From owner-p4-projects@FreeBSD.ORG Mon Sep 8 04:52:30 2014 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 83CDC87B; Mon, 8 Sep 2014 04:52:30 +0000 (UTC) Delivered-To: perforce@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D57C53C0 for ; Mon, 8 Sep 2014 04:51:02 +0000 (UTC) Received: from skunkworks.freebsd.org (skunkworks.freebsd.org [IPv6:2001:1900:2254:2068::682:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 64E8A1E47 for ; Mon, 8 Sep 2014 04:51:02 +0000 (UTC) Received: from skunkworks.freebsd.org ([127.0.1.74]) by skunkworks.freebsd.org (8.14.9/8.14.9) with ESMTP id s884p2kC026667 for ; Mon, 8 Sep 2014 04:51:02 GMT (envelope-from jmg@freebsd.org) Received: (from perforce@localhost) by skunkworks.freebsd.org (8.14.9/8.14.9/Submit) id s884p2T4026663 for perforce@freebsd.org; Mon, 8 Sep 2014 04:51:02 GMT (envelope-from jmg@freebsd.org) Date: Mon, 8 Sep 2014 04:51:02 GMT Message-Id: <201409080451.s884p2T4026663@skunkworks.freebsd.org> X-Authentication-Warning: skunkworks.freebsd.org: perforce set sender to jmg@freebsd.org using -f From: John-Mark Gurney Subject: PERFORCE change 1199447 for review To: Perforce Change Reviews Precedence: bulk X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.18-1 List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 08 Sep 2014 04:52:30 -0000 http://p4web.freebsd.org/@@1199447?ac=10 Change 1199447 by jmg@jmg_carbon2 on 2014/08/27 22:48:16 import OpenBSD's timingsafe_bcmp and use that for tag comparision... Affected files ... .. //depot/projects/opencrypto/sys/conf/files#6 edit .. //depot/projects/opencrypto/sys/libkern/timingsafe_bcmp.c#1 add .. //depot/projects/opencrypto/sys/opencrypto/cryptosoft.c#8 edit .. //depot/projects/opencrypto/sys/sys/libkern.h#2 edit Differences ... ==== //depot/projects/opencrypto/sys/conf/files#6 (text+ko) ==== @@ -3177,6 +3177,7 @@ libkern/strtoul.c standard libkern/strtouq.c standard libkern/strvalid.c standard +libkern/timingsafe_bcmp.c standard net/bpf.c standard net/bpf_buffer.c optional bpf net/bpf_jitter.c optional bpf_jitter ==== //depot/projects/opencrypto/sys/opencrypto/cryptosoft.c#8 (text+ko) ==== @@ -481,10 +481,7 @@ crypto_copydata(crp->crp_flags, buf, crda->crd_inject, axf->hashsize, uaalg); - r = 0; - for (i = 0; i < axf->hashsize; i++) - r |= aalg[i] ^ uaalg[i]; - + r = timingsafe_bcmp(aalg, uaalg, axf->hashsize); if (r == 0) { /* tag matches, decrypt data */ for (i = 0; i < crde->crd_len; i += blksz) { ==== //depot/projects/opencrypto/sys/sys/libkern.h#2 (text+ko) ==== @@ -80,6 +80,8 @@ uint32_t arc4random(void); void arc4rand(void *ptr, u_int len, int reseed); int bcmp(const void *, const void *, size_t); +int timingsafe_bcmp(const void *, const void *, size_t); + void *bsearch(const void *, const void *, size_t, size_t, int (*)(const void *, const void *)); #ifndef HAVE_INLINE_FFS