Rename and reorder function parameters
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
diff --git a/library/constant_time.c b/library/constant_time.c
index 2d9e91d..db4bdb3 100644
--- a/library/constant_time.c
+++ b/library/constant_time.c
@@ -310,19 +310,19 @@
dest[i] = ( src[i] & mask ) | ( dest[i] & ~mask );
}
-void mbedtls_cf_memcpy_offset( unsigned char *dst,
- const unsigned char *src_base,
- size_t offset_secret,
+void mbedtls_cf_memcpy_offset( unsigned char *dest,
+ const unsigned char *src,
+ size_t offset,
size_t offset_min,
size_t offset_max,
size_t len )
{
- size_t offset;
+ size_t offsetval;
- for( offset = offset_min; offset <= offset_max; offset++ )
+ for( offsetval = offset_min; offsetval <= offset_max; offsetval++ )
{
- mbedtls_cf_memcpy_if_eq( dst, src_base + offset, len,
- offset, offset_secret );
+ mbedtls_cf_memcpy_if_eq( dest, src + offsetval, len,
+ offsetval, offset );
}
}
@@ -563,11 +563,11 @@
#if defined(MBEDTLS_PKCS1_V15) && defined(MBEDTLS_RSA_C) && !defined(MBEDTLS_RSA_ALT)
-int mbedtls_cf_rsaes_pkcs1_v15_unpadding( size_t ilen,
- size_t *olen,
+int mbedtls_cf_rsaes_pkcs1_v15_unpadding( unsigned char *input,
+ size_t ilen,
unsigned char *output,
size_t output_max_len,
- unsigned char *buf )
+ size_t *olen )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
size_t i, plaintext_max_size;
@@ -593,18 +593,18 @@
/* Check and get padding length in constant time and constant
* memory trace. The first byte must be 0. */
- bad |= buf[0];
+ bad |= input[0];
/* Decode EME-PKCS1-v1_5 padding: 0x00 || 0x02 || PS || 0x00
- * where PS must be at least 8 nonzero bytes. */
- bad |= buf[1] ^ MBEDTLS_RSA_CRYPT;
+ * where PS must be at least 8 nonzero bytes. */
+ bad |= input[1] ^ MBEDTLS_RSA_CRYPT;
/* Read the whole buffer. Set pad_done to nonzero if we find
- * the 0x00 byte and remember the padding length in pad_count. */
+ * the 0x00 byte and remember the padding length in pad_count. */
for( i = 2; i < ilen; i++ )
{
- pad_done |= ((buf[i] | (unsigned char)-buf[i]) >> 7) ^ 1;
+ pad_done |= ((input[i] | (unsigned char)-input[i]) >> 7) ^ 1;
pad_count += ((pad_done | (unsigned char)-pad_done) >> 7) ^ 1;
}
@@ -650,7 +650,7 @@
* through memory or cache access patterns. */
bad = mbedtls_cf_uint_mask( bad | output_too_large );
for( i = 11; i < ilen; i++ )
- buf[i] &= ~bad;
+ input[i] &= ~bad;
/* If the plaintext is too large, truncate it to the buffer size.
* Copy anyway to avoid revealing the length through timing, because
@@ -666,7 +666,7 @@
* does not depend on the plaintext size. After this move, the
* starting location of the plaintext is no longer sensitive
* information. */
- mbedtls_cf_mem_move_to_left( buf + ilen - plaintext_max_size,
+ mbedtls_cf_mem_move_to_left( input + ilen - plaintext_max_size,
plaintext_max_size,
plaintext_max_size - plaintext_size );
@@ -678,7 +678,7 @@
* length, validity of padding, success of the decryption, and other
* secrets. */
if( output_max_len != 0 )
- memcpy( output, buf + ilen - plaintext_max_size, plaintext_max_size );
+ memcpy( output, input + ilen - plaintext_max_size, plaintext_max_size );
/* Report the amount of data we copied to the output buffer. In case
* of errors (bad padding or output too large), the value of *olen
diff --git a/library/constant_time.h b/library/constant_time.h
index 4810c92..9e101ff 100644
--- a/library/constant_time.h
+++ b/library/constant_time.h
@@ -263,21 +263,21 @@
* offset_secret, but only on \p offset_min, \p offset_max and \p len.
* Functionally equivalent to memcpy(dst, src + offset_secret, len).
*
- * \param dst The destination buffer. This must point to a writable
+ * \param dest The destination buffer. This must point to a writable
* buffer of at least \p len bytes.
- * \param src_base The base of the source buffer. This must point to a
+ * \param src The base of the source buffer. This must point to a
* readable buffer of at least \p offset_max + \p len
- * bytes.
- * \param offset_secret The offset in the source buffer from which to copy.
+ * bytes. Shouldn't overlap with \p dest.
+ * \param offset The offset in the source buffer from which to copy.
* This must be no less than \p offset_min and no greater
* than \p offset_max.
- * \param offset_min The minimal value of \p offset_secret.
- * \param offset_max The maximal value of \p offset_secret.
+ * \param offset_min The minimal value of \p offset.
+ * \param offset_max The maximal value of \p offset.
* \param len The number of bytes to copy.
*/
-void mbedtls_cf_memcpy_offset( unsigned char *dst,
- const unsigned char *src_base,
- size_t offset_secret,
+void mbedtls_cf_memcpy_offset( unsigned char *dest,
+ const unsigned char *src,
+ size_t offset,
size_t offset_min,
size_t offset_max,
size_t len );
@@ -340,21 +340,21 @@
* hold the decryption of the particular ciphertext provided,
* the function returns #MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE.
*
+ * \param input The input buffer for the unpadding operation.
* \param ilen The length of the ciphertext.
- * \param olen The address at which to store the length of
- * the plaintext. This must not be \c NULL.
* \param output The buffer used to hold the plaintext. This must
* be a writable buffer of length \p output_max_len Bytes.
* \param output_max_len The length in Bytes of the output buffer \p output.
- * \param buf The input buffer for the unpadding operation.
+ * \param olen The address at which to store the length of
+ * the plaintext. This must not be \c NULL.
*
* \return \c 0 on success.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/
-int mbedtls_cf_rsaes_pkcs1_v15_unpadding( size_t ilen,
- size_t *olen,
+int mbedtls_cf_rsaes_pkcs1_v15_unpadding( unsigned char *input,
+ size_t ilen,
unsigned char *output,
size_t output_max_len,
- unsigned char *buf );
+ size_t *olen );
#endif /* MBEDTLS_PKCS1_V15 && MBEDTLS_RSA_C && ! MBEDTLS_RSA_ALT */
diff --git a/library/rsa.c b/library/rsa.c
index edc8ecc..6ac974a 100644
--- a/library/rsa.c
+++ b/library/rsa.c
@@ -1491,9 +1491,8 @@
if( ret != 0 )
goto cleanup;
- ret = mbedtls_cf_rsaes_pkcs1_v15_unpadding( ilen, olen, output,
- output_max_len,
- (unsigned char *) &buf );
+ ret = mbedtls_cf_rsaes_pkcs1_v15_unpadding( buf, ilen,
+ output, output_max_len, olen );
cleanup:
mbedtls_platform_zeroize( buf, sizeof( buf ) );