aboutsummaryrefslogtreecommitdiffstats
path: root/crypto/evp/e_aes_cbc_hmac_sha1.c
diff options
context:
space:
mode:
authorJung-uk Kim <jkim@FreeBSD.org>2016-05-03 18:00:27 +0000
committerJung-uk Kim <jkim@FreeBSD.org>2016-05-03 18:00:27 +0000
commit57f1256b1a087adbdf8e5c080dd9ed7975de939a (patch)
tree2dd85c58056a364765d9ae59d6a1774d41f88523 /crypto/evp/e_aes_cbc_hmac_sha1.c
parent9aeed18ad799c20d3accf6e1535817538dc983f6 (diff)
downloadsrc-57f1256b1a087adbdf8e5c080dd9ed7975de939a.tar.gz
src-57f1256b1a087adbdf8e5c080dd9ed7975de939a.zip
Import OpenSSL 1.0.2h.vendor/openssl/1.0.2h
Notes
Notes: svn path=/vendor-crypto/openssl/dist/; revision=298991 svn path=/vendor-crypto/openssl/1.0.2h/; revision=298992; tag=vendor/openssl/1.0.2h
Diffstat (limited to 'crypto/evp/e_aes_cbc_hmac_sha1.c')
-rw-r--r--crypto/evp/e_aes_cbc_hmac_sha1.c3
1 files changed, 3 insertions, 0 deletions
diff --git a/crypto/evp/e_aes_cbc_hmac_sha1.c b/crypto/evp/e_aes_cbc_hmac_sha1.c
index 8330964ee16b..6dfd590a4a2c 100644
--- a/crypto/evp/e_aes_cbc_hmac_sha1.c
+++ b/crypto/evp/e_aes_cbc_hmac_sha1.c
@@ -60,6 +60,7 @@
# include <openssl/sha.h>
# include <openssl/rand.h>
# include "modes_lcl.h"
+# include "constant_time_locl.h"
# ifndef EVP_CIPH_FLAG_AEAD_CIPHER
# define EVP_CIPH_FLAG_AEAD_CIPHER 0x200000
@@ -578,6 +579,8 @@ static int aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
maxpad |= (255 - maxpad) >> (sizeof(maxpad) * 8 - 8);
maxpad &= 255;
+ ret &= constant_time_ge(maxpad, pad);
+
inp_len = len - (SHA_DIGEST_LENGTH + pad + 1);
mask = (0 - ((inp_len - len) >> (sizeof(inp_len) * 8 - 1)));
inp_len &= mask;