From 6122b590427fc0945c0f3dbbabd2cf92ad7c074e Mon Sep 17 00:00:00 2001 From: Jarno Lamsa Date: Tue, 17 Dec 2019 10:06:46 +0200 Subject: [PATCH] Address review comments --- library/entropy.c | 23 ++++++++++++----------- library/ssl_cli.c | 4 ++++ 2 files changed, 16 insertions(+), 11 deletions(-) diff --git a/library/entropy.c b/library/entropy.c index 6b0b47b3e..78ea6d411 100644 --- a/library/entropy.c +++ b/library/entropy.c @@ -258,7 +258,8 @@ int mbedtls_entropy_update_manual( mbedtls_entropy_context *ctx, */ static int entropy_gather_internal( mbedtls_entropy_context *ctx ) { - int ret, i; + int i; + volatile int ret = MBEDTLS_ERR_ENTROPY_NO_STRONG_SOURCE; volatile int have_one_strong_fi = 0; unsigned char buf[MBEDTLS_ENTROPY_MAX_GATHER]; size_t olen; @@ -299,19 +300,19 @@ static int entropy_gather_internal( mbedtls_entropy_context *ctx ) } } - if( have_one_strong_fi == 0 ) - { - mbedtls_platform_enforce_volatile_reads(); - if( have_one_strong_fi == 0) - { - ret = MBEDTLS_ERR_ENTROPY_NO_STRONG_SOURCE; - } - } - cleanup: mbedtls_platform_zeroize( buf, sizeof( buf ) ); - return( ret ); + if( have_one_strong_fi == 1 ) + { + mbedtls_platform_enforce_volatile_reads(); + if( have_one_strong_fi == 1 ) + { + return( ret ); + } + } + + return( MBEDTLS_ERR_ENTROPY_NO_STRONG_SOURCE ); } /* diff --git a/library/ssl_cli.c b/library/ssl_cli.c index e0c104e01..a1d2e192d 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -3051,6 +3051,10 @@ static int ssl_in_server_key_exchange_parse( mbedtls_ssl_context *ssl, #endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ return( ret ); } + else + { + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } } #if defined(MBEDTLS_SSL__ECP_RESTARTABLE) if( ret != MBEDTLS_ERR_ECP_IN_PROGRESS )