From c3d2f2361ccfbba1f7dd050f41e0d3273eb7782f Mon Sep 17 00:00:00 2001 From: Laukik Hase Date: Mon, 3 Jan 2022 10:14:55 +0530 Subject: [PATCH] protocomm: Updated function for constant time buffer comparison - mbedtls_ssl_safer_memcmp() -> mbedtls_ct_memcmp() --- components/protocomm/src/security/security1.c | 21 +++++++------------ 1 file changed, 7 insertions(+), 14 deletions(-) diff --git a/components/protocomm/src/security/security1.c b/components/protocomm/src/security/security1.c index c32c51aeca..d9365f5027 100644 --- a/components/protocomm/src/security/security1.c +++ b/components/protocomm/src/security/security1.c @@ -1,16 +1,8 @@ -// Copyright 2018 Espressif Systems (Shanghai) PTE LTD -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. +/* + * SPDX-FileCopyrightText: 2018-2022 Espressif Systems (Shanghai) CO LTD + * + * SPDX-License-Identifier: Apache-2.0 + */ #include #include @@ -25,6 +17,7 @@ #include #include #include +#include #include #include @@ -116,7 +109,7 @@ static esp_err_t handle_session_command1(session_t *cur_session, hexdump("Dec Client verifier", check_buf, sizeof(check_buf)); /* constant time memcmp */ - if (mbedtls_ssl_safer_memcmp(check_buf, cur_session->device_pubkey, + if (mbedtls_ct_memcmp(check_buf, cur_session->device_pubkey, sizeof(cur_session->device_pubkey)) != 0) { ESP_LOGE(TAG, "Key mismatch. Close connection"); mbedtls_aes_free(&cur_session->ctx_aes);