yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-03-24 22:35:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #673 from gilles-peskine-arm/ctr_drbg-aes_fail-2.7

Browse source 
Backport 2.7: Uncaught AES failure in CTR_DRBG
This commit is contained in:
Jaeden Amero 2019-11-28 15:02:23 +00:00 committed by GitHub
parent c5a016dde1 b2be1fca2c
commit 373a7097eb
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 5 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
ChangeLog
View file

@ -20,6 +20,10 @@ Security
timings on the comparison in the key generation enabled the attacker to timings on the comparison in the key generation enabled the attacker to
learn leading bits of the ephemeral key used during ECDSA signatures and to learn leading bits of the ephemeral key used during ECDSA signatures and to
recover the private key. recover the private key.
* Catch failure of AES functions in mbedtls_ctr_drbg_random(). Uncaught
failures could happen with alternative implementations of AES. Bug
reported and fix proposed by Johan Uppman Bruce and Christoffer Lauri,
Sectra.
Changes Changes
* Add unit tests for AES-GCM when called through mbedtls_cipher_auth_xxx() * Add unit tests for AES-GCM when called through mbedtls_cipher_auth_xxx()

2
library/ctr_drbg.c
View file

@ -457,7 +457,7 @@ int mbedtls_ctr_drbg_random_with_add( void *p_rng,
exit: exit:
mbedtls_zeroize( add_input, sizeof( add_input ) ); mbedtls_zeroize( add_input, sizeof( add_input ) );
mbedtls_zeroize( tmp, sizeof( tmp ) ); mbedtls_zeroize( tmp, sizeof( tmp ) );
return( 0 ); return( ret );
} }
int mbedtls_ctr_drbg_random( void *p_rng, unsigned char *output, size_t output_len ) int mbedtls_ctr_drbg_random( void *p_rng, unsigned char *output, size_t output_len )