lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-30 22:43:08 +03:00
Code Activity

Rename constant-time functions to have mbedtls_ct prefix

Browse Source 
Rename functions to better suite with the module name.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
This commit is contained in:
Gabor Mezei
2021-10-20 11:59:27 +02:00
parent f127a0e2b1
commit 18a44949d0
13 changed files with 91 additions and 91 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
library/ssl_msg.c
View File

@ -1282,7 +1282,7 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl,
*
* Afterwards, we know that data + data_len is followed by at
* least maclen Bytes, which justifies the call to
* mbedtls_cf_memcmp() below.
* mbedtls_ct_memcmp() below.
*
* Further, we still know that data_len > minlen */
rec->data_len -= transform->maclen;
@ -1305,7 +1305,7 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl,
transform->maclen );
/* Compare expected MAC with MAC at the end of the record. */
if( mbedtls_cf_memcmp( data + rec->data_len, mac_expect,
if( mbedtls_ct_memcmp( data + rec->data_len, mac_expect,
transform->maclen ) != 0 )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "message mac does not match" ) );
@ -1384,7 +1384,7 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl,
if( auth_done == 1 )
{
const size_t mask = mbedtls_cf_size_mask_ge(
const size_t mask = mbedtls_ct_size_mask_ge(
rec->data_len,
padlen + 1 );
correct &= mask;
@ -1404,7 +1404,7 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl,
}
#endif
const size_t mask = mbedtls_cf_size_mask_ge(
const size_t mask = mbedtls_ct_size_mask_ge(
rec->data_len,
transform->maclen + padlen + 1 );
correct &= mask;
@ -1460,18 +1460,18 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl,
/* pad_count += (idx >= padding_idx) &&
* (check[idx] == padlen - 1);
*/
const size_t mask = mbedtls_cf_size_mask_ge( idx, padding_idx );
const size_t equal = mbedtls_cf_size_bool_eq( check[idx],
const size_t mask = mbedtls_ct_size_mask_ge( idx, padding_idx );
const size_t equal = mbedtls_ct_size_bool_eq( check[idx],
padlen - 1 );
pad_count += mask & equal;
}
correct &= mbedtls_cf_size_bool_eq( pad_count, padlen );
correct &= mbedtls_ct_size_bool_eq( pad_count, padlen );
#if defined(MBEDTLS_SSL_DEBUG_ALL)
if( padlen > 0 && correct == 0 )
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad padding byte detected" ) );
#endif
padlen &= mbedtls_cf_size_mask( correct );
padlen &= mbedtls_ct_size_mask( correct );
}
else
#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \
@ -1555,7 +1555,7 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl,
const size_t max_len = rec->data_len + padlen;
const size_t min_len = ( max_len > 256 ) ? max_len - 256 : 0;
ret = mbedtls_cf_hmac( &transform->md_ctx_dec,
ret = mbedtls_ct_hmac( &transform->md_ctx_dec,
add_data, add_data_len,
data, rec->data_len, min_len, max_len,
mac_expect );
@ -1565,7 +1565,7 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl,
return( ret );
}
mbedtls_cf_memcpy_offset( mac_peer, data,
mbedtls_ct_memcpy_offset( mac_peer, data,
rec->data_len,
min_len, max_len,
transform->maclen );
@ -1583,7 +1583,7 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl,
MBEDTLS_SSL_DEBUG_BUF( 4, "message mac", mac_peer, transform->maclen );
#endif
if( mbedtls_cf_memcmp( mac_peer, mac_expect,
if( mbedtls_ct_memcmp( mac_peer, mac_expect,
transform->maclen ) != 0 )
{
#if defined(MBEDTLS_SSL_DEBUG_ALL)