Remove local variable bytes_written

Remove the local variable `bytes_written` that is used only to determine how much to zeroize on failure. Instead use `output - out`. Except in the xts, where `output` doesn't point to the end of the buffer at the end of the operation.
Mbed-TLS · Jan 10, 2019 · caa2b03 · caa2b03
1 parent 03036aa
commit caa2b03
Showing 1 changed file with 4 additions and 13 deletions.
diff --git a/library/aes.c b/library/aes.c
@@ -1305,7 +1305,6 @@ int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx,
 {
     int c, ret = 0;
     size_t n;
-    size_t bytes_written = 0;
     unsigned char* out = output;
 
     AES_VALIDATE_RET( ctx != NULL );
@@ -1334,7 +1333,6 @@ int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx,
 
             c = *input++;
             *output++ = (unsigned char)( c ^ iv[n] );
-            bytes_written++;
             iv[n] = (unsigned char) c;
 
             n = ( n + 1 ) & 0x0F;
@@ -1352,7 +1350,6 @@ int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx,
             }
 
             iv[n] = *output++ = (unsigned char)( iv[n] ^ *input++ );
-            bytes_written++;
 
             n = ( n + 1 ) & 0x0F;
         }
@@ -1362,7 +1359,7 @@ int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx,
 
 end:
     if( ret != 0 )
-        mbedtls_platform_zeroize( out, bytes_written );
+        mbedtls_platform_zeroize( out, output - out );
     return( ret );
 }
 
@@ -1379,7 +1376,6 @@ int mbedtls_aes_crypt_cfb8( mbedtls_aes_context *ctx,
     unsigned char c;
     unsigned char ov[17];
     int ret = 0;
-    size_t bytes_written = 0;
     unsigned char *out = output;
 
     AES_VALIDATE_RET( ctx != NULL );
@@ -1399,7 +1395,6 @@ int mbedtls_aes_crypt_cfb8( mbedtls_aes_context *ctx,
             ov[16] = *input;
 
         c = *output++ = (unsigned char)( iv[0] ^ *input++ );
-        bytes_written++;
 
         if( mode == MBEDTLS_AES_ENCRYPT )
             ov[16] = c;
@@ -1408,7 +1403,7 @@ int mbedtls_aes_crypt_cfb8( mbedtls_aes_context *ctx,
     }
 end:
     if( ret != 0 )
-        mbedtls_platform_zeroize( out, bytes_written );
+        mbedtls_platform_zeroize( out, output - out );
     return( ret );
 }
 #endif /* MBEDTLS_CIPHER_MODE_CFB */
@@ -1426,7 +1421,6 @@ int mbedtls_aes_crypt_ofb( mbedtls_aes_context *ctx,
 {
     int ret = 0;
     size_t n;
-    size_t bytes_written = 0;
     unsigned char *out = output;
 
     AES_VALIDATE_RET( ctx != NULL );
@@ -1449,7 +1443,6 @@ int mbedtls_aes_crypt_ofb( mbedtls_aes_context *ctx,
                 goto exit;
         }
         *output++ =  *input++ ^ iv[n];
-        bytes_written++;
 
         n = ( n + 1 ) & 0x0F;
     }
@@ -1458,7 +1451,7 @@ int mbedtls_aes_crypt_ofb( mbedtls_aes_context *ctx,
 
 exit:
     if( ret != 0 )
-        mbedtls_platform_zeroize( out, bytes_written );
+        mbedtls_platform_zeroize( out, output - out );
 
     return( ret );
 }
@@ -1478,7 +1471,6 @@ int mbedtls_aes_crypt_ctr( mbedtls_aes_context *ctx,
 {
     int c, i, ret = 0;
     size_t n;
-    size_t bytes_written = 0;
     unsigned char *out = output;
 
     AES_VALIDATE_RET( ctx != NULL );
@@ -1508,15 +1500,14 @@ int mbedtls_aes_crypt_ctr( mbedtls_aes_context *ctx,
         }
         c = *input++;
         *output++ = (unsigned char)( c ^ stream_block[n] );
-        bytes_written++;
 
         n = ( n + 1 ) & 0x0F;
     }
 
     *nc_off = n;
 end:
     if( ret != 0 )
-        mbedtls_platform_zeroize( out, bytes_written );
+        mbedtls_platform_zeroize( out, output - out );
     return( ret );
 }
 #endif /* MBEDTLS_CIPHER_MODE_CTR */