generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

If we're going to return errors (no matter how stupid), then we should

Browse Source 
test for them!
This commit is contained in:
Ben Laurie
2008-12-29 16:11:58 +00:00
parent 8aa02e97a7
commit 0eab41fb78
28 changed files with 168 additions and 55 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
ssl/d1_enc.c
View File

@@ -135,7 +135,11 @@ int dtls1_enc(SSL *s, int send)
if (send)
{
if (EVP_MD_CTX_md(s->write_hash))
{
n=EVP_MD_CTX_size(s->write_hash);
if (n < 0)
return -1;
}
ds=s->enc_write_ctx;
rec= &(s->s3->wrec);
if (s->enc_write_ctx == NULL)
@@ -157,7 +161,11 @@ int dtls1_enc(SSL *s, int send)
else
{
if (EVP_MD_CTX_md(s->read_hash))
{
n=EVP_MD_CTX_size(s->read_hash);
if (n < 0)
return -1;
}
ds=s->enc_read_ctx;
rec= &(s->s3->rrec);
if (s->enc_read_ctx == NULL)

14
ssl/d1_pkt.c
View File

@@ -428,7 +428,10 @@ printf("\n");
if (!clear)
{
/* !clear => s->read_hash != NULL => mac_size != -1 */
mac_size=EVP_MD_CTX_size(s->read_hash);
int t;
t=EVP_MD_CTX_size(s->read_hash);
OPENSSL_assert(t >= 0);
mac_size=t;
if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH+mac_size)
{
@@ -453,7 +456,7 @@ printf("\n");
}
rr->length-=mac_size;
i=s->method->ssl3_enc->mac(s,md,0);
if (memcmp(md,&(rr->data[rr->length]),mac_size) != 0)
if (i < 0 || memcmp(md,&(rr->data[rr->length]),mac_size) != 0)
{
goto decryption_failed_or_bad_record_mac;
}
@@ -1341,7 +1344,11 @@ int do_dtls1_write(SSL *s, int type, const unsigned char *buf, unsigned int len,
if (clear)
mac_size=0;
else
{
mac_size=EVP_MD_CTX_size(s->write_hash);
if (mac_size < 0)
goto err;
}
/* DTLS implements explicit IV, so no need for empty fragments */
#if 0
@@ -1428,7 +1435,8 @@ int do_dtls1_write(SSL *s, int type, const unsigned char *buf, unsigned int len,
if (mac_size != 0)
{
s->method->ssl3_enc->mac(s,&(p[wr->length + bs]),1);
if(s->method->ssl3_enc->mac(s,&(p[wr->length + bs]),1) < 0)
goto err;
wr->length+=mac_size;
}

11
ssl/s2_lib.c
View File

@@ -455,6 +455,7 @@ int ssl2_generate_key_material(SSL *s)
unsigned char *km;
unsigned char c='0';
const EVP_MD *md5;
int md_size;
md5 = EVP_md5();
@@ -471,10 +472,12 @@ int ssl2_generate_key_material(SSL *s)
SSLerr(SSL_F_SSL2_GENERATE_KEY_MATERIAL, ERR_R_INTERNAL_ERROR);
return 0;
}
for (i=0; i<s->s2->key_material_length; i += EVP_MD_size(md5))
md_size = EVP_MD_size(md5);
if (md_size < 0)
return 0;
for (i=0; i<s->s2->key_material_length; i += md_size)
{
if (((km - s->s2->key_material) + EVP_MD_size(md5)) >
if (((km - s->s2->key_material) + md_size) >
(int)sizeof(s->s2->key_material))
{
/* EVP_DigestFinal_ex() below would write beyond buffer */
@@ -493,7 +496,7 @@ int ssl2_generate_key_material(SSL *s)
EVP_DigestUpdate(&ctx,s->s2->challenge,s->s2->challenge_length);
EVP_DigestUpdate(&ctx,s->s2->conn_id,s->s2->conn_id_length);
EVP_DigestFinal_ex(&ctx,km,NULL);
km += EVP_MD_size(md5);
km += md_size;
}
EVP_MD_CTX_cleanup(&ctx);

14
ssl/s2_pkt.c
View File

@@ -116,7 +116,7 @@
#define USE_SOCKETS
static int read_n(SSL *s,unsigned int n,unsigned int max,unsigned int extend);
static int do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len);
static int n_do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len);
static int write_pending(SSL *s, const unsigned char *buf, unsigned int len);
static int ssl_mt_error(int n);
@@ -130,7 +130,7 @@ static int ssl2_read_internal(SSL *s, void *buf, int len, int peek)
unsigned char mac[MAX_MAC_SIZE];
unsigned char *p;
int i;
unsigned int mac_size;
int mac_size;
ssl2_read_again:
if (SSL_in_init(s) && !s->in_handshake)
@@ -247,6 +247,8 @@ static int ssl2_read_internal(SSL *s, void *buf, int len, int peek)
else
{
mac_size=EVP_MD_CTX_size(s->read_hash);
if (mac_size < 0)
return -1;
OPENSSL_assert(mac_size <= MAX_MAC_SIZE);
s->s2->mac_data=p;
s->s2->ract_data= &p[mac_size];
@@ -447,7 +449,7 @@ int ssl2_write(SSL *s, const void *_buf, int len)
n=(len-tot);
for (;;)
{
i=do_ssl_write(s,&(buf[tot]),n);
i=n_do_ssl_write(s,&(buf[tot]),n);
if (i <= 0)
{
s->s2->wnum=tot;
@@ -511,7 +513,7 @@ static int write_pending(SSL *s, const unsigned char *buf, unsigned int len)
}
}
static int do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len)
static int n_do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len)
{
unsigned int j,k,olen,p,mac_size,bs;
register unsigned char *pp;
@@ -529,7 +531,11 @@ static int do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len)
if (s->s2->clear_text)
mac_size=0;
else
{
mac_size=EVP_MD_CTX_size(s->write_hash);
if (mac_size < 0)
return -1;
}
/* lets set the pad p */
if (s->s2->clear_text)

21
ssl/s3_enc.c
View File

@@ -315,6 +315,8 @@ int ssl3_change_cipher_state(SSL *s, int which)
p=s->s3->tmp.key_block;
i=EVP_MD_size(m);
if (i < 0)
goto err2;
cl=EVP_CIPHER_key_length(c);
j=is_exp ? (cl < SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher) ?
cl : SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher)) : cl;
@@ -409,7 +411,11 @@ int ssl3_setup_key_block(SSL *s)
s->s3->tmp.new_compression=comp;
#endif
num=EVP_CIPHER_key_length(c)+EVP_MD_size(hash)+EVP_CIPHER_iv_length(c);
num=EVP_MD_size(hash);
if (num < 0)
return 0;
num=EVP_CIPHER_key_length(c)+num+EVP_CIPHER_iv_length(c);
num*=2;
ssl3_cleanup_key_block(s);
@@ -666,6 +672,9 @@ static int ssl3_handshake_mac(SSL *s, int md_nid,
EVP_MD_CTX_init(&ctx);
EVP_MD_CTX_copy_ex(&ctx,d);
n=EVP_MD_CTX_size(&ctx);
if (n < 0)
return 0;
npad=(48/n)*n;
if (sender != NULL)
EVP_DigestUpdate(&ctx,sender,len);
@@ -686,7 +695,7 @@ static int ssl3_handshake_mac(SSL *s, int md_nid,
return((int)ret);
}
int ssl3_mac(SSL *ssl, unsigned char *md, int send)
int n_ssl3_mac(SSL *ssl, unsigned char *md, int send)
{
SSL3_RECORD *rec;
unsigned char *mac_sec,*seq;
@@ -695,6 +704,7 @@ int ssl3_mac(SSL *ssl, unsigned char *md, int send)
unsigned char *p,rec_char;
unsigned int md_size;
int npad;
int t;
if (send)
{
@@ -711,9 +721,10 @@ int ssl3_mac(SSL *ssl, unsigned char *md, int send)
hash=ssl->read_hash;
}
/* If hash is NULL, then a crash will follow anyway */
OPENSSL_assert(hash);
md_size=EVP_MD_CTX_size(hash);
t=EVP_MD_CTX_size(hash);
if (t < 0)
return -1;
md_size=t;
npad=(48/md_size)*md_size;
/* Chop the digest off the end :-) */

2
ssl/s3_lib.c
View File

@@ -2077,7 +2077,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL3_ENC_METHOD SSLv3_enc_data={
ssl3_enc,
ssl3_mac,
n_ssl3_mac,
ssl3_setup_key_block,
ssl3_generate_master_secret,
ssl3_change_cipher_state,

10
ssl/s3_pkt.c
View File

@@ -414,6 +414,7 @@ printf("\n");
{
/* !clear => s->read_hash != NULL => mac_size != -1 */
mac_size=EVP_MD_CTX_size(s->read_hash);
OPENSSL_assert(mac_size >= 0);
if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH+extra+mac_size)
{
@@ -444,7 +445,7 @@ printf("\n");
#endif
}
i=s->method->ssl3_enc->mac(s,md,0);
if (mac == NULL || memcmp(md, mac, mac_size) != 0)
if (i < 0 || mac == NULL || memcmp(md, mac, mac_size) != 0)
{
decryption_failed_or_bad_record_mac = 1;
}
@@ -649,7 +650,11 @@ static int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
if (clear)
mac_size=0;
else
{
mac_size=EVP_MD_CTX_size(s->write_hash);
if (mac_size < 0)
goto err;
}
/* 'create_empty_fragment' is true only when this function calls itself */
if (!clear && !create_empty_fragment && !s->s3->empty_fragment_done)
@@ -747,7 +752,8 @@ static int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
if (mac_size != 0)
{
s->method->ssl3_enc->mac(s,&(p[wr->length]),1);
if (s->method->ssl3_enc->mac(s,&(p[wr->length]),1) < 0)
goto err;
wr->length+=mac_size;
wr->input=p;
wr->data=p;

11
ssl/s3_srvr.c
View File

@@ -522,6 +522,7 @@ int ssl3_accept(SSL *s)
{
int offset=0;
int dgst_num;
s->state=SSL3_ST_SR_CERT_VRFY_A;
s->init_num=0;
@@ -536,8 +537,16 @@ int ssl3_accept(SSL *s)
for (dgst_num=0; dgst_num<SSL_MAX_DIGEST;dgst_num++)
if (s->s3->handshake_dgst[dgst_num])
{
int dgst_size;
s->method->ssl3_enc->cert_verify_mac(s,EVP_MD_CTX_type(s->s3->handshake_dgst[dgst_num]),&(s->s3->tmp.cert_verify_md[offset]));
offset+=EVP_MD_CTX_size(s->s3->handshake_dgst[dgst_num]);
dgst_size=EVP_MD_CTX_size(s->s3->handshake_dgst[dgst_num]);
if (dgst_size < 0)
{
ret = -1;
goto end;
}
offset+=dgst_size;
}
}
break;

3
ssl/ssl_ciph.c
View File

@@ -381,16 +381,19 @@ void ssl_load_ciphers(void)
EVP_get_digestbyname(SN_md5);
ssl_mac_secret_size[SSL_MD_MD5_IDX]=
EVP_MD_size(ssl_digest_methods[SSL_MD_MD5_IDX]);
OPENSSL_assert(ssl_mac_secret_size[SSL_MD_MD5_IDX] >= 0);
ssl_digest_methods[SSL_MD_SHA1_IDX]=
EVP_get_digestbyname(SN_sha1);
ssl_mac_secret_size[SSL_MD_SHA1_IDX]=
EVP_MD_size(ssl_digest_methods[SSL_MD_SHA1_IDX]);
OPENSSL_assert(ssl_mac_secret_size[SSL_MD_SHA1_IDX] >= 0);
ssl_digest_methods[SSL_MD_GOST94_IDX]=
EVP_get_digestbyname(SN_id_GostR3411_94);
if (ssl_digest_methods[SSL_MD_GOST94_IDX])
{
ssl_mac_secret_size[SSL_MD_GOST94_IDX]=
EVP_MD_size(ssl_digest_methods[SSL_MD_GOST94_IDX]);
OPENSSL_assert(ssl_mac_secret_size[SSL_MD_GOST94_IDX] >= 0);
}
ssl_digest_methods[SSL_MD_GOST89MAC_IDX]=
EVP_get_digestbyname(SN_id_Gost28147_89_MAC);

2
ssl/ssl_locl.h
View File

@@ -870,7 +870,7 @@ int ssl3_final_finish_mac(SSL *s, const char *sender, int slen,unsigned char *p)
int ssl3_cert_verify_mac(SSL *s, int md_nid, unsigned char *p);
void ssl3_finish_mac(SSL *s, const unsigned char *buf, int len);
int ssl3_enc(SSL *s, int send_data);
int ssl3_mac(SSL *ssl, unsigned char *md, int send_data);
int n_ssl3_mac(SSL *ssl, unsigned char *md, int send_data);
void ssl3_free_digest_list(SSL *s);
unsigned long ssl3_output_cert_chain(SSL *s, X509 *x);
SSL_CIPHER *ssl3_choose_cipher(SSL *ssl,STACK_OF(SSL_CIPHER) *clnt,

20
ssl/t1_enc.c
View File

@@ -163,6 +163,7 @@ static void tls1_P_hash(const EVP_MD *md, const unsigned char *sec,
unsigned int A1_len;
chunk=EVP_MD_size(md);
OPENSSL_assert(chunk >= 0);
HMAC_CTX_init(&ctx);
HMAC_CTX_init(&ctx_tmp);
@@ -605,7 +606,10 @@ int tls1_enc(SSL *s, int send)
if (send)
{
if (EVP_MD_CTX_md(s->write_hash))
{
n=EVP_MD_CTX_size(s->write_hash);
OPENSSL_assert(n >= 0);
}
ds=s->enc_write_ctx;
rec= &(s->s3->wrec);
if (s->enc_write_ctx == NULL)
@@ -616,7 +620,10 @@ int tls1_enc(SSL *s, int send)
else
{
if (EVP_MD_CTX_md(s->read_hash))
{
n=EVP_MD_CTX_size(s->read_hash);
OPENSSL_assert(n >= 0);
}
ds=s->enc_read_ctx;
rec= &(s->s3->rrec);
if (s->enc_read_ctx == NULL)
@@ -796,8 +803,8 @@ int tls1_final_finish_mac(SSL *s,
{
if (mask & s->s3->tmp.new_cipher->algorithm2)
{
unsigned int hashsize = EVP_MD_size(md);
if (hashsize > (sizeof buf - (size_t)(q-buf)))
int hashsize = EVP_MD_size(md);
if (hashsize < 0 || hashsize > (sizeof buf - (size_t)(q-buf)))
{
/* internal error: 'buf' is too small for this cipersuite! */
err = 1;
@@ -835,6 +842,7 @@ int tls1_mac(SSL *ssl, unsigned char *md, int send)
EVP_MD_CTX hmac, *mac_ctx;
unsigned char buf[5];
int stream_mac = (send?(ssl->mac_flags & SSL_MAC_FLAG_WRITE_MAC_STREAM):(ssl->mac_flags&SSL_MAC_FLAG_READ_MAC_STREAM));
int t;
if (send)
{
@@ -851,7 +859,9 @@ int tls1_mac(SSL *ssl, unsigned char *md, int send)
hash=ssl->read_hash;
}
md_size=EVP_MD_CTX_size(hash);
t=EVP_MD_CTX_size(hash);
OPENSSL_assert(t >= 0);
md_size=t;
buf[0]=rec->type;
buf[1]=(unsigned char)(ssl->version>>8);
@@ -884,7 +894,9 @@ int tls1_mac(SSL *ssl, unsigned char *md, int send)
EVP_DigestSignUpdate(mac_ctx,buf,5);
EVP_DigestSignUpdate(mac_ctx,rec->input,rec->length);
EVP_DigestSignFinal(mac_ctx,md,&md_size);
t=EVP_DigestSignFinal(mac_ctx,md,&md_size);
OPENSSL_assert(t > 0);
if (!stream_mac) EVP_MD_CTX_cleanup(&hmac);
#ifdef TLS_DEBUG
printf("sec=");

5
ssl/t1_lib.c
View File

@@ -1532,6 +1532,11 @@ static int tls_decrypt_ticket(SSL *s, const unsigned char *etick, int eticklen,
* integrity checks on ticket.
*/
mlen = HMAC_size(&hctx);
if (mlen < 0)
{
EVP_CIPHER_CTX_cleanup(&ctx);
return -1;
}
eticklen -= mlen;
/* Check HMAC of encrypted ticket */
HMAC_Update(&hctx, etick, eticklen);