mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-30 03:04:21 +01:00
Rename and reorder function parameters
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
This commit is contained in:
parent
150bdee126
commit
91deea7765
@ -310,19 +310,19 @@ void mbedtls_cf_memcpy_if_eq( unsigned char *dest,
|
|||||||
dest[i] = ( src[i] & mask ) | ( dest[i] & ~mask );
|
dest[i] = ( src[i] & mask ) | ( dest[i] & ~mask );
|
||||||
}
|
}
|
||||||
|
|
||||||
void mbedtls_cf_memcpy_offset( unsigned char *dst,
|
void mbedtls_cf_memcpy_offset( unsigned char *dest,
|
||||||
const unsigned char *src_base,
|
const unsigned char *src,
|
||||||
size_t offset_secret,
|
size_t offset,
|
||||||
size_t offset_min,
|
size_t offset_min,
|
||||||
size_t offset_max,
|
size_t offset_max,
|
||||||
size_t len )
|
size_t len )
|
||||||
{
|
{
|
||||||
size_t offset;
|
size_t offsetval;
|
||||||
|
|
||||||
for( offset = offset_min; offset <= offset_max; offset++ )
|
for( offsetval = offset_min; offsetval <= offset_max; offsetval++ )
|
||||||
{
|
{
|
||||||
mbedtls_cf_memcpy_if_eq( dst, src_base + offset, len,
|
mbedtls_cf_memcpy_if_eq( dest, src + offsetval, len,
|
||||||
offset, offset_secret );
|
offsetval, offset );
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -564,11 +564,11 @@ int mbedtls_mpi_lt_mpi_ct( const mbedtls_mpi *X,
|
|||||||
#if defined(MBEDTLS_PKCS1_V15) && defined(MBEDTLS_RSA_C) && !defined(MBEDTLS_RSA_ALT)
|
#if defined(MBEDTLS_PKCS1_V15) && defined(MBEDTLS_RSA_C) && !defined(MBEDTLS_RSA_ALT)
|
||||||
|
|
||||||
int mbedtls_cf_rsaes_pkcs1_v15_unpadding( int mode,
|
int mbedtls_cf_rsaes_pkcs1_v15_unpadding( int mode,
|
||||||
|
unsigned char *input,
|
||||||
size_t ilen,
|
size_t ilen,
|
||||||
size_t *olen,
|
|
||||||
unsigned char *output,
|
unsigned char *output,
|
||||||
size_t output_max_len,
|
size_t output_max_len,
|
||||||
unsigned char *buf )
|
size_t *olen )
|
||||||
{
|
{
|
||||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||||
size_t i, plaintext_max_size;
|
size_t i, plaintext_max_size;
|
||||||
@ -594,19 +594,19 @@ int mbedtls_cf_rsaes_pkcs1_v15_unpadding( int mode,
|
|||||||
|
|
||||||
/* Check and get padding length in constant time and constant
|
/* Check and get padding length in constant time and constant
|
||||||
* memory trace. The first byte must be 0. */
|
* memory trace. The first byte must be 0. */
|
||||||
bad |= buf[0];
|
bad |= input[0];
|
||||||
|
|
||||||
if( mode == MBEDTLS_RSA_PRIVATE )
|
if( mode == MBEDTLS_RSA_PRIVATE )
|
||||||
{
|
{
|
||||||
/* Decode EME-PKCS1-v1_5 padding: 0x00 || 0x02 || PS || 0x00
|
/* Decode EME-PKCS1-v1_5 padding: 0x00 || 0x02 || PS || 0x00
|
||||||
* where PS must be at least 8 nonzero bytes. */
|
* where PS must be at least 8 nonzero bytes. */
|
||||||
bad |= buf[1] ^ MBEDTLS_RSA_CRYPT;
|
bad |= input[1] ^ MBEDTLS_RSA_CRYPT;
|
||||||
|
|
||||||
/* Read the whole buffer. Set pad_done to nonzero if we find
|
/* Read the whole buffer. Set pad_done to nonzero if we find
|
||||||
* the 0x00 byte and remember the padding length in pad_count. */
|
* the 0x00 byte and remember the padding length in pad_count. */
|
||||||
for( i = 2; i < ilen; i++ )
|
for( i = 2; i < ilen; i++ )
|
||||||
{
|
{
|
||||||
pad_done |= ((buf[i] | (unsigned char)-buf[i]) >> 7) ^ 1;
|
pad_done |= ((input[i] | (unsigned char)-input[i]) >> 7) ^ 1;
|
||||||
pad_count += ((pad_done | (unsigned char)-pad_done) >> 7) ^ 1;
|
pad_count += ((pad_done | (unsigned char)-pad_done) >> 7) ^ 1;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -614,16 +614,16 @@ int mbedtls_cf_rsaes_pkcs1_v15_unpadding( int mode,
|
|||||||
{
|
{
|
||||||
/* Decode EMSA-PKCS1-v1_5 padding: 0x00 || 0x01 || PS || 0x00
|
/* Decode EMSA-PKCS1-v1_5 padding: 0x00 || 0x01 || PS || 0x00
|
||||||
* where PS must be at least 8 bytes with the value 0xFF. */
|
* where PS must be at least 8 bytes with the value 0xFF. */
|
||||||
bad |= buf[1] ^ MBEDTLS_RSA_SIGN;
|
bad |= input[1] ^ MBEDTLS_RSA_SIGN;
|
||||||
|
|
||||||
/* Read the whole buffer. Set pad_done to nonzero if we find
|
/* Read the whole buffer. Set pad_done to nonzero if we find
|
||||||
* the 0x00 byte and remember the padding length in pad_count.
|
* the 0x00 byte and remember the padding length in pad_count.
|
||||||
* If there's a non-0xff byte in the padding, the padding is bad. */
|
* If there's a non-0xff byte in the padding, the padding is bad. */
|
||||||
for( i = 2; i < ilen; i++ )
|
for( i = 2; i < ilen; i++ )
|
||||||
{
|
{
|
||||||
pad_done |= mbedtls_cf_uint_if( buf[i], 0, 1 );
|
pad_done |= mbedtls_cf_uint_if( input[i], 0, 1 );
|
||||||
pad_count += mbedtls_cf_uint_if( pad_done, 0, 1 );
|
pad_count += mbedtls_cf_uint_if( pad_done, 0, 1 );
|
||||||
bad |= mbedtls_cf_uint_if( pad_done, 0, buf[i] ^ 0xFF );
|
bad |= mbedtls_cf_uint_if( pad_done, 0, input[i] ^ 0xFF );
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -668,7 +668,7 @@ int mbedtls_cf_rsaes_pkcs1_v15_unpadding( int mode,
|
|||||||
* through memory or cache access patterns. */
|
* through memory or cache access patterns. */
|
||||||
bad = mbedtls_cf_uint_mask( bad | output_too_large );
|
bad = mbedtls_cf_uint_mask( bad | output_too_large );
|
||||||
for( i = 11; i < ilen; i++ )
|
for( i = 11; i < ilen; i++ )
|
||||||
buf[i] &= ~bad;
|
input[i] &= ~bad;
|
||||||
|
|
||||||
/* If the plaintext is too large, truncate it to the buffer size.
|
/* If the plaintext is too large, truncate it to the buffer size.
|
||||||
* Copy anyway to avoid revealing the length through timing, because
|
* Copy anyway to avoid revealing the length through timing, because
|
||||||
@ -684,7 +684,7 @@ int mbedtls_cf_rsaes_pkcs1_v15_unpadding( int mode,
|
|||||||
* does not depend on the plaintext size. After this move, the
|
* does not depend on the plaintext size. After this move, the
|
||||||
* starting location of the plaintext is no longer sensitive
|
* starting location of the plaintext is no longer sensitive
|
||||||
* information. */
|
* information. */
|
||||||
mbedtls_cf_mem_move_to_left( buf + ilen - plaintext_max_size,
|
mbedtls_cf_mem_move_to_left( input + ilen - plaintext_max_size,
|
||||||
plaintext_max_size,
|
plaintext_max_size,
|
||||||
plaintext_max_size - plaintext_size );
|
plaintext_max_size - plaintext_size );
|
||||||
|
|
||||||
@ -696,7 +696,7 @@ int mbedtls_cf_rsaes_pkcs1_v15_unpadding( int mode,
|
|||||||
* length, validity of padding, success of the decryption, and other
|
* length, validity of padding, success of the decryption, and other
|
||||||
* secrets. */
|
* secrets. */
|
||||||
if( output_max_len != 0 )
|
if( output_max_len != 0 )
|
||||||
memcpy( output, buf + ilen - plaintext_max_size, plaintext_max_size );
|
memcpy( output, input + ilen - plaintext_max_size, plaintext_max_size );
|
||||||
|
|
||||||
/* Report the amount of data we copied to the output buffer. In case
|
/* Report the amount of data we copied to the output buffer. In case
|
||||||
* of errors (bad padding or output too large), the value of *olen
|
* of errors (bad padding or output too large), the value of *olen
|
||||||
|
@ -263,21 +263,21 @@ void mbedtls_cf_memcpy_if_eq( unsigned char *dest,
|
|||||||
* offset_secret, but only on \p offset_min, \p offset_max and \p len.
|
* offset_secret, but only on \p offset_min, \p offset_max and \p len.
|
||||||
* Functionally equivalent to memcpy(dst, src + offset_secret, len).
|
* Functionally equivalent to memcpy(dst, src + offset_secret, len).
|
||||||
*
|
*
|
||||||
* \param dst The destination buffer. This must point to a writable
|
* \param dest The destination buffer. This must point to a writable
|
||||||
* buffer of at least \p len bytes.
|
* buffer of at least \p len bytes.
|
||||||
* \param src_base The base of the source buffer. This must point to a
|
* \param src The base of the source buffer. This must point to a
|
||||||
* readable buffer of at least \p offset_max + \p len
|
* readable buffer of at least \p offset_max + \p len
|
||||||
* bytes.
|
* bytes. Shouldn't overlap with \p dest.
|
||||||
* \param offset_secret The offset in the source buffer from which to copy.
|
* \param offset The offset in the source buffer from which to copy.
|
||||||
* This must be no less than \p offset_min and no greater
|
* This must be no less than \p offset_min and no greater
|
||||||
* than \p offset_max.
|
* than \p offset_max.
|
||||||
* \param offset_min The minimal value of \p offset_secret.
|
* \param offset_min The minimal value of \p offset.
|
||||||
* \param offset_max The maximal value of \p offset_secret.
|
* \param offset_max The maximal value of \p offset.
|
||||||
* \param len The number of bytes to copy.
|
* \param len The number of bytes to copy.
|
||||||
*/
|
*/
|
||||||
void mbedtls_cf_memcpy_offset( unsigned char *dst,
|
void mbedtls_cf_memcpy_offset( unsigned char *dest,
|
||||||
const unsigned char *src_base,
|
const unsigned char *src,
|
||||||
size_t offset_secret,
|
size_t offset,
|
||||||
size_t offset_min,
|
size_t offset_min,
|
||||||
size_t offset_max,
|
size_t offset_max,
|
||||||
size_t len );
|
size_t len );
|
||||||
@ -342,22 +342,22 @@ int mbedtls_cf_hmac( mbedtls_md_context_t *ctx,
|
|||||||
*
|
*
|
||||||
* \param mode The mode of operation. This must be either
|
* \param mode The mode of operation. This must be either
|
||||||
* #MBEDTLS_RSA_PRIVATE or #MBEDTLS_RSA_PUBLIC (deprecated).
|
* #MBEDTLS_RSA_PRIVATE or #MBEDTLS_RSA_PUBLIC (deprecated).
|
||||||
|
* \param input The input buffer for the unpadding operation.
|
||||||
* \param ilen The length of the ciphertext.
|
* \param ilen The length of the ciphertext.
|
||||||
* \param olen The address at which to store the length of
|
|
||||||
* the plaintext. This must not be \c NULL.
|
|
||||||
* \param output The buffer used to hold the plaintext. This must
|
* \param output The buffer used to hold the plaintext. This must
|
||||||
* be a writable buffer of length \p output_max_len Bytes.
|
* be a writable buffer of length \p output_max_len Bytes.
|
||||||
* \param output_max_len The length in Bytes of the output buffer \p output.
|
* \param output_max_len The length in Bytes of the output buffer \p output.
|
||||||
* \param buf The input buffer for the unpadding operation.
|
* \param olen The address at which to store the length of
|
||||||
|
* the plaintext. This must not be \c NULL.
|
||||||
*
|
*
|
||||||
* \return \c 0 on success.
|
* \return \c 0 on success.
|
||||||
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
|
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
|
||||||
*/
|
*/
|
||||||
int mbedtls_cf_rsaes_pkcs1_v15_unpadding( int mode,
|
int mbedtls_cf_rsaes_pkcs1_v15_unpadding( int mode,
|
||||||
|
unsigned char *input,
|
||||||
size_t ilen,
|
size_t ilen,
|
||||||
size_t *olen,
|
|
||||||
unsigned char *output,
|
unsigned char *output,
|
||||||
size_t output_max_len,
|
size_t output_max_len,
|
||||||
unsigned char *buf );
|
size_t *olen );
|
||||||
|
|
||||||
#endif /* MBEDTLS_PKCS1_V15 && MBEDTLS_RSA_C && ! MBEDTLS_RSA_ALT */
|
#endif /* MBEDTLS_PKCS1_V15 && MBEDTLS_RSA_C && ! MBEDTLS_RSA_ALT */
|
||||||
|
@ -1517,9 +1517,8 @@ int mbedtls_rsa_rsaes_pkcs1_v15_decrypt( mbedtls_rsa_context *ctx,
|
|||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
goto cleanup;
|
goto cleanup;
|
||||||
|
|
||||||
ret = mbedtls_cf_rsaes_pkcs1_v15_unpadding( mode, ilen, olen, output,
|
ret = mbedtls_cf_rsaes_pkcs1_v15_unpadding( mode, buf, ilen,
|
||||||
output_max_len,
|
output, output_max_len, olen );
|
||||||
(unsigned char *) &buf );
|
|
||||||
|
|
||||||
cleanup:
|
cleanup:
|
||||||
mbedtls_platform_zeroize( buf, sizeof( buf ) );
|
mbedtls_platform_zeroize( buf, sizeof( buf ) );
|
||||||
|
Loading…
Reference in New Issue
Block a user