yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-01-09 23:15:38 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'upstream-restricted/pr/413' into mbedtls-1.3-restricted

Browse source
This commit is contained in:
Jaeden Amero 2018-01-26 17:53:40 +00:00
parent d480d5c3cd 1e520e0882
commit d6b8ce467c
5 changed files with 14 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
ChangeLog
View file

@ -30,6 +30,9 @@ Security
Reported by Marco Macchetti, Kudelski Group. Reported by Marco Macchetti, Kudelski Group.
* Wipe stack buffer temporarily holding EC private exponent * Wipe stack buffer temporarily holding EC private exponent
after keypair generation. after keypair generation.
* Change default choice of DHE parameters from untrustworthy RFC 5114
to RFC 3526 containing parameters generated in a nothing-up-my-sleeve
manner.
Features Features
* Allow comments in test data files. * Allow comments in test data files.

6
include/polarssl/dhm.h
View file

@ -55,6 +55,12 @@
* RFC 3526 4. 3072-bit MODP Group * RFC 3526 4. 3072-bit MODP Group
* RFC 5114 2.1. 1024-bit MODP Group with 160-bit Prime Order Subgroup * RFC 5114 2.1. 1024-bit MODP Group with 160-bit Prime Order Subgroup
* RFC 5114 2.2. 2048-bit MODP Group with 224-bit Prime Order Subgroup * RFC 5114 2.2. 2048-bit MODP Group with 224-bit Prime Order Subgroup
*
* \warning The primes from RFC 5114 do not come together with information
* on how they were generated and are therefore not considered
* trustworthy. It is recommended to avoid them and to use the
* nothing-up-my-sleeve primes from RFC 3526 instead.
*
*/ */
#define POLARSSL_DHM_RFC2409_MODP_1024_P \ #define POLARSSL_DHM_RFC2409_MODP_1024_P \
"FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" \ "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" \

4
library/ssl_tls.c
View file

@ -3711,9 +3711,9 @@ int ssl_init( ssl_context *ssl )
#if defined(POLARSSL_DHM_C) #if defined(POLARSSL_DHM_C)
if( ( ret = mpi_read_string( &ssl->dhm_P, 16, if( ( ret = mpi_read_string( &ssl->dhm_P, 16,
POLARSSL_DHM_RFC5114_MODP_2048_P) ) != 0 || POLARSSL_DHM_RFC3526_MODP_2048_P) ) != 0 ||
( ret = mpi_read_string( &ssl->dhm_G, 16, ( ret = mpi_read_string( &ssl->dhm_G, 16,
POLARSSL_DHM_RFC5114_MODP_2048_G) ) != 0 ) POLARSSL_DHM_RFC3526_MODP_2048_G) ) != 0 )
{ {
SSL_DEBUG_RET( 1, "mpi_read_string", ret ); SSL_DEBUG_RET( 1, "mpi_read_string", ret );
return( ret ); return( ret );

4
programs/ssl/ssl_server2.c
View file

@ -1598,8 +1598,8 @@ int main( int argc, char *argv[] )
ret = ssl_set_dh_param_ctx( &ssl, &dhm ); ret = ssl_set_dh_param_ctx( &ssl, &dhm );
else else
#endif #endif
ret = ssl_set_dh_param( &ssl, POLARSSL_DHM_RFC5114_MODP_2048_P, ret = ssl_set_dh_param( &ssl, POLARSSL_DHM_RFC3526_MODP_2048_P,
POLARSSL_DHM_RFC5114_MODP_2048_G ); POLARSSL_DHM_RFC3526_MODP_2048_G );
if( ret != 0 ) if( ret != 0 )
{ {

2
tests/ssl-opt.sh
View file

@ -2331,7 +2331,7 @@ run_test "DHM parameters: reference" \
debug_level=3" \ debug_level=3" \
0 \ 0 \
-c "value of 'DHM: P ' (2048 bits)" \ -c "value of 'DHM: P ' (2048 bits)" \
-c "value of 'DHM: G ' (2048 bits)" -c "value of 'DHM: G ' (2 bits)"
run_test "DHM parameters: other parameters" \ run_test "DHM parameters: other parameters" \
"$P_SRV dhm_file=data_files/dhparams.pem" \ "$P_SRV dhm_file=data_files/dhparams.pem" \