mirror of https://github.com/openssl/openssl
ssl/tls13_enc.c: Replace size_t with int and add the checks
Replace the type of variables with int to avoid implicit cast when they are assigned by EVP_MD_get_size(). Moreover, add the checks to avoid integer overflow. Fixes:6612d87b89
("Use the correct size for TLSv1.3 finished keys") Fixes:34574f193b
("Add support for TLS1.3 secret generation") Signed-off-by: Jiasheng Jiang <jiasheng@purdue.edu> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23942)
This commit is contained in:
parent
9f6a48749a
commit
bcf81f742d
|
@ -247,8 +247,14 @@ int tls13_generate_master_secret(SSL_CONNECTION *s, unsigned char *out,
|
|||
size_t *secret_size)
|
||||
{
|
||||
const EVP_MD *md = ssl_handshake_md(s);
|
||||
int tmpsize;
|
||||
|
||||
*secret_size = EVP_MD_get_size(md);
|
||||
tmpsize = EVP_MD_get_size(md);
|
||||
if (tmpsize <= 0) {
|
||||
SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
|
||||
return 0;
|
||||
}
|
||||
*secret_size = (size_t)tmpsize;
|
||||
/* Calls SSLfatal() if required */
|
||||
return tls13_generate_secret(s, md, prev, NULL, 0, out);
|
||||
}
|
||||
|
@ -436,7 +442,7 @@ int tls13_change_cipher_state(SSL_CONNECTION *s, int which)
|
|||
unsigned char *insecret;
|
||||
unsigned char *finsecret = NULL;
|
||||
const char *log_label = NULL;
|
||||
size_t finsecretlen = 0;
|
||||
int finsecretlen = 0;
|
||||
const unsigned char *label;
|
||||
size_t labellen, hashlen = 0;
|
||||
int ret = 0;
|
||||
|
@ -541,6 +547,10 @@ int tls13_change_cipher_state(SSL_CONNECTION *s, int which)
|
|||
insecret = s->handshake_secret;
|
||||
finsecret = s->client_finished_secret;
|
||||
finsecretlen = EVP_MD_get_size(ssl_handshake_md(s));
|
||||
if (finsecretlen <= 0) {
|
||||
SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
|
||||
goto err;
|
||||
}
|
||||
label = client_handshake_traffic;
|
||||
labellen = sizeof(client_handshake_traffic) - 1;
|
||||
log_label = CLIENT_HANDSHAKE_LABEL;
|
||||
|
@ -573,6 +583,10 @@ int tls13_change_cipher_state(SSL_CONNECTION *s, int which)
|
|||
insecret = s->handshake_secret;
|
||||
finsecret = s->server_finished_secret;
|
||||
finsecretlen = EVP_MD_get_size(ssl_handshake_md(s));
|
||||
if (finsecretlen <= 0) {
|
||||
SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
|
||||
goto err;
|
||||
}
|
||||
label = server_handshake_traffic;
|
||||
labellen = sizeof(server_handshake_traffic) - 1;
|
||||
log_label = SERVER_HANDSHAKE_LABEL;
|
||||
|
@ -657,7 +671,7 @@ int tls13_change_cipher_state(SSL_CONNECTION *s, int which)
|
|||
|
||||
if (finsecret != NULL
|
||||
&& !tls13_derive_finishedkey(s, ssl_handshake_md(s), secret,
|
||||
finsecret, finsecretlen)) {
|
||||
finsecret, (size_t)finsecretlen)) {
|
||||
/* SSLfatal() already called */
|
||||
goto err;
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue