mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-26 17:25:47 +01:00
CTR_DRBG: clean stack buffers
Wipe stack buffers that may contain sensitive data (data that contributes to the DRBG state.
This commit is contained in:
parent
556d7d9e3b
commit
e495a8ae35
@ -299,9 +299,7 @@ static int ctr_drbg_update_internal( mbedtls_ctr_drbg_context *ctx,
|
|||||||
* Crypt counter block
|
* Crypt counter block
|
||||||
*/
|
*/
|
||||||
if( ( ret = mbedtls_aes_crypt_ecb( &ctx->aes_ctx, MBEDTLS_AES_ENCRYPT, ctx->counter, p ) ) != 0 )
|
if( ( ret = mbedtls_aes_crypt_ecb( &ctx->aes_ctx, MBEDTLS_AES_ENCRYPT, ctx->counter, p ) ) != 0 )
|
||||||
{
|
goto exit;
|
||||||
return( ret );
|
|
||||||
}
|
|
||||||
|
|
||||||
p += MBEDTLS_CTR_DRBG_BLOCKSIZE;
|
p += MBEDTLS_CTR_DRBG_BLOCKSIZE;
|
||||||
}
|
}
|
||||||
@ -313,12 +311,12 @@ static int ctr_drbg_update_internal( mbedtls_ctr_drbg_context *ctx,
|
|||||||
* Update key and counter
|
* Update key and counter
|
||||||
*/
|
*/
|
||||||
if( ( ret = mbedtls_aes_setkey_enc( &ctx->aes_ctx, tmp, MBEDTLS_CTR_DRBG_KEYBITS ) ) != 0 )
|
if( ( ret = mbedtls_aes_setkey_enc( &ctx->aes_ctx, tmp, MBEDTLS_CTR_DRBG_KEYBITS ) ) != 0 )
|
||||||
{
|
goto exit;
|
||||||
return( ret );
|
|
||||||
}
|
|
||||||
memcpy( ctx->counter, tmp + MBEDTLS_CTR_DRBG_KEYSIZE, MBEDTLS_CTR_DRBG_BLOCKSIZE );
|
memcpy( ctx->counter, tmp + MBEDTLS_CTR_DRBG_KEYSIZE, MBEDTLS_CTR_DRBG_BLOCKSIZE );
|
||||||
|
|
||||||
return( 0 );
|
exit:
|
||||||
|
mbedtls_platform_zeroize( tmp, sizeof( tmp ) );
|
||||||
|
return( ret );
|
||||||
}
|
}
|
||||||
|
|
||||||
/* CTR_DRBG_Instantiate with derivation function (SP 800-90A §10.2.1.3.2)
|
/* CTR_DRBG_Instantiate with derivation function (SP 800-90A §10.2.1.3.2)
|
||||||
@ -347,6 +345,7 @@ void mbedtls_ctr_drbg_update( mbedtls_ctr_drbg_context *ctx,
|
|||||||
|
|
||||||
block_cipher_df( add_input, additional, add_len );
|
block_cipher_df( add_input, additional, add_len );
|
||||||
ctr_drbg_update_internal( ctx, add_input );
|
ctr_drbg_update_internal( ctx, add_input );
|
||||||
|
mbedtls_platform_zeroize( add_input, sizeof( add_input ) );
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -399,20 +398,18 @@ int mbedtls_ctr_drbg_reseed( mbedtls_ctr_drbg_context *ctx,
|
|||||||
* Reduce to 384 bits
|
* Reduce to 384 bits
|
||||||
*/
|
*/
|
||||||
if( ( ret = block_cipher_df( seed, seed, seedlen ) ) != 0 )
|
if( ( ret = block_cipher_df( seed, seed, seedlen ) ) != 0 )
|
||||||
{
|
goto exit;
|
||||||
return( ret );
|
|
||||||
}
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Update state
|
* Update state
|
||||||
*/
|
*/
|
||||||
if( ( ret = ctr_drbg_update_internal( ctx, seed ) ) != 0 )
|
if( ( ret = ctr_drbg_update_internal( ctx, seed ) ) != 0 )
|
||||||
{
|
goto exit;
|
||||||
return( ret );
|
|
||||||
}
|
|
||||||
ctx->reseed_counter = 1;
|
ctx->reseed_counter = 1;
|
||||||
|
|
||||||
return( 0 );
|
exit:
|
||||||
|
mbedtls_platform_zeroize( seed, sizeof( seed ) );
|
||||||
|
return( ret );
|
||||||
}
|
}
|
||||||
|
|
||||||
/* CTR_DRBG_Generate with derivation function (SP 800-90A §10.2.1.5.2)
|
/* CTR_DRBG_Generate with derivation function (SP 800-90A §10.2.1.5.2)
|
||||||
@ -467,13 +464,9 @@ int mbedtls_ctr_drbg_random_with_add( void *p_rng,
|
|||||||
if( add_len > 0 )
|
if( add_len > 0 )
|
||||||
{
|
{
|
||||||
if( ( ret = block_cipher_df( add_input, additional, add_len ) ) != 0 )
|
if( ( ret = block_cipher_df( add_input, additional, add_len ) ) != 0 )
|
||||||
{
|
goto exit;
|
||||||
return( ret );
|
|
||||||
}
|
|
||||||
if( ( ret = ctr_drbg_update_internal( ctx, add_input ) ) != 0 )
|
if( ( ret = ctr_drbg_update_internal( ctx, add_input ) ) != 0 )
|
||||||
{
|
goto exit;
|
||||||
return( ret );
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
while( output_len > 0 )
|
while( output_len > 0 )
|
||||||
@ -489,9 +482,7 @@ int mbedtls_ctr_drbg_random_with_add( void *p_rng,
|
|||||||
* Crypt counter block
|
* Crypt counter block
|
||||||
*/
|
*/
|
||||||
if( ( ret = mbedtls_aes_crypt_ecb( &ctx->aes_ctx, MBEDTLS_AES_ENCRYPT, ctx->counter, tmp ) ) != 0 )
|
if( ( ret = mbedtls_aes_crypt_ecb( &ctx->aes_ctx, MBEDTLS_AES_ENCRYPT, ctx->counter, tmp ) ) != 0 )
|
||||||
{
|
goto exit;
|
||||||
return( ret );
|
|
||||||
}
|
|
||||||
|
|
||||||
use_len = ( output_len > MBEDTLS_CTR_DRBG_BLOCKSIZE ) ? MBEDTLS_CTR_DRBG_BLOCKSIZE :
|
use_len = ( output_len > MBEDTLS_CTR_DRBG_BLOCKSIZE ) ? MBEDTLS_CTR_DRBG_BLOCKSIZE :
|
||||||
output_len;
|
output_len;
|
||||||
@ -504,12 +495,13 @@ int mbedtls_ctr_drbg_random_with_add( void *p_rng,
|
|||||||
}
|
}
|
||||||
|
|
||||||
if( ( ret = ctr_drbg_update_internal( ctx, add_input ) ) != 0 )
|
if( ( ret = ctr_drbg_update_internal( ctx, add_input ) ) != 0 )
|
||||||
{
|
goto exit;
|
||||||
return( ret );
|
|
||||||
}
|
|
||||||
|
|
||||||
ctx->reseed_counter++;
|
ctx->reseed_counter++;
|
||||||
|
|
||||||
|
exit:
|
||||||
|
mbedtls_platform_zeroize( add_input, sizeof( add_input ) );
|
||||||
|
mbedtls_platform_zeroize( tmp, sizeof( tmp ) );
|
||||||
return( 0 );
|
return( 0 );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user