yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-06-29 22:23:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'public/pr/1137' into mbedtls-2.1

Browse source
This commit is contained in:
Simon Butcher 2018-08-28 12:33:27 +01:00
parent 85e5bfd00c badbe80c7f
commit 7a47cbca16
3 changed files with 36 additions and 22 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
ChangeLog
View file

@ -22,6 +22,8 @@ Bugfix
introduced in Mbed TLS 2.12.0. Fixes #1954. introduced in Mbed TLS 2.12.0. Fixes #1954.
* Fix undefined shifts with negative values in certificates parsing * Fix undefined shifts with negative values in certificates parsing
(found by Catena cyber using oss-fuzz) (found by Catena cyber using oss-fuzz)
* Fix memory leak and free without initialization in pk_encrypt
and pk_decrypt example programs. Reported by Brace Stout. Fixes #1128.
= mbed TLS 2.1.14 branch released 2018-07-25 = mbed TLS 2.1.14 branch released 2018-07-25

28
programs/pkey/pk_decrypt.c
View file

@ -69,7 +69,10 @@ int main( int argc, char *argv[] )
const char *pers = "mbedtls_pk_decrypt"; const char *pers = "mbedtls_pk_decrypt";
((void) argv); ((void) argv);
mbedtls_pk_init( &pk );
mbedtls_entropy_init( &entropy );
mbedtls_ctr_drbg_init( &ctr_drbg ); mbedtls_ctr_drbg_init( &ctr_drbg );
memset(result, 0, sizeof( result ) ); memset(result, 0, sizeof( result ) );
ret = 1; ret = 1;
@ -87,20 +90,18 @@ int main( int argc, char *argv[] )
mbedtls_printf( "\n . Seeding the random number generator..." ); mbedtls_printf( "\n . Seeding the random number generator..." );
fflush( stdout ); fflush( stdout );
mbedtls_entropy_init( &entropy ); if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, &entropy, (const unsigned char *) pers,
(const unsigned char *) pers, strlen( pers ) ) ) != 0 )
strlen( pers ) ) ) != 0 )
{ {
mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret ); mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%04x\n",
-ret );
goto exit; goto exit;
} }
mbedtls_printf( "\n . Reading private key from '%s'", argv[1] ); mbedtls_printf( "\n . Reading private key from '%s'", argv[1] );
fflush( stdout ); fflush( stdout );
mbedtls_pk_init( &pk );
if( ( ret = mbedtls_pk_parse_keyfile( &pk, argv[1], "" ) ) != 0 ) if( ( ret = mbedtls_pk_parse_keyfile( &pk, argv[1], "" ) ) != 0 )
{ {
mbedtls_printf( " failed\n ! mbedtls_pk_parse_keyfile returned -0x%04x\n", -ret ); mbedtls_printf( " failed\n ! mbedtls_pk_parse_keyfile returned -0x%04x\n", -ret );
@ -115,14 +116,16 @@ int main( int argc, char *argv[] )
if( ( f = fopen( "result-enc.txt", "rb" ) ) == NULL ) if( ( f = fopen( "result-enc.txt", "rb" ) ) == NULL )
{ {
mbedtls_printf( "\n ! Could not open %s\n\n", "result-enc.txt" ); mbedtls_printf( "\n ! Could not open %s\n\n", "result-enc.txt" );
ret = 1;
goto exit; goto exit;
} }
i = 0; i = 0;
while( fscanf( f, "%02X", &c ) > 0 && while( fscanf( f, "%02X", &c ) > 0 &&
i < (int) sizeof( buf ) ) i < (int) sizeof( buf ) )
{
buf[i++] = (unsigned char) c; buf[i++] = (unsigned char) c;
}
fclose( f ); fclose( f );
@ -135,7 +138,8 @@ int main( int argc, char *argv[] )
if( ( ret = mbedtls_pk_decrypt( &pk, buf, i, result, &olen, sizeof(result), if( ( ret = mbedtls_pk_decrypt( &pk, buf, i, result, &olen, sizeof(result),
mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 )
{ {
mbedtls_printf( " failed\n ! mbedtls_pk_decrypt returned -0x%04x\n", -ret ); mbedtls_printf( " failed\n ! mbedtls_pk_decrypt returned -0x%04x\n",
-ret );
goto exit; goto exit;
} }
@ -146,13 +150,15 @@ int main( int argc, char *argv[] )
ret = 0; ret = 0;
exit: exit:
mbedtls_ctr_drbg_free( &ctr_drbg );
mbedtls_pk_free( &pk );
mbedtls_entropy_free( &entropy ); mbedtls_entropy_free( &entropy );
mbedtls_ctr_drbg_free( &ctr_drbg );
#if defined(MBEDTLS_ERROR_C) #if defined(MBEDTLS_ERROR_C)
if( ret != 0 ) if( ret != 0 )
{ {
mbedtls_strerror( ret, (char *) buf, sizeof(buf) ); mbedtls_strerror( ret, (char *) buf, sizeof( buf ) );
mbedtls_printf( " ! Last error was: %s\n", buf ); mbedtls_printf( " ! Last error was: %s\n", buf );
} }
#endif #endif

28
programs/pkey/pk_encrypt.c
View file

@ -70,6 +70,8 @@ int main( int argc, char *argv[] )
ret = 1; ret = 1;
mbedtls_ctr_drbg_init( &ctr_drbg ); mbedtls_ctr_drbg_init( &ctr_drbg );
mbedtls_entropy_init( &entropy );
mbedtls_pk_init( &pk );
if( argc != 3 ) if( argc != 3 )
{ {
@ -85,20 +87,18 @@ int main( int argc, char *argv[] )
mbedtls_printf( "\n . Seeding the random number generator..." ); mbedtls_printf( "\n . Seeding the random number generator..." );
fflush( stdout ); fflush( stdout );
mbedtls_entropy_init( &entropy ); if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, &entropy, (const unsigned char *) pers,
(const unsigned char *) pers, strlen( pers ) ) ) != 0 )
strlen( pers ) ) ) != 0 )
{ {
mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%04x\n", -ret ); mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%04x\n",
-ret );
goto exit; goto exit;
} }
mbedtls_printf( "\n . Reading public key from '%s'", argv[1] ); mbedtls_printf( "\n . Reading public key from '%s'", argv[1] );
fflush( stdout ); fflush( stdout );
mbedtls_pk_init( &pk );
if( ( ret = mbedtls_pk_parse_public_keyfile( &pk, argv[1] ) ) != 0 ) if( ( ret = mbedtls_pk_parse_public_keyfile( &pk, argv[1] ) ) != 0 )
{ {
mbedtls_printf( " failed\n ! mbedtls_pk_parse_public_keyfile returned -0x%04x\n", -ret ); mbedtls_printf( " failed\n ! mbedtls_pk_parse_public_keyfile returned -0x%04x\n", -ret );
@ -123,7 +123,8 @@ int main( int argc, char *argv[] )
buf, &olen, sizeof(buf), buf, &olen, sizeof(buf),
mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 )
{ {
mbedtls_printf( " failed\n ! mbedtls_pk_encrypt returned -0x%04x\n", -ret ); mbedtls_printf( " failed\n ! mbedtls_pk_encrypt returned -0x%04x\n",
-ret );
goto exit; goto exit;
} }
@ -132,27 +133,32 @@ int main( int argc, char *argv[] )
*/ */
if( ( f = fopen( "result-enc.txt", "wb+" ) ) == NULL ) if( ( f = fopen( "result-enc.txt", "wb+" ) ) == NULL )
{ {
mbedtls_printf( " failed\n ! Could not create %s\n\n",
"result-enc.txt" );
ret = 1; ret = 1;
mbedtls_printf( " failed\n ! Could not create %s\n\n", "result-enc.txt" );
goto exit; goto exit;
} }
for( i = 0; i < olen; i++ ) for( i = 0; i < olen; i++ )
{
mbedtls_fprintf( f, "%02X%s", buf[i], mbedtls_fprintf( f, "%02X%s", buf[i],
( i + 1 ) % 16 == 0 ? "\r\n" : " " ); ( i + 1 ) % 16 == 0 ? "\r\n" : " " );
}
fclose( f ); fclose( f );
mbedtls_printf( "\n . Done (created \"%s\")\n\n", "result-enc.txt" ); mbedtls_printf( "\n . Done (created \"%s\")\n\n", "result-enc.txt" );
exit: exit:
mbedtls_ctr_drbg_free( &ctr_drbg );
mbedtls_pk_free( &pk );
mbedtls_entropy_free( &entropy ); mbedtls_entropy_free( &entropy );
mbedtls_ctr_drbg_free( &ctr_drbg );
#if defined(MBEDTLS_ERROR_C) #if defined(MBEDTLS_ERROR_C)
if( ret != 0 ) if( ret != 0 )
{ {
mbedtls_strerror( ret, (char *) buf, sizeof(buf) ); mbedtls_strerror( ret, (char *) buf, sizeof( buf ) );
mbedtls_printf( " ! Last error was: %s\n", buf ); mbedtls_printf( " ! Last error was: %s\n", buf );
} }
#endif #endif