mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-26 23:05:38 +01:00
- Updated polarssl-1.1 branch with merged trunk patches
This commit is contained in:
parent
145e68119b
commit
e893b669de
@ -1,6 +1,6 @@
|
||||
PolarSSL ChangeLog
|
||||
|
||||
= Version 1.1.2 released on 2012-04-20
|
||||
= Version 1.1.2 released on 2012-04-26
|
||||
Bugfix
|
||||
* Fixed handling error in mpi_cmp_mpi() on longer B values (found by
|
||||
Hui Dong)
|
||||
|
@ -36,7 +36,7 @@
|
||||
#define POLARSSL_ERR_DHM_READ_PARAMS_FAILED -0x3100 /**< Reading of the DHM parameters failed. */
|
||||
#define POLARSSL_ERR_DHM_MAKE_PARAMS_FAILED -0x3180 /**< Making of the DHM parameters failed. */
|
||||
#define POLARSSL_ERR_DHM_READ_PUBLIC_FAILED -0x3200 /**< Reading of the public values failed. */
|
||||
#define POLARSSL_ERR_DHM_MAKE_PUBLIC_FAILED -0x3280 /**< Makeing of the public value failed. */
|
||||
#define POLARSSL_ERR_DHM_MAKE_PUBLIC_FAILED -0x3280 /**< Making of the public value failed. */
|
||||
#define POLARSSL_ERR_DHM_CALC_SECRET_FAILED -0x3300 /**< Calculation of the DHM secret failed. */
|
||||
|
||||
/**
|
||||
@ -109,7 +109,7 @@ int dhm_read_public( dhm_context *ctx,
|
||||
* \brief Create own private value X and export G^X
|
||||
*
|
||||
* \param ctx DHM context
|
||||
* \param x_size private value size in bits
|
||||
* \param x_size private value size in bytes
|
||||
* \param output destination buffer
|
||||
* \param olen must be equal to ctx->P.len
|
||||
* \param f_rng RNG function
|
||||
|
@ -245,7 +245,7 @@ int cipher_init_ctx( cipher_context_t *ctx, const cipher_info_t *cipher_info )
|
||||
if( NULL == cipher_info || NULL == ctx )
|
||||
return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
|
||||
|
||||
memset( ctx, 0, sizeof( ctx ) );
|
||||
memset( ctx, 0, sizeof( cipher_context_t ) );
|
||||
|
||||
if( NULL == ( ctx->cipher_ctx = cipher_info->base->ctx_alloc_func() ) )
|
||||
return POLARSSL_ERR_CIPHER_ALLOC_FAILED;
|
||||
|
@ -61,15 +61,15 @@ static int dhm_read_bignum( mpi *X,
|
||||
}
|
||||
|
||||
/*
|
||||
* Verify sanity of public parameter with regards to P
|
||||
* Verify sanity of parameter with regards to P
|
||||
*
|
||||
* Public parameter should be: 2 <= public_param <= P - 2
|
||||
* Parameter should be: 2 <= public_param <= P - 2
|
||||
*
|
||||
* For more information on the attack, see:
|
||||
* http://www.cl.cam.ac.uk/~rja14/Papers/psandqs.pdf
|
||||
* http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-2643
|
||||
*/
|
||||
static int dhm_check_range( const mpi *public_param, const mpi *P )
|
||||
static int dhm_check_range( const mpi *param, const mpi *P )
|
||||
{
|
||||
mpi L, U;
|
||||
int ret = POLARSSL_ERR_DHM_BAD_INPUT_DATA;
|
||||
@ -78,8 +78,8 @@ static int dhm_check_range( const mpi *public_param, const mpi *P )
|
||||
mpi_lset( &L, 2 );
|
||||
mpi_sub_int( &U, P, 2 );
|
||||
|
||||
if( mpi_cmp_mpi( public_param, &L ) >= 0 &&
|
||||
mpi_cmp_mpi( public_param, &U ) <= 0 )
|
||||
if( mpi_cmp_mpi( param, &L ) >= 0 &&
|
||||
mpi_cmp_mpi( param, &U ) <= 0 )
|
||||
{
|
||||
ret = 0;
|
||||
}
|
||||
@ -130,18 +130,25 @@ int dhm_make_params( dhm_context *ctx, int x_size,
|
||||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng )
|
||||
{
|
||||
int ret;
|
||||
int ret, count = 0;
|
||||
size_t n1, n2, n3;
|
||||
unsigned char *p;
|
||||
|
||||
/*
|
||||
* Generate X as large as possible ( < P )
|
||||
*/
|
||||
do
|
||||
{
|
||||
mpi_fill_random( &ctx->X, x_size, f_rng, p_rng );
|
||||
|
||||
while( mpi_cmp_mpi( &ctx->X, &ctx->P ) >= 0 )
|
||||
mpi_shift_r( &ctx->X, 1 );
|
||||
|
||||
if( count++ > 10 )
|
||||
return( POLARSSL_ERR_DHM_MAKE_PARAMS_FAILED );
|
||||
}
|
||||
while( dhm_check_range( &ctx->X, &ctx->P ) != 0 );
|
||||
|
||||
/*
|
||||
* Calculate GX = G^X mod P
|
||||
*/
|
||||
@ -205,7 +212,7 @@ int dhm_make_public( dhm_context *ctx, int x_size,
|
||||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng )
|
||||
{
|
||||
int ret;
|
||||
int ret, count = 0;
|
||||
|
||||
if( ctx == NULL || olen < 1 || olen > ctx->len )
|
||||
return( POLARSSL_ERR_DHM_BAD_INPUT_DATA );
|
||||
@ -213,11 +220,18 @@ int dhm_make_public( dhm_context *ctx, int x_size,
|
||||
/*
|
||||
* generate X and calculate GX = G^X mod P
|
||||
*/
|
||||
do
|
||||
{
|
||||
mpi_fill_random( &ctx->X, x_size, f_rng, p_rng );
|
||||
|
||||
while( mpi_cmp_mpi( &ctx->X, &ctx->P ) >= 0 )
|
||||
mpi_shift_r( &ctx->X, 1 );
|
||||
|
||||
if( count++ > 10 )
|
||||
return( POLARSSL_ERR_DHM_MAKE_PUBLIC_FAILED );
|
||||
}
|
||||
while( dhm_check_range( &ctx->X, &ctx->P ) != 0 );
|
||||
|
||||
MPI_CHK( mpi_exp_mod( &ctx->GX, &ctx->G, &ctx->X,
|
||||
&ctx->P , &ctx->RP ) );
|
||||
|
||||
|
@ -152,11 +152,10 @@ const md_info_t *md_info_from_type( md_type_t md_type )
|
||||
|
||||
int md_init_ctx( md_context_t *ctx, const md_info_t *md_info )
|
||||
{
|
||||
if( md_info == NULL )
|
||||
if( md_info == NULL || ctx == NULL )
|
||||
return POLARSSL_ERR_MD_BAD_INPUT_DATA;
|
||||
|
||||
if( ctx == NULL || ctx->md_ctx != NULL )
|
||||
return POLARSSL_ERR_MD_BAD_INPUT_DATA;
|
||||
memset( ctx, 0, sizeof( md_context_t ) );
|
||||
|
||||
if( ( ctx->md_ctx = md_info->ctx_alloc_func() ) == NULL )
|
||||
return POLARSSL_ERR_MD_ALLOC_FAILED;
|
||||
|
Loading…
Reference in New Issue
Block a user