Merge remote-tracking branch 'upstream-restricted/pr/613' into mbedtls-2.16-restricted

2024-11-25 20:25:53 +01:00 · 2019-08-14 16:36:30 +02:00 · 2019-08-14 16:36:30 +02:00 · 3a930650c8
commit 3a930650c8
parent c3c738e0fe 50be358479
4 changed files with 30 additions and 1 deletions
--- a/5
+++ b/5
@ -2,6 +2,11 @@ mbed TLS ChangeLog (Sorted per branch, date)
 = mbed TLS x.x.x branch released xxxx-xx-xx
 Security
   * Fix a missing error detection in ECJPAKE. This could have caused a
     predictable shared secret if a hardware accelerator failed and the other
     side of the key exchange had a similar bug.
 Bugfix
   * Fix to allow building test suites with any warning that detects unused
     functions. Fixes #1628.
--- a/library/ecjpake.c
+++ b/library/ecjpake.c
@ -226,7 +226,7 @@ static int ecjpake_hash( const mbedtls_md_info_t *md_info,
    p += id_len;
    /* Compute hash */
-    mbedtls_md( md_info, buf, p - buf, hash );
+    MBEDTLS_MPI_CHK( mbedtls_md( md_info, buf, p - buf, hash ) );
    /* Turn it into an integer mod n */
    MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( h, hash,
--- a/tests/suites/test_suite_ecjpake.data
+++ b/tests/suites/test_suite_ecjpake.data
@ -4,6 +4,9 @@ ecjpake_invalid_param:
 ECJPAKE selftest
 ecjpake_selftest:
 ECJPAKE fail read corrupt MD
 read_bad_md:"41047ea6e3a4487037a9e0dbd79262b2cc273e779930fc18409ac5361c5fe669d702e147790aeb4ce7fd6575ab0f6c7fd1c335939aa863ba37ec91b7e32bb013bb2b410409f85b3d20ebd7885ce464c08d056d6428fe4dd9287aa365f131f4360ff386d846898bc4b41583c2a5197f65d78742746c12a5ec0a4ffe2f270a750a1d8fb51620934d74eb43e54df424fd96306c0117bf131afabf90a9d33d1198d905193735144104190a07700ffa4be6ae1d79ee0f06aeb544cd5addaabedf70f8623321332c54f355f0fbfec783ed359e5d0bf7377a0fc4ea7ace473c9c112b41ccd41ac56a56124104360a1cea33fce641156458e0a4eac219e96831e6aebc88b3f3752f93a0281d1bf1fb106051db9694a8d6e862a5ef1324a3d9e27894f1ee4f7c59199965a8dd4a2091847d2d22df3ee55faa2a3fb33fd2d1e055a07a7c61ecfb8d80ec00c2c9eb12"
 ECJPAKE round one: client, valid
 read_round_one:MBEDTLS_ECJPAKE_CLIENT:"41047ea6e3a4487037a9e0dbd79262b2cc273e779930fc18409ac5361c5fe669d702e147790aeb4ce7fd6575ab0f6c7fd1c335939aa863ba37ec91b7e32bb013bb2b410409f85b3d20ebd7885ce464c08d056d6428fe4dd9287aa365f131f4360ff386d846898bc4b41583c2a5197f65d78742746c12a5ec0a4ffe2f270a750a1d8fb51620934d74eb43e54df424fd96306c0117bf131afabf90a9d33d1198d905193735144104190a07700ffa4be6ae1d79ee0f06aeb544cd5addaabedf70f8623321332c54f355f0fbfec783ed359e5d0bf7377a0fc4ea7ace473c9c112b41ccd41ac56a56124104360a1cea33fce641156458e0a4eac219e96831e6aebc88b3f3752f93a0281d1bf1fb106051db9694a8d6e862a5ef1324a3d9e27894f1ee4f7c59199965a8dd4a2091847d2d22df3ee55faa2a3fb33fd2d1e055a07a7c61ecfb8d80ec00c2c9eb12":0
--- a/tests/suites/test_suite_ecjpake.function
+++ b/tests/suites/test_suite_ecjpake.function
@ -236,6 +236,27 @@ void ecjpake_selftest(  )
 }
 /* END_CASE */
 /* BEGIN_CASE depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C */
 void read_bad_md( data_t *msg )
 {
    mbedtls_ecjpake_context corrupt_ctx;
    const unsigned char * pw = NULL;
    const size_t pw_len = 0;
    int any_role = MBEDTLS_ECJPAKE_CLIENT;
    mbedtls_ecjpake_init( &corrupt_ctx );
    TEST_ASSERT( mbedtls_ecjpake_setup( &corrupt_ctx, any_role,
                 MBEDTLS_MD_SHA256, MBEDTLS_ECP_DP_SECP256R1, pw, pw_len ) == 0 );
    corrupt_ctx.md_info = NULL;
    TEST_ASSERT( mbedtls_ecjpake_read_round_one( &corrupt_ctx, msg->x,
                 msg->len ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA );
 exit:
    mbedtls_ecjpake_free( &corrupt_ctx );
 }
 /* END_CASE */
 /* BEGIN_CASE depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C */
 void read_round_one( int role, data_t * msg, int ref_ret )
 {