Replaced mbedtls_ssl_safer_memcmp with mbedtls_platform_memcmp Saves some bytes and mbedtls_platform_memcmp is a bit safer for side channel attacks.

commit: 707ceb88f042570e655e906218b3dd1d944ed333 [log] [tgz]
author: Teppo Järvelin <teppo.jarvelin@arm.com> Fri Oct 04 07:49:39 2019 +0300
committer: Teppo Järvelin <teppo.jarvelin@arm.com> Fri Oct 04 08:52:00 2019 +0300
tree: c4db7178273a03a202759d4c9b40e50b1d06cfa1
parent: 650343cdcd3e93b00b1f4ad58045728ce7ab8bfe [diff]
diff --git a/library/asn1write.c b/library/asn1write.c
index 0ec1647..5c11796 100644
--- a/library/asn1write.c
+++ b/library/asn1write.c

@@ -28,12 +28,12 @@
 #if defined(MBEDTLS_ASN1_WRITE_C)
 
 #include "mbedtls/asn1write.h"
+#include "mbedtls/platform_util.h"
 
 #include <string.h>
 
 #if defined(MBEDTLS_PLATFORM_C)
 #include "mbedtls/platform.h"
-#include "mbedtls/platform_util.h"
 #else
 #include <stdlib.h>
 #define mbedtls_calloc    calloc

diff --git a/library/pkwrite.c b/library/pkwrite.c
index f6ff89b..d3febd2 100644
--- a/library/pkwrite.c
+++ b/library/pkwrite.c

@@ -40,7 +40,6 @@
 #if defined(MBEDTLS_ECP_C)
 #include "mbedtls/bignum.h"
 #include "mbedtls/ecp.h"
-#include "mbedtls/platform_util.h"
 #endif
 #if defined(MBEDTLS_ECDSA_C)
 #include "mbedtls/ecdsa.h"

diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index 16f1513..16f1329 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c

@@ -1152,9 +1152,9 @@
         /* Check verify-data in constant-time. The length OTOH is no secret */
         if( len    != 1 + ssl->verify_data_len * 2 ||
             buf[0] !=     ssl->verify_data_len * 2 ||
-            mbedtls_ssl_safer_memcmp( buf + 1,
+            mbedtls_platform_memcmp( buf + 1,
                           ssl->own_verify_data, ssl->verify_data_len ) != 0 ||
-            mbedtls_ssl_safer_memcmp( buf + 1 + ssl->verify_data_len,
+            mbedtls_platform_memcmp( buf + 1 + ssl->verify_data_len,
                           ssl->peer_verify_data, ssl->verify_data_len ) != 0 )
         {
             MBEDTLS_SSL_DEBUG_MSG( 1, ( "non-matching renegotiation info" ) );

diff --git a/library/ssl_cookie.c b/library/ssl_cookie.c
index 67f9114..d6c5443 100644
--- a/library/ssl_cookie.c
+++ b/library/ssl_cookie.c

@@ -229,7 +229,7 @@
     if( ret != 0 )
         return( ret );
 
-    if( mbedtls_ssl_safer_memcmp( cookie + 4, ref_hmac, sizeof( ref_hmac ) ) != 0 )
+    if( mbedtls_platform_memcmp( cookie + 4, ref_hmac, sizeof( ref_hmac ) ) != 0 )
         return( -1 );
 
 #if defined(MBEDTLS_HAVE_TIME)

diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index c9b03f5..b41ba32 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c

@@ -160,7 +160,7 @@
         /* Check verify-data in constant-time. The length OTOH is no secret */
         if( len    != 1 + ssl->verify_data_len ||
             buf[0] !=     ssl->verify_data_len ||
-            mbedtls_ssl_safer_memcmp( buf + 1, ssl->peer_verify_data,
+            mbedtls_platform_memcmp( buf + 1, ssl->peer_verify_data,
                           ssl->verify_data_len ) != 0 )
         {
             MBEDTLS_SSL_DEBUG_MSG( 1, ( "non-matching renegotiation info" ) );
@@ -4089,7 +4089,7 @@
         /* Identity is not a big secret since clients send it in the clear,
          * but treat it carefully anyway, just in case */
         if( n != ssl->conf->psk_identity_len ||
-            mbedtls_ssl_safer_memcmp( ssl->conf->psk_identity, *p, n ) != 0 )
+            mbedtls_platform_memcmp( ssl->conf->psk_identity, *p, n ) != 0 )
         {
             ret = MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY;
         }

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 12a4338..ed14cb3 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c

@@ -3083,7 +3083,7 @@
              *
              * Afterwards, we know that data + data_len is followed by at
              * least maclen Bytes, which justifies the call to
-             * mbedtls_ssl_safer_memcmp() below.
+             * mbedtls_platform_memcmp() below.
              *
              * Further, we still know that data_len > minlen */
             rec->data_len -= transform->maclen;
@@ -3105,7 +3105,7 @@
                                    transform->maclen );
 
             /* Compare expected MAC with MAC at the end of the record. */
-            if( mbedtls_ssl_safer_memcmp( data + rec->data_len, mac_expect,
+            if( mbedtls_platform_memcmp( data + rec->data_len, mac_expect,
                                           transform->maclen ) != 0 )
             {
                 MBEDTLS_SSL_DEBUG_MSG( 1, ( "message mac does not match" ) );
@@ -3444,7 +3444,7 @@
         MBEDTLS_SSL_DEBUG_BUF( 4, "message  mac", data + rec->data_len, transform->maclen );
 #endif
 
-        if( mbedtls_ssl_safer_memcmp( data + rec->data_len, mac_expect,
+        if( mbedtls_platform_memcmp( data + rec->data_len, mac_expect,
                                       transform->maclen ) != 0 )
         {
 #if defined(MBEDTLS_SSL_DEBUG_ALL)
@@ -7913,7 +7913,7 @@
         return( MBEDTLS_ERR_SSL_BAD_HS_FINISHED );
     }
 
-    if( mbedtls_ssl_safer_memcmp( ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ),
+    if( mbedtls_platform_memcmp( ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ),
                       buf, hash_len ) != 0 )
     {
         MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad finished message" ) );
commit	707ceb88f042570e655e906218b3dd1d944ed333	[log] [tgz]
author	Teppo Järvelin <teppo.jarvelin@arm.com>	Fri Oct 04 07:49:39 2019 +0300
committer	Teppo Järvelin <teppo.jarvelin@arm.com>	Fri Oct 04 08:52:00 2019 +0300
tree	c4db7178273a03a202759d4c9b40e50b1d06cfa1
parent	650343cdcd3e93b00b1f4ad58045728ce7ab8bfe [diff]