mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2025-01-22 09:01:02 +00:00
Merge remote-tracking branch 'origin/pr/2700' into mbedtls-2.16
* origin/pr/2700: Changelog entry for HAVEGE fix Prevent building the HAVEGE module on platforms where it doesn't work Fix misuse of signed ints in the HAVEGE module
This commit is contained in:
commit
c041b4fc94
|
@ -12,6 +12,7 @@ Bugfix
|
||||||
irwir.
|
irwir.
|
||||||
* Enable Suite B with subset of ECP curves. Make sure the code compiles even
|
* Enable Suite B with subset of ECP curves. Make sure the code compiles even
|
||||||
if some curves are not defined. Fixes #1591 reported by dbedev.
|
if some curves are not defined. Fixes #1591 reported by dbedev.
|
||||||
|
* Fix misuse of signed arithmetic in the HAVEGE module. #2598
|
||||||
|
|
||||||
Changes
|
Changes
|
||||||
* Make it easier to define MBEDTLS_PARAM_FAILED as assert (which config.h
|
* Make it easier to define MBEDTLS_PARAM_FAILED as assert (which config.h
|
||||||
|
|
|
@ -38,8 +38,19 @@
|
||||||
#include "mbedtls/timing.h"
|
#include "mbedtls/timing.h"
|
||||||
#include "mbedtls/platform_util.h"
|
#include "mbedtls/platform_util.h"
|
||||||
|
|
||||||
|
#include <limits.h>
|
||||||
#include <string.h>
|
#include <string.h>
|
||||||
|
|
||||||
|
/* If int isn't capable of storing 2^32 distinct values, the code of this
|
||||||
|
* module may cause a processor trap or a miscalculation. If int is more
|
||||||
|
* than 32 bits, the code may not calculate the intended values. */
|
||||||
|
#if INT_MIN + 1 != -0x7fffffff
|
||||||
|
#error "The HAVEGE module requires int to be exactly 32 bits, with INT_MIN = -2^31."
|
||||||
|
#endif
|
||||||
|
#if UINT_MAX != 0xffffffff
|
||||||
|
#error "The HAVEGE module requires unsigned to be exactly 32 bits."
|
||||||
|
#endif
|
||||||
|
|
||||||
/* ------------------------------------------------------------------------
|
/* ------------------------------------------------------------------------
|
||||||
* On average, one iteration accesses two 8-word blocks in the havege WALK
|
* On average, one iteration accesses two 8-word blocks in the havege WALK
|
||||||
* table, and generates 16 words in the RES array.
|
* table, and generates 16 words in the RES array.
|
||||||
|
@ -54,7 +65,7 @@
|
||||||
* ------------------------------------------------------------------------
|
* ------------------------------------------------------------------------
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#define SWAP(X,Y) { int *T = (X); (X) = (Y); (Y) = T; }
|
#define SWAP(X,Y) { unsigned *T = (X); (X) = (Y); (Y) = T; }
|
||||||
|
|
||||||
#define TST1_ENTER if( PTEST & 1 ) { PTEST ^= 3; PTEST >>= 1;
|
#define TST1_ENTER if( PTEST & 1 ) { PTEST ^= 3; PTEST >>= 1;
|
||||||
#define TST2_ENTER if( PTEST & 1 ) { PTEST ^= 3; PTEST >>= 1;
|
#define TST2_ENTER if( PTEST & 1 ) { PTEST ^= 3; PTEST >>= 1;
|
||||||
|
@ -77,7 +88,7 @@
|
||||||
PTX = (PT1 >> 18) & 7; \
|
PTX = (PT1 >> 18) & 7; \
|
||||||
PT1 &= 0x1FFF; \
|
PT1 &= 0x1FFF; \
|
||||||
PT2 &= 0x1FFF; \
|
PT2 &= 0x1FFF; \
|
||||||
CLK = (int) mbedtls_timing_hardclock(); \
|
CLK = (unsigned) mbedtls_timing_hardclock(); \
|
||||||
\
|
\
|
||||||
i = 0; \
|
i = 0; \
|
||||||
A = &WALK[PT1 ]; RES[i++] ^= *A; \
|
A = &WALK[PT1 ]; RES[i++] ^= *A; \
|
||||||
|
@ -100,7 +111,7 @@
|
||||||
\
|
\
|
||||||
IN = (*A >> (5)) ^ (*A << (27)) ^ CLK; \
|
IN = (*A >> (5)) ^ (*A << (27)) ^ CLK; \
|
||||||
*A = (*B >> (6)) ^ (*B << (26)) ^ CLK; \
|
*A = (*B >> (6)) ^ (*B << (26)) ^ CLK; \
|
||||||
*B = IN; CLK = (int) mbedtls_timing_hardclock(); \
|
*B = IN; CLK = (unsigned) mbedtls_timing_hardclock(); \
|
||||||
*C = (*C >> (7)) ^ (*C << (25)) ^ CLK; \
|
*C = (*C >> (7)) ^ (*C << (25)) ^ CLK; \
|
||||||
*D = (*D >> (8)) ^ (*D << (24)) ^ CLK; \
|
*D = (*D >> (8)) ^ (*D << (24)) ^ CLK; \
|
||||||
\
|
\
|
||||||
|
@ -151,19 +162,20 @@
|
||||||
PT1 ^= (PT2 ^ 0x10) & 0x10; \
|
PT1 ^= (PT2 ^ 0x10) & 0x10; \
|
||||||
\
|
\
|
||||||
for( n++, i = 0; i < 16; i++ ) \
|
for( n++, i = 0; i < 16; i++ ) \
|
||||||
hs->pool[n % MBEDTLS_HAVEGE_COLLECT_SIZE] ^= RES[i];
|
POOL[n % MBEDTLS_HAVEGE_COLLECT_SIZE] ^= RES[i];
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Entropy gathering function
|
* Entropy gathering function
|
||||||
*/
|
*/
|
||||||
static void havege_fill( mbedtls_havege_state *hs )
|
static void havege_fill( mbedtls_havege_state *hs )
|
||||||
{
|
{
|
||||||
int i, n = 0;
|
unsigned i, n = 0;
|
||||||
int U1, U2, *A, *B, *C, *D;
|
unsigned U1, U2, *A, *B, *C, *D;
|
||||||
int PT1, PT2, *WALK, RES[16];
|
unsigned PT1, PT2, *WALK, *POOL, RES[16];
|
||||||
int PTX, PTY, CLK, PTEST, IN;
|
unsigned PTX, PTY, CLK, PTEST, IN;
|
||||||
|
|
||||||
WALK = hs->WALK;
|
WALK = (unsigned *) hs->WALK;
|
||||||
|
POOL = (unsigned *) hs->pool;
|
||||||
PT1 = hs->PT1;
|
PT1 = hs->PT1;
|
||||||
PT2 = hs->PT2;
|
PT2 = hs->PT2;
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue