CT fix for get_zeros_padding Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>

commit: c1a17f5458d283aea82aef5f5e2353bc37eed060 [log] [tgz]
author: Dave Rodgman <dave.rodgman@arm.com> Wed Sep 20 14:54:29 2023 +0100
committer: Dave Rodgman <dave.rodgman@arm.com> Wed Sep 20 15:14:28 2023 +0100
tree: d2bcd0878b63504caa6c5b9dddfbe89fc9d92a6b
parent: 51773aa68b497d7f3411e8370803927b4e997b3b [diff] [blame]
diff --git a/library/cipher.c b/library/cipher.c
index 6853fb8..5470dcf 100644
--- a/library/cipher.c
+++ b/library/cipher.c

@@ -879,7 +879,8 @@
     for (i = input_len; i > 0; i--) {
         prev_done = done;
         done |= (input[i-1] != 0);
-        *data_len |= i * (done != prev_done);
+        size_t mask = mbedtls_ct_size_mask(done ^ prev_done);
+        *data_len |= i & mask;
     }
 
     return 0;
commit	c1a17f5458d283aea82aef5f5e2353bc37eed060	[log] [tgz]
author	Dave Rodgman <dave.rodgman@arm.com>	Wed Sep 20 14:54:29 2023 +0100
committer	Dave Rodgman <dave.rodgman@arm.com>	Wed Sep 20 15:14:28 2023 +0100
tree	d2bcd0878b63504caa6c5b9dddfbe89fc9d92a6b
parent	51773aa68b497d7f3411e8370803927b4e997b3b [diff] [blame]