* tools/nettle-pbkdf2.c (main): Fix some pointer signedness warning.
* tools/nettle-hash.c (hash_file): Likewise.
+ * examples/rsa-decrypt.c (process_file): Use memeql_sec to check
+ the digest.
+
+ * memeql-sec.c (memeql_sec): New public function, moved from...
+ * ccm.c (memeql_sec): ... previous location.
+
+ * memops.h: New header file, generalizing memxor.h.
+
2016-08-29 Niels Möller <nisse@lysator.liu.se>
* sexp-format.c (strlen_u8): New helper function.
knuth-lfib.c \
md2.c md2-meta.c md4.c md4-meta.c \
md5.c md5-compress.c md5-compat.c md5-meta.c \
- memxor.c memxor3.c \
+ memeql-sec.c memxor.c memxor3.c \
nettle-meta-aeads.c nettle-meta-armors.c \
nettle-meta-ciphers.c nettle-meta-hashes.c \
pbkdf2.c pbkdf2-hmac-sha1.c pbkdf2-hmac-sha256.c \
macros.h \
md2.h md4.h \
md5.h md5-compat.h \
- memxor.h \
+ memops.h memxor.h \
nettle-meta.h nettle-types.h \
pbkdf2.h \
pgp.h pkcs1.h realloc.h ripemd160.h rsa.h \
#include "ccm.h"
#include "ctr.h"
-#include "memxor.h"
+#include "memops.h"
#include "nettle-internal.h"
#include "macros.h"
ccm_digest(&ctx, cipher, f, tlength, tag);
}
-/* FIXME: Should be made public, under some suitable name. */
-static int
-memeql_sec (const void *a, const void *b, size_t n)
-{
- volatile const unsigned char *ap = (const unsigned char *) a;
- volatile const unsigned char *bp = (const unsigned char *) b;
- volatile unsigned char d;
- size_t i;
- for (d = i = 0; i < n; i++)
- d |= (ap[i] ^ bp[i]);
- return d == 0;
-}
-
int
ccm_decrypt_message(const void *cipher, nettle_cipher_func *f,
size_t nlength, const uint8_t *nonce,
#include "cbc.h"
#include "hmac.h"
#include "macros.h"
+#include "memops.h"
#include "rsa.h"
#include "yarrow.h"
}
}
hmac_sha1_digest(&ctx->hmac, SHA1_DIGEST_SIZE, digest);
- if (memcmp(digest, buffer + AES_BLOCK_SIZE, SHA1_DIGEST_SIZE) != 0)
+ if (!memeql_sec(digest, buffer + AES_BLOCK_SIZE, SHA1_DIGEST_SIZE))
{
werror("Decryption failed: Invalid mac.\n");
return 0;
--- /dev/null
+/* memeql-sec.c
+
+ Copyright (C) 2016 Niels Möller
+
+ This file is part of GNU Nettle.
+
+ GNU Nettle is free software: you can redistribute it and/or
+ modify it under the terms of either:
+
+ * the GNU Lesser General Public License as published by the Free
+ Software Foundation; either version 3 of the License, or (at your
+ option) any later version.
+
+ or
+
+ * the GNU General Public License as published by the Free
+ Software Foundation; either version 2 of the License, or (at your
+ option) any later version.
+
+ or both in parallel, as here.
+
+ GNU Nettle is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ General Public License for more details.
+
+ You should have received copies of the GNU General Public License and
+ the GNU Lesser General Public License along with this program. If
+ not, see http://www.gnu.org/licenses/.
+*/
+
+#if HAVE_CONFIG_H
+# include "config.h"
+#endif
+
+#include "memops.h"
+
+int
+memeql_sec (const void *a, const void *b, size_t n)
+{
+ volatile const unsigned char *ap = (const unsigned char *) a;
+ volatile const unsigned char *bp = (const unsigned char *) b;
+
+ volatile unsigned char diff;
+ size_t i;
+
+ for (i = diff = 0; i < n; i++)
+ diff |= (ap[i] ^ bp[i]);
+
+ return diff == 0;
+}
--- /dev/null
+/* memops.h
+
+ Copyright (C) 2016 Niels Möller
+
+ This file is part of GNU Nettle.
+
+ GNU Nettle is free software: you can redistribute it and/or
+ modify it under the terms of either:
+
+ * the GNU Lesser General Public License as published by the Free
+ Software Foundation; either version 3 of the License, or (at your
+ option) any later version.
+
+ or
+
+ * the GNU General Public License as published by the Free
+ Software Foundation; either version 2 of the License, or (at your
+ option) any later version.
+
+ or both in parallel, as here.
+
+ GNU Nettle is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ General Public License for more details.
+
+ You should have received copies of the GNU General Public License and
+ the GNU Lesser General Public License along with this program. If
+ not, see http://www.gnu.org/licenses/.
+*/
+
+#ifndef NETTLE_MEMOPS_H_INCLUDED
+#define NETTLE_MEMOPS_H_INCLUDED
+
+#include "memxor.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* Name mangling */
+#define memeql_sec nettle_memeql_sec
+
+int
+memeql_sec (const void *a, const void *b, size_t n);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* NETTLE_MEMOPS_H_INCLUDED */
projects / thirdparty / nettle.git / commitdiff
