Merge branch 'master' of github.com:cyassl/cyassl

This commit is contained in:
John Safranek 2012-06-05 10:38:46 -07:00
commit 59e4c346f0
5 changed files with 50 additions and 13 deletions

View File

@ -63,6 +63,16 @@ enum {
#endif
#ifndef min
static INLINE word32 min(word32 a, word32 b)
{
return a > b ? b : a;
}
#endif /* min */
#ifdef THREADX
/* uses parital <time.h> structures */
#define XTIME(tl) (0)
@ -2710,7 +2720,7 @@ static int SetMyVersion(word32 version, byte* output, int header)
}
output[i++] = ASN_INTEGER;
output[i++] = 0x01;
output[i++] = version;
output[i++] = (byte)version;
return i;
}
@ -3183,8 +3193,6 @@ static const char* GetOneName(CertName* name, int idx)
default:
return 0;
}
return 0;
}
@ -3220,8 +3228,6 @@ static byte GetNameId(int idx)
default:
return 0;
}
return 0;
}
@ -3508,7 +3514,8 @@ static int WriteCertBody(DerCert* der, byte* buffer)
idx += der->publicKeySz;
if (der->extensionsSz) {
/* extensions */
XMEMCPY(buffer + idx, der->extensions, der->extensionsSz);
XMEMCPY(buffer + idx, der->extensions, min(der->extensionsSz,
sizeof(der->extensions)));
idx += der->extensionsSz;
}

View File

@ -54,6 +54,7 @@ int Base64_Decode(const byte* in, word32 inLen, byte* out, word32* outLen)
word32 i = 0;
word32 j = 0;
word32 plainSz = inLen - ((inLen + (PEM_LINE_SZ - 1)) / PEM_LINE_SZ );
const byte maxIdx = (byte)sizeof(base64Decode) + 0x2B - 1;
plainSz = (plainSz * 3 + 3) / 4;
if (plainSz > *outLen) return BAD_FUNC_ARG;
@ -75,6 +76,16 @@ int Base64_Decode(const byte* in, word32 inLen, byte* out, word32* outLen)
if (e4 == PAD)
pad4 = 1;
if (e1 < 0x2B || e2 < 0x2B || e3 < 0x2B || e4 < 0x2B) {
CYASSL_MSG("Bad Base64 Decode data, too small");
return ASN_INPUT_E;
}
if (e1 > maxIdx || e2 > maxIdx || e3 > maxIdx || e4 > maxIdx) {
CYASSL_MSG("Bad Base64 Decode data, too big");
return ASN_INPUT_E;
}
e1 = base64Decode[e1 - 0x2B];
e2 = base64Decode[e2 - 0x2B];
e3 = (e3 == PAD) ? 0 : base64Decode[e3 - 0x2B];

View File

@ -2762,6 +2762,9 @@ int fast_s_mp_sqr (mp_int * a, mp_int * b)
}
}
if (pa > MP_WARRAY)
return MP_RANGE; /* TAO range check */
#ifdef CYASSL_SMALL_STACK
W = (mp_digit*)XMALLOC(sizeof(mp_digit) * MP_WARRAY, 0, DYNAMIC_TYPE_BIGINT);
if (W == NULL)
@ -2878,6 +2881,8 @@ int fast_s_mp_mul_digs (mp_int * a, mp_int * b, mp_int * c, int digs)
/* number of output digits to produce */
pa = MIN(digs, a->used + b->used);
if (pa > MP_WARRAY)
return MP_RANGE; /* TAO range check */
#ifdef CYASSL_SMALL_STACK
W = (mp_digit*)XMALLOC(sizeof(mp_digit) * MP_WARRAY, 0, DYNAMIC_TYPE_BIGINT);
@ -3598,6 +3603,9 @@ int fast_s_mp_mul_high_digs (mp_int * a, mp_int * b, mp_int * c, int digs)
}
}
if (pa > MP_WARRAY)
return MP_RANGE; /* TAO range check */
#ifdef CYASSL_SMALL_STACK
W = (mp_digit*)XMALLOC(sizeof(mp_digit) * MP_WARRAY, 0, DYNAMIC_TYPE_BIGINT);
if (W == NULL)

View File

@ -2822,7 +2822,7 @@ static int BuildMessage(CYASSL* ssl, byte* output, const byte* input, int inSz,
/* write to output */
if (ivSz) {
XMEMCPY(output + idx, iv, ivSz);
XMEMCPY(output + idx, iv, min(ivSz, sizeof(iv)));
idx += ivSz;
}
XMEMCPY(output + idx, input, inSz);
@ -4235,7 +4235,7 @@ int SetCipherList(Suites* s, const char* list)
i += RAN_LEN;
b = input[i++];
if (b) {
XMEMCPY(ssl->arrays.sessionID, input + i, b);
XMEMCPY(ssl->arrays.sessionID, input + i, min(b, ID_LEN));
i += b;
ssl->options.haveSessionId = 1;
}
@ -4506,7 +4506,7 @@ int SetCipherList(Suites* s, const char* list)
encSigSz = EncodeSignature(encodedSig, digest, digestSz, typeH);
if (encSigSz != (word32)ret || XMEMCMP(out, encodedSig,
encSigSz) != 0)
min(encSigSz, MAX_ENCODED_SIG_SZ)) != 0)
return VERIFY_SIGN_ERROR;
}
else {
@ -4673,7 +4673,7 @@ int SetCipherList(Suites* s, const char* list)
/* precede export with 1 byte length */
ret = ecc_export_x963(&myKey, encSecret + 1, &size);
encSecret[0] = size;
encSecret[0] = (byte)size;
encSz = size + 1;
if (ret != 0)
@ -6139,12 +6139,13 @@ int SetCipherList(Suites* s, const char* list)
sigSz = EncodeSignature(encodedSig, digest, digestSz, typeH);
if (outLen == (int)sigSz && XMEMCMP(out, encodedSig,sigSz) == 0)
if (outLen == (int)sigSz && XMEMCMP(out, encodedSig,
min(sigSz, MAX_ENCODED_SIG_SZ)) == 0)
ret = 0; /* verified */
}
else {
if (outLen == sizeof(ssl->certHashes) && XMEMCMP(out,
ssl->certHashes.md5, sizeof(ssl->certHashes)) == 0)
&ssl->certHashes, sizeof(ssl->certHashes)) == 0)
ret = 0; /* verified */
}
}

View File

@ -33,6 +33,16 @@
#ifndef NO_TLS
#ifndef min
static INLINE word32 min(word32 a, word32 b)
{
return a > b ? b : a;
}
#endif /* min */
/* calculate XOR for TLSv1 PRF */
static INLINE void get_xor(byte *digest, word32 digLen, byte* md5, byte* sha)
{
@ -74,7 +84,7 @@ static void p_hash(byte* result, word32 resLen, const byte* secret,
HmacFinal(&hmac, current);
if ( (i == lastTime) && lastLen)
XMEMCPY(&result[idx], current, lastLen);
XMEMCPY(&result[idx], current, min(lastLen, sizeof(current)));
else {
XMEMCPY(&result[idx], current, len);
idx += len;