mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-29 16:04:23 +01:00
Add parameter validation to SHA-1
This commit is contained in:
parent
af0c6cb9e0
commit
f7c43b3145
@ -41,6 +41,8 @@ API Changes
|
|||||||
mbedtls_ctr_drbg_update() -> mbedtls_ctr_drbg_update_ret()
|
mbedtls_ctr_drbg_update() -> mbedtls_ctr_drbg_update_ret()
|
||||||
mbedtls_hmac_drbg_update() -> mbedtls_hmac_drbg_update_ret()
|
mbedtls_hmac_drbg_update() -> mbedtls_hmac_drbg_update_ret()
|
||||||
* Extend ECDH interface to enable alternative implementations.
|
* Extend ECDH interface to enable alternative implementations.
|
||||||
|
* Add validation checks for input parameters to functions in the SHA-1
|
||||||
|
module.
|
||||||
|
|
||||||
New deprecations
|
New deprecations
|
||||||
* Deprecate mbedtls_ctr_drbg_update and mbedtls_hmac_drbg_update
|
* Deprecate mbedtls_ctr_drbg_update and mbedtls_hmac_drbg_update
|
||||||
|
@ -42,6 +42,7 @@
|
|||||||
|
|
||||||
/* MBEDTLS_ERR_SHA1_HW_ACCEL_FAILED is deprecated and should not be used. */
|
/* MBEDTLS_ERR_SHA1_HW_ACCEL_FAILED is deprecated and should not be used. */
|
||||||
#define MBEDTLS_ERR_SHA1_HW_ACCEL_FAILED -0x0035 /**< SHA-1 hardware accelerator failed */
|
#define MBEDTLS_ERR_SHA1_HW_ACCEL_FAILED -0x0035 /**< SHA-1 hardware accelerator failed */
|
||||||
|
#define MBEDTLS_ERR_SHA1_BAD_INPUT_DATA -0x0073 /**< Invalid input data. */
|
||||||
|
|
||||||
#ifdef __cplusplus
|
#ifdef __cplusplus
|
||||||
extern "C" {
|
extern "C" {
|
||||||
|
@ -71,8 +71,15 @@
|
|||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
#define MBEDTLS_SHA1_VALIDATE_RET(cond) \
|
||||||
|
MBEDTLS_VALIDATE_RET( MBEDTLS_ERR_SHA1_BAD_INPUT_DATA, cond )
|
||||||
|
|
||||||
|
#define MBEDTLS_SHA1_VALIDATE(cond) MBEDTLS_VALIDATE( cond )
|
||||||
|
|
||||||
void mbedtls_sha1_init( mbedtls_sha1_context *ctx )
|
void mbedtls_sha1_init( mbedtls_sha1_context *ctx )
|
||||||
{
|
{
|
||||||
|
MBEDTLS_SHA1_VALIDATE( ctx != NULL );
|
||||||
|
|
||||||
memset( ctx, 0, sizeof( mbedtls_sha1_context ) );
|
memset( ctx, 0, sizeof( mbedtls_sha1_context ) );
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -87,6 +94,9 @@ void mbedtls_sha1_free( mbedtls_sha1_context *ctx )
|
|||||||
void mbedtls_sha1_clone( mbedtls_sha1_context *dst,
|
void mbedtls_sha1_clone( mbedtls_sha1_context *dst,
|
||||||
const mbedtls_sha1_context *src )
|
const mbedtls_sha1_context *src )
|
||||||
{
|
{
|
||||||
|
MBEDTLS_SHA1_VALIDATE( dst != NULL );
|
||||||
|
MBEDTLS_SHA1_VALIDATE( src != NULL );
|
||||||
|
|
||||||
*dst = *src;
|
*dst = *src;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -95,6 +105,8 @@ void mbedtls_sha1_clone( mbedtls_sha1_context *dst,
|
|||||||
*/
|
*/
|
||||||
int mbedtls_sha1_starts_ret( mbedtls_sha1_context *ctx )
|
int mbedtls_sha1_starts_ret( mbedtls_sha1_context *ctx )
|
||||||
{
|
{
|
||||||
|
MBEDTLS_SHA1_VALIDATE_RET( ctx != NULL );
|
||||||
|
|
||||||
ctx->total[0] = 0;
|
ctx->total[0] = 0;
|
||||||
ctx->total[1] = 0;
|
ctx->total[1] = 0;
|
||||||
|
|
||||||
@ -120,6 +132,9 @@ int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx,
|
|||||||
{
|
{
|
||||||
uint32_t temp, W[16], A, B, C, D, E;
|
uint32_t temp, W[16], A, B, C, D, E;
|
||||||
|
|
||||||
|
MBEDTLS_SHA1_VALIDATE_RET( ctx != NULL );
|
||||||
|
MBEDTLS_SHA1_VALIDATE_RET( (const unsigned char *)data != NULL );
|
||||||
|
|
||||||
GET_UINT32_BE( W[ 0], data, 0 );
|
GET_UINT32_BE( W[ 0], data, 0 );
|
||||||
GET_UINT32_BE( W[ 1], data, 4 );
|
GET_UINT32_BE( W[ 1], data, 4 );
|
||||||
GET_UINT32_BE( W[ 2], data, 8 );
|
GET_UINT32_BE( W[ 2], data, 8 );
|
||||||
@ -297,6 +312,9 @@ int mbedtls_sha1_update_ret( mbedtls_sha1_context *ctx,
|
|||||||
if( ilen == 0 )
|
if( ilen == 0 )
|
||||||
return( 0 );
|
return( 0 );
|
||||||
|
|
||||||
|
MBEDTLS_SHA1_VALIDATE_RET( ctx != NULL );
|
||||||
|
MBEDTLS_SHA1_VALIDATE_RET( input != NULL );
|
||||||
|
|
||||||
left = ctx->total[0] & 0x3F;
|
left = ctx->total[0] & 0x3F;
|
||||||
fill = 64 - left;
|
fill = 64 - left;
|
||||||
|
|
||||||
@ -352,6 +370,9 @@ int mbedtls_sha1_finish_ret( mbedtls_sha1_context *ctx,
|
|||||||
uint32_t used;
|
uint32_t used;
|
||||||
uint32_t high, low;
|
uint32_t high, low;
|
||||||
|
|
||||||
|
MBEDTLS_SHA1_VALIDATE_RET( ctx != NULL );
|
||||||
|
MBEDTLS_SHA1_VALIDATE_RET( (unsigned char *)output != NULL );
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Add padding: 0x80 then 0x00 until 8 bytes remain for the length
|
* Add padding: 0x80 then 0x00 until 8 bytes remain for the length
|
||||||
*/
|
*/
|
||||||
@ -420,6 +441,9 @@ int mbedtls_sha1_ret( const unsigned char *input,
|
|||||||
int ret;
|
int ret;
|
||||||
mbedtls_sha1_context ctx;
|
mbedtls_sha1_context ctx;
|
||||||
|
|
||||||
|
MBEDTLS_SHA1_VALIDATE_RET( ilen == 0 || input != NULL );
|
||||||
|
MBEDTLS_SHA1_VALIDATE_RET( (unsigned char *)output != NULL );
|
||||||
|
|
||||||
mbedtls_sha1_init( &ctx );
|
mbedtls_sha1_init( &ctx );
|
||||||
|
|
||||||
if( ( ret = mbedtls_sha1_starts_ret( &ctx ) ) != 0 )
|
if( ( ret = mbedtls_sha1_starts_ret( &ctx ) ) != 0 )
|
||||||
|
Loading…
Reference in New Issue
Block a user