yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-23 18:05:37 +01:00
Code Issues Packages Projects Releases Wiki Activity
70ad1d3380
mbedtls/library
History
Hanno Becker b98e326455 HMAC DRBG: Split entropy-gathering requests to reduce request sizes 
According to SP800-90A, the DRBG seeding process should use a nonce
of length `security_strength / 2` bits as part of the DRBG seed. It
further notes that this nonce may be drawn from the same source of
entropy that is used for the first `security_strength` bits of the
DRBG seed. The present HMAC DRBG implementation does that, requesting
`security_strength * 3 / 2` bits of entropy from the configured entropy
source in total to form the initial part of the DRBG seed.

However, some entropy sources may have thresholds in terms of how much
entropy they can provide in a single call to their entropy gathering
function which may be exceeded by the present HMAC DRBG implementation
even if the threshold is not smaller than `security_strength` bits.
Specifically, this is the case for our own entropy module implementation
which only allows requesting at most 32 Bytes of entropy at a time
in configurations disabling SHA-512, and this leads to runtime failure
of HMAC DRBG when used with Mbed Crypto' own entropy callbacks in such
configurations.

This commit fixes this by splitting the seed entropy acquisition into
two calls, one requesting `security_strength` bits first, and another
one requesting `security_strength / 2` bits for the nonce.

Fixes #237.
2019-08-30 12:16:55 +01:00
..
.gitignore
aes.c
aesni.c
arc4.c
asn1parse.c
asn1write.c Fix ASN1 bitstring writing 2019-02-11 21:10:48 +00:00
base64.c
bignum.c Fix typo 2019-03-06 14:00:44 +00:00
blowfish.c
camellia.c
ccm.c enforce input and output of ccm selftest on stack 2018-07-30 11:43:08 +03:00
certs.c Update certificates to expire in 2029 2019-07-10 17:23:06 +03:00
cipher_wrap.c Fix after PR comments 2018-06-21 14:03:14 +03:00
cipher.c Merge remote-tracking branch 'public/pr/1763' into mbedtls-2.7-proposed 2018-10-28 18:13:46 +00:00
cmac.c Merge remote-tracking branch 'public/pr/1390' into mbedtls-2.7 2018-06-27 11:11:34 +01:00
CMakeLists.txt Update library version to 2.7.11 2019-06-11 17:31:57 +01:00
ctr_drbg.c CTR_DRBG: add mbedtls_ctr_drbg_update_ret 2018-09-13 22:19:31 +02:00
debug.c Return from debugging functions if SSL context is unset 2018-08-23 14:57:39 +01:00
des.c
dhm.c
ecdh.c Fix ecdh_get_params with mismatching group 2019-02-21 18:17:05 +01:00
ecdsa.c Return error code of underlying function. 2018-12-17 10:22:19 +02:00
ecjpake.c Fix #2370, minor typos and spelling mistakes 2019-02-18 15:57:54 +00:00
ecp_curves.c
ecp.c typo fix 2018-10-23 07:40:13 -07:00
entropy_poll.c Add missing bracket 2018-11-05 12:17:15 +00:00
entropy.c
error.c Fix #2370, minor typos and spelling mistakes 2019-02-18 15:57:54 +00:00
gcm.c
havege.c Prevent building the HAVEGE module on platforms where it doesn't work 2019-07-05 11:33:10 +02:00
hmac_drbg.c HMAC DRBG: Split entropy-gathering requests to reduce request sizes 2019-08-30 12:16:55 +01:00
Makefile Fix #2370, minor typos and spelling mistakes 2019-02-18 15:57:54 +00:00
md2.c
md4.c
md5.c Fix Lucky 13 cache attack on MD/SHA padding 2018-07-12 10:18:37 +02:00
md_wrap.c
md.c
memory_buffer_alloc.c Fix braces in mbedtls_memory_buffer_alloc_status() 2018-05-23 16:32:33 +01:00
net_sockets.c net_sockets: Fix typo in net_would_block() 2019-06-20 16:28:10 +01:00
oid.c
padlock.c
pem.c
pk_wrap.c Clarify the use of MBEDTLS_ERR_PK_SIG_LEN_MISMATCH 2018-03-30 18:43:16 +02:00
pk.c
pkcs5.c Guard mbedtls_pkcs5_pbes2() by MBEDTLS_ASN1_PARSE_C 2018-10-16 13:53:58 +01:00
pkcs11.c
pkcs12.c Make PBE-related parts of PKCS12 depend on MBEDTLS_ASN1_PARSE_C 2018-10-16 13:53:50 +01:00
pkparse.c Reinitialize PK ctx in mbedtls_pk_parse_key before reuse are free 2018-10-25 15:24:21 +01:00
pkwrite.c
platform.c Omit runtime configuration of calloc/free if macro config enabled 2018-10-11 11:10:14 +01:00
ripemd160.c
rsa_internal.c
rsa.c Fix undefined behavior in unsigned-to-signed conversion 2018-10-12 19:19:12 +02:00
sha1.c Fix Lucky 13 cache attack on MD/SHA padding 2018-07-12 10:18:37 +02:00
sha256.c Fix Lucky 13 cache attack on MD/SHA padding 2018-07-12 10:18:37 +02:00
sha512.c Fix Lucky 13 cache attack on MD/SHA padding 2018-07-12 10:18:37 +02:00
ssl_cache.c
ssl_ciphersuites.c Reduce priority of 3DES ciphersuites 2019-02-13 09:52:46 +00:00
ssl_cli.c Add explicit unsigned-to-signed integer conversion 2018-10-10 15:50:05 +01:00
ssl_cookie.c
ssl_srv.c Fix #2370, minor typos and spelling mistakes 2019-02-18 15:57:54 +00:00
ssl_ticket.c Indentation fix 2018-10-26 10:08:29 +01:00
ssl_tls.c Merge remote-tracking branch 'origin/pr/2713' into mbedtls-2.7 2019-06-21 15:58:02 +01:00
threading.c Do not define and initialize global mutexes on configurations that do not use them. 2018-03-21 15:13:08 +00:00
timing.c timing: Remove redundant include file 2019-06-20 16:28:10 +01:00
version_features.c Reduce priority of 3DES ciphersuites 2019-02-13 09:52:46 +00:00
version.c
x509_create.c
x509_crl.c Always return a high-level error code from X.509 module 2019-06-04 14:03:27 +01:00
x509_crt.c Always return a high-level error code from X.509 module 2019-06-04 14:03:27 +01:00
x509_csr.c Fix CSR parsing header call 2018-12-05 23:23:39 +00:00
x509.c Merge remote-tracking branch 'origin/pr/2451' into mbedtls-2.7 2019-06-21 15:55:21 +01:00
x509write_crt.c Fix ASN1 bitstring writing 2019-02-11 21:10:48 +00:00
x509write_csr.c Fix ASN1 bitstring writing 2019-02-11 21:10:48 +00:00
xtea.c