lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-08-01 10:06:53 +03:00
Code Activity

Merge branch 'development' into safer-ct5

Browse Source 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
This commit is contained in:
Dave Rodgman
2023-08-07 11:47:35 +01:00
committed by GitHub
parent 56e5d6887f 3b5e8aa05c
commit c98f8d996a
257 changed files with 20700 additions and 8475 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
library/rsa.c
View File

@ -703,7 +703,12 @@ int mbedtls_rsa_gen_key(mbedtls_rsa_context *ctx,
mbedtls_mpi_init(&G);
mbedtls_mpi_init(&L);
if (nbits < 128 || exponent < 3 || nbits % 2 != 0) {
if (exponent < 3 || nbits % 2 != 0) {
ret = MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
goto cleanup;
}
if (nbits < MBEDTLS_RSA_GEN_KEY_MIN_BITS) {
ret = MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
goto cleanup;
}
@ -1424,13 +1429,13 @@ int mbedtls_rsa_rsaes_oaep_encrypt(mbedtls_rsa_context *ctx,
/* maskedDB: Apply dbMask to DB */
if ((ret = mgf_mask(output + hlen + 1, olen - hlen - 1, output + 1, hlen,
ctx->hash_id)) != 0) {
(mbedtls_md_type_t) ctx->hash_id)) != 0) {
return ret;
}
/* maskedSeed: Apply seedMask to seed */
if ((ret = mgf_mask(output + 1, hlen, output + hlen + 1, olen - hlen - 1,
ctx->hash_id)) != 0) {
(mbedtls_md_type_t) ctx->hash_id)) != 0) {
return ret;
}
@ -1578,10 +1583,10 @@ int mbedtls_rsa_rsaes_oaep_decrypt(mbedtls_rsa_context *ctx,
*/
/* seed: Apply seedMask to maskedSeed */
if ((ret = mgf_mask(buf + 1, hlen, buf + hlen + 1, ilen - hlen - 1,
ctx->hash_id)) != 0 ||
(mbedtls_md_type_t) ctx->hash_id)) != 0 ||
/* DB: Apply dbMask to maskedDB */
(ret = mgf_mask(buf + hlen + 1, ilen - hlen - 1, buf + 1, hlen,
ctx->hash_id)) != 0) {
(mbedtls_md_type_t) ctx->hash_id)) != 0) {
goto cleanup;
}
@ -1807,7 +1812,7 @@ static int rsa_rsassa_pss_sign(mbedtls_rsa_context *ctx,
p += slen;
/* Generate H = Hash( M' ) */
ret = hash_mprime(hash, hashlen, salt, slen, p, ctx->hash_id);
ret = hash_mprime(hash, hashlen, salt, slen, p, (mbedtls_md_type_t) ctx->hash_id);
if (ret != 0) {
return ret;
}
@ -1819,7 +1824,7 @@ static int rsa_rsassa_pss_sign(mbedtls_rsa_context *ctx,
/* maskedDB: Apply dbMask to DB */
ret = mgf_mask(sig + offset, olen - hlen - 1 - offset, p, hlen,
ctx->hash_id);
(mbedtls_md_type_t) ctx->hash_id);
if (ret != 0) {
return ret;
}
@ -2063,10 +2068,8 @@ int mbedtls_rsa_rsassa_pkcs1_v15_sign(mbedtls_rsa_context *ctx,
memcpy(sig, sig_try, ctx->len);
cleanup:
mbedtls_platform_zeroize(sig_try, ctx->len);
mbedtls_platform_zeroize(verif, ctx->len);
mbedtls_free(sig_try);
mbedtls_free(verif);
mbedtls_zeroize_and_free(sig_try, ctx->len);
mbedtls_zeroize_and_free(verif, ctx->len);
if (ret != 0) {
memset(sig, '!', ctx->len);
@ -2310,13 +2313,11 @@ int mbedtls_rsa_rsassa_pkcs1_v15_verify(mbedtls_rsa_context *ctx,
cleanup:
if (encoded != NULL) {
mbedtls_platform_zeroize(encoded, sig_len);
mbedtls_free(encoded);
mbedtls_zeroize_and_free(encoded, sig_len);
}
if (encoded_expected != NULL) {
mbedtls_platform_zeroize(encoded_expected, sig_len);
mbedtls_free(encoded_expected);
mbedtls_zeroize_and_free(encoded_expected, sig_len);
}
return ret;