From ae073cb1f92691f6685ee22f9b2115278da28e9c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mois=C3=A9s=20Guimar=C3=A3es?= Date: Wed, 18 Jun 2014 14:32:20 -0300 Subject: [PATCH 1/2] fix pkcs7 memory leaks and XMALLOC result verification. --- ctaocrypt/src/pkcs7.c | 31 ++++++++++++++++++++++++++----- 1 file changed, 26 insertions(+), 5 deletions(-) diff --git a/ctaocrypt/src/pkcs7.c b/ctaocrypt/src/pkcs7.c index 1b0092797..78d3f089f 100644 --- a/ctaocrypt/src/pkcs7.c +++ b/ctaocrypt/src/pkcs7.c @@ -508,8 +508,12 @@ int PKCS7_EncodeSignedData(PKCS7* pkcs7, byte* output, word32 outputSz) esd.outerSeqSz = SetSequence(totalSz, esd.outerSeq); totalSz += esd.outerSeqSz; - if (outputSz < totalSz) + if (outputSz < totalSz) { + if (flatSignedAttribs) + XFREE(flatSignedAttribs, 0, NULL); + return BUFFER_E; + } idx = 0; XMEMCPY(output + idx, esd.outerSeq, esd.outerSeqSz); @@ -845,12 +849,16 @@ CYASSL_LOCAL int CreateRecipientInfo(const byte* cert, word32 certSz, issuerSerialSeq); /* KeyEncryptionAlgorithmIdentifier, only support RSA now */ - if (keyEncAlgo != RSAk) + if (keyEncAlgo != RSAk) { + FreeDecodedCert(&decoded); return ALGO_ID_E; + } keyEncAlgSz = SetAlgoID(keyEncAlgo, keyAlgArray, keyType, 0); - if (keyEncAlgSz == 0) + if (keyEncAlgSz == 0) { + FreeDecodedCert(&decoded); return BAD_FUNC_ARG; + } /* EncryptedKey */ ret = InitRsaKey(&pubKey, 0); @@ -858,6 +866,7 @@ CYASSL_LOCAL int CreateRecipientInfo(const byte* cert, word32 certSz, if (RsaPublicKeyDecode(decoded.publicKey, &idx, &pubKey, decoded.pubKeySize) < 0) { CYASSL_MSG("ASN RSA key decode error"); + FreeDecodedCert(&decoded); return PUBLIC_KEY_E; } @@ -866,6 +875,7 @@ CYASSL_LOCAL int CreateRecipientInfo(const byte* cert, word32 certSz, FreeRsaKey(&pubKey); if (*keyEncSz < 0) { CYASSL_MSG("RSA Public Encrypt failed"); + FreeDecodedCert(&decoded); return *keyEncSz; } @@ -879,6 +889,7 @@ CYASSL_LOCAL int CreateRecipientInfo(const byte* cert, word32 certSz, if (recipSeqSz + verSz + issuerSerialSeqSz + issuerSeqSz + snSz + keyEncAlgSz + encKeyOctetStrSz + *keyEncSz > (int)outSz) { CYASSL_MSG("RecipientInfo output buffer too small"); + FreeDecodedCert(&decoded); return BUFFER_E; } @@ -1037,8 +1048,13 @@ int PKCS7_EncodeEnvelopedData(PKCS7* pkcs7, byte* output, word32 outputSz) * adding (ivOctetStringSz + DES_BLOCK_SIZE) for IV OCTET STRING */ contentEncAlgoSz = SetAlgoID(pkcs7->encryptOID, contentEncAlgo, blkType, ivOctetStringSz + DES_BLOCK_SIZE); - if (contentEncAlgoSz == 0) + + if (contentEncAlgoSz == 0) { + XFREE(encryptedContent, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (dynamicFlag) + XFREE(plain, NULL, DYNAMIC_TYPE_TMP_BUFFER); return BAD_FUNC_ARG; + } /* encrypt content */ if (pkcs7->encryptOID == DESb) { @@ -1324,6 +1340,8 @@ CYASSL_API int PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg, encryptedContent = XMALLOC(encryptedContentSz, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (encryptedContent == NULL) + return MEMORY_E; XMEMCPY(encryptedContent, &pkiMsg[idx], encryptedContentSz); @@ -1331,8 +1349,10 @@ CYASSL_API int PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg, keySz = RsaPrivateDecryptInline(encryptedKey, encryptedKeySz, &decryptedKey, &privKey); FreeRsaKey(&privKey); - if (keySz <= 0) + if (keySz <= 0) { + XFREE(encryptedContent, NULL, DYNAMIC_TYPE_TMP_BUFFER); return keySz; + } /* decrypt encryptedContent */ if (encOID == DESb) { @@ -1361,6 +1381,7 @@ CYASSL_API int PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg, } } else { CYASSL_MSG("Unsupported content encryption OID type"); + XFREE(encryptedContent, NULL, DYNAMIC_TYPE_TMP_BUFFER); return ALGO_ID_E; } From 9642902c075e8a6507af51363c0725e99d08dbfc Mon Sep 17 00:00:00 2001 From: toddouska Date: Thu, 19 Jun 2014 15:59:24 -0700 Subject: [PATCH 2/2] fix disable rsa w/ opensslextra --- src/internal.c | 3 ++- src/ssl.c | 11 ++++++++++- 2 files changed, 12 insertions(+), 2 deletions(-) diff --git a/src/internal.c b/src/internal.c index 5e8cc182b..f84225940 100644 --- a/src/internal.c +++ b/src/internal.c @@ -9850,7 +9850,7 @@ static void PickHashSigAlgo(CYASSL* ssl, } #endif /* HAVE_ECC */ - #ifdef OPENSSL_EXTRA + #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) if (ssl->specs.kea == diffie_hellman_kea) { byte *output; word32 length = 0, idx = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ; @@ -11447,6 +11447,7 @@ static void PickHashSigAlgo(CYASSL* ssl, (void)out; (void)input; (void)size; + (void)begin; if (ssl->options.side != CYASSL_SERVER_END) { CYASSL_MSG("Client received client keyexchange, attack?"); diff --git a/src/ssl.c b/src/ssl.c index 8c4cd4a7f..494f8c5ac 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -10388,6 +10388,7 @@ static int initGlobalRNG = 0; } #endif /* NO_DSA */ +#ifndef NO_RSA static void InitCyaSSL_Rsa(CYASSL_RSA* rsa) { if (rsa) { @@ -10463,8 +10464,10 @@ static int initGlobalRNG = 0; XFREE(rsa, NULL, DYNAMIC_TYPE_RSA); } } +#endif /* NO_RSA */ +#if !defined(NO_RSA) || !defined(NO_DSA) static int SetIndividualExternal(CYASSL_BIGNUM** bn, mp_int* mpi) { CYASSL_MSG("Entering SetIndividualExternal"); @@ -10489,6 +10492,7 @@ static int initGlobalRNG = 0; return 0; } +#endif /* !NO_RSA && !NO_DSA */ #ifndef NO_DSA @@ -10536,6 +10540,7 @@ static int initGlobalRNG = 0; #endif /* NO_DSA */ +#ifndef NO_RSA static int SetRsaExternal(CYASSL_RSA* rsa) { RsaKey* key; @@ -10685,6 +10690,7 @@ static int initGlobalRNG = 0; return CyaSSL_BN_num_bytes(rsa->n); } +#endif /* NO_RSA */ #ifndef NO_DSA @@ -10726,6 +10732,7 @@ static int initGlobalRNG = 0; #endif /* NO_DSA */ +#ifndef NO_RSA /* return SSL_SUCCES on ok, 0 otherwise */ int CyaSSL_RSA_sign(int type, const unsigned char* m, unsigned int mLen, unsigned char* sigRet, @@ -10857,6 +10864,7 @@ static int initGlobalRNG = 0; else return SSL_FATAL_ERROR; } +#endif /* NO_RSA */ void CyaSSL_HMAC_Init(CYASSL_HMAC_CTX* ctx, const void* key, int keylen, @@ -11217,7 +11225,7 @@ static int initGlobalRNG = 0; - +#ifndef NO_RSA /* Load RSA from Der, SSL_SUCCESS on success < 0 on error */ int CyaSSL_RSA_LoadDer(CYASSL_RSA* rsa, const unsigned char* der, int derSz) { @@ -11246,6 +11254,7 @@ int CyaSSL_RSA_LoadDer(CYASSL_RSA* rsa, const unsigned char* der, int derSz) return SSL_SUCCESS; } +#endif /* NO_RSA */ #ifndef NO_DSA