diff --git a/library/bignum.c b/library/bignum.c index 2a7786f4c..10bb4312a 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -94,7 +94,7 @@ int mbedtls_mpi_lt_mpi_ct(const mbedtls_mpi *X, /* This array is used to conditionally swap the pointers in const time */ void * const p[2] = { X->p, Y->p }; - size_t i = mbedtls_ct_size_if0(X_is_negative, 1); + size_t i = mbedtls_ct_size_if_else_0(X_is_negative, 1); mbedtls_ct_condition_t lt = mbedtls_mpi_core_lt_ct(p[i], p[i ^ 1], X->n); /* @@ -104,7 +104,7 @@ int mbedtls_mpi_lt_mpi_ct(const mbedtls_mpi *X, result = mbedtls_ct_bool_or(result, mbedtls_ct_bool_and(mbedtls_ct_bool_not(different_sign), lt)); - *ret = mbedtls_ct_uint_if0(result, 1); + *ret = mbedtls_ct_uint_if_else_0(result, 1); return 0; } @@ -139,7 +139,7 @@ int mbedtls_mpi_safe_cond_assign(mbedtls_mpi *X, mbedtls_ct_condition_t do_not_assign = mbedtls_ct_bool_not(do_assign); for (size_t i = Y->n; i < X->n; i++) { - X->p[i] = mbedtls_ct_mpi_uint_if0(do_not_assign, X->p[i]); + X->p[i] = mbedtls_ct_mpi_uint_if_else_0(do_not_assign, X->p[i]); } cleanup: diff --git a/library/bignum_core.c b/library/bignum_core.c index 157ac078e..a3c54036f 100644 --- a/library/bignum_core.c +++ b/library/bignum_core.c @@ -463,7 +463,7 @@ mbedtls_mpi_uint mbedtls_mpi_core_add_if(mbedtls_mpi_uint *X, mbedtls_ct_condition_t do_add = mbedtls_ct_bool(cond); for (size_t i = 0; i < limbs; i++) { - mbedtls_mpi_uint add = mbedtls_ct_mpi_uint_if0(do_add, A[i]); + mbedtls_mpi_uint add = mbedtls_ct_mpi_uint_if_else_0(do_add, A[i]); mbedtls_mpi_uint t = c + X[i]; c = (t < X[i]); t += add; diff --git a/library/constant_time.c b/library/constant_time.c index 20e215a79..86cc066b0 100644 --- a/library/constant_time.c +++ b/library/constant_time.c @@ -140,7 +140,7 @@ void mbedtls_ct_memmove_left(void *start, size_t total, size_t offset) unsigned char next = buf[n+1]; buf[n] = mbedtls_ct_uint_if(no_op, current, next); } - buf[total-1] = mbedtls_ct_uint_if0(no_op, buf[total-1]); + buf[total-1] = mbedtls_ct_uint_if_else_0(no_op, buf[total-1]); } } diff --git a/library/constant_time_impl.h b/library/constant_time_impl.h index 1660c1260..0c3cde99d 100644 --- a/library/constant_time_impl.h +++ b/library/constant_time_impl.h @@ -232,20 +232,20 @@ static inline mbedtls_mpi_uint mbedtls_ct_mpi_uint_if(mbedtls_ct_condition_t con #endif -static inline size_t mbedtls_ct_size_if0(mbedtls_ct_condition_t condition, size_t if1) +static inline size_t mbedtls_ct_size_if_else_0(mbedtls_ct_condition_t condition, size_t if1) { return (size_t) (condition & if1); } -static inline unsigned mbedtls_ct_uint_if0(mbedtls_ct_condition_t condition, unsigned if1) +static inline unsigned mbedtls_ct_uint_if_else_0(mbedtls_ct_condition_t condition, unsigned if1) { return (unsigned) (condition & if1); } #if defined(MBEDTLS_BIGNUM_C) -static inline mbedtls_mpi_uint mbedtls_ct_mpi_uint_if0(mbedtls_ct_condition_t condition, - mbedtls_mpi_uint if1) +static inline mbedtls_mpi_uint mbedtls_ct_mpi_uint_if_else_0(mbedtls_ct_condition_t condition, + mbedtls_mpi_uint if1) { return (mbedtls_mpi_uint) (condition & if1); } diff --git a/library/constant_time_internal.h b/library/constant_time_internal.h index dc4c5f921..664ee5af5 100644 --- a/library/constant_time_internal.h +++ b/library/constant_time_internal.h @@ -323,7 +323,7 @@ static inline mbedtls_mpi_uint mbedtls_ct_mpi_uint_if(mbedtls_ct_condition_t con * * \return \c if1 if \p condition == MBEDTLS_CT_TRUE, otherwise 0. */ -static inline unsigned mbedtls_ct_uint_if0(mbedtls_ct_condition_t condition, unsigned if1); +static inline unsigned mbedtls_ct_uint_if_else_0(mbedtls_ct_condition_t condition, unsigned if1); #if defined(MBEDTLS_BIGNUM_C) @@ -341,8 +341,8 @@ static inline unsigned mbedtls_ct_uint_if0(mbedtls_ct_condition_t condition, uns * * \return \c if1 if \p condition == MBEDTLS_CT_TRUE, otherwise 0. */ -static inline mbedtls_mpi_uint mbedtls_ct_mpi_uint_if0(mbedtls_ct_condition_t condition, - mbedtls_mpi_uint if1); +static inline mbedtls_mpi_uint mbedtls_ct_mpi_uint_if_else_0(mbedtls_ct_condition_t condition, + mbedtls_mpi_uint if1); #endif diff --git a/library/rsa.c b/library/rsa.c index 65caf901b..d0782f53c 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -128,7 +128,7 @@ static int mbedtls_ct_rsaes_pkcs1_v15_unpadding(unsigned char *input, for (i = 2; i < ilen; i++) { mbedtls_ct_condition_t found = mbedtls_ct_uint_eq(input[i], 0); pad_done = mbedtls_ct_bool_or(pad_done, found); - pad_count += mbedtls_ct_uint_if0(mbedtls_ct_bool_not(pad_done), 1); + pad_count += mbedtls_ct_uint_if_else_0(mbedtls_ct_bool_not(pad_done), 1); } /* If pad_done is still zero, there's no data, only unfinished padding. */ @@ -161,7 +161,7 @@ static int mbedtls_ct_rsaes_pkcs1_v15_unpadding(unsigned char *input, ret = -(int) mbedtls_ct_uint_if( bad, (unsigned) (-(MBEDTLS_ERR_RSA_INVALID_PADDING)), - mbedtls_ct_uint_if0( + mbedtls_ct_uint_if_else_0( output_too_large, (unsigned) (-(MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE))) ); diff --git a/library/ssl_msg.c b/library/ssl_msg.c index a72500256..1a9c17e29 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -1921,8 +1921,8 @@ hmac_failed_etm_enabled: const mbedtls_ct_condition_t ge = mbedtls_ct_uint_ge( rec->data_len, padlen + 1); - correct = mbedtls_ct_size_if0(ge, correct); - padlen = mbedtls_ct_size_if0(ge, padlen); + correct = mbedtls_ct_size_if_else_0(ge, correct); + padlen = mbedtls_ct_size_if_else_0(ge, padlen); } else { #if defined(MBEDTLS_SSL_DEBUG_ALL) if (rec->data_len < transform->maclen + padlen + 1) { @@ -1937,8 +1937,8 @@ hmac_failed_etm_enabled: const mbedtls_ct_condition_t ge = mbedtls_ct_uint_ge( rec->data_len, transform->maclen + padlen + 1); - correct = mbedtls_ct_size_if0(ge, correct); - padlen = mbedtls_ct_size_if0(ge, padlen); + correct = mbedtls_ct_size_if_else_0(ge, correct); + padlen = mbedtls_ct_size_if_else_0(ge, padlen); } padlen++; @@ -1968,19 +1968,19 @@ hmac_failed_etm_enabled: * (check[idx] == padlen - 1); */ const mbedtls_ct_condition_t a = mbedtls_ct_uint_ge(idx, padding_idx); - size_t increment = mbedtls_ct_size_if0(a, 1); + size_t increment = mbedtls_ct_size_if_else_0(a, 1); const mbedtls_ct_condition_t b = mbedtls_ct_uint_eq(check[idx], padlen - 1); - increment = mbedtls_ct_size_if0(b, increment); + increment = mbedtls_ct_size_if_else_0(b, increment); pad_count += increment; } - correct = mbedtls_ct_size_if0(mbedtls_ct_uint_eq(pad_count, padlen), padlen); + correct = mbedtls_ct_size_if_else_0(mbedtls_ct_uint_eq(pad_count, padlen), padlen); #if defined(MBEDTLS_SSL_DEBUG_ALL) if (padlen > 0 && correct == 0) { MBEDTLS_SSL_DEBUG_MSG(1, ("bad padding byte detected")); } #endif - padlen = mbedtls_ct_size_if0(mbedtls_ct_bool(correct), padlen); + padlen = mbedtls_ct_size_if_else_0(mbedtls_ct_bool(correct), padlen); #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ diff --git a/tests/suites/test_suite_constant_time.function b/tests/suites/test_suite_constant_time.function index 80cba7930..a8ba575cf 100644 --- a/tests/suites/test_suite_constant_time.function +++ b/tests/suites/test_suite_constant_time.function @@ -135,9 +135,9 @@ void mbedtls_ct_if(char *c_str, char *t_str, char *f_str) TEST_EQUAL(mbedtls_ct_mpi_uint_if(c, t, f), (mbedtls_mpi_uint) expected); #endif - TEST_EQUAL(mbedtls_ct_uint_if0(c, t), (unsigned) expected0); + TEST_EQUAL(mbedtls_ct_uint_if_else_0(c, t), (unsigned) expected0); #if defined(MBEDTLS_BIGNUM_C) - TEST_EQUAL(mbedtls_ct_mpi_uint_if0(c, t), (mbedtls_mpi_uint) expected0); + TEST_EQUAL(mbedtls_ct_mpi_uint_if_else_0(c, t), (mbedtls_mpi_uint) expected0); #endif TEST_CF_PUBLIC(&c, sizeof(c));