From 7ad37e40a6ed9e63975f6168fb9b61d46fcda5f0 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 21 Sep 2023 21:53:31 +0100 Subject: [PATCH] Remove use of mbedtls_ct_int_if Signed-off-by: Dave Rodgman --- library/cipher.c | 6 +++--- library/nist_kw.c | 4 ++-- library/rsa.c | 8 +++++--- 3 files changed, 10 insertions(+), 8 deletions(-) diff --git a/library/cipher.c b/library/cipher.c index a53fb4358..f521fc20b 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -870,7 +870,7 @@ static int get_pkcs_padding(unsigned char *input, size_t input_len, bad = mbedtls_ct_bool_or(bad, mbedtls_ct_bool_and(in_padding, different)); } - return mbedtls_ct_int_if_else_0(bad, MBEDTLS_ERR_CIPHER_INVALID_PADDING); + return -(int) mbedtls_ct_uint_if_else_0(bad, -MBEDTLS_ERR_CIPHER_INVALID_PADDING); } #endif /* MBEDTLS_CIPHER_PADDING_PKCS7 */ @@ -914,7 +914,7 @@ static int get_one_and_zeros_padding(unsigned char *input, size_t input_len, in_padding = mbedtls_ct_bool_and(in_padding, mbedtls_ct_bool_not(is_nonzero)); } - return mbedtls_ct_int_if_else_0(bad, MBEDTLS_ERR_CIPHER_INVALID_PADDING); + return -(int) mbedtls_ct_uint_if_else_0(bad, -MBEDTLS_ERR_CIPHER_INVALID_PADDING); } #endif /* MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS */ @@ -961,7 +961,7 @@ static int get_zeros_and_len_padding(unsigned char *input, size_t input_len, bad = mbedtls_ct_bool_or(bad, nonzero_pad_byte); } - return mbedtls_ct_int_if_else_0(bad, MBEDTLS_ERR_CIPHER_INVALID_PADDING); + return -(int) mbedtls_ct_uint_if_else_0(bad, -MBEDTLS_ERR_CIPHER_INVALID_PADDING); } #endif /* MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN */ diff --git a/library/nist_kw.c b/library/nist_kw.c index 1b4078e1b..d5b2e27fb 100644 --- a/library/nist_kw.c +++ b/library/nist_kw.c @@ -421,8 +421,8 @@ int mbedtls_nist_kw_unwrap(mbedtls_nist_kw_context *ctx, * larger than 8, because of the type wrap around. */ padlen = in_len - KW_SEMIBLOCK_LENGTH - Plen; - ret = mbedtls_ct_int_if(mbedtls_ct_uint_gt(padlen, 7), - MBEDTLS_ERR_CIPHER_AUTH_FAILED, ret); + ret = -(int) mbedtls_ct_uint_if(mbedtls_ct_uint_gt(padlen, 7), + -MBEDTLS_ERR_CIPHER_AUTH_FAILED, -ret); padlen &= 7; /* Check padding in "constant-time" */ diff --git a/library/rsa.c b/library/rsa.c index a233a8e7f..0f16a3186 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -158,10 +158,12 @@ static int mbedtls_ct_rsaes_pkcs1_v15_unpadding(unsigned char *input, * - OUTPUT_TOO_LARGE if the padding is good but the decrypted * plaintext does not fit in the output buffer. * - 0 if the padding is correct. */ - ret = mbedtls_ct_int_if( + ret = -(int) mbedtls_ct_uint_if( bad, - MBEDTLS_ERR_RSA_INVALID_PADDING, - mbedtls_ct_int_if_else_0(output_too_large, MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE) + (unsigned) (-(MBEDTLS_ERR_RSA_INVALID_PADDING)), + mbedtls_ct_uint_if_else_0( + output_too_large, + (unsigned) (-(MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE))) ); /* If the padding is bad or the plaintext is too large, zero the