commit 4602564d7a588cc8f2df57d9a8fdddbf06c1ff80
author gabor-mezei-arm <gabor.mezei@arm.com> Mon Jul 19 15:19:19 2021 +0200
committer gabor-mezei-arm <gabor.mezei@arm.com> Tue Sep 28 16:33:47 2021 +0200
tree a7956cc5039db275eb8620b854fa1c13e18b9077
parent 2dcd7686cef78bd13caf72766883cf796649f26f

Unify memcmp functions

Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>

library/ssl_msg.c

diff --git a/library/ssl_msg.c b/library/ssl_msg.c
index f8f3660..55be047 100644
--- a/library/ssl_msg.c
+++ b/library/ssl_msg.c
@@ -1172,7 +1172,7 @@
              *
              * Afterwards, we know that data + data_len is followed by at
              * least maclen Bytes, which justifies the call to
-             * mbedtls_ssl_safer_memcmp() below.
+             * mbedtls_cf_memcmp() below.
              *
              * Further, we still know that data_len > minlen */
             rec->data_len -= transform->maclen;
@@ -1195,8 +1195,8 @@
                                    transform->maclen );
 
             /* Compare expected MAC with MAC at the end of the record. */
-            if( mbedtls_ssl_safer_memcmp( data + rec->data_len, mac_expect,
-                                          transform->maclen ) != 0 )
+            if( mbedtls_cf_memcmp( data + rec->data_len, mac_expect,
+                                              transform->maclen ) != 0 )
             {
                 MBEDTLS_SSL_DEBUG_MSG( 1, ( "message mac does not match" ) );
                 return( MBEDTLS_ERR_SSL_INVALID_MAC );
@@ -1406,8 +1406,8 @@
         MBEDTLS_SSL_DEBUG_BUF( 4, "message  mac", mac_peer, transform->maclen );
 #endif
 
-        if( mbedtls_ssl_safer_memcmp( mac_peer, mac_expect,
-                                      transform->maclen ) != 0 )
+        if( mbedtls_cf_memcmp( mac_peer, mac_expect,
+                                          transform->maclen ) != 0 )
         {
 #if defined(MBEDTLS_SSL_DEBUG_ALL)
             MBEDTLS_SSL_DEBUG_MSG( 1, ( "message mac does not match" ) );