#include <mLib/bits.h>
#include <mLib/dstr.h>
+#include "ct.h"
#include "grand.h"
#include "rsa.h"
* in PKCS#1 v. 2.0 (RFC2437).
*/
-static int memeq(const void *xx, const void *yy, size_t sz)
-{
- int eq = 1;
- const octet *x = xx, *y = yy;
- while (sz) { /* Always check every byte */
- if (*x++ != *y++) eq = 0;
- sz--;
- }
- return (eq);
-}
-
int pkcs1_cryptdecode(mp *m, octet *b, size_t sz,
unsigned long nbits, void *p)
{
pkcs1 *pp = p;
const octet *q, *qq;
size_t n, i;
- int bad = 0;
+ uint32 goodp = 1;
/* --- Check the size of the block looks sane --- */
/* --- Ensure that the block looks OK --- */
- bad |= (*q++ != 0x00 || *q++ != 0x02);
+ goodp &= ct_inteq(*q++, 0);
+ goodp &= ct_inteq(*q++, 2);
/* --- Check the nonzero padding --- */
i = 0;
while (*q != 0 && q < qq)
i++, q++;
- bad |= (i < 8 || qq - q < pp->epsz + 1);
+ goodp &= ct_intle(8, i);
+ goodp &= ~ct_intle(qq - q, pp->epsz + 1);
q++;
/* --- Check the encoding parameters --- */
- bad |= (pp->ep && !memeq(bad ? b : q, pp->ep, pp->epsz));
+ if (pp->ep)
+ goodp &= ct_memeq(b + ct_pick(goodp, 0, q - b), pp->ep, pp->epsz);
q += pp->epsz;
/* --- Done --- */
n = qq - q;
- memmove(b, bad ? b + 1 : q, n);
- return (bad ? -1 : n);
+ memmove(b, b + ct_pick(goodp, 1, q - b), n);
+ return (goodp ? n : -1);
}
/* --- @pkcs1_sigencode@ --- *
projects / u / mdw / catacomb / blobdiff