yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-09-17 20:07:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add error checking to mbedtls_ecdsa_signature_to_asn1

Browse source 
Add a wrapper to check for errors during MBEDTLS_ASN1_CHK_ADD
Substitute backticks with apostrophes
This commit is contained in:
Andrzej Kurek 2018-02-14 07:43:37 -05:00
parent bba0927586
commit 2353781d9e
2 changed files with 22 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
include/mbedtls/pk_info.h
View file

@ -71,7 +71,7 @@ extern "C" {
* - Keep the mbedtls_pk_info_t structure hidden and declare a function * - Keep the mbedtls_pk_info_t structure hidden and declare a function
* to call instead of mbedtls_pk_setup. This function should have an * to call instead of mbedtls_pk_setup. This function should have an
* interface of the form * interface of the form
* `int mbedtls_pk_setup_myengine(mbedtls_pk_context *, ...)` * 'int mbedtls_pk_setup_myengine(mbedtls_pk_context *, ...)'
* where the extra parameters depend on the engine, e.g. handles to keys * where the extra parameters depend on the engine, e.g. handles to keys
* stored in an external cryptographic module. * stored in an external cryptographic module.
* *
@ -228,9 +228,9 @@ struct mbedtls_pk_info_t
* type does not match the semantic type of \c prv (RSA, ECC or other), * type does not match the semantic type of \c prv (RSA, ECC or other),
* then check_pair_func must return #MBEDTLS_ERR_PK_TYPE_MISMATCH. * then check_pair_func must return #MBEDTLS_ERR_PK_TYPE_MISMATCH.
* *
* If \c pub and \c prv are opaque keys from the same engines (i.e. ``), * If \c pub and \c prv are opaque keys from the same engines (i.e. ''),
* then check_pair_func must return 0, `#MBEDTLS_ERR_PK_TYPE_MISMATCH`, or * then check_pair_func must return 0, #MBEDTLS_ERR_PK_TYPE_MISMATCH, or
* `#MBEDTLS_ERR_RSA_KEY_CHECK_FAILED` or `#MBEDTLS_ERR_ECP_BAD_INPUT_DATA` * #MBEDTLS_ERR_RSA_KEY_CHECK_FAILED or #MBEDTLS_ERR_ECP_BAD_INPUT_DATA
* as in the case of transparent keys. * as in the case of transparent keys.
* *
* If \c pub is an opaque key which is not from the same engine as \c prv, * If \c pub is an opaque key which is not from the same engine as \c prv,

21
library/ecdsa.c
View file

@ -287,10 +287,13 @@ cleanup:
#endif /* MBEDTLS_ECDSA_VERIFY_ALT */ #endif /* MBEDTLS_ECDSA_VERIFY_ALT */
/* /*
* Convert a signature (given by context) to ASN.1 * Convert a signature (given by context) to ASN.1.
* This function may leave a half-written upon encountering an error, and
* is for internal use only.
*/ */
int mbedtls_ecdsa_signature_to_asn1( const mbedtls_mpi *r, const mbedtls_mpi *s, static int internal_ecdsa_signature_to_asn1( const mbedtls_mpi *r,
unsigned char *sig, size_t *slen, size_t ssize ) const mbedtls_mpi *s, unsigned char *sig,
size_t *slen, size_t ssize )
{ {
int ret; int ret;
unsigned char *p = sig + ssize; unsigned char *p = sig + ssize;
@ -310,6 +313,18 @@ int mbedtls_ecdsa_signature_to_asn1( const mbedtls_mpi *r, const mbedtls_mpi *s,
return( 0 ); return( 0 );
} }
/*
* Convert a signature (given by context) to ASN.1, zeroize the buffer on error
*/
int mbedtls_ecdsa_signature_to_asn1( const mbedtls_mpi *r, const mbedtls_mpi *s,
unsigned char *sig, size_t *slen, size_t ssize )
{
int ret = internal_ecdsa_signature_to_asn1( r, s, sig, slen, ssize );
if( ret != 0 )
memset( sig, ssize, 0 );
return( ret );
}
/* /*
* Compute and write signature. This function assumes that sig is large enough. * Compute and write signature. This function assumes that sig is large enough.
*/ */