mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-05 15:50:51 +02:00
Merge pull request #9823 from embhorn/zd21242
Add sanity checks in key export
This commit is contained in:
@@ -5726,6 +5726,13 @@ int wolfSSL_export_keying_material(WOLFSSL *ssl,
|
||||
return WOLFSSL_FAILURE;
|
||||
}
|
||||
|
||||
/* Sanity check contextLen to prevent integer overflow when cast to word32
|
||||
* and to ensure it fits in the 2-byte length encoding (max 65535). */
|
||||
if (use_context && contextLen > WOLFSSL_MAX_16BIT) {
|
||||
WOLFSSL_MSG("contextLen too large");
|
||||
return WOLFSSL_FAILURE;
|
||||
}
|
||||
|
||||
/* clientRandom + serverRandom
|
||||
* OR
|
||||
* clientRandom + serverRandom + ctx len encoding + ctx */
|
||||
|
||||
@@ -1023,6 +1023,11 @@ int Tls13_Exporter(WOLFSSL* ssl, unsigned char *out, size_t outLen,
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
|
||||
/* Sanity check contextLen to prevent truncation when cast to word32. */
|
||||
if (contextLen > WOLFSSL_MAX_32BIT) {
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
/* Hash(context_value) */
|
||||
ret = wc_Hash(hashType, context, (word32)contextLen, hashOut, WC_MAX_DIGEST_SIZE);
|
||||
if (ret != 0)
|
||||
|
||||
@@ -24124,6 +24124,11 @@ static int test_export_keying_material_cb(WOLFSSL_CTX *ctx, WOLFSSL *ssl)
|
||||
NULL, 0, 0), 0);
|
||||
ExpectIntEQ(wolfSSL_export_keying_material(ssl, ekm, sizeof(ekm),
|
||||
"key expansion", XSTR_SIZEOF("key expansion"), NULL, 0, 0), 0);
|
||||
/* contextLen overflow: values exceeding UINT16_MAX must be rejected to
|
||||
* prevent integer overflow in seedLen calculation (ZD #21242). */
|
||||
ExpectIntEQ(wolfSSL_export_keying_material(ssl, ekm, sizeof(ekm),
|
||||
"Test label", XSTR_SIZEOF("Test label"), ekm,
|
||||
(size_t)0xFFFF + 1, 1), 0);
|
||||
|
||||
return EXPECT_RESULT();
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user