New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Check for EVP_MD being NULL inside ssl. #18784
Changes from all commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -257,13 +257,17 @@ int tls13_generate_master_secret(SSL *s, unsigned char *out, | |
size_t tls13_final_finish_mac(SSL *s, const char *str, size_t slen, | ||
unsigned char *out) | ||
{ | ||
const char *mdname = EVP_MD_get0_name(ssl_handshake_md(s)); | ||
const EVP_MD *md = ssl_handshake_md(s); | ||
const char *mdname = EVP_MD_get0_name(md); | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Don't we need a NULL check here? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. It looks like EVP_MD_get0_name returns NULL if its argument is NULL, so this should be OK. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Safer to check it nonetheless. There is no telling what changes will be made in the future that break this assumption. For example, |
||
unsigned char hash[EVP_MAX_MD_SIZE]; | ||
unsigned char finsecret[EVP_MAX_MD_SIZE]; | ||
unsigned char *key = NULL; | ||
size_t len = 0, hashlen; | ||
OSSL_PARAM params[2], *p = params; | ||
|
||
if (md == NULL) | ||
return 0; | ||
|
||
/* Safe to cast away const here since we're not "getting" any data */ | ||
if (s->ctx->propq != NULL) | ||
*p++ = OSSL_PARAM_construct_utf8_string(OSSL_ALG_PARAM_PROPERTIES, | ||
|
@@ -281,7 +285,7 @@ size_t tls13_final_finish_mac(SSL *s, const char *str, size_t slen, | |
} else if (SSL_IS_FIRST_HANDSHAKE(s)) { | ||
key = s->client_finished_secret; | ||
} else { | ||
if (!tls13_derive_finishedkey(s, ssl_handshake_md(s), | ||
if (!tls13_derive_finishedkey(s, md, | ||
s->client_app_traffic_secret, | ||
finsecret, hashlen)) | ||
goto err; | ||
|
@@ -781,7 +785,7 @@ int tls13_update_key(SSL *s, int sending) | |
RECORD_LAYER_reset_read_sequence(&s->rlayer); | ||
} | ||
|
||
if (!derive_secret_key_and_iv(s, sending, ssl_handshake_md(s), | ||
if (!derive_secret_key_and_iv(s, sending, md, | ||
s->s3.tmp.new_sym_enc, insecret, NULL, | ||
application_traffic, | ||
sizeof(application_traffic) - 1, secret, key, | ||
|
@@ -826,7 +830,7 @@ int tls13_export_keying_material(SSL *s, unsigned char *out, size_t olen, | |
unsigned int hashsize, datalen; | ||
int ret = 0; | ||
|
||
if (ctx == NULL || !ossl_statem_export_allowed(s)) | ||
if (ctx == NULL || md == NULL || !ossl_statem_export_allowed(s)) | ||
goto err; | ||
|
||
if (!use_context) | ||
|
@@ -895,7 +899,8 @@ int tls13_export_keying_material_early(SSL *s, unsigned char *out, size_t olen, | |
* | ||
* Here Transcript-Hash is the cipher suite hash algorithm. | ||
*/ | ||
if (EVP_DigestInit_ex(ctx, md, NULL) <= 0 | ||
if (md == NULL | ||
|| EVP_DigestInit_ex(ctx, md, NULL) <= 0 | ||
|| EVP_DigestUpdate(ctx, context, contextlen) <= 0 | ||
|| EVP_DigestFinal_ex(ctx, hash, &hashsize) <= 0 | ||
|| EVP_DigestInit_ex(ctx, md, NULL) <= 0 | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I wonder if EVP_MD_is_a and friends should return false when passed a NULL pointer? Some functions do, some don't.