TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / a2a1b803da77e6a1fe3f059f2059280a97a95ca2^! / . / library / psa_crypto.c
commita2a1b803da77e6a1fe3f059f2059280a97a95ca2[log] [tgz]
authorSteven Cooreman <steven.cooreman@silabs.com>Thu Apr 29 16:37:59 2021 +0200
committerSteven Cooreman <steven.cooreman@silabs.com>Tue May 11 18:56:01 2021 +0200
treea80e8e714f0f83d71d76cff7da8553a0824210e8
parentb4b9b2879c565a686d797514b0e853d161c6de92 [diff] [blame]
Make safer_memcmp available to all compile units under PSA

Now renamed to mbedtls_psa_safer_memcmp, it provides a single location
for buffer comparison.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 81770bf..dbf05b9 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c

@@ -93,20 +93,6 @@
 
 #define ARRAY_LENGTH( array ) ( sizeof( array ) / sizeof( *( array ) ) )
 
-/* constant-time buffer comparison */
-static inline int safer_memcmp( const uint8_t *a, const uint8_t *b, size_t n )
-{
-    size_t i;
-    unsigned char diff = 0;
-
-    for( i = 0; i < n; i++ )
-        diff |= a[i] ^ b[i];
-
-    return( diff );
-}
-
-
-
 /****************************************************************/
 /* Global data, support functions and library management */
 /****************************************************************/
@@ -2235,7 +2221,7 @@
         return( status );
     if( actual_hash_length != hash_length )
         return( PSA_ERROR_INVALID_SIGNATURE );
-    if( safer_memcmp( hash, actual_hash, actual_hash_length ) != 0 )
+    if( mbedtls_psa_safer_memcmp( hash, actual_hash, actual_hash_length ) != 0 )
         return( PSA_ERROR_INVALID_SIGNATURE );
     return( PSA_SUCCESS );
 }
@@ -2271,7 +2257,7 @@
         return( status );
     if( actual_hash_length != hash_length )
         return( PSA_ERROR_INVALID_SIGNATURE );
-    if( safer_memcmp( hash, actual_hash, actual_hash_length ) != 0 )
+    if( mbedtls_psa_safer_memcmp( hash, actual_hash, actual_hash_length ) != 0 )
         return( PSA_ERROR_INVALID_SIGNATURE );
     return( PSA_SUCCESS );
 }