Ensure all EVP calls have their returns checked where appropriate
There are lots of calls to EVP functions from within libssl There were various places where we should probably check the return value but don't. This adds these checks. Reviewed-by: Richard Levitte <levitte@openssl.org>
This commit is contained in:
Matt Caswell
@@ -1961,15 +1961,21 @@ MSG_PROCESS_RETURN tls_process_key_exchange(SSL *s, PACKET *pkt)
|
||||
q = md_buf;
|
||||
for (num = 2; num > 0; num--) {
|
||||
EVP_MD_CTX_set_flags(&md_ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
|
||||
EVP_DigestInit_ex(&md_ctx, (num == 2)
|
||||
? s->ctx->md5 : s->ctx->sha1, NULL);
|
||||
EVP_DigestUpdate(&md_ctx, &(s->s3->client_random[0]),
|
||||
SSL3_RANDOM_SIZE);
|
||||
EVP_DigestUpdate(&md_ctx, &(s->s3->server_random[0]),
|
||||
SSL3_RANDOM_SIZE);
|
||||
EVP_DigestUpdate(&md_ctx, PACKET_data(¶ms),
|
||||
PACKET_remaining(¶ms));
|
||||
EVP_DigestFinal_ex(&md_ctx, q, &size);
|
||||
if (EVP_DigestInit_ex(&md_ctx,
|
||||
(num == 2) ? s->ctx->md5 : s->ctx->sha1,
|
||||
NULL) <= 0
|
||||
|| EVP_DigestUpdate(&md_ctx, &(s->s3->client_random[0]),
|
||||
SSL3_RANDOM_SIZE) <= 0
|
||||
|| EVP_DigestUpdate(&md_ctx, &(s->s3->server_random[0]),
|
||||
SSL3_RANDOM_SIZE) <= 0
|
||||
|| EVP_DigestUpdate(&md_ctx, PACKET_data(¶ms),
|
||||
PACKET_remaining(¶ms)) <= 0
|
||||
|| EVP_DigestFinal_ex(&md_ctx, q, &size) <= 0) {
|
||||
SSLerr(SSL_F_TLS_PROCESS_KEY_EXCHANGE,
|
||||
ERR_R_INTERNAL_ERROR);
|
||||
al = SSL_AD_INTERNAL_ERROR;
|
||||
goto f_err;
|
||||
}
|
||||
q += size;
|
||||
j += size;
|
||||
}
|
||||
@@ -1990,13 +1996,17 @@ MSG_PROCESS_RETURN tls_process_key_exchange(SSL *s, PACKET *pkt)
|
||||
} else
|
||||
#endif
|
||||
{
|
||||
EVP_VerifyInit_ex(&md_ctx, md, NULL);
|
||||
EVP_VerifyUpdate(&md_ctx, &(s->s3->client_random[0]),
|
||||
SSL3_RANDOM_SIZE);
|
||||
EVP_VerifyUpdate(&md_ctx, &(s->s3->server_random[0]),
|
||||
SSL3_RANDOM_SIZE);
|
||||
EVP_VerifyUpdate(&md_ctx, PACKET_data(¶ms),
|
||||
PACKET_remaining(¶ms));
|
||||
if (EVP_VerifyInit_ex(&md_ctx, md, NULL) <= 0
|
||||
|| EVP_VerifyUpdate(&md_ctx, &(s->s3->client_random[0]),
|
||||
SSL3_RANDOM_SIZE) <= 0
|
||||
|| EVP_VerifyUpdate(&md_ctx, &(s->s3->server_random[0]),
|
||||
SSL3_RANDOM_SIZE) <= 0
|
||||
|| EVP_VerifyUpdate(&md_ctx, PACKET_data(¶ms),
|
||||
PACKET_remaining(¶ms)) <= 0) {
|
||||
al = SSL_AD_INTERNAL_ERROR;
|
||||
SSLerr(SSL_F_TLS_PROCESS_KEY_EXCHANGE, ERR_R_EVP_LIB);
|
||||
goto f_err;
|
||||
}
|
||||
if (EVP_VerifyFinal(&md_ctx, PACKET_data(&signature),
|
||||
PACKET_remaining(&signature), pkey) <= 0) {
|
||||
/* bad signature */
|
||||
@@ -2786,16 +2796,16 @@ psk_err:
|
||||
}
|
||||
/*
|
||||
* If we have send a certificate, and certificate key
|
||||
*
|
||||
* * parameters match those of server certificate, use
|
||||
* parameters match those of server certificate, use
|
||||
* certificate key for key exchange
|
||||
*/
|
||||
|
||||
/* Otherwise, generate ephemeral key pair */
|
||||
|
||||
EVP_PKEY_encrypt_init(pkey_ctx);
|
||||
/* Generate session key */
|
||||
if (RAND_bytes(pms, pmslen) <= 0) {
|
||||
if (pkey_ctx == NULL
|
||||
|| EVP_PKEY_encrypt_init(pkey_ctx) <= 0
|
||||
/* Generate session key */
|
||||
|| RAND_bytes(pms, pmslen) <= 0) {
|
||||
EVP_PKEY_CTX_free(pkey_ctx);
|
||||
SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_KEY_EXCHANGE,
|
||||
ERR_R_INTERNAL_ERROR);
|
||||
@@ -2819,13 +2829,18 @@ psk_err:
|
||||
* data
|
||||
*/
|
||||
ukm_hash = EVP_MD_CTX_create();
|
||||
EVP_DigestInit(ukm_hash,
|
||||
EVP_get_digestbynid(NID_id_GostR3411_94));
|
||||
EVP_DigestUpdate(ukm_hash, s->s3->client_random,
|
||||
SSL3_RANDOM_SIZE);
|
||||
EVP_DigestUpdate(ukm_hash, s->s3->server_random,
|
||||
SSL3_RANDOM_SIZE);
|
||||
EVP_DigestFinal_ex(ukm_hash, shared_ukm, &md_len);
|
||||
if (EVP_DigestInit(ukm_hash,
|
||||
EVP_get_digestbynid(NID_id_GostR3411_94)) <= 0
|
||||
|| EVP_DigestUpdate(ukm_hash, s->s3->client_random,
|
||||
SSL3_RANDOM_SIZE) <= 0
|
||||
|| EVP_DigestUpdate(ukm_hash, s->s3->server_random,
|
||||
SSL3_RANDOM_SIZE) <= 0
|
||||
|| EVP_DigestFinal_ex(ukm_hash, shared_ukm, &md_len) <= 0) {
|
||||
EVP_MD_CTX_destroy(ukm_hash);
|
||||
SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_KEY_EXCHANGE,
|
||||
ERR_R_INTERNAL_ERROR);
|
||||
goto err;
|
||||
}
|
||||
EVP_MD_CTX_destroy(ukm_hash);
|
||||
if (EVP_PKEY_CTX_ctrl
|
||||
(pkey_ctx, -1, EVP_PKEY_OP_ENCRYPT, EVP_PKEY_CTRL_SET_IV, 8,
|
||||
@@ -2840,7 +2855,7 @@ psk_err:
|
||||
*/
|
||||
*(p++) = V_ASN1_SEQUENCE | V_ASN1_CONSTRUCTED;
|
||||
msglen = 255;
|
||||
if (EVP_PKEY_encrypt(pkey_ctx, tmp, &msglen, pms, pmslen) < 0) {
|
||||
if (EVP_PKEY_encrypt(pkey_ctx, tmp, &msglen, pms, pmslen) <= 0) {
|
||||
SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_KEY_EXCHANGE,
|
||||
SSL_R_LIBRARY_BUG);
|
||||
goto err;
|
||||
@@ -3006,7 +3021,10 @@ int tls_construct_client_verify(SSL *s)
|
||||
SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_VERIFY, ERR_R_MALLOC_FAILURE);
|
||||
goto err;
|
||||
}
|
||||
EVP_PKEY_sign_init(pctx);
|
||||
if (EVP_PKEY_sign_init(pctx) <= 0) {
|
||||
SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_VERIFY, ERR_R_INTERNAL_ERROR);
|
||||
goto err;
|
||||
}
|
||||
if (EVP_PKEY_CTX_set_signature_md(pctx, EVP_sha1()) > 0) {
|
||||
if (!SSL_USE_SIGALGS(s))
|
||||
s->method->ssl3_enc->cert_verify_mac(s,
|
||||
|
||||
Reference in New Issue
Block a user