diff options
| author | Jerome Forissier <jerome.forissier@linaro.org> | 2019-02-14 14:54:34 +0100 |
|---|---|---|
| committer | Jérôme Forissier <jerome.forissier@linaro.org> | 2019-02-25 14:23:58 +0100 |
| commit | 48e106048dce669b9e5f334f08397923f94b2c67 (patch) | |
| tree | f8812ac8d52f89dced6b159230723c6ba7eaa42f /core/lib | |
| parent | 65551e69a006c496fb18d8374389b7b3617c2076 (diff) | |
libutils: remove buf_compare_ct()
Now that we have consttime_memcmp(), buf_compare_ct() is redundant.
Every time buf_compare_ct() is used, consttime_memcmp() may be used
instead.
This commit removes buf_compare_ct(). A compatibility wrapper is kept
in <string_ext.h> to avoid knowingly breaking the build of any TA that
may use it.
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Diffstat (limited to 'core/lib')
| -rw-r--r-- | core/lib/libtomcrypt/include/tomcrypt_custom.h | 2 | ||||
| -rw-r--r-- | core/lib/libtomcrypt/src/tee_ltc_provider.c | 6 |
2 files changed, 4 insertions, 4 deletions
diff --git a/core/lib/libtomcrypt/include/tomcrypt_custom.h b/core/lib/libtomcrypt/include/tomcrypt_custom.h index 1bb2f024..fef2035a 100644 --- a/core/lib/libtomcrypt/include/tomcrypt_custom.h +++ b/core/lib/libtomcrypt/include/tomcrypt_custom.h @@ -83,7 +83,7 @@ #endif #ifndef XMEM_NEQ #include <string_ext.h> -#define XMEM_NEQ buf_compare_ct +#define XMEM_NEQ consttime_memcmp #endif #ifndef XSTRCMP #ifdef strcmp diff --git a/core/lib/libtomcrypt/src/tee_ltc_provider.c b/core/lib/libtomcrypt/src/tee_ltc_provider.c index a679898c..8df13f80 100644 --- a/core/lib/libtomcrypt/src/tee_ltc_provider.c +++ b/core/lib/libtomcrypt/src/tee_ltc_provider.c @@ -2501,7 +2501,7 @@ TEE_Result crypto_aes_ccm_dec_final(void *ctx, const uint8_t *src_data, if (ltc_res != CRYPT_OK) return TEE_ERROR_BAD_STATE; - if (buf_compare_ct(dst_tag, tag, tag_len) != 0) + if (consttime_memcmp(dst_tag, tag, tag_len) != 0) res = TEE_ERROR_MAC_INVALID; else res = TEE_SUCCESS; @@ -2675,7 +2675,7 @@ TEE_Result crypto_aes_gcm_dec_final(void *ctx, const uint8_t *src_data, if (ltc_res != CRYPT_OK) return TEE_ERROR_BAD_STATE; - if (buf_compare_ct(dst_tag, tag, tag_len) != 0) + if (consttime_memcmp(dst_tag, tag, tag_len) != 0) res = TEE_ERROR_MAC_INVALID; else res = TEE_SUCCESS; @@ -2723,7 +2723,7 @@ TEE_Result hash_sha256_check(const uint8_t *hash, const uint8_t *data, return TEE_ERROR_GENERIC; if (sha256_done(&hs, digest) != CRYPT_OK) return TEE_ERROR_GENERIC; - if (buf_compare_ct(digest, hash, sizeof(digest)) != 0) + if (consttime_memcmp(digest, hash, sizeof(digest)) != 0) return TEE_ERROR_SECURITY; return TEE_SUCCESS; } |