yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-01-07 06:15:37 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'restricted/pr/514' into mbedtls-2.1

Browse source
This commit is contained in:
Simon Butcher 2018-11-29 17:33:07 +00:00
parent b5bbb95389 43c19648db
commit 6c2f139271
3 changed files with 14 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
ChangeLog
View file

@ -16,6 +16,8 @@ Security
plaintexts and forge RSA signatures. Other asymmetric algorithms may plaintexts and forge RSA signatures. Other asymmetric algorithms may
have been similarly vulnerable. Reported by Eyal Ronen, Robert Gillham, have been similarly vulnerable. Reported by Eyal Ronen, Robert Gillham,
Daniel Genkin, Adi Shamir, David Wong and Yuval Yarom. Daniel Genkin, Adi Shamir, David Wong and Yuval Yarom.
* Wipe sensitive buffers on the stack in the CTR_DRBG and HMAC_DRBG
modules.
= mbed TLS 2.1.16 branch released 2018-11-19 = mbed TLS 2.1.16 branch released 2018-11-19

9
library/ctr_drbg.c
View file

@ -226,6 +226,10 @@ static int block_cipher_df( unsigned char *output,
mbedtls_aes_free( &aes_ctx ); mbedtls_aes_free( &aes_ctx );
mbedtls_zeroize( buf, sizeof( buf ) );
mbedtls_zeroize( tmp, sizeof( tmp ) );
mbedtls_zeroize( key, sizeof( key ) );
mbedtls_zeroize( chain, sizeof( chain ) );
return( 0 ); return( 0 );
} }
@ -264,6 +268,7 @@ static int ctr_drbg_update_internal( mbedtls_ctr_drbg_context *ctx,
mbedtls_aes_setkey_enc( &ctx->aes_ctx, tmp, MBEDTLS_CTR_DRBG_KEYBITS ); mbedtls_aes_setkey_enc( &ctx->aes_ctx, tmp, MBEDTLS_CTR_DRBG_KEYBITS );
memcpy( ctx->counter, tmp + MBEDTLS_CTR_DRBG_KEYSIZE, MBEDTLS_CTR_DRBG_BLOCKSIZE ); memcpy( ctx->counter, tmp + MBEDTLS_CTR_DRBG_KEYSIZE, MBEDTLS_CTR_DRBG_BLOCKSIZE );
mbedtls_zeroize( tmp, sizeof( tmp ) );
return( 0 ); return( 0 );
} }
@ -281,6 +286,7 @@ void mbedtls_ctr_drbg_update( mbedtls_ctr_drbg_context *ctx,
block_cipher_df( add_input, additional, add_len ); block_cipher_df( add_input, additional, add_len );
ctr_drbg_update_internal( ctx, add_input ); ctr_drbg_update_internal( ctx, add_input );
mbedtls_zeroize( add_input, sizeof( add_input ) );
} }
} }
@ -327,6 +333,7 @@ int mbedtls_ctr_drbg_reseed( mbedtls_ctr_drbg_context *ctx,
ctr_drbg_update_internal( ctx, seed ); ctr_drbg_update_internal( ctx, seed );
ctx->reseed_counter = 1; ctx->reseed_counter = 1;
mbedtls_zeroize( seed, sizeof( seed ) );
return( 0 ); return( 0 );
} }
@ -393,6 +400,8 @@ int mbedtls_ctr_drbg_random_with_add( void *p_rng,
ctx->reseed_counter++; ctx->reseed_counter++;
mbedtls_zeroize( add_input, sizeof( add_input ) );
mbedtls_zeroize( tmp, sizeof( tmp ) );
return( 0 ); return( 0 );
} }

3
library/hmac_drbg.c
View file

@ -93,6 +93,8 @@ void mbedtls_hmac_drbg_update( mbedtls_hmac_drbg_context *ctx,
mbedtls_md_hmac_update( &ctx->md_ctx, ctx->V, md_len ); mbedtls_md_hmac_update( &ctx->md_ctx, ctx->V, md_len );
mbedtls_md_hmac_finish( &ctx->md_ctx, ctx->V ); mbedtls_md_hmac_finish( &ctx->md_ctx, ctx->V );
} }
mbedtls_zeroize( K, sizeof( K ) );
} }
/* /*
@ -158,6 +160,7 @@ int mbedtls_hmac_drbg_reseed( mbedtls_hmac_drbg_context *ctx,
ctx->reseed_counter = 1; ctx->reseed_counter = 1;
/* 4. Done */ /* 4. Done */
mbedtls_zeroize( seed, seedlen );
return( 0 ); return( 0 );
} }