yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-12-02 00:14:19 +01:00
Code Issues Packages Projects Releases Wiki Activity

HMAC_DRBG: deprecate mbedtls_hmac_drbg_update because it ignores errors

Browse Source 
Deprecate mbedtls_hmac_drbg_update (which returns void) in favor of a
new function mbedtls_hmac_drbg_update_ret which reports error. The old
function is not officially marked as deprecated in this branch because
this is a stable maintenance branch.
This commit is contained in:
Gilles Peskine 2018-09-13 22:19:57 +02:00
parent 563a333a84
commit 48dbe3b5d6
2 changed files with 74 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
include/mbedtls/hmac_drbg.h
View File

@ -195,11 +195,31 @@ void mbedtls_hmac_drbg_set_reseed_interval( mbedtls_hmac_drbg_context *ctx,
* \param additional Additional data to update state with, or NULL * \param additional Additional data to update state with, or NULL
* \param add_len Length of additional data, or 0 * \param add_len Length of additional data, or 0
* *
* \return \c 0 on success, or an error from the underlying
* hash calculation.
*
* \note Additional data is optional, pass NULL and 0 as second
* third argument if no additional data is being used.
*/
int mbedtls_hmac_drbg_update_ret( mbedtls_hmac_drbg_context *ctx,
const unsigned char *additional, size_t add_len );
/**
* \brief HMAC_DRBG update state
*
* \warning This function cannot report errors. You should use
* mbedtls_hmac_drbg_update_ret() instead.
*
* \param ctx HMAC_DRBG context
* \param additional Additional data to update state with, or NULL
* \param add_len Length of additional data, or 0
*
* \note Additional data is optional, pass NULL and 0 as second * \note Additional data is optional, pass NULL and 0 as second
* third argument if no additional data is being used. * third argument if no additional data is being used.
*/ */
void mbedtls_hmac_drbg_update( mbedtls_hmac_drbg_context *ctx, void mbedtls_hmac_drbg_update( mbedtls_hmac_drbg_context *ctx,
const unsigned char *additional, size_t add_len ); const unsigned char *additional,
size_t add_len );
/** /**
* \brief HMAC_DRBG reseeding (extracts data from entropy source) * \brief HMAC_DRBG reseeding (extracts data from entropy source)

71
library/hmac_drbg.c
View File

@ -66,31 +66,56 @@ void mbedtls_hmac_drbg_init( mbedtls_hmac_drbg_context *ctx )
/* /*
* HMAC_DRBG update, using optional additional data (10.1.2.2) * HMAC_DRBG update, using optional additional data (10.1.2.2)
*/ */
void mbedtls_hmac_drbg_update( mbedtls_hmac_drbg_context *ctx, int mbedtls_hmac_drbg_update_ret( mbedtls_hmac_drbg_context *ctx,
const unsigned char *additional, size_t add_len ) const unsigned char *additional,
size_t add_len )
{ {
size_t md_len = mbedtls_md_get_size( ctx->md_ctx.md_info ); size_t md_len = mbedtls_md_get_size( ctx->md_ctx.md_info );
unsigned char rounds = ( additional != NULL && add_len != 0 ) ? 2 : 1; unsigned char rounds = ( additional != NULL && add_len != 0 ) ? 2 : 1;
unsigned char sep[1]; unsigned char sep[1];
unsigned char K[MBEDTLS_MD_MAX_SIZE]; unsigned char K[MBEDTLS_MD_MAX_SIZE];
int ret;
for( sep[0] = 0; sep[0] < rounds; sep[0]++ ) for( sep[0] = 0; sep[0] < rounds; sep[0]++ )
{ {
/* Step 1 or 4 */ /* Step 1 or 4 */
mbedtls_md_hmac_reset( &ctx->md_ctx ); if( ( ret = mbedtls_md_hmac_reset( &ctx->md_ctx ) ) != 0 )
mbedtls_md_hmac_update( &ctx->md_ctx, ctx->V, md_len ); goto exit;
mbedtls_md_hmac_update( &ctx->md_ctx, sep, 1 ); if( ( ret = mbedtls_md_hmac_update( &ctx->md_ctx,
ctx->V, md_len ) ) != 0 )
goto exit;
if( ( ret = mbedtls_md_hmac_update( &ctx->md_ctx,
sep, 1 ) ) != 0 )
goto exit;
if( rounds == 2 ) if( rounds == 2 )
mbedtls_md_hmac_update( &ctx->md_ctx, additional, add_len ); {
mbedtls_md_hmac_finish( &ctx->md_ctx, K ); if( ( ret = mbedtls_md_hmac_update( &ctx->md_ctx,
additional, add_len ) ) != 0 )
goto exit;
}
if( ( ret = mbedtls_md_hmac_finish( &ctx->md_ctx, K ) ) != 0 )
goto exit;
/* Step 2 or 5 */ /* Step 2 or 5 */
mbedtls_md_hmac_starts( &ctx->md_ctx, K, md_len ); if( ( ret = mbedtls_md_hmac_starts( &ctx->md_ctx, K, md_len ) ) != 0 )
mbedtls_md_hmac_update( &ctx->md_ctx, ctx->V, md_len ); goto exit;
mbedtls_md_hmac_finish( &ctx->md_ctx, ctx->V ); if( ( ret = mbedtls_md_hmac_update( &ctx->md_ctx,
ctx->V, md_len ) ) != 0 )
goto exit;
if( ( ret = mbedtls_md_hmac_finish( &ctx->md_ctx, ctx->V ) ) != 0 )
goto exit;
} }
exit:
mbedtls_platform_zeroize( K, sizeof( K ) ); mbedtls_platform_zeroize( K, sizeof( K ) );
return( ret );
}
void mbedtls_hmac_drbg_update( mbedtls_hmac_drbg_context *ctx,
const unsigned char *additional,
size_t add_len )
{
(void) mbedtls_hmac_drbg_update_ret( ctx, additional, add_len );
} }
/* /*
@ -113,7 +138,8 @@ int mbedtls_hmac_drbg_seed_buf( mbedtls_hmac_drbg_context *ctx,
mbedtls_md_hmac_starts( &ctx->md_ctx, ctx->V, mbedtls_md_get_size( md_info ) ); mbedtls_md_hmac_starts( &ctx->md_ctx, ctx->V, mbedtls_md_get_size( md_info ) );
memset( ctx->V, 0x01, mbedtls_md_get_size( md_info ) ); memset( ctx->V, 0x01, mbedtls_md_get_size( md_info ) );
mbedtls_hmac_drbg_update( ctx, data, data_len ); if( ( ret = mbedtls_hmac_drbg_update_ret( ctx, data, data_len ) ) != 0 )
return( ret );
return( 0 ); return( 0 );
} }
@ -126,6 +152,7 @@ int mbedtls_hmac_drbg_reseed( mbedtls_hmac_drbg_context *ctx,
{ {
unsigned char seed[MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT]; unsigned char seed[MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT];
size_t seedlen; size_t seedlen;
int ret;
/* III. Check input length */ /* III. Check input length */
if( len > MBEDTLS_HMAC_DRBG_MAX_INPUT || if( len > MBEDTLS_HMAC_DRBG_MAX_INPUT ||
@ -150,14 +177,16 @@ int mbedtls_hmac_drbg_reseed( mbedtls_hmac_drbg_context *ctx,
} }
/* 2. Update state */ /* 2. Update state */
mbedtls_hmac_drbg_update( ctx, seed, seedlen ); if( ( ret = mbedtls_hmac_drbg_update_ret( ctx, seed, seedlen ) ) != 0 )
goto exit;
/* 3. Reset reseed_counter */ /* 3. Reset reseed_counter */
ctx->reseed_counter = 1; ctx->reseed_counter = 1;
exit:
/* 4. Done */ /* 4. Done */
mbedtls_platform_zeroize( seed, seedlen ); mbedtls_platform_zeroize( seed, seedlen );
return( 0 ); return( ret );
} }
/* /*
@ -276,7 +305,11 @@ int mbedtls_hmac_drbg_random_with_add( void *p_rng,
/* 2. Use additional data if any */ /* 2. Use additional data if any */
if( additional != NULL && add_len != 0 ) if( additional != NULL && add_len != 0 )
mbedtls_hmac_drbg_update( ctx, additional, add_len ); {
if( ( ret = mbedtls_hmac_drbg_update_ret( ctx,
additional, add_len ) ) != 0 )
goto exit;
}
/* 3, 4, 5. Generate bytes */ /* 3, 4, 5. Generate bytes */
while( left != 0 ) while( left != 0 )
@ -293,13 +326,16 @@ int mbedtls_hmac_drbg_random_with_add( void *p_rng,
} }
/* 6. Update */ /* 6. Update */
mbedtls_hmac_drbg_update( ctx, additional, add_len ); if( ( ret = mbedtls_hmac_drbg_update_ret( ctx,
additional, add_len ) ) != 0 )
goto exit;
/* 7. Update reseed counter */ /* 7. Update reseed counter */
ctx->reseed_counter++; ctx->reseed_counter++;
exit:
/* 8. Done */ /* 8. Done */
return( 0 ); return( ret );
} }
/* /*
@ -391,8 +427,7 @@ int mbedtls_hmac_drbg_update_seed_file( mbedtls_hmac_drbg_context *ctx, const ch
if( fread( buf, 1, n, f ) != n ) if( fread( buf, 1, n, f ) != n )
ret = MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR; ret = MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR;
else else
mbedtls_hmac_drbg_update( ctx, buf, n ); ret = mbedtls_hmac_drbg_update_ret( ctx, buf, n );
fclose( f ); fclose( f );
mbedtls_platform_zeroize( buf, sizeof( buf ) ); mbedtls_platform_zeroize( buf, sizeof( buf ) );