Added gnutls_memcmp() and exported it.

diff --git a/lib/Makefile.am b/lib/Makefile.am
index febc59bbaa4c3e857ed96b568624a61dd97bc6c9..528c23f984e257b36fcc6cf791656d1535af2ba2 100644 (file)
--- a/lib/Makefile.am
+++ b/lib/Makefile.am
@@ -82,7 +82,7 @@ COBJECTS = gnutls_range.c gnutls_record.c \
        random.c crypto-api.c gnutls_privkey.c gnutls_pcert.c           \
        gnutls_pubkey.c locks.c gnutls_dtls.c system_override.c \
        crypto-backend.c verify-tofu.c pin.c tpm.c fips.c \
-       safe-memset.c inet_pton.c atfork.c atfork.h
+       safe-memfuncs.c inet_pton.c atfork.c atfork.h
 
 if ENABLE_SELF_CHECKS
 COBJECTS += crypto-selftests.c crypto-selftests-pk.c

diff --git a/lib/crypto-api.c b/lib/crypto-api.c
index c7add3e6b9ac16ab375c1fa067290398efa91c21..d0e30b7e49ef2524977c38081ff4a422d620ec81 100644 (file)
--- a/lib/crypto-api.c
+++ b/lib/crypto-api.c
@@ -714,7 +714,7 @@ gnutls_aead_cipher_decrypt(gnutls_aead_cipher_hd_t handle,
 
        ptr = ctext;
        ptr += ctext_len;
-       if (memcmp(ptr, tag, h->tag_size) != 0)
+       if (gnutls_memcmp(ptr, tag, h->tag_size) != 0)
                return gnutls_assert_val(GNUTLS_E_DECRYPTION_FAILED);
        h->nonce_set = 0;
 

diff --git a/lib/ext/session_ticket.c b/lib/ext/session_ticket.c
index 84b7d69dbff5a33b8a3fd08e36a151a215773f6d..159c501d136c8d4de7d825cf9ce8e5e74dfca5d4 100644 (file)
--- a/lib/ext/session_ticket.c
+++ b/lib/ext/session_ticket.c
@@ -119,7 +119,7 @@ decrypt_ticket(gnutls_session_t session, session_ticket_ext_st * priv,
        }
        
        _gnutls_cipher_tag(&cipher_hd, final, TAG_SIZE);
-       if (memcmp(ticket->tag, final, TAG_SIZE) != 0) {
+       if (gnutls_memcmp(ticket->tag, final, TAG_SIZE) != 0) {
                gnutls_assert();
                ret = GNUTLS_E_DECRYPTION_FAILED;
                goto cleanup;

diff --git a/lib/gnutls_cipher.c b/lib/gnutls_cipher.c
index 32d4576136d44b8f5dc7ec66004d6f8db2d1b42b..ec68238c0ccdb4236b5a9cb8223a485f92e0fe0b 100644 (file)
--- a/lib/gnutls_cipher.c
+++ b/lib/gnutls_cipher.c
@@ -538,7 +538,7 @@ ciphertext_to_compressed(gnutls_session_t session,
                if (unlikely(ret < 0))
                        return gnutls_assert_val(ret);
                
-               if (unlikely(memcmp(tag, &ciphertext->data[ciphertext->size-tag_size], tag_size) != 0)) {
+               if (unlikely(gnutls_memcmp(tag, &ciphertext->data[ciphertext->size-tag_size], tag_size) != 0)) {
                        /* HMAC was not the same. */
                        return gnutls_assert_val(GNUTLS_E_DECRYPTION_FAILED);
                }
@@ -798,7 +798,7 @@ ciphertext_to_compressed(gnutls_session_t session,
                 * a memcmp comparison is negligible over the crypto operations.
                 */
                if (unlikely
-                   (memcmp(tag, tag_ptr, tag_size) != 0 || pad_failed != 0)) {
+                   (gnutls_memcmp(tag, tag_ptr, tag_size) != 0 || pad_failed != 0)) {
                        /* HMAC was not the same. */
                        dummy_wait(params, compressed, pad_failed, pad,
                                   length + preamble_size);

diff --git a/lib/includes/gnutls/gnutls.h.in b/lib/includes/gnutls/gnutls.h.in
index 908f056d086037ce04495d846b856e68ec192982..d017c793456cdd1779ebc1fe580f1524ea691c61 100644 (file)
--- a/lib/includes/gnutls/gnutls.h.in
+++ b/lib/includes/gnutls/gnutls.h.in
@@ -1517,6 +1517,9 @@ extern _SYM_EXPORT char *(*gnutls_strdup) (const char *);
 /* a variant of memset that doesn't get optimized out */
 void gnutls_memset(void *data, int c, size_t size);
 
+/* constant time memcmp */
+int gnutls_memcmp(const void *s1, const void *s2, size_t n);
+
 typedef void (*gnutls_log_func) (int, const char *);
 typedef void (*gnutls_audit_log_func) (gnutls_session_t, const char *);
 void gnutls_global_set_log_function(gnutls_log_func log_func);

diff --git a/lib/libgnutls.map b/lib/libgnutls.map
index 0dd9de02464836759755f3241d0bc5282fc5e142..26ed6ac7fa3cd1e4cf63ffa300c43f892dc95ea8 100644 (file)
--- a/lib/libgnutls.map
+++ b/lib/libgnutls.map
@@ -1059,6 +1059,7 @@ GNUTLS_3_1_0 {
        gnutls_aead_cipher_deinit;
        gnutls_dh_params_import_raw2;
        gnutls_memset;
+       gnutls_memcmp;
        gnutls_pkcs12_bag_set_privkey;
 } GNUTLS_3_0_0;
 

diff --git a/lib/safe-memset.c b/lib/safe-memfuncs.c
similarity index 72%
rename from lib/safe-memset.c
rename to lib/safe-memfuncs.c
index c9593578227994ccd0a89de40b521dea65c8fc9c..e18eff403cf66fff34c1b46f56929a32144032ee 100644 (file)
--- a/lib/safe-memset.c
+++ b/lib/safe-memfuncs.c
@@ -24,7 +24,7 @@
 # include <gnutls_int.h>
 #endif
 
-/*-
+/**
  * gnutls_memset:
  * @data: the memory to set
  * @c: the constant byte to fill the memory with
@@ -35,8 +35,8 @@
  *
  * Returns: void.
  *
- * Since: 3.3.3
- -*/
+ * Since: 3.4.0
+ **/
 void gnutls_memset(void *data, int c, size_t size)
 {
        volatile unsigned volatile_zero = 0;
@@ -53,6 +53,34 @@ void gnutls_memset(void *data, int c, size_t size)
        }
 }
 
+/**
+ * gnutls_memcmp:
+ * @s1: the first address to compare
+ * @s2: the second address to compare
+ * @n: the size of memory to compare
+ *
+ * This function will operate similarly to memcmp(), but instead
+ * of comparing it will return 0 on memory match and non-zero
+ * on difference.
+ *
+ * Returns: void.
+ *
+ * Since: 3.4.0
+ **/
+int gnutls_memcmp(const void *s1, const void *s2, size_t n)
+{
+       unsigned i;
+       unsigned status = 0;
+       const uint8_t *_s1 = s1;
+       const uint8_t *_s2 = s2;
+
+       for (i=0;i<n;i++) {
+               status |= (_s1[i] ^ _s2[i]);
+       }
+
+       return status;
+}
+
 #ifdef TEST_SAFE_MEMSET
 int main()
 {