From 1924adbf99473fc04bd2dc6273b80259d520b078 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 20 Sep 2023 17:22:00 +0100 Subject: [PATCH] Fix macro guards for mbedtls_ct_size_mask Signed-off-by: Dave Rodgman --- library/constant_time.c | 10 ++++++---- library/constant_time_internal.h | 10 ++++++---- 2 files changed, 12 insertions(+), 8 deletions(-) diff --git a/library/constant_time.c b/library/constant_time.c index 2a9f67426..2307ed53b 100644 --- a/library/constant_time.c +++ b/library/constant_time.c @@ -80,7 +80,8 @@ unsigned mbedtls_ct_uint_mask(unsigned value) #endif } -#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) +#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) || defined(MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC) || \ + defined(MBEDTLS_NIST_KW_C) || defined(MBEDTLS_CIPHER_MODE_CBC) size_t mbedtls_ct_size_mask(size_t value) { @@ -96,7 +97,8 @@ size_t mbedtls_ct_size_mask(size_t value) #endif } -#endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */ +#endif /* defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) || defined(MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC) || + defined(MBEDTLS_NIST_KW_C) || defined(MBEDTLS_CIPHER_MODE_CBC) */ #if defined(MBEDTLS_BIGNUM_C) @@ -117,7 +119,7 @@ mbedtls_mpi_uint mbedtls_ct_mpi_uint_mask(mbedtls_mpi_uint value) #endif /* MBEDTLS_BIGNUM_C */ #if defined(MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC) || defined(MBEDTLS_NIST_KW_C) || \ - defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) + defined(MBEDTLS_CIPHER_MODE_CBC) /** Constant-flow mask generation for "less than" comparison: * - if \p x < \p y, return all-bits 1, that is (size_t) -1 @@ -153,7 +155,7 @@ size_t mbedtls_ct_size_mask_ge(size_t x, } #endif /* defined(MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC) || defined(MBEDTLS_NIST_KW_C) || - defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) */ + defined(MBEDTLS_CIPHER_MODE_CBC) */ #if defined(MBEDTLS_BASE64_C) diff --git a/library/constant_time_internal.h b/library/constant_time_internal.h index 9d93733bc..5b6223d65 100644 --- a/library/constant_time_internal.h +++ b/library/constant_time_internal.h @@ -45,7 +45,8 @@ */ unsigned mbedtls_ct_uint_mask(unsigned value); -#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) +#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) || defined(MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC) || \ + defined(MBEDTLS_NIST_KW_C) || defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) /** Turn a value into a mask: * - if \p value == 0, return the all-bits 0 mask, aka 0 @@ -60,7 +61,8 @@ unsigned mbedtls_ct_uint_mask(unsigned value); */ size_t mbedtls_ct_size_mask(size_t value); -#endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */ +#endif /* defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) || defined(MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC) || + defined(MBEDTLS_NIST_KW_C) || defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) */ #if defined(MBEDTLS_BIGNUM_C) @@ -80,7 +82,7 @@ mbedtls_mpi_uint mbedtls_ct_mpi_uint_mask(mbedtls_mpi_uint value); #endif /* MBEDTLS_BIGNUM_C */ #if defined(MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC) || defined(MBEDTLS_NIST_KW_C) || \ - defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) + defined(MBEDTLS_CIPHER_MODE_CBC) /** Constant-flow mask generation for "greater or equal" comparison: * - if \p x >= \p y, return all-bits 1, that is (size_t) -1 @@ -99,7 +101,7 @@ size_t mbedtls_ct_size_mask_ge(size_t x, size_t y); #endif /* defined(MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC) || defined(MBEDTLS_NIST_KW_C) || - defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) */ + defined(MBEDTLS_CIPHER_MODE_CBC) */ /** Constant-flow boolean "equal" comparison: * return x == y