mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-12-24 01:05:41 +00:00
Add double check to entropy-loop
To prevent glitching and going through without strong source
This commit is contained in:
parent
4708d66af5
commit
552e8f2d6a
|
@ -258,7 +258,8 @@ int mbedtls_entropy_update_manual( mbedtls_entropy_context *ctx,
|
||||||
*/
|
*/
|
||||||
static int entropy_gather_internal( mbedtls_entropy_context *ctx )
|
static int entropy_gather_internal( mbedtls_entropy_context *ctx )
|
||||||
{
|
{
|
||||||
int ret, i, have_one_strong = 0;
|
int ret, i;
|
||||||
|
volatile int have_one_strong_fi = 0;
|
||||||
unsigned char buf[MBEDTLS_ENTROPY_MAX_GATHER];
|
unsigned char buf[MBEDTLS_ENTROPY_MAX_GATHER];
|
||||||
size_t olen;
|
size_t olen;
|
||||||
|
|
||||||
|
@ -271,7 +272,7 @@ static int entropy_gather_internal( mbedtls_entropy_context *ctx )
|
||||||
for( i = 0; i < ctx->source_count; i++ )
|
for( i = 0; i < ctx->source_count; i++ )
|
||||||
{
|
{
|
||||||
if( ctx->source[i].strong == MBEDTLS_ENTROPY_SOURCE_STRONG )
|
if( ctx->source[i].strong == MBEDTLS_ENTROPY_SOURCE_STRONG )
|
||||||
have_one_strong = 1;
|
have_one_strong_fi = 1;
|
||||||
|
|
||||||
olen = 0;
|
olen = 0;
|
||||||
if( ( ret = ctx->source[i].f_source( ctx->source[i].p_source,
|
if( ( ret = ctx->source[i].f_source( ctx->source[i].p_source,
|
||||||
|
@ -292,8 +293,14 @@ static int entropy_gather_internal( mbedtls_entropy_context *ctx )
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if( have_one_strong == 0 )
|
if( have_one_strong_fi == 0 )
|
||||||
|
{
|
||||||
|
mbedtls_platform_enforce_volatile_reads();
|
||||||
|
if( have_one_strong_fi == 0)
|
||||||
|
{
|
||||||
ret = MBEDTLS_ERR_ENTROPY_NO_STRONG_SOURCE;
|
ret = MBEDTLS_ERR_ENTROPY_NO_STRONG_SOURCE;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
cleanup:
|
cleanup:
|
||||||
mbedtls_platform_zeroize( buf, sizeof( buf ) );
|
mbedtls_platform_zeroize( buf, sizeof( buf ) );
|
||||||
|
|
Loading…
Reference in a new issue