Merge remote-tracking branch 'upstream-public/pr/1278' into mbedtls-2.1

This commit is contained in:
Jaeden Amero 2018-01-24 10:55:56 +00:00
commit 0295634b21
3 changed files with 10 additions and 3 deletions

View File

@ -62,6 +62,9 @@ Bugfix
* Fix issue in RSA key generation program programs/x509/rsa_genkey * Fix issue in RSA key generation program programs/x509/rsa_genkey
where the failure of CTR DRBG initialization lead to freeing an where the failure of CTR DRBG initialization lead to freeing an
RSA context without proper initialization beforehand. RSA context without proper initialization beforehand.
* Fix bug in cipher decryption with MBEDTLS_PADDING_ONE_AND_ZEROS that
sometimes accepted invalid padding. (Not used in TLS.) Found and fixed
by Micha Kraus.
Changes Changes
* Extend cert_write example program by options to set the CRT version * Extend cert_write example program by options to set the CRT version

View File

@ -485,14 +485,14 @@ static int get_one_and_zeros_padding( unsigned char *input, size_t input_len,
if( NULL == input || NULL == data_len ) if( NULL == input || NULL == data_len )
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
bad = 0xFF; bad = 0x80;
*data_len = 0; *data_len = 0;
for( i = input_len; i > 0; i-- ) for( i = input_len; i > 0; i-- )
{ {
prev_done = done; prev_done = done;
done |= ( input[i-1] != 0 ); done |= ( input[i - 1] != 0 );
*data_len |= ( i - 1 ) * ( done != prev_done ); *data_len |= ( i - 1 ) * ( done != prev_done );
bad &= ( input[i-1] ^ 0x80 ) | ( done == prev_done ); bad ^= input[i - 1] * ( done != prev_done );
} }
return( MBEDTLS_ERR_CIPHER_INVALID_PADDING * ( bad != 0 ) ); return( MBEDTLS_ERR_CIPHER_INVALID_PADDING * ( bad != 0 ) );

View File

@ -184,6 +184,10 @@ Check one and zeros padding #7 (overlong)
depends_on:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS depends_on:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
check_padding:MBEDTLS_PADDING_ONE_AND_ZEROS:"0000000000":MBEDTLS_ERR_CIPHER_INVALID_PADDING:4 check_padding:MBEDTLS_PADDING_ONE_AND_ZEROS:"0000000000":MBEDTLS_ERR_CIPHER_INVALID_PADDING:4
Check one and zeros padding #8 (last byte 0x80 | x)
depends_on:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
check_padding:MBEDTLS_PADDING_ONE_AND_ZEROS:"0000000082":MBEDTLS_ERR_CIPHER_INVALID_PADDING:4
Check zeros and len padding #1 (correct) Check zeros and len padding #1 (correct)
depends_on:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN depends_on:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
check_padding:MBEDTLS_PADDING_ZEROS_AND_LEN:"DABBAD0001":0:4 check_padding:MBEDTLS_PADDING_ZEROS_AND_LEN:"DABBAD0001":0:4