mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2025-01-22 08:41:10 +00:00
Merge remote-tracking branch 'upstream-restricted/pr/503' into mbedtls-2.16-restricted
This commit is contained in:
commit
4d7c74811b
|
@ -11,6 +11,11 @@ Security
|
||||||
blinding value was generated. This reduced the effectiveness of the
|
blinding value was generated. This reduced the effectiveness of the
|
||||||
countermeasure and leaked information about the private key through side
|
countermeasure and leaked information about the private key through side
|
||||||
channels. Reported by Jack Lloyd.
|
channels. Reported by Jack Lloyd.
|
||||||
|
* When writing a private EC key, use a constant size for the private
|
||||||
|
value, as specified in RFC 5915. Previously, the value was written
|
||||||
|
as an ASN.1 INTEGER, which caused the size of the key to leak
|
||||||
|
about 1 bit of information on average and could cause the value to be
|
||||||
|
1 byte too large for the output buffer.
|
||||||
|
|
||||||
API Changes
|
API Changes
|
||||||
* The new function mbedtls_ecdsa_sign_det_ext() is similar to
|
* The new function mbedtls_ecdsa_sign_det_ext() is similar to
|
||||||
|
|
|
@ -38,7 +38,9 @@
|
||||||
#include "mbedtls/rsa.h"
|
#include "mbedtls/rsa.h"
|
||||||
#endif
|
#endif
|
||||||
#if defined(MBEDTLS_ECP_C)
|
#if defined(MBEDTLS_ECP_C)
|
||||||
|
#include "mbedtls/bignum.h"
|
||||||
#include "mbedtls/ecp.h"
|
#include "mbedtls/ecp.h"
|
||||||
|
#include "mbedtls/platform_util.h"
|
||||||
#endif
|
#endif
|
||||||
#if defined(MBEDTLS_ECDSA_C)
|
#if defined(MBEDTLS_ECDSA_C)
|
||||||
#include "mbedtls/ecdsa.h"
|
#include "mbedtls/ecdsa.h"
|
||||||
|
@ -150,6 +152,26 @@ static int pk_write_ec_param( unsigned char **p, unsigned char *start,
|
||||||
|
|
||||||
return( (int) len );
|
return( (int) len );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* privateKey OCTET STRING -- always of length ceil(log2(n)/8)
|
||||||
|
*/
|
||||||
|
static int pk_write_ec_private( unsigned char **p, unsigned char *start,
|
||||||
|
mbedtls_ecp_keypair *ec )
|
||||||
|
{
|
||||||
|
int ret;
|
||||||
|
size_t byte_length = ( ec->grp.pbits + 7 ) / 8;
|
||||||
|
unsigned char tmp[MBEDTLS_ECP_MAX_BYTES];
|
||||||
|
|
||||||
|
ret = mbedtls_mpi_write_binary( &ec->d, tmp, byte_length );
|
||||||
|
if( ret != 0 )
|
||||||
|
goto exit;
|
||||||
|
ret = mbedtls_asn1_write_octet_string( p, start, tmp, byte_length );
|
||||||
|
|
||||||
|
exit:
|
||||||
|
mbedtls_platform_zeroize( tmp, byte_length );
|
||||||
|
return( ret );
|
||||||
|
}
|
||||||
#endif /* MBEDTLS_ECP_C */
|
#endif /* MBEDTLS_ECP_C */
|
||||||
|
|
||||||
int mbedtls_pk_write_pubkey( unsigned char **p, unsigned char *start,
|
int mbedtls_pk_write_pubkey( unsigned char **p, unsigned char *start,
|
||||||
|
@ -364,9 +386,8 @@ int mbedtls_pk_write_key_der( mbedtls_pk_context *key, unsigned char *buf, size_
|
||||||
MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 0 ) );
|
MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 0 ) );
|
||||||
len += par_len;
|
len += par_len;
|
||||||
|
|
||||||
/* privateKey: write as MPI then fix tag */
|
/* privateKey */
|
||||||
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_mpi( &c, buf, &ec->d ) );
|
MBEDTLS_ASN1_CHK_ADD( len, pk_write_ec_private( &c, buf, ec ) );
|
||||||
*c = MBEDTLS_ASN1_OCTET_STRING;
|
|
||||||
|
|
||||||
/* version */
|
/* version */
|
||||||
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_int( &c, buf, 1 ) );
|
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_int( &c, buf, 1 ) );
|
||||||
|
|
5
tests/data_files/ec_256_long_prv.pem
Normal file
5
tests/data_files/ec_256_long_prv.pem
Normal file
|
@ -0,0 +1,5 @@
|
||||||
|
-----BEGIN EC PRIVATE KEY-----
|
||||||
|
MHcCAQEEIIcex4mqXsQamUKTVf8vXmTAJrQvGjh5mXG8p9+OR4xAoAoGCCqGSM49
|
||||||
|
AwEHoUQDQgAEqJ2HQjPpc6fDwE/vSa6U35USXawkTo98y4U6NsAl+rOGuqMPEFXf
|
||||||
|
P1Srm/Jrzwa/RuppRL5kgyAsGJTUmwZEzQ==
|
||||||
|
-----END EC PRIVATE KEY-----
|
7
tests/data_files/ec_521_short_prv.pem
Normal file
7
tests/data_files/ec_521_short_prv.pem
Normal file
|
@ -0,0 +1,7 @@
|
||||||
|
-----BEGIN EC PRIVATE KEY-----
|
||||||
|
MIHcAgEBBEIAOXdk7W+Hf5L7Hc9fKe44wmpaRNs5ERFTkv5CrlXv/Bu3y28M673q
|
||||||
|
vBNo7a/UE/6NNQHu2pQODEYFpMg6R34b5SigBwYFK4EEACOhgYkDgYYABAFUMHXV
|
||||||
|
KPA4vkMgq+pFgDoH96XoM517gF2GJFV6h2gLhykzIHL/otAyEpAStw7MBvbU0V21
|
||||||
|
ixB+hjqzO7Snxaj9mwB8g87OKxm5eGfsqvJNPdJ0RZ/EKy06Ukg6KThlhQeyrtIk
|
||||||
|
g5PTCrPnNszlffAy6/jCOe3Moi59g15H13sSzwfX6g==
|
||||||
|
-----END EC PRIVATE KEY-----
|
|
@ -30,10 +30,18 @@ Private key write check EC 192 bits
|
||||||
depends_on:MBEDTLS_ECP_C:MBEDTLS_BASE64_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED
|
depends_on:MBEDTLS_ECP_C:MBEDTLS_BASE64_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED
|
||||||
pk_write_key_check:"data_files/ec_prv.sec1.pem"
|
pk_write_key_check:"data_files/ec_prv.sec1.pem"
|
||||||
|
|
||||||
|
Private key write check EC 256 bits (top bit set)
|
||||||
|
depends_on:MBEDTLS_ECP_C:MBEDTLS_BASE64_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
|
||||||
|
pk_write_key_check:"data_files/ec_256_long_prv.pem"
|
||||||
|
|
||||||
Private key write check EC 521 bits
|
Private key write check EC 521 bits
|
||||||
depends_on:MBEDTLS_ECP_C:MBEDTLS_BASE64_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED
|
depends_on:MBEDTLS_ECP_C:MBEDTLS_BASE64_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED
|
||||||
pk_write_key_check:"data_files/ec_521_prv.pem"
|
pk_write_key_check:"data_files/ec_521_prv.pem"
|
||||||
|
|
||||||
|
Private key write check EC 521 bits (top byte is 0)
|
||||||
|
depends_on:MBEDTLS_ECP_C:MBEDTLS_BASE64_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED
|
||||||
|
pk_write_key_check:"data_files/ec_521_short_prv.pem"
|
||||||
|
|
||||||
Private key write check EC Brainpool 512 bits
|
Private key write check EC Brainpool 512 bits
|
||||||
depends_on:MBEDTLS_ECP_C:MBEDTLS_BASE64_C:MBEDTLS_ECP_DP_BP512R1_ENABLED
|
depends_on:MBEDTLS_ECP_C:MBEDTLS_BASE64_C:MBEDTLS_ECP_DP_BP512R1_ENABLED
|
||||||
pk_write_key_check:"data_files/ec_bp512_prv.pem"
|
pk_write_key_check:"data_files/ec_bp512_prv.pem"
|
||||||
|
|
Loading…
Reference in a new issue