From: raja-ashok <rashok.svks@gmail.com>
Date: Fri, 8 May 2020 13:47:21 +0000 (+0530)
Subject: Fix crash in early data send with out-of-band PSK using AES CCM
X-Git-Tag: openssl-3.0.0-alpha3~98
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=2e1a4f6aeb5a9935e3055f61740381e17a31fc9a;p=thirdparty%2Fopenssl.git

Fix crash in early data send with out-of-band PSK using AES CCM

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/11785)
---

diff --git a/ssl/tls13_enc.c b/ssl/tls13_enc.c
index e81f3656ee3..1775152eeb8 100644
--- a/ssl/tls13_enc.c
+++ b/ssl/tls13_enc.c
@@ -436,11 +436,18 @@ static int derive_secret_key_and_iv(SSL *s, int sending, const EVP_MD *md,
         uint32_t algenc;
 
         ivlen = EVP_CCM_TLS_IV_LEN;
-        if (s->s3.tmp.new_cipher == NULL) {
+        if (s->s3.tmp.new_cipher != NULL) {
+            algenc = s->s3.tmp.new_cipher->algorithm_enc;
+        } else if (s->session->cipher != NULL) {
             /* We've not selected a cipher yet - we must be doing early data */
             algenc = s->session->cipher->algorithm_enc;
+        } else if (s->psksession != NULL && s->psksession->cipher != NULL) {
+            /* We must be doing early data with out-of-band PSK */
+            algenc = s->psksession->cipher->algorithm_enc;
         } else {
-            algenc = s->s3.tmp.new_cipher->algorithm_enc;
+            SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_DERIVE_SECRET_KEY_AND_IV,
+                     ERR_R_EVP_LIB);
+            goto err;
         }
         if (algenc & (SSL_AES128CCM8 | SSL_AES256CCM8))
             taglen = EVP_CCM8_TLS_TAG_LEN;