Put |sLen| logic in one place in RSA_padding_add_PKCS1_PSS_mgf1.

This makes it easier to understand the |sLen|-related logic. Change-Id: I98da4f4f7c82d5481544940407e6cc6a963f7e5b Reviewed-on: https://boringssl-review.googlesource.com/9171 CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> Reviewed-by: David Benjamin <davidben@google.com> Commit-Queue: David Benjamin <davidben@google.com>
2016-08-08 12:18:10 -10:00 · 2016-08-08 12:18:10 -10:00 · 783eaad039
commit 783eaad039
parent e7e36aae25
1 changed files with 11 additions and 14 deletions
--- a/crypto/rsa/padding.c
+++ b/crypto/rsa/padding.c
@ -610,19 +610,6 @@ int RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM,

  hLen = EVP_MD_size(Hash);

-  /* Negative sLen has special meanings:
-   *	-1	sLen == hLen
-   *	-2	salt length is maximized
-   *	-N	reserved */
-  if (sLen == -1) {
-    sLen = hLen;
-  } else if (sLen == -2) {
-    sLen = -2;
-  } else if (sLen < -2) {
-    OPENSSL_PUT_ERROR(RSA, RSA_R_SLEN_CHECK_FAILED);
-    goto err;
-  }
-
  if (BN_is_zero(rsa->n)) {
    OPENSSL_PUT_ERROR(RSA, RSA_R_EMPTY_PUBLIC_KEY);
    goto err;
@ -635,12 +622,22 @@ int RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM,
    *EM++ = 0;
    emLen--;
  }
-  if (sLen == -2) {
+
+  /* Negative sLen has special meanings:
+   *   -1  sLen == hLen
+   *   -2  salt length is maximized
+   *   -N  reserved */
+  if (sLen == -1) {
+    sLen = hLen;
+  } else if (sLen == -2) {
    if (emLen < hLen + 2) {
      OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
      goto err;
    }
    sLen = emLen - hLen - 2;
+  } else if (sLen < -2) {
+    OPENSSL_PUT_ERROR(RSA, RSA_R_SLEN_CHECK_FAILED);
+    goto err;
  } else if (emLen < hLen + sLen + 2) {
    OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
    goto err;