From ffd1a0d404ae74aaffe200ca45d84518538539f1 Mon Sep 17 00:00:00 2001 From: jsing Date: Tue, 2 Mar 2021 17:18:59 +0000 Subject: [PATCH] Move key/IV length checks closer to usage sites. Also add explicit checks against EVP_CIPHER_iv_length() and EVP_CIPHER_key_length(). Requested by tb@ during review. ok tb@ --- lib/libssl/tls12_record_layer.c | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/lib/libssl/tls12_record_layer.c b/lib/libssl/tls12_record_layer.c index d69370d0250..a7bd4ce35b3 100644 --- a/lib/libssl/tls12_record_layer.c +++ b/lib/libssl/tls12_record_layer.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls12_record_layer.c,v 1.20 2021/03/02 17:16:44 jsing Exp $ */ +/* $OpenBSD: tls12_record_layer.c,v 1.21 2021/03/02 17:18:59 jsing Exp $ */ /* * Copyright (c) 2020 Joel Sing * @@ -425,11 +425,18 @@ tls12_record_layer_ccs_cipher(struct tls12_record_layer *rl, int ret = 0; if (!tls12_record_protection_unused(rp)) - return 0; + goto err; mac_type = EVP_PKEY_HMAC; rp->stream_mac = 0; + if (iv_len > INT_MAX || key_len > INT_MAX) + goto err; + if (EVP_CIPHER_iv_length(rl->cipher) != iv_len) + goto err; + if (EVP_CIPHER_key_length(rl->cipher) != key_len) + goto err; + /* Special handling for GOST... */ if (EVP_MD_type(rl->mac_hash) == NID_id_Gost28147_89_MAC) { if (mac_key_len != 32) @@ -437,6 +444,8 @@ tls12_record_layer_ccs_cipher(struct tls12_record_layer *rl, mac_type = EVP_PKEY_GOSTIMIT; rp->stream_mac = 1; } else { + if (mac_key_len > INT_MAX) + goto err; if (EVP_MD_size(rl->mac_hash) != mac_key_len) goto err; } @@ -492,9 +501,6 @@ tls12_record_layer_change_cipher_state(struct tls12_record_layer *rl, size_t mac_key_len, const uint8_t *key, size_t key_len, const uint8_t *iv, size_t iv_len) { - if (mac_key_len > INT_MAX || key_len > INT_MAX || iv_len > INT_MAX) - return 0; - if (rl->aead != NULL) return tls12_record_layer_ccs_aead(rl, rp, is_write, mac_key, mac_key_len, key, key_len, iv, iv_len); -- 2.20.1