alex/esp-idf
alex/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf.git synced 2024-10-05 20:47:46 -04:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

protocomm: Updated function for constant time buffer comparison

Browse Source 
- mbedtls_ssl_safer_memcmp() -> mbedtls_ct_memcmp()
This commit is contained in:
Laukik Hase 2022-01-03 10:14:55 +05:30
parent 76a29cd68d
commit 09de379731
2 changed files with 7 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
components/protocomm/src/security/security1.c
View File

@ -1,16 +1,8 @@
// Copyright 2018 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
/*
* SPDX-FileCopyrightText: 2018-2022 Espressif Systems (Shanghai) CO LTD
*
* SPDX-License-Identifier: Apache-2.0
*/
#include <stdio.h>
#include <stdlib.h>
@ -25,6 +17,7 @@
#include <mbedtls/ecdh.h>
#include <mbedtls/error.h>
#include <mbedtls/ssl_internal.h>
#include <mbedtls/constant_time.h>
#include <protocomm_security.h>
#include <protocomm_security1.h>
@ -116,7 +109,7 @@ static esp_err_t handle_session_command1(session_t *cur_session,
hexdump("Dec Client verifier", check_buf, sizeof(check_buf));
/* constant time memcmp */
if (mbedtls_ssl_safer_memcmp(check_buf, cur_session->device_pubkey,
if (mbedtls_ct_memcmp(check_buf, cur_session->device_pubkey,
sizeof(cur_session->device_pubkey)) != 0) {
ESP_LOGE(TAG, "Key mismatch. Close connection");
mbedtls_aes_free(&cur_session->ctx_aes);

1
tools/ci/check_copyright_ignore.txt
View File

@ -1503,7 +1503,6 @@ components/protocomm/python/session_pb2.py
components/protocomm/src/common/protocomm.c
components/protocomm/src/common/protocomm_priv.h
components/protocomm/src/security/security0.c
components/protocomm/src/security/security1.c
components/protocomm/src/transports/protocomm_console.c
components/protocomm/test/test_protocomm.c
components/pthread/include/esp_pthread.h