Address review comments

This commit is contained in:
Jarno Lamsa 2019-12-17 10:06:46 +02:00
parent 46afd5d8fa
commit 6122b59042
2 changed files with 16 additions and 11 deletions

View file

@ -258,7 +258,8 @@ int mbedtls_entropy_update_manual( mbedtls_entropy_context *ctx,
*/ */
static int entropy_gather_internal( mbedtls_entropy_context *ctx ) static int entropy_gather_internal( mbedtls_entropy_context *ctx )
{ {
int ret, i; int i;
volatile int ret = MBEDTLS_ERR_ENTROPY_NO_STRONG_SOURCE;
volatile int have_one_strong_fi = 0; volatile int have_one_strong_fi = 0;
unsigned char buf[MBEDTLS_ENTROPY_MAX_GATHER]; unsigned char buf[MBEDTLS_ENTROPY_MAX_GATHER];
size_t olen; size_t olen;
@ -299,19 +300,19 @@ static int entropy_gather_internal( mbedtls_entropy_context *ctx )
} }
} }
if( have_one_strong_fi == 0 )
{
mbedtls_platform_enforce_volatile_reads();
if( have_one_strong_fi == 0)
{
ret = MBEDTLS_ERR_ENTROPY_NO_STRONG_SOURCE;
}
}
cleanup: cleanup:
mbedtls_platform_zeroize( buf, sizeof( buf ) ); mbedtls_platform_zeroize( buf, sizeof( buf ) );
return( ret ); if( have_one_strong_fi == 1 )
{
mbedtls_platform_enforce_volatile_reads();
if( have_one_strong_fi == 1 )
{
return( ret );
}
}
return( MBEDTLS_ERR_ENTROPY_NO_STRONG_SOURCE );
} }
/* /*

View file

@ -3051,6 +3051,10 @@ static int ssl_in_server_key_exchange_parse( mbedtls_ssl_context *ssl,
#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ #endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
return( ret ); return( ret );
} }
else
{
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
}
} }
#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) #if defined(MBEDTLS_SSL__ECP_RESTARTABLE)
if( ret != MBEDTLS_ERR_ECP_IN_PROGRESS ) if( ret != MBEDTLS_ERR_ECP_IN_PROGRESS )