diff options
| author | nagendra modadugu <ngm@google.com> | 2016-11-10 15:19:09 -0800 |
|---|---|---|
| committer | chrome-bot <chrome-bot@chromium.org> | 2016-11-11 14:27:23 -0800 |
| commit | d7222a4956de9412fcca8a0d34c206e5dbd79abb (patch) | |
| tree | 3e83ecf417cc421523f85dc5e19799a21bc23f9a /chip/g/dcrypto/dcrypto.h | |
| parent | d558d2bee1322c925364e46ae3cc5ed2bb5075d6 (diff) | |
| download | chrome-ec-d7222a4956de9412fcca8a0d34c206e5dbd79abb.tar.gz | |
CR50: add a constant time buffer equals implementation
Various cryptographic operations leak timing
information if comparisons are not executed
in constant time. This change adds DCRYPTO_equals(),
a constant runtime comparator.
Also replace crypto related callsites that used
memcmp() as a binary comparator.
BUG=none
BRANCH=none
TEST=tcg tests pass
Change-Id: I3d3da3c0524c3a349d60675902d1f2d338ad455f
Signed-off-by: nagendra modadugu <ngm@google.com>
Reviewed-on: https://chromium-review.googlesource.com/410163
Commit-Ready: Nagendra Modadugu <ngm@google.com>
Tested-by: Nagendra Modadugu <ngm@google.com>
Reviewed-by: Marius Schilder <mschilder@chromium.org>
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Diffstat (limited to 'chip/g/dcrypto/dcrypto.h')
| -rw-r--r-- | chip/g/dcrypto/dcrypto.h | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/chip/g/dcrypto/dcrypto.h b/chip/g/dcrypto/dcrypto.h index 4f4c2df5ff..cfe24ff0f6 100644 --- a/chip/g/dcrypto/dcrypto.h +++ b/chip/g/dcrypto/dcrypto.h @@ -179,4 +179,9 @@ int DCRYPTO_bn_div(struct LITE_BIGNUM *quotient, struct LITE_BIGNUM *remainder, int DCRYPTO_x509_verify(const uint8_t *cert, size_t len, const struct RSA *ca_pub_key); +/* + * Memory related functions. + */ +int DCRYPTO_equals(const void *a, const void *b, size_t len); + #endif /* ! __EC_CHIP_G_DCRYPTO_DCRYPTO_H */ |