]> git.ipfire.org Git - thirdparty/gnutls.git/commitdiff
Better error checking on SSL3.
authorNikos Mavrogiannopoulos <nmav@gnutls.org>
Mon, 7 Feb 2011 08:11:48 +0000 (09:11 +0100)
committerNikos Mavrogiannopoulos <nmav@gnutls.org>
Mon, 7 Feb 2011 08:11:48 +0000 (09:11 +0100)
lib/gnutls_cipher.c
lib/gnutls_cipher_int.c
lib/gnutls_cipher_int.h
lib/gnutls_handshake.c
lib/gnutls_hash_int.c
lib/gnutls_hash_int.h
lib/gnutls_sig.c

index afb387b535bc1ddbba5ed1cbd2889f4d3f295f14..a35c57350464bc56ba7db31889a65eb42d3a511a 100644 (file)
@@ -579,7 +579,9 @@ _gnutls_ciphertext2compressed (gnutls_session_t session,
       return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
     }
 
-  _gnutls_auth_cipher_tag(&params->read.cipher_state, tag, tag_size);
+  ret = _gnutls_auth_cipher_tag(&params->read.cipher_state, tag, tag_size);
+  if (ret < 0)
+    return gnutls_assert_val(ret);
 
   /* This one was introduced to avoid a timing attack against the TLS
    * 1.0 protocol.
index 410a6b48efc3ac5f0cb40a9f4d0c2292fa158a1d..98ee868d75e03c1c31a9276f4959fcbafba98fce 100644 (file)
@@ -255,24 +255,23 @@ int ret;
           gnutls_assert();
           return ret;
         }
-      _gnutls_auth_cipher_tag(handle, tag_ptr, tag_size);
+      ret = _gnutls_auth_cipher_tag(handle, tag_ptr, tag_size);
+      if (ret < 0)
+        return gnutls_assert_val(ret);
 
       ret = _gnutls_cipher_encrypt2(&handle->cipher, text, textlen, ciphertext, ciphertextlen);
       if (ret < 0)
-        {
-          gnutls_assert();
-          return ret;
-        }
+        return gnutls_assert_val(ret);
     }
   else if (handle->is_auth)
     {
       ret = _gnutls_cipher_encrypt2(&handle->cipher, text, textlen, ciphertext, ciphertextlen);
       if (ret < 0)
-        {
-          gnutls_assert();
-          return ret;
-        }
-      _gnutls_auth_cipher_tag(handle, tag_ptr, tag_size);
+        return gnutls_assert_val(ret);
+
+      ret = _gnutls_auth_cipher_tag(handle, tag_ptr, tag_size);
+      if (ret < 0)
+        return gnutls_assert_val(ret);
     }
 
   return 0;
@@ -306,13 +305,17 @@ int ret;
   return 0;
 }
 
-void _gnutls_auth_cipher_tag(auth_cipher_hd_st * handle, void* tag, int tag_size)
+int _gnutls_auth_cipher_tag(auth_cipher_hd_st * handle, void* tag, int tag_size)
 {
+int ret = 0;
   if (handle->is_mac)
     {
       if (handle->ssl_hmac)
         {
-          _gnutls_mac_output_ssl3 (&handle->mac, tag);
+          ret = _gnutls_mac_output_ssl3 (&handle->mac, tag);
+          if (ret < 0)
+            return gnutls_assert_val(ret);
+
           _gnutls_hash_reset (&handle->mac);
         }
       else
@@ -325,13 +328,15 @@ void _gnutls_auth_cipher_tag(auth_cipher_hd_st * handle, void* tag, int tag_size
     {
       _gnutls_cipher_tag(&handle->cipher, tag, tag_size);
     }
+    
+  return 0;
 }
 
 void _gnutls_auth_cipher_deinit (auth_cipher_hd_st * handle)
 {
   if (handle->is_mac)
     {
-      if (handle->ssl_hmac)
+      if (handle->ssl_hmac) /* failure here doesn't matter */
         _gnutls_mac_deinit_ssl3 (&handle->mac, NULL);
       else
         _gnutls_hmac_deinit(&handle->mac, NULL);
index bbc259d211063edd6fa38e49ee974f7851078231..e5423f37674978c162a4f3c68049116bc7c14bf4 100644 (file)
@@ -110,7 +110,7 @@ int _gnutls_auth_cipher_encrypt2_tag (auth_cipher_hd_st * handle, const uint8_t
 int _gnutls_auth_cipher_decrypt2 (auth_cipher_hd_st * handle,
                              const void *ciphertext, int ciphertextlen,
                              void *text, int textlen);
-void _gnutls_auth_cipher_tag( auth_cipher_hd_st * handle, void* tag, int tag_size);
+int _gnutls_auth_cipher_tag( auth_cipher_hd_st * handle, void* tag, int tag_size);
 
 inline static void _gnutls_auth_cipher_setiv (const auth_cipher_hd_st * handle, 
     const void *iv, int ivlen)
index 5715306f3a3159b3714afb096f737549ff6ba72b..7c884c786edfa8ae49fda2070c41356bc68b10b2 100644 (file)
@@ -223,14 +223,26 @@ _gnutls_ssl3_finished (gnutls_session_t session, int type, opaque * ret)
   _gnutls_hash (&td_md5, mesg, siz);
   _gnutls_hash (&td_sha, mesg, siz);
 
-  _gnutls_mac_deinit_ssl3_handshake (&td_md5, ret,
+  rc = _gnutls_mac_deinit_ssl3_handshake (&td_md5, ret,
                                      session->
                                      security_parameters.master_secret,
                                      GNUTLS_MASTER_SIZE);
-  _gnutls_mac_deinit_ssl3_handshake (&td_sha, &ret[16],
+  if (rc < 0)
+    {
+      _gnutls_hash_deinit (&td_md5, NULL);
+      _gnutls_hash_deinit (&td_sha, NULL);
+      return gnutls_assert_val(rc);
+    }
+
+  rc = _gnutls_mac_deinit_ssl3_handshake (&td_sha, &ret[16],
                                      session->
                                      security_parameters.master_secret,
                                      GNUTLS_MASTER_SIZE);
+  if (rc < 0)
+    {
+      _gnutls_hash_deinit (&td_sha, NULL);
+      return gnutls_assert_val(rc);
+    }
 
   return 0;
 }
index 928c656ef3bc219588efbf0e3db6c222c88d1aa5..645f5f10e5c5779ddb308b6b32b08302fec71d2e 100644 (file)
@@ -397,7 +397,7 @@ _gnutls_mac_init_ssl3 (digest_hd_st * ret, gnutls_mac_algorithm_t algorithm,
   return 0;
 }
 
-void
+int 
 _gnutls_mac_output_ssl3 (digest_hd_st * handle, void *digest)
 {
   opaque ret[MAX_HASH_SIZE];
@@ -410,7 +410,7 @@ _gnutls_mac_output_ssl3 (digest_hd_st * handle, void *digest)
   if (padsize == 0)
     {
       gnutls_assert ();
-      return;
+      return GNUTLS_E_INTERNAL_ERROR;
     }
 
   memset (opad, 0x5C, padsize);
@@ -419,7 +419,7 @@ _gnutls_mac_output_ssl3 (digest_hd_st * handle, void *digest)
   if (rc < 0)
     {
       gnutls_assert ();
-      return;
+      return rc;
     }
 
   if (handle->keysize > 0)
@@ -431,16 +431,22 @@ _gnutls_mac_output_ssl3 (digest_hd_st * handle, void *digest)
   _gnutls_hash (&td, ret, block);
 
   _gnutls_hash_deinit (&td, digest);
+  
+  return 0;
 }
 
-void
+int
 _gnutls_mac_deinit_ssl3 (digest_hd_st * handle, void *digest)
 {
-  if (digest != NULL) _gnutls_mac_output_ssl3(handle, digest);
+int ret = 0;
+
+  if (digest != NULL) ret = _gnutls_mac_output_ssl3(handle, digest);
   _gnutls_hash_deinit(handle, NULL);
+  
+  return ret;
 }
 
-void
+int
 _gnutls_mac_deinit_ssl3_handshake (digest_hd_st * handle,
                                    void *digest, opaque * key,
                                    uint32_t key_size)
@@ -456,7 +462,8 @@ _gnutls_mac_deinit_ssl3_handshake (digest_hd_st * handle,
   if (padsize == 0)
     {
       gnutls_assert ();
-      return;
+      rc = GNUTLS_E_INTERNAL_ERROR;
+      goto cleanup;
     }
 
   memset (opad, 0x5C, padsize);
@@ -466,7 +473,7 @@ _gnutls_mac_deinit_ssl3_handshake (digest_hd_st * handle,
   if (rc < 0)
     {
       gnutls_assert ();
-      return;
+      goto cleanup;
     }
 
   if (key_size > 0)
@@ -484,7 +491,11 @@ _gnutls_mac_deinit_ssl3_handshake (digest_hd_st * handle,
 
   _gnutls_hash_deinit (&td, digest);
 
-  return;
+  return 0;
+
+cleanup:
+  _gnutls_hash_deinit(handle, NULL);
+  return rc;
 }
 
 static int
index 95f1402b45c43e39d4280fb72c54c98cfccd5fd6..f191bb04cf1a1e28f5d232982cd99d5d60aabaaa 100644 (file)
@@ -87,8 +87,8 @@ _gnutls_hash_fast (gnutls_digest_algorithm_t algorithm,
 /* help functions */
 int _gnutls_mac_init_ssl3 (digest_hd_st *, gnutls_mac_algorithm_t algorithm,
                            void *key, int keylen);
-void _gnutls_mac_deinit_ssl3 (digest_hd_st * handle, void *digest);
-void _gnutls_mac_output_ssl3 (digest_hd_st * handle, void *digest);
+int _gnutls_mac_deinit_ssl3 (digest_hd_st * handle, void *digest);
+int _gnutls_mac_output_ssl3 (digest_hd_st * handle, void *digest);
 
 int _gnutls_ssl3_generate_random (void *secret, int secret_len,
                                   void *rnd, int random_len, int bytes,
@@ -97,7 +97,7 @@ int _gnutls_ssl3_hash_md5 (const void *first, int first_len,
                            const void *second, int second_len,
                            int ret_len, opaque * ret);
 
-void _gnutls_mac_deinit_ssl3_handshake (digest_hd_st * handle, void *digest,
+int _gnutls_mac_deinit_ssl3_handshake (digest_hd_st * handle, void *digest,
                                         opaque * key, uint32_t key_size);
 
 int _gnutls_hash_copy (digest_hd_st * dst_handle, digest_hd_st * src_handle);
index a23bd7f1d1031d10028ac7b11b860c4f7c7b7a4e..17ebf405baa5db13b06ced4106a61c8c6266836a 100644 (file)
@@ -585,18 +585,29 @@ _gnutls_handshake_verify_cert_vrfy (gnutls_session_t session,
       ret = _gnutls_generate_master (session, 1);
       if (ret < 0)
         {
-          gnutls_assert ();
-          return ret;
+          _gnutls_hash_deinit (&td_md5, NULL);
+          _gnutls_hash_deinit (&td_sha, NULL);
+          return gnutls_assert_val(ret);
         }
 
-      _gnutls_mac_deinit_ssl3_handshake (&td_md5, concat,
+      ret = _gnutls_mac_deinit_ssl3_handshake (&td_md5, concat,
                                          session->
                                          security_parameters.master_secret,
                                          GNUTLS_MASTER_SIZE);
-      _gnutls_mac_deinit_ssl3_handshake (&td_sha, &concat[16],
+      if (ret < 0)
+        {
+          _gnutls_hash_deinit (&td_sha, NULL);
+          return gnutls_assert_val(ret);
+        }
+
+      ret = _gnutls_mac_deinit_ssl3_handshake (&td_sha, &concat[16],
                                          session->
                                          security_parameters.master_secret,
                                          GNUTLS_MASTER_SIZE);
+      if (ret < 0)
+        {
+          return gnutls_assert_val(ret);
+        }
     }
   else
     {
@@ -744,13 +755,16 @@ _gnutls_handshake_sign_cert_vrfy (gnutls_session_t session,
       if (ret < 0)
         {
           gnutls_assert ();
+          _gnutls_hash_deinit (&td_sha, NULL);
           return ret;
         }
 
-      _gnutls_mac_deinit_ssl3_handshake (&td_sha, &concat[16],
+      ret = _gnutls_mac_deinit_ssl3_handshake (&td_sha, &concat[16],
                                          session->
                                          security_parameters.master_secret,
                                          GNUTLS_MASTER_SIZE);
+      if (ret < 0)
+        return gnutls_assert_val(ret);
     }
   else
     _gnutls_hash_deinit (&td_sha, &concat[16]);
@@ -769,10 +783,14 @@ _gnutls_handshake_sign_cert_vrfy (gnutls_session_t session,
         }
 
       if (ver == GNUTLS_SSL3)
-        _gnutls_mac_deinit_ssl3_handshake (&td_md5, concat,
+        {
+          ret = _gnutls_mac_deinit_ssl3_handshake (&td_md5, concat,
                                            session->
                                            security_parameters.master_secret,
                                            GNUTLS_MASTER_SIZE);
+          if (ret < 0)
+            return gnutls_assert_val(ret);
+        }
       else
         _gnutls_hash_deinit (&td_md5, concat);