mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-04-03 01:20:39 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Do not start md accumulator in mbedtls_entropy_init

Browse Source 
This change moves the calls to mbedtls_sha256_starts() and
mbedtls_sha512_starts() out of the mbedtls_entropy_init() function as
these now have return codes which need to be checked.
This commit is contained in:
Andres Amaya Garcia 2017-06-29 16:31:44 +01:00
parent a7559cb7ba
commit 95869c4934
2 changed files with 21 additions and 3 deletions
include/mbedtls
entropy.h
library
entropy.c

1
include/mbedtls/entropy.h

@ -121,6 +121,7 @@ mbedtls_entropy_source_state;
*/ */
typedef struct typedef struct
{ {
int accumulator_started;
#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR) #if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
mbedtls_sha512_context accumulator; mbedtls_sha512_context accumulator;
#else #else

23
library/entropy.c

@ -75,12 +75,11 @@ void mbedtls_entropy_init( mbedtls_entropy_context *ctx )
mbedtls_mutex_init( &ctx->mutex ); mbedtls_mutex_init( &ctx->mutex );
#endif #endif
ctx->accumulator_started = 0;
#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR) #if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
mbedtls_sha512_init( &ctx->accumulator ); mbedtls_sha512_init( &ctx->accumulator );
mbedtls_sha512_starts_ext( &ctx->accumulator, 0 );
#else #else
mbedtls_sha256_init( &ctx->accumulator ); mbedtls_sha256_init( &ctx->accumulator );
mbedtls_sha256_starts_ext( &ctx->accumulator, 0 );
#endif #endif
#if defined(MBEDTLS_HAVEGE_C) #if defined(MBEDTLS_HAVEGE_C)
mbedtls_havege_init( &ctx->havege_data ); mbedtls_havege_init( &ctx->havege_data );
@ -139,6 +138,7 @@ void mbedtls_entropy_free( mbedtls_entropy_context *ctx )
#endif #endif
ctx->source_count = 0; ctx->source_count = 0;
mbedtls_zeroize( ctx->source, sizeof( ctx->source ) ); mbedtls_zeroize( ctx->source, sizeof( ctx->source ) );
ctx->accumulator_started = 0;
} }
int mbedtls_entropy_add_source( mbedtls_entropy_context *ctx, int mbedtls_entropy_add_source( mbedtls_entropy_context *ctx,
@ -203,11 +203,26 @@ static int entropy_update( mbedtls_entropy_context *ctx, unsigned char source_id
header[0] = source_id; header[0] = source_id;
header[1] = use_len & 0xFF; header[1] = use_len & 0xFF;
/*
* Start the accumulator if this has not already happened. Note that
* it is sufficient to start the accumulator here only because all calls to
* gather entropy eventually execute this code.
*/
#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR) #if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
if( ctx->accumulator_started == 0 &&
( ret = mbedtls_sha512_starts_ext( &ctx->accumulator, 0 ) ) != 0 )
return( ret );
else
ctx->accumulator_started = 1;
if( ( ret = mbedtls_sha512_update_ext( &ctx->accumulator, header, 2 ) ) != 0 ) if( ( ret = mbedtls_sha512_update_ext( &ctx->accumulator, header, 2 ) ) != 0 )
return( ret ); return( ret );
return( mbedtls_sha512_update_ext( &ctx->accumulator, p, use_len ) ); return( mbedtls_sha512_update_ext( &ctx->accumulator, p, use_len ) );
#else #else
if( ctx->accumulator_started == 0 &&
( ret = mbedtls_sha256_starts_ext( &ctx->accumulator, 0 ) ) != 0 )
return( ret );
else
ctx->accumulator_started = 1;
if( ( ret = mbedtls_sha256_update_ext( &ctx->accumulator, header, 2 ) ) != 0 ) if( ( ret = mbedtls_sha256_update_ext( &ctx->accumulator, header, 2 ) ) != 0 )
return( ret ); return( ret );
return( mbedtls_sha256_update_ext( &ctx->accumulator, p, use_len ) ); return( mbedtls_sha256_update_ext( &ctx->accumulator, p, use_len ) );
@ -266,7 +281,9 @@ static int entropy_gather_internal( mbedtls_entropy_context *ctx )
*/ */
if( olen > 0 ) if( olen > 0 )
{ {
entropy_update( ctx, (unsigned char) i, buf, olen ); if( ( ret = entropy_update( ctx, (unsigned char) i,
buf, olen ) ) != 0 )
return( ret );
ctx->source[i].size += olen; ctx->source[i].size += olen;
} }
} }