Suyu/mbedtls
1
0
Fork 0
mirror of https://git.suyu.dev/suyu/mbedtls.git synced 2025-12-24 00:06:32 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Removed further timing differences during SSL message decryption in ssl_decrypt_buf()

Browse source 
New padding checking is unbiased on correct or incorrect padding and
has no branch prediction timing differences.

The additional MAC checks further straighten out the timing differences.
This commit is contained in:
Paul Bakker 2013-02-27 14:48:00 +01:00
parent 2ca8ad10a1
commit e47b34bdc8
8 changed files with 73 additions and 30 deletions
Download patch file Download diff file Expand all files Collapse all files

2
library/sha2.c
View file

@ -97,7 +97,7 @@ void sha2_starts( sha2_context *ctx, int is224 )
ctx->is224 = is224;
}
static void sha2_process( sha2_context *ctx, const unsigned char data[64] )
void sha2_process( sha2_context *ctx, const unsigned char data[64] )
{
uint32_t temp1, temp2, W[64];
uint32_t A, B, C, D, E, F, G, H;