yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-03-24 10:35:12 +00:00
Code Issues Packages Projects Releases Wiki Activity

Do not zeroize null pointer

Browse source
This commit is contained in:
Brian Murray 2016-05-20 18:25:43 -07:00 committed by Simon Butcher
parent cdd1f6d96c
commit 4e067035b7
1 changed files with 44 additions and 41 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

85
library/cmac.c
View file

@ -82,11 +82,14 @@ static int cmac_multiply_by_u( unsigned char *output,
starting_index = blocksize -1; starting_index = blocksize -1;
if( blocksize == 16 ){ if( blocksize == 16 )
{
R_n = R_128; R_n = R_128;
} else if( blocksize == 8 ) { } else if( blocksize == 8 )
{
R_n = R_64; R_n = R_64;
} else { } else
{
return( MBEDTLS_ERR_CMAC_BAD_INPUT ); return( MBEDTLS_ERR_CMAC_BAD_INPUT );
} }
@ -122,7 +125,6 @@ static int cmac_generate_subkeys( mbedtls_cmac_context *ctx )
unsigned char *L; unsigned char *L;
size_t olen, block_size; size_t olen, block_size;
ret = 0;
block_size = ctx->cipher_ctx.cipher_info->block_size; block_size = ctx->cipher_ctx.cipher_info->block_size;
L = mbedtls_calloc( block_size, sizeof( unsigned char ) ); L = mbedtls_calloc( block_size, sizeof( unsigned char ) );
@ -143,7 +145,7 @@ static int cmac_generate_subkeys( mbedtls_cmac_context *ctx )
*/ */
if( ( ret = cmac_multiply_by_u( ctx->K1, L , block_size ) ) != 0 ) if( ( ret = cmac_multiply_by_u( ctx->K1, L , block_size ) ) != 0 )
goto exit; goto exit;
if( ( cmac_multiply_by_u( ctx->K2, ctx->K1 , block_size ) ) != 0 ) if( ( ret = cmac_multiply_by_u( ctx->K2, ctx->K1 , block_size ) ) != 0 )
goto exit; goto exit;
exit: exit:
@ -203,8 +205,10 @@ void mbedtls_cmac_free( mbedtls_cmac_context *ctx )
mbedtls_cipher_free( &ctx->cipher_ctx ); mbedtls_cipher_free( &ctx->cipher_ctx );
mbedtls_zeroize( ctx->K1, block_size * sizeof( unsigned char ) ); if( ctx->K1 != NULL )
mbedtls_zeroize( ctx->K2, block_size * sizeof( unsigned char ) ); mbedtls_zeroize( ctx->K1, block_size * sizeof( unsigned char ) );
if( ctx->K2 != NULL )
mbedtls_zeroize( ctx->K2, block_size * sizeof( unsigned char ) );
mbedtls_free( ctx->K1 ); mbedtls_free( ctx->K1 );
mbedtls_free( ctx->K2 ); mbedtls_free( ctx->K2 );
} }
@ -261,7 +265,6 @@ do { \
int mbedtls_cmac_generate( mbedtls_cmac_context *ctx, int mbedtls_cmac_generate( mbedtls_cmac_context *ctx,
const unsigned char *input, size_t in_len, const unsigned char *input, size_t in_len,
unsigned char *tag, size_t tag_len ) unsigned char *tag, size_t tag_len )
{ {
unsigned char *state; unsigned char *state;
unsigned char *M_last; unsigned char *M_last;
@ -389,7 +392,7 @@ int mbedtls_aes_cmac_prf_128( const unsigned char *key, size_t key_length,
mbedtls_cmac_init( &zero_ctx ); mbedtls_cmac_init( &zero_ctx );
memset( zero_key, 0, 16 ); memset( zero_key, 0, 16 );
ret = mbedtls_cmac_setkey( &zero_ctx, MBEDTLS_CIPHER_ID_AES, ret = mbedtls_cmac_setkey( &zero_ctx, MBEDTLS_CIPHER_ID_AES,
zero_key, 8 * sizeof zero_key ); zero_key, 8 * sizeof( zero_key ) );
if( ret != 0 ) if( ret != 0 )
goto exit; goto exit;
@ -399,17 +402,16 @@ int mbedtls_aes_cmac_prf_128( const unsigned char *key, size_t key_length,
} }
ret = mbedtls_cmac_setkey( &ctx, MBEDTLS_CIPHER_ID_AES, ret = mbedtls_cmac_setkey( &ctx, MBEDTLS_CIPHER_ID_AES,
int_key, 8 * sizeof int_key ); int_key, 8 * sizeof( int_key ) );
if( ret != 0 ) if( ret != 0 )
goto exit; goto exit;
mbedtls_zeroize( int_key, sizeof( int_key ) );
ret = mbedtls_cmac_generate( &ctx, input, in_len, tag, 16 ); ret = mbedtls_cmac_generate( &ctx, input, in_len, tag, 16 );
exit: exit:
mbedtls_cmac_free( &ctx ); mbedtls_zeroize( int_key, sizeof( int_key ) );
return( ret ); mbedtls_cmac_free( &ctx );
return( ret );
} }
#endif /* MBEDTLS_AES_C */ #endif /* MBEDTLS_AES_C */
@ -680,7 +682,8 @@ int test_cmac_with_cipher( int verbose,
unsigned char* tag; unsigned char* tag;
tag = mbedtls_calloc( block_size, sizeof( unsigned char ) ); tag = mbedtls_calloc( block_size, sizeof( unsigned char ) );
if( tag == NULL ){ if( tag == NULL )
{
ret = MBEDTLS_ERR_CMAC_ALLOC_FAILED; ret = MBEDTLS_ERR_CMAC_ALLOC_FAILED;
goto exit; goto exit;
} }
@ -735,7 +738,8 @@ int test_cmac_with_cipher( int verbose,
} }
#ifdef MBEDTLS_AES_C #ifdef MBEDTLS_AES_C
int test_aes128_cmac_prf( int verbose ) { int test_aes128_cmac_prf( int verbose )
{
int i; int i;
int ret; int ret;
unsigned char tag[16]; unsigned char tag[16];
@ -794,14 +798,14 @@ int mbedtls_cmac_self_test( int verbose )
if( ( ret = test_cmac_with_cipher ( verbose, if( ( ret = test_cmac_with_cipher ( verbose,
"AES 256", "AES 256",
aes_256_key, aes_256_key,
256, 256,
test_message, test_message,
aes_message_lengths, aes_message_lengths,
(const unsigned char*) aes_256_subkeys, (const unsigned char*) aes_256_subkeys,
(const unsigned char*) aes_256_expected_result, (const unsigned char*) aes_256_expected_result,
MBEDTLS_CIPHER_ID_AES, MBEDTLS_CIPHER_ID_AES,
AES_BLOCK_SIZE ) !=0 ) ) AES_BLOCK_SIZE ) !=0 ) )
{ {
return( ret ); return( ret );
} }
@ -810,28 +814,28 @@ int mbedtls_cmac_self_test( int verbose )
#ifdef MBEDTLS_DES_C #ifdef MBEDTLS_DES_C
if( ( ret = test_cmac_with_cipher( verbose, if( ( ret = test_cmac_with_cipher( verbose,
"3DES 2 key", "3DES 2 key",
des3_2key_key, des3_2key_key,
192, 192,
test_message, test_message,
des3_message_lengths, des3_message_lengths,
(const unsigned char*) des3_2key_subkeys, (const unsigned char*) des3_2key_subkeys,
(const unsigned char*) des3_2key_expected_result, (const unsigned char*) des3_2key_expected_result,
MBEDTLS_CIPHER_ID_3DES, MBEDTLS_CIPHER_ID_3DES,
DES3_BLOCK_SIZE ) !=0 ) ) DES3_BLOCK_SIZE ) !=0 ) )
{ {
return( ret ); return( ret );
} }
if( ( ret = test_cmac_with_cipher( verbose, if( ( ret = test_cmac_with_cipher( verbose,
"3DES 3 key", "3DES 3 key",
des3_3key_key, des3_3key_key,
192, 192,
test_message, test_message,
des3_message_lengths, des3_message_lengths,
(const unsigned char*) des3_3key_subkeys, (const unsigned char*) des3_3key_subkeys,
(const unsigned char*) des3_3key_expected_result, (const unsigned char*) des3_3key_expected_result,
MBEDTLS_CIPHER_ID_3DES, MBEDTLS_CIPHER_ID_3DES,
DES3_BLOCK_SIZE ) !=0 ) ) DES3_BLOCK_SIZE ) !=0 ) )
{ {
return( ret ); return( ret );
} }
@ -840,7 +844,6 @@ int mbedtls_cmac_self_test( int verbose )
#ifdef MBEDTLS_AES_C #ifdef MBEDTLS_AES_C
if( ( ret = test_aes128_cmac_prf( verbose ) != 0 ) ) if( ( ret = test_aes128_cmac_prf( verbose ) != 0 ) )
return( ret ); return( ret );
#endif /* MBEDTLS_AES_C */ #endif /* MBEDTLS_AES_C */
if( verbose != 0 ) if( verbose != 0 )