Moved underflow test to better reflect time constant behaviour.

commit: c17cda1ab9c8b42bfa183830f0acdcbeabcd154c [log] [tgz]
author: Janos Follath <janos.follath@arm.com> Thu Feb 11 11:08:18 2016 +0000
committer: Janos Follath <janos.follath@arm.com> Thu Feb 11 11:08:18 2016 +0000
tree: f767fca1e52a4433ef5f72771dd932caae812933
parent: eae41bf340bdb280ad2c72db367811c664bf9ac6 [diff] [blame]
diff --git a/library/rsa.c b/library/rsa.c
index 881805e..34f9d8b 100644
--- a/library/rsa.c
+++ b/library/rsa.c

@@ -705,6 +705,12 @@
     if( md_info == NULL )
         return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
 
+    hlen = mbedtls_md_get_size( md_info );
+
+    // checking for integer underflow
+    if( 2 * hlen + 2 > ilen )
+        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+
     /*
      * RSA operation
      */
@@ -718,12 +724,6 @@
     /*
      * Unmask data and generate lHash
      */
-    hlen = mbedtls_md_get_size( md_info );
-
-    // checking for integer underflow
-    if( 2 * hlen + 2 > ilen )
-        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
-
     mbedtls_md_init( &md_ctx );
     mbedtls_md_setup( &md_ctx, md_info, 0 );
commit	c17cda1ab9c8b42bfa183830f0acdcbeabcd154c	[log] [tgz]
author	Janos Follath <janos.follath@arm.com>	Thu Feb 11 11:08:18 2016 +0000
committer	Janos Follath <janos.follath@arm.com>	Thu Feb 11 11:08:18 2016 +0000
tree	f767fca1e52a4433ef5f72771dd932caae812933
parent	eae41bf340bdb280ad2c72db367811c664bf9ac6 [diff] [blame]