shithub: riscv

Download patch

ref: 8a60d9e2a8dc5b81b44426002b03110ef391f618
parent: efd3ac8a2328d1baf55c296a00807052473d549e
author: cinap_lenrek <cinap_lenrek@felloff.net>
date: Wed Dec 16 16:23:40 EST 2015 

libsec: use tsmemcmp() when comparing hashes, use mpfield() for ecc, use mptober() when right adjusting mpint to bytes


--- a/sys/src/libsec/port/ecc.c
+++ b/sys/src/libsec/port/ecc.c
@@ -517,7 +517,6 @@
 {
 	mpint *n, *b, *r;
 	char *t;
-	int l;
 	
 	n = mpnew(0);
 	r = mpnew(0);
@@ -535,9 +534,7 @@
 		mpmul(n, b, n);
 		mpadd(n, r, n);
 	}
-	memset(dst, 0, len);
-	l = (mpsignif(n) + 7) / 8;
-	mptobe(n, dst + (len - l), l, nil);
+	mptober(n, dst, len);
 	mpfree(n);
 	mpfree(r);
 	mpfree(b);
--- a/sys/src/libsec/port/tlshand.c
+++ b/sys/src/libsec/port/tlshand.c
@@ -901,7 +901,7 @@
 	epm = nil;
 
 	memset(&dom, 0, sizeof(dom));
-	dom.p = strtomp(nc->p, nil, 16, nil);
+	dom.p = mpfield(strtomp(nc->p, nil, 16, nil));
 	dom.a = strtomp(nc->a, nil, 16, nil);
 	dom.b = strtomp(nc->b, nil, 16, nil);
 	dom.n = strtomp(nc->n, nil, 16, nil);
@@ -926,14 +926,6 @@
 
 	if(dom.p == nil || dom.a == nil || dom.b == nil || dom.n == nil || dom.h == nil)
 		goto Out;
-	if(Q.x == nil || Q.y == nil || Q.d == nil)
-		goto Out;
-	if(G.x == nil || G.y == nil)
-		goto Out;
-	if(K.x == nil || K.y == nil)
-		goto Out;
-	if(Y.x == nil || Y.y == nil)
-		goto Out;
 
 	dom.G = strtoec(&dom, nc->G, nil, &G);
 	if(dom.G == nil)
@@ -1005,7 +997,7 @@
 		else {
 			md5(blob->data, blob->len, hashes, nil);
 			sha1(blob->data, blob->len, hashes+MD5dlen, nil);
-			if(memcmp(buf, hashes, sizeof(hashes)) != 0)
+			if(tsmemcmp(buf, hashes, sizeof(hashes)) != 0)
 				err = "digests did not match";
 		}
 		free(buf);
@@ -2069,7 +2061,7 @@
 static int
 finishedMatch(TlsConnection *c, Finished *f)
 {
-	return memcmp(f->verify, c->finished.verify, f->n) == 0;
+	return tsmemcmp(f->verify, c->finished.verify, f->n) == 0;
 }
 
 // free memory associated with TlsConnection struct
@@ -2767,7 +2759,7 @@
 	n = (mpsignif(big)+7)/8;
 	if(n == 0) n = 1;
 	ans = newbytes(n);
-	ans->len = mptobe(big, ans->data, n, nil);
+	mptober(big, ans->data, ans->len);
 	return ans;
 }
 
--- a/sys/src/libsec/port/x509.c
+++ b/sys/src/libsec/port/x509.c
@@ -2246,7 +2246,7 @@
 		return e;
 	if(digestalg[sigalg]->len != edigestlen)
 		return "bad digest length";
-	if(memcmp(digest, edigest, edigestlen) != 0)
+	if(tsmemcmp(digest, edigest, edigestlen) != 0)
 		return "digests did not match";
 	return nil;
 }
@@ -2262,7 +2262,7 @@
 	if(e != nil)
 		return e;
 	(*digestalg[sigalg]->fun)(data, datalen, edigest, nil);
-	if(memcmp(digest, edigest, digestalg[sigalg]->len) != 0)
+	if(tsmemcmp(digest, edigest, digestalg[sigalg]->len) != 0)
 		return "digests did not match";
 	return nil;
 }