From 438e4908f65c95d08109cb6edd44d4d5f51fc254 Mon Sep 17 00:00:00 2001 From: Sebastien ANDERT Date: Mon, 2 Sep 2024 10:17:07 +0200 Subject: [PATCH] fix: p11prov_tls_constant_time_depadding bug corrected --- src/asymmetric_cipher.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/asymmetric_cipher.c b/src/asymmetric_cipher.c index 3256fd28..5655d185 100644 --- a/src/asymmetric_cipher.c +++ b/src/asymmetric_cipher.c @@ -271,7 +271,7 @@ p11prov_tls_constant_time_depadding(struct p11prov_rsaenc_ctx *encctx, return RET_OSSL_ERR; } - cond = constant_equal(*out_size, 2 + length); + cond = constant_equal(*out_size, length); ver_cond = constant_equal(buf[0], encctx->tls_padding.client_ver_major); ver_cond &= constant_equal(buf[1], encctx->tls_padding.client_ver_minor); @@ -286,7 +286,7 @@ p11prov_tls_constant_time_depadding(struct p11prov_rsaenc_ctx *encctx, } cond &= ver_cond; - constant_select_buf(cond, length, out, buf + 2, randbuf); + constant_select_buf(cond, length, out, buf, randbuf); *out_size = length; *ret_cond = cond;