feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

TFM mp_sqr: error on number overflow

Browse Source 
Change mp_sqr to return an error if the result won't fit into the fixed
length dp.
This commit is contained in:
Sean Parkinson
2020-09-28 09:52:25 +10:00
parent 7d33312f4b
commit a1991da458
1 changed files with 25 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
wolfcrypt/src/tfm.c
View File

@ -272,7 +272,7 @@ int fp_mul(fp_int *A, fp_int *B, fp_int *C)
yy = MIN(A->used, B->used); yy = MIN(A->used, B->used);
/* fail if we are out of range */ /* fail if we are out of range */
if (y + yy > FP_SIZE) { if (y + yy >= FP_SIZE) {
ret = FP_VAL; ret = FP_VAL;
goto clean; goto clean;
} }
@ -1435,6 +1435,10 @@ int fp_invmod_mont_ct(fp_int *a, fp_int *b, fp_int *c, fp_digit mp)
fp_int* pre; fp_int* pre;
#endif #endif
if ((a->used * 2 > FP_MAX_BITS) || (b->used * 2 > FP_MAX_BITS)) {
return FP_VAL;
}
#ifdef WOLFSSL_SMALL_STACK #ifdef WOLFSSL_SMALL_STACK
t = (fp_int*)XMALLOC(sizeof(fp_int) * (2 + CT_INV_MOD_PRE_CNT), NULL, t = (fp_int*)XMALLOC(sizeof(fp_int) * (2 + CT_INV_MOD_PRE_CNT), NULL,
DYNAMIC_TYPE_BIGINT); DYNAMIC_TYPE_BIGINT);
@ -1834,13 +1838,17 @@ int fp_exptmod_nb(exptModNb_t* nb, fp_int* G, fp_int* X, fp_int* P, fp_int* Y)
case TFM_EXPTMOD_NB_SQR: case TFM_EXPTMOD_NB_SQR:
#ifdef WC_NO_CACHE_RESISTANT #ifdef WC_NO_CACHE_RESISTANT
fp_sqr(&nb->R[nb->y], &nb->R[nb->y]); err = fp_sqr(&nb->R[nb->y], &nb->R[nb->y]);
#else #else
fp_copy((fp_int*) ( ((wolfssl_word)&nb->R[0] & wc_off_on_addr[nb->y^1]) + fp_copy((fp_int*) ( ((wolfssl_word)&nb->R[0] & wc_off_on_addr[nb->y^1]) +
((wolfssl_word)&nb->R[1] & wc_off_on_addr[nb->y]) ), ((wolfssl_word)&nb->R[1] & wc_off_on_addr[nb->y]) ),
&nb->R[2]); &nb->R[2]);
fp_sqr(&nb->R[2], &nb->R[2]); err = fp_sqr(&nb->R[2], &nb->R[2]);
#endif /* WC_NO_CACHE_RESISTANT */ #endif /* WC_NO_CACHE_RESISTANT */
if (err != FP_OKAY) {
nb->state = TFM_EXPTMOD_NB_INIT;
return err;
}
nb->state = TFM_EXPTMOD_NB_SQR_RED; nb->state = TFM_EXPTMOD_NB_SQR_RED;
break; break;
@ -2131,7 +2139,14 @@ static int _fp_exptmod_nct(fp_int * G, fp_int * X, fp_int * P, fp_int * Y)
* squaring M[1] (winsize-1) times */ * squaring M[1] (winsize-1) times */
fp_copy (&M[1], &M[(word32)(1 << (winsize - 1))]); fp_copy (&M[1], &M[(word32)(1 << (winsize - 1))]);
for (x = 0; x < (winsize - 1); x++) { for (x = 0; x < (winsize - 1); x++) {
fp_sqr (&M[(word32)(1 << (winsize - 1))], &M[(word32)(1 << (winsize - 1))]); err = fp_sqr (&M[(word32)(1 << (winsize - 1))],
&M[(word32)(1 << (winsize - 1))]);
if (err != FP_OKAY) {
#ifndef WOLFSSL_NO_MALLOC
XFREE(M, NULL, DYNAMIC_TYPE_BIGINT);
#endif
return err;
}
err = fp_montgomery_reduce_ex(&M[(word32)(1 << (winsize - 1))], P, mp, 0); err = fp_montgomery_reduce_ex(&M[(word32)(1 << (winsize - 1))], P, mp, 0);
if (err != FP_OKAY) { if (err != FP_OKAY) {
#ifndef WOLFSSL_NO_MALLOC #ifndef WOLFSSL_NO_MALLOC
@ -2944,9 +2959,9 @@ int fp_sqr(fp_int *A, fp_int *B)
oldused = B->used; oldused = B->used;
y = A->used; y = A->used;
/* call generic if we're out of range */ /* error if we're out of range */
if (y + y > FP_SIZE) { if (y + y >= FP_SIZE) {
err = fp_sqr_comba(A, B); err = FP_VAL;
goto clean; goto clean;
} }
@ -4691,7 +4706,9 @@ static int fp_prime_miller_rabin_ex(fp_int * a, fp_int * b, int *result,
j = 1; j = 1;
/* while j <= s-1 and y != n1 */ /* while j <= s-1 and y != n1 */
while ((j <= (s - 1)) && fp_cmp (y, n1) != FP_EQ) { while ((j <= (s - 1)) && fp_cmp (y, n1) != FP_EQ) {
fp_sqrmod (y, a, y); err = fp_sqrmod (y, a, y);
if (err != FP_OKAY)
return err;
/* if y == 1 then composite */ /* if y == 1 then composite */
if (fp_cmp_d (y, 1) == FP_EQ) { if (fp_cmp_d (y, 1) == FP_EQ) {