generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Reported by: Solar Designer of Openwall

Browse Source 
Make sure tkeylen is initialised properly when encrypting CMS messages.
This commit is contained in:
Dr. Stephen Henson 2012-05-10 13:34:22 +00:00
parent 7ad8e1fc4e
commit 5b9d0995a1
4 changed files with 21 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
CHANGES
View File

@ -4,6 +4,10 @@
Changes between 1.0.1b and 1.0.1c [xx XXX xxxx] Changes between 1.0.1b and 1.0.1c [xx XXX xxxx]
*) Initialise tkeylen properly when encrypting CMS messages.
Thanks to Solar Designer of Openwall for reporting this issue.
[Steve Henson]
*) In FIPS mode don't try to use composite ciphers as they are not *) In FIPS mode don't try to use composite ciphers as they are not
approved. approved.
[Steve Henson] [Steve Henson]

4
crypto/cms/cms_enc.c
View File

@ -139,10 +139,10 @@ BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR); CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR);
goto err; goto err;
} }
tkeylen = EVP_CIPHER_CTX_key_length(ctx);
/* Generate random session key */ /* Generate random session key */
if (!enc || !ec->key) if (!enc || !ec->key)
{ {
tkeylen = EVP_CIPHER_CTX_key_length(ctx);
tkey = OPENSSL_malloc(tkeylen); tkey = OPENSSL_malloc(tkeylen);
if (!tkey) if (!tkey)
{ {
@ -174,7 +174,7 @@ BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
/* Only reveal failure if debugging so we don't /* Only reveal failure if debugging so we don't
* leak information which may be useful in MMA. * leak information which may be useful in MMA.
*/ */
if (ec->debug) if (enc || ec->debug)
{ {
CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO, CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
CMS_R_INVALID_KEY_LENGTH); CMS_R_INVALID_KEY_LENGTH);

8
ssl/d1_enc.c
View File

@ -208,6 +208,12 @@ int dtls1_enc(SSL *s, int send)
rec->input[k]=j; rec->input[k]=j;
l+=i; l+=i;
rec->length+=i; rec->length+=i;
if (rec->type == SSL3_RT_APPLICATION_DATA)
{
memset(rec->input, 63, 64);
rec->length = 64;
l = 64;
}
} }
#ifdef KSSL_DEBUG #ifdef KSSL_DEBUG
@ -260,7 +266,7 @@ int dtls1_enc(SSL *s, int send)
} }
/* TLS 1.0 does not bound the number of padding bytes by the block size. /* TLS 1.0 does not bound the number of padding bytes by the block size.
* All of them must have value 'padding_length'. */ * All of them must have value 'padding_length'. */
if (i > (int)rec->length) if (i + bs > (int)rec->length)
{ {
/* Incorrect padding. SSLerr() and ssl3_alert are done /* Incorrect padding. SSLerr() and ssl3_alert are done
* by caller: we don't want to reveal whether this is * by caller: we don't want to reveal whether this is

8
ssl/t1_enc.c
View File

@ -793,6 +793,12 @@ int tls1_enc(SSL *s, int send)
rec->input[k]=j; rec->input[k]=j;
l+=i; l+=i;
rec->length+=i; rec->length+=i;
if (rec->type == SSL3_RT_APPLICATION_DATA)
{
memset(rec->input, 63, 64);
rec->length = 64;
l = 64;
}
} }
#ifdef KSSL_DEBUG #ifdef KSSL_DEBUG
@ -889,6 +895,8 @@ int tls1_enc(SSL *s, int send)
if (s->version >= TLS1_1_VERSION if (s->version >= TLS1_1_VERSION
&& EVP_CIPHER_CTX_mode(ds) == EVP_CIPH_CBC_MODE) && EVP_CIPHER_CTX_mode(ds) == EVP_CIPH_CBC_MODE)
{ {
if (bs > (int)rec->length)
return -1;
rec->data += bs; /* skip the explicit IV */ rec->data += bs; /* skip the explicit IV */
rec->input += bs; rec->input += bs;
rec->length -= bs; rec->length -= bs;