From: Nikos Mavrogiannopoulos Date: Mon, 7 Feb 2011 08:11:48 +0000 (+0100) Subject: Better error checking on SSL3. X-Git-Tag: gnutls_2_99_0~318 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=e843e5f1cc24113fd7dc085d80aa84e4ba3b5eb9;p=thirdparty%2Fgnutls.git Better error checking on SSL3. --- diff --git a/lib/gnutls_cipher.c b/lib/gnutls_cipher.c index afb387b535..a35c573504 100644 --- a/lib/gnutls_cipher.c +++ b/lib/gnutls_cipher.c @@ -579,7 +579,9 @@ _gnutls_ciphertext2compressed (gnutls_session_t session, return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); } - _gnutls_auth_cipher_tag(¶ms->read.cipher_state, tag, tag_size); + ret = _gnutls_auth_cipher_tag(¶ms->read.cipher_state, tag, tag_size); + if (ret < 0) + return gnutls_assert_val(ret); /* This one was introduced to avoid a timing attack against the TLS * 1.0 protocol. diff --git a/lib/gnutls_cipher_int.c b/lib/gnutls_cipher_int.c index 410a6b48ef..98ee868d75 100644 --- a/lib/gnutls_cipher_int.c +++ b/lib/gnutls_cipher_int.c @@ -255,24 +255,23 @@ int ret; gnutls_assert(); return ret; } - _gnutls_auth_cipher_tag(handle, tag_ptr, tag_size); + ret = _gnutls_auth_cipher_tag(handle, tag_ptr, tag_size); + if (ret < 0) + return gnutls_assert_val(ret); ret = _gnutls_cipher_encrypt2(&handle->cipher, text, textlen, ciphertext, ciphertextlen); if (ret < 0) - { - gnutls_assert(); - return ret; - } + return gnutls_assert_val(ret); } else if (handle->is_auth) { ret = _gnutls_cipher_encrypt2(&handle->cipher, text, textlen, ciphertext, ciphertextlen); if (ret < 0) - { - gnutls_assert(); - return ret; - } - _gnutls_auth_cipher_tag(handle, tag_ptr, tag_size); + return gnutls_assert_val(ret); + + ret = _gnutls_auth_cipher_tag(handle, tag_ptr, tag_size); + if (ret < 0) + return gnutls_assert_val(ret); } return 0; @@ -306,13 +305,17 @@ int ret; return 0; } -void _gnutls_auth_cipher_tag(auth_cipher_hd_st * handle, void* tag, int tag_size) +int _gnutls_auth_cipher_tag(auth_cipher_hd_st * handle, void* tag, int tag_size) { +int ret = 0; if (handle->is_mac) { if (handle->ssl_hmac) { - _gnutls_mac_output_ssl3 (&handle->mac, tag); + ret = _gnutls_mac_output_ssl3 (&handle->mac, tag); + if (ret < 0) + return gnutls_assert_val(ret); + _gnutls_hash_reset (&handle->mac); } else @@ -325,13 +328,15 @@ void _gnutls_auth_cipher_tag(auth_cipher_hd_st * handle, void* tag, int tag_size { _gnutls_cipher_tag(&handle->cipher, tag, tag_size); } + + return 0; } void _gnutls_auth_cipher_deinit (auth_cipher_hd_st * handle) { if (handle->is_mac) { - if (handle->ssl_hmac) + if (handle->ssl_hmac) /* failure here doesn't matter */ _gnutls_mac_deinit_ssl3 (&handle->mac, NULL); else _gnutls_hmac_deinit(&handle->mac, NULL); diff --git a/lib/gnutls_cipher_int.h b/lib/gnutls_cipher_int.h index bbc259d211..e5423f3767 100644 --- a/lib/gnutls_cipher_int.h +++ b/lib/gnutls_cipher_int.h @@ -110,7 +110,7 @@ int _gnutls_auth_cipher_encrypt2_tag (auth_cipher_hd_st * handle, const uint8_t int _gnutls_auth_cipher_decrypt2 (auth_cipher_hd_st * handle, const void *ciphertext, int ciphertextlen, void *text, int textlen); -void _gnutls_auth_cipher_tag( auth_cipher_hd_st * handle, void* tag, int tag_size); +int _gnutls_auth_cipher_tag( auth_cipher_hd_st * handle, void* tag, int tag_size); inline static void _gnutls_auth_cipher_setiv (const auth_cipher_hd_st * handle, const void *iv, int ivlen) diff --git a/lib/gnutls_handshake.c b/lib/gnutls_handshake.c index 5715306f3a..7c884c786e 100644 --- a/lib/gnutls_handshake.c +++ b/lib/gnutls_handshake.c @@ -223,14 +223,26 @@ _gnutls_ssl3_finished (gnutls_session_t session, int type, opaque * ret) _gnutls_hash (&td_md5, mesg, siz); _gnutls_hash (&td_sha, mesg, siz); - _gnutls_mac_deinit_ssl3_handshake (&td_md5, ret, + rc = _gnutls_mac_deinit_ssl3_handshake (&td_md5, ret, session-> security_parameters.master_secret, GNUTLS_MASTER_SIZE); - _gnutls_mac_deinit_ssl3_handshake (&td_sha, &ret[16], + if (rc < 0) + { + _gnutls_hash_deinit (&td_md5, NULL); + _gnutls_hash_deinit (&td_sha, NULL); + return gnutls_assert_val(rc); + } + + rc = _gnutls_mac_deinit_ssl3_handshake (&td_sha, &ret[16], session-> security_parameters.master_secret, GNUTLS_MASTER_SIZE); + if (rc < 0) + { + _gnutls_hash_deinit (&td_sha, NULL); + return gnutls_assert_val(rc); + } return 0; } diff --git a/lib/gnutls_hash_int.c b/lib/gnutls_hash_int.c index 928c656ef3..645f5f10e5 100644 --- a/lib/gnutls_hash_int.c +++ b/lib/gnutls_hash_int.c @@ -397,7 +397,7 @@ _gnutls_mac_init_ssl3 (digest_hd_st * ret, gnutls_mac_algorithm_t algorithm, return 0; } -void +int _gnutls_mac_output_ssl3 (digest_hd_st * handle, void *digest) { opaque ret[MAX_HASH_SIZE]; @@ -410,7 +410,7 @@ _gnutls_mac_output_ssl3 (digest_hd_st * handle, void *digest) if (padsize == 0) { gnutls_assert (); - return; + return GNUTLS_E_INTERNAL_ERROR; } memset (opad, 0x5C, padsize); @@ -419,7 +419,7 @@ _gnutls_mac_output_ssl3 (digest_hd_st * handle, void *digest) if (rc < 0) { gnutls_assert (); - return; + return rc; } if (handle->keysize > 0) @@ -431,16 +431,22 @@ _gnutls_mac_output_ssl3 (digest_hd_st * handle, void *digest) _gnutls_hash (&td, ret, block); _gnutls_hash_deinit (&td, digest); + + return 0; } -void +int _gnutls_mac_deinit_ssl3 (digest_hd_st * handle, void *digest) { - if (digest != NULL) _gnutls_mac_output_ssl3(handle, digest); +int ret = 0; + + if (digest != NULL) ret = _gnutls_mac_output_ssl3(handle, digest); _gnutls_hash_deinit(handle, NULL); + + return ret; } -void +int _gnutls_mac_deinit_ssl3_handshake (digest_hd_st * handle, void *digest, opaque * key, uint32_t key_size) @@ -456,7 +462,8 @@ _gnutls_mac_deinit_ssl3_handshake (digest_hd_st * handle, if (padsize == 0) { gnutls_assert (); - return; + rc = GNUTLS_E_INTERNAL_ERROR; + goto cleanup; } memset (opad, 0x5C, padsize); @@ -466,7 +473,7 @@ _gnutls_mac_deinit_ssl3_handshake (digest_hd_st * handle, if (rc < 0) { gnutls_assert (); - return; + goto cleanup; } if (key_size > 0) @@ -484,7 +491,11 @@ _gnutls_mac_deinit_ssl3_handshake (digest_hd_st * handle, _gnutls_hash_deinit (&td, digest); - return; + return 0; + +cleanup: + _gnutls_hash_deinit(handle, NULL); + return rc; } static int diff --git a/lib/gnutls_hash_int.h b/lib/gnutls_hash_int.h index 95f1402b45..f191bb04cf 100644 --- a/lib/gnutls_hash_int.h +++ b/lib/gnutls_hash_int.h @@ -87,8 +87,8 @@ _gnutls_hash_fast (gnutls_digest_algorithm_t algorithm, /* help functions */ int _gnutls_mac_init_ssl3 (digest_hd_st *, gnutls_mac_algorithm_t algorithm, void *key, int keylen); -void _gnutls_mac_deinit_ssl3 (digest_hd_st * handle, void *digest); -void _gnutls_mac_output_ssl3 (digest_hd_st * handle, void *digest); +int _gnutls_mac_deinit_ssl3 (digest_hd_st * handle, void *digest); +int _gnutls_mac_output_ssl3 (digest_hd_st * handle, void *digest); int _gnutls_ssl3_generate_random (void *secret, int secret_len, void *rnd, int random_len, int bytes, @@ -97,7 +97,7 @@ int _gnutls_ssl3_hash_md5 (const void *first, int first_len, const void *second, int second_len, int ret_len, opaque * ret); -void _gnutls_mac_deinit_ssl3_handshake (digest_hd_st * handle, void *digest, +int _gnutls_mac_deinit_ssl3_handshake (digest_hd_st * handle, void *digest, opaque * key, uint32_t key_size); int _gnutls_hash_copy (digest_hd_st * dst_handle, digest_hd_st * src_handle); diff --git a/lib/gnutls_sig.c b/lib/gnutls_sig.c index a23bd7f1d1..17ebf405ba 100644 --- a/lib/gnutls_sig.c +++ b/lib/gnutls_sig.c @@ -585,18 +585,29 @@ _gnutls_handshake_verify_cert_vrfy (gnutls_session_t session, ret = _gnutls_generate_master (session, 1); if (ret < 0) { - gnutls_assert (); - return ret; + _gnutls_hash_deinit (&td_md5, NULL); + _gnutls_hash_deinit (&td_sha, NULL); + return gnutls_assert_val(ret); } - _gnutls_mac_deinit_ssl3_handshake (&td_md5, concat, + ret = _gnutls_mac_deinit_ssl3_handshake (&td_md5, concat, session-> security_parameters.master_secret, GNUTLS_MASTER_SIZE); - _gnutls_mac_deinit_ssl3_handshake (&td_sha, &concat[16], + if (ret < 0) + { + _gnutls_hash_deinit (&td_sha, NULL); + return gnutls_assert_val(ret); + } + + ret = _gnutls_mac_deinit_ssl3_handshake (&td_sha, &concat[16], session-> security_parameters.master_secret, GNUTLS_MASTER_SIZE); + if (ret < 0) + { + return gnutls_assert_val(ret); + } } else { @@ -744,13 +755,16 @@ _gnutls_handshake_sign_cert_vrfy (gnutls_session_t session, if (ret < 0) { gnutls_assert (); + _gnutls_hash_deinit (&td_sha, NULL); return ret; } - _gnutls_mac_deinit_ssl3_handshake (&td_sha, &concat[16], + ret = _gnutls_mac_deinit_ssl3_handshake (&td_sha, &concat[16], session-> security_parameters.master_secret, GNUTLS_MASTER_SIZE); + if (ret < 0) + return gnutls_assert_val(ret); } else _gnutls_hash_deinit (&td_sha, &concat[16]); @@ -769,10 +783,14 @@ _gnutls_handshake_sign_cert_vrfy (gnutls_session_t session, } if (ver == GNUTLS_SSL3) - _gnutls_mac_deinit_ssl3_handshake (&td_md5, concat, + { + ret = _gnutls_mac_deinit_ssl3_handshake (&td_md5, concat, session-> security_parameters.master_secret, GNUTLS_MASTER_SIZE); + if (ret < 0) + return gnutls_assert_val(ret); + } else _gnutls_hash_deinit (&td_md5, concat);