mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-25 17:35:37 +01:00
Merge pull request #3513 from gilles-peskine-arm/ecp-bignum-error-checks-2.16
Backport 2.16: add missing some error checks in ECP and bignum
This commit is contained in:
commit
8ed9ac85e5
5
ChangeLog.d/ecp-bignum-error-checks.txt
Normal file
5
ChangeLog.d/ecp-bignum-error-checks.txt
Normal file
@ -0,0 +1,5 @@
|
|||||||
|
Bugfix
|
||||||
|
* Fix a memory leak in mbedtls_mpi_sub_abs() when the result was negative
|
||||||
|
(an error condition) and the second operand was aliased to the result.
|
||||||
|
* Fix a case in elliptic curve arithmetic where an out-of-memory condition
|
||||||
|
could go undetected, resulting in an incorrect result.
|
@ -1364,7 +1364,10 @@ int mbedtls_mpi_sub_abs( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi
|
|||||||
/* If we ran out of space for the carry, it means that the result
|
/* If we ran out of space for the carry, it means that the result
|
||||||
* is negative. */
|
* is negative. */
|
||||||
if( n == X->n )
|
if( n == X->n )
|
||||||
return( MBEDTLS_ERR_MPI_NEGATIVE_VALUE );
|
{
|
||||||
|
ret = MBEDTLS_ERR_MPI_NEGATIVE_VALUE;
|
||||||
|
goto cleanup;
|
||||||
|
}
|
||||||
--X->p[n];
|
--X->p[n];
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1044,7 +1044,7 @@ static inline void sub32( uint32_t *dst, uint32_t src, signed char *carry )
|
|||||||
STORE32; i++; \
|
STORE32; i++; \
|
||||||
cur = c > 0 ? c : 0; STORE32; \
|
cur = c > 0 ? c : 0; STORE32; \
|
||||||
cur = 0; while( ++i < MAX32 ) { STORE32; } \
|
cur = 0; while( ++i < MAX32 ) { STORE32; } \
|
||||||
if( c < 0 ) fix_negative( N, c, &C, bits );
|
if( c < 0 ) MBEDTLS_MPI_CHK( fix_negative( N, c, &C, bits ) );
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* If the result is negative, we get it in the form
|
* If the result is negative, we get it in the form
|
||||||
|
@ -433,12 +433,6 @@ mbedtls_mpi_add_abs:10:"-12345678":10:"-642531":10:"12988209"
|
|||||||
Test mbedtls_mpi_add_abs #1
|
Test mbedtls_mpi_add_abs #1
|
||||||
mbedtls_mpi_add_abs:10:"-643808006803554439230129854961492699151386107534013432918073439524138264842370630061369715394739134090922937332590384720397133335969549256322620979036686633213903952966175107096769180017646161851573147596390153":10:"56125680981752282333498088313568935051383833838594899821664631784577337171193624243181360054669678410455329112434552942717084003541384594864129940145043086760031292483340068923506115878221189886491132772739661669044958531131327771":10:"56125680981752282334141896320372489490613963693556392520816017892111350604111697682705498319512049040516698827829292076808006940873974979584527073481012636016353913462376755556720019831187364993587901952757307830896531678727717924"
|
mbedtls_mpi_add_abs:10:"-643808006803554439230129854961492699151386107534013432918073439524138264842370630061369715394739134090922937332590384720397133335969549256322620979036686633213903952966175107096769180017646161851573147596390153":10:"56125680981752282333498088313568935051383833838594899821664631784577337171193624243181360054669678410455329112434552942717084003541384594864129940145043086760031292483340068923506115878221189886491132772739661669044958531131327771":10:"56125680981752282334141896320372489490613963693556392520816017892111350604111697682705498319512049040516698827829292076808006940873974979584527073481012636016353913462376755556720019831187364993587901952757307830896531678727717924"
|
||||||
|
|
||||||
Test mbedtls_mpi_add_abs #2 (add to first value)
|
|
||||||
mpi_add_abs_add_first:10:"123123":10:"123123":10:"246246"
|
|
||||||
|
|
||||||
Test mbedtls_mpi_add_abs #3 (add to second value)
|
|
||||||
mpi_add_abs_add_second:10:"123123":10:"123123":10:"246246"
|
|
||||||
|
|
||||||
Regression mbedtls_mpi_add_abs (add small to very large MPI with carry rollover)
|
Regression mbedtls_mpi_add_abs (add small to very large MPI with carry rollover)
|
||||||
mbedtls_mpi_add_abs:16:"FFFFFFFFFFFFFFFFFFFFFFFFFFFFF8":16:"08":16:"1000000000000000000000000000000"
|
mbedtls_mpi_add_abs:16:"FFFFFFFFFFFFFFFFFFFFFFFFFFFFF8":16:"08":16:"1000000000000000000000000000000"
|
||||||
|
|
||||||
|
@ -777,6 +777,15 @@ void mbedtls_mpi_add_mpi( int radix_X, char * input_X, int radix_Y,
|
|||||||
TEST_ASSERT( mbedtls_mpi_add_mpi( &Z, &X, &Y ) == 0 );
|
TEST_ASSERT( mbedtls_mpi_add_mpi( &Z, &X, &Y ) == 0 );
|
||||||
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
|
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
|
||||||
|
|
||||||
|
/* result == first operand */
|
||||||
|
TEST_ASSERT( mbedtls_mpi_add_mpi( &X, &X, &Y ) == 0 );
|
||||||
|
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
|
||||||
|
TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
|
||||||
|
|
||||||
|
/* result == second operand */
|
||||||
|
TEST_ASSERT( mbedtls_mpi_add_mpi( &Y, &X, &Y ) == 0 );
|
||||||
|
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &A ) == 0 );
|
||||||
|
|
||||||
exit:
|
exit:
|
||||||
mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &A );
|
mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &A );
|
||||||
}
|
}
|
||||||
@ -822,44 +831,17 @@ void mbedtls_mpi_add_abs( int radix_X, char * input_X, int radix_Y,
|
|||||||
TEST_ASSERT( mbedtls_mpi_add_abs( &Z, &X, &Y ) == 0 );
|
TEST_ASSERT( mbedtls_mpi_add_abs( &Z, &X, &Y ) == 0 );
|
||||||
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
|
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
|
||||||
|
|
||||||
exit:
|
/* result == first operand */
|
||||||
mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &A );
|
|
||||||
}
|
|
||||||
/* END_CASE */
|
|
||||||
|
|
||||||
/* BEGIN_CASE */
|
|
||||||
void mpi_add_abs_add_first( int radix_X, char * input_X, int radix_Y,
|
|
||||||
char * input_Y, int radix_A, char * input_A )
|
|
||||||
{
|
|
||||||
mbedtls_mpi X, Y, A;
|
|
||||||
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &A );
|
|
||||||
|
|
||||||
TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
|
|
||||||
TEST_ASSERT( mbedtls_mpi_read_string( &Y, radix_Y, input_Y ) == 0 );
|
|
||||||
TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
|
|
||||||
TEST_ASSERT( mbedtls_mpi_add_abs( &X, &X, &Y ) == 0 );
|
TEST_ASSERT( mbedtls_mpi_add_abs( &X, &X, &Y ) == 0 );
|
||||||
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
|
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
|
||||||
|
|
||||||
exit:
|
|
||||||
mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &A );
|
|
||||||
}
|
|
||||||
/* END_CASE */
|
|
||||||
|
|
||||||
/* BEGIN_CASE */
|
|
||||||
void mpi_add_abs_add_second( int radix_X, char * input_X, int radix_Y,
|
|
||||||
char * input_Y, int radix_A, char * input_A )
|
|
||||||
{
|
|
||||||
mbedtls_mpi X, Y, A;
|
|
||||||
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &A );
|
|
||||||
|
|
||||||
TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
|
TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
|
||||||
TEST_ASSERT( mbedtls_mpi_read_string( &Y, radix_Y, input_Y ) == 0 );
|
|
||||||
TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
|
/* result == second operand */
|
||||||
TEST_ASSERT( mbedtls_mpi_add_abs( &Y, &X, &Y ) == 0 );
|
TEST_ASSERT( mbedtls_mpi_add_abs( &Y, &X, &Y ) == 0 );
|
||||||
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &A ) == 0 );
|
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &A ) == 0 );
|
||||||
|
|
||||||
exit:
|
exit:
|
||||||
mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &A );
|
mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &A );
|
||||||
}
|
}
|
||||||
/* END_CASE */
|
/* END_CASE */
|
||||||
|
|
||||||
@ -893,6 +875,15 @@ void mbedtls_mpi_sub_mpi( int radix_X, char * input_X, int radix_Y,
|
|||||||
TEST_ASSERT( mbedtls_mpi_sub_mpi( &Z, &X, &Y ) == 0 );
|
TEST_ASSERT( mbedtls_mpi_sub_mpi( &Z, &X, &Y ) == 0 );
|
||||||
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
|
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
|
||||||
|
|
||||||
|
/* result == first operand */
|
||||||
|
TEST_ASSERT( mbedtls_mpi_sub_mpi( &X, &X, &Y ) == 0 );
|
||||||
|
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
|
||||||
|
TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
|
||||||
|
|
||||||
|
/* result == second operand */
|
||||||
|
TEST_ASSERT( mbedtls_mpi_sub_mpi( &Y, &X, &Y ) == 0 );
|
||||||
|
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &A ) == 0 );
|
||||||
|
|
||||||
exit:
|
exit:
|
||||||
mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &A );
|
mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &A );
|
||||||
}
|
}
|
||||||
@ -916,6 +907,17 @@ void mbedtls_mpi_sub_abs( int radix_X, char * input_X, int radix_Y,
|
|||||||
if( res == 0 )
|
if( res == 0 )
|
||||||
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
|
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
|
||||||
|
|
||||||
|
/* result == first operand */
|
||||||
|
TEST_ASSERT( mbedtls_mpi_sub_abs( &X, &X, &Y ) == sub_result );
|
||||||
|
if( sub_result == 0 )
|
||||||
|
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
|
||||||
|
TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
|
||||||
|
|
||||||
|
/* result == second operand */
|
||||||
|
TEST_ASSERT( mbedtls_mpi_sub_abs( &Y, &X, &Y ) == sub_result );
|
||||||
|
if( sub_result == 0 )
|
||||||
|
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &A ) == 0 );
|
||||||
|
|
||||||
exit:
|
exit:
|
||||||
mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &A );
|
mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &A );
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user