Remove last use of non-bit operations
According to https://www.bearssl.org/ctmul.html even single-precision multiplication is not constant-time on some older platforms. An added benefit of the new code is that it removes the somewhat mysterious constant 0x1ff - which was selected because at that point the maximum value of padlen was 256. The new code is perhaps a bit more readable for that reason. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
This commit is contained in:
parent
2a59fb45b5
commit
822b3729e7
1 changed files with 1 additions and 1 deletions
|
@ -1679,7 +1679,7 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl,
|
|||
if( padlen > 0 && correct == 0 )
|
||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad padding byte detected" ) );
|
||||
#endif
|
||||
padlen &= correct * 0x1FF;
|
||||
padlen &= mbedtls_ssl_cf_mask_from_bit( correct );
|
||||
}
|
||||
else
|
||||
#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \
|
||||
|
|
Loading…
Reference in a new issue