From dbddb0015870f1ff68bdba246be7a93763fb9460 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 30 Aug 2023 18:43:23 +0100 Subject: [PATCH 1/2] Ensure mbedtls_sha3_finish zeroizes the context Signed-off-by: Dave Rodgman --- library/sha3.c | 11 +++++++++-- tests/suites/test_suite_shax.function | 5 ++++- 2 files changed, 13 insertions(+), 3 deletions(-) diff --git a/library/sha3.c b/library/sha3.c index 4b97a85c5f..982550419b 100644 --- a/library/sha3.c +++ b/library/sha3.c @@ -259,10 +259,13 @@ int mbedtls_sha3_update(mbedtls_sha3_context *ctx, int mbedtls_sha3_finish(mbedtls_sha3_context *ctx, uint8_t *output, size_t olen) { + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + /* Catch SHA-3 families, with fixed output length */ if (ctx->olen > 0) { if (ctx->olen > olen) { - return MBEDTLS_ERR_SHA3_BAD_INPUT_DATA; + ret = MBEDTLS_ERR_SHA3_BAD_INPUT_DATA; + goto exit; } olen = ctx->olen; } @@ -280,7 +283,11 @@ int mbedtls_sha3_finish(mbedtls_sha3_context *ctx, } } - return 0; + ret = 0; + +exit: + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_sha3_context)); + return ret; } /* diff --git a/tests/suites/test_suite_shax.function b/tests/suites/test_suite_shax.function index 7dd9166658..629e281008 100644 --- a/tests/suites/test_suite_shax.function +++ b/tests/suites/test_suite_shax.function @@ -176,9 +176,12 @@ void sha3_invalid_param() TEST_EQUAL(mbedtls_sha3_starts(&ctx, MBEDTLS_SHA3_NONE), MBEDTLS_ERR_SHA3_BAD_INPUT_DATA); TEST_EQUAL(mbedtls_sha3_starts(&ctx, MBEDTLS_SHA3_256), 0); - TEST_EQUAL(mbedtls_sha3_finish(&ctx, output, 0), MBEDTLS_ERR_SHA3_BAD_INPUT_DATA); + + TEST_EQUAL(mbedtls_sha3_starts(&ctx, MBEDTLS_SHA3_256), 0); TEST_EQUAL(mbedtls_sha3_finish(&ctx, output, 31), MBEDTLS_ERR_SHA3_BAD_INPUT_DATA); + + TEST_EQUAL(mbedtls_sha3_starts(&ctx, MBEDTLS_SHA3_256), 0); TEST_EQUAL(mbedtls_sha3_finish(&ctx, output, 32), 0); exit: From 984309c2c3c5ce5277ba9c349148ac4e2e0093fc Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 30 Aug 2023 19:22:28 +0100 Subject: [PATCH 2/2] Call mbedtls_platform_zeroize via mbedtls_sha3_free Signed-off-by: Dave Rodgman --- library/sha3.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/sha3.c b/library/sha3.c index 982550419b..dca5790484 100644 --- a/library/sha3.c +++ b/library/sha3.c @@ -286,7 +286,7 @@ int mbedtls_sha3_finish(mbedtls_sha3_context *ctx, ret = 0; exit: - mbedtls_platform_zeroize(ctx, sizeof(mbedtls_sha3_context)); + mbedtls_sha3_free(ctx); return ret; }