diff --git a/include/mbedtls/platform_util.h b/include/mbedtls/platform_util.h index c65c8532b..68b488716 100644 --- a/include/mbedtls/platform_util.h +++ b/include/mbedtls/platform_util.h @@ -217,6 +217,32 @@ void *mbedtls_platform_memcpy( void *dst, const void *src, size_t num ); */ int mbedtls_platform_memmove( void *dst, const void *src, size_t num ); +#if !defined(MBEDTLS_DEPRECATED_REMOVED) +#if defined(MBEDTLS_DEPRECATED_WARNING) +#define MBEDTLS_DEPRECATED __attribute__((deprecated)) +#else +#define MBEDTLS_DEPRECATED +#endif + +/** + * \brief Secure memcmp + * + * This is a constant-time version of memcmp(), but without checking + * if the bytes are greater or lower. The order is also randomised + * using the RNG in order to further harden against side-channel attacks. + * + * \param buf1 First buffer to compare. + * \param buf2 Second buffer to compare against. + * \param num The length of the buffers in bytes. + * + * \deprecated Superseded by mbedtls_platform_memequal(), and is only an alias to it. + * + * \return 0 if the buffers were equal or an unspecified non-zero value + * otherwise. + */ +int mbedtls_platform_memcmp( const void *buf1, const void *buf2, size_t num ); + +#endif /** * \brief Secure check if the buffers have the same data. * diff --git a/library/platform_util.c b/library/platform_util.c index 3b098d26b..d62039618 100644 --- a/library/platform_util.c +++ b/library/platform_util.c @@ -230,6 +230,13 @@ int mbedtls_platform_memmove( void *dst, const void *src, size_t num ) return MBEDTLS_ERR_PLATFORM_ALLOC_FAILED; } +#if !defined(MBEDTLS_DEPRECATED_REMOVED) +int mbedtls_platform_memcmp( const void *buf1, const void *buf2, size_t num ) +{ + return( mbedtls_platform_memequal( buf1, buf2, num ) ); +} +#endif /* MBEDTLS_DEPRECATED_REMOVED */ + int mbedtls_platform_memequal( const void *buf1, const void *buf2, size_t num ) { volatile const unsigned char *A = (volatile const unsigned char *) buf1;