yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-10-18 16:01:07 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix an incorrect error code if RSA private operation glitched

Browse source 
mbedtls_rsa_private() could return the sum of two RSA error codes
instead of a valid error code in some rare circumstances:

* If rsa_prepare_blinding() returned  MBEDTLS_ERR_RSA_RNG_FAILED
  (indicating a misbehaving or misconfigured RNG).
* If the comparison with the public value failed (typically indicating
  a glitch attack).

Make sure not to add two high-level error codes.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
Gilles Peskine 2020-11-25 00:10:31 +01:00
parent 3fac0bae4a
commit 3b7523e11e
2 changed files with 4 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
ChangeLog.d/rsa_private-ret.txt Normal file
View file

@ -0,0 +1,2 @@
Bugfix
* Fix an incorrect error code if an RSA private operation glitched.

4
library/rsa.c
View file

@ -1106,10 +1106,10 @@ cleanup:
mbedtls_mpi_free( &C ); mbedtls_mpi_free( &C );
mbedtls_mpi_free( &I ); mbedtls_mpi_free( &I );
if( ret != 0 ) if( ret != 0 && ret >= -0x007f )
return( MBEDTLS_ERR_RSA_PRIVATE_FAILED + ret ); return( MBEDTLS_ERR_RSA_PRIVATE_FAILED + ret );
return( 0 ); return( ret );
} }
#if defined(MBEDTLS_PKCS1_V21) #if defined(MBEDTLS_PKCS1_V21)