mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-26 09:05:39 +01:00
Check errors from the MD layer
Could be out-of-memory for some functions, accelerator issues for others. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
This commit is contained in:
parent
a6c1317685
commit
5bb6f3c3db
@ -1883,39 +1883,51 @@ int mbedtls_ssl_cf_hmac(
|
|||||||
unsigned char aux_out[MBEDTLS_MD_MAX_SIZE];
|
unsigned char aux_out[MBEDTLS_MD_MAX_SIZE];
|
||||||
mbedtls_md_context_t aux;
|
mbedtls_md_context_t aux;
|
||||||
size_t offset;
|
size_t offset;
|
||||||
|
int ret;
|
||||||
|
|
||||||
mbedtls_md_init( &aux );
|
mbedtls_md_init( &aux );
|
||||||
mbedtls_md_setup( &aux, ctx->md_info, 0 );
|
|
||||||
|
#define MD_CHK( func_call ) \
|
||||||
|
do { \
|
||||||
|
ret = (func_call); \
|
||||||
|
if( ret != 0 ) \
|
||||||
|
goto cleanup; \
|
||||||
|
} while( 0 )
|
||||||
|
|
||||||
|
MD_CHK( mbedtls_md_setup( &aux, ctx->md_info, 0 ) );
|
||||||
|
|
||||||
/* After hmac_start() of hmac_reset(), ikey has already been hashed,
|
/* After hmac_start() of hmac_reset(), ikey has already been hashed,
|
||||||
* so we can start directly with the message */
|
* so we can start directly with the message */
|
||||||
mbedtls_md_update( ctx, add_data, add_data_len );
|
MD_CHK( mbedtls_md_update( ctx, add_data, add_data_len ) );
|
||||||
mbedtls_md_update( ctx, data, min_data_len );
|
MD_CHK( mbedtls_md_update( ctx, data, min_data_len ) );
|
||||||
|
|
||||||
/* For each possible length, compute the hash up to that point */
|
/* For each possible length, compute the hash up to that point */
|
||||||
for( offset = min_data_len; offset <= max_data_len; offset++ )
|
for( offset = min_data_len; offset <= max_data_len; offset++ )
|
||||||
{
|
{
|
||||||
mbedtls_md_clone( &aux, ctx );
|
MD_CHK( mbedtls_md_clone( &aux, ctx ) );
|
||||||
mbedtls_md_finish( &aux, aux_out );
|
MD_CHK( mbedtls_md_finish( &aux, aux_out ) );
|
||||||
/* Keep only the correct inner_hash in the output buffer */
|
/* Keep only the correct inner_hash in the output buffer */
|
||||||
mbedtls_ssl_cf_memcpy_if_eq( output, aux_out, hash_size,
|
mbedtls_ssl_cf_memcpy_if_eq( output, aux_out, hash_size,
|
||||||
offset, data_len_secret );
|
offset, data_len_secret );
|
||||||
|
|
||||||
if( offset < max_data_len )
|
if( offset < max_data_len )
|
||||||
mbedtls_md_update( ctx, data + offset, 1 );
|
MD_CHK( mbedtls_md_update( ctx, data + offset, 1 ) );
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Now compute HASH(okey + inner_hash) */
|
/* Now compute HASH(okey + inner_hash) */
|
||||||
mbedtls_md_starts( ctx );
|
MD_CHK( mbedtls_md_starts( ctx ) );
|
||||||
mbedtls_md_update( ctx, okey, block_size );
|
MD_CHK( mbedtls_md_update( ctx, okey, block_size ) );
|
||||||
mbedtls_md_update( ctx, output, hash_size );
|
MD_CHK( mbedtls_md_update( ctx, output, hash_size ) );
|
||||||
mbedtls_md_finish( ctx, output );
|
MD_CHK( mbedtls_md_finish( ctx, output ) );
|
||||||
|
|
||||||
/* Done, get ready for next time */
|
/* Done, get ready for next time */
|
||||||
mbedtls_md_hmac_reset( ctx );
|
MD_CHK( mbedtls_md_hmac_reset( ctx ) );
|
||||||
|
|
||||||
|
#undef MD_CHK
|
||||||
|
|
||||||
|
cleanup:
|
||||||
mbedtls_md_free( &aux );
|
mbedtls_md_free( &aux );
|
||||||
return( 0 );
|
return( ret );
|
||||||
}
|
}
|
||||||
#endif /* MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC */
|
#endif /* MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC */
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user