mirror of
				https://github.com/yuzu-emu/mbedtls.git
				synced 2025-10-26 12:57:32 +00:00 
			
		
		
		
	HMAC_DRBG: deprecate mbedtls_hmac_drbg_update because it ignores errors
Deprecate mbedtls_hmac_drbg_update (which returns void) in favor of a new function mbedtls_hmac_drbg_update_ret which reports error. The old function is not officially marked as deprecated in this branch because this is a stable maintenance branch.
This commit is contained in:
		
							parent
							
								
									563a333a84
								
							
						
					
					
						commit
						48dbe3b5d6
					
				|  | @ -195,11 +195,31 @@ void mbedtls_hmac_drbg_set_reseed_interval( mbedtls_hmac_drbg_context *ctx, | |||
|  * \param additional    Additional data to update state with, or NULL | ||||
|  * \param add_len       Length of additional data, or 0 | ||||
|  * | ||||
|  * \return              \c 0 on success, or an error from the underlying | ||||
|  *                      hash calculation. | ||||
|  * | ||||
|  * \note                Additional data is optional, pass NULL and 0 as second | ||||
|  *                      third argument if no additional data is being used. | ||||
|  */ | ||||
| int mbedtls_hmac_drbg_update_ret( mbedtls_hmac_drbg_context *ctx, | ||||
|                        const unsigned char *additional, size_t add_len ); | ||||
| 
 | ||||
| /**
 | ||||
|  * \brief               HMAC_DRBG update state | ||||
|  * | ||||
|  * \warning             This function cannot report errors. You should use | ||||
|  *                      mbedtls_hmac_drbg_update_ret() instead. | ||||
|  * | ||||
|  * \param ctx           HMAC_DRBG context | ||||
|  * \param additional    Additional data to update state with, or NULL | ||||
|  * \param add_len       Length of additional data, or 0 | ||||
|  * | ||||
|  * \note                Additional data is optional, pass NULL and 0 as second | ||||
|  *                      third argument if no additional data is being used. | ||||
|  */ | ||||
| void mbedtls_hmac_drbg_update( mbedtls_hmac_drbg_context *ctx, | ||||
|                        const unsigned char *additional, size_t add_len ); | ||||
|                                const unsigned char *additional, | ||||
|                                size_t add_len ); | ||||
| 
 | ||||
| /**
 | ||||
|  * \brief               HMAC_DRBG reseeding (extracts data from entropy source) | ||||
|  |  | |||
|  | @ -66,31 +66,56 @@ void mbedtls_hmac_drbg_init( mbedtls_hmac_drbg_context *ctx ) | |||
| /*
 | ||||
|  * HMAC_DRBG update, using optional additional data (10.1.2.2) | ||||
|  */ | ||||
| void mbedtls_hmac_drbg_update( mbedtls_hmac_drbg_context *ctx, | ||||
|                        const unsigned char *additional, size_t add_len ) | ||||
| int mbedtls_hmac_drbg_update_ret( mbedtls_hmac_drbg_context *ctx, | ||||
|                                   const unsigned char *additional, | ||||
|                                   size_t add_len ) | ||||
| { | ||||
|     size_t md_len = mbedtls_md_get_size( ctx->md_ctx.md_info ); | ||||
|     unsigned char rounds = ( additional != NULL && add_len != 0 ) ? 2 : 1; | ||||
|     unsigned char sep[1]; | ||||
|     unsigned char K[MBEDTLS_MD_MAX_SIZE]; | ||||
|     int ret; | ||||
| 
 | ||||
|     for( sep[0] = 0; sep[0] < rounds; sep[0]++ ) | ||||
|     { | ||||
|         /* Step 1 or 4 */ | ||||
|         mbedtls_md_hmac_reset( &ctx->md_ctx ); | ||||
|         mbedtls_md_hmac_update( &ctx->md_ctx, ctx->V, md_len ); | ||||
|         mbedtls_md_hmac_update( &ctx->md_ctx, sep, 1 ); | ||||
|         if( ( ret = mbedtls_md_hmac_reset( &ctx->md_ctx ) ) != 0 ) | ||||
|             goto exit; | ||||
|         if( ( ret = mbedtls_md_hmac_update( &ctx->md_ctx, | ||||
|                                             ctx->V, md_len ) ) != 0 ) | ||||
|             goto exit; | ||||
|         if( ( ret = mbedtls_md_hmac_update( &ctx->md_ctx, | ||||
|                                             sep, 1 ) ) != 0 ) | ||||
|             goto exit; | ||||
|         if( rounds == 2 ) | ||||
|             mbedtls_md_hmac_update( &ctx->md_ctx, additional, add_len ); | ||||
|         mbedtls_md_hmac_finish( &ctx->md_ctx, K ); | ||||
|         { | ||||
|             if( ( ret = mbedtls_md_hmac_update( &ctx->md_ctx, | ||||
|                                                 additional, add_len ) ) != 0 ) | ||||
|             goto exit; | ||||
|         } | ||||
|         if( ( ret = mbedtls_md_hmac_finish( &ctx->md_ctx, K ) ) != 0 ) | ||||
|             goto exit; | ||||
| 
 | ||||
|         /* Step 2 or 5 */ | ||||
|         mbedtls_md_hmac_starts( &ctx->md_ctx, K, md_len ); | ||||
|         mbedtls_md_hmac_update( &ctx->md_ctx, ctx->V, md_len ); | ||||
|         mbedtls_md_hmac_finish( &ctx->md_ctx, ctx->V ); | ||||
|         if( ( ret = mbedtls_md_hmac_starts( &ctx->md_ctx, K, md_len ) ) != 0 ) | ||||
|             goto exit; | ||||
|         if( ( ret = mbedtls_md_hmac_update( &ctx->md_ctx, | ||||
|                                             ctx->V, md_len ) ) != 0 ) | ||||
|             goto exit; | ||||
|         if( ( ret = mbedtls_md_hmac_finish( &ctx->md_ctx, ctx->V ) ) != 0 ) | ||||
|             goto exit; | ||||
|     } | ||||
| 
 | ||||
| exit: | ||||
|     mbedtls_platform_zeroize( K, sizeof( K ) ); | ||||
|     return( ret ); | ||||
| } | ||||
| 
 | ||||
| void mbedtls_hmac_drbg_update( mbedtls_hmac_drbg_context *ctx, | ||||
|                                const unsigned char *additional, | ||||
|                                size_t add_len ) | ||||
| { | ||||
|     (void) mbedtls_hmac_drbg_update_ret( ctx, additional, add_len ); | ||||
| } | ||||
| 
 | ||||
| /*
 | ||||
|  | @ -113,7 +138,8 @@ int mbedtls_hmac_drbg_seed_buf( mbedtls_hmac_drbg_context *ctx, | |||
|     mbedtls_md_hmac_starts( &ctx->md_ctx, ctx->V, mbedtls_md_get_size( md_info ) ); | ||||
|     memset( ctx->V, 0x01, mbedtls_md_get_size( md_info ) ); | ||||
| 
 | ||||
|     mbedtls_hmac_drbg_update( ctx, data, data_len ); | ||||
|     if( ( ret = mbedtls_hmac_drbg_update_ret( ctx, data, data_len ) ) != 0 ) | ||||
|         return( ret ); | ||||
| 
 | ||||
|     return( 0 ); | ||||
| } | ||||
|  | @ -126,6 +152,7 @@ int mbedtls_hmac_drbg_reseed( mbedtls_hmac_drbg_context *ctx, | |||
| { | ||||
|     unsigned char seed[MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT]; | ||||
|     size_t seedlen; | ||||
|     int ret; | ||||
| 
 | ||||
|     /* III. Check input length */ | ||||
|     if( len > MBEDTLS_HMAC_DRBG_MAX_INPUT || | ||||
|  | @ -150,14 +177,16 @@ int mbedtls_hmac_drbg_reseed( mbedtls_hmac_drbg_context *ctx, | |||
|     } | ||||
| 
 | ||||
|     /* 2. Update state */ | ||||
|     mbedtls_hmac_drbg_update( ctx, seed, seedlen ); | ||||
|     if( ( ret = mbedtls_hmac_drbg_update_ret( ctx, seed, seedlen ) ) != 0 ) | ||||
|         goto exit; | ||||
| 
 | ||||
|     /* 3. Reset reseed_counter */ | ||||
|     ctx->reseed_counter = 1; | ||||
| 
 | ||||
| exit: | ||||
|     /* 4. Done */ | ||||
|     mbedtls_platform_zeroize( seed, seedlen ); | ||||
|     return( 0 ); | ||||
|     return( ret ); | ||||
| } | ||||
| 
 | ||||
| /*
 | ||||
|  | @ -276,7 +305,11 @@ int mbedtls_hmac_drbg_random_with_add( void *p_rng, | |||
| 
 | ||||
|     /* 2. Use additional data if any */ | ||||
|     if( additional != NULL && add_len != 0 ) | ||||
|         mbedtls_hmac_drbg_update( ctx, additional, add_len ); | ||||
|     { | ||||
|         if( ( ret = mbedtls_hmac_drbg_update_ret( ctx, | ||||
|                                                   additional, add_len ) ) != 0 ) | ||||
|             goto exit; | ||||
|     } | ||||
| 
 | ||||
|     /* 3, 4, 5. Generate bytes */ | ||||
|     while( left != 0 ) | ||||
|  | @ -293,13 +326,16 @@ int mbedtls_hmac_drbg_random_with_add( void *p_rng, | |||
|     } | ||||
| 
 | ||||
|     /* 6. Update */ | ||||
|     mbedtls_hmac_drbg_update( ctx, additional, add_len ); | ||||
|     if( ( ret = mbedtls_hmac_drbg_update_ret( ctx, | ||||
|                                               additional, add_len ) ) != 0 ) | ||||
|         goto exit; | ||||
| 
 | ||||
|     /* 7. Update reseed counter */ | ||||
|     ctx->reseed_counter++; | ||||
| 
 | ||||
| exit: | ||||
|     /* 8. Done */ | ||||
|     return( 0 ); | ||||
|     return( ret ); | ||||
| } | ||||
| 
 | ||||
| /*
 | ||||
|  | @ -391,8 +427,7 @@ int mbedtls_hmac_drbg_update_seed_file( mbedtls_hmac_drbg_context *ctx, const ch | |||
|     if( fread( buf, 1, n, f ) != n ) | ||||
|         ret = MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR; | ||||
|     else | ||||
|         mbedtls_hmac_drbg_update( ctx, buf, n ); | ||||
| 
 | ||||
|         ret = mbedtls_hmac_drbg_update_ret( ctx, buf, n ); | ||||
|     fclose( f ); | ||||
| 
 | ||||
|     mbedtls_platform_zeroize( buf, sizeof( buf ) ); | ||||
|  |  | |||
		Loading…
	
		Reference in a new issue