Fix misuse of signed ints in the HAVEGE module
Update havege.h to the new version in the crypto module.
This is technically an API break, since the type mbedtls_havege_state
is exposed in a public header. However normal applications should not
be affected.
There is no ABI break on platforms where uint32_t and int are treated
identically, which is virtually all of them.
Fix #2598
diff --git a/ChangeLog b/ChangeLog
index bf835b6..189fd92 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -58,11 +58,13 @@
* Set the next sequence of the subject_alt_name to NULL when deleting
sequence on failure. Found and fix suggested by Philippe Antoine.
Credit to OSS-Fuzz.
+ * Fix misuse of signed arithmetic in the HAVEGE module. #2598
API Changes
* Extend the MBEDTLS_SSL_EXPORT_KEYS to export the handshake randbytes,
and the used tls-prf.
* Add public API for tls-prf function, according to requested enum.
+ * The HAVEGE state type now uses uint32_t elements instead of int.
Changes
* Server's RSA certificate in certs.c was SHA-1 signed. In the default
diff --git a/include/mbedtls/havege.h b/include/mbedtls/havege.h
index 4c1c860..749257a 100644
--- a/include/mbedtls/havege.h
+++ b/include/mbedtls/havege.h
@@ -31,6 +31,7 @@
#endif
#include <stddef.h>
+#include <stdint.h>
#define MBEDTLS_HAVEGE_COLLECT_SIZE 1024
@@ -43,9 +44,9 @@
*/
typedef struct mbedtls_havege_state
{
- int PT1, PT2, offset[2];
- int pool[MBEDTLS_HAVEGE_COLLECT_SIZE];
- int WALK[8192];
+ uint32_t PT1, PT2, offset[2];
+ uint32_t pool[MBEDTLS_HAVEGE_COLLECT_SIZE];
+ uint32_t WALK[8192];
}
mbedtls_havege_state;