Removed further timing differences during SSL message decryption in ssl_decrypt_buf() New padding checking is unbiased on correct or incorrect padding and has no branch prediction timing differences. The additional MAC checks further straighten out the timing differences. (cherry picked from commit e47b34bdc8507b63758402f69e7623d11dfb6984) Conflicts: ChangeLog library/ssl_tls.c

commit: 0a971b5dc823fe509de85eb8c560bb1de99b6c85 [log] [tgz]
author: Paul Bakker <p.j.bakker@polarssl.org> Mon Mar 11 16:08:06 2013 +0100
committer: Paul Bakker <p.j.bakker@polarssl.org> Mon Mar 11 16:08:06 2013 +0100
tree: 504043505dff774db0d55afa2d445ae8ed3d814f
parent: f6bff2a3008c9bce5e909f85b48f203725d44078 [diff] [blame]
diff --git a/library/sha2.c b/library/sha2.c
index 4b5e696..ec87d18 100644
--- a/library/sha2.c
+++ b/library/sha2.c

@@ -97,7 +97,7 @@
     ctx->is224 = is224;
 }
 
-static void sha2_process( sha2_context *ctx, const unsigned char data[64] )
+void sha2_process( sha2_context *ctx, const unsigned char data[64] )
 {
     unsigned long temp1, temp2, W[64];
     unsigned long A, B, C, D, E, F, G, H;
commit	0a971b5dc823fe509de85eb8c560bb1de99b6c85	[log] [tgz]
author	Paul Bakker <p.j.bakker@polarssl.org>	Mon Mar 11 16:08:06 2013 +0100
committer	Paul Bakker <p.j.bakker@polarssl.org>	Mon Mar 11 16:08:06 2013 +0100
tree	504043505dff774db0d55afa2d445ae8ed3d814f
parent	f6bff2a3008c9bce5e909f85b48f203725d44078 [diff] [blame]