Rename uint->bool operators to reflect input types
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
This commit is contained in:
parent
4dd89310e9
commit
b7825ceb3e
9 changed files with 44 additions and 43 deletions
|
@ -1728,7 +1728,7 @@ static int mpi_select(mbedtls_mpi *R, const mbedtls_mpi *T, size_t T_size, size_
|
||||||
|
|
||||||
for (size_t i = 0; i < T_size; i++) {
|
for (size_t i = 0; i < T_size; i++) {
|
||||||
MBEDTLS_MPI_CHK(mbedtls_mpi_safe_cond_assign(R, &T[i],
|
MBEDTLS_MPI_CHK(mbedtls_mpi_safe_cond_assign(R, &T[i],
|
||||||
(unsigned char) mbedtls_ct_bool_eq(i, idx)));
|
(unsigned char) mbedtls_ct_uint_eq(i, idx)));
|
||||||
}
|
}
|
||||||
cleanup:
|
cleanup:
|
||||||
return ret;
|
return ret;
|
||||||
|
|
|
@ -149,7 +149,7 @@ mbedtls_ct_condition_t mbedtls_mpi_core_uint_le_mpi(mbedtls_mpi_uint min,
|
||||||
size_t A_limbs)
|
size_t A_limbs)
|
||||||
{
|
{
|
||||||
/* min <= least significant limb? */
|
/* min <= least significant limb? */
|
||||||
mbedtls_ct_condition_t min_le_lsl = mbedtls_ct_bool_ge(A[0], min);
|
mbedtls_ct_condition_t min_le_lsl = mbedtls_ct_uint_ge(A[0], min);
|
||||||
|
|
||||||
/* limbs other than the least significant one are all zero? */
|
/* limbs other than the least significant one are all zero? */
|
||||||
mbedtls_ct_condition_t msll_mask = MBEDTLS_CT_FALSE;
|
mbedtls_ct_condition_t msll_mask = MBEDTLS_CT_FALSE;
|
||||||
|
@ -176,7 +176,7 @@ mbedtls_ct_condition_t mbedtls_mpi_core_lt_ct(const mbedtls_mpi_uint *A,
|
||||||
* Again even if we can make a decision, we just mark the result and
|
* Again even if we can make a decision, we just mark the result and
|
||||||
* the fact that we are done and continue looping.
|
* the fact that we are done and continue looping.
|
||||||
*/
|
*/
|
||||||
cond = mbedtls_ct_bool_lt(B[i - 1], A[i - 1]);
|
cond = mbedtls_ct_uint_lt(B[i - 1], A[i - 1]);
|
||||||
done = mbedtls_ct_bool_or(done, cond);
|
done = mbedtls_ct_bool_or(done, cond);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
@ -185,7 +185,7 @@ mbedtls_ct_condition_t mbedtls_mpi_core_lt_ct(const mbedtls_mpi_uint *A,
|
||||||
* Again even if we can make a decision, we just mark the result and
|
* Again even if we can make a decision, we just mark the result and
|
||||||
* the fact that we are done and continue looping.
|
* the fact that we are done and continue looping.
|
||||||
*/
|
*/
|
||||||
cond = mbedtls_ct_bool_lt(A[i - 1], B[i - 1]);
|
cond = mbedtls_ct_uint_lt(A[i - 1], B[i - 1]);
|
||||||
ret = mbedtls_ct_bool_or(ret, mbedtls_ct_bool_and(cond, mbedtls_ct_bool_not(done)));
|
ret = mbedtls_ct_bool_or(ret, mbedtls_ct_bool_and(cond, mbedtls_ct_bool_not(done)));
|
||||||
done = mbedtls_ct_bool_or(done, cond);
|
done = mbedtls_ct_bool_or(done, cond);
|
||||||
}
|
}
|
||||||
|
@ -634,7 +634,7 @@ void mbedtls_mpi_core_ct_uint_table_lookup(mbedtls_mpi_uint *dest,
|
||||||
size_t index)
|
size_t index)
|
||||||
{
|
{
|
||||||
for (size_t i = 0; i < count; i++, table += limbs) {
|
for (size_t i = 0; i < count; i++, table += limbs) {
|
||||||
mbedtls_ct_condition_t assign = mbedtls_ct_bool_eq(i, index);
|
mbedtls_ct_condition_t assign = mbedtls_ct_uint_eq(i, index);
|
||||||
mbedtls_mpi_core_cond_assign(dest, table, limbs, assign);
|
mbedtls_mpi_core_cond_assign(dest, table, limbs, assign);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -131,7 +131,7 @@ void mbedtls_ct_memmove_left(void *start, size_t total, size_t offset)
|
||||||
{
|
{
|
||||||
volatile unsigned char *buf = start;
|
volatile unsigned char *buf = start;
|
||||||
for (size_t i = 0; i < total; i++) {
|
for (size_t i = 0; i < total; i++) {
|
||||||
mbedtls_ct_condition_t no_op = mbedtls_ct_bool_gt(total - offset, i);
|
mbedtls_ct_condition_t no_op = mbedtls_ct_uint_gt(total - offset, i);
|
||||||
/* The first `total - offset` passes are a no-op. The last
|
/* The first `total - offset` passes are a no-op. The last
|
||||||
* `offset` passes shift the data one byte to the left and
|
* `offset` passes shift the data one byte to the left and
|
||||||
* zero out the last byte. */
|
* zero out the last byte. */
|
||||||
|
@ -188,7 +188,7 @@ void mbedtls_ct_memcpy_offset(unsigned char *dest,
|
||||||
size_t offsetval;
|
size_t offsetval;
|
||||||
|
|
||||||
for (offsetval = offset_min; offsetval <= offset_max; offsetval++) {
|
for (offsetval = offset_min; offsetval <= offset_max; offsetval++) {
|
||||||
mbedtls_ct_memcpy_if(mbedtls_ct_bool_eq(offsetval, offset), dest, src + offsetval, NULL,
|
mbedtls_ct_memcpy_if(mbedtls_ct_uint_eq(offsetval, offset), dest, src + offsetval, NULL,
|
||||||
len);
|
len);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -143,7 +143,7 @@ static inline mbedtls_ct_uint_t mbedtls_ct_if(mbedtls_ct_condition_t condition,
|
||||||
return (mbedtls_ct_uint_t) ((condition & if1) | (not_cond & if0));
|
return (mbedtls_ct_uint_t) ((condition & if1) | (not_cond & if0));
|
||||||
}
|
}
|
||||||
|
|
||||||
static inline mbedtls_ct_condition_t mbedtls_ct_bool_lt(mbedtls_ct_uint_t x, mbedtls_ct_uint_t y)
|
static inline mbedtls_ct_condition_t mbedtls_ct_uint_lt(mbedtls_ct_uint_t x, mbedtls_ct_uint_t y)
|
||||||
{
|
{
|
||||||
/* Ensure that the compiler cannot optimise the following operations over x and y,
|
/* Ensure that the compiler cannot optimise the following operations over x and y,
|
||||||
* even if it knows the value of x and y.
|
* even if it knows the value of x and y.
|
||||||
|
@ -175,7 +175,7 @@ static inline mbedtls_ct_condition_t mbedtls_ct_bool_lt(mbedtls_ct_uint_t x, mbe
|
||||||
return mbedtls_ct_bool(ret);
|
return mbedtls_ct_bool(ret);
|
||||||
}
|
}
|
||||||
|
|
||||||
static inline mbedtls_ct_condition_t mbedtls_ct_bool_ne(mbedtls_ct_uint_t x, mbedtls_ct_uint_t y)
|
static inline mbedtls_ct_condition_t mbedtls_ct_uint_ne(mbedtls_ct_uint_t x, mbedtls_ct_uint_t y)
|
||||||
{
|
{
|
||||||
/* diff = 0 if x == y, non-zero otherwise */
|
/* diff = 0 if x == y, non-zero otherwise */
|
||||||
const mbedtls_ct_uint_t diff = mbedtls_ct_compiler_opaque(x) ^ mbedtls_ct_compiler_opaque(y);
|
const mbedtls_ct_uint_t diff = mbedtls_ct_compiler_opaque(x) ^ mbedtls_ct_compiler_opaque(y);
|
||||||
|
@ -252,28 +252,28 @@ static inline mbedtls_mpi_uint mbedtls_ct_mpi_uint_if0(mbedtls_ct_condition_t co
|
||||||
|
|
||||||
#endif /* MBEDTLS_BIGNUM_C */
|
#endif /* MBEDTLS_BIGNUM_C */
|
||||||
|
|
||||||
static inline mbedtls_ct_condition_t mbedtls_ct_bool_eq(mbedtls_ct_uint_t x,
|
static inline mbedtls_ct_condition_t mbedtls_ct_uint_eq(mbedtls_ct_uint_t x,
|
||||||
mbedtls_ct_uint_t y)
|
mbedtls_ct_uint_t y)
|
||||||
{
|
{
|
||||||
return ~mbedtls_ct_bool_ne(x, y);
|
return ~mbedtls_ct_uint_ne(x, y);
|
||||||
}
|
}
|
||||||
|
|
||||||
static inline mbedtls_ct_condition_t mbedtls_ct_bool_gt(mbedtls_ct_uint_t x,
|
static inline mbedtls_ct_condition_t mbedtls_ct_uint_gt(mbedtls_ct_uint_t x,
|
||||||
mbedtls_ct_uint_t y)
|
mbedtls_ct_uint_t y)
|
||||||
{
|
{
|
||||||
return mbedtls_ct_bool_lt(y, x);
|
return mbedtls_ct_uint_lt(y, x);
|
||||||
}
|
}
|
||||||
|
|
||||||
static inline mbedtls_ct_condition_t mbedtls_ct_bool_ge(mbedtls_ct_uint_t x,
|
static inline mbedtls_ct_condition_t mbedtls_ct_uint_ge(mbedtls_ct_uint_t x,
|
||||||
mbedtls_ct_uint_t y)
|
mbedtls_ct_uint_t y)
|
||||||
{
|
{
|
||||||
return ~mbedtls_ct_bool_lt(x, y);
|
return ~mbedtls_ct_uint_lt(x, y);
|
||||||
}
|
}
|
||||||
|
|
||||||
static inline mbedtls_ct_condition_t mbedtls_ct_bool_le(mbedtls_ct_uint_t x,
|
static inline mbedtls_ct_condition_t mbedtls_ct_uint_le(mbedtls_ct_uint_t x,
|
||||||
mbedtls_ct_uint_t y)
|
mbedtls_ct_uint_t y)
|
||||||
{
|
{
|
||||||
return ~mbedtls_ct_bool_gt(x, y);
|
return ~mbedtls_ct_uint_gt(x, y);
|
||||||
}
|
}
|
||||||
|
|
||||||
static inline mbedtls_ct_condition_t mbedtls_ct_bool_xor(mbedtls_ct_condition_t x,
|
static inline mbedtls_ct_condition_t mbedtls_ct_bool_xor(mbedtls_ct_condition_t x,
|
||||||
|
|
|
@ -37,10 +37,11 @@
|
||||||
* It has three main parts:
|
* It has three main parts:
|
||||||
*
|
*
|
||||||
* - boolean operations
|
* - boolean operations
|
||||||
* These are all named mbedtls_ct_bool_<operation>, and operate over
|
* These are all named mbedtls_ct_<type>_<operation>, and operate over
|
||||||
* mbedtls_ct_condition_t.
|
* mbedtls_ct_condition_t.
|
||||||
* All arguments are considered secret.
|
* All arguments are considered secret.
|
||||||
* example: bool x = y | z => x = mbedtls_ct_bool_or(y, z)
|
* example: bool x = y | z => x = mbedtls_ct_bool_or(y, z)
|
||||||
|
* example: bool x = y == z => x = mbedtls_ct_uint_eq(y, z)
|
||||||
*
|
*
|
||||||
* - conditional data selection
|
* - conditional data selection
|
||||||
* These are all named mbedtls_ct_<type>_if and mbedtls_ct_<type>_if0
|
* These are all named mbedtls_ct_<type>_if and mbedtls_ct_<type>_if0
|
||||||
|
@ -118,7 +119,7 @@ static inline mbedtls_ct_condition_t mbedtls_ct_bool(mbedtls_ct_uint_t x);
|
||||||
*
|
*
|
||||||
* \return MBEDTLS_CT_TRUE if \p x != \p y, otherwise MBEDTLS_CT_FALSE.
|
* \return MBEDTLS_CT_TRUE if \p x != \p y, otherwise MBEDTLS_CT_FALSE.
|
||||||
*/
|
*/
|
||||||
static inline mbedtls_ct_condition_t mbedtls_ct_bool_ne(mbedtls_ct_uint_t x, mbedtls_ct_uint_t y);
|
static inline mbedtls_ct_condition_t mbedtls_ct_uint_ne(mbedtls_ct_uint_t x, mbedtls_ct_uint_t y);
|
||||||
|
|
||||||
/** Boolean "equals" operation.
|
/** Boolean "equals" operation.
|
||||||
*
|
*
|
||||||
|
@ -131,7 +132,7 @@ static inline mbedtls_ct_condition_t mbedtls_ct_bool_ne(mbedtls_ct_uint_t x, mbe
|
||||||
*
|
*
|
||||||
* \return MBEDTLS_CT_TRUE if \p x == \p y, otherwise MBEDTLS_CT_FALSE.
|
* \return MBEDTLS_CT_TRUE if \p x == \p y, otherwise MBEDTLS_CT_FALSE.
|
||||||
*/
|
*/
|
||||||
static inline mbedtls_ct_condition_t mbedtls_ct_bool_eq(mbedtls_ct_uint_t x,
|
static inline mbedtls_ct_condition_t mbedtls_ct_uint_eq(mbedtls_ct_uint_t x,
|
||||||
mbedtls_ct_uint_t y);
|
mbedtls_ct_uint_t y);
|
||||||
|
|
||||||
/** Boolean "less than" operation.
|
/** Boolean "less than" operation.
|
||||||
|
@ -145,7 +146,7 @@ static inline mbedtls_ct_condition_t mbedtls_ct_bool_eq(mbedtls_ct_uint_t x,
|
||||||
*
|
*
|
||||||
* \return MBEDTLS_CT_TRUE if \p x < \p y, otherwise MBEDTLS_CT_FALSE.
|
* \return MBEDTLS_CT_TRUE if \p x < \p y, otherwise MBEDTLS_CT_FALSE.
|
||||||
*/
|
*/
|
||||||
static inline mbedtls_ct_condition_t mbedtls_ct_bool_lt(mbedtls_ct_uint_t x, mbedtls_ct_uint_t y);
|
static inline mbedtls_ct_condition_t mbedtls_ct_uint_lt(mbedtls_ct_uint_t x, mbedtls_ct_uint_t y);
|
||||||
|
|
||||||
/** Boolean "greater than" operation.
|
/** Boolean "greater than" operation.
|
||||||
*
|
*
|
||||||
|
@ -158,7 +159,7 @@ static inline mbedtls_ct_condition_t mbedtls_ct_bool_lt(mbedtls_ct_uint_t x, mbe
|
||||||
*
|
*
|
||||||
* \return MBEDTLS_CT_TRUE if \p x > \p y, otherwise MBEDTLS_CT_FALSE.
|
* \return MBEDTLS_CT_TRUE if \p x > \p y, otherwise MBEDTLS_CT_FALSE.
|
||||||
*/
|
*/
|
||||||
static inline mbedtls_ct_condition_t mbedtls_ct_bool_gt(mbedtls_ct_uint_t x,
|
static inline mbedtls_ct_condition_t mbedtls_ct_uint_gt(mbedtls_ct_uint_t x,
|
||||||
mbedtls_ct_uint_t y);
|
mbedtls_ct_uint_t y);
|
||||||
|
|
||||||
/** Boolean "greater or equal" operation.
|
/** Boolean "greater or equal" operation.
|
||||||
|
@ -173,7 +174,7 @@ static inline mbedtls_ct_condition_t mbedtls_ct_bool_gt(mbedtls_ct_uint_t x,
|
||||||
* \return MBEDTLS_CT_TRUE if \p x >= \p y,
|
* \return MBEDTLS_CT_TRUE if \p x >= \p y,
|
||||||
* otherwise MBEDTLS_CT_FALSE.
|
* otherwise MBEDTLS_CT_FALSE.
|
||||||
*/
|
*/
|
||||||
static inline mbedtls_ct_condition_t mbedtls_ct_bool_ge(mbedtls_ct_uint_t x,
|
static inline mbedtls_ct_condition_t mbedtls_ct_uint_ge(mbedtls_ct_uint_t x,
|
||||||
mbedtls_ct_uint_t y);
|
mbedtls_ct_uint_t y);
|
||||||
|
|
||||||
/** Boolean "less than or equal" operation.
|
/** Boolean "less than or equal" operation.
|
||||||
|
@ -188,7 +189,7 @@ static inline mbedtls_ct_condition_t mbedtls_ct_bool_ge(mbedtls_ct_uint_t x,
|
||||||
* \return MBEDTLS_CT_TRUE if \p x <= \p y,
|
* \return MBEDTLS_CT_TRUE if \p x <= \p y,
|
||||||
* otherwise MBEDTLS_CT_FALSE.
|
* otherwise MBEDTLS_CT_FALSE.
|
||||||
*/
|
*/
|
||||||
static inline mbedtls_ct_condition_t mbedtls_ct_bool_le(mbedtls_ct_uint_t x,
|
static inline mbedtls_ct_condition_t mbedtls_ct_uint_le(mbedtls_ct_uint_t x,
|
||||||
mbedtls_ct_uint_t y);
|
mbedtls_ct_uint_t y);
|
||||||
|
|
||||||
/** Boolean "xor" operation.
|
/** Boolean "xor" operation.
|
||||||
|
|
|
@ -120,13 +120,13 @@ static int mbedtls_ct_rsaes_pkcs1_v15_unpadding(unsigned char *input,
|
||||||
|
|
||||||
/* Decode EME-PKCS1-v1_5 padding: 0x00 || 0x02 || PS || 0x00
|
/* Decode EME-PKCS1-v1_5 padding: 0x00 || 0x02 || PS || 0x00
|
||||||
* where PS must be at least 8 nonzero bytes. */
|
* where PS must be at least 8 nonzero bytes. */
|
||||||
bad = mbedtls_ct_bool_or(bad, mbedtls_ct_bool_ne(input[1], MBEDTLS_RSA_CRYPT));
|
bad = mbedtls_ct_bool_or(bad, mbedtls_ct_uint_ne(input[1], MBEDTLS_RSA_CRYPT));
|
||||||
|
|
||||||
/* Read the whole buffer. Set pad_done to nonzero if we find
|
/* Read the whole buffer. Set pad_done to nonzero if we find
|
||||||
* the 0x00 byte and remember the padding length in pad_count. */
|
* the 0x00 byte and remember the padding length in pad_count. */
|
||||||
pad_done = MBEDTLS_CT_FALSE;
|
pad_done = MBEDTLS_CT_FALSE;
|
||||||
for (i = 2; i < ilen; i++) {
|
for (i = 2; i < ilen; i++) {
|
||||||
mbedtls_ct_condition_t found = mbedtls_ct_bool_eq(input[i], 0);
|
mbedtls_ct_condition_t found = mbedtls_ct_uint_eq(input[i], 0);
|
||||||
pad_done = mbedtls_ct_bool_or(pad_done, found);
|
pad_done = mbedtls_ct_bool_or(pad_done, found);
|
||||||
pad_count += mbedtls_ct_uint_if0(mbedtls_ct_bool_not(pad_done), 1);
|
pad_count += mbedtls_ct_uint_if0(mbedtls_ct_bool_not(pad_done), 1);
|
||||||
}
|
}
|
||||||
|
@ -135,7 +135,7 @@ static int mbedtls_ct_rsaes_pkcs1_v15_unpadding(unsigned char *input,
|
||||||
bad = mbedtls_ct_bool_or(bad, mbedtls_ct_bool_not(pad_done));
|
bad = mbedtls_ct_bool_or(bad, mbedtls_ct_bool_not(pad_done));
|
||||||
|
|
||||||
/* There must be at least 8 bytes of padding. */
|
/* There must be at least 8 bytes of padding. */
|
||||||
bad = mbedtls_ct_bool_or(bad, mbedtls_ct_bool_gt(8, pad_count));
|
bad = mbedtls_ct_bool_or(bad, mbedtls_ct_uint_gt(8, pad_count));
|
||||||
|
|
||||||
/* If the padding is valid, set plaintext_size to the number of
|
/* If the padding is valid, set plaintext_size to the number of
|
||||||
* remaining bytes after stripping the padding. If the padding
|
* remaining bytes after stripping the padding. If the padding
|
||||||
|
@ -150,7 +150,7 @@ static int mbedtls_ct_rsaes_pkcs1_v15_unpadding(unsigned char *input,
|
||||||
|
|
||||||
/* Set output_too_large to 0 if the plaintext fits in the output
|
/* Set output_too_large to 0 if the plaintext fits in the output
|
||||||
* buffer and to 1 otherwise. */
|
* buffer and to 1 otherwise. */
|
||||||
output_too_large = mbedtls_ct_bool_gt(plaintext_size,
|
output_too_large = mbedtls_ct_uint_gt(plaintext_size,
|
||||||
plaintext_max_size);
|
plaintext_max_size);
|
||||||
|
|
||||||
/* Set ret without branches to avoid timing attacks. Return:
|
/* Set ret without branches to avoid timing attacks. Return:
|
||||||
|
|
|
@ -257,7 +257,7 @@ int mbedtls_ct_hmac(mbedtls_md_context_t *ctx,
|
||||||
MD_CHK(mbedtls_md_clone(&aux, ctx));
|
MD_CHK(mbedtls_md_clone(&aux, ctx));
|
||||||
MD_CHK(mbedtls_md_finish(&aux, aux_out));
|
MD_CHK(mbedtls_md_finish(&aux, aux_out));
|
||||||
/* Keep only the correct inner_hash in the output buffer */
|
/* Keep only the correct inner_hash in the output buffer */
|
||||||
mbedtls_ct_memcpy_if(mbedtls_ct_bool_eq(offset, data_len_secret),
|
mbedtls_ct_memcpy_if(mbedtls_ct_uint_eq(offset, data_len_secret),
|
||||||
output, aux_out, NULL, hash_size);
|
output, aux_out, NULL, hash_size);
|
||||||
|
|
||||||
if (offset < max_data_len) {
|
if (offset < max_data_len) {
|
||||||
|
@ -1918,7 +1918,7 @@ hmac_failed_etm_enabled:
|
||||||
padlen = data[rec->data_len - 1];
|
padlen = data[rec->data_len - 1];
|
||||||
|
|
||||||
if (auth_done == 1) {
|
if (auth_done == 1) {
|
||||||
const mbedtls_ct_condition_t ge = mbedtls_ct_bool_ge(
|
const mbedtls_ct_condition_t ge = mbedtls_ct_uint_ge(
|
||||||
rec->data_len,
|
rec->data_len,
|
||||||
padlen + 1);
|
padlen + 1);
|
||||||
correct = mbedtls_ct_size_if0(ge, correct);
|
correct = mbedtls_ct_size_if0(ge, correct);
|
||||||
|
@ -1934,7 +1934,7 @@ hmac_failed_etm_enabled:
|
||||||
padlen + 1));
|
padlen + 1));
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
const mbedtls_ct_condition_t ge = mbedtls_ct_bool_ge(
|
const mbedtls_ct_condition_t ge = mbedtls_ct_uint_ge(
|
||||||
rec->data_len,
|
rec->data_len,
|
||||||
transform->maclen + padlen + 1);
|
transform->maclen + padlen + 1);
|
||||||
correct = mbedtls_ct_size_if0(ge, correct);
|
correct = mbedtls_ct_size_if0(ge, correct);
|
||||||
|
@ -1967,13 +1967,13 @@ hmac_failed_etm_enabled:
|
||||||
/* pad_count += (idx >= padding_idx) &&
|
/* pad_count += (idx >= padding_idx) &&
|
||||||
* (check[idx] == padlen - 1);
|
* (check[idx] == padlen - 1);
|
||||||
*/
|
*/
|
||||||
const mbedtls_ct_condition_t a = mbedtls_ct_bool_ge(idx, padding_idx);
|
const mbedtls_ct_condition_t a = mbedtls_ct_uint_ge(idx, padding_idx);
|
||||||
size_t increment = mbedtls_ct_size_if0(a, 1);
|
size_t increment = mbedtls_ct_size_if0(a, 1);
|
||||||
const mbedtls_ct_condition_t b = mbedtls_ct_bool_eq(check[idx], padlen - 1);
|
const mbedtls_ct_condition_t b = mbedtls_ct_uint_eq(check[idx], padlen - 1);
|
||||||
increment = mbedtls_ct_size_if0(b, increment);
|
increment = mbedtls_ct_size_if0(b, increment);
|
||||||
pad_count += increment;
|
pad_count += increment;
|
||||||
}
|
}
|
||||||
correct = mbedtls_ct_size_if0(mbedtls_ct_bool_eq(pad_count, padlen), padlen);
|
correct = mbedtls_ct_size_if0(mbedtls_ct_uint_eq(pad_count, padlen), padlen);
|
||||||
|
|
||||||
#if defined(MBEDTLS_SSL_DEBUG_ALL)
|
#if defined(MBEDTLS_SSL_DEBUG_ALL)
|
||||||
if (padlen > 0 && correct == 0) {
|
if (padlen > 0 && correct == 0) {
|
||||||
|
|
|
@ -3537,9 +3537,9 @@ static int ssl_parse_encrypted_pms(mbedtls_ssl_context *ssl,
|
||||||
* padding, to protect against timing-based Bleichenbacher-type
|
* padding, to protect against timing-based Bleichenbacher-type
|
||||||
* attacks. */
|
* attacks. */
|
||||||
diff = mbedtls_ct_bool(ret);
|
diff = mbedtls_ct_bool(ret);
|
||||||
diff = mbedtls_ct_bool_or(diff, mbedtls_ct_bool_ne(peer_pmslen, 48));
|
diff = mbedtls_ct_bool_or(diff, mbedtls_ct_uint_ne(peer_pmslen, 48));
|
||||||
diff = mbedtls_ct_bool_or(diff, mbedtls_ct_bool_ne(peer_pms[0], ver[0]));
|
diff = mbedtls_ct_bool_or(diff, mbedtls_ct_uint_ne(peer_pms[0], ver[0]));
|
||||||
diff = mbedtls_ct_bool_or(diff, mbedtls_ct_bool_ne(peer_pms[1], ver[1]));
|
diff = mbedtls_ct_bool_or(diff, mbedtls_ct_uint_ne(peer_pms[1], ver[1]));
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Protection against Bleichenbacher's attack: invalid PKCS#1 v1.5 padding
|
* Protection against Bleichenbacher's attack: invalid PKCS#1 v1.5 padding
|
||||||
|
|
|
@ -60,22 +60,22 @@ void mbedtls_ct_bool_xxx(char *x_str, char *y_str)
|
||||||
TEST_EQUAL(mbedtls_ct_bool_not(mbedtls_ct_bool(x)), expected);
|
TEST_EQUAL(mbedtls_ct_bool_not(mbedtls_ct_bool(x)), expected);
|
||||||
|
|
||||||
expected = x1 != y1 ? MBEDTLS_CT_TRUE : MBEDTLS_CT_FALSE;
|
expected = x1 != y1 ? MBEDTLS_CT_TRUE : MBEDTLS_CT_FALSE;
|
||||||
TEST_EQUAL(mbedtls_ct_bool_ne(x, y), expected);
|
TEST_EQUAL(mbedtls_ct_uint_ne(x, y), expected);
|
||||||
|
|
||||||
expected = x1 == y1 ? MBEDTLS_CT_TRUE : MBEDTLS_CT_FALSE;
|
expected = x1 == y1 ? MBEDTLS_CT_TRUE : MBEDTLS_CT_FALSE;
|
||||||
TEST_EQUAL(mbedtls_ct_bool_eq(x, y), expected);
|
TEST_EQUAL(mbedtls_ct_uint_eq(x, y), expected);
|
||||||
|
|
||||||
expected = x1 > y1 ? MBEDTLS_CT_TRUE : MBEDTLS_CT_FALSE;
|
expected = x1 > y1 ? MBEDTLS_CT_TRUE : MBEDTLS_CT_FALSE;
|
||||||
TEST_EQUAL(mbedtls_ct_bool_gt(x, y), expected);
|
TEST_EQUAL(mbedtls_ct_uint_gt(x, y), expected);
|
||||||
|
|
||||||
expected = x1 < y1 ? MBEDTLS_CT_TRUE : MBEDTLS_CT_FALSE;
|
expected = x1 < y1 ? MBEDTLS_CT_TRUE : MBEDTLS_CT_FALSE;
|
||||||
TEST_EQUAL(mbedtls_ct_bool_lt(x, y), expected);
|
TEST_EQUAL(mbedtls_ct_uint_lt(x, y), expected);
|
||||||
|
|
||||||
expected = x1 >= y1 ? MBEDTLS_CT_TRUE : MBEDTLS_CT_FALSE;
|
expected = x1 >= y1 ? MBEDTLS_CT_TRUE : MBEDTLS_CT_FALSE;
|
||||||
TEST_EQUAL(mbedtls_ct_bool_ge(x, y), expected);
|
TEST_EQUAL(mbedtls_ct_uint_ge(x, y), expected);
|
||||||
|
|
||||||
expected = x1 <= y1 ? MBEDTLS_CT_TRUE : MBEDTLS_CT_FALSE;
|
expected = x1 <= y1 ? MBEDTLS_CT_TRUE : MBEDTLS_CT_FALSE;
|
||||||
TEST_EQUAL(mbedtls_ct_bool_le(x, y), expected);
|
TEST_EQUAL(mbedtls_ct_uint_le(x, y), expected);
|
||||||
|
|
||||||
expected = (!!x1) ^ (!!y1) ? MBEDTLS_CT_TRUE : MBEDTLS_CT_FALSE;
|
expected = (!!x1) ^ (!!y1) ? MBEDTLS_CT_TRUE : MBEDTLS_CT_FALSE;
|
||||||
TEST_EQUAL(mbedtls_ct_bool_xor(mbedtls_ct_bool(x), mbedtls_ct_bool(y)), expected);
|
TEST_EQUAL(mbedtls_ct_bool_xor(mbedtls_ct_bool(x), mbedtls_ct_bool(y)), expected);
|
||||||
|
|
Loading…
Reference in a new issue