aboutsummaryrefslogtreecommitdiffstats
path: root/package/libs/wolfssl/patches/001-CVE-2017-13099.patch
diff options
context:
space:
mode:
Diffstat (limited to 'package/libs/wolfssl/patches/001-CVE-2017-13099.patch')
-rw-r--r--package/libs/wolfssl/patches/001-CVE-2017-13099.patch144
1 files changed, 0 insertions, 144 deletions
diff --git a/package/libs/wolfssl/patches/001-CVE-2017-13099.patch b/package/libs/wolfssl/patches/001-CVE-2017-13099.patch
deleted file mode 100644
index e7b63cb8d4..0000000000
--- a/package/libs/wolfssl/patches/001-CVE-2017-13099.patch
+++ /dev/null
@@ -1,144 +0,0 @@
-From fd455d5a5e9fef24c208e7ac7d3a4bc58834cbf1 Mon Sep 17 00:00:00 2001
-From: David Garske <david@wolfssl.com>
-Date: Tue, 14 Nov 2017 14:05:50 -0800
-Subject: [PATCH] Fix for handling of static RSA PKCS formatting failures so
- they are indistinguishable from from correctly formatted RSA blocks (per
- RFC5246 section 7.4.7.1). Adjusted the static RSA preMasterSecret RNG
- creation for consistency in client case. Removed obsolete
- `PMS_VERSION_ERROR`.
-
----
- src/internal.c | 70 +++++++++++++++++++++++++++++++++++++++++++++--------
- wolfssl/error-ssl.h | 2 +-
- 2 files changed, 61 insertions(+), 11 deletions(-)
-
---- a/src/internal.c
-+++ b/src/internal.c
-@@ -14190,9 +14190,6 @@ const char* wolfSSL_ERR_reason_error_str
- case NOT_READY_ERROR :
- return "handshake layer not ready yet, complete first";
-
-- case PMS_VERSION_ERROR :
-- return "premaster secret version mismatch error";
--
- case VERSION_ERROR :
- return "record layer version error";
-
-@@ -18758,8 +18755,10 @@ int SendClientKeyExchange(WOLFSSL* ssl)
- #ifndef NO_RSA
- case rsa_kea:
- {
-+ /* build PreMasterSecret with RNG data */
- ret = wc_RNG_GenerateBlock(ssl->rng,
-- ssl->arrays->preMasterSecret, SECRET_LEN);
-+ &ssl->arrays->preMasterSecret[VERSION_SZ],
-+ SECRET_LEN - VERSION_SZ);
- if (ret != 0) {
- goto exit_scke;
- }
-@@ -23545,6 +23544,9 @@ static int DoSessionTicket(WOLFSSL* ssl,
- word32 idx;
- word32 begin;
- word32 sigSz;
-+ #ifndef NO_RSA
-+ int lastErr;
-+ #endif
- } DckeArgs;
-
- static void FreeDckeArgs(WOLFSSL* ssl, void* pArgs)
-@@ -23770,6 +23772,14 @@ static int DoSessionTicket(WOLFSSL* ssl,
- ERROR_OUT(BUFFER_ERROR, exit_dcke);
- }
-
-+ /* pre-load PreMasterSecret with RNG data */
-+ ret = wc_RNG_GenerateBlock(ssl->rng,
-+ &ssl->arrays->preMasterSecret[VERSION_SZ],
-+ SECRET_LEN - VERSION_SZ);
-+ if (ret != 0) {
-+ goto exit_dcke;
-+ }
-+
- args->output = NULL;
- break;
- } /* rsa_kea */
-@@ -24234,6 +24244,20 @@ static int DoSessionTicket(WOLFSSL* ssl,
- NULL, 0, NULL
- #endif
- );
-+
-+ /* Errors that can occur here that should be
-+ * indistinguishable:
-+ * RSA_BUFFER_E, RSA_PAD_E and RSA_PRIVATE_ERROR
-+ */
-+ if (ret < 0 && ret != BAD_FUNC_ARG) {
-+ #ifdef WOLFSSL_ASYNC_CRYPT
-+ if (ret == WC_PENDING_E)
-+ goto exit_dcke;
-+ #endif
-+ /* store error code for handling below */
-+ args->lastErr = ret;
-+ ret = 0;
-+ }
- break;
- } /* rsa_kea */
- #endif /* !NO_RSA */
-@@ -24380,16 +24404,42 @@ static int DoSessionTicket(WOLFSSL* ssl,
- /* Add the signature length to idx */
- args->idx += args->length;
-
-- if (args->sigSz == SECRET_LEN && args->output != NULL) {
-- XMEMCPY(ssl->arrays->preMasterSecret, args->output, SECRET_LEN);
-- if (ssl->arrays->preMasterSecret[0] != ssl->chVersion.major ||
-- ssl->arrays->preMasterSecret[1] != ssl->chVersion.minor) {
-- ERROR_OUT(PMS_VERSION_ERROR, exit_dcke);
-+ #ifdef DEBUG_WOLFSSL
-+ /* check version (debug warning message only) */
-+ if (args->output != NULL) {
-+ if (args->output[0] != ssl->chVersion.major ||
-+ args->output[1] != ssl->chVersion.minor) {
-+ WOLFSSL_MSG("preMasterSecret version mismatch");
- }
- }
-+ #endif
-+
-+ /* RFC5246 7.4.7.1:
-+ * Treat incorrectly formatted message blocks and/or
-+ * mismatched version numbers in a manner
-+ * indistinguishable from correctly formatted RSA blocks
-+ */
-+
-+ ret = args->lastErr;
-+ args->lastErr = 0; /* reset */
-+
-+ /* build PreMasterSecret */
-+ ssl->arrays->preMasterSecret[0] = ssl->chVersion.major;
-+ ssl->arrays->preMasterSecret[1] = ssl->chVersion.minor;
-+ if (ret == 0 && args->sigSz == SECRET_LEN &&
-+ args->output != NULL) {
-+ XMEMCPY(&ssl->arrays->preMasterSecret[VERSION_SZ],
-+ &args->output[VERSION_SZ],
-+ SECRET_LEN - VERSION_SZ);
-+ }
- else {
-- ERROR_OUT(RSA_PRIVATE_ERROR, exit_dcke);
-+ /* preMasterSecret has RNG and version set */
-+ /* return proper length and ignore error */
-+ /* error will be caught as decryption error */
-+ args->sigSz = SECRET_LEN;
-+ ret = 0;
- }
-+
- break;
- } /* rsa_kea */
- #endif /* !NO_RSA */
---- a/wolfssl/error-ssl.h
-+++ b/wolfssl/error-ssl.h
-@@ -57,7 +57,7 @@ enum wolfSSL_ErrorCodes {
- DOMAIN_NAME_MISMATCH = -322, /* peer subject name mismatch */
- WANT_READ = -323, /* want read, call again */
- NOT_READY_ERROR = -324, /* handshake layer not ready */
-- PMS_VERSION_ERROR = -325, /* pre m secret version error */
-+
- VERSION_ERROR = -326, /* record layer version error */
- WANT_WRITE = -327, /* want write, call again */
- BUFFER_ERROR = -328, /* malformed buffer input */