b621fb503c
To avoid timing side-channel attacks, it is needed to use a constant time memory comparison function when comparing hashes. The affected code only cheks for equality so it isn't needed to use any variant of memcmp(), bcmp() is enough. Also, timingsafe_bcmp() is as fast as memcmp() when the two compared regions are equal, so this change incurrs no performance hit in said case. In case they are unequal, the boot sequence wouldn't continue as normal, so performance is not an issue. Change-Id: I1c7c70ddfa4438e6031c8814411fef79fd3bb4df Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com> |
||
|---|---|---|
| .. | ||
| mbedtls_common.c | ||
| mbedtls_common.mk | ||
| mbedtls_crypto.c | ||
| mbedtls_crypto.mk | ||
| mbedtls_x509.mk | ||
| mbedtls_x509_parser.c | ||