summaryrefslogtreecommitdiff
path: root/src/lib
diff options
context:
space:
mode:
authorjsing <>2021-03-02 17:16:44 +0000
committerjsing <>2021-03-02 17:16:44 +0000
commit41eba74fe32bb91e096569a41b98217375310913 (patch)
treed7bb425b461747053e699d208e9d25298933445d /src/lib
parent98935779b72cb6af2c61e5b3f22b3314433bcac7 (diff)
downloadopenbsd-41eba74fe32bb91e096569a41b98217375310913.tar.gz
openbsd-41eba74fe32bb91e096569a41b98217375310913.tar.bz2
openbsd-41eba74fe32bb91e096569a41b98217375310913.zip
Add tls12_record_protection_unused() and call from CCS functions.
This moves the check closer to where a leak could occur and checks all pointers in the struct. Suggested by tb@ during review. ok tb@
Diffstat (limited to 'src/lib')
-rw-r--r--src/lib/libssl/tls12_record_layer.c25
1 files changed, 17 insertions, 8 deletions
diff --git a/src/lib/libssl/tls12_record_layer.c b/src/lib/libssl/tls12_record_layer.c
index b7e891d268..d69370d025 100644
--- a/src/lib/libssl/tls12_record_layer.c
+++ b/src/lib/libssl/tls12_record_layer.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: tls12_record_layer.c,v 1.19 2021/02/27 14:20:50 jsing Exp $ */ 1/* $OpenBSD: tls12_record_layer.c,v 1.20 2021/03/02 17:16:44 jsing Exp $ */
2/* 2/*
3 * Copyright (c) 2020 Joel Sing <jsing@openbsd.org> 3 * Copyright (c) 2020 Joel Sing <jsing@openbsd.org>
4 * 4 *
@@ -28,13 +28,13 @@ struct tls12_record_protection {
28 28
29 SSL_AEAD_CTX *aead_ctx; 29 SSL_AEAD_CTX *aead_ctx;
30 30
31 EVP_CIPHER_CTX *cipher_ctx;
32 EVP_MD_CTX *hash_ctx;
33
31 int stream_mac; 34 int stream_mac;
32 35
33 uint8_t *mac_key; 36 uint8_t *mac_key;
34 size_t mac_key_len; 37 size_t mac_key_len;
35
36 EVP_CIPHER_CTX *cipher_ctx;
37 EVP_MD_CTX *hash_ctx;
38}; 38};
39 39
40static struct tls12_record_protection * 40static struct tls12_record_protection *
@@ -83,6 +83,13 @@ tls12_record_protection_engaged(struct tls12_record_protection *rp)
83} 83}
84 84
85static int 85static int
86tls12_record_protection_unused(struct tls12_record_protection *rp)
87{
88 return rp->aead_ctx == NULL && rp->cipher_ctx == NULL &&
89 rp->hash_ctx == NULL && rp->mac_key == NULL;
90}
91
92static int
86tls12_record_protection_eiv_len(struct tls12_record_protection *rp, 93tls12_record_protection_eiv_len(struct tls12_record_protection *rp,
87 size_t *out_eiv_len) 94 size_t *out_eiv_len)
88{ 95{
@@ -363,6 +370,9 @@ tls12_record_layer_ccs_aead(struct tls12_record_layer *rl,
363{ 370{
364 size_t aead_nonce_len = EVP_AEAD_nonce_length(rl->aead); 371 size_t aead_nonce_len = EVP_AEAD_nonce_length(rl->aead);
365 372
373 if (!tls12_record_protection_unused(rp))
374 return 0;
375
366 if ((rp->aead_ctx = calloc(1, sizeof(*rp->aead_ctx))) == NULL) 376 if ((rp->aead_ctx = calloc(1, sizeof(*rp->aead_ctx))) == NULL)
367 return 0; 377 return 0;
368 378
@@ -414,6 +424,9 @@ tls12_record_layer_ccs_cipher(struct tls12_record_layer *rl,
414 int mac_type; 424 int mac_type;
415 int ret = 0; 425 int ret = 0;
416 426
427 if (!tls12_record_protection_unused(rp))
428 return 0;
429
417 mac_type = EVP_PKEY_HMAC; 430 mac_type = EVP_PKEY_HMAC;
418 rp->stream_mac = 0; 431 rp->stream_mac = 0;
419 432
@@ -479,10 +492,6 @@ tls12_record_layer_change_cipher_state(struct tls12_record_layer *rl,
479 size_t mac_key_len, const uint8_t *key, size_t key_len, const uint8_t *iv, 492 size_t mac_key_len, const uint8_t *key, size_t key_len, const uint8_t *iv,
480 size_t iv_len) 493 size_t iv_len)
481{ 494{
482 /* Require unused record protection. */
483 if (rp->cipher_ctx != NULL || rp->aead_ctx != NULL)
484 return 0;
485
486 if (mac_key_len > INT_MAX || key_len > INT_MAX || iv_len > INT_MAX) 495 if (mac_key_len > INT_MAX || key_len > INT_MAX || iv_len > INT_MAX)
487 return 0; 496 return 0;
488 497
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-23 00:52:48 +0000