From 74893edaf0313b64abed3d1e53060251809780e3 Mon Sep 17 00:00:00 2001 From: Stanislav Klima Date: Wed, 15 Apr 2020 14:36:36 +0200 Subject: [PATCH 1/8] Fix of size constraint for parsing. --- wolfcrypt/src/asn.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index a224f2ce6..708e61122 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -17378,10 +17378,10 @@ int ParseCRL(DecodedCRL* dcrl, const byte* buff, word32 sz, void* cm) return ASN_PARSE_E; dcrl->sigIndex = len + idx; - if (ParseCRL_CertList(dcrl, buff, &idx, idx + len) < 0) + if (ParseCRL_CertList(dcrl, buff, &idx, dcrl->sigIndex) < 0) return ASN_PARSE_E; - if (ParseCRL_Extensions(dcrl, buff, &idx, idx + len) < 0) + if (ParseCRL_Extensions(dcrl, buff, &idx, dcrl->sigIndex) < 0) return ASN_PARSE_E; idx = dcrl->sigIndex; From e19334266ee921a65b0ae56ec87309924f0a282b Mon Sep 17 00:00:00 2001 From: Stanislav Klima Date: Wed, 15 Apr 2020 14:43:12 +0200 Subject: [PATCH 2/8] This function is required by HAVE_PK_CALLBACKS option and it's used by server as well. --- src/internal.c | 86 +++++++++++++++++++++++++------------------------- 1 file changed, 43 insertions(+), 43 deletions(-) diff --git a/src/internal.c b/src/internal.c index 77de65e7f..ae1f71603 100644 --- a/src/internal.c +++ b/src/internal.c @@ -23437,49 +23437,6 @@ exit_scke: #ifndef NO_CERTS -#ifdef HAVE_PK_CALLBACKS - int GetPrivateKeySigSize(WOLFSSL* ssl) - { - int sigSz = 0; - - if (ssl == NULL) - return 0; - - switch (ssl->buffers.keyType) { - #ifndef NO_RSA - #ifdef WC_RSA_PSS - case rsa_pss_sa_algo: - #endif - case rsa_sa_algo: - sigSz = ssl->buffers.keySz; - ssl->hsType = DYNAMIC_TYPE_RSA; - break; - #endif - #ifdef HAVE_ECC - case ecc_dsa_sa_algo: - sigSz = wc_ecc_sig_size_calc(ssl->buffers.keySz); - ssl->hsType = DYNAMIC_TYPE_ECC; - break; - #endif - #ifdef HAVE_ED25519 - case ed25519_sa_algo: - sigSz = ED25519_SIG_SIZE; /* fixed known value */ - ssl->hsType = DYNAMIC_TYPE_ED25519; - break; - #endif - #ifdef HAVE_ED448 - case ed448_sa_algo: - sigSz = ED448_SIG_SIZE; /* fixed known value */ - ssl->hsType = DYNAMIC_TYPE_ED448; - break; - #endif - default: - break; - } - return sigSz; - } -#endif /* HAVE_PK_CALLBACKS */ - #ifndef WOLFSSL_NO_TLS12 #ifndef WOLFSSL_NO_CLIENT_AUTH @@ -24079,6 +24036,49 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, #endif /* NO_WOLFSSL_CLIENT */ +#ifdef HAVE_PK_CALLBACKS + int GetPrivateKeySigSize(WOLFSSL* ssl) + { + int sigSz = 0; + + if (ssl == NULL) + return 0; + + switch (ssl->buffers.keyType) { + #ifndef NO_RSA + #ifdef WC_RSA_PSS + case rsa_pss_sa_algo: + #endif + case rsa_sa_algo: + sigSz = ssl->buffers.keySz; + ssl->hsType = DYNAMIC_TYPE_RSA; + break; + #endif + #ifdef HAVE_ECC + case ecc_dsa_sa_algo: + sigSz = wc_ecc_sig_size_calc(ssl->buffers.keySz); + ssl->hsType = DYNAMIC_TYPE_ECC; + break; + #endif + #ifdef HAVE_ED25519 + case ed25519_sa_algo: + sigSz = ED25519_SIG_SIZE; /* fixed known value */ + ssl->hsType = DYNAMIC_TYPE_ED25519; + break; + #endif + #ifdef HAVE_ED448 + case ed448_sa_algo: + sigSz = ED448_SIG_SIZE; /* fixed known value */ + ssl->hsType = DYNAMIC_TYPE_ED448; + break; + #endif + default: + break; + } + return sigSz; + } +#endif /* HAVE_PK_CALLBACKS */ + #ifdef HAVE_ECC /* returns the WOLFSSL_* version of the curve from the OID sum */ word16 GetCurveByOID(int oidSum) { From 1a80975d9e0b38e4c5ef5caa90228a580d136ca7 Mon Sep 17 00:00:00 2001 From: Stanislav Klima Date: Wed, 15 Apr 2020 15:47:32 +0200 Subject: [PATCH 3/8] Fixed resource leaks. --- wolfcrypt/src/asn.c | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index 708e61122..f4a1bd28b 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -3404,6 +3404,10 @@ int UnTraditionalEnc(byte* key, word32 keySz, byte* out, word32* outSz, /* place iteration count in buffer */ ret = SetShortInt(out, &inOutIdx, itt, *outSz); if (ret < 0) { + #ifdef WOLFSSL_SMALL_STACK + if (saltTmp != NULL) + XFREE(saltTmp, heap, DYNAMIC_TYPE_TMP_BUFFER); + #endif return ret; } sz += (word32)ret; @@ -3427,6 +3431,10 @@ int UnTraditionalEnc(byte* key, word32 keySz, byte* out, word32* outSz, /* check key type and get OID if ECC */ if ((ret = wc_GetKeyOID(key, keySz, &curveOID, &oidSz, &algoID, heap))< 0) { WOLFSSL_MSG("Error getting key OID"); + #ifdef WOLFSSL_SMALL_STACK + if (saltTmp != NULL) + XFREE(saltTmp, heap, DYNAMIC_TYPE_TMP_BUFFER); + #endif return ret; } @@ -3453,6 +3461,10 @@ int UnTraditionalEnc(byte* key, word32 keySz, byte* out, word32* outSz, /* plus 3 for tags */ *outSz = tmpSz + MAX_ALGO_SZ + MAX_LENGTH_SZ +MAX_LENGTH_SZ + MAX_SEQ_SZ + MAX_LENGTH_SZ + MAX_SEQ_SZ + 3; + #ifdef WOLFSSL_SMALL_STACK + if (saltTmp != NULL) + XFREE(saltTmp, heap, DYNAMIC_TYPE_TMP_BUFFER); + #endif return LENGTH_ONLY_E; } @@ -3486,7 +3498,7 @@ int UnTraditionalEnc(byte* key, word32 keySz, byte* out, word32* outSz, if (cbcIv == NULL) { if (saltTmp != NULL) XFREE(saltTmp, heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(salt, heap, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(tmp, heap, DYNAMIC_TYPE_TMP_BUFFER); return MEMORY_E; } #endif From 68a2e03bd43fdbf4f234938f578202453f84a660 Mon Sep 17 00:00:00 2001 From: Stanislav Klima Date: Wed, 15 Apr 2020 16:27:34 +0200 Subject: [PATCH 4/8] Fixed resource leak. --- wolfcrypt/src/asn.c | 1 + 1 file changed, 1 insertion(+) diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index f4a1bd28b..a2eeaf039 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -15167,6 +15167,7 @@ int DecodeECC_DSA_Sig(const byte* sig, word32 sigLen, mp_int* r, mp_int* s) } if (GetInt(s, sig, &idx, sigLen) < 0) { + mp_clear(r); return ASN_ECC_KEY_E; } From 314ff1137b0f16ad7dba50bc71febf20beb96892 Mon Sep 17 00:00:00 2001 From: Stanislav Klima Date: Wed, 15 Apr 2020 16:29:11 +0200 Subject: [PATCH 5/8] Fixed resource leak. --- src/ssl.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/ssl.c b/src/ssl.c index e7d6efdb1..ba9f32512 100755 --- a/src/ssl.c +++ b/src/ssl.c @@ -25243,6 +25243,7 @@ WOLFSSL_API int wolfSSL_X509_STORE_load_locations(WOLFSSL_X509_STORE *str, DYNAMIC_TYPE_TMP_BUFFER); if (readCtx == NULL) { WOLFSSL_MSG("Memory error"); + wolfSSL_CTX_free(ctx); return WOLFSSL_FAILURE; } #endif From 83044d7560f8ff3f883dca2e5e2b7fd533836e29 Mon Sep 17 00:00:00 2001 From: Stanislav Klima Date: Thu, 16 Apr 2020 09:46:15 +0200 Subject: [PATCH 6/8] Fixed dereference after null check. --- src/internal.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/src/internal.c b/src/internal.c index ae1f71603..a13e566be 100644 --- a/src/internal.c +++ b/src/internal.c @@ -11557,7 +11557,15 @@ exit_ppc: } #endif /* WOLFSSL_ASYNC_CRYPT || WOLFSSL_NONBLOCK_OCSP */ +#if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLFSSL_NONBLOCK_OCSP) || \ + defined(WOLFSSL_SMALL_STACK) + if (args) + { + FreeProcPeerCertArgs(ssl, args); + } +#else FreeProcPeerCertArgs(ssl, args); +#endif /* WOLFSSL_ASYNC_CRYPT || WOLFSSL_NONBLOCK_OCSP || WOLFSSL_SMALL_STACK */ #if defined(WOLFSSL_ASYNC_CRYPT) #elif defined(WOLFSSL_NONBLOCK_OCSP) From eab451339cc764e58002161860ec88c41ee5401a Mon Sep 17 00:00:00 2001 From: Stanislav Klima Date: Thu, 16 Apr 2020 09:52:02 +0200 Subject: [PATCH 7/8] Fixed dereference after null check. --- wolfcrypt/src/asn.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index a2eeaf039..1bce4026d 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -13575,6 +13575,8 @@ static int EncodeCertReq(Cert* cert, DerCert* der, RsaKey* rsaKey, #ifdef HAVE_ECC if (cert->keyType == ECC_KEY) { + if (eccKey == NULL) + return PUBLIC_KEY_E; der->publicKeySz = SetEccPublicKey(der->publicKey, eccKey, 1); } #endif From 8112c81fc563efedc2d02d4b1d863ae29687e772 Mon Sep 17 00:00:00 2001 From: Stanislav Klima Date: Thu, 16 Apr 2020 23:30:11 +0200 Subject: [PATCH 8/8] Added missing NO_CERTS check. --- src/internal.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/internal.c b/src/internal.c index a13e566be..226bf2f27 100644 --- a/src/internal.c +++ b/src/internal.c @@ -24044,6 +24044,8 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, #endif /* NO_WOLFSSL_CLIENT */ +#ifndef NO_CERTS + #ifdef HAVE_PK_CALLBACKS int GetPrivateKeySigSize(WOLFSSL* ssl) { @@ -24087,6 +24089,8 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, } #endif /* HAVE_PK_CALLBACKS */ +#endif /* NO_CERTS */ + #ifdef HAVE_ECC /* returns the WOLFSSL_* version of the curve from the OID sum */ word16 GetCurveByOID(int oidSum) {