diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/libssl/ssl_clnt.c | 10 | ||||
| -rw-r--r-- | src/lib/libssl/ssl_kex.c | 16 | ||||
| -rw-r--r-- | src/lib/libssl/ssl_locl.h | 4 |
3 files changed, 22 insertions, 8 deletions
diff --git a/src/lib/libssl/ssl_clnt.c b/src/lib/libssl/ssl_clnt.c index b349f24cb0..04b3132d35 100644 --- a/src/lib/libssl/ssl_clnt.c +++ b/src/lib/libssl/ssl_clnt.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_clnt.c,v 1.120 2021/11/29 16:00:32 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_clnt.c,v 1.121 2021/12/04 13:15:10 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -1223,6 +1223,7 @@ ssl3_get_server_certificate(SSL *s) | |||
| 1223 | static int | 1223 | static int |
| 1224 | ssl3_get_server_kex_dhe(SSL *s, EVP_PKEY **pkey, CBS *cbs) | 1224 | ssl3_get_server_kex_dhe(SSL *s, EVP_PKEY **pkey, CBS *cbs) |
| 1225 | { | 1225 | { |
| 1226 | int invalid_key; | ||
| 1226 | SESS_CERT *sc = NULL; | 1227 | SESS_CERT *sc = NULL; |
| 1227 | DH *dh = NULL; | 1228 | DH *dh = NULL; |
| 1228 | long alg_a; | 1229 | long alg_a; |
| @@ -1235,7 +1236,7 @@ ssl3_get_server_kex_dhe(SSL *s, EVP_PKEY **pkey, CBS *cbs) | |||
| 1235 | 1236 | ||
| 1236 | if (!ssl_kex_peer_params_dhe(dh, cbs)) | 1237 | if (!ssl_kex_peer_params_dhe(dh, cbs)) |
| 1237 | goto decode_err; | 1238 | goto decode_err; |
| 1238 | if (!ssl_kex_peer_public_dhe(dh, cbs)) | 1239 | if (!ssl_kex_peer_public_dhe(dh, cbs, &invalid_key)) |
| 1239 | goto decode_err; | 1240 | goto decode_err; |
| 1240 | 1241 | ||
| 1241 | /* | 1242 | /* |
| @@ -1246,6 +1247,11 @@ ssl3_get_server_kex_dhe(SSL *s, EVP_PKEY **pkey, CBS *cbs) | |||
| 1246 | SSLerror(s, SSL_R_BAD_DH_P_LENGTH); | 1247 | SSLerror(s, SSL_R_BAD_DH_P_LENGTH); |
| 1247 | goto err; | 1248 | goto err; |
| 1248 | } | 1249 | } |
| 1250 | if (invalid_key) { | ||
| 1251 | ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_ILLEGAL_PARAMETER); | ||
| 1252 | SSLerror(s, SSL_R_BAD_DH_PUB_KEY_LENGTH); | ||
| 1253 | goto err; | ||
| 1254 | } | ||
| 1249 | 1255 | ||
| 1250 | if (alg_a & SSL_aRSA) | 1256 | if (alg_a & SSL_aRSA) |
| 1251 | *pkey = X509_get_pubkey(sc->peer_pkeys[SSL_PKEY_RSA].x509); | 1257 | *pkey = X509_get_pubkey(sc->peer_pkeys[SSL_PKEY_RSA].x509); |
diff --git a/src/lib/libssl/ssl_kex.c b/src/lib/libssl/ssl_kex.c index 9af440d827..68d83cedbe 100644 --- a/src/lib/libssl/ssl_kex.c +++ b/src/lib/libssl/ssl_kex.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_kex.c,v 1.5 2021/11/30 18:17:03 tb Exp $ */ | 1 | /* $OpenBSD: ssl_kex.c,v 1.6 2021/12/04 13:15:10 jsing Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2020 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2020 Joel Sing <jsing@openbsd.org> |
| 4 | * | 4 | * |
| @@ -142,23 +142,31 @@ ssl_kex_peer_params_dhe(DH *dh, CBS *cbs) | |||
| 142 | } | 142 | } |
| 143 | 143 | ||
| 144 | int | 144 | int |
| 145 | ssl_kex_peer_public_dhe(DH *dh, CBS *cbs) | 145 | ssl_kex_peer_public_dhe(DH *dh, CBS *cbs, int *invalid_key) |
| 146 | { | 146 | { |
| 147 | CBS dh_y; | ||
| 148 | BIGNUM *pub_key = NULL; | 147 | BIGNUM *pub_key = NULL; |
| 148 | int check_flags; | ||
| 149 | CBS dh_y; | ||
| 149 | int ret = 0; | 150 | int ret = 0; |
| 150 | 151 | ||
| 152 | *invalid_key = 0; | ||
| 153 | |||
| 151 | if (!CBS_get_u16_length_prefixed(cbs, &dh_y)) | 154 | if (!CBS_get_u16_length_prefixed(cbs, &dh_y)) |
| 152 | goto err; | 155 | goto err; |
| 156 | |||
| 153 | if ((pub_key = BN_bin2bn(CBS_data(&dh_y), CBS_len(&dh_y), | 157 | if ((pub_key = BN_bin2bn(CBS_data(&dh_y), CBS_len(&dh_y), |
| 154 | NULL)) == NULL) | 158 | NULL)) == NULL) |
| 155 | goto err; | 159 | goto err; |
| 156 | 160 | ||
| 157 | if (!DH_set0_key(dh, pub_key, NULL)) | 161 | if (!DH_set0_key(dh, pub_key, NULL)) |
| 158 | goto err; | 162 | goto err; |
| 159 | |||
| 160 | pub_key = NULL; | 163 | pub_key = NULL; |
| 161 | 164 | ||
| 165 | if (!DH_check_pub_key(dh, dh->pub_key, &check_flags)) | ||
| 166 | goto err; | ||
| 167 | if (check_flags != 0) | ||
| 168 | *invalid_key = 1; | ||
| 169 | |||
| 162 | ret = 1; | 170 | ret = 1; |
| 163 | 171 | ||
| 164 | err: | 172 | err: |
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h index 7810bcd05e..93bdd2a4fc 100644 --- a/src/lib/libssl/ssl_locl.h +++ b/src/lib/libssl/ssl_locl.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_locl.h,v 1.369 2021/11/29 16:00:32 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_locl.h,v 1.370 2021/12/04 13:15:10 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -1451,7 +1451,7 @@ int ssl_kex_generate_dhe(DH *dh, DH *dh_params); | |||
| 1451 | int ssl_kex_params_dhe(DH *dh, CBB *cbb); | 1451 | int ssl_kex_params_dhe(DH *dh, CBB *cbb); |
| 1452 | int ssl_kex_public_dhe(DH *dh, CBB *cbb); | 1452 | int ssl_kex_public_dhe(DH *dh, CBB *cbb); |
| 1453 | int ssl_kex_peer_params_dhe(DH *dh, CBS *cbs); | 1453 | int ssl_kex_peer_params_dhe(DH *dh, CBS *cbs); |
| 1454 | int ssl_kex_peer_public_dhe(DH *dh, CBS *cbs); | 1454 | int ssl_kex_peer_public_dhe(DH *dh, CBS *cbs, int *invalid_key); |
| 1455 | int ssl_kex_derive_dhe(DH *dh, DH *dh_peer, | 1455 | int ssl_kex_derive_dhe(DH *dh, DH *dh_peer, |
| 1456 | uint8_t **shared_key, size_t *shared_key_len); | 1456 | uint8_t **shared_key, size_t *shared_key_len); |
| 1457 | 1457 | ||