From 5b8a1898b2e4fbffc09b29a5225108d0c7b93056 Mon Sep 17 00:00:00 2001
From: tb <tb@openbsd.org>
Date: Mon, 3 Jul 2023 09:59:20 +0000
Subject: [PATCH] Switch ossl_ecdsa_verify() to timingsafe_memcmp()

Requested by jsing
---
 lib/libcrypto/ecdsa/ecs_ossl.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/libcrypto/ecdsa/ecs_ossl.c b/lib/libcrypto/ecdsa/ecs_ossl.c
index 7e03c234ee3..83be5fd38b4 100644
--- a/lib/libcrypto/ecdsa/ecs_ossl.c
+++ b/lib/libcrypto/ecdsa/ecs_ossl.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ecs_ossl.c,v 1.49 2023/07/03 09:55:42 tb Exp $ */
+/* $OpenBSD: ecs_ossl.c,v 1.50 2023/07/03 09:59:20 tb Exp $ */
 /*
  * Written by Nils Larsch for the OpenSSL project
  */
@@ -440,7 +440,7 @@ ossl_ecdsa_verify(int type, const unsigned char *dgst, int dgst_len,
 	/* Ensure signature uses DER and doesn't have trailing garbage */
 	if ((derlen = i2d_ECDSA_SIG(s, &der)) != sig_len)
 		goto err;
-	if (memcmp(sigbuf, der, derlen))
+	if (timingsafe_memcmp(sigbuf, der, derlen))
 		goto err;
 
 	ret = ECDSA_do_verify(dgst, dgst_len, s, eckey);
-- 
2.20.1