Fix a typo in a comment

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2024-10-18 12:21:04 +00:00 · 2020-08-25 11:43:10 +02:00 · 2020-08-25 11:43:10 +02:00 · ab9ec32879
parent 46f49a8bbc
commit ab9ec32879
1 changed files with 8 additions and 26 deletions
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@ -1435,27 +1435,6 @@ static void ssl_mac( mbedtls_md_context_t *md_ctx,
 #define SSL_SOME_MODES_USE_MAC
 #endif

-/* The function below is only used in the Lucky 13 counter-measure in
- * ssl_decrypt_buf(). These are the defines that guard the call site. */
-#if defined(SSL_SOME_MODES_USE_MAC) && \
-    ( defined(MBEDTLS_SSL_PROTO_TLS1) || \
-      defined(MBEDTLS_SSL_PROTO_TLS1_1) || \
-      defined(MBEDTLS_SSL_PROTO_TLS1_2) )
-/* This function makes sure every byte in the memory region is accessed
- * (in ascending addresses order) */
-static void ssl_read_memory( const unsigned char *p, size_t len )
-{
-    unsigned char acc = 0;
-    volatile unsigned char force;
-
-    for( ; len != 0; p++, len-- )
-        acc ^= *p;
-
-    force = acc;
-    (void) force;
-}
-#endif /* SSL_SOME_MODES_USE_MAC && ( TLS1 || TLS1_1 || TLS1_2 ) */
-
 /*
 * Encryption/decryption functions
 */
@ -1935,7 +1914,7 @@ cleanup:
 /*
 * Constant-flow memcpy from variable position in buffer.
 * - functionally equivalent to memcpy(dst, src + offset_secret, len)
- * - but with execution flow independant from the value of offset_secret.
+ * - but with execution flow independent from the value of offset_secret.
 */
 void mbedtls_ssl_cf_memcpy_offset( unsigned char *dst,
                                   const unsigned char *src_base,
@ -1943,10 +1922,13 @@ void mbedtls_ssl_cf_memcpy_offset( unsigned char *dst,
                                   size_t offset_min, size_t offset_max,
                                   size_t len )
 {
-    /* WIP - THIS IS NOT ACTUALLY CONSTANT-FLOW!
-     * This is just to be able to write tests and check they work. */
-    ssl_read_memory( src_base + offset_min, offset_max - offset_min + len );
-    memcpy( dst, src_base + offset_secret, len );
+    size_t offset;
+
+    for( offset = offset_min; offset <= offset_max; offset++ )
+    {
+        mbedtls_ssl_cf_memcpy_if_eq( dst, src_base + offset, len,
+                                     offset, offset_secret );
+    }
 }
 #endif /* MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC */