diff options
| author | jsing <> | 2022-01-11 18:28:41 +0000 |
|---|---|---|
| committer | jsing <> | 2022-01-11 18:28:41 +0000 |
| commit | 7af437db632fa247609a08c8b60d48ae34bf3d68 (patch) | |
| tree | b1b5872add715360561434ded72edd4aac2d3950 /src/lib/libssl/ssl_kex.c | |
| parent | c48aae5cc38995b3b04baaf61334783d01a7772e (diff) | |
| download | openbsd-7af437db632fa247609a08c8b60d48ae34bf3d68.tar.gz openbsd-7af437db632fa247609a08c8b60d48ae34bf3d68.tar.bz2 openbsd-7af437db632fa247609a08c8b60d48ae34bf3d68.zip | |
Plumb decode errors through key share parsing code.
Distinguish between decode errors and other errors, so that we can send
a SSL_AD_DECODE_ERROR alert when appropriate.
Fixes a tlsfuzzer failure, due to it expecting a decode error alert and
not receiving one.
Prompted by anton@
ok tb@
Diffstat (limited to 'src/lib/libssl/ssl_kex.c')
| -rw-r--r-- | src/lib/libssl/ssl_kex.c | 22 |
1 files changed, 16 insertions, 6 deletions
diff --git a/src/lib/libssl/ssl_kex.c b/src/lib/libssl/ssl_kex.c index 78b528b168..cd6713b8b2 100644 --- a/src/lib/libssl/ssl_kex.c +++ b/src/lib/libssl/ssl_kex.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_kex.c,v 1.8 2021/12/04 14:03:22 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_kex.c,v 1.9 2022/01/11 18:28:41 jsing Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2020, 2021 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2020, 2021 Joel Sing <jsing@openbsd.org> |
| 4 | * | 4 | * |
| @@ -156,18 +156,24 @@ ssl_kex_public_dhe(DH *dh, CBB *cbb) | |||
| 156 | } | 156 | } |
| 157 | 157 | ||
| 158 | int | 158 | int |
| 159 | ssl_kex_peer_params_dhe(DH *dh, CBS *cbs, int *invalid_params) | 159 | ssl_kex_peer_params_dhe(DH *dh, CBS *cbs, int *decode_error, |
| 160 | int *invalid_params) | ||
| 160 | { | 161 | { |
| 161 | BIGNUM *p = NULL, *g = NULL; | 162 | BIGNUM *p = NULL, *g = NULL; |
| 162 | CBS dh_p, dh_g; | 163 | CBS dh_p, dh_g; |
| 163 | int ret = 0; | 164 | int ret = 0; |
| 164 | 165 | ||
| 166 | *decode_error = 0; | ||
| 165 | *invalid_params = 0; | 167 | *invalid_params = 0; |
| 166 | 168 | ||
| 167 | if (!CBS_get_u16_length_prefixed(cbs, &dh_p)) | 169 | if (!CBS_get_u16_length_prefixed(cbs, &dh_p)) { |
| 170 | *decode_error = 1; | ||
| 168 | goto err; | 171 | goto err; |
| 169 | if (!CBS_get_u16_length_prefixed(cbs, &dh_g)) | 172 | } |
| 173 | if (!CBS_get_u16_length_prefixed(cbs, &dh_g)) { | ||
| 174 | *decode_error = 1; | ||
| 170 | goto err; | 175 | goto err; |
| 176 | } | ||
| 171 | 177 | ||
| 172 | if ((p = BN_bin2bn(CBS_data(&dh_p), CBS_len(&dh_p), NULL)) == NULL) | 178 | if ((p = BN_bin2bn(CBS_data(&dh_p), CBS_len(&dh_p), NULL)) == NULL) |
| 173 | goto err; | 179 | goto err; |
| @@ -194,17 +200,21 @@ ssl_kex_peer_params_dhe(DH *dh, CBS *cbs, int *invalid_params) | |||
| 194 | } | 200 | } |
| 195 | 201 | ||
| 196 | int | 202 | int |
| 197 | ssl_kex_peer_public_dhe(DH *dh, CBS *cbs, int *invalid_key) | 203 | ssl_kex_peer_public_dhe(DH *dh, CBS *cbs, int *decode_error, |
| 204 | int *invalid_key) | ||
| 198 | { | 205 | { |
| 199 | BIGNUM *pub_key = NULL; | 206 | BIGNUM *pub_key = NULL; |
| 200 | int check_flags; | 207 | int check_flags; |
| 201 | CBS dh_y; | 208 | CBS dh_y; |
| 202 | int ret = 0; | 209 | int ret = 0; |
| 203 | 210 | ||
| 211 | *decode_error = 0; | ||
| 204 | *invalid_key = 0; | 212 | *invalid_key = 0; |
| 205 | 213 | ||
| 206 | if (!CBS_get_u16_length_prefixed(cbs, &dh_y)) | 214 | if (!CBS_get_u16_length_prefixed(cbs, &dh_y)) { |
| 215 | *decode_error = 1; | ||
| 207 | goto err; | 216 | goto err; |
| 217 | } | ||
| 208 | 218 | ||
| 209 | if ((pub_key = BN_bin2bn(CBS_data(&dh_y), CBS_len(&dh_y), | 219 | if ((pub_key = BN_bin2bn(CBS_data(&dh_y), CBS_len(&dh_y), |
| 210 | NULL)) == NULL) | 220 | NULL)) == NULL) |