safe_memcmp: remove in favor of gnutls_memcmp

Signed-off-by: Daiki Ueno <ueno@gnu.org>

diff --git a/lib/accelerated/x86/aes-xts-x86-aesni.c b/lib/accelerated/x86/aes-xts-x86-aesni.c
index 3371d0812d4251664ae07e273fe794b59633e1f7..b904cbf0085182b30b535b897c0714a5fd6d8513 100644 (file)
--- a/lib/accelerated/x86/aes-xts-x86-aesni.c
+++ b/lib/accelerated/x86/aes-xts-x86-aesni.c
@@ -72,7 +72,7 @@ x86_aes_xts_cipher_setkey(void *_ctx, const void *userkey, size_t keysize)
 
        /* Check key block according to FIPS-140-2 IG A.9 */
        if (_gnutls_fips_mode_enabled()){
-               if (safe_memcmp(key, key + (keysize / 2), keysize / 2) == 0) {
+               if (gnutls_memcmp(key, key + (keysize / 2), keysize / 2) == 0) {
                        _gnutls_switch_lib_state(LIB_STATE_ERROR);
                        return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
                }

diff --git a/lib/ext/pre_shared_key.c b/lib/ext/pre_shared_key.c
index fef67d341c1d2c3799235066ff79661ee6ca64fa..240be216254671bbb26820d42be3035e2e80f40e 100644 (file)
--- a/lib/ext/pre_shared_key.c
+++ b/lib/ext/pre_shared_key.c
@@ -650,7 +650,7 @@ static int server_recv_params(gnutls_session_t session,
        }
 
        if (_gnutls_mac_get_algo_len(prf) != binder_recvd.size ||
-           safe_memcmp(binder_value, binder_recvd.data, binder_recvd.size)) {
+           gnutls_memcmp(binder_value, binder_recvd.data, binder_recvd.size)) {
                gnutls_assert();
                ret = GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER;
                goto fail;

diff --git a/lib/mem.h b/lib/mem.h
index dc838a2b4d0dbe2dca889a158951f07a7b3314a5..d3eea97a408dbaeb121572c77c493eec48f3eb9b 100644 (file)
--- a/lib/mem.h
+++ b/lib/mem.h
@@ -35,15 +35,6 @@ char *_gnutls_strdup(const char *);
 
 unsigned _gnutls_mem_is_zero(const uint8_t *ptr, unsigned size);
 
-/* To avoid undefined behavior when s1 or s2 are null and n = 0 */
-inline static
-int safe_memcmp(const void *s1, const void *s2, size_t n)
-{
-       if (n == 0)
-               return 0;
-       return memcmp(s1, s2, n);
-}
-
 #define zrelease_mpi_key(mpi) if (*mpi!=NULL) { \
                _gnutls_mpi_clear(*mpi); \
                _gnutls_mpi_release(mpi); \

diff --git a/lib/nettle/cipher.c b/lib/nettle/cipher.c
index b0a52deb5345fe402eecd96c6c405f7533367bcd..ec0c1ab04377385df3f1b16a3472f6acddb3204d 100644 (file)
--- a/lib/nettle/cipher.c
+++ b/lib/nettle/cipher.c
@@ -482,7 +482,7 @@ _xts_aes128_set_encrypt_key(struct xts_aes128_key *xts_key,
                            const uint8_t *key)
 {
        if (_gnutls_fips_mode_enabled() &&
-           safe_memcmp(key, key + AES128_KEY_SIZE, AES128_KEY_SIZE) == 0)
+           gnutls_memcmp(key, key + AES128_KEY_SIZE, AES128_KEY_SIZE) == 0)
                _gnutls_switch_lib_state(LIB_STATE_ERROR);
 
        xts_aes128_set_encrypt_key(xts_key, key);
@@ -493,7 +493,7 @@ _xts_aes128_set_decrypt_key(struct xts_aes128_key *xts_key,
                            const uint8_t *key)
 {
        if (_gnutls_fips_mode_enabled() &&
-           safe_memcmp(key, key + AES128_KEY_SIZE, AES128_KEY_SIZE) == 0)
+           gnutls_memcmp(key, key + AES128_KEY_SIZE, AES128_KEY_SIZE) == 0)
                _gnutls_switch_lib_state(LIB_STATE_ERROR);
 
        xts_aes128_set_decrypt_key(xts_key, key);
@@ -504,7 +504,7 @@ _xts_aes256_set_encrypt_key(struct xts_aes256_key *xts_key,
                            const uint8_t *key)
 {
        if (_gnutls_fips_mode_enabled() &&
-           safe_memcmp(key, key + AES256_KEY_SIZE, AES256_KEY_SIZE) == 0)
+           gnutls_memcmp(key, key + AES256_KEY_SIZE, AES256_KEY_SIZE) == 0)
                _gnutls_switch_lib_state(LIB_STATE_ERROR);
 
        xts_aes256_set_encrypt_key(xts_key, key);
@@ -515,7 +515,7 @@ _xts_aes256_set_decrypt_key(struct xts_aes256_key *xts_key,
                            const uint8_t *key)
 {
        if (_gnutls_fips_mode_enabled() &&
-           safe_memcmp(key, key + AES256_KEY_SIZE, AES256_KEY_SIZE) == 0)
+           gnutls_memcmp(key, key + AES256_KEY_SIZE, AES256_KEY_SIZE) == 0)
                _gnutls_switch_lib_state(LIB_STATE_ERROR);
 
        xts_aes256_set_decrypt_key(xts_key, key);

diff --git a/lib/tls13/finished.c b/lib/tls13/finished.c
index 68eab993ea595bca988287457d9877743ab42f7c..ec646e6732c3a3f6cf3e5919936b780ad35d03a2 100644 (file)
--- a/lib/tls13/finished.c
+++ b/lib/tls13/finished.c
@@ -112,7 +112,7 @@ int _gnutls13_recv_finished(gnutls_session_t session)
 #if defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION)
 # warning This is unsafe for production builds
 #else
-       if (safe_memcmp(verifier, buf.data, buf.length) != 0) {
+       if (gnutls_memcmp(verifier, buf.data, buf.length) != 0) {
                gnutls_assert();
                ret = GNUTLS_E_ERROR_IN_FINISHED_PACKET;
                goto cleanup;

diff --git a/lib/x509/x509.c b/lib/x509/x509.c
index 2091f3ae643b5cec630a245a1d307335183eb4cc..2b68fe440e0b0002261c39f4dbd4b248a2c8944f 100644 (file)
--- a/lib/x509/x509.c
+++ b/lib/x509/x509.c
@@ -360,7 +360,8 @@ static int compare_sig_algorithm(gnutls_x509_crt_t cert)
        }
 
        if (empty1 != empty2 ||
-           sp1.size != sp2.size || safe_memcmp(sp1.data, sp2.data, sp1.size) != 0) {
+           sp1.size != sp2.size ||
+           (sp1.size > 0 && memcmp(sp1.data, sp2.data, sp1.size) != 0)) {
                gnutls_assert();
                ret = GNUTLS_E_CERTIFICATE_ERROR;
                goto cleanup;