mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'master' into ti

Browse Source
This commit is contained in:
toddouska 2014-06-19 16:01:35 -07:00
commit 4fe938cf3a
3 changed files with 38 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
ctaocrypt/src/pkcs7.c
View File

@ -508,8 +508,12 @@ int PKCS7_EncodeSignedData(PKCS7* pkcs7, byte* output, word32 outputSz)
esd.outerSeqSz = SetSequence(totalSz, esd.outerSeq);
totalSz += esd.outerSeqSz;
if (outputSz < totalSz)
if (outputSz < totalSz) {
if (flatSignedAttribs)
XFREE(flatSignedAttribs, 0, NULL);
return BUFFER_E;
}
idx = 0;
XMEMCPY(output + idx, esd.outerSeq, esd.outerSeqSz);
@ -845,12 +849,16 @@ CYASSL_LOCAL int CreateRecipientInfo(const byte* cert, word32 certSz,
issuerSerialSeq);
/* KeyEncryptionAlgorithmIdentifier, only support RSA now */
if (keyEncAlgo != RSAk)
if (keyEncAlgo != RSAk) {
FreeDecodedCert(&decoded);
return ALGO_ID_E;
}
keyEncAlgSz = SetAlgoID(keyEncAlgo, keyAlgArray, keyType, 0);
if (keyEncAlgSz == 0)
if (keyEncAlgSz == 0) {
FreeDecodedCert(&decoded);
return BAD_FUNC_ARG;
}
/* EncryptedKey */
ret = InitRsaKey(&pubKey, 0);
@ -858,6 +866,7 @@ CYASSL_LOCAL int CreateRecipientInfo(const byte* cert, word32 certSz,
if (RsaPublicKeyDecode(decoded.publicKey, &idx, &pubKey,
decoded.pubKeySize) < 0) {
CYASSL_MSG("ASN RSA key decode error");
FreeDecodedCert(&decoded);
return PUBLIC_KEY_E;
}
@ -866,6 +875,7 @@ CYASSL_LOCAL int CreateRecipientInfo(const byte* cert, word32 certSz,
FreeRsaKey(&pubKey);
if (*keyEncSz < 0) {
CYASSL_MSG("RSA Public Encrypt failed");
FreeDecodedCert(&decoded);
return *keyEncSz;
}
@ -879,6 +889,7 @@ CYASSL_LOCAL int CreateRecipientInfo(const byte* cert, word32 certSz,
if (recipSeqSz + verSz + issuerSerialSeqSz + issuerSeqSz + snSz +
keyEncAlgSz + encKeyOctetStrSz + *keyEncSz > (int)outSz) {
CYASSL_MSG("RecipientInfo output buffer too small");
FreeDecodedCert(&decoded);
return BUFFER_E;
}
@ -1037,8 +1048,13 @@ int PKCS7_EncodeEnvelopedData(PKCS7* pkcs7, byte* output, word32 outputSz)
* adding (ivOctetStringSz + DES_BLOCK_SIZE) for IV OCTET STRING */
contentEncAlgoSz = SetAlgoID(pkcs7->encryptOID, contentEncAlgo,
blkType, ivOctetStringSz + DES_BLOCK_SIZE);
if (contentEncAlgoSz == 0)
if (contentEncAlgoSz == 0) {
XFREE(encryptedContent, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (dynamicFlag)
XFREE(plain, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return BAD_FUNC_ARG;
}
/* encrypt content */
if (pkcs7->encryptOID == DESb) {
@ -1324,6 +1340,8 @@ CYASSL_API int PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg,
encryptedContent = XMALLOC(encryptedContentSz, NULL,
DYNAMIC_TYPE_TMP_BUFFER);
if (encryptedContent == NULL)
return MEMORY_E;
XMEMCPY(encryptedContent, &pkiMsg[idx], encryptedContentSz);
@ -1331,8 +1349,10 @@ CYASSL_API int PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg,
keySz = RsaPrivateDecryptInline(encryptedKey, encryptedKeySz,
&decryptedKey, &privKey);
FreeRsaKey(&privKey);
if (keySz <= 0)
if (keySz <= 0) {
XFREE(encryptedContent, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return keySz;
}
/* decrypt encryptedContent */
if (encOID == DESb) {
@ -1361,6 +1381,7 @@ CYASSL_API int PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg,
}
} else {
CYASSL_MSG("Unsupported content encryption OID type");
XFREE(encryptedContent, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return ALGO_ID_E;
}

3
src/internal.c
View File

@ -9856,7 +9856,7 @@ static void PickHashSigAlgo(CYASSL* ssl,
}
#endif /* HAVE_ECC */
#ifdef OPENSSL_EXTRA
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA)
if (ssl->specs.kea == diffie_hellman_kea) {
byte *output;
word32 length = 0, idx = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ;
@ -11453,6 +11453,7 @@ static void PickHashSigAlgo(CYASSL* ssl,
(void)out;
(void)input;
(void)size;
(void)begin;
if (ssl->options.side != CYASSL_SERVER_END) {
CYASSL_MSG("Client received client keyexchange, attack?");

11
src/ssl.c
View File

@ -10388,6 +10388,7 @@ static int initGlobalRNG = 0;
}
#endif /* NO_DSA */
#ifndef NO_RSA
static void InitCyaSSL_Rsa(CYASSL_RSA* rsa)
{
if (rsa) {
@ -10463,8 +10464,10 @@ static int initGlobalRNG = 0;
XFREE(rsa, NULL, DYNAMIC_TYPE_RSA);
}
}
#endif /* NO_RSA */
#if !defined(NO_RSA) || !defined(NO_DSA)
static int SetIndividualExternal(CYASSL_BIGNUM** bn, mp_int* mpi)
{
CYASSL_MSG("Entering SetIndividualExternal");
@ -10489,6 +10492,7 @@ static int initGlobalRNG = 0;
return 0;
}
#endif /* !NO_RSA && !NO_DSA */
#ifndef NO_DSA
@ -10536,6 +10540,7 @@ static int initGlobalRNG = 0;
#endif /* NO_DSA */
#ifndef NO_RSA
static int SetRsaExternal(CYASSL_RSA* rsa)
{
RsaKey* key;
@ -10685,6 +10690,7 @@ static int initGlobalRNG = 0;
return CyaSSL_BN_num_bytes(rsa->n);
}
#endif /* NO_RSA */
#ifndef NO_DSA
@ -10726,6 +10732,7 @@ static int initGlobalRNG = 0;
#endif /* NO_DSA */
#ifndef NO_RSA
/* return SSL_SUCCES on ok, 0 otherwise */
int CyaSSL_RSA_sign(int type, const unsigned char* m,
unsigned int mLen, unsigned char* sigRet,
@ -10857,6 +10864,7 @@ static int initGlobalRNG = 0;
else
return SSL_FATAL_ERROR;
}
#endif /* NO_RSA */
void CyaSSL_HMAC_Init(CYASSL_HMAC_CTX* ctx, const void* key, int keylen,
@ -11217,7 +11225,7 @@ static int initGlobalRNG = 0;
#ifndef NO_RSA
/* Load RSA from Der, SSL_SUCCESS on success < 0 on error */
int CyaSSL_RSA_LoadDer(CYASSL_RSA* rsa, const unsigned char* der, int derSz)
{
@ -11246,6 +11254,7 @@ int CyaSSL_RSA_LoadDer(CYASSL_RSA* rsa, const unsigned char* der, int derSz)
return SSL_SUCCESS;
}
#endif /* NO_RSA */
#ifndef NO_DSA