53 lines
1.3 KiB
Diff
53 lines
1.3 KiB
Diff
From 9cc834d966ea5afc38fb829bfe498aed4c5d498d Mon Sep 17 00:00:00 2001
|
|
From: Patrick Steuer <patrick.steuer@de.ibm.com>
|
|
Date: Sat, 22 Feb 2020 01:20:09 +0100
|
|
Subject: [PATCH 013/217] AES CTR-DRGB: do not leak timing information
|
|
|
|
Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>
|
|
|
|
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
|
|
Reviewed-by: Paul Dale <paul.dale@oracle.com>
|
|
(Merged from https://github.com/openssl/openssl/pull/11147)
|
|
|
|
(cherry picked from commit 069165d10646a22000c596095cc04d43bbf1f807)
|
|
---
|
|
crypto/rand/drbg_ctr.c | 22 +++++++++-------------
|
|
1 file changed, 9 insertions(+), 13 deletions(-)
|
|
|
|
diff --git a/crypto/rand/drbg_ctr.c b/crypto/rand/drbg_ctr.c
|
|
index 93b82f3..f41484e 100644
|
|
--- a/crypto/rand/drbg_ctr.c
|
|
+++ b/crypto/rand/drbg_ctr.c
|
|
@@ -21,19 +21,15 @@
|
|
|
|
static void inc_128(RAND_DRBG_CTR *ctr)
|
|
{
|
|
- int i;
|
|
- unsigned char c;
|
|
- unsigned char *p = &ctr->V[15];
|
|
-
|
|
- for (i = 0; i < 16; i++, p--) {
|
|
- c = *p;
|
|
- c++;
|
|
- *p = c;
|
|
- if (c != 0) {
|
|
- /* If we didn't wrap around, we're done. */
|
|
- break;
|
|
- }
|
|
- }
|
|
+ unsigned char *p = &ctr->V[0];
|
|
+ u32 n = 16, c = 1;
|
|
+
|
|
+ do {
|
|
+ --n;
|
|
+ c += p[n];
|
|
+ p[n] = (u8)c;
|
|
+ c >>= 8;
|
|
+ } while (n);
|
|
}
|
|
|
|
static void ctr_XOR(RAND_DRBG_CTR *ctr, const unsigned char *in, size_t inlen)
|
|
--
|
|
1.8.3.1
|
|
|