lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-08-01 10:06:53 +03:00
Code Activity

Merge pull request #5313 from gilles-peskine-arm/missing-ret-check-mbedtls_md_hmac

Browse Source 
Check HMAC return values
This commit is contained in:
Dave Rodgman
2021-12-13 10:51:27 +00:00
committed by GitHub
parent c11192fcb2 ecf6bebb9c
commit 050ad4bb50
5 changed files with 131 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

93
library/ssl_msg.c
View File

@ -663,16 +663,25 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl,
}
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
unsigned char mac[MBEDTLS_SSL_MAC_ADD];
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
ssl_extract_add_data_from_record( add_data, &add_data_len, rec,
transform->minor_ver,
transform->taglen );
mbedtls_md_hmac_update( &transform->md_ctx_enc, add_data,
add_data_len );
mbedtls_md_hmac_update( &transform->md_ctx_enc, data, rec->data_len );
mbedtls_md_hmac_finish( &transform->md_ctx_enc, mac );
mbedtls_md_hmac_reset( &transform->md_ctx_enc );
ret = mbedtls_md_hmac_update( &transform->md_ctx_enc, add_data,
add_data_len );
if( ret != 0 )
goto hmac_failed_etm_disabled;
ret = mbedtls_md_hmac_update( &transform->md_ctx_enc, data, rec->data_len );
if( ret != 0 )
goto hmac_failed_etm_disabled;
ret = mbedtls_md_hmac_finish( &transform->md_ctx_enc, mac );
if( ret != 0 )
goto hmac_failed_etm_disabled;
ret = mbedtls_md_hmac_reset( &transform->md_ctx_enc );
if( ret != 0 )
goto hmac_failed_etm_disabled;
memcpy( data + rec->data_len, mac, transform->maclen );
#endif
@ -683,6 +692,14 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl,
rec->data_len += transform->maclen;
post_avail -= transform->maclen;
auth_done++;
hmac_failed_etm_disabled:
mbedtls_platform_zeroize( mac, transform->maclen );
if( ret != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md_hmac_xxx", ret );
return( ret );
}
}
#endif /* MBEDTLS_SSL_SOME_SUITES_USE_MAC */
@ -925,18 +942,34 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl,
MBEDTLS_SSL_DEBUG_BUF( 4, "MAC'd meta-data", add_data,
add_data_len );
mbedtls_md_hmac_update( &transform->md_ctx_enc, add_data,
add_data_len );
mbedtls_md_hmac_update( &transform->md_ctx_enc,
data, rec->data_len );
mbedtls_md_hmac_finish( &transform->md_ctx_enc, mac );
mbedtls_md_hmac_reset( &transform->md_ctx_enc );
ret = mbedtls_md_hmac_update( &transform->md_ctx_enc, add_data,
add_data_len );
if( ret != 0 )
goto hmac_failed_etm_enabled;
ret = mbedtls_md_hmac_update( &transform->md_ctx_enc,
data, rec->data_len );
if( ret != 0 )
goto hmac_failed_etm_enabled;
ret = mbedtls_md_hmac_finish( &transform->md_ctx_enc, mac );
if( ret != 0 )
goto hmac_failed_etm_enabled;
ret = mbedtls_md_hmac_reset( &transform->md_ctx_enc );
if( ret != 0 )
goto hmac_failed_etm_enabled;
memcpy( data + rec->data_len, mac, transform->maclen );
rec->data_len += transform->maclen;
post_avail -= transform->maclen;
auth_done++;
hmac_failed_etm_enabled:
mbedtls_platform_zeroize( mac, transform->maclen );
if( ret != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "HMAC calculation failed", ret );
return( ret );
}
}
#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */
}
@ -1207,12 +1240,20 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl,
/* Calculate expected MAC. */
MBEDTLS_SSL_DEBUG_BUF( 4, "MAC'd meta-data", add_data,
add_data_len );
mbedtls_md_hmac_update( &transform->md_ctx_dec, add_data,
add_data_len );
mbedtls_md_hmac_update( &transform->md_ctx_dec,
ret = mbedtls_md_hmac_update( &transform->md_ctx_dec, add_data,
add_data_len );
if( ret != 0 )
goto hmac_failed_etm_enabled;
ret = mbedtls_md_hmac_update( &transform->md_ctx_dec,
data, rec->data_len );
mbedtls_md_hmac_finish( &transform->md_ctx_dec, mac_expect );
mbedtls_md_hmac_reset( &transform->md_ctx_dec );
if( ret != 0 )
goto hmac_failed_etm_enabled;
ret = mbedtls_md_hmac_finish( &transform->md_ctx_dec, mac_expect );
if( ret != 0 )
goto hmac_failed_etm_enabled;
ret = mbedtls_md_hmac_reset( &transform->md_ctx_dec );
if( ret != 0 )
goto hmac_failed_etm_enabled;
MBEDTLS_SSL_DEBUG_BUF( 4, "message mac", data + rec->data_len,
transform->maclen );
@ -1224,9 +1265,19 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl,
transform->maclen ) != 0 )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "message mac does not match" ) );
return( MBEDTLS_ERR_SSL_INVALID_MAC );
ret = MBEDTLS_ERR_SSL_INVALID_MAC;
goto hmac_failed_etm_enabled;
}
auth_done++;
hmac_failed_etm_enabled:
mbedtls_platform_zeroize( mac_expect, transform->maclen );
if( ret != 0 )
{
if( ret != MBEDTLS_ERR_SSL_INVALID_MAC )
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_hmac_xxx", ret );
return( ret );
}
}
#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */
@ -1418,7 +1469,7 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl,
if( ret != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ct_hmac", ret );
return( ret );
goto hmac_failed_etm_disabled;
}
mbedtls_ct_memcpy_offset( mac_peer, data,
@ -1441,6 +1492,12 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl,
correct = 0;
}
auth_done++;
hmac_failed_etm_disabled:
mbedtls_platform_zeroize( mac_peer, transform->maclen );
mbedtls_platform_zeroize( mac_expect, transform->maclen );
if( ret != 0 )
return( ret );
}
/*