From bed99401a092bb9d25618f9471c8507362bf9ec6 Mon Sep 17 00:00:00 2001
From: Juliusz Sosinowicz <juliusz@wolfssl.com>
Date: Fri, 31 Mar 2023 12:18:10 +0200
Subject: [PATCH] hpke.c: use xorbufout in wc_HpkeContextComputeNonce

---
 wolfcrypt/src/hpke.c | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/wolfcrypt/src/hpke.c b/wolfcrypt/src/hpke.c
index b9e3c3b2c..b0d7dc441 100644
--- a/wolfcrypt/src/hpke.c
+++ b/wolfcrypt/src/hpke.c
@@ -43,6 +43,13 @@
 #include <wolfssl/wolfcrypt/aes.h>
 #include <wolfssl/wolfcrypt/hpke.h>
 
+#ifdef NO_INLINE
+    #include <wolfssl/wolfcrypt/misc.h>
+#else
+    #define WOLFSSL_MISC_INCLUDED
+    #include <wolfcrypt/src/misc.c>
+#endif
+
 const int hpkeSupportedKem[HPKE_SUPPORTED_KEM_LEN] = {
     DHKEM_P256_HKDF_SHA256,
     DHKEM_P384_HKDF_SHA384,
@@ -581,7 +588,6 @@ static int wc_HpkeLabeledExpand(Hpke* hpke, byte* suite_id, word32 suite_id_len,
 static int wc_HpkeContextComputeNonce(Hpke* hpke, HpkeBaseContext* context,
     byte* out)
 {
-    int i;
     int ret;
     byte seq_bytes[HPKE_Nn_MAX];
 
@@ -589,9 +595,7 @@ static int wc_HpkeContextComputeNonce(Hpke* hpke, HpkeBaseContext* context,
      * nonce */
     ret = I2OSP(context->seq, hpke->Nn, seq_bytes);
     if (ret == 0) {
-        for (i = 0; i < (int)hpke->Nn; i++) {
-            out[i] = (context->base_nonce[i] ^ seq_bytes[i]);
-        }
+        xorbufout(out, context->base_nonce, seq_bytes, hpke->Nn);
     }
 
     return ret;