mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-31 06:25:31 +00:00
Code Issues Releases Wiki Activity

[master] timing safe memory comparisons

Browse Source 
4183.	[cleanup]	Use timing-safe memory comparisons in cryptographic
			code. Also, the timing-safe comparison functions have
			been renamed to avoid possible confusion with
			memcmp(). [RT #40148]
This commit is contained in:
Evan Hunt
2015-08-17 18:26:44 -07:00
parent 486c763015
commit 420a43c8d8
21 changed files with 175 additions and 97 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
lib/dns/opensslrsa_link.c
View File

@@ -650,9 +650,10 @@ opensslrsa_verify2(dst_context_t *dctx, int maxbits, const isc_region_t *sig) {
DST_R_VERIFYFAILURE));
if (status != (int)(prefixlen + digestlen))
return (DST_R_VERIFYFAILURE);
if (memcmp(original, prefix, prefixlen))
if (!isc_safe_memequal(original, prefix, prefixlen))
return (DST_R_VERIFYFAILURE);
if (memcmp(original + prefixlen, digest, digestlen))
if (!isc_safe_memequal(original + prefixlen,
digest, digestlen))
return (DST_R_VERIFYFAILURE);
status = 1;
}