From 8bb0839555816654df70249771bd02c9a0905786 Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Sun, 9 Aug 2020 02:11:19 -0400 Subject: [PATCH] Add a deprecated version of mbedtls_platform_memcmp. Signed-off-by: Andrzej Kurek --- include/mbedtls/platform_util.h | 26 ++++++++++++++++++++++++++ library/platform_util.c | 7 +++++++ 2 files changed, 33 insertions(+) diff --git a/include/mbedtls/platform_util.h b/include/mbedtls/platform_util.h index c65c8532b..68b488716 100644 --- a/include/mbedtls/platform_util.h +++ b/include/mbedtls/platform_util.h @@ -217,6 +217,32 @@ void *mbedtls_platform_memcpy( void *dst, const void *src, size_t num ); */ int mbedtls_platform_memmove( void *dst, const void *src, size_t num ); +#if !defined(MBEDTLS_DEPRECATED_REMOVED) +#if defined(MBEDTLS_DEPRECATED_WARNING) +#define MBEDTLS_DEPRECATED __attribute__((deprecated)) +#else +#define MBEDTLS_DEPRECATED +#endif + +/** + * \brief Secure memcmp + * + * This is a constant-time version of memcmp(), but without checking + * if the bytes are greater or lower. The order is also randomised + * using the RNG in order to further harden against side-channel attacks. + * + * \param buf1 First buffer to compare. + * \param buf2 Second buffer to compare against. + * \param num The length of the buffers in bytes. + * + * \deprecated Superseded by mbedtls_platform_memequal(), and is only an alias to it. + * + * \return 0 if the buffers were equal or an unspecified non-zero value + * otherwise. + */ +int mbedtls_platform_memcmp( const void *buf1, const void *buf2, size_t num ); + +#endif /** * \brief Secure check if the buffers have the same data. * diff --git a/library/platform_util.c b/library/platform_util.c index 3b098d26b..d62039618 100644 --- a/library/platform_util.c +++ b/library/platform_util.c @@ -230,6 +230,13 @@ int mbedtls_platform_memmove( void *dst, const void *src, size_t num ) return MBEDTLS_ERR_PLATFORM_ALLOC_FAILED; } +#if !defined(MBEDTLS_DEPRECATED_REMOVED) +int mbedtls_platform_memcmp( const void *buf1, const void *buf2, size_t num ) +{ + return( mbedtls_platform_memequal( buf1, buf2, num ) ); +} +#endif /* MBEDTLS_DEPRECATED_REMOVED */ + int mbedtls_platform_memequal( const void *buf1, const void *buf2, size_t num ) { volatile const unsigned char *A = (volatile const unsigned char *) buf1;