diff options
author | Patrick Steuer <patrick.steuer@de.ibm.com> | 2020-02-22 01:20:09 +0100 |
---|---|---|
committer | Pauli <paul.dale@oracle.com> | 2020-04-08 10:58:07 +1000 |
commit | 9cc834d966ea5afc38fb829bfe498aed4c5d498d (patch) | |
tree | f6c75fe3fc2b9c3a0b81288cac5c1662e2132c59 /crypto | |
parent | 163897267fab6d29dff1a4bf8247f8e02e158be8 (diff) |
AES CTR-DRGB: do not leak timing information
Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11147)
(cherry picked from commit 069165d10646a22000c596095cc04d43bbf1f807)
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/rand/drbg_ctr.c | 22 |
1 files changed, 9 insertions, 13 deletions
diff --git a/crypto/rand/drbg_ctr.c b/crypto/rand/drbg_ctr.c index 93b82f34ce..f41484e9d5 100644 --- a/crypto/rand/drbg_ctr.c +++ b/crypto/rand/drbg_ctr.c @@ -21,19 +21,15 @@ static void inc_128(RAND_DRBG_CTR *ctr) { - int i; - unsigned char c; - unsigned char *p = &ctr->V[15]; - - for (i = 0; i < 16; i++, p--) { - c = *p; - c++; - *p = c; - if (c != 0) { - /* If we didn't wrap around, we're done. */ - break; - } - } + unsigned char *p = &ctr->V[0]; + u32 n = 16, c = 1; + + do { + --n; + c += p[n]; + p[n] = (u8)c; + c >>= 8; + } while (n); } static void ctr_XOR(RAND_DRBG_CTR *ctr, const unsigned char *in, size_t inlen) |