mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-04-04 04:20:43 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

ctr_drbg: fix free uninitialized aes context

Browse Source 
Application may enabled AES_ALT and define mbedtls_aes_context by its own.
The initial state of user-defined mbedtls_aes_context may not all byte zero.

In mbedtls_ctr_drbg_init, the code set all byte to zero, including the AES
context nested in the ctr_drbg context.

And in mbedtls_ctr_drbg_free, the code calls mbedtls_aes_free on an AES
context without calling mbedtls_aes_init.

If user-defined AES context requires an non-zero init, the mbedtls_aes_free
call in mbedtls_ctr_drbg_free is illegal.

This patch fix this issue by add mbedtls_aes_init in mbedtls_ctr_drbg_init.

So aes context will always be initialized to correct state.

Signed-off-by: kXuan <kxuanobj@gmail.com>
This commit is contained in:
kXuan 2022-08-10 16:32:06 +08:00
parent 869298bffe
commit 11e9310fd1
No known key found for this signature in database
GPG Key ID: E53EA872AFCA251C
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
library/ctr_drbg.c
View File

@ -51,6 +51,7 @@
void mbedtls_ctr_drbg_init( mbedtls_ctr_drbg_context *ctx ) void mbedtls_ctr_drbg_init( mbedtls_ctr_drbg_context *ctx )
{ {
memset( ctx, 0, sizeof( mbedtls_ctr_drbg_context ) ); memset( ctx, 0, sizeof( mbedtls_ctr_drbg_context ) );
mbedtls_aes_init( &ctx->aes_ctx );
/* Indicate that the entropy nonce length is not set explicitly. /* Indicate that the entropy nonce length is not set explicitly.
* See mbedtls_ctr_drbg_set_nonce_len(). */ * See mbedtls_ctr_drbg_set_nonce_len(). */
ctx->reseed_counter = -1; ctx->reseed_counter = -1;