From 77b69ebf568f30dc9256630c316d232083539564 Mon Sep 17 00:00:00 2001 From: Stanislav Klima Date: Wed, 29 Jan 2020 17:29:23 +0100 Subject: [PATCH 01/23] Logically dead code. --- wolfcrypt/src/dh.c | 5 ----- 1 file changed, 5 deletions(-) diff --git a/wolfcrypt/src/dh.c b/wolfcrypt/src/dh.c index 65fd76973..094a090e6 100644 --- a/wolfcrypt/src/dh.c +++ b/wolfcrypt/src/dh.c @@ -2143,7 +2143,6 @@ static int _DhSetKey(DhKey* key, const byte* p, word32 pSz, const byte* g, int ret = 0; mp_int* keyP = NULL; mp_int* keyG = NULL; - mp_int* keyQ = NULL; if (key == NULL || p == NULL || g == NULL || pSz == 0 || gSz == 0) { ret = BAD_FUNC_ARG; @@ -2203,13 +2202,9 @@ static int _DhSetKey(DhKey* key, const byte* p, word32 pSz, const byte* g, if (ret == 0 && q != NULL) { if (mp_read_unsigned_bin(&key->q, q, qSz) != MP_OKAY) ret = MP_INIT_E; - else - keyQ = &key->q; } if (ret != 0 && key != NULL) { - if (keyQ) - mp_clear(keyQ); if (keyG) mp_clear(keyG); if (keyP) From 96d1593735d928ee7e42d26b1c26ce6e9b27f668 Mon Sep 17 00:00:00 2001 From: Stanislav Klima Date: Wed, 29 Jan 2020 17:29:52 +0100 Subject: [PATCH 02/23] Possible use after free. --- src/ssl.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/ssl.c b/src/ssl.c index 149594eb0..783689da9 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -24436,6 +24436,7 @@ err_exit: #if !defined(NO_ASN) && !defined(NO_PWDBASED) if ((newx509 != NULL) && (type == PKCS12_TYPE)) { wc_PKCS12_free((WC_PKCS12*)newx509); + newx509 = NULL; } #endif _exit: From 451d0a470a5de9cb27d408f127eb934cfe4d77a0 Mon Sep 17 00:00:00 2001 From: Stanislav Klima Date: Wed, 29 Jan 2020 17:30:14 +0100 Subject: [PATCH 03/23] Resource leak. --- src/ssl.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/ssl.c b/src/ssl.c index 783689da9..ad120b1a9 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -35848,6 +35848,7 @@ int wolfSSL_i2d_RSAPrivateKey(WOLFSSL_RSA *rsa, unsigned char **pp) /* create buffer and return it */ *pp = (unsigned char*)XMALLOC(ret, NULL, DYNAMIC_TYPE_OPENSSL); if (*pp == NULL) { + XFREE(der, NULL, DYNAMIC_TYPE_TMP_BUFFER); return WOLFSSL_FATAL_ERROR; } XMEMCPY(*pp, der, ret); From 972790fb8660fec7bd517e841464b90cd83596f1 Mon Sep 17 00:00:00 2001 From: Stanislav Klima Date: Wed, 29 Jan 2020 17:30:35 +0100 Subject: [PATCH 04/23] Resource leak. --- src/ssl.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/ssl.c b/src/ssl.c index ad120b1a9..e107a2386 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -25011,6 +25011,7 @@ WOLFSSL_ASN1_INTEGER* wolfSSL_ASN1_INTEGER_dup(const WOLFSSL_ASN1_INTEGER* src) dup->data = (unsigned char*) XMALLOC(src->dataMax,NULL,DYNAMIC_TYPE_OPENSSL); if (dup->data == NULL) { + wolfSSL_ASN1_INTEGER_free(dup); return NULL; } XMEMCPY(dup->data,src->data,dup->dataMax); From 70cb97c1163a68951e4447d79bcdf133390bb68f Mon Sep 17 00:00:00 2001 From: Stanislav Klima Date: Wed, 29 Jan 2020 17:30:57 +0100 Subject: [PATCH 05/23] NULL dereference. --- src/ssl.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/ssl.c b/src/ssl.c index e107a2386..1639e1ef6 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -24999,6 +24999,10 @@ WOLFSSL_ASN1_INTEGER* wolfSSL_ASN1_INTEGER_dup(const WOLFSSL_ASN1_INTEGER* src) return NULL; dup = wolfSSL_ASN1_INTEGER_new(); + + if (dup == NULL) + return NULL; + dup->negative = src->negative; dup->dataMax = src->dataMax; dup->isDynamic = src->isDynamic; From df0b0a6e9185e37b61e868afe5a362bb58377328 Mon Sep 17 00:00:00 2001 From: Stanislav Klima Date: Wed, 29 Jan 2020 17:31:14 +0100 Subject: [PATCH 06/23] NULL dereference. --- src/ssl.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/ssl.c b/src/ssl.c index 1639e1ef6..afb102a05 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -29172,6 +29172,10 @@ WOLFSSL_ASN1_INTEGER* wolfSSL_BN_to_ASN1_INTEGER(const WOLFSSL_BIGNUM *bn, WOLFS if (ai == NULL) { a = wolfSSL_ASN1_INTEGER_new(); + + if (a == NULL) + return NULL; + a->type = V_ASN1_INTEGER; } else { From c3fabb1da6675d4e0005cc70e590810ab3c895c7 Mon Sep 17 00:00:00 2001 From: Stanislav Klima Date: Wed, 29 Jan 2020 17:33:21 +0100 Subject: [PATCH 07/23] NULL dereference. --- wolfcrypt/src/evp.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/wolfcrypt/src/evp.c b/wolfcrypt/src/evp.c index 11d1c229c..89c0707c3 100644 --- a/wolfcrypt/src/evp.c +++ b/wolfcrypt/src/evp.c @@ -1244,6 +1244,9 @@ int wolfSSL_EVP_PKEY_keygen(WOLFSSL_EVP_PKEY_CTX *ctx, if (pkey == NULL) { ownPkey = 1; pkey = wolfSSL_PKEY_new(); + + if (pkey == NULL) + return ret; } switch (pkey->type) { From 2d36624d84f37e73e5d6446e50a330319f39d12d Mon Sep 17 00:00:00 2001 From: Stanislav Klima Date: Wed, 29 Jan 2020 17:33:38 +0100 Subject: [PATCH 08/23] NULL dereference. --- src/ssl.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/ssl.c b/src/ssl.c index afb102a05..e1ece6f86 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -24901,6 +24901,9 @@ int wolfSSL_X509_cmp_time(const WOLFSSL_ASN1_TIME* asnTime, time_t* cmpTime) /* Convert to time struct*/ ct = XGMTIME(pTime, tmpTs); + if (ct == NULL) + return GETTIME_ERROR; + /* DateGreaterThan returns 1 for >; 0 for <= */ ret = DateGreaterThan(&ts, ct) ? 1 : -1; } From 670ba75ea4010813b19167d4f325b0b4fe84f9af Mon Sep 17 00:00:00 2001 From: Stanislav Klima Date: Wed, 29 Jan 2020 17:33:59 +0100 Subject: [PATCH 09/23] Missing varargs cleanup. --- src/ssl.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/ssl.c b/src/ssl.c index e1ece6f86..6f1cdf2ae 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -27714,8 +27714,10 @@ int wolfSSL_BIO_printf(WOLFSSL_BIO* bio, const char* format, ...) va_start(args, format); switch (bio->type) { case WOLFSSL_BIO_FILE: - if (bio->ptr == NULL) + if (bio->ptr == NULL) { + va_end(args); return -1; + } ret = vfprintf((XFILE)bio->ptr, format, args); break; From 37386f5fb5301e61ae8ac0373299124aa343dad1 Mon Sep 17 00:00:00 2001 From: Stanislav Klima Date: Wed, 29 Jan 2020 17:34:19 +0100 Subject: [PATCH 10/23] NULL dereference. --- src/internal.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/internal.c b/src/internal.c index 2097f3ff1..7ef2d8769 100644 --- a/src/internal.c +++ b/src/internal.c @@ -11548,7 +11548,8 @@ static int SanityCheckMsgReceived(WOLFSSL* ssl, byte type) #ifndef NO_PSK if (ssl->specs.kea == psk_kea && - ssl->arrays->server_hint[0] == 0) + ssl->arrays != NULL && + ssl->arrays->server_hint[0] == 0) pskNoServerHint = 1; #endif if (ssl->specs.static_ecdh == 1 || From 2db62f744ab72df4e00c89093c034616b53b4184 Mon Sep 17 00:00:00 2001 From: Stanislav Klima Date: Wed, 29 Jan 2020 17:34:40 +0100 Subject: [PATCH 11/23] Logically dead code. --- src/ssl.c | 29 ++--------------------------- 1 file changed, 2 insertions(+), 27 deletions(-) diff --git a/src/ssl.c b/src/ssl.c index 6f1cdf2ae..b05103274 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -17125,39 +17125,14 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md) case AES_256_GCM_TYPE : WOLFSSL_MSG("AES GCM"); if (ctx->enc) { - if (dst){ - /* encrypt confidential data*/ - ret = wc_AesGcmEncrypt(&ctx->cipher.aes, dst, src, len, + ret = wc_AesGcmEncrypt(&ctx->cipher.aes, dst, src, len, ctx->iv, ctx->ivSz, ctx->authTag, ctx->authTagSz, NULL, 0); - } - else { - /* authenticated, non-confidential data */ - ret = wc_AesGcmEncrypt(&ctx->cipher.aes, NULL, NULL, 0, - ctx->iv, ctx->ivSz, ctx->authTag, ctx->authTagSz, - src, len); - /* Reset partial authTag error for AAD*/ - if (ret == AES_GCM_AUTH_E) - ret = 0; - } } else { - if (dst){ - /* decrypt confidential data*/ - ret = wc_AesGcmDecrypt(&ctx->cipher.aes, dst, src, len, + ret = wc_AesGcmDecrypt(&ctx->cipher.aes, dst, src, len, ctx->iv, ctx->ivSz, ctx->authTag, ctx->authTagSz, NULL, 0); - } - else { - /* authenticated, non-confidential data*/ - ret = wc_AesGcmDecrypt(&ctx->cipher.aes, NULL, NULL, 0, - ctx->iv, ctx->ivSz, - ctx->authTag, ctx->authTagSz, - src, len); - /* Reset partial authTag error for AAD*/ - if (ret == AES_GCM_AUTH_E) - ret = 0; - } } break; #endif /* HAVE_AESGCM */ From ed88e8d1c5dfc07376049384347697961e96b187 Mon Sep 17 00:00:00 2001 From: Stanislav Klima Date: Wed, 29 Jan 2020 17:34:58 +0100 Subject: [PATCH 12/23] Logically dead code. --- src/ssl.c | 3 --- 1 file changed, 3 deletions(-) diff --git a/src/ssl.c b/src/ssl.c index b05103274..4ee162b99 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -3640,9 +3640,6 @@ WOLFSSL_STACK* wolfSSL_X509_STORE_GetCerts(WOLFSSL_X509_STORE_CTX* s) /* get certificate buffer */ cert = &s->certs[certIdx]; - if (cert == NULL) - break; - dCert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), NULL, DYNAMIC_TYPE_DCERT); if (dCert == NULL) { From c938cb35caab61a8f4f3400ec711209520ac547f Mon Sep 17 00:00:00 2001 From: Stanislav Klima Date: Wed, 29 Jan 2020 17:35:15 +0100 Subject: [PATCH 13/23] Logically dead code. --- src/ssl.c | 5 ----- 1 file changed, 5 deletions(-) diff --git a/src/ssl.c b/src/ssl.c index 4ee162b99..a67bbeafb 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -42539,11 +42539,6 @@ int wolfSSL_X509_NAME_print_ex(WOLFSSL_BIO* bio, WOLFSSL_X509_NAME* name, return WOLFSSL_SUCCESS; #endif /* WOLFSSL_APACHE_HTTPD || OPENSSL_ALL || WOLFSSL_NGINX */ } - else if (flags == XN_FLAG_RFC2253) { - if (wolfSSL_BIO_write(bio, name->name + 1, name->sz - 2) - != name->sz - 2) - return WOLFSSL_FAILURE; - } else if (wolfSSL_BIO_write(bio, name->name, name->sz - 1) != name->sz - 1) return WOLFSSL_FAILURE; From bbfefd3cde5b69a460ae55cd101aceb710060c0c Mon Sep 17 00:00:00 2001 From: Stanislav Klima Date: Wed, 5 Feb 2020 16:59:20 +0100 Subject: [PATCH 14/23] Sanity check NULL dereference. --- wolfcrypt/src/integer.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/wolfcrypt/src/integer.c b/wolfcrypt/src/integer.c index 9e45ebdc2..8f955796e 100644 --- a/wolfcrypt/src/integer.c +++ b/wolfcrypt/src/integer.c @@ -2846,6 +2846,14 @@ int mp_set_bit (mp_int * a, int b) { int i = b / DIGIT_BIT, res; + /* + * Require: + * bit index b >= 0 + * a->alloc == a->used == 0 if a->dp == NULL + */ + if (b < 0 || (a->dp == NULL && (a->alloc != 0 || a->used != 0))) + return MP_VAL; + if (a->dp == NULL || a->used < (int)(i + 1)) { /* grow a to accommodate the single bit */ if ((res = mp_grow (a, i + 1)) != MP_OKAY) { From 0964272dc62cbe7bf097420ba3bf0079846730bc Mon Sep 17 00:00:00 2001 From: Stanislav Klima Date: Wed, 5 Feb 2020 18:28:50 +0100 Subject: [PATCH 15/23] Resource leak fix. --- src/ssl.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/ssl.c b/src/ssl.c index a67bbeafb..21dab1708 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -43820,8 +43820,10 @@ int wolfSSL_X509_check_host(X509 *x, const char *chk, size_t chklen, InitDecodedCert(&dCert, x->derCert->buffer, x->derCert->length, NULL); ret = ParseCertRelative(&dCert, CERT_TYPE, 0, NULL); - if (ret != 0) + if (ret != 0) { + FreeDecodedCert(&dCert); return WOLFSSL_FAILURE; + } ret = CheckHostName(&dCert, (char *)chk, chklen); FreeDecodedCert(&dCert); From da3df4f9c6282f7f82605477a923715cfbfef59f Mon Sep 17 00:00:00 2001 From: Stanislav Klima Date: Wed, 5 Feb 2020 19:36:37 +0100 Subject: [PATCH 16/23] Changing logic to remove dead code section. --- src/ssl.c | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/src/ssl.c b/src/ssl.c index 21dab1708..bd50fd777 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -42498,9 +42498,9 @@ int wolfSSL_X509_NAME_print_ex(WOLFSSL_BIO* bio, WOLFSSL_X509_NAME* name, return WOLFSSL_FAILURE; } +#if defined(WOLFSSL_APACHE_HTTPD) || defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) /* If XN_FLAG_DN_REV is present, print X509_NAME in reverse order */ if (flags == (XN_FLAG_RFC2253 & ~XN_FLAG_DN_REV)) { -#if defined(WOLFSSL_APACHE_HTTPD) || defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) fullName[0] = '\0'; count = wolfSSL_X509_NAME_entry_count(name); for (i = 0; i < count; i++) { @@ -42537,8 +42537,14 @@ int wolfSSL_X509_NAME_print_ex(WOLFSSL_BIO* bio, WOLFSSL_X509_NAME* name, if (wolfSSL_BIO_write(bio, fullName, totalSz) != totalSz) return WOLFSSL_FAILURE; return WOLFSSL_SUCCESS; -#endif /* WOLFSSL_APACHE_HTTPD || OPENSSL_ALL || WOLFSSL_NGINX */ } +#else + if (flags == XN_FLAG_RFC2253) { + if (wolfSSL_BIO_write(bio, name->name + 1, name->sz - 2) + != name->sz - 2) + return WOLFSSL_FAILURE; + } +#endif /* WOLFSSL_APACHE_HTTPD || OPENSSL_ALL || WOLFSSL_NGINX */ else if (wolfSSL_BIO_write(bio, name->name, name->sz - 1) != name->sz - 1) return WOLFSSL_FAILURE; From 109173d7560b7b7b5c04836521f1b58455909b05 Mon Sep 17 00:00:00 2001 From: Stanislav Klima Date: Wed, 12 Feb 2020 12:57:40 +0100 Subject: [PATCH 17/23] Fix two resource leaks. --- src/ssl.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/ssl.c b/src/ssl.c index bd50fd777..96e3562b3 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -4639,6 +4639,7 @@ int AddTrustedPeer(WOLFSSL_CERT_MANAGER* cm, DerBuffer** pDer, int verify) InitDecodedCert(cert, der->buffer, der->length, cm->heap); if ((ret = ParseCert(cert, TRUSTED_PEER_TYPE, verify, cm)) != 0) { + FreeDecodedCert(cert); XFREE(cert, NULL, DYNAMIC_TYPE_DCERT); return ret; } @@ -4673,6 +4674,7 @@ int AddTrustedPeer(WOLFSSL_CERT_MANAGER* cm, DerBuffer** pDer, int verify) if (AlreadyTrustedPeer(cm, subjectHash)) { WOLFSSL_MSG("\tAlready have this CA, not adding again"); + FreeTrustedPeer(peerCert, cm->heap); (void)ret; } else { From 1a38c26097e0491ef831751a41d0877098dd4453 Mon Sep 17 00:00:00 2001 From: Stanislav Klima Date: Wed, 12 Feb 2020 13:29:33 +0100 Subject: [PATCH 18/23] Prevent infinite loop. --- wolfcrypt/src/rsa.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/wolfcrypt/src/rsa.c b/wolfcrypt/src/rsa.c index 5ffb3b98c..af1fdff73 100644 --- a/wolfcrypt/src/rsa.c +++ b/wolfcrypt/src/rsa.c @@ -1624,6 +1624,9 @@ static int RsaUnPad(const byte *pkcsBlock, unsigned int pkcsBlockLen, word16 j; word16 pastSep = 0; + if (pkcsBlockLen > 0xFFFF) + return RSA_PAD_E; + /* Decrypted with private key - unpad must be constant time. */ for (i = 0, j = 2; j < pkcsBlockLen; j++) { /* Update i if not passed the separator and at separator. */ From 1b13178182cf1c25c0d01a537b6626824d41dabc Mon Sep 17 00:00:00 2001 From: Stanislav Klima Date: Wed, 12 Feb 2020 13:46:12 +0100 Subject: [PATCH 19/23] Fixes possible compile error if NO_PKCS7_STREAM is defined. --- wolfcrypt/src/pkcs7.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/wolfcrypt/src/pkcs7.c b/wolfcrypt/src/pkcs7.c index 3a79d8fc9..6b6c3ecaa 100644 --- a/wolfcrypt/src/pkcs7.c +++ b/wolfcrypt/src/pkcs7.c @@ -11419,7 +11419,9 @@ authenv_atrbend: XFREE(decryptedKey, pkcs7->heap, DYNAMIC_TYPE_PKCS7); decryptedKey = NULL; #ifdef WOLFSSL_SMALL_STACK + #ifndef NO_PKCS7_STREAM pkcs7->stream->key = NULL; + #endif #endif #endif ret = encryptedContentSz; From 6f3623f220b038b19560e85c4d64df37f24d14d7 Mon Sep 17 00:00:00 2001 From: Stanislav Klima Date: Tue, 18 Feb 2020 09:59:59 +0100 Subject: [PATCH 20/23] Moved infinite loop check to the other bad func arg check. --- wolfcrypt/src/rsa.c | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/wolfcrypt/src/rsa.c b/wolfcrypt/src/rsa.c index af1fdff73..1ed5fda78 100644 --- a/wolfcrypt/src/rsa.c +++ b/wolfcrypt/src/rsa.c @@ -1596,7 +1596,7 @@ static int RsaUnPad(const byte *pkcsBlock, unsigned int pkcsBlockLen, byte invalid = 0; #endif - if (output == NULL || pkcsBlockLen == 0) { + if (output == NULL || pkcsBlockLen == 0 || pkcsBlockLen > 0xFFFF) { return BAD_FUNC_ARG; } @@ -1624,9 +1624,6 @@ static int RsaUnPad(const byte *pkcsBlock, unsigned int pkcsBlockLen, word16 j; word16 pastSep = 0; - if (pkcsBlockLen > 0xFFFF) - return RSA_PAD_E; - /* Decrypted with private key - unpad must be constant time. */ for (i = 0, j = 2; j < pkcsBlockLen; j++) { /* Update i if not passed the separator and at separator. */ From d4a9279a6cc188713ed0c7f87bc2a0301ff052aa Mon Sep 17 00:00:00 2001 From: Stanislav Klima Date: Thu, 20 Feb 2020 15:04:01 +0100 Subject: [PATCH 21/23] Revert "Resource leak." to resolve the conflict (this fix is unapplicable, because the leaking code was removed). This reverts commit 451d0a470a5de9cb27d408f127eb934cfe4d77a0. --- src/ssl.c | 1 - 1 file changed, 1 deletion(-) diff --git a/src/ssl.c b/src/ssl.c index 96e3562b3..95191dac1 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -35836,7 +35836,6 @@ int wolfSSL_i2d_RSAPrivateKey(WOLFSSL_RSA *rsa, unsigned char **pp) /* create buffer and return it */ *pp = (unsigned char*)XMALLOC(ret, NULL, DYNAMIC_TYPE_OPENSSL); if (*pp == NULL) { - XFREE(der, NULL, DYNAMIC_TYPE_TMP_BUFFER); return WOLFSSL_FATAL_ERROR; } XMEMCPY(*pp, der, ret); From 3fcbcbf42a8ac52b9a09725f93483abc27f577ed Mon Sep 17 00:00:00 2001 From: Stanislav Klima Date: Mon, 9 Mar 2020 17:45:15 +0100 Subject: [PATCH 22/23] Revert "Logically dead code." This reverts commit 2db62f744ab72df4e00c89093c034616b53b4184. --- src/ssl.c | 29 +++++++++++++++++++++++++++-- 1 file changed, 27 insertions(+), 2 deletions(-) diff --git a/src/ssl.c b/src/ssl.c index 95191dac1..b418f7f80 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -17124,14 +17124,39 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md) case AES_256_GCM_TYPE : WOLFSSL_MSG("AES GCM"); if (ctx->enc) { - ret = wc_AesGcmEncrypt(&ctx->cipher.aes, dst, src, len, + if (dst){ + /* encrypt confidential data*/ + ret = wc_AesGcmEncrypt(&ctx->cipher.aes, dst, src, len, ctx->iv, ctx->ivSz, ctx->authTag, ctx->authTagSz, NULL, 0); + } + else { + /* authenticated, non-confidential data */ + ret = wc_AesGcmEncrypt(&ctx->cipher.aes, NULL, NULL, 0, + ctx->iv, ctx->ivSz, ctx->authTag, ctx->authTagSz, + src, len); + /* Reset partial authTag error for AAD*/ + if (ret == AES_GCM_AUTH_E) + ret = 0; + } } else { - ret = wc_AesGcmDecrypt(&ctx->cipher.aes, dst, src, len, + if (dst){ + /* decrypt confidential data*/ + ret = wc_AesGcmDecrypt(&ctx->cipher.aes, dst, src, len, ctx->iv, ctx->ivSz, ctx->authTag, ctx->authTagSz, NULL, 0); + } + else { + /* authenticated, non-confidential data*/ + ret = wc_AesGcmDecrypt(&ctx->cipher.aes, NULL, NULL, 0, + ctx->iv, ctx->ivSz, + ctx->authTag, ctx->authTagSz, + src, len); + /* Reset partial authTag error for AAD*/ + if (ret == AES_GCM_AUTH_E) + ret = 0; + } } break; #endif /* HAVE_AESGCM */ From 93326a7aeb46c48c1b61aec0077cb6a298c98908 Mon Sep 17 00:00:00 2001 From: Stanislav Klima Date: Tue, 10 Mar 2020 09:55:27 +0100 Subject: [PATCH 23/23] Changed dst NULL check. --- src/ssl.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/src/ssl.c b/src/ssl.c index b418f7f80..e7d099a10 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -17094,7 +17094,11 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md) int ret = 0; WOLFSSL_ENTER("wolfSSL_EVP_Cipher"); - if (ctx == NULL || dst == NULL || src == NULL) { + if (ctx == NULL || src == NULL || + (dst == NULL && + ctx->cipherType != AES_128_GCM_TYPE && + ctx->cipherType != AES_192_GCM_TYPE && + ctx->cipherType != AES_256_GCM_TYPE)) { WOLFSSL_MSG("Bad function argument"); return 0; /* failure */ }