mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-25 22:15:37 +01:00
Merge pull request #672 from gilles-peskine-arm/ctr_drbg-aes_fail-2.16
Backport 2.16: Uncaught AES failure in CTR_DRBG
This commit is contained in:
commit
1dfc361a50
@ -20,6 +20,10 @@ Security
|
|||||||
timings on the comparison in the key generation enabled the attacker to
|
timings on the comparison in the key generation enabled the attacker to
|
||||||
learn leading bits of the ephemeral key used during ECDSA signatures and to
|
learn leading bits of the ephemeral key used during ECDSA signatures and to
|
||||||
recover the private key. Reported by Jeremy Dubeuf.
|
recover the private key. Reported by Jeremy Dubeuf.
|
||||||
|
* Catch failure of AES functions in mbedtls_ctr_drbg_random(). Uncaught
|
||||||
|
failures could happen with alternative implementations of AES. Bug
|
||||||
|
reported and fix proposed by Johan Uppman Bruce and Christoffer Lauri,
|
||||||
|
Sectra.
|
||||||
|
|
||||||
Bugfix
|
Bugfix
|
||||||
* Remove redundant line for getting the bitlen of a bignum, since the variable
|
* Remove redundant line for getting the bitlen of a bignum, since the variable
|
||||||
|
@ -517,7 +517,7 @@ int mbedtls_ctr_drbg_random_with_add( void *p_rng,
|
|||||||
exit:
|
exit:
|
||||||
mbedtls_platform_zeroize( add_input, sizeof( add_input ) );
|
mbedtls_platform_zeroize( add_input, sizeof( add_input ) );
|
||||||
mbedtls_platform_zeroize( tmp, sizeof( tmp ) );
|
mbedtls_platform_zeroize( tmp, sizeof( tmp ) );
|
||||||
return( 0 );
|
return( ret );
|
||||||
}
|
}
|
||||||
|
|
||||||
int mbedtls_ctr_drbg_random( void *p_rng, unsigned char *output, size_t output_len )
|
int mbedtls_ctr_drbg_random( void *p_rng, unsigned char *output, size_t output_len )
|
||||||
|
Loading…
Reference in New Issue
Block a user