CVSROOT: /cvs Module name: src Changes by: [email protected] 2025/06/03 02:42:15
Modified files:
lib/libcrypto/pkcs12: p12_mutl.c
lib/libcrypto/evp: e_aes.c
lib/libcrypto/aes: aes.c
Log message:
Use timingsafe_memcmp when comparing authenticators
Replace memcmp() with timingsafe_memcmp() for authentication tag
comparison in AES-CCM, GCM, PKCS12 and AES key unwrap code paths
to ensure constant-time behavior and avoid potential timing side
channels.
This aligns with OpenSSL 1e4a355.
ok tb@
