fortanix · Nov 14, 2024
diff --git a/‎Cargo.lock
+42-77 b/‎Cargo.lock
+42-77
diff --git a/‎mbedtls/Cargo.toml
+3-3 b/‎mbedtls/Cargo.toml
+3-3
diff --git a/‎mbedtls/src/bignum/mod.rs
+11-10 b/‎mbedtls/src/bignum/mod.rs
+11-10
@@ -2,7 +2,7 @@
 name = "mbedtls"
 # We jumped from v0.9 to v0.12 because v0.10 and v0.11 were based on mbedtls 3.X, which
 # we decided not to support.
-version = "0.12.3"
+version = "0.13.0"
 authors = ["Jethro Beekman <jethro@fortanix.com>"]
 build = "build.rs"
 edition = "2018"
@@ -24,8 +24,8 @@ features = ["x509", "ssl"]
 
 [dependencies]
 bitflags = "1"
-serde = { version = "1.0.7", default-features = false, features = ["alloc"] }
-serde_derive = "1.0.7"
+serde = { version = "1.0.214", default-features = false, features = ["alloc"] }
+serde_derive = "1.0.214"
 byteorder = { version = "1.0.0", default-features = false }
 yasna = { version = "0.2", optional = true, features = [
     "num-bigint",
 
@@ -6,7 +6,8 @@
  * option. This file may not be copied, modified, or distributed except
  * according to those terms. */
 
-use crate::error::{Error, IntoResult, Result};
+use crate::error::Error;
+use crate::error::{codes, IntoResult, Result};
 use mbedtls_sys::*;
 
 #[cfg(not(feature = "std"))]
@@ -161,7 +162,7 @@ impl Mpi {
     pub fn as_u32(&self) -> Result<u32> {
         if self.bit_length()? > 32 {
             // Not exactly correct but close enough
-            return Err(Error::MpiBufferTooSmall);
+            return Err(codes::MpiBufferTooSmall.into());
         }
 
         Ok(self.get_limb(0) as u32)
@@ -183,7 +184,7 @@ impl Mpi {
         let r = unsafe { mpi_write_string(&self.inner, radix, ::core::ptr::null_mut(), 0, &mut olen) };
 
         if r != ERR_MPI_BUFFER_TOO_SMALL {
-            return Err(Error::from_mbedtls_code(r));
+            return Err(r.into());
         }
 
         let mut buf = vec![0u8; olen];
@@ -264,7 +265,7 @@ impl Mpi {
         let zero = Mpi::new(0)?;
 
         if self < &zero || self >= p {
-            return Err(Error::MpiBadInputData);
+            return Err(codes::MpiBadInputData.into());
         }
         if self == &zero {
             return Ok(zero);
@@ -273,12 +274,12 @@ impl Mpi {
         // This ignores p=2 (for which this algorithm is valid), as not
         // cryptographically interesting.
         if p.get_bit(0) == false || p <= &zero {
-            return Err(Error::MpiBadInputData);
+            return Err(codes::MpiBadInputData.into());
         }
 
         if self.jacobi(p)? != 1 {
             // a is not a quadratic residue mod p
-            return Err(Error::MpiBadInputData);
+            return Err(codes::MpiBadInputData.into());
         }
 
         if (p % 4)?.as_u32()? == 3 {
@@ -325,7 +326,7 @@ impl Mpi {
                 bo = bo.mod_exp(&two, p)?;
                 m += 1;
                 if m >= r {
-                    return Err(Error::MpiBadInputData);
+                    return Err(codes::MpiBadInputData.into());
                 }
             }
 
@@ -358,7 +359,7 @@ impl Mpi {
         let one = Mpi::new(1)?;
 
         if self < &zero || n < &zero || n.get_bit(0) == false {
-            return Err(Error::MpiBadInputData);
+            return Err(codes::MpiBadInputData.into());
         }
 
         let mut x = self.modulo(n)?;
@@ -431,7 +432,7 @@ impl Mpi {
 pub(super) fn mpi_inner_eq_const_time(x: &mpi, y: &mpi) -> core::prelude::v1::Result<bool, Error> {
     match mpi_inner_cmp_const_time(x, y) {
         Ok(order) => Ok(order == Ordering::Equal),
-        Err(Error::MpiBadInputData) => Ok(false),
+        Err(e) if e == codes::MpiBadInputData.into() => Ok(false),
         Err(e) => Err(e),
     }
 }
@@ -779,7 +780,7 @@ mod tests {
         ])
         .unwrap();
         assert_eq!(mpi3.less_than_const_time(&mpi3), Ok(false));
-        assert_eq!(mpi2.less_than_const_time(&mpi3), Err(Error::MpiBadInputData));
+        assert_eq!(mpi2.less_than_const_time(&mpi3), Err(codes::MpiBadInputData.into()));
     }
 
     #[test]