yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-23 04:45:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Changed mbedtls_platform_memcmp to memcmp for places that don't have critical data and are under baremetal

Browse Source 
Changed back because we don't wan't to slow down the performance more than we must.
This commit is contained in:
Teppo Järvelin 2019-10-03 15:36:59 +03:00
parent 61f412eb58
commit 650343cdcd
3 changed files with 13 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
library/asn1write.c
View File

@ -33,6 +33,7 @@
#if defined(MBEDTLS_PLATFORM_C) #if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h" #include "mbedtls/platform.h"
#include "mbedtls/platform_util.h"
#else #else
#include <stdlib.h> #include <stdlib.h>
#define mbedtls_calloc calloc #define mbedtls_calloc calloc

17
library/ssl_tls.c
View File

@ -2883,7 +2883,7 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl,
* Match record's CID with incoming CID. * Match record's CID with incoming CID.
*/ */
if( rec->cid_len != transform->in_cid_len || if( rec->cid_len != transform->in_cid_len ||
mbedtls_platform_memcmp( rec->cid, transform->in_cid, rec->cid_len ) != 0 ) memcmp( rec->cid, transform->in_cid, rec->cid_len ) != 0 ) // use regular memcmp as CID is not that critical
{ {
return( MBEDTLS_ERR_SSL_UNEXPECTED_CID ); return( MBEDTLS_ERR_SSL_UNEXPECTED_CID );
} }
@ -6013,7 +6013,7 @@ static int ssl_buffer_message( mbedtls_ssl_context *ssl )
else else
{ {
/* Make sure msg_type and length are consistent */ /* Make sure msg_type and length are consistent */
if( mbedtls_platform_memcmp( hs_buf->data, ssl->in_msg, 4 ) != 0 ) if( memcmp( hs_buf->data, ssl->in_msg, 4 ) != 0 ) // use regular memcmp as msg type is not that critical
{ {
MBEDTLS_SSL_DEBUG_MSG( 1, ( "Fragment header mismatch - ignore" ) ); MBEDTLS_SSL_DEBUG_MSG( 1, ( "Fragment header mismatch - ignore" ) );
/* Ignore */ /* Ignore */
@ -7086,7 +7086,7 @@ static int ssl_srv_check_client_no_crt_notification( mbedtls_ssl_context *ssl )
if( ssl->in_hslen == 3 + mbedtls_ssl_hs_hdr_len( ssl ) && if( ssl->in_hslen == 3 + mbedtls_ssl_hs_hdr_len( ssl ) &&
ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE && ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE &&
ssl->in_msg[0] == MBEDTLS_SSL_HS_CERTIFICATE && ssl->in_msg[0] == MBEDTLS_SSL_HS_CERTIFICATE &&
mbedtls_platform_memcmp( ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ), "\0\0\0", 3 ) == 0 ) memcmp( ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ), "\0\0\0", 3 ) == 0 ) // use regular memcmp as this compare is not that critical
{ {
MBEDTLS_SSL_DEBUG_MSG( 1, ( "TLSv1 client has no certificate" ) ); MBEDTLS_SSL_DEBUG_MSG( 1, ( "TLSv1 client has no certificate" ) );
return( 0 ); return( 0 );
@ -9961,7 +9961,8 @@ static int ssl_session_load( mbedtls_ssl_session *session,
if( (size_t)( end - p ) < sizeof( ssl_serialized_session_header ) ) if( (size_t)( end - p ) < sizeof( ssl_serialized_session_header ) )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
if( mbedtls_platform_memcmp( p, ssl_serialized_session_header, // use regular memcmp as session header is not that critical
if( memcmp( p, ssl_serialized_session_header,
sizeof( ssl_serialized_session_header ) ) != 0 ) sizeof( ssl_serialized_session_header ) ) != 0 )
{ {
return( MBEDTLS_ERR_SSL_VERSION_MISMATCH ); return( MBEDTLS_ERR_SSL_VERSION_MISMATCH );
@ -10403,9 +10404,10 @@ static int ssl_check_ctr_renegotiate( mbedtls_ssl_context *ssl )
return( 0 ); return( 0 );
} }
in_ctr_cmp = mbedtls_platform_memcmp( ssl->in_ctr + ep_len, // use regular memcmp as counters are not that critical
in_ctr_cmp = memcmp( ssl->in_ctr + ep_len,
ssl->conf->renego_period + ep_len, 8 - ep_len ); ssl->conf->renego_period + ep_len, 8 - ep_len );
out_ctr_cmp = mbedtls_platform_memcmp( ssl->cur_out_ctr + ep_len, out_ctr_cmp = memcmp( ssl->cur_out_ctr + ep_len,
ssl->conf->renego_period + ep_len, 8 - ep_len ); ssl->conf->renego_period + ep_len, 8 - ep_len );
if( in_ctr_cmp <= 0 && out_ctr_cmp <= 0 ) if( in_ctr_cmp <= 0 && out_ctr_cmp <= 0 )
@ -11448,7 +11450,8 @@ static int ssl_context_load( mbedtls_ssl_context *ssl,
if( (size_t)( end - p ) < sizeof( ssl_serialized_context_header ) ) if( (size_t)( end - p ) < sizeof( ssl_serialized_context_header ) )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
if( mbedtls_platform_memcmp( p, ssl_serialized_context_header, // use regular memcmp as header is not that critical
if( memcmp( p, ssl_serialized_context_header,
sizeof( ssl_serialized_context_header ) ) != 0 ) sizeof( ssl_serialized_context_header ) ) != 0 )
{ {
return( MBEDTLS_ERR_SSL_VERSION_MISMATCH ); return( MBEDTLS_ERR_SSL_VERSION_MISMATCH );

3
library/x509.c
View File

@ -588,8 +588,9 @@ int mbedtls_x509_name_cmp_raw( mbedtls_x509_buf_raw const *a,
if( ret != 0 ) if( ret != 0 )
goto exit; goto exit;
// use regular memcmp as oid is not that critical
if( oid[0].len != oid[1].len || if( oid[0].len != oid[1].len ||
mbedtls_platform_memcmp( oid[0].p, oid[1].p, oid[1].len ) != 0 ) memcmp( oid[0].p, oid[1].p, oid[1].len ) != 0 )
{ {
return( 1 ); return( 1 );
} }