godotengine/godot
1
0
Fork 0
mirror of https://github.com/godotengine/godot.git synced 2025-11-19 14:31:59 +00:00
Code Releases Wiki Activity

mbedTLS: Update to version 2.18.5

Browse Source 
(cherry picked from commit 5333365593)
This commit is contained in:
Fabio Alessandrelli
2023-10-21 14:06:23 +02:00
committed by Rémi Verschelde
parent fe79dc90fc
commit b4240ea1a7
57 changed files with 811 additions and 295 deletions
Download Patch File Download Diff File Expand all files Collapse all files

52
thirdparty/mbedtls/library/cipher.c vendored
View File

@@ -1,7 +1,7 @@
/**
* \file cipher.c
*
* \brief Generic cipher wrapper for mbed TLS
* \brief Generic cipher wrapper for Mbed TLS
*
* \author Adriaan de Jong <dejong@fox-it.com>
*
@@ -30,6 +30,7 @@
#include "mbedtls/platform_util.h"
#include "mbedtls/error.h"
#include "mbedtls/constant_time.h"
#include "constant_time_internal.h"
#include <stdlib.h>
#include <string.h>
@@ -748,17 +749,17 @@ static int get_pkcs_padding(unsigned char *input, size_t input_len,
*data_len = input_len - padding_len;
/* Avoid logical || since it results in a branch */
bad |= padding_len > input_len;
bad |= padding_len == 0;
bad |= ~mbedtls_ct_size_mask_ge(input_len, padding_len);
bad |= mbedtls_ct_size_bool_eq(padding_len, 0);
/* The number of bytes checked must be independent of padding_len,
* so pick input_len, which is usually 8 or 16 (one block) */
pad_idx = input_len - padding_len;
for (i = 0; i < input_len; i++) {
bad |= (input[i] ^ padding_len) * (i >= pad_idx);
size_t mask = mbedtls_ct_size_mask_ge(i, pad_idx);
bad |= (input[i] ^ padding_len) & mask;
}
return MBEDTLS_ERR_CIPHER_INVALID_PADDING * (bad != 0);
return -(int) mbedtls_ct_uint_if(bad, -MBEDTLS_ERR_CIPHER_INVALID_PADDING, 0);
}
#endif /* MBEDTLS_CIPHER_PADDING_PKCS7 */
@@ -781,24 +782,29 @@ static void add_one_and_zeros_padding(unsigned char *output,
static int get_one_and_zeros_padding(unsigned char *input, size_t input_len,
size_t *data_len)
{
size_t i;
unsigned char done = 0, prev_done, bad;
unsigned int bad = 1;
if (NULL == input || NULL == data_len) {
return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
}
bad = 0x80;
*data_len = 0;
for (i = input_len; i > 0; i--) {
prev_done = done;
done |= (input[i - 1] != 0);
*data_len |= (i - 1) * (done != prev_done);
bad ^= input[i - 1] * (done != prev_done);
size_t in_padding = ~0;
for (ptrdiff_t i = (ptrdiff_t) (input_len) - 1; i >= 0; i--) {
size_t is_nonzero = mbedtls_ct_uint_mask(input[i]);
size_t hit_first_nonzero = is_nonzero & in_padding;
*data_len = (*data_len & ~hit_first_nonzero) | ((size_t) i & hit_first_nonzero);
bad = mbedtls_ct_uint_if((unsigned int) hit_first_nonzero,
!mbedtls_ct_size_bool_eq(input[i], 0x80), bad);
in_padding = in_padding & ~is_nonzero;
}
return MBEDTLS_ERR_CIPHER_INVALID_PADDING * (bad != 0);
return -(int) mbedtls_ct_uint_if(bad, -MBEDTLS_ERR_CIPHER_INVALID_PADDING, 0);
}
#endif /* MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS */
@@ -832,16 +838,17 @@ static int get_zeros_and_len_padding(unsigned char *input, size_t input_len,
*data_len = input_len - padding_len;
/* Avoid logical || since it results in a branch */
bad |= padding_len > input_len;
bad |= padding_len == 0;
bad |= mbedtls_ct_size_mask_ge(padding_len, input_len + 1);
bad |= mbedtls_ct_size_bool_eq(padding_len, 0);
/* The number of bytes checked must be independent of padding_len */
pad_idx = input_len - padding_len;
for (i = 0; i < input_len - 1; i++) {
bad |= input[i] * (i >= pad_idx);
size_t mask = mbedtls_ct_size_mask_ge(i, pad_idx);
bad |= input[i] & mask;
}
return MBEDTLS_ERR_CIPHER_INVALID_PADDING * (bad != 0);
return -(int) mbedtls_ct_uint_if(bad, -MBEDTLS_ERR_CIPHER_INVALID_PADDING, 0);
}
#endif /* MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN */
@@ -872,8 +879,9 @@ static int get_zeros_padding(unsigned char *input, size_t input_len,
*data_len = 0;
for (i = input_len; i > 0; i--) {
prev_done = done;
done |= (input[i-1] != 0);
*data_len |= i * (done != prev_done);
done |= !mbedtls_ct_size_bool_eq(input[i-1], 0);
size_t mask = mbedtls_ct_size_mask(done ^ prev_done);
*data_len |= i & mask;
}
return 0;