From 2a368abd20a68cf3715e65a07be86bda51ea2e4a Mon Sep 17 00:00:00 2001 From: Jacob Barthelmeh Date: Wed, 28 Feb 2018 11:26:01 -0700 Subject: [PATCH 01/10] fix build for haproxy --- src/ssl.c | 2 +- wolfssl/openssl/ssl.h | 4 +++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/src/ssl.c b/src/ssl.c index 2124c8e4e..b255f03be 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -31988,7 +31988,7 @@ void wolfSSL_OPENSSL_config(char *config_name) #endif #endif -#ifdef WOLFSSL_NGINX +#if defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) int wolfSSL_X509_get_ex_new_index(int idx, void *arg, void *a, void *b, void *c) { static int x509_idx = 0; diff --git a/wolfssl/openssl/ssl.h b/wolfssl/openssl/ssl.h index 229550ef0..e30b203b6 100644 --- a/wolfssl/openssl/ssl.h +++ b/wolfssl/openssl/ssl.h @@ -823,7 +823,9 @@ typedef WOLFSSL_ASN1_BIT_STRING ASN1_BIT_STRING; #define ERR_LIB_PEM 9 #define ERR_LIB_X509 10 -#ifdef WOLFSSL_NGINX +#if defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || \ + defined(WOLFSSL_MYSQL_COMPATIBLE) + #include #define OPENSSL_STRING WOLFSSL_STRING From db18e499206ff693ceb3a5fbedbabbc399aee9ed Mon Sep 17 00:00:00 2001 From: Jacob Barthelmeh Date: Wed, 28 Feb 2018 13:20:16 -0700 Subject: [PATCH 02/10] gcc-7 warning about misleading indentation --- wolfcrypt/src/ecc.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/wolfcrypt/src/ecc.c b/wolfcrypt/src/ecc.c index 1a879b055..2e3b49173 100644 --- a/wolfcrypt/src/ecc.c +++ b/wolfcrypt/src/ecc.c @@ -2821,9 +2821,11 @@ static int wc_ecc_shared_secret_gen_sync(ecc_key* private_key, ecc_point* point, #endif #endif #ifdef WOLFSSL_SP_MATH + { err = WC_KEY_SIZE_E; (void)curve; + } #else { /* make new point */ From df1c73c8e56862b8d3471822b2331ce664030975 Mon Sep 17 00:00:00 2001 From: Jacob Barthelmeh Date: Wed, 28 Feb 2018 13:27:10 -0700 Subject: [PATCH 03/10] check for case that BER to DER API is available --- wolfcrypt/test/test.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index 32fe4139d..b27e0b51d 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -910,7 +910,9 @@ initDefaultName(); printf( "mp test passed!\n"); #endif -#ifdef ASN_BER_TO_DER +#if defined(ASN_BER_TO_DER) && \ + (defined(WOLFSSL_TEST_CERT) || defined(OPENSSL_EXTRA) || \ + defined(OPENSSL_EXTRA_X509_SMALL)) if ( (ret = berder_test()) != 0) return err_sys("ber-der test failed!\n", ret); else @@ -17692,7 +17694,10 @@ done: } #endif -#ifdef ASN_BER_TO_DER +#if defined(ASN_BER_TO_DER) && \ + (defined(WOLFSSL_TEST_CERT) || defined(OPENSSL_EXTRA) || \ + defined(OPENSSL_EXTRA_X509_SMALL)) +/* wc_BerToDer is only public facing in the case of test cert or opensslextra */ typedef struct berDerTestData { const byte *in; word32 inSz; From d46a2b449da46962a414dbf9e062f6e2de8cb49f Mon Sep 17 00:00:00 2001 From: Jacob Barthelmeh Date: Thu, 1 Mar 2018 09:13:28 -0700 Subject: [PATCH 04/10] fix for smallstack buffer size --- src/ssl.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/src/ssl.c b/src/ssl.c index b255f03be..a2e58b10c 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -4904,18 +4904,18 @@ int PemToDer(const unsigned char* buff, long longSz, int type, #ifdef WOLFSSL_SMALL_STACK char* password = NULL; #else - char password[80]; + char password[NAME_SZ]; #endif if (!info || !info->ctx || !info->ctx->passwd_cb) return WOLFSSL_BAD_FILE; /* no callback error */ #ifdef WOLFSSL_SMALL_STACK - password = (char*)XMALLOC(80, heap, DYNAMIC_TYPE_STRING); + password = (char*)XMALLOC(NAME_SZ, heap, DYNAMIC_TYPE_STRING); if (password == NULL) return MEMORY_E; #endif - passwordSz = info->ctx->passwd_cb(password, sizeof(password), 0, + passwordSz = info->ctx->passwd_cb(password, NAME_SZ, 0, info->ctx->userdata); /* convert and adjust length */ if (header == BEGIN_ENC_PRIV_KEY) { @@ -5180,11 +5180,11 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff, #ifdef WOLFSSL_SMALL_STACK char* password = NULL; #else - char password[80]; + char password[NAME_SZ]; #endif #ifdef WOLFSSL_SMALL_STACK - password = (char*)XMALLOC(80, heap, DYNAMIC_TYPE_STRING); + password = (char*)XMALLOC(NAME_SZ, heap, DYNAMIC_TYPE_STRING); if (password == NULL) ret = MEMORY_E; else @@ -5193,7 +5193,7 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff, ret = NO_PASSWORD; } else { - passwordSz = ctx->passwd_cb(password, sizeof(password), + passwordSz = ctx->passwd_cb(password, NAME_SZ, 0, ctx->userdata); /* decrypt the key */ From e7b0fefd7ae03468a91c5765b120820d7a7f3f47 Mon Sep 17 00:00:00 2001 From: Jacob Barthelmeh Date: Thu, 1 Mar 2018 09:28:08 -0700 Subject: [PATCH 05/10] add sanity check on read index --- wolfcrypt/src/asn.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index f9c8589d1..d71db8707 100755 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -3482,6 +3482,9 @@ int wc_RsaPublicKeyDecode(const byte* input, word32* inOutIdx, RsaKey* key, return ASN_PARSE_E; /* Option NULL ASN.1 tag */ + if (*inOutIdx >= inSz) { + return BUFFER_E; + } if (input[*inOutIdx] == ASN_TAG_NULL) { ret = GetASNNull(input, inOutIdx, inSz); if (ret != 0) From e80e82a89ba4bb55c109804cc282167a3a74509c Mon Sep 17 00:00:00 2001 From: Jacob Barthelmeh Date: Thu, 1 Mar 2018 09:48:30 -0700 Subject: [PATCH 06/10] sanity check on reading newline character --- src/ssl.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/ssl.c b/src/ssl.c index a2e58b10c..26de6b3f4 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -4839,7 +4839,8 @@ int PemToDer(const unsigned char* buff, long longSz, int type, return WOLFSSL_BAD_FILE; /* eat blank line */ - while (*newline == '\r' || *newline == '\n') + while (newline < bufferEnd && + (*newline == '\r' || *newline == '\n')) newline++; headerEnd = newline; From ae21c03d6902e9e52e626f6230ce641e659efcb0 Mon Sep 17 00:00:00 2001 From: Jacob Barthelmeh Date: Thu, 1 Mar 2018 10:03:20 -0700 Subject: [PATCH 07/10] check on certificate index when getting Name --- wolfcrypt/src/asn.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index d71db8707..9d2e7f66b 100755 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -4102,6 +4102,10 @@ static int GetName(DecodedCert* cert, int nameType) hash = cert->subjectHash; } + if (cert->srcIdx >= cert->maxIdx) { + return BUFFER_E; + } + if (cert->source[cert->srcIdx] == ASN_OBJECT_ID) { WOLFSSL_MSG("Trying optional prefix..."); From 223facc46aa42383206ef3ffef6680d1229263a0 Mon Sep 17 00:00:00 2001 From: Jacob Barthelmeh Date: Thu, 1 Mar 2018 18:03:21 -0700 Subject: [PATCH 08/10] sanity check on index before reading from input --- wolfcrypt/src/asn.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index 9d2e7f66b..e98816582 100755 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -2014,7 +2014,7 @@ WOLFSSL_LOCAL int GetAlgoId(const byte* input, word32* inOutIdx, word32* oid, return ASN_OBJECT_ID_E; /* could have NULL tag and 0 terminator, but may not */ - if (input[idx] == ASN_TAG_NULL) { + if (idx < maxIdx && input[idx] == ASN_TAG_NULL) { ret = GetASNNull(input, &idx, maxIdx); if (ret != 0) return ret; From f6869dfe0922c1d962db0290d8ff8c6254d5b9b1 Mon Sep 17 00:00:00 2001 From: Jacob Barthelmeh Date: Fri, 2 Mar 2018 09:30:43 -0700 Subject: [PATCH 09/10] AES ECB build with ARMv8 instructions enabled --- wolfcrypt/src/aes.c | 82 ++++++++++++++++++++++----------------------- 1 file changed, 41 insertions(+), 41 deletions(-) diff --git a/wolfcrypt/src/aes.c b/wolfcrypt/src/aes.c index 926a9277e..beb5d53bd 100644 --- a/wolfcrypt/src/aes.c +++ b/wolfcrypt/src/aes.c @@ -3056,47 +3056,6 @@ int wc_AesSetIV(Aes* aes, const byte* iv) #endif /* AES-CBC block */ #endif /* HAVE_AES_CBC */ -#ifdef HAVE_AES_ECB -#if defined(WOLFSSL_IMX6_CAAM) && !defined(NO_IMX6_CAAM_AES) - /* implemented in wolfcrypt/src/port/caam/caam_aes.c */ -#else - -/* software implementation */ -int wc_AesEcbEncrypt(Aes* aes, byte* out, const byte* in, word32 sz) -{ - word32 blocks = sz / AES_BLOCK_SIZE; - - if ((in == NULL) || (out == NULL) || (aes == NULL)) - return BAD_FUNC_ARG; - while (blocks>0) { - wc_AesEncryptDirect(aes, out, in); - out += AES_BLOCK_SIZE; - in += AES_BLOCK_SIZE; - sz -= AES_BLOCK_SIZE; - blocks--; - } - return 0; -} - - -int wc_AesEcbDecrypt(Aes* aes, byte* out, const byte* in, word32 sz) -{ - word32 blocks = sz / AES_BLOCK_SIZE; - - if ((in == NULL) || (out == NULL) || (aes == NULL)) - return BAD_FUNC_ARG; - while (blocks>0) { - wc_AesDecryptDirect(aes, out, in); - out += AES_BLOCK_SIZE; - in += AES_BLOCK_SIZE; - sz -= AES_BLOCK_SIZE; - blocks--; - } - return 0; -} -#endif -#endif - /* AES-CTR */ #if defined(WOLFSSL_AES_COUNTER) @@ -8400,6 +8359,47 @@ int wc_AesGetKeySize(Aes* aes, word32* keySize) #endif /* !WOLFSSL_ARMASM */ #endif /* !WOLFSSL_TI_CRYPT */ +#ifdef HAVE_AES_ECB +#if defined(WOLFSSL_IMX6_CAAM) && !defined(NO_IMX6_CAAM_AES) + /* implemented in wolfcrypt/src/port/caam/caam_aes.c */ +#else + +/* software implementation */ +int wc_AesEcbEncrypt(Aes* aes, byte* out, const byte* in, word32 sz) +{ + word32 blocks = sz / AES_BLOCK_SIZE; + + if ((in == NULL) || (out == NULL) || (aes == NULL)) + return BAD_FUNC_ARG; + while (blocks>0) { + wc_AesEncryptDirect(aes, out, in); + out += AES_BLOCK_SIZE; + in += AES_BLOCK_SIZE; + sz -= AES_BLOCK_SIZE; + blocks--; + } + return 0; +} + + +int wc_AesEcbDecrypt(Aes* aes, byte* out, const byte* in, word32 sz) +{ + word32 blocks = sz / AES_BLOCK_SIZE; + + if ((in == NULL) || (out == NULL) || (aes == NULL)) + return BAD_FUNC_ARG; + while (blocks>0) { + wc_AesDecryptDirect(aes, out, in); + out += AES_BLOCK_SIZE; + in += AES_BLOCK_SIZE; + sz -= AES_BLOCK_SIZE; + blocks--; + } + return 0; +} +#endif +#endif /* HAVE_AES_ECB */ + #ifdef WOLFSSL_AES_CFB /* CFB 128 * From 223903717ac5e72db0603905f8ce7269445e390f Mon Sep 17 00:00:00 2001 From: Jacob Barthelmeh Date: Fri, 2 Mar 2018 09:38:11 -0700 Subject: [PATCH 10/10] add sanity check for short read --- src/tls.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/tls.c b/src/tls.c index c6bf6cdc2..2fb8bd422 100644 --- a/src/tls.c +++ b/src/tls.c @@ -2618,6 +2618,10 @@ static int TLSX_CSR2_Parse(WOLFSSL* ssl, byte* input, word16 length, word16 size = 0; /* list size */ + if (offset + OPAQUE16_LEN >= length) { + return BUFFER_E; + } + ato16(input + offset, &request_length); offset += OPAQUE16_LEN;