libsec: use tsmemcmp() when comparing hashes, use mpfield() for ecc, use mptober() when right adjusting mpint to bytes
This commit is contained in:
parent
efd3ac8a23
commit
8a60d9e2a8
3 changed files with 7 additions and 18 deletions
|
@ -517,7 +517,6 @@ base58dec(char *src, uchar *dst, int len)
|
|||
{
|
||||
mpint *n, *b, *r;
|
||||
char *t;
|
||||
int l;
|
||||
|
||||
n = mpnew(0);
|
||||
r = mpnew(0);
|
||||
|
@ -535,9 +534,7 @@ base58dec(char *src, uchar *dst, int len)
|
|||
mpmul(n, b, n);
|
||||
mpadd(n, r, n);
|
||||
}
|
||||
memset(dst, 0, len);
|
||||
l = (mpsignif(n) + 7) / 8;
|
||||
mptobe(n, dst + (len - l), l, nil);
|
||||
mptober(n, dst, len);
|
||||
mpfree(n);
|
||||
mpfree(r);
|
||||
mpfree(b);
|
||||
|
|
|
@ -901,7 +901,7 @@ tlsSecECDHEc(TlsSec *sec, uchar *srandom, int vers, int curve, Bytes *Ys)
|
|||
epm = nil;
|
||||
|
||||
memset(&dom, 0, sizeof(dom));
|
||||
dom.p = strtomp(nc->p, nil, 16, nil);
|
||||
dom.p = mpfield(strtomp(nc->p, nil, 16, nil));
|
||||
dom.a = strtomp(nc->a, nil, 16, nil);
|
||||
dom.b = strtomp(nc->b, nil, 16, nil);
|
||||
dom.n = strtomp(nc->n, nil, 16, nil);
|
||||
|
@ -926,14 +926,6 @@ tlsSecECDHEc(TlsSec *sec, uchar *srandom, int vers, int curve, Bytes *Ys)
|
|||
|
||||
if(dom.p == nil || dom.a == nil || dom.b == nil || dom.n == nil || dom.h == nil)
|
||||
goto Out;
|
||||
if(Q.x == nil || Q.y == nil || Q.d == nil)
|
||||
goto Out;
|
||||
if(G.x == nil || G.y == nil)
|
||||
goto Out;
|
||||
if(K.x == nil || K.y == nil)
|
||||
goto Out;
|
||||
if(Y.x == nil || Y.y == nil)
|
||||
goto Out;
|
||||
|
||||
dom.G = strtoec(&dom, nc->G, nil, &G);
|
||||
if(dom.G == nil)
|
||||
|
@ -1005,7 +997,7 @@ verifyDHparams(TlsConnection *c, Bytes *par, Bytes *sig, int sigalg)
|
|||
else {
|
||||
md5(blob->data, blob->len, hashes, nil);
|
||||
sha1(blob->data, blob->len, hashes+MD5dlen, nil);
|
||||
if(memcmp(buf, hashes, sizeof(hashes)) != 0)
|
||||
if(tsmemcmp(buf, hashes, sizeof(hashes)) != 0)
|
||||
err = "digests did not match";
|
||||
}
|
||||
free(buf);
|
||||
|
@ -2069,7 +2061,7 @@ setVersion(TlsConnection *c, int version)
|
|||
static int
|
||||
finishedMatch(TlsConnection *c, Finished *f)
|
||||
{
|
||||
return memcmp(f->verify, c->finished.verify, f->n) == 0;
|
||||
return tsmemcmp(f->verify, c->finished.verify, f->n) == 0;
|
||||
}
|
||||
|
||||
// free memory associated with TlsConnection struct
|
||||
|
@ -2767,7 +2759,7 @@ mptobytes(mpint* big)
|
|||
n = (mpsignif(big)+7)/8;
|
||||
if(n == 0) n = 1;
|
||||
ans = newbytes(n);
|
||||
ans->len = mptobe(big, ans->data, n, nil);
|
||||
mptober(big, ans->data, ans->len);
|
||||
return ans;
|
||||
}
|
||||
|
||||
|
|
|
@ -2246,7 +2246,7 @@ X509verifydigest(uchar *sig, int siglen, uchar *edigest, int edigestlen, RSApub
|
|||
return e;
|
||||
if(digestalg[sigalg]->len != edigestlen)
|
||||
return "bad digest length";
|
||||
if(memcmp(digest, edigest, edigestlen) != 0)
|
||||
if(tsmemcmp(digest, edigest, edigestlen) != 0)
|
||||
return "digests did not match";
|
||||
return nil;
|
||||
}
|
||||
|
@ -2262,7 +2262,7 @@ X509verifydata(uchar *sig, int siglen, uchar *data, int datalen, RSApub *pk)
|
|||
if(e != nil)
|
||||
return e;
|
||||
(*digestalg[sigalg]->fun)(data, datalen, edigest, nil);
|
||||
if(memcmp(digest, edigest, digestalg[sigalg]->len) != 0)
|
||||
if(tsmemcmp(digest, edigest, digestalg[sigalg]->len) != 0)
|
||||
return "digests did not match";
|
||||
return nil;
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue