diff --git a/ctaocrypt/src/asn.c b/ctaocrypt/src/asn.c index 8a3175d9a..c331a2239 100644 --- a/ctaocrypt/src/asn.c +++ b/ctaocrypt/src/asn.c @@ -2696,8 +2696,19 @@ static int ConfirmSignature(const byte* buf, word32 bufSz, CYASSL_MSG("InitSha256 failed"); return 0; /* not confirmed */ } - Sha256Update(&sha256, buf, bufSz); - Sha256Final(&sha256, digest); + + ret = Sha256Update(&sha256, buf, bufSz); + if (ret != 0) { + CYASSL_MSG("Sha256Update failed"); + return 0; /* not confirmed */ + } + + ret = Sha256Final(&sha256, digest); + if (ret != 0) { + CYASSL_MSG("Sha256Final failed"); + return 0; /* not confirmed */ + } + typeH = SHA256h; digestSz = SHA256_DIGEST_SIZE; } @@ -2713,8 +2724,19 @@ static int ConfirmSignature(const byte* buf, word32 bufSz, CYASSL_MSG("InitSha512 failed"); return 0; /* not confirmed */ } - Sha512Update(&sha512, buf, bufSz); - Sha512Final(&sha512, digest); + + ret = Sha512Update(&sha512, buf, bufSz); + if (ret != 0) { + CYASSL_MSG("Sha512Update failed"); + return 0; /* not confirmed */ + } + + ret = Sha512Final(&sha512, digest); + if (ret != 0) { + CYASSL_MSG("Sha512Final failed"); + return 0; /* not confirmed */ + } + typeH = SHA512h; digestSz = SHA512_DIGEST_SIZE; } @@ -2730,8 +2752,19 @@ static int ConfirmSignature(const byte* buf, word32 bufSz, CYASSL_MSG("InitSha384 failed"); return 0; /* not confirmed */ } - Sha384Update(&sha384, buf, bufSz); - Sha384Final(&sha384, digest); + + ret = Sha384Update(&sha384, buf, bufSz); + if (ret != 0) { + CYASSL_MSG("Sha384Update failed"); + return 0; /* not confirmed */ + } + + ret = Sha384Final(&sha384, digest); + if (ret != 0) { + CYASSL_MSG("Sha384Final failed"); + return 0; /* not confirmed */ + } + typeH = SHA384h; digestSz = SHA384_DIGEST_SIZE; } @@ -4763,30 +4796,43 @@ static int MakeSignature(const byte* buffer, int sz, byte* sig, int sigSz, (void)eccKey; if (sigAlgoType == CTC_MD5wRSA) { - Md5 md5; + Md5 md5; + InitMd5(&md5); Md5Update(&md5, buffer, sz); Md5Final(&md5, digest); + digestSz = MD5_DIGEST_SIZE; typeH = MD5h; } else if (sigAlgoType == CTC_SHAwRSA || sigAlgoType == CTC_SHAwECDSA) { - Sha sha; + Sha sha; + ret = InitSha(&sha); if (ret != 0) return ret; + ShaUpdate(&sha, buffer, sz); ShaFinal(&sha, digest); + digestSz = SHA_DIGEST_SIZE; typeH = SHAh; } else if (sigAlgoType == CTC_SHA256wRSA || sigAlgoType == CTC_SHA256wECDSA) { - Sha256 sha256; + Sha256 sha256; + ret = InitSha256(&sha256); if (ret != 0) return ret; - Sha256Update(&sha256, buffer, sz); - Sha256Final(&sha256, digest); + + ret = Sha256Update(&sha256, buffer, sz); + if (ret != 0) + return ret; + + ret = Sha256Final(&sha256, digest); + if (ret != 0) + return ret; + digestSz = SHA256_DIGEST_SIZE; typeH = SHA256h; } diff --git a/ctaocrypt/src/pwdbased.c b/ctaocrypt/src/pwdbased.c index 31e35fdc8..54359bec5 100644 --- a/ctaocrypt/src/pwdbased.c +++ b/ctaocrypt/src/pwdbased.c @@ -291,12 +291,23 @@ int PKCS12_PBKDF(byte* output, const byte* passwd, int passLen,const byte* salt, ret = InitSha256(&sha256); if (ret != 0) break; - Sha256Update(&sha256, buffer, totalLen); - Sha256Final(&sha256, Ai); + + ret = Sha256Update(&sha256, buffer, totalLen); + if (ret != 0) + break; + + ret = Sha256Final(&sha256, Ai); + if (ret != 0) + break; for (i = 1; i < iterations; i++) { - Sha256Update(&sha256, Ai, u); - Sha256Final(&sha256, Ai); + ret = Sha256Update(&sha256, Ai, u); + if (ret != 0) + break; + + ret = Sha256Final(&sha256, Ai); + if (ret != 0) + break; } } #endif @@ -307,12 +318,23 @@ int PKCS12_PBKDF(byte* output, const byte* passwd, int passLen,const byte* salt, ret = InitSha512(&sha512); if (ret != 0) break; - Sha512Update(&sha512, buffer, totalLen); - Sha512Final(&sha512, Ai); + + ret = Sha512Update(&sha512, buffer, totalLen); + if (ret != 0) + break; + + ret = Sha512Final(&sha512, Ai); + if (ret != 0) + break; for (i = 1; i < iterations; i++) { - Sha512Update(&sha512, Ai, u); - Sha512Final(&sha512, Ai); + ret = Sha512Update(&sha512, Ai, u); + if (ret != 0) + break; + + ret = Sha512Final(&sha512, Ai); + if (ret != 0) + break; } } #endif diff --git a/ctaocrypt/test/test.c b/ctaocrypt/test/test.c index add0ab93b..a1f234cdc 100644 --- a/ctaocrypt/test/test.c +++ b/ctaocrypt/test/test.c @@ -3679,8 +3679,10 @@ int pbkdf2_test(void) }; - PBKDF2(derived, (byte*)passwd, (int)strlen(passwd), salt, 8, iterations, - kLen, SHA); + int ret = PBKDF2(derived, (byte*)passwd, (int)strlen(passwd), salt, 8, + iterations, kLen, SHA); + if (ret != 0) + return ret; if (memcmp(derived, verify, sizeof(verify)) != 0) return -102; diff --git a/src/internal.c b/src/internal.c index 1f5590498..4aeb7a3ac 100644 --- a/src/internal.c +++ b/src/internal.c @@ -113,7 +113,7 @@ static int SSL_hmac(CYASSL* ssl, byte* digest, const byte* in, word32 sz, #endif #ifndef NO_CERTS -static void BuildCertHashes(CYASSL* ssl, Hashes* hashes); +static int BuildCertHashes(CYASSL* ssl, Hashes* hashes); #endif static void PickHashSigAlgo(CYASSL* ssl, @@ -2384,7 +2384,7 @@ ProtocolVersion MakeDTLSv1_2(void) /* add output to md5 and sha handshake hashes, exclude record header */ -static void HashOutput(CYASSL* ssl, const byte* output, int sz, int ivSz) +static int HashOutput(CYASSL* ssl, const byte* output, int sz, int ivSz) { const byte* adj = output + RECORD_HEADER_SZ + ivSz; sz -= RECORD_HEADER_SZ; @@ -2405,18 +2405,26 @@ static void HashOutput(CYASSL* ssl, const byte* output, int sz, int ivSz) #endif if (IsAtLeastTLSv1_2(ssl)) { + int ret; + #ifndef NO_SHA256 - Sha256Update(&ssl->hashSha256, adj, sz); + ret = Sha256Update(&ssl->hashSha256, adj, sz); + if (ret != 0) + return ret; #endif #ifdef CYASSL_SHA384 - Sha384Update(&ssl->hashSha384, adj, sz); + ret = Sha384Update(&ssl->hashSha384, adj, sz); + if (ret != 0) + return ret; #endif } + + return 0; } /* add input to md5 and sha handshake hashes, include handshake header */ -static void HashInput(CYASSL* ssl, const byte* input, int sz) +static int HashInput(CYASSL* ssl, const byte* input, int sz) { const byte* adj = input - HANDSHAKE_HEADER_SZ; sz += HANDSHAKE_HEADER_SZ; @@ -2438,13 +2446,21 @@ static void HashInput(CYASSL* ssl, const byte* input, int sz) #endif if (IsAtLeastTLSv1_2(ssl)) { + int ret; + #ifndef NO_SHA256 - Sha256Update(&ssl->hashSha256, adj, sz); + ret = Sha256Update(&ssl->hashSha256, adj, sz); + if (ret != 0) + return ret; #endif #ifdef CYASSL_SHA384 - Sha384Update(&ssl->hashSha384, adj, sz); + ret = Sha384Update(&ssl->hashSha384, adj, sz); + if (ret != 0) + return ret; #endif } + + return 0; } @@ -3826,7 +3842,9 @@ static int DoHandShakeMsgType(CYASSL* ssl, byte* input, word32* inOutIdx, if (*inOutIdx + size > totalSz) return INCOMPLETE_DATA; - HashInput(ssl, input + *inOutIdx, size); + ret = HashInput(ssl, input + *inOutIdx, size); + if (ret != 0) + return ret; #ifdef CYASSL_CALLBACKS /* add name later, add on record and handshake header part back on */ @@ -4510,8 +4528,11 @@ static INLINE void Sha256Rounds(int rounds, const byte* data, int sz) InitSha256(&sha256); /* no error check on purpose, dummy round */ - for (i = 0; i < rounds; i++) + for (i = 0; i < rounds; i++) { Sha256Update(&sha256, data, sz); + /* no error check on purpose, dummy round */ + } + } #endif @@ -4526,8 +4547,10 @@ static INLINE void Sha384Rounds(int rounds, const byte* data, int sz) InitSha384(&sha384); /* no error check on purpose, dummy round */ - for (i = 0; i < rounds; i++) + for (i = 0; i < rounds; i++) { Sha384Update(&sha384, data, sz); + /* no error check on purpose, dummy round */ + } } #endif @@ -4542,8 +4565,10 @@ static INLINE void Sha512Rounds(int rounds, const byte* data, int sz) InitSha512(&sha512); /* no error check on purpose, dummy round */ - for (i = 0; i < rounds; i++) + for (i = 0; i < rounds; i++) { Sha512Update(&sha512, data, sz); + /* no error check on purpose, dummy round */ + } } #endif @@ -5491,7 +5516,7 @@ static void BuildSHA_CertVerify(CYASSL* ssl, byte* digest) #ifndef NO_CERTS -static void BuildCertHashes(CYASSL* ssl, Hashes* hashes) +static int BuildCertHashes(CYASSL* ssl, Hashes* hashes) { /* store current states, building requires get_digest which resets state */ #ifndef NO_OLD_TLS @@ -5511,11 +5536,17 @@ static void BuildCertHashes(CYASSL* ssl, Hashes* hashes) ShaFinal(&ssl->hashSha, hashes->sha); #endif if (IsAtLeastTLSv1_2(ssl)) { + int ret; + #ifndef NO_SHA256 - Sha256Final(&ssl->hashSha256, hashes->sha256); + ret = Sha256Final(&ssl->hashSha256, hashes->sha256); + if (ret != 0) + return ret; #endif #ifdef CYASSL_SHA384 - Sha384Final(&ssl->hashSha384, hashes->sha384); + ret = Sha384Final(&ssl->hashSha384, hashes->sha384); + if (ret != 0) + return ret; #endif } } @@ -5537,6 +5568,8 @@ static void BuildCertHashes(CYASSL* ssl, Hashes* hashes) ssl->hashSha384 = sha384; #endif } + + return 0; } #endif /* CYASSL_LEANPSK */ @@ -5606,7 +5639,9 @@ static int BuildMessage(CYASSL* ssl, byte* output, const byte* input, int inSz, idx += inSz; if (type == handshake) { - HashOutput(ssl, output, headerSz + inSz, ivSz); + ret = HashOutput(ssl, output, headerSz + inSz, ivSz); + if (ret != 0) + return ret; } if (ssl->specs.cipher_type == block) { @@ -5832,7 +5867,11 @@ int SendCertificate(CYASSL* ssl) return ret; } #endif - HashOutput(ssl, output, sendSz, 0); + + ret = HashOutput(ssl, output, sendSz, 0); + if (ret != 0) + return ret; + #ifdef CYASSL_CALLBACKS if (ssl->hsInfoOn) AddPacketName("Certificate", &ssl->handShakeInfo); if (ssl->toInfoOn) @@ -5908,7 +5947,10 @@ int SendCertificateRequest(CYASSL* ssl) return ret; } #endif - HashOutput(ssl, output, sendSz, 0); + + ret = HashOutput(ssl, output, sendSz, 0); + if (ret != 0) + return ret; #ifdef CYASSL_CALLBACKS if (ssl->hsInfoOn) @@ -7576,7 +7618,10 @@ static void PickHashSigAlgo(CYASSL* ssl, return ret; } #endif - HashOutput(ssl, output, sendSz, 0); + + ret = HashOutput(ssl, output, sendSz, 0); + if (ret != 0) + return ret; ssl->options.clientState = CLIENT_HELLO_COMPLETE; @@ -8090,20 +8135,36 @@ static void PickHashSigAlgo(CYASSL* ssl, ret = InitSha256(&sha256); if (ret != 0) return ret; - Sha256Update(&sha256, ssl->arrays->clientRandom, RAN_LEN); - Sha256Update(&sha256, ssl->arrays->serverRandom, RAN_LEN); - Sha256Update(&sha256, messageVerify, verifySz); - Sha256Final(&sha256, hash256); + ret = Sha256Update(&sha256, ssl->arrays->clientRandom, RAN_LEN); + if (ret != 0) + return ret; + ret = Sha256Update(&sha256, ssl->arrays->serverRandom, RAN_LEN); + if (ret != 0) + return ret; + ret = Sha256Update(&sha256, messageVerify, verifySz); + if (ret != 0) + return ret; + ret = Sha256Final(&sha256, hash256); + if (ret != 0) + return ret; #endif #ifdef CYASSL_SHA384 ret = InitSha384(&sha384); if (ret != 0) return ret; - Sha384Update(&sha384, ssl->arrays->clientRandom, RAN_LEN); - Sha384Update(&sha384, ssl->arrays->serverRandom, RAN_LEN); - Sha384Update(&sha384, messageVerify, verifySz); - Sha384Final(&sha384, hash384); + ret = Sha384Update(&sha384, ssl->arrays->clientRandom, RAN_LEN); + if (ret != 0) + return ret; + ret = Sha384Update(&sha384, ssl->arrays->serverRandom, RAN_LEN); + if (ret != 0) + return ret; + ret = Sha384Update(&sha384, messageVerify, verifySz); + if (ret != 0) + return ret; + ret = Sha384Final(&sha384, hash384); + if (ret != 0) + return ret; #endif #ifndef NO_RSA @@ -8502,7 +8563,10 @@ static void PickHashSigAlgo(CYASSL* ssl, return ret; } #endif - HashOutput(ssl, output, sendSz, 0); + + ret = HashOutput(ssl, output, sendSz, 0); + if (ret != 0) + return ret; #ifdef CYASSL_CALLBACKS if (ssl->hsInfoOn) @@ -8562,7 +8626,9 @@ static void PickHashSigAlgo(CYASSL* ssl, output = ssl->buffers.outputBuffer.buffer + ssl->buffers.outputBuffer.length; - BuildCertHashes(ssl, &ssl->certHashes); + ret = BuildCertHashes(ssl, &ssl->certHashes); + if (ret != 0) + return ret; #ifdef HAVE_ECC ecc_init(&eccKey); @@ -8769,7 +8835,8 @@ static void PickHashSigAlgo(CYASSL* ssl, return ret; } #endif - HashOutput(ssl, output, sendSz, 0); + + ret = HashOutput(ssl, output, sendSz, 0); } } #ifndef NO_RSA @@ -8888,7 +8955,10 @@ static void PickHashSigAlgo(CYASSL* ssl, return ret; } #endif - HashOutput(ssl, output, sendSz, 0); + + ret = HashOutput(ssl, output, sendSz, 0); + if (ret != 0) + return ret; #ifdef CYASSL_CALLBACKS if (ssl->hsInfoOn) @@ -8972,7 +9042,9 @@ static void PickHashSigAlgo(CYASSL* ssl, idx += HINT_LEN_SZ; XMEMCPY(output + idx, ssl->arrays->server_hint,length -HINT_LEN_SZ); - HashOutput(ssl, output, sendSz, 0); + ret = HashOutput(ssl, output, sendSz, 0); + if (ret != 0) + return ret; #ifdef CYASSL_CALLBACKS if (ssl->hsInfoOn) @@ -9147,20 +9219,36 @@ static void PickHashSigAlgo(CYASSL* ssl, ret = InitSha256(&sha256); if (ret != 0) return ret; - Sha256Update(&sha256, ssl->arrays->clientRandom, RAN_LEN); - Sha256Update(&sha256, ssl->arrays->serverRandom, RAN_LEN); - Sha256Update(&sha256, output + preSigIdx, preSigSz); - Sha256Final(&sha256, hash256); + ret = Sha256Update(&sha256, ssl->arrays->clientRandom, RAN_LEN); + if (ret != 0) + return ret; + ret = Sha256Update(&sha256, ssl->arrays->serverRandom, RAN_LEN); + if (ret != 0) + return ret; + ret = Sha256Update(&sha256, output + preSigIdx, preSigSz); + if (ret != 0) + return ret; + ret = Sha256Final(&sha256, hash256); + if (ret != 0) + return ret; #endif #ifdef CYASSL_SHA384 ret = InitSha384(&sha384); if (ret != 0) return ret; - Sha384Update(&sha384, ssl->arrays->clientRandom, RAN_LEN); - Sha384Update(&sha384, ssl->arrays->serverRandom, RAN_LEN); - Sha384Update(&sha384, output + preSigIdx, preSigSz); - Sha384Final(&sha384, hash384); + ret = Sha384Update(&sha384, ssl->arrays->clientRandom, RAN_LEN); + if (ret != 0) + return ret; + ret = Sha384Update(&sha384, ssl->arrays->serverRandom, RAN_LEN); + if (ret != 0) + return ret; + ret = Sha384Update(&sha384, output + preSigIdx, preSigSz); + if (ret != 0) + return ret; + ret = Sha384Final(&sha384, hash384); + if (ret != 0) + return ret; #endif #ifndef NO_RSA if (ssl->suites->sigAlgo == rsa_sa_algo) { @@ -9295,7 +9383,10 @@ static void PickHashSigAlgo(CYASSL* ssl, } AddHeaders(output, length, server_key_exchange, ssl); - HashOutput(ssl, output, sendSz, 0); + + ret = HashOutput(ssl, output, sendSz, 0); + if (ret != 0) + return ret; #ifdef CYASSL_CALLBACKS if (ssl->hsInfoOn) @@ -9480,20 +9571,36 @@ static void PickHashSigAlgo(CYASSL* ssl, ret = InitSha256(&sha256); if (ret != 0) return ret; - Sha256Update(&sha256, ssl->arrays->clientRandom, RAN_LEN); - Sha256Update(&sha256, ssl->arrays->serverRandom, RAN_LEN); - Sha256Update(&sha256, output + preSigIdx, preSigSz); - Sha256Final(&sha256, hash256); + ret = Sha256Update(&sha256, ssl->arrays->clientRandom, RAN_LEN); + if (ret != 0) + return ret; + ret = Sha256Update(&sha256, ssl->arrays->serverRandom, RAN_LEN); + if (ret != 0) + return ret; + ret = Sha256Update(&sha256, output + preSigIdx, preSigSz); + if (ret != 0) + return ret; + ret = Sha256Final(&sha256, hash256); + if (ret != 0) + return ret; #endif #ifdef CYASSL_SHA384 ret = InitSha384(&sha384); if (ret != 0) return ret; - Sha384Update(&sha384, ssl->arrays->clientRandom, RAN_LEN); - Sha384Update(&sha384, ssl->arrays->serverRandom, RAN_LEN); - Sha384Update(&sha384, output + preSigIdx, preSigSz); - Sha384Final(&sha384, hash384); + ret = Sha384Update(&sha384, ssl->arrays->clientRandom, RAN_LEN); + if (ret != 0) + return ret; + ret = Sha384Update(&sha384, ssl->arrays->serverRandom, RAN_LEN); + if (ret != 0) + return ret; + ret = Sha384Update(&sha384, output + preSigIdx, preSigSz); + if (ret != 0) + return ret; + ret = Sha384Final(&sha384, hash384); + if (ret != 0) + return ret; #endif #ifndef NO_RSA if (ssl->suites->sigAlgo == rsa_sa_algo) { @@ -9559,7 +9666,10 @@ static void PickHashSigAlgo(CYASSL* ssl, return ret; } #endif - HashOutput(ssl, output, sendSz, 0); + + ret = HashOutput(ssl, output, sendSz, 0); + if (ret != 0) + return ret; #ifdef CYASSL_CALLBACKS if (ssl->hsInfoOn) @@ -10169,8 +10279,12 @@ static void PickHashSigAlgo(CYASSL* ssl, #endif #endif #ifndef NO_SHA256 - if (IsAtLeastTLSv1_2(ssl)) - Sha256Update(&ssl->hashSha256, input + idx, sz); + if (IsAtLeastTLSv1_2(ssl)) { + int shaRet = Sha256Update(&ssl->hashSha256, input + idx, sz); + + if (shaRet != 0) + return shaRet; + } #endif /* does this value mean client_hello? */ @@ -10772,7 +10886,11 @@ static void PickHashSigAlgo(CYASSL* ssl, return 0; } #endif - HashOutput(ssl, output, sendSz, 0); + + ret = HashOutput(ssl, output, sendSz, 0); + if (ret != 0) + return ret; + #ifdef CYASSL_CALLBACKS if (ssl->hsInfoOn) AddPacketName("ServerHelloDone", &ssl->handShakeInfo); @@ -10819,7 +10937,10 @@ static void PickHashSigAlgo(CYASSL* ssl, ssl->IOCB_CookieCtx)) < 0) return ret; - HashOutput(ssl, output, sendSz, 0); + ret = HashOutput(ssl, output, sendSz, 0); + if (ret != 0) + return ret; + #ifdef CYASSL_CALLBACKS if (ssl->hsInfoOn) AddPacketName("HelloVerifyRequest", &ssl->handShakeInfo); @@ -11144,7 +11265,7 @@ static void PickHashSigAlgo(CYASSL* ssl, ssl->options.clientState = CLIENT_KEYEXCHANGE_COMPLETE; #ifndef NO_CERTS if (ssl->options.verifyPeer) - BuildCertHashes(ssl, &ssl->certHashes); + ret = BuildCertHashes(ssl, &ssl->certHashes); #endif } diff --git a/src/ssl.c b/src/ssl.c index 26b846438..370f7cb05 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -4985,8 +4985,18 @@ static INLINE word32 HashSession(const byte* sessionID, word32 len, int* error) *error = ret; return 0; } - Sha256Update(&sha256, sessionID, len); - Sha256Final(&sha256, digest); + + ret = Sha256Update(&sha256, sessionID, len); + if (ret != 0) { + *error = ret; + return 0; + } + + ret = Sha256Final(&sha256, digest); + if (ret != 0) { + *error = ret; + return 0; + } return MakeWordFromHash(digest); } @@ -6570,6 +6580,7 @@ int CyaSSL_set_compression(CYASSL* ssl) { CYASSL_ENTER("SHA256_Update"); Sha256Update((Sha256*)sha, (const byte*)input, (word32)sz); + /* OpenSSL compat, no error */ } @@ -6577,6 +6588,7 @@ int CyaSSL_set_compression(CYASSL* ssl) { CYASSL_ENTER("SHA256_Final"); Sha256Final((Sha256*)sha, input); + /* OpenSSL compat, no error */ } @@ -6597,6 +6609,7 @@ int CyaSSL_set_compression(CYASSL* ssl) { CYASSL_ENTER("SHA384_Update"); Sha384Update((Sha384*)sha, (const byte*)input, (word32)sz); + /* OpenSSL compat, no error */ } @@ -6604,6 +6617,7 @@ int CyaSSL_set_compression(CYASSL* ssl) { CYASSL_ENTER("SHA384_Final"); Sha384Final((Sha384*)sha, input); + /* OpenSSL compat, no error */ } #endif /* CYASSL_SHA384 */ @@ -6626,6 +6640,7 @@ int CyaSSL_set_compression(CYASSL* ssl) { CYASSL_ENTER("SHA512_Update"); Sha512Update((Sha512*)sha, (const byte*)input, (word32)sz); + /* OpenSSL compat, no error */ } @@ -6633,6 +6648,7 @@ int CyaSSL_set_compression(CYASSL* ssl) { CYASSL_ENTER("SHA512_Final"); Sha512Final((Sha512*)sha, input); + /* OpenSSL compat, no error */ } #endif /* CYASSL_SHA512 */ diff --git a/src/tls.c b/src/tls.c index 9f5119769..c03d8f45d 100644 --- a/src/tls.c +++ b/src/tls.c @@ -111,21 +111,35 @@ static int p_hash(byte* result, word32 resLen, const byte* secret, ret = HmacSetKey(&hmac, hash, secret, secLen); if (ret != 0) return ret; - HmacUpdate(&hmac, seed, seedLen); /* A0 = seed */ - HmacFinal(&hmac, previous); /* A1 */ + ret = HmacUpdate(&hmac, seed, seedLen); /* A0 = seed */ + if (ret != 0) + return ret; + ret = HmacFinal(&hmac, previous); /* A1 */ + if (ret != 0) + return ret; for (i = 0; i < times; i++) { - HmacUpdate(&hmac, previous, len); - HmacUpdate(&hmac, seed, seedLen); - HmacFinal(&hmac, current); + ret = HmacUpdate(&hmac, previous, len); + if (ret != 0) + return ret; + ret = HmacUpdate(&hmac, seed, seedLen); + if (ret != 0) + return ret; + ret = HmacFinal(&hmac, current); + if (ret != 0) + return ret; if ( (i == lastTime) && lastLen) XMEMCPY(&result[idx], current, min(lastLen, sizeof(current))); else { XMEMCPY(&result[idx], current, len); idx += len; - HmacUpdate(&hmac, previous, len); - HmacFinal(&hmac, previous); + ret = HmacUpdate(&hmac, previous, len); + if (ret != 0) + return ret; + ret = HmacFinal(&hmac, previous); + if (ret != 0) + return ret; } } XMEMSET(previous, 0, sizeof previous); @@ -251,13 +265,21 @@ int BuildTlsFinished(CYASSL* ssl, Hashes* hashes, const byte* sender) if (IsAtLeastTLSv1_2(ssl)) { #ifndef NO_SHA256 if (ssl->specs.mac_algorithm <= sha256_mac) { - Sha256Final(&ssl->hashSha256, handshake_hash); + int ret = Sha256Final(&ssl->hashSha256, handshake_hash); + + if (ret != 0) + return ret; + hashSz = SHA256_DIGEST_SIZE; } #endif #ifdef CYASSL_SHA384 if (ssl->specs.mac_algorithm == sha384_mac) { - Sha384Final(&ssl->hashSha384, handshake_hash); + int ret = Sha384Final(&ssl->hashSha384, handshake_hash); + + if (ret != 0) + return ret; + hashSz = SHA384_DIGEST_SIZE; } #endif @@ -535,9 +557,15 @@ int TLS_hmac(CYASSL* ssl, byte* digest, const byte* in, word32 sz, CyaSSL_GetMacSecret(ssl, verify), ssl->specs.hash_size); if (ret != 0) return ret; - HmacUpdate(&hmac, myInner, sizeof(myInner)); - HmacUpdate(&hmac, in, sz); /* content */ - HmacFinal(&hmac, digest); + ret = HmacUpdate(&hmac, myInner, sizeof(myInner)); + if (ret != 0) + return ret; + ret = HmacUpdate(&hmac, in, sz); /* content */ + if (ret != 0) + return ret; + ret = HmacFinal(&hmac, digest); + if (ret != 0) + return ret; return 0; }