctx->Xi.u[1] ^= ctx->EK0.u[1];
 
     if (tag && len <= sizeof(ctx->Xi))
-        return memcmp(ctx->Xi.c, tag, len);
+        return CRYPTO_memcmp(ctx->Xi.c, tag, len);
     else
         return -1;
 }
diff --git a/crypto/pkcs12/p12_mutl.c b/crypto/pkcs12/p12_mutl.c
index 256b210..5ab4bf2 100644
--- a/crypto/pkcs12/p12_mutl.c
+++ b/crypto/pkcs12/p12_mutl.c
@@ -60,6 +60,7 @@
 #ifndef OPENSSL_NO_HMAC
 # include <stdio.h>
 # include "cryptlib.h"
+# include <openssl/crypto.h>
 # include <openssl/hmac.h>
 # include <openssl/rand.h>
 # include <openssl/pkcs12.h>
@@ -123,7 +124,7 @@ int PKCS12_verify_mac(PKCS12 *p12, const char *pass, int passlen)
         return 0;
     }
     if ((maclen != (unsigned int)p12->mac->dinfo->digest->length)
-        || memcmp(mac, p12->mac->dinfo->digest->data, maclen))
+        || CRYPTO_memcmp(mac, p12->mac->dinfo->digest->data, maclen))
         return 0;
     return 1;
 }
diff --git a/ssl/s3_cbc.c b/ssl/s3_cbc.c
index c43402d..a0edcef 100644
--- a/ssl/s3_cbc.c
+++ b/ssl/s3_cbc.c
@@ -149,7 +149,7 @@ int tls1_cbc_remove_padding(const SSL *s,
      */
     if ((s->options & SSL_OP_TLS_BLOCK_PADDING_BUG) && !s->expand) {
         /* First packet is even in size, so check */
-        if ((memcmp(s->s3->read_sequence, "\0\0\0\0\0\0\0\0", 8) == 0) &&
+        if ((CRYPTO_memcmp(s->s3->read_sequence, "\0\0\0\0\0\0\0\0", 8) == 0) &&
             !(padding_length & 1)) {
             s->s3->flags |= TLS1_FLAGS_TLS_PADDING_BUG;
         }

More information about the openssl-commits mailing list