Use mbedtls_ct_error_if

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2025-08-05 19:35:48 +03:00 · 2023-09-22 09:52:15 +01:00
parent fbe74a9e51
commit d03f483dbe
3 changed files with 8 additions and 10 deletions
--- a/library/rsa.c
+++ b/library/rsa.c
@@ -158,12 +158,10 @@ static int mbedtls_ct_rsaes_pkcs1_v15_unpadding(unsigned char *input,
     * - OUTPUT_TOO_LARGE if the padding is good but the decrypted
     *   plaintext does not fit in the output buffer.
     * - 0 if the padding is correct. */
-    ret = -(int) mbedtls_ct_uint_if(
+    ret = mbedtls_ct_error_if(
        bad,
-        (unsigned) (-(MBEDTLS_ERR_RSA_INVALID_PADDING)),
-        mbedtls_ct_uint_if_else_0(
-            output_too_large,
-            (unsigned) (-(MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE)))
+        MBEDTLS_ERR_RSA_INVALID_PADDING,
+        mbedtls_ct_error_if_else_0(output_too_large, MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE)
        );

    /* If the padding is bad or the plaintext is too large, zero the