Use mbedtls_ct_memcmp in mbedtls_rsa_rsaes_oaep_decrypt
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
This commit is contained in:
Dave Rodgman
parent
d337bd9bfe
commit
66d6ac92e6
1 changed files with 4 additions and 4 deletions
|
|
@ -1541,7 +1541,8 @@ int mbedtls_rsa_rsaes_oaep_decrypt(mbedtls_rsa_context *ctx,
|
||||||
{
|
{
|
||||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||||
size_t ilen, i, pad_len;
|
size_t ilen, i, pad_len;
|
||||||
unsigned char *p, bad, pad_done;
|
unsigned char *p, pad_done;
|
||||||
|
int bad;
|
||||||
unsigned char buf[MBEDTLS_MPI_MAX_SIZE];
|
unsigned char buf[MBEDTLS_MPI_MAX_SIZE];
|
||||||
unsigned char lhash[MBEDTLS_MD_MAX_SIZE];
|
unsigned char lhash[MBEDTLS_MD_MAX_SIZE];
|
||||||
unsigned int hlen;
|
unsigned int hlen;
|
||||||
|
|
@ -1608,9 +1609,8 @@ int mbedtls_rsa_rsaes_oaep_decrypt(mbedtls_rsa_context *ctx,
|
||||||
p += hlen; /* Skip seed */
|
p += hlen; /* Skip seed */
|
||||||
|
|
||||||
/* Check lHash */
|
/* Check lHash */
|
||||||
for (i = 0; i < hlen; i++) {
|
bad |= mbedtls_ct_memcmp(lhash, p, hlen);
|
||||||
bad |= lhash[i] ^ *p++;
|
p += hlen;
|
||||||
}
|
|
||||||
|
|
||||||
/* Get zero-padding len, but always read till end of buffer
|
/* Get zero-padding len, but always read till end of buffer
|
||||||
* (minus one, for the 01 byte) */
|
* (minus one, for the 01 byte) */
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue