mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-25 17:15:42 +01:00
Merge pull request #3408 from AndrzejKurek/hamming-distance-improvements
Hamming distance improvements
This commit is contained in:
commit
e5425a0944
@ -155,7 +155,8 @@ extern const uECC_word_t curve_b[NUM_ECC_WORDS];
|
|||||||
* @param random OUT -- random integer in the range 0 < random < top
|
* @param random OUT -- random integer in the range 0 < random < top
|
||||||
* @param top IN -- upper limit
|
* @param top IN -- upper limit
|
||||||
* @param num_words IN -- number of words
|
* @param num_words IN -- number of words
|
||||||
* @return a random integer in the range 0 < random < top
|
* @return UECC_SUCCESS in case of success
|
||||||
|
* @return UECC_FAILURE upon failure
|
||||||
*/
|
*/
|
||||||
int uECC_generate_random_int(uECC_word_t *random, const uECC_word_t *top,
|
int uECC_generate_random_int(uECC_word_t *random, const uECC_word_t *top,
|
||||||
wordcount_t num_words);
|
wordcount_t num_words);
|
||||||
@ -163,9 +164,9 @@ int uECC_generate_random_int(uECC_word_t *random, const uECC_word_t *top,
|
|||||||
|
|
||||||
/* uECC_RNG_Function type
|
/* uECC_RNG_Function type
|
||||||
* The RNG function should fill 'size' random bytes into 'dest'. It should
|
* The RNG function should fill 'size' random bytes into 'dest'. It should
|
||||||
* return 1 if 'dest' was filled with random data, or 0 if the random data could
|
* return 'size' if 'dest' was filled with random data of 'size' length, or 0
|
||||||
* not be generated. The filled-in values should be either truly random, or from
|
* if the random data could not be generated. The filled-in values should be
|
||||||
* a cryptographically-secure PRNG.
|
* either truly random, or from a cryptographically-secure PRNG.
|
||||||
*
|
*
|
||||||
* A correctly functioning RNG function must be set (using uECC_set_rng())
|
* A correctly functioning RNG function must be set (using uECC_set_rng())
|
||||||
* before calling uECC_make_key() or uECC_sign().
|
* before calling uECC_make_key() or uECC_sign().
|
||||||
@ -181,8 +182,8 @@ typedef int(*uECC_RNG_Function)(uint8_t *dest, unsigned int size);
|
|||||||
|
|
||||||
/*
|
/*
|
||||||
* @brief Set the function that will be used to generate random bytes. The RNG
|
* @brief Set the function that will be used to generate random bytes. The RNG
|
||||||
* function should return 1 if the random data was generated, or 0 if the random
|
* function should return 'size' if the random data of length 'size' was
|
||||||
* data could not be generated.
|
* generated, or 0 if the random data could not be generated.
|
||||||
*
|
*
|
||||||
* @note On platforms where there is no predefined RNG function, this must be
|
* @note On platforms where there is no predefined RNG function, this must be
|
||||||
* called before uECC_make_key() or uECC_sign() are used.
|
* called before uECC_make_key() or uECC_sign() are used.
|
||||||
|
@ -56,6 +56,8 @@
|
|||||||
#include "mbedtls/oid.h"
|
#include "mbedtls/oid.h"
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
#define PROPER_HS_FRAGMENT 0x75555555
|
||||||
|
|
||||||
#if defined(MBEDTLS_USE_TINYCRYPT)
|
#if defined(MBEDTLS_USE_TINYCRYPT)
|
||||||
static int uecc_rng_wrapper( uint8_t *dest, unsigned int size )
|
static int uecc_rng_wrapper( uint8_t *dest, unsigned int size )
|
||||||
{
|
{
|
||||||
@ -4736,7 +4738,7 @@ static int ssl_hs_is_proper_fragment( mbedtls_ssl_context *ssl )
|
|||||||
mbedtls_platform_memcmp( ssl->in_msg + 6, "\0\0\0", 3 ) != 0 ||
|
mbedtls_platform_memcmp( ssl->in_msg + 6, "\0\0\0", 3 ) != 0 ||
|
||||||
mbedtls_platform_memcmp( ssl->in_msg + 9, ssl->in_msg + 1, 3 ) != 0 )
|
mbedtls_platform_memcmp( ssl->in_msg + 9, ssl->in_msg + 1, 3 ) != 0 )
|
||||||
{
|
{
|
||||||
return( 1 );
|
return( PROPER_HS_FRAGMENT );
|
||||||
}
|
}
|
||||||
return( 0 );
|
return( 0 );
|
||||||
}
|
}
|
||||||
@ -4929,7 +4931,7 @@ int mbedtls_ssl_prepare_handshake_record( mbedtls_ssl_context *ssl )
|
|||||||
* messages; the commonality is that both handshake fragments and
|
* messages; the commonality is that both handshake fragments and
|
||||||
* future messages cannot be forwarded immediately to the
|
* future messages cannot be forwarded immediately to the
|
||||||
* handshake logic layer. */
|
* handshake logic layer. */
|
||||||
if( ssl_hs_is_proper_fragment( ssl ) == 1 )
|
if( ssl_hs_is_proper_fragment( ssl ) == PROPER_HS_FRAGMENT )
|
||||||
{
|
{
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "found fragmented DTLS handshake message" ) );
|
MBEDTLS_SSL_DEBUG_MSG( 2, ( "found fragmented DTLS handshake message" ) );
|
||||||
return( MBEDTLS_ERR_SSL_EARLY_MESSAGE );
|
return( MBEDTLS_ERR_SSL_EARLY_MESSAGE );
|
||||||
@ -6053,7 +6055,7 @@ static int ssl_buffer_message( mbedtls_ssl_context *ssl )
|
|||||||
size_t reassembly_buf_sz;
|
size_t reassembly_buf_sz;
|
||||||
|
|
||||||
hs_buf->is_fragmented =
|
hs_buf->is_fragmented =
|
||||||
( ssl_hs_is_proper_fragment( ssl ) == 1 );
|
( ssl_hs_is_proper_fragment( ssl ) == PROPER_HS_FRAGMENT );
|
||||||
|
|
||||||
/* We copy the message back into the input buffer
|
/* We copy the message back into the input buffer
|
||||||
* after reassembly, so check that it's not too large.
|
* after reassembly, so check that it's not too large.
|
||||||
|
@ -1080,7 +1080,7 @@ int EccPoint_mult_safer(uECC_word_t * result, const uECC_word_t * point,
|
|||||||
/* If an RNG function was specified, get a random initial Z value to
|
/* If an RNG function was specified, get a random initial Z value to
|
||||||
* protect against side-channel attacks such as Template SPA */
|
* protect against side-channel attacks such as Template SPA */
|
||||||
if (g_rng_function) {
|
if (g_rng_function) {
|
||||||
if (!uECC_generate_random_int(k2[carry], curve_p, num_words)) {
|
if (uECC_generate_random_int(k2[carry], curve_p, num_words) != UECC_SUCCESS) {
|
||||||
r = UECC_FAILURE;
|
r = UECC_FAILURE;
|
||||||
goto clear_and_out;
|
goto clear_and_out;
|
||||||
}
|
}
|
||||||
@ -1165,21 +1165,21 @@ int uECC_generate_random_int(uECC_word_t *random, const uECC_word_t *top,
|
|||||||
bitcount_t num_bits = uECC_vli_numBits(top);
|
bitcount_t num_bits = uECC_vli_numBits(top);
|
||||||
|
|
||||||
if (!g_rng_function) {
|
if (!g_rng_function) {
|
||||||
return 0;
|
return UECC_FAILURE;
|
||||||
}
|
}
|
||||||
|
|
||||||
for (tries = 0; tries < uECC_RNG_MAX_TRIES; ++tries) {
|
for (tries = 0; tries < uECC_RNG_MAX_TRIES; ++tries) {
|
||||||
if (!g_rng_function((uint8_t *)random, num_words * uECC_WORD_SIZE)) {
|
if (g_rng_function((uint8_t *)random, num_words * uECC_WORD_SIZE) != num_words * uECC_WORD_SIZE) {
|
||||||
return 0;
|
return UECC_FAILURE;
|
||||||
}
|
}
|
||||||
random[num_words - 1] &=
|
random[num_words - 1] &=
|
||||||
mask >> ((bitcount_t)(num_words * uECC_WORD_SIZE * 8 - num_bits));
|
mask >> ((bitcount_t)(num_words * uECC_WORD_SIZE * 8 - num_bits));
|
||||||
if (!uECC_vli_isZero(random) &&
|
if (!uECC_vli_isZero(random) &&
|
||||||
uECC_vli_cmp(top, random) == 1) {
|
uECC_vli_cmp(top, random) == 1) {
|
||||||
return 1;
|
return UECC_SUCCESS;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return 0;
|
return UECC_FAILURE;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -119,7 +119,7 @@ int uECC_make_key(uint8_t *public_key, uint8_t *private_key)
|
|||||||
/* Generating _private uniformly at random: */
|
/* Generating _private uniformly at random: */
|
||||||
uECC_RNG_Function rng_function = uECC_get_rng();
|
uECC_RNG_Function rng_function = uECC_get_rng();
|
||||||
if (!rng_function ||
|
if (!rng_function ||
|
||||||
!rng_function((uint8_t *)_random, 2 * NUM_ECC_WORDS*uECC_WORD_SIZE)) {
|
rng_function((uint8_t *)_random, 2 * NUM_ECC_WORDS*uECC_WORD_SIZE) != 2 * NUM_ECC_WORDS*uECC_WORD_SIZE) {
|
||||||
return UECC_FAILURE;
|
return UECC_FAILURE;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -109,7 +109,7 @@ int uECC_sign_with_k(const uint8_t *private_key, const uint8_t *message_hash,
|
|||||||
uECC_vli_clear(tmp);
|
uECC_vli_clear(tmp);
|
||||||
tmp[0] = 1;
|
tmp[0] = 1;
|
||||||
}
|
}
|
||||||
else if (!uECC_generate_random_int(tmp, curve_n, num_n_words)) {
|
else if (uECC_generate_random_int(tmp, curve_n, num_n_words) != UECC_SUCCESS) {
|
||||||
return UECC_FAILURE;
|
return UECC_FAILURE;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -151,7 +151,7 @@ int uECC_sign(const uint8_t *private_key, const uint8_t *message_hash,
|
|||||||
/* Generating _random uniformly at random: */
|
/* Generating _random uniformly at random: */
|
||||||
uECC_RNG_Function rng_function = uECC_get_rng();
|
uECC_RNG_Function rng_function = uECC_get_rng();
|
||||||
if (!rng_function ||
|
if (!rng_function ||
|
||||||
!rng_function((uint8_t *)_random, 2*NUM_ECC_WORDS*uECC_WORD_SIZE)) {
|
rng_function((uint8_t *)_random, 2*NUM_ECC_WORDS*uECC_WORD_SIZE) != 2*NUM_ECC_WORDS*uECC_WORD_SIZE) {
|
||||||
return UECC_FAILURE;
|
return UECC_FAILURE;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user