Changed every memcmp to SCA equivalent mbedtls_platform_memcmp
This makes physical attacks more difficult.
Selftest memcmp functions were not changed.
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 9810090..3cc6046 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -2883,7 +2883,7 @@
* Match record's CID with incoming CID.
*/
if( rec->cid_len != transform->in_cid_len ||
- memcmp( rec->cid, transform->in_cid, rec->cid_len ) != 0 )
+ mbedtls_platform_memcmp( rec->cid, transform->in_cid, rec->cid_len ) != 0 )
{
return( MBEDTLS_ERR_SSL_UNEXPECTED_CID );
}
@@ -4634,8 +4634,8 @@
static int ssl_hs_is_proper_fragment( mbedtls_ssl_context *ssl )
{
if( ssl->in_msglen < ssl->in_hslen ||
- memcmp( ssl->in_msg + 6, "\0\0\0", 3 ) != 0 ||
- memcmp( ssl->in_msg + 9, ssl->in_msg + 1, 3 ) != 0 )
+ mbedtls_platform_memcmp( ssl->in_msg + 6, "\0\0\0", 3 ) != 0 ||
+ mbedtls_platform_memcmp( ssl->in_msg + 9, ssl->in_msg + 1, 3 ) != 0 )
{
return( 1 );
}
@@ -6013,7 +6013,7 @@
else
{
/* Make sure msg_type and length are consistent */
- if( memcmp( hs_buf->data, ssl->in_msg, 4 ) != 0 )
+ if( mbedtls_platform_memcmp( hs_buf->data, ssl->in_msg, 4 ) != 0 )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "Fragment header mismatch - ignore" ) );
/* Ignore */
@@ -6872,7 +6872,7 @@
if( peer_crt->raw.len != crt_buf_len )
return( -1 );
- return( memcmp( peer_crt->raw.p, crt_buf, crt_buf_len ) );
+ return( mbedtls_platform_memcmp( peer_crt->raw.p, crt_buf, crt_buf_len ) );
}
#elif defined(MBEDTLS_SSL_RENEGOTIATION)
static int ssl_check_peer_crt_unchanged( mbedtls_ssl_context *ssl,
@@ -6903,7 +6903,7 @@
if( ret != 0 )
return( -1 );
- return( memcmp( tmp_digest, peer_cert_digest, digest_len ) );
+ return( mbedtls_platform_memcmp( tmp_digest, peer_cert_digest, digest_len ) );
}
#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE && MBEDTLS_SSL_RENEGOTIATION */
#endif /* MBEDTLS_SSL_RENEGOTIATION && MBEDTLS_SSL_CLI_C */
@@ -7086,7 +7086,7 @@
if( ssl->in_hslen == 3 + mbedtls_ssl_hs_hdr_len( ssl ) &&
ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE &&
ssl->in_msg[0] == MBEDTLS_SSL_HS_CERTIFICATE &&
- memcmp( ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ), "\0\0\0", 3 ) == 0 )
+ mbedtls_platform_memcmp( ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ), "\0\0\0", 3 ) == 0 )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "TLSv1 client has no certificate" ) );
return( 0 );
@@ -9961,7 +9961,7 @@
if( (size_t)( end - p ) < sizeof( ssl_serialized_session_header ) )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
- if( memcmp( p, ssl_serialized_session_header,
+ if( mbedtls_platform_memcmp( p, ssl_serialized_session_header,
sizeof( ssl_serialized_session_header ) ) != 0 )
{
return( MBEDTLS_ERR_SSL_VERSION_MISMATCH );
@@ -10403,9 +10403,9 @@
return( 0 );
}
- in_ctr_cmp = memcmp( ssl->in_ctr + ep_len,
+ in_ctr_cmp = mbedtls_platform_memcmp( ssl->in_ctr + ep_len,
ssl->conf->renego_period + ep_len, 8 - ep_len );
- out_ctr_cmp = memcmp( ssl->cur_out_ctr + ep_len,
+ out_ctr_cmp = mbedtls_platform_memcmp( ssl->cur_out_ctr + ep_len,
ssl->conf->renego_period + ep_len, 8 - ep_len );
if( in_ctr_cmp <= 0 && out_ctr_cmp <= 0 )
@@ -11448,7 +11448,7 @@
if( (size_t)( end - p ) < sizeof( ssl_serialized_context_header ) )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
- if( memcmp( p, ssl_serialized_context_header,
+ if( mbedtls_platform_memcmp( p, ssl_serialized_context_header,
sizeof( ssl_serialized_context_header ) ) != 0 )
{
return( MBEDTLS_ERR_SSL_VERSION_MISMATCH );
@@ -11615,7 +11615,7 @@
for( cur = ssl->conf->alpn_list; *cur != NULL; cur++ )
{
if( strlen( *cur ) == alpn_len &&
- memcmp( p, cur, alpn_len ) == 0 )
+ mbedtls_platform_memcmp( p, cur, alpn_len ) == 0 )
{
ssl->alpn_chosen = *cur;
break;