Skip to content

GitLab

Why GitLab
Pricing
Contact Sales
Explore

Sign in
Get free trial

libssh project
libssh-mirror
Merge requests
!150

Fix mbed TLS ChaCha20 and Poly1305 usage and use constant time comparison for authentication tags

Review changes
Download
Patches
Plain diff

Anderson Sasaki requested to merge ansasaki/libssh-mirror:fix_mac_cmp into master Dec 11, 2020

Overview 47
Commits 5
Pipelines 27
Changes 21

Previously the implementation of chacha20-poly1305 using ChaCha20 and Poly1305 from mbed TLS wasn't used, being the internal implementation always used instead.

With this, the chacha20-poly1305 will use the mbed TLS implementation when provided.

This also changes the authentication tag check to use a constant time comparison instead of memcmp in all back-ends.

Checklist

Commits have Signed-off-by: with name/author being identical to the commit author
Code modified for feature
Test suite updated with functionality tests
Test suite updated with negative tests
Documentation updated

Reviewer's checklist:

Any issues marked for closing are addressed
There is a test suite reasonably covering new functionality or modifications
Function naming, parameters, return values, types, etc., are consistent and according to CONTRIBUTING.md
This feature/change has adequate documentation added
No obvious mistakes in the code

Edited Jan 13, 2021 by Anderson Sasaki

Merge request reports

Assignee

Select assignees

Reviewers

Request review from

Time tracking