From 89ad62352dae7fede94bcfec3717e9c17c40be6b Mon Sep 17 00:00:00 2001 From: Przemek Stekiel Date: Tue, 27 Sep 2022 13:36:12 +0200 Subject: [PATCH] Fix guards for mbedtls_ct_size_mask() and mbedtls_ct_memcpy_if_eq() Both functions are used when MBEDTLS_SSL_SOME_SUITES_USE_MAC is defined not MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC. Signed-off-by: Przemek Stekiel --- library/constant_time.c | 8 ++++---- library/constant_time_internal.h | 4 ++-- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/library/constant_time.c b/library/constant_time.c index 8980701e57..01a6976d88 100644 --- a/library/constant_time.c +++ b/library/constant_time.c @@ -81,7 +81,7 @@ unsigned mbedtls_ct_uint_mask( unsigned value ) #endif } -#if defined(MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC) +#if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) size_t mbedtls_ct_size_mask( size_t value ) { @@ -97,7 +97,7 @@ size_t mbedtls_ct_size_mask( size_t value ) #endif } -#endif /* MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC */ +#endif /* MBEDTLS_SSL_SOME_SUITES_USE_MAC */ #if defined(MBEDTLS_BIGNUM_C) @@ -404,7 +404,7 @@ static void mbedtls_ct_mem_move_to_left( void *start, #endif /* MBEDTLS_PKCS1_V15 && MBEDTLS_RSA_C && ! MBEDTLS_RSA_ALT */ -#if defined(MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC) +#if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) void mbedtls_ct_memcpy_if_eq( unsigned char *dest, const unsigned char *src, @@ -654,7 +654,7 @@ cleanup: } #endif /* MBEDTLS_USE_PSA_CRYPTO */ -#endif /* MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC */ +#endif /* MBEDTLS_SSL_SOME_SUITES_USE_MAC */ #if defined(MBEDTLS_BIGNUM_C) diff --git a/library/constant_time_internal.h b/library/constant_time_internal.h index fc24ae59a5..340a5882d8 100644 --- a/library/constant_time_internal.h +++ b/library/constant_time_internal.h @@ -213,7 +213,7 @@ signed char mbedtls_ct_base64_dec_value( unsigned char c ); #endif /* MBEDTLS_BASE64_C */ -#if defined(MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC) +#if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) /** Conditional memcpy without branches. * @@ -321,7 +321,7 @@ int mbedtls_ct_hmac( mbedtls_md_context_t *ctx, unsigned char *output ); #endif /* MBEDTLS_USE_PSA_CRYPTO */ -#endif /* MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC */ +#endif /* MBEDTLS_SSL_SOME_SUITES_USE_MAC */ #if defined(MBEDTLS_PKCS1_V15) && defined(MBEDTLS_RSA_C) && !defined(MBEDTLS_RSA_ALT)