yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-01-23 08:01:12 +00:00
Code Issues Packages Projects Releases Wiki Activity

Use free + init to reset accumulator in entropy module

Browse source 
The SHA-256 / SHA-512 context used for entropy mixing in entropy.c
was previously reset by zeroization. The commit replaces this by
a pair of calls to `mbedtls_shaxxx_init` and `mbedtls_shaxxx_free`
which is safe also for alternative implementations of SHA-256 or
SHA-512 for which zeroization might not be a proper reset.
This commit is contained in:
Hanno Becker 2018-01-17 23:09:20 +00:00
parent 4ecd34f86c
commit 31b37f6edd
1 changed files with 4 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
library/entropy.c
View file

@ -318,7 +318,8 @@ int mbedtls_entropy_func( void *data, unsigned char *output, size_t len )
/*
* Reset accumulator and counters and recycle existing entropy
*/
memset( &ctx->accumulator, 0, sizeof( mbedtls_sha512_context ) );
mbedtls_sha512_free( &ctx->accumulator );
mbedtls_sha512_init( &ctx->accumulator );
mbedtls_sha512_starts( &ctx->accumulator, 0 );
mbedtls_sha512_update( &ctx->accumulator, buf, MBEDTLS_ENTROPY_BLOCK_SIZE );
@ -332,7 +333,8 @@ int mbedtls_entropy_func( void *data, unsigned char *output, size_t len )
/*
* Reset accumulator and counters and recycle existing entropy
*/
memset( &ctx->accumulator, 0, sizeof( mbedtls_sha256_context ) );
mbedtls_sha256_free( &ctx->accumulator );
mbedtls_sha256_init( &ctx->accumulator );
mbedtls_sha256_starts( &ctx->accumulator, 0 );
mbedtls_sha256_update( &ctx->accumulator, buf, MBEDTLS_ENTROPY_BLOCK_SIZE );