yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-01-22 16:51:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

Protect key_derivation_done flag

Browse source 
The flag is used to track that the key derivation
has been done.
This commit is contained in:
Jarno Lamsa 2019-12-19 08:11:12 +02:00
parent 67f0a1e833
commit 4031a45019
1 changed files with 14 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
library/ssl_tls.c
View file

@ -1884,7 +1884,7 @@ int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl )
volatile int ret;
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> derive keys" ) );
ssl->handshake->key_derivation_done = MBEDTLS_SSL_FI_FLAG_UNSET;
/* Compute master secret if needed */
ret = ssl_compute_master( ssl->handshake,
ssl->session_negotiate->master,
@ -1925,7 +1925,19 @@ int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl )
mbedtls_ssl_get_minor_ver( ssl ),
mbedtls_ssl_conf_get_endpoint( ssl->conf ),
ssl );
if( ret != 0 )
if( ret == 0 )
{
mbedtls_platform_enforce_volatile_reads();
if( ret == 0 )
{
ssl->handshake->key_derivation_done = MBEDTLS_SSL_FI_FLAG_SET;
}
else
{
return( MBEDTLS_ERR_PLATFORM_FAULT_DETECTED );
}
}
else
{
MBEDTLS_SSL_DEBUG_RET( 1, "ssl_populate_transform", ret );
return( ret );