wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-01 19:54:40 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1017 from dgarske/bigend

Browse Source 
Fix for big endian seg fault in `SendCertificateVerify`
This commit is contained in:
toddouska
2017-07-12 09:25:25 -06:00
committed by GitHub
parent 7853440d89 69e9aa29f2
commit dc5e6f789d
1 changed files with 14 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
src/internal.c
View File

@@ -18650,6 +18650,7 @@ int SendClientKeyExchange(WOLFSSL* ssl)
case ntru_kea: case ntru_kea:
{ {
word32 rc; word32 rc;
word16 tmpEncSz = (word16)args->encSz;
DRBG_HANDLE drbg; DRBG_HANDLE drbg;
rc = ntru_crypto_drbg_external_instantiate(GetEntropy, &drbg); rc = ntru_crypto_drbg_external_instantiate(GetEntropy, &drbg);
@@ -18660,8 +18661,9 @@ int SendClientKeyExchange(WOLFSSL* ssl)
ssl->peerNtruKey, ssl->peerNtruKey,
ssl->arrays->preMasterSz, ssl->arrays->preMasterSz,
ssl->arrays->preMasterSecret, ssl->arrays->preMasterSecret,
(word16*)&args->encSz, &tmpEncSz,
args->encSecret); args->encSecret);
args->encSz = tmpEncSz;
ntru_crypto_drbg_uninstantiate(drbg); ntru_crypto_drbg_uninstantiate(drbg);
if (rc != NTRU_OK) { if (rc != NTRU_OK) {
ERROR_OUT(NTRU_ENCRYPT_ERROR, exit_scke); ERROR_OUT(NTRU_ENCRYPT_ERROR, exit_scke);
@@ -19064,7 +19066,7 @@ int DecodePrivateKey(WOLFSSL *ssl, word16* length)
if (ret == 0) { if (ret == 0) {
WOLFSSL_MSG("Using RSA private key"); WOLFSSL_MSG("Using RSA private key");
/* It worked so check it meeets minimum key size requirements. */ /* It worked so check it meets minimum key size requirements. */
keySz = wc_RsaEncryptSize((RsaKey*)ssl->hsKey); keySz = wc_RsaEncryptSize((RsaKey*)ssl->hsKey);
if (keySz < 0) { /* check if keySz has error case */ if (keySz < 0) { /* check if keySz has error case */
ERROR_OUT(keySz, exit_dpk); ERROR_OUT(keySz, exit_dpk);
@@ -19178,8 +19180,8 @@ typedef struct ScvArgs {
word32 extraSz; word32 extraSz;
word32 sigSz; word32 sigSz;
int sendSz; int sendSz;
int length;
int inputSz; int inputSz;
word16 length;
byte sigAlgo; byte sigAlgo;
} ScvArgs; } ScvArgs;
@@ -19268,7 +19270,7 @@ int SendCertificateVerify(WOLFSSL* ssl)
} }
/* Decode private key. */ /* Decode private key. */
ret = DecodePrivateKey(ssl, (word16*)&args->length); ret = DecodePrivateKey(ssl, &args->length);
if (ret != 0) { if (ret != 0) {
goto exit_scv; goto exit_scv;
} }
@@ -19347,7 +19349,7 @@ int SendCertificateVerify(WOLFSSL* ssl)
} }
/* prepend hdr */ /* prepend hdr */
c16toa((word16)args->length, args->verify + args->extraSz); c16toa(args->length, args->verify + args->extraSz);
} }
else if (args->sigAlgo == rsa_pss_sa_algo) { else if (args->sigAlgo == rsa_pss_sa_algo) {
XMEMCPY(ssl->buffers.sig.buffer, ssl->buffers.digest.buffer, XMEMCPY(ssl->buffers.sig.buffer, ssl->buffers.digest.buffer,
@@ -19356,7 +19358,7 @@ int SendCertificateVerify(WOLFSSL* ssl)
args->sigSz = ENCRYPT_LEN; args->sigSz = ENCRYPT_LEN;
/* prepend hdr */ /* prepend hdr */
c16toa((word16)args->length, args->verify + args->extraSz); c16toa(args->length, args->verify + args->extraSz);
} }
#endif /* !NO_RSA */ #endif /* !NO_RSA */
@@ -19441,20 +19443,18 @@ int SendCertificateVerify(WOLFSSL* ssl)
#ifdef HAVE_ECC #ifdef HAVE_ECC
if (ssl->hsType == DYNAMIC_TYPE_ECC) { if (ssl->hsType == DYNAMIC_TYPE_ECC) {
args->length = ssl->buffers.sig.length; args->length = (word16)ssl->buffers.sig.length;
/* prepend hdr */ /* prepend hdr */
c16toa((word16)ssl->buffers.sig.length, args->verify + c16toa(args->length, args->verify + args->extraSz);
args->extraSz);
XMEMCPY(args->verify + args->extraSz + VERIFY_HEADER, XMEMCPY(args->verify + args->extraSz + VERIFY_HEADER,
ssl->buffers.sig.buffer, ssl->buffers.sig.length); ssl->buffers.sig.buffer, ssl->buffers.sig.length);
} }
#endif /* HAVE_ECC */ #endif /* HAVE_ECC */
#ifdef HAVE_ECC #ifdef HAVE_ECC
if (ssl->hsType == DYNAMIC_TYPE_ED25519) { if (ssl->hsType == DYNAMIC_TYPE_ED25519) {
args->length = ssl->buffers.sig.length; args->length = (word16)ssl->buffers.sig.length;
/* prepend hdr */ /* prepend hdr */
c16toa((word16)ssl->buffers.sig.length, args->verify + c16toa(args->length, args->verify + args->extraSz);
args->extraSz);
XMEMCPY(args->verify + args->extraSz + VERIFY_HEADER, XMEMCPY(args->verify + args->extraSz + VERIFY_HEADER,
ssl->buffers.sig.buffer, ssl->buffers.sig.length); ssl->buffers.sig.buffer, ssl->buffers.sig.length);
} }
@@ -19497,11 +19497,11 @@ int SendCertificateVerify(WOLFSSL* ssl)
if (args->output == NULL) { if (args->output == NULL) {
ERROR_OUT(BUFFER_ERROR, exit_scv); ERROR_OUT(BUFFER_ERROR, exit_scv);
} }
AddHeaders(args->output, args->length + args->extraSz + AddHeaders(args->output, (word32)args->length + args->extraSz +
VERIFY_HEADER, certificate_verify, ssl); VERIFY_HEADER, certificate_verify, ssl);
args->sendSz = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ + args->sendSz = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ +
args->length + args->extraSz + VERIFY_HEADER; (word32)args->length + args->extraSz + VERIFY_HEADER;
#ifdef WOLFSSL_DTLS #ifdef WOLFSSL_DTLS
if (ssl->options.dtls) { if (ssl->options.dtls) {