From: Tomas Mraz Date: Tue, 12 May 2026 12:39:06 +0000 (+0200) Subject: Use CRYPTO_memcmp() when comparing the private keys X-Git-Url: http://git.ipfire.org/gitweb/index.cgi?a=commitdiff_plain;h=af87fcd2596ee8687266c41a77e8ab67cb48cd65;p=thirdparty%2Fopenssl.git Use CRYPTO_memcmp() when comparing the private keys ML-DSA and SLH-DSA used regular memcmp, use CRYPTO_memcmp() just in case. Reviewed-by: Paul Dale Reviewed-by: David von Oheimb Reviewed-by: Eugene Syromiatnikov Reviewed-by: Tom Cosgrove MergeDate: Thu May 14 09:29:14 2026 (Merged from https://github.com/openssl/openssl/pull/31155) --- diff --git a/crypto/ml_dsa/ml_dsa_key.c b/crypto/ml_dsa/ml_dsa_key.c index 24fa7596e2f..6b5b8b092fb 100644 --- a/crypto/ml_dsa/ml_dsa_key.c +++ b/crypto/ml_dsa/ml_dsa_key.c @@ -293,7 +293,7 @@ int ossl_ml_dsa_key_equal(const ML_DSA_KEY *key1, const ML_DSA_KEY *key2, if (!key_checked && (selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) { if (key1->priv_encoding != NULL && key2->priv_encoding != NULL) { - if (memcmp(key1->priv_encoding, key2->priv_encoding, + if (CRYPTO_memcmp(key1->priv_encoding, key2->priv_encoding, key1->params->sk_len) != 0) return 0; diff --git a/crypto/slh_dsa/slh_dsa_key.c b/crypto/slh_dsa/slh_dsa_key.c index 8401fd6283b..2ac0b4d589e 100644 --- a/crypto/slh_dsa/slh_dsa_key.c +++ b/crypto/slh_dsa/slh_dsa_key.c @@ -202,7 +202,7 @@ int ossl_slh_dsa_key_equal(const SLH_DSA_KEY *key1, const SLH_DSA_KEY *key2, if (!key_checked && (selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) { if (key1->has_priv && key2->has_priv) { - if (memcmp(key1->priv, key2->priv, + if (CRYPTO_memcmp(key1->priv, key2->priv, key1->params->pk_len) != 0) return 0;