Google Git
Sign in
boringssl/boringssl.git/2a389ace62b79c54415d0bcfbe3033360f1c9cf1^!/.
commit
2a389ace62b79c54415d0bcfbe3033360f1c9cf1
[log]
author
Brian Smith <brian@briansmith.org>
Mon Aug 08 12:29:23 2016 -1000
committer
CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
Tue Aug 09 19:10:18 2016 +0000
tree
761b51de494f0289457c24a697c9b222e527b25f
parent
8585701b2e2756cb08eacc658c05e31e39c55e38 [diff]
Clarify signed/unsigned math in RSA_padding_add_PKCS1_PSS_mgf1.

Use a separate |size_t| variable for all logic that happens after the
special casing of the negative values of the signed parameter, to
minimize the amount of mixed signed/unsigned math used.

Change-Id: I4aeb1ffce47f889f340f9583684910b0fb2ca7c7
Reviewed-on: https://boringssl-review.googlesource.com/9173
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

diff --git a/crypto/rsa/padding.c b/crypto/rsa/padding.c
index 2ab81e4..987349b 100644
--- a/crypto/rsa/padding.c
+++ b/crypto/rsa/padding.c

@@ -596,8 +596,7 @@
 int RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM,
                                    const unsigned char *mHash,
                                    const EVP_MD *Hash, const EVP_MD *mgf1Hash,
-                                   int sLen) {
-  int i;
+                                   int sLenRequested) {
   int ret = 0;
   size_t maskedDBLen, MSBits, emLen;
   size_t hLen;
@@ -628,20 +627,23 @@
     goto err;
   }
 
-  /* Negative sLen has special meanings:
+  /* Negative sLenRequested has special meanings:
    *   -1  sLen == hLen
    *   -2  salt length is maximized
    *   -N  reserved */
-  if (sLen == -1) {
+  size_t sLen;
+  if (sLenRequested == -1) {
     sLen = hLen;
-  } else if (sLen == -2) {
+  } else if (sLenRequested == -2) {
     sLen = emLen - hLen - 2;
-  } else if (sLen < -2) {
+  } else if (sLenRequested < 0) {
     OPENSSL_PUT_ERROR(RSA, RSA_R_SLEN_CHECK_FAILED);
     goto err;
+  } else {
+    sLen = (size_t)sLenRequested;
   }
 
-  if (emLen - hLen - 2 < (size_t)sLen) {
+  if (emLen - hLen - 2 < sLen) {
     OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
     goto err;
   }
@@ -685,7 +687,7 @@
   p += emLen - sLen - hLen - 2;
   *p++ ^= 0x1;
   if (sLen > 0) {
-    for (i = 0; i < sLen; i++) {
+    for (size_t i = 0; i < sLen; i++) {
       *p++ ^= salt[i];
     }
   }