diff options
Diffstat (limited to 'thirdparty/mbedtls/library/dhm.c')
| -rw-r--r-- | thirdparty/mbedtls/library/dhm.c | 115 |
1 files changed, 58 insertions, 57 deletions
diff --git a/thirdparty/mbedtls/library/dhm.c b/thirdparty/mbedtls/library/dhm.c index 1a41b91a90..bcc07f5441 100644 --- a/thirdparty/mbedtls/library/dhm.c +++ b/thirdparty/mbedtls/library/dhm.c @@ -35,11 +35,6 @@ #if !defined(MBEDTLS_DHM_ALT) -#define DHM_VALIDATE_RET(cond) \ - MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_DHM_BAD_INPUT_DATA) -#define DHM_VALIDATE(cond) \ - MBEDTLS_INTERNAL_VALIDATE(cond) - /* * helper to validate the mbedtls_mpi size and import it */ @@ -53,10 +48,10 @@ static int dhm_read_bignum(mbedtls_mpi *X, return MBEDTLS_ERR_DHM_BAD_INPUT_DATA; } - n = ((*p)[0] << 8) | (*p)[1]; + n = MBEDTLS_GET_UINT16_BE(*p, 0); (*p) += 2; - if ((int) (end - *p) < n) { + if ((size_t) (end - *p) < (size_t) n) { return MBEDTLS_ERR_DHM_BAD_INPUT_DATA; } @@ -102,10 +97,49 @@ cleanup: void mbedtls_dhm_init(mbedtls_dhm_context *ctx) { - DHM_VALIDATE(ctx != NULL); memset(ctx, 0, sizeof(mbedtls_dhm_context)); } +size_t mbedtls_dhm_get_bitlen(const mbedtls_dhm_context *ctx) +{ + return mbedtls_mpi_bitlen(&ctx->P); +} + +size_t mbedtls_dhm_get_len(const mbedtls_dhm_context *ctx) +{ + return mbedtls_mpi_size(&ctx->P); +} + +int mbedtls_dhm_get_value(const mbedtls_dhm_context *ctx, + mbedtls_dhm_parameter param, + mbedtls_mpi *dest) +{ + const mbedtls_mpi *src = NULL; + switch (param) { + case MBEDTLS_DHM_PARAM_P: + src = &ctx->P; + break; + case MBEDTLS_DHM_PARAM_G: + src = &ctx->G; + break; + case MBEDTLS_DHM_PARAM_X: + src = &ctx->X; + break; + case MBEDTLS_DHM_PARAM_GX: + src = &ctx->GX; + break; + case MBEDTLS_DHM_PARAM_GY: + src = &ctx->GY; + break; + case MBEDTLS_DHM_PARAM_K: + src = &ctx->K; + break; + default: + return MBEDTLS_ERR_DHM_BAD_INPUT_DATA; + } + return mbedtls_mpi_copy(dest, src); +} + /* * Parse the ServerKeyExchange parameters */ @@ -114,9 +148,6 @@ int mbedtls_dhm_read_params(mbedtls_dhm_context *ctx, const unsigned char *end) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - DHM_VALIDATE_RET(ctx != NULL); - DHM_VALIDATE_RET(p != NULL && *p != NULL); - DHM_VALIDATE_RET(end != NULL); if ((ret = dhm_read_bignum(&ctx->P, p, end)) != 0 || (ret = dhm_read_bignum(&ctx->G, p, end)) != 0 || @@ -128,8 +159,6 @@ int mbedtls_dhm_read_params(mbedtls_dhm_context *ctx, return ret; } - ctx->len = mbedtls_mpi_size(&ctx->P); - return 0; } @@ -199,10 +228,6 @@ int mbedtls_dhm_make_params(mbedtls_dhm_context *ctx, int x_size, int ret; size_t n1, n2, n3; unsigned char *p; - DHM_VALIDATE_RET(ctx != NULL); - DHM_VALIDATE_RET(output != NULL); - DHM_VALIDATE_RET(olen != NULL); - DHM_VALIDATE_RET(f_rng != NULL); ret = dhm_make_common(ctx, x_size, f_rng, p_rng); if (ret != 0) { @@ -232,9 +257,7 @@ int mbedtls_dhm_make_params(mbedtls_dhm_context *ctx, int x_size, DHM_MPI_EXPORT(&ctx->G, n2); DHM_MPI_EXPORT(&ctx->GX, n3); - *olen = p - output; - - ctx->len = n1; + *olen = (size_t) (p - output); cleanup: if (ret != 0 && ret > -128) { @@ -251,16 +274,12 @@ int mbedtls_dhm_set_group(mbedtls_dhm_context *ctx, const mbedtls_mpi *G) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - DHM_VALIDATE_RET(ctx != NULL); - DHM_VALIDATE_RET(P != NULL); - DHM_VALIDATE_RET(G != NULL); if ((ret = mbedtls_mpi_copy(&ctx->P, P)) != 0 || (ret = mbedtls_mpi_copy(&ctx->G, G)) != 0) { return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_DHM_SET_GROUP_FAILED, ret); } - ctx->len = mbedtls_mpi_size(&ctx->P); return 0; } @@ -271,10 +290,8 @@ int mbedtls_dhm_read_public(mbedtls_dhm_context *ctx, const unsigned char *input, size_t ilen) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - DHM_VALIDATE_RET(ctx != NULL); - DHM_VALIDATE_RET(input != NULL); - if (ilen < 1 || ilen > ctx->len) { + if (ilen < 1 || ilen > mbedtls_dhm_get_len(ctx)) { return MBEDTLS_ERR_DHM_BAD_INPUT_DATA; } @@ -294,11 +311,8 @@ int mbedtls_dhm_make_public(mbedtls_dhm_context *ctx, int x_size, void *p_rng) { int ret; - DHM_VALIDATE_RET(ctx != NULL); - DHM_VALIDATE_RET(output != NULL); - DHM_VALIDATE_RET(f_rng != NULL); - if (olen < 1 || olen > ctx->len) { + if (olen < 1 || olen > mbedtls_dhm_get_len(ctx)) { return MBEDTLS_ERR_DHM_BAD_INPUT_DATA; } @@ -395,11 +409,12 @@ int mbedtls_dhm_calc_secret(mbedtls_dhm_context *ctx, { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi GYb; - DHM_VALIDATE_RET(ctx != NULL); - DHM_VALIDATE_RET(output != NULL); - DHM_VALIDATE_RET(olen != NULL); - if (output_size < ctx->len) { + if (f_rng == NULL) { + return MBEDTLS_ERR_DHM_BAD_INPUT_DATA; + } + + if (output_size < mbedtls_dhm_get_len(ctx)) { return MBEDTLS_ERR_DHM_BAD_INPUT_DATA; } @@ -410,23 +425,17 @@ int mbedtls_dhm_calc_secret(mbedtls_dhm_context *ctx, mbedtls_mpi_init(&GYb); /* Blind peer's value */ - if (f_rng != NULL) { - MBEDTLS_MPI_CHK(dhm_update_blinding(ctx, f_rng, p_rng)); - MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&GYb, &ctx->GY, &ctx->Vi)); - MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&GYb, &GYb, &ctx->P)); - } else { - MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&GYb, &ctx->GY)); - } + MBEDTLS_MPI_CHK(dhm_update_blinding(ctx, f_rng, p_rng)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&GYb, &ctx->GY, &ctx->Vi)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&GYb, &GYb, &ctx->P)); /* Do modular exponentiation */ MBEDTLS_MPI_CHK(mbedtls_mpi_exp_mod(&ctx->K, &GYb, &ctx->X, &ctx->P, &ctx->RP)); /* Unblind secret value */ - if (f_rng != NULL) { - MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&ctx->K, &ctx->K, &ctx->Vf)); - MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&ctx->K, &ctx->K, &ctx->P)); - } + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&ctx->K, &ctx->K, &ctx->Vf)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&ctx->K, &ctx->K, &ctx->P)); /* Output the secret without any leading zero byte. This is mandatory * for TLS per RFC 5246 §8.1.2. */ @@ -480,9 +489,6 @@ int mbedtls_dhm_parse_dhm(mbedtls_dhm_context *dhm, const unsigned char *dhmin, mbedtls_pem_context pem; #endif /* MBEDTLS_PEM_PARSE_C */ - DHM_VALIDATE_RET(dhm != NULL); - DHM_VALIDATE_RET(dhmin != NULL); - #if defined(MBEDTLS_PEM_PARSE_C) mbedtls_pem_init(&pem); @@ -552,8 +558,6 @@ int mbedtls_dhm_parse_dhm(mbedtls_dhm_context *dhm, const unsigned char *dhmin, ret = 0; - dhm->len = mbedtls_mpi_size(&dhm->P); - exit: #if defined(MBEDTLS_PEM_PARSE_C) mbedtls_pem_free(&pem); @@ -581,6 +585,7 @@ static int load_file(const char *path, unsigned char **buf, size_t *n) if ((f = fopen(path, "rb")) == NULL) { return MBEDTLS_ERR_DHM_FILE_IO_ERROR; } + /* The data loaded here is public, so don't bother disabling buffering. */ fseek(f, 0, SEEK_END); if ((size = ftell(f)) == -1) { @@ -600,8 +605,7 @@ static int load_file(const char *path, unsigned char **buf, size_t *n) if (fread(*buf, 1, *n, f) != *n) { fclose(f); - mbedtls_platform_zeroize(*buf, *n + 1); - mbedtls_free(*buf); + mbedtls_zeroize_and_free(*buf, *n + 1); return MBEDTLS_ERR_DHM_FILE_IO_ERROR; } @@ -625,8 +629,6 @@ int mbedtls_dhm_parse_dhmfile(mbedtls_dhm_context *dhm, const char *path) int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t n; unsigned char *buf; - DHM_VALIDATE_RET(dhm != NULL); - DHM_VALIDATE_RET(path != NULL); if ((ret = load_file(path, &buf, &n)) != 0) { return ret; @@ -634,8 +636,7 @@ int mbedtls_dhm_parse_dhmfile(mbedtls_dhm_context *dhm, const char *path) ret = mbedtls_dhm_parse_dhm(dhm, buf, n); - mbedtls_platform_zeroize(buf, n); - mbedtls_free(buf); + mbedtls_zeroize_and_free(buf, n); return ret; } |