From 70ad8397259f96f53104929b0c416f6617280b69 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 21 Mar 2018 16:28:41 +0100 Subject: [PATCH 1/3] Clarify the behavior of bignum resize and copy functions --- include/mbedtls/bignum.h | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/bignum.h b/include/mbedtls/bignum.h index 3bf02a7ee..31383b1eb 100644 --- a/include/mbedtls/bignum.h +++ b/include/mbedtls/bignum.h @@ -204,6 +204,8 @@ void mbedtls_mpi_free( mbedtls_mpi *X ); /** * \brief Enlarge to the specified number of limbs * + * This function does nothing if the MPI is already large enough. + * * \param X MPI to grow * \param nblimbs The target number of limbs * @@ -215,19 +217,23 @@ int mbedtls_mpi_grow( mbedtls_mpi *X, size_t nblimbs ); /** * \brief Resize down, keeping at least the specified number of limbs * + * If \c X is smaller than \c nblimbs, it is resized up + * instead. + * * \param X MPI to shrink * \param nblimbs The minimum number of limbs to keep * * \return 0 if successful, * MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed + * (this can only happen when resizing up). */ int mbedtls_mpi_shrink( mbedtls_mpi *X, size_t nblimbs ); /** * \brief Copy the contents of Y into X * - * \param X Destination MPI - * \param Y Source MPI + * \param X Destination MPI. It is enlarged if necessary. + * \param Y Source MPI. * * \return 0 if successful, * MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed From 4e4be7cf623803865d4259f6c3a11414b6565221 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 21 Mar 2018 16:29:03 +0100 Subject: [PATCH 2/3] Optimize unnecessary zeorizing in mbedtls_mpi_copy Based on a contribution by Alexey Skalozub (https://github.com/ARMmbed/mbedtls/pull/405). --- ChangeLog | 6 ++++++ library/bignum.c | 12 +++++++++--- 2 files changed, 15 insertions(+), 3 deletions(-) diff --git a/ChangeLog b/ChangeLog index 8db021591..25f52c804 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,11 @@ mbed TLS ChangeLog (Sorted per branch, date) += mbed TLS 2.x.x branch released xxxx-xx-xx + +Changes + * Optimize unnecessary zeroing in mbedtls_mpi_copy. Based on a contribution + by Alexey Skalozub. + = mbed TLS 2.7.0 branch released 2018-02-03 Security diff --git a/library/bignum.c b/library/bignum.c index d27c130bc..e57e6af17 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -184,7 +184,7 @@ int mbedtls_mpi_shrink( mbedtls_mpi *X, size_t nblimbs ) */ int mbedtls_mpi_copy( mbedtls_mpi *X, const mbedtls_mpi *Y ) { - int ret; + int ret = 0; size_t i; if( X == Y ) @@ -203,9 +203,15 @@ int mbedtls_mpi_copy( mbedtls_mpi *X, const mbedtls_mpi *Y ) X->s = Y->s; - MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, i ) ); + if( X->n < i ) + { + MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, i ) ); + } + else + { + memset( X->p + i, 0, ( X->n - i ) * ciL ); + } - memset( X->p, 0, X->n * ciL ); memcpy( X->p, Y->p, i * ciL ); cleanup: From 092bf3dd3898e67b9dff2bb5d4f2aa289a827135 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 1 Apr 2018 12:43:48 +0200 Subject: [PATCH 3/3] Add original PR reference --- ChangeLog | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index 25f52c804..8a3f0af04 100644 --- a/ChangeLog +++ b/ChangeLog @@ -4,7 +4,7 @@ mbed TLS ChangeLog (Sorted per branch, date) Changes * Optimize unnecessary zeroing in mbedtls_mpi_copy. Based on a contribution - by Alexey Skalozub. + by Alexey Skalozub in #405. = mbed TLS 2.7.0 branch released 2018-02-03