Propagate usage of mask generation functions

Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-08-11 15:07:02 +02:00 · 2021-08-11 15:07:02 +02:00 · 9cb55698aa
commit 9cb55698aa
parent 396438c57b
3 changed files with 27 additions and 38 deletions
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@ -3581,16 +3581,7 @@ static int ssl_parse_encrypted_pms( mbedtls_ssl_context *ssl,
    diff |= peer_pms[1] ^ ver[1];

    /* mask = diff ? 0xff : 0x00 using bit operations to avoid branches */
-    /* MSVC has a warning about unary minus on unsigned, but this is
-     * well-defined and precisely what we want to do here */
-#if defined(_MSC_VER)
-#pragma warning( push )
-#pragma warning( disable : 4146 )
-#endif
-    mask = - ( ( diff | - diff ) >> ( sizeof( unsigned int ) * 8 - 1 ) );
-#if defined(_MSC_VER)
-#pragma warning( pop )
-#endif
+    mask = mbedtls_cf_uint_mask( diff );

    /*
     * Protection against Bleichenbacher's attack: invalid PKCS#1 v1.5 padding