From 232044742dd9176989b79f8969df167161fe5cc3 Mon Sep 17 00:00:00 2001 From: Sebastien ANDERT Date: Mon, 2 Sep 2024 10:17:07 +0200 Subject: [PATCH] fix: p11prov_tls_constant_time_depadding bug corrected Signed-off-by: Sebastien ANDERT --- src/asymmetric_cipher.c | 4 ++-- tests/tlsctx.c | 5 ++--- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/src/asymmetric_cipher.c b/src/asymmetric_cipher.c index 3256fd28..5655d185 100644 --- a/src/asymmetric_cipher.c +++ b/src/asymmetric_cipher.c @@ -271,7 +271,7 @@ p11prov_tls_constant_time_depadding(struct p11prov_rsaenc_ctx *encctx, return RET_OSSL_ERR; } - cond = constant_equal(*out_size, 2 + length); + cond = constant_equal(*out_size, length); ver_cond = constant_equal(buf[0], encctx->tls_padding.client_ver_major); ver_cond &= constant_equal(buf[1], encctx->tls_padding.client_ver_minor); @@ -286,7 +286,7 @@ p11prov_tls_constant_time_depadding(struct p11prov_rsaenc_ctx *encctx, } cond &= ver_cond; - constant_select_buf(cond, length, out, buf + 2, randbuf); + constant_select_buf(cond, length, out, buf, randbuf); *out_size = length; *ret_cond = cond; diff --git a/tests/tlsctx.c b/tests/tlsctx.c index 882d872d..374a6c80 100644 --- a/tests/tlsctx.c +++ b/tests/tlsctx.c @@ -14,7 +14,7 @@ static void test_pkcs1_with_tls_padding(void) EVP_PKEY_CTX *ctx; EVP_PKEY *prikey; EVP_PKEY *pubkey; - unsigned char plain[SSL_MAX_MASTER_KEY_LENGTH + 2] = { 0x03, 0x03, 0x01 }; + unsigned char plain[SSL_MAX_MASTER_KEY_LENGTH] = { 0x03, 0x03, 0x01 }; unsigned char enc[1024]; unsigned char dec[1024]; size_t enclen; @@ -97,8 +97,7 @@ static void test_pkcs1_with_tls_padding(void) EVP_PKEY_CTX_free(ctx); EVP_PKEY_free(prikey); - if ((declen != sizeof(plain) - 2) - || (memcmp(plain + 2, dec, declen) != 0)) { + if ((declen != sizeof(plain)) || (memcmp(plain, dec, declen) != 0)) { fprintf(stderr, "Fail, decrypted master secret differs from input\n"); ossl_err_print(); exit(EXIT_FAILURE);