From 2d1819455cb4c516f6cdf81c11e869a23dee3e6b Mon Sep 17 00:00:00 2001 From: Cory Fields Date: Thu, 4 Apr 2024 19:56:21 +0000 Subject: [PATCH] crypto: chacha20: always use our fallback timingsafe_bcmp rather than libc's Looking at apple/freebsd/openbsd sources, their implementations match our naive fallback. It's not worth the hassle of using a platform-specific function for no gain. --- configure.ac | 2 -- src/crypto/chacha20poly1305.cpp | 13 ++----------- 2 files changed, 2 insertions(+), 13 deletions(-) diff --git a/configure.ac b/configure.ac index 964b7d0942f..19a60dfbcbc 100644 --- a/configure.ac +++ b/configure.ac @@ -968,8 +968,6 @@ AC_CHECK_DECLS([setsid]) AC_CHECK_DECLS([pipe2]) -AC_CHECK_FUNCS([timingsafe_bcmp]) - AC_MSG_CHECKING([for __builtin_clzl]) AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ ]], [[ (void) __builtin_clzl(0); diff --git a/src/crypto/chacha20poly1305.cpp b/src/crypto/chacha20poly1305.cpp index 3e8051c2dc4..b969bb1a299 100644 --- a/src/crypto/chacha20poly1305.cpp +++ b/src/crypto/chacha20poly1305.cpp @@ -2,10 +2,6 @@ // Distributed under the MIT software license, see the accompanying // file COPYING or http://www.opensource.org/licenses/mit-license.php. -#if defined(HAVE_CONFIG_H) -#include -#endif - #include #include @@ -30,10 +26,7 @@ void AEADChaCha20Poly1305::SetKey(Span key) noexcept namespace { -#ifndef HAVE_TIMINGSAFE_BCMP -#define HAVE_TIMINGSAFE_BCMP - -int timingsafe_bcmp(const unsigned char* b1, const unsigned char* b2, size_t n) noexcept +int timingsafe_bcmp_internal(const unsigned char* b1, const unsigned char* b2, size_t n) noexcept { const unsigned char *p1 = b1, *p2 = b2; int ret = 0; @@ -42,8 +35,6 @@ int timingsafe_bcmp(const unsigned char* b1, const unsigned char* b2, size_t n) return (ret != 0); } -#endif - /** Compute poly1305 tag. chacha20 must be set to the right nonce, block 0. Will be at block 1 after. */ void ComputeTag(ChaCha20& chacha20, Span aad, Span cipher, Span tag) noexcept { @@ -97,7 +88,7 @@ bool AEADChaCha20Poly1305::Decrypt(Span cipher, Span