Merge branch 'development'
This commit is contained in:
commit
1c8b33ad19
9 changed files with 30 additions and 19 deletions
|
@ -37,13 +37,16 @@ Bugfix
|
|||
a contribution from Tobias Tangemann. #541
|
||||
* Fixed cert_app sample program for debug output and for use when no root
|
||||
certificates are provided.
|
||||
* Fix conditional statement that would cause a 1 byte overread in
|
||||
mbedtls_asn1_get_int(). Found and fixed by Guido Vranken. #599
|
||||
* Fixed pthread implementation to avoid unintended double initialisations
|
||||
and double frees. (found by Niklas Amnebratt)
|
||||
* Fixed the sample applications gen_key.c, cert_req.c and cert_write.c for
|
||||
builds where the configuration MBEDTLS_PEM_WRITE_C is not defined. Found
|
||||
by inestlerode. #559.
|
||||
* Fixed default threading implementation to avoid accidental double
|
||||
initialisations and double frees.
|
||||
* Fix documentation and implementation missmatch for function arguments of
|
||||
mbedtls_gcm_finish(). Found by cmiatpaar. #602
|
||||
* Guarantee that P>Q at RSA key generation. Found by inestlerode. #558
|
||||
|
||||
Changes
|
||||
* Extended test coverage of special cases, and added new timing test suite.
|
||||
|
|
|
@ -190,8 +190,8 @@ int mbedtls_gcm_update( mbedtls_gcm_context *ctx,
|
|||
* 16 bytes.
|
||||
*
|
||||
* \param ctx GCM context
|
||||
* \param tag buffer for holding the tag (may be NULL if tag_len is 0)
|
||||
* \param tag_len length of the tag to generate
|
||||
* \param tag buffer for holding the tag
|
||||
* \param tag_len length of the tag to generate (must be at least 4)
|
||||
*
|
||||
* \return 0 if successful or MBEDTLS_ERR_GCM_BAD_INPUT
|
||||
*/
|
||||
|
|
|
@ -153,7 +153,7 @@ int mbedtls_asn1_get_int( unsigned char **p,
|
|||
if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_INTEGER ) ) != 0 )
|
||||
return( ret );
|
||||
|
||||
if( len > sizeof( int ) || ( **p & 0x80 ) != 0 )
|
||||
if( len == 0 || len > sizeof( int ) || ( **p & 0x80 ) != 0 )
|
||||
return( MBEDTLS_ERR_ASN1_INVALID_LENGTH );
|
||||
|
||||
*val = 0;
|
||||
|
|
|
@ -415,8 +415,7 @@ int mbedtls_gcm_finish( mbedtls_gcm_context *ctx,
|
|||
if( tag_len > 16 || tag_len < 4 )
|
||||
return( MBEDTLS_ERR_GCM_BAD_INPUT );
|
||||
|
||||
if( tag_len != 0 )
|
||||
memcpy( tag, ctx->base_ectr, tag_len );
|
||||
memcpy( tag, ctx->base_ectr, tag_len );
|
||||
|
||||
if( orig_len || orig_add_len )
|
||||
{
|
||||
|
|
|
@ -102,7 +102,10 @@ int mbedtls_rsa_gen_key( mbedtls_rsa_context *ctx,
|
|||
if( f_rng == NULL || nbits < 128 || exponent < 3 )
|
||||
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
|
||||
|
||||
mbedtls_mpi_init( &P1 ); mbedtls_mpi_init( &Q1 );
|
||||
if( nbits % 2 )
|
||||
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
|
||||
|
||||
mbedtls_mpi_init( &P1 ); mbedtls_mpi_init( &Q1 );
|
||||
mbedtls_mpi_init( &H ); mbedtls_mpi_init( &G );
|
||||
|
||||
/*
|
||||
|
@ -116,16 +119,8 @@ int mbedtls_rsa_gen_key( mbedtls_rsa_context *ctx,
|
|||
MBEDTLS_MPI_CHK( mbedtls_mpi_gen_prime( &ctx->P, nbits >> 1, 0,
|
||||
f_rng, p_rng ) );
|
||||
|
||||
if( nbits % 2 )
|
||||
{
|
||||
MBEDTLS_MPI_CHK( mbedtls_mpi_gen_prime( &ctx->Q, ( nbits >> 1 ) + 1, 0,
|
||||
MBEDTLS_MPI_CHK( mbedtls_mpi_gen_prime( &ctx->Q, nbits >> 1, 0,
|
||||
f_rng, p_rng ) );
|
||||
}
|
||||
else
|
||||
{
|
||||
MBEDTLS_MPI_CHK( mbedtls_mpi_gen_prime( &ctx->Q, nbits >> 1, 0,
|
||||
f_rng, p_rng ) );
|
||||
}
|
||||
|
||||
if( mbedtls_mpi_cmp_mpi( &ctx->P, &ctx->Q ) == 0 )
|
||||
continue;
|
||||
|
@ -134,6 +129,9 @@ int mbedtls_rsa_gen_key( mbedtls_rsa_context *ctx,
|
|||
if( mbedtls_mpi_bitlen( &ctx->N ) != nbits )
|
||||
continue;
|
||||
|
||||
if( mbedtls_mpi_cmp_mpi( &ctx->P, &ctx->Q ) < 0 )
|
||||
mbedtls_mpi_swap( &ctx->P, &ctx->Q );
|
||||
|
||||
MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &P1, &ctx->P, 1 ) );
|
||||
MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &Q1, &ctx->Q, 1 ) );
|
||||
MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &H, &P1, &Q1 ) );
|
||||
|
|
|
@ -140,6 +140,11 @@ static int restore_output( FILE** out_stream, int old_fd )
|
|||
|
||||
return 0;
|
||||
}
|
||||
|
||||
static void close_output( FILE* out_stream )
|
||||
{
|
||||
fclose( out_stream );
|
||||
}
|
||||
#endif /* __unix__ || __APPLE__ __MACH__ */
|
||||
|
||||
static int unhexify( unsigned char *obuf, const char *ibuf )
|
||||
|
|
|
@ -261,7 +261,7 @@ int main(int argc, const char *argv[])
|
|||
char buf[5000];
|
||||
char *params[50];
|
||||
void *pointer;
|
||||
int stdout_fd = 0;
|
||||
int stdout_fd = -1;
|
||||
|
||||
#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) && \
|
||||
!defined(TEST_SUITE_MEMORY_BUFFER_ALLOC)
|
||||
|
@ -499,6 +499,11 @@ int main(int argc, const char *argv[])
|
|||
mbedtls_memory_buffer_alloc_free();
|
||||
#endif
|
||||
|
||||
#if defined(__unix__) || (defined(__APPLE__) && defined(__MACH__))
|
||||
if( stdout_fd != -1 )
|
||||
close_output( stdout );
|
||||
#endif /* __unix__ || __APPLE__ __MACH__ */
|
||||
|
||||
return( total_errors != 0 );
|
||||
}
|
||||
|
||||
|
|
|
@ -361,7 +361,7 @@ RSA Generate Key - 2048 bit key
|
|||
mbedtls_rsa_gen_key:2048:3:0
|
||||
|
||||
RSA Generate Key - 1025 bit key
|
||||
mbedtls_rsa_gen_key:1025:3:0
|
||||
mbedtls_rsa_gen_key:1025:3:MBEDTLS_ERR_RSA_BAD_INPUT_DATA
|
||||
|
||||
RSA PKCS1 Encrypt Bad RNG
|
||||
depends_on:MBEDTLS_PKCS1_V15
|
||||
|
|
|
@ -678,6 +678,7 @@ void mbedtls_rsa_gen_key( int nrbits, int exponent, int result)
|
|||
if( result == 0 )
|
||||
{
|
||||
TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
|
||||
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &ctx.P, &ctx.Q ) > 0 );
|
||||
}
|
||||
|
||||
exit:
|
||||
|
|
Loading…
Reference in a new issue