yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-01-07 06:05:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix potential undefined behaviour in Camellia

Browse source
This commit is contained in:
Manuel Pégourié-Gonnard 2014-11-10 13:05:43 +01:00
parent 7bf9f7e308
commit ffbeedb838
2 changed files with 11 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
ChangeLog
View file

@ -13,6 +13,9 @@ Security
(TLS server is not affected if it doesn't ask for a client certificate)
found using Codenomicon Defensics).
Bugfix
* Fix potential undefined behaviour in Camellia.
Changes
* Blind RSA private operations even when POLARSSL_RSA_NO_CRT is defined.
* Forbid repeated extensions in X.509 certificates.

16
library/camellia.c
View file

@ -293,14 +293,14 @@ static void camellia_feistel(const uint32_t x[2], const uint32_t k[2], uint32_t
I0 = x[0] ^ k[0];
I1 = x[1] ^ k[1];
I0 = (SBOX1((I0 >> 24) & 0xFF) << 24) |
(SBOX2((I0 >> 16) & 0xFF) << 16) |
(SBOX3((I0 >> 8) & 0xFF) << 8) |
(SBOX4((I0 ) & 0xFF) );
I1 = (SBOX2((I1 >> 24) & 0xFF) << 24) |
(SBOX3((I1 >> 16) & 0xFF) << 16) |
(SBOX4((I1 >> 8) & 0xFF) << 8) |
(SBOX1((I1 ) & 0xFF) );
I0 = ((uint32_t) SBOX1((I0 >> 24) & 0xFF) << 24) |
((uint32_t) SBOX2((I0 >> 16) & 0xFF) << 16) |
((uint32_t) SBOX3((I0 >> 8) & 0xFF) << 8) |
((uint32_t) SBOX4((I0 ) & 0xFF) );
I1 = ((uint32_t) SBOX2((I1 >> 24) & 0xFF) << 24) |
((uint32_t) SBOX3((I1 >> 16) & 0xFF) << 16) |
((uint32_t) SBOX4((I1 >> 8) & 0xFF) << 8) |
((uint32_t) SBOX1((I1 ) & 0xFF) );
I0 ^= (I1 << 8) | (I1 >> 24);
I1 ^= (I0 << 16) | (I0 >> 16);