dnl We use its presence to detect C11 threads
AC_CHECK_HEADERS([threads.h])
+AC_CHECK_HEADERS([sanitizer/asan_interface.h])
AC_CHECK_HEADERS([valgrind/memcheck.h])
AC_ARG_ENABLE(padlock,
invalidLifetime:lib/pkcs11_privkey.c:603
invalidLifetime:lib/pkcs11_privkey.c:604
invalidLifetime:lib/pkcs11_privkey.c:606
-autoVariables:lib/stek.c:302
-autoVariables:lib/stek.c:306
-autoVariables:lib/stek.c:310
session->security_parameters.client_random,
GNUTLS_RANDOM_SIZE);
+ _gnutls_memory_mark_defined(session->security_parameters.master_secret,
+ GNUTLS_MASTER_SIZE);
#ifdef ENABLE_SSL3
if (get_num_version(session) == GNUTLS_SSL3) { /* SSL 3 */
ret =
rnd, 2 * GNUTLS_RANDOM_SIZE, block_size,
key_block);
- if (ret < 0)
+ if (ret < 0) {
+ _gnutls_memory_mark_undefined(session->security_parameters.master_secret,
+ GNUTLS_MASTER_SIZE);
return gnutls_assert_val(ret);
+ }
_gnutls_hard_log("INT: KEY BLOCK[%d]: %s\n", block_size,
_gnutls_bin2hex(key_block, block_size, buf,
return 0;
}
-/* This copies the session values which apply to subsequent/resumed
- * sessions. Under TLS 1.3, these values are items which are not
- * negotiated on the subsequent session. */
-#define CPY_COMMON(tls13_sem) \
- if (!tls13_sem) { \
- dst->cs = src->cs; \
- memcpy(dst->master_secret, src->master_secret, GNUTLS_MASTER_SIZE); \
- memcpy(dst->client_random, src->client_random, GNUTLS_RANDOM_SIZE); \
- memcpy(dst->server_random, src->server_random, GNUTLS_RANDOM_SIZE); \
- dst->ext_master_secret = src->ext_master_secret; \
- dst->etm = src->etm; \
- dst->prf = src->prf; \
- dst->grp = src->grp; \
- dst->pversion = src->pversion; \
- } \
- memcpy(dst->session_id, src->session_id, GNUTLS_MAX_SESSION_ID_SIZE); \
- dst->session_id_size = src->session_id_size; \
- dst->timestamp = src->timestamp; \
- dst->client_ctype = src->client_ctype; \
- dst->server_ctype = src->server_ctype; \
- dst->client_auth_type = src->client_auth_type; \
- dst->server_auth_type = src->server_auth_type
-
void _gnutls_set_resumed_parameters(gnutls_session_t session)
{
security_parameters_st *src =
security_parameters_st *dst = &session->security_parameters;
const version_entry_st *ver = get_version(session);
- CPY_COMMON(ver->tls13_sem);
+ /* Under TLS 1.3, these values are items which are not
+ * negotiated on the subsequent session. */
+ if (!ver->tls13_sem) {
+ dst->cs = src->cs;
+ _gnutls_memory_mark_defined(dst->master_secret, GNUTLS_MASTER_SIZE);
+ memcpy(dst->master_secret, src->master_secret, GNUTLS_MASTER_SIZE);
+ _gnutls_memory_mark_defined(dst->client_random, GNUTLS_RANDOM_SIZE);
+ memcpy(dst->client_random, src->client_random, GNUTLS_RANDOM_SIZE);
+ _gnutls_memory_mark_defined(dst->server_random, GNUTLS_RANDOM_SIZE);
+ memcpy(dst->server_random, src->server_random, GNUTLS_RANDOM_SIZE);
+ dst->ext_master_secret = src->ext_master_secret;
+ dst->etm = src->etm;
+ dst->prf = src->prf;
+ dst->grp = src->grp;
+ dst->pversion = src->pversion;
+ }
+ memcpy(dst->session_id, src->session_id, GNUTLS_MAX_SESSION_ID_SIZE);
+ dst->session_id_size = src->session_id_size;
+ dst->timestamp = src->timestamp;
+ dst->client_ctype = src->client_ctype;
+ dst->server_ctype = src->server_ctype;
+ dst->client_auth_type = src->client_auth_type;
+ dst->server_auth_type = src->server_auth_type;
if (!ver->tls13_sem &&
!(session->internals.hsk_flags & HSK_RECORD_SIZE_LIMIT_NEGOTIATED)) {
#include "tls13/early_data.h"
#include "tls13/session_ticket.h"
#include "locks.h"
-#ifdef HAVE_VALGRIND_MEMCHECK_H
-#include <valgrind/memcheck.h>
-#endif
static int check_if_null_comp_present(gnutls_session_t session,
uint8_t * data, int datalen);
void _gnutls_set_client_random(gnutls_session_t session, uint8_t * rnd)
{
+ _gnutls_memory_mark_defined(session->security_parameters.client_random,
+ GNUTLS_RANDOM_SIZE);
memcpy(session->security_parameters.client_random, rnd,
GNUTLS_RANDOM_SIZE);
}
/* no random given, we generate. */
if (session->internals.sc_random_set != 0) {
+ _gnutls_memory_mark_defined(session->security_parameters.client_random,
+ GNUTLS_RANDOM_SIZE);
memcpy(session->security_parameters.client_random,
session->internals.
resumed_security_parameters.client_random,
GNUTLS_RANDOM_SIZE);
} else {
+ _gnutls_memory_mark_defined(session->security_parameters.client_random,
+ GNUTLS_RANDOM_SIZE);
ret = gnutls_rnd(GNUTLS_RND_NONCE,
session->security_parameters.client_random,
GNUTLS_RANDOM_SIZE);
- if (ret < 0)
+ if (ret < 0) {
+ _gnutls_memory_mark_undefined(session->security_parameters.client_random,
+ GNUTLS_RANDOM_SIZE);
return gnutls_assert_val(ret);
+ }
}
-#ifdef HAVE_VALGRIND_MEMCHECK_H
- if (RUNNING_ON_VALGRIND)
- VALGRIND_MAKE_MEM_DEFINED(session->security_parameters.client_random,
- GNUTLS_RANDOM_SIZE);
-#endif
-
return 0;
}
{
const version_entry_st *max;
+ _gnutls_memory_mark_defined(session->security_parameters.server_random,
+ GNUTLS_RANDOM_SIZE);
memcpy(session->security_parameters.server_random, rnd,
GNUTLS_RANDOM_SIZE);
const version_entry_st *max;
if (session->internals.sc_random_set != 0) {
+ _gnutls_memory_mark_defined(session->security_parameters.server_random,
+ GNUTLS_RANDOM_SIZE);
memcpy(session->security_parameters.server_random,
session->internals.
resumed_security_parameters.server_random,
if (max == NULL)
return gnutls_assert_val(GNUTLS_E_NO_CIPHER_SUITES);
+ _gnutls_memory_mark_defined(session->security_parameters.server_random,
+ GNUTLS_RANDOM_SIZE);
+
if (!IS_DTLS(session) && max->id >= GNUTLS_TLS1_3 &&
version <= GNUTLS_TLS1_2) {
if (version == GNUTLS_TLS1_2) {
if (ret < 0) {
gnutls_assert();
+ _gnutls_memory_mark_undefined(session->security_parameters.server_random,
+ GNUTLS_RANDOM_SIZE);
return ret;
}
-#ifdef HAVE_VALGRIND_MEMCHECK_H
- if (RUNNING_ON_VALGRIND)
- VALGRIND_MAKE_MEM_DEFINED(session->security_parameters.server_random,
- GNUTLS_RANDOM_SIZE);
-#endif
-
return 0;
}
mesg = CLIENT_MSG;
}
- return _gnutls_PRF(session,
- session->security_parameters.master_secret,
- GNUTLS_MASTER_SIZE, mesg, siz, concat, hash_len,
- 12, ret);
+ _gnutls_memory_mark_defined(session->security_parameters.master_secret,
+ GNUTLS_MASTER_SIZE);
+ rc = _gnutls_PRF(session,
+ session->security_parameters.master_secret,
+ GNUTLS_MASTER_SIZE, mesg, siz, concat, hash_len,
+ 12, ret);
+ if (rc < 0) {
+ _gnutls_memory_mark_undefined(session->security_parameters.master_secret,
+ GNUTLS_MASTER_SIZE);
+ }
+ return rc;
}
session->security_parameters.server_random,
GNUTLS_RANDOM_SIZE);
+ _gnutls_memory_mark_defined(session->security_parameters.master_secret,
+ GNUTLS_MASTER_SIZE);
#ifdef ENABLE_SSL3
if (get_num_version(session) == GNUTLS_SSL3) {
ret =
GNUTLS_MASTER_SIZE,
session->security_parameters.
master_secret);
+ if (ret < 0)
+ _gnutls_memory_mark_undefined(session->security_parameters.master_secret,
+ GNUTLS_MASTER_SIZE);
} else {
gnutls_datum_t shash = {NULL, 0};
return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
#endif
+ _gnutls_memory_mark_defined(session->security_parameters.master_secret,
+ GNUTLS_MASTER_SIZE);
ret =
_gnutls_PRF(session, premaster->data, premaster->size,
EXT_MASTER_SECRET, EXT_MASTER_SECRET_SIZE,
GNUTLS_MASTER_SIZE,
session->security_parameters.
master_secret);
+ if (ret < 0)
+ _gnutls_memory_mark_undefined(session->security_parameters.master_secret,
+ GNUTLS_MASTER_SIZE);
gnutls_free(shash.data);
}
#ifndef GNUTLS_LIB_MEM_H
#define GNUTLS_LIB_MEM_H
-#include <config.h>
+#include "config.h"
+
+#ifdef HAVE_SANITIZER_ASAN_INTERFACE_H
+#include <sanitizer/asan_interface.h>
+#endif
+
+#ifdef HAVE_VALGRIND_MEMCHECK_H
+#include <valgrind/memcheck.h>
+#endif
/* These realloc functions will return ptr if size==0, and will free
* the ptr if the new allocation failed.
#define zeroize_temp_key zeroize_key
#define zrelease_temp_mpi_key zrelease_mpi_key
+static inline void
+_gnutls_memory_mark_undefined(void *addr, size_t size)
+{
+#ifdef HAVE_SANITIZER_ASAN_INTERFACE_H
+ ASAN_POISON_MEMORY_REGION(addr, size);
+#endif
+#ifdef HAVE_VALGRIND_MEMCHECK_H
+ if (RUNNING_ON_VALGRIND)
+ VALGRIND_MAKE_MEM_UNDEFINED(addr, size);
+#endif
+}
+
+static inline void
+_gnutls_memory_mark_defined(void *addr, size_t size)
+{
+#ifdef HAVE_SANITIZER_ASAN_INTERFACE_H
+ ASAN_UNPOISON_MEMORY_REGION(addr, size);
+#endif
+#ifdef HAVE_VALGRIND_MEMCHECK_H
+ if (RUNNING_ON_VALGRIND)
+ VALGRIND_MAKE_MEM_DEFINED(addr, size);
+#endif
+}
+
#endif /* GNUTLS_LIB_MEM_H */
#include "ext/cert_types.h"
#include "locks.h"
#include "kx.h"
-#ifdef HAVE_VALGRIND_MEMCHECK_H
-#include <valgrind/memcheck.h>
-#endif
/* to be used by supplemental data support to disable TLS1.3
* when supplemental data have been globally registered */
* runtime before being used. Mark such regions with a
* valgrind client request as undefined.
*/
-#ifdef HAVE_VALGRIND_MEMCHECK_H
- if (RUNNING_ON_VALGRIND) {
- if (flags & GNUTLS_CLIENT)
- VALGRIND_MAKE_MEM_UNDEFINED((*session)->security_parameters.client_random,
- GNUTLS_RANDOM_SIZE);
- if (flags & GNUTLS_SERVER) {
- VALGRIND_MAKE_MEM_UNDEFINED((*session)->security_parameters.server_random,
- GNUTLS_RANDOM_SIZE);
- VALGRIND_MAKE_MEM_UNDEFINED((*session)->key.session_ticket_key,
- TICKET_MASTER_KEY_SIZE);
- }
- }
-#endif
+ _gnutls_memory_mark_undefined((*session)->security_parameters.master_secret,
+ GNUTLS_MASTER_SIZE);
+ _gnutls_memory_mark_undefined((*session)->security_parameters.client_random,
+ GNUTLS_RANDOM_SIZE);
+ _gnutls_memory_mark_undefined((*session)->security_parameters.server_random,
+ GNUTLS_RANDOM_SIZE);
+ _gnutls_memory_mark_undefined((*session)->key.session_ticket_key,
+ TICKET_MASTER_KEY_SIZE);
+ _gnutls_memory_mark_undefined((*session)->key.previous_ticket_key,
+ TICKET_MASTER_KEY_SIZE);
+ _gnutls_memory_mark_undefined((*session)->key.initial_stek,
+ TICKET_MASTER_KEY_SIZE);
+
handshake_internal_state_clear1(*session);
#ifdef MSG_NOSIGNAL
gnutls_memset(&session->key.proto, 0, sizeof(session->key.proto));
/* clear session ticket keys */
+ _gnutls_memory_mark_defined(session->key.session_ticket_key,
+ TICKET_MASTER_KEY_SIZE);
gnutls_memset(&session->key.session_ticket_key, 0,
TICKET_MASTER_KEY_SIZE);
+ _gnutls_memory_mark_undefined(session->key.session_ticket_key,
+ TICKET_MASTER_KEY_SIZE);
+
+ _gnutls_memory_mark_defined(session->key.previous_ticket_key,
+ TICKET_MASTER_KEY_SIZE);
gnutls_memset(&session->key.previous_ticket_key, 0,
TICKET_MASTER_KEY_SIZE);
+ _gnutls_memory_mark_undefined(session->key.previous_ticket_key,
+ TICKET_MASTER_KEY_SIZE);
+
+ _gnutls_memory_mark_defined(session->key.initial_stek,
+ TICKET_MASTER_KEY_SIZE);
gnutls_memset(&session->key.initial_stek, 0,
TICKET_MASTER_KEY_SIZE);
+ _gnutls_memory_mark_undefined(session->key.initial_stek,
+ TICKET_MASTER_KEY_SIZE);
gnutls_mutex_deinit(&session->internals.post_negotiation_lock);
gnutls_mutex_deinit(&session->internals.epoch_lock);
*/
#include "gnutls_int.h"
#include "stek.h"
-#ifdef HAVE_VALGRIND_MEMCHECK_H
-#include <valgrind/memcheck.h>
-#endif
#define NAME_POS (0)
#define KEY_POS (TICKET_KEY_NAME_SIZE)
/* Replace old key with new one, and call callback if provided */
call_rotation_callback(session, key, t);
session->key.totp.last_result = t;
+ _gnutls_memory_mark_defined(session->key.session_ticket_key,
+ sizeof(key));
memcpy(session->key.session_ticket_key, key, sizeof(key));
-#ifdef HAVE_VALGRIND_MEMCHECK_H
- if (RUNNING_ON_VALGRIND)
- VALGRIND_MAKE_MEM_DEFINED(session->key.session_ticket_key,
- TICKET_MASTER_KEY_SIZE);
-#endif
session->key.totp.was_rotated = 1;
} else if (t < 0) {
gnutls_datum_t *enc_key)
{
int retval;
- gnutls_datum_t key = {
- .data = session->key.session_ticket_key,
- .size = TICKET_MASTER_KEY_SIZE
- };
+ uint8_t *key_data;
if (unlikely(session == NULL || ticket_data == NULL || ticket_data->data == NULL))
return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
* We compare the first 16 bytes --> The key_name field.
*/
if (memcmp(ticket_data->data,
- &key.data[NAME_POS],
- TICKET_KEY_NAME_SIZE) == 0)
+ &session->key.session_ticket_key[NAME_POS],
+ TICKET_KEY_NAME_SIZE) == 0) {
+ key_data = session->key.session_ticket_key;
goto key_found;
-
- key.size = TICKET_MASTER_KEY_SIZE;
- key.data = session->key.previous_ticket_key;
+ }
/*
* Current key is not valid.
* Compute previous key and see if that matches.
*/
- if ((retval = rotate_back_and_peek(session, key.data)) < 0)
+ _gnutls_memory_mark_defined(session->key.previous_ticket_key, TICKET_MASTER_KEY_SIZE);
+ if ((retval = rotate_back_and_peek(session, session->key.previous_ticket_key)) < 0) {
+ _gnutls_memory_mark_undefined(session->key.previous_ticket_key, TICKET_MASTER_KEY_SIZE);
return gnutls_assert_val(retval);
+ }
if (memcmp(ticket_data->data,
- &key.data[NAME_POS],
- TICKET_KEY_NAME_SIZE) == 0)
+ &session->key.previous_ticket_key[NAME_POS],
+ TICKET_KEY_NAME_SIZE) == 0) {
+ key_data = session->key.previous_ticket_key;
goto key_found;
+ }
return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
key_found:
if (key_name) {
- key_name->data = &key.data[NAME_POS];
+ key_name->data = &key_data[NAME_POS];
key_name->size = TICKET_KEY_NAME_SIZE;
}
if (mac_key) {
- mac_key->data = &key.data[MAC_SECRET_POS];
+ mac_key->data = &key_data[MAC_SECRET_POS];
mac_key->size = TICKET_MAC_SECRET_SIZE;
}
if (enc_key) {
- enc_key->data = &key.data[KEY_POS];
+ enc_key->data = &key_data[KEY_POS];
enc_key->size = TICKET_CIPHER_KEY_SIZE;
}
if (unlikely(session->key.totp.last_result != 0))
return GNUTLS_E_INVALID_REQUEST;
+ _gnutls_memory_mark_defined(session->key.initial_stek,
+ TICKET_MASTER_KEY_SIZE);
memcpy(session->key.initial_stek, key->data, key->size);
session->key.totp.was_rotated = 0;
memset(&v1, 0, sizeof(v1));
memset(&v2, 0, sizeof(v2));
- /* check master secret */
- gnutls_session_get_master_secret(server, &v1);
- if (v1.size <= 0) {
- fail("error in server's master secret\n");
- }
-
- gnutls_session_get_master_secret(client, &v2);
- if (v2.size <= 0) {
- fail("error in client's master secret\n");
- }
-
- if (v1.size != v2.size || memcmp(v1.data, v2.data, v1.size) != 0) {
- fail("master secret don't match!\n");
+ if (gnutls_protocol_get_version(client) != GNUTLS_TLS1_3) {
+ /* check master secret */
+ gnutls_session_get_master_secret(server, &v1);
+ if (v1.size <= 0) {
+ fail("error in server's master secret\n");
+ }
+
+ gnutls_session_get_master_secret(client, &v2);
+ if (v2.size <= 0) {
+ fail("error in client's master secret\n");
+ }
+
+ if (v1.size != v2.size || memcmp(v1.data, v2.data, v1.size) != 0) {
+ fail("master secret don't match!\n");
+ }
}
gnutls_bye(client, GNUTLS_SHUT_RDWR);
projects / thirdparty / gnutls.git / commitdiff
