summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authormiod <>2014-07-10 20:22:00 +0000
committermiod <>2014-07-10 20:22:00 +0000
commitb49f9185d82110f25ba34a9dfd3717c9d9c83a79 (patch)
treebe872e46075eefcc582d2c008dd63f5663a3a2f3 /src
parent9d441e0f87e5a0448670901b8098808268b7d10c (diff)
downloadopenbsd-b49f9185d82110f25ba34a9dfd3717c9d9c83a79.tar.gz
openbsd-b49f9185d82110f25ba34a9dfd3717c9d9c83a79.tar.bz2
openbsd-b49f9185d82110f25ba34a9dfd3717c9d9c83a79.zip
Make sure srp_Calc_k() digest operations are checked for error; from
Florian Zumbiehl (florz , florz . de) on tech@
Diffstat (limited to 'src')
-rw-r--r--src/lib/libcrypto/srp/srp_lib.c26
-rw-r--r--src/lib/libssl/src/crypto/srp/srp_lib.c26
2 files changed, 34 insertions, 18 deletions
diff --git a/src/lib/libcrypto/srp/srp_lib.c b/src/lib/libcrypto/srp/srp_lib.c
index a57ee3640f..19056d4008 100644
--- a/src/lib/libcrypto/srp/srp_lib.c
+++ b/src/lib/libcrypto/srp/srp_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: srp_lib.c,v 1.6 2014/07/10 20:18:51 miod Exp $ */ 1/* $OpenBSD: srp_lib.c,v 1.7 2014/07/10 20:22:00 miod Exp $ */
2/* Written by Christophe Renou (christophe.renou@edelweb.fr) with 2/* Written by Christophe Renou (christophe.renou@edelweb.fr) with
3 * the precious help of Peter Sylvester (peter.sylvester@edelweb.fr) 3 * the precious help of Peter Sylvester (peter.sylvester@edelweb.fr)
4 * for the EdelKey project and contributed to the OpenSSL project 2004. 4 * for the EdelKey project and contributed to the OpenSSL project 2004.
@@ -84,7 +84,8 @@ static BIGNUM *srp_Calc_k(BIGNUM *N, BIGNUM *g)
84 unsigned char digest[SHA_DIGEST_LENGTH]; 84 unsigned char digest[SHA_DIGEST_LENGTH];
85 unsigned char *tmp; 85 unsigned char *tmp;
86 EVP_MD_CTX ctxt; 86 EVP_MD_CTX ctxt;
87 int longg ; 87 BIGNUM *ret = NULL;
88 int longg;
88 int longN = BN_num_bytes(N); 89 int longN = BN_num_bytes(N);
89 90
90 if ((tmp = malloc(longN)) == NULL) 91 if ((tmp = malloc(longN)) == NULL)
@@ -92,19 +93,26 @@ static BIGNUM *srp_Calc_k(BIGNUM *N, BIGNUM *g)
92 BN_bn2bin(N,tmp); 93 BN_bn2bin(N,tmp);
93 94
94 EVP_MD_CTX_init(&ctxt); 95 EVP_MD_CTX_init(&ctxt);
95 EVP_DigestInit_ex(&ctxt, EVP_sha1(), NULL); 96 if (!EVP_DigestInit_ex(&ctxt, EVP_sha1(), NULL))
96 EVP_DigestUpdate(&ctxt, tmp, longN); 97 goto err;
98 if (!EVP_DigestUpdate(&ctxt, tmp, longN))
99 goto err;
97 100
98 memset(tmp, 0, longN); 101 memset(tmp, 0, longN);
99 longg = BN_bn2bin(g,tmp); 102 longg = BN_bn2bin(g,tmp);
100 /* use the zeros behind to pad on left */ 103 /* use the zeros behind to pad on left */
101 EVP_DigestUpdate(&ctxt, tmp + longg, longN-longg); 104 if (!EVP_DigestUpdate(&ctxt, tmp + longg, longN-longg))
102 EVP_DigestUpdate(&ctxt, tmp, longg); 105 goto err;
103 free(tmp); 106 if (!EVP_DigestUpdate(&ctxt, tmp, longg))
107 goto err;
104 108
105 EVP_DigestFinal_ex(&ctxt, digest, NULL); 109 if (!EVP_DigestFinal_ex(&ctxt, digest, NULL))
110 goto err;
111 ret = BN_bin2bn(digest, sizeof(digest), NULL);
112err:
106 EVP_MD_CTX_cleanup(&ctxt); 113 EVP_MD_CTX_cleanup(&ctxt);
107 return BN_bin2bn(digest, sizeof(digest), NULL); 114 free(tmp);
115 return ret;
108 } 116 }
109 117
110BIGNUM *SRP_Calc_u(BIGNUM *A, BIGNUM *B, BIGNUM *N) 118BIGNUM *SRP_Calc_u(BIGNUM *A, BIGNUM *B, BIGNUM *N)
diff --git a/src/lib/libssl/src/crypto/srp/srp_lib.c b/src/lib/libssl/src/crypto/srp/srp_lib.c
index a57ee3640f..19056d4008 100644
--- a/src/lib/libssl/src/crypto/srp/srp_lib.c
+++ b/src/lib/libssl/src/crypto/srp/srp_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: srp_lib.c,v 1.6 2014/07/10 20:18:51 miod Exp $ */ 1/* $OpenBSD: srp_lib.c,v 1.7 2014/07/10 20:22:00 miod Exp $ */
2/* Written by Christophe Renou (christophe.renou@edelweb.fr) with 2/* Written by Christophe Renou (christophe.renou@edelweb.fr) with
3 * the precious help of Peter Sylvester (peter.sylvester@edelweb.fr) 3 * the precious help of Peter Sylvester (peter.sylvester@edelweb.fr)
4 * for the EdelKey project and contributed to the OpenSSL project 2004. 4 * for the EdelKey project and contributed to the OpenSSL project 2004.
@@ -84,7 +84,8 @@ static BIGNUM *srp_Calc_k(BIGNUM *N, BIGNUM *g)
84 unsigned char digest[SHA_DIGEST_LENGTH]; 84 unsigned char digest[SHA_DIGEST_LENGTH];
85 unsigned char *tmp; 85 unsigned char *tmp;
86 EVP_MD_CTX ctxt; 86 EVP_MD_CTX ctxt;
87 int longg ; 87 BIGNUM *ret = NULL;
88 int longg;
88 int longN = BN_num_bytes(N); 89 int longN = BN_num_bytes(N);
89 90
90 if ((tmp = malloc(longN)) == NULL) 91 if ((tmp = malloc(longN)) == NULL)
@@ -92,19 +93,26 @@ static BIGNUM *srp_Calc_k(BIGNUM *N, BIGNUM *g)
92 BN_bn2bin(N,tmp); 93 BN_bn2bin(N,tmp);
93 94
94 EVP_MD_CTX_init(&ctxt); 95 EVP_MD_CTX_init(&ctxt);
95 EVP_DigestInit_ex(&ctxt, EVP_sha1(), NULL); 96 if (!EVP_DigestInit_ex(&ctxt, EVP_sha1(), NULL))
96 EVP_DigestUpdate(&ctxt, tmp, longN); 97 goto err;
98 if (!EVP_DigestUpdate(&ctxt, tmp, longN))
99 goto err;
97 100
98 memset(tmp, 0, longN); 101 memset(tmp, 0, longN);
99 longg = BN_bn2bin(g,tmp); 102 longg = BN_bn2bin(g,tmp);
100 /* use the zeros behind to pad on left */ 103 /* use the zeros behind to pad on left */
101 EVP_DigestUpdate(&ctxt, tmp + longg, longN-longg); 104 if (!EVP_DigestUpdate(&ctxt, tmp + longg, longN-longg))
102 EVP_DigestUpdate(&ctxt, tmp, longg); 105 goto err;
103 free(tmp); 106 if (!EVP_DigestUpdate(&ctxt, tmp, longg))
107 goto err;
104 108
105 EVP_DigestFinal_ex(&ctxt, digest, NULL); 109 if (!EVP_DigestFinal_ex(&ctxt, digest, NULL))
110 goto err;
111 ret = BN_bin2bn(digest, sizeof(digest), NULL);
112err:
106 EVP_MD_CTX_cleanup(&ctxt); 113 EVP_MD_CTX_cleanup(&ctxt);
107 return BN_bin2bn(digest, sizeof(digest), NULL); 114 free(tmp);
115 return ret;
108 } 116 }
109 117
110BIGNUM *SRP_Calc_u(BIGNUM *A, BIGNUM *B, BIGNUM *N) 118BIGNUM *SRP_Calc_u(BIGNUM *A, BIGNUM *B, BIGNUM *N)
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-22 17:58:35 +0000