yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-22 16:45:41 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix handling of md failure

Browse Source 
The failure of mbedtls_md was not checked in one place. This could have led
to an incorrect computation if a hardware accelerator failed. In most cases
this would have led to the key exchange failing, so the impact would have been
a hard-to-diagnose error reported in the wrong place. If the two sides of the
key exchange failed in the same way with an output from mbedtls_md that was
independent of the input, this could have led to an apparently successful key
exchange with a predictable key, thus a glitching md accelerator could have
caused a security vulnerability.
This commit is contained in:
k-stachowiak 2019-06-28 14:14:02 +02:00
parent 7b03e87fbc
commit 4a6a55cae3
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
library/ecjpake.c
View File

@ -226,7 +226,7 @@ static int ecjpake_hash( const mbedtls_md_info_t *md_info,
p += id_len;
/* Compute hash */
mbedtls_md( md_info, buf, p - buf, hash );
MBEDTLS_MPI_CHK( mbedtls_md( md_info, buf, p - buf, hash ) );
/* Turn it into an integer mod n */
MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( h, hash,