yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Ensure mbedtls_sha3_finish zeroizes the context

Browse source 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
This commit is contained in:
Dave Rodgman 2023-08-30 18:43:23 +01:00
parent 29bf911058
commit dbddb00158
2 changed files with 13 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
library/sha3.c
View file

@ -259,10 +259,13 @@ int mbedtls_sha3_update(mbedtls_sha3_context *ctx,
int mbedtls_sha3_finish(mbedtls_sha3_context *ctx,
uint8_t *output, size_t olen)
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
/* Catch SHA-3 families, with fixed output length */
if (ctx->olen > 0) {
if (ctx->olen > olen) {
return MBEDTLS_ERR_SHA3_BAD_INPUT_DATA;
ret = MBEDTLS_ERR_SHA3_BAD_INPUT_DATA;
goto exit;
}
olen = ctx->olen;
}
@ -280,7 +283,11 @@ int mbedtls_sha3_finish(mbedtls_sha3_context *ctx,
}
}
return 0;
ret = 0;
exit:
mbedtls_platform_zeroize(ctx, sizeof(mbedtls_sha3_context));
return ret;
}
/*

5
tests/suites/test_suite_shax.function
View file

@ -176,9 +176,12 @@ void sha3_invalid_param()
TEST_EQUAL(mbedtls_sha3_starts(&ctx, MBEDTLS_SHA3_NONE), MBEDTLS_ERR_SHA3_BAD_INPUT_DATA);
TEST_EQUAL(mbedtls_sha3_starts(&ctx, MBEDTLS_SHA3_256), 0);
TEST_EQUAL(mbedtls_sha3_finish(&ctx, output, 0), MBEDTLS_ERR_SHA3_BAD_INPUT_DATA);
TEST_EQUAL(mbedtls_sha3_starts(&ctx, MBEDTLS_SHA3_256), 0);
TEST_EQUAL(mbedtls_sha3_finish(&ctx, output, 31), MBEDTLS_ERR_SHA3_BAD_INPUT_DATA);
TEST_EQUAL(mbedtls_sha3_starts(&ctx, MBEDTLS_SHA3_256), 0);
TEST_EQUAL(mbedtls_sha3_finish(&ctx, output, 32), 0);
exit: