crypto/openssl: fix usage of non constant time memcmp

author Arek Kusztal <arkadiuszx.kusztal@intel.com>

Fri, 31 May 2019 06:59:28 +0000 (08:59 +0200)

committer Akhil Goyal <akhil.goyal@nxp.com>

Fri, 5 Jul 2019 12:52:25 +0000 (14:52 +0200)
author Arek Kusztal <arkadiuszx.kusztal@intel.com>
Fri, 31 May 2019 06:59:28 +0000 (08:59 +0200)
committer Akhil Goyal <akhil.goyal@nxp.com>
Fri, 5 Jul 2019 12:52:25 +0000 (14:52 +0200)
diff --git a/drivers/crypto/openssl/rte_openssl_pmd.c b/drivers/crypto/openssl/rte_openssl_pmd.c

index 6504959..73ce383 100644 (file)
--- a/drivers/crypto/openssl/rte_openssl_pmd.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd.c
@@ -1529,7 +1529,7 @@ process_openssl_auth_op(struct openssl_qp *qp, struct rte_crypto_op *op,
         }
  
         if (sess->auth.operation == RTE_CRYPTO_AUTH_OP_VERIFY) {
-               if (memcmp(dst, op->sym->auth.digest.data,
+               if (CRYPTO_memcmp(dst, op->sym->auth.digest.data,
                                 sess->auth.digest_length) != 0) {
                         op->status = RTE_CRYPTO_OP_STATUS_AUTH_FAILED;
                 }
@@ -1914,7 +1914,7 @@ process_openssl_rsa_op(struct rte_crypto_op *cop,
                                 "Length of public_decrypt %d "
                                 "length of message %zd\n",
                                 ret, op->rsa.message.length);
-               if ((ret <= 0) || (memcmp(tmp, op->rsa.message.data,
+               if ((ret <= 0) || (CRYPTO_memcmp(tmp, op->rsa.message.data,
                                 op->rsa.message.length))) {
                         OPENSSL_LOG(ERR, "RSA sign Verification failed");
                         cop->status = RTE_CRYPTO_OP_STATUS_ERROR;
author	Arek Kusztal <arkadiuszx.kusztal@intel.com>
	Fri, 31 May 2019 06:59:28 +0000 (08:59 +0200)
committer	Akhil Goyal <akhil.goyal@nxp.com>
	Fri, 5 Jul 2019 12:52:25 +0000 (14:52 +0200)