"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "pkcs1-sec-decrypt.c" between
nettle-3.7.2.tar.gz and nettle-3.7.3.tar.gz

About: Nettle is a low-level cryptographic library.

pkcs1-sec-decrypt.c  (nettle-3.7.2):pkcs1-sec-decrypt.c  (nettle-3.7.3)
skipping to change at line 66 skipping to change at line 66
(1U - (((uint32_t)(a) - (uint32_t)(b)) >> 31)) (1U - (((uint32_t)(a) - (uint32_t)(b)) >> 31))
int int
_pkcs1_sec_decrypt (size_t length, uint8_t *message, _pkcs1_sec_decrypt (size_t length, uint8_t *message,
size_t padded_message_length, size_t padded_message_length,
const volatile uint8_t *padded_message) const volatile uint8_t *padded_message)
{ {
volatile int ok; volatile int ok;
size_t i, t; size_t i, t;
assert (padded_message_length >= length); /* Message independent branch */
if (length + 11 > padded_message_length)
return 0;
t = padded_message_length - length - 1; t = padded_message_length - length - 1;
/* Check format, padding, message_size */ /* Check format, padding, message_size */
ok = EQUAL(padded_message[0], 0); /* ok if padded_message[0] == 0 */ ok = EQUAL(padded_message[0], 0); /* ok if padded_message[0] == 0 */
ok &= EQUAL(padded_message[1], 2); /* ok if padded_message[1] == 2 */ ok &= EQUAL(padded_message[1], 2); /* ok if padded_message[1] == 2 */
for (i = 2; i < t; i++) /* check padding has no zeros */ for (i = 2; i < t; i++) /* check padding has no zeros */
{ {
ok &= NOT_EQUAL(padded_message[i], 0); ok &= NOT_EQUAL(padded_message[i], 0);
} }
skipping to change at line 102 skipping to change at line 104
volatile size_t offset; volatile size_t offset;
size_t buflen, msglen; size_t buflen, msglen;
size_t shift, i; size_t shift, i;
/* Check format, padding, message_size */ /* Check format, padding, message_size */
ok = EQUAL(padded_message[0], 0); ok = EQUAL(padded_message[0], 0);
ok &= EQUAL(padded_message[1], 2); ok &= EQUAL(padded_message[1], 2);
/* length is discovered in a side-channel silent way. /* length is discovered in a side-channel silent way.
* not_found goes to 0 when the terminator is found. * not_found goes to 0 when the terminator is found.
* offset strts at 3 as it includes the terminator and * offset starts at 3 as it includes the terminator and
* the fomat bytes already */ * the format bytes already */
offset = 3; offset = 3;
for (i = 2; i < padded_message_length; i++) for (i = 2; i < padded_message_length; i++)
{ {
not_found &= NOT_EQUAL(padded_message[i], 0); not_found &= NOT_EQUAL(padded_message[i], 0);
offset += not_found; offset += not_found;
} }
/* check if we ran out of buffer */ /* check if we ran out of buffer */
ok &= NOT_EQUAL(not_found, 1); ok &= NOT_EQUAL(not_found, 1);
/* padding must be >= 11 (2 format bytes + 8 pad bytes min. + terminator) */ /* padding must be >= 11 (2 format bytes + 8 pad bytes min. + terminator) */
ok &= GREATER_OR_EQUAL(offset, 11); ok &= GREATER_OR_EQUAL(offset, 11);
 End of changes. 2 change blocks. 
3 lines changed or deleted 5 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)