godotengine
/
godot
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[Crypto] Fix generate_random_bytes for large chunks 

Properly handle mbedtls errors, ensure we don't ask more bytes than
allowed for each iteration.

(cherry picked from commit e0140601a5)
This commit is contained in:
Fabio Alessandrelli 2023-09-18 21:06:15 +02:00 committed by Rémi Verschelde
parent 33b965367c
commit 52e2bde16f
No known key found for this signature in database
GPG Key ID: C3336907360768E1
1 changed files with 11 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
modules/mbedtls/crypto_mbedtls.cpp
View File

@ -419,9 +419,19 @@ Ref<X509Certificate> CryptoMbedTLS::generate_self_signed_certificate(Ref<CryptoK
} }
PackedByteArray CryptoMbedTLS::generate_random_bytes(int p_bytes) { PackedByteArray CryptoMbedTLS::generate_random_bytes(int p_bytes) {
ERR_FAIL_COND_V(p_bytes < 0, PackedByteArray());
PackedByteArray out; PackedByteArray out;
out.resize(p_bytes); out.resize(p_bytes);
mbedtls_ctr_drbg_random(&ctr_drbg, out.ptrw(), p_bytes); int left = p_bytes;
int pos = 0;
// Ensure we generate random in chunks of no more than MBEDTLS_CTR_DRBG_MAX_REQUEST bytes or mbedtls_ctr_drbg_random will fail.
while (left > 0) {
int to_read = MIN(left, MBEDTLS_CTR_DRBG_MAX_REQUEST);
int ret = mbedtls_ctr_drbg_random(&ctr_drbg, out.ptrw() + pos, to_read);
ERR_FAIL_COND_V_MSG(ret != 0, PackedByteArray(), vformat("Failed to generate %d random bytes(s). Error: %d.", p_bytes, ret));
left -= to_read;
pos += to_read;
}
return out; return out;
} }