diff options
Diffstat (limited to 'package/libs/wolfssl/patches')
-rw-r--r-- | package/libs/wolfssl/patches/001-CVE-2017-13099.patch | 144 | ||||
-rw-r--r-- | package/libs/wolfssl/patches/100-disable-hardening-check.patch | 2 |
2 files changed, 1 insertions, 145 deletions
diff --git a/package/libs/wolfssl/patches/001-CVE-2017-13099.patch b/package/libs/wolfssl/patches/001-CVE-2017-13099.patch deleted file mode 100644 index e7b63cb8d4..0000000000 --- a/package/libs/wolfssl/patches/001-CVE-2017-13099.patch +++ /dev/null @@ -1,144 +0,0 @@ -From fd455d5a5e9fef24c208e7ac7d3a4bc58834cbf1 Mon Sep 17 00:00:00 2001 -From: David Garske <david@wolfssl.com> -Date: Tue, 14 Nov 2017 14:05:50 -0800 -Subject: [PATCH] Fix for handling of static RSA PKCS formatting failures so - they are indistinguishable from from correctly formatted RSA blocks (per - RFC5246 section 7.4.7.1). Adjusted the static RSA preMasterSecret RNG - creation for consistency in client case. Removed obsolete - `PMS_VERSION_ERROR`. - ---- - src/internal.c | 70 +++++++++++++++++++++++++++++++++++++++++++++-------- - wolfssl/error-ssl.h | 2 +- - 2 files changed, 61 insertions(+), 11 deletions(-) - ---- a/src/internal.c -+++ b/src/internal.c -@@ -14190,9 +14190,6 @@ const char* wolfSSL_ERR_reason_error_str - case NOT_READY_ERROR : - return "handshake layer not ready yet, complete first"; - -- case PMS_VERSION_ERROR : -- return "premaster secret version mismatch error"; -- - case VERSION_ERROR : - return "record layer version error"; - -@@ -18758,8 +18755,10 @@ int SendClientKeyExchange(WOLFSSL* ssl) - #ifndef NO_RSA - case rsa_kea: - { -+ /* build PreMasterSecret with RNG data */ - ret = wc_RNG_GenerateBlock(ssl->rng, -- ssl->arrays->preMasterSecret, SECRET_LEN); -+ &ssl->arrays->preMasterSecret[VERSION_SZ], -+ SECRET_LEN - VERSION_SZ); - if (ret != 0) { - goto exit_scke; - } -@@ -23545,6 +23544,9 @@ static int DoSessionTicket(WOLFSSL* ssl, - word32 idx; - word32 begin; - word32 sigSz; -+ #ifndef NO_RSA -+ int lastErr; -+ #endif - } DckeArgs; - - static void FreeDckeArgs(WOLFSSL* ssl, void* pArgs) -@@ -23770,6 +23772,14 @@ static int DoSessionTicket(WOLFSSL* ssl, - ERROR_OUT(BUFFER_ERROR, exit_dcke); - } - -+ /* pre-load PreMasterSecret with RNG data */ -+ ret = wc_RNG_GenerateBlock(ssl->rng, -+ &ssl->arrays->preMasterSecret[VERSION_SZ], -+ SECRET_LEN - VERSION_SZ); -+ if (ret != 0) { -+ goto exit_dcke; -+ } -+ - args->output = NULL; - break; - } /* rsa_kea */ -@@ -24234,6 +24244,20 @@ static int DoSessionTicket(WOLFSSL* ssl, - NULL, 0, NULL - #endif - ); -+ -+ /* Errors that can occur here that should be -+ * indistinguishable: -+ * RSA_BUFFER_E, RSA_PAD_E and RSA_PRIVATE_ERROR -+ */ -+ if (ret < 0 && ret != BAD_FUNC_ARG) { -+ #ifdef WOLFSSL_ASYNC_CRYPT -+ if (ret == WC_PENDING_E) -+ goto exit_dcke; -+ #endif -+ /* store error code for handling below */ -+ args->lastErr = ret; -+ ret = 0; -+ } - break; - } /* rsa_kea */ - #endif /* !NO_RSA */ -@@ -24380,16 +24404,42 @@ static int DoSessionTicket(WOLFSSL* ssl, - /* Add the signature length to idx */ - args->idx += args->length; - -- if (args->sigSz == SECRET_LEN && args->output != NULL) { -- XMEMCPY(ssl->arrays->preMasterSecret, args->output, SECRET_LEN); -- if (ssl->arrays->preMasterSecret[0] != ssl->chVersion.major || -- ssl->arrays->preMasterSecret[1] != ssl->chVersion.minor) { -- ERROR_OUT(PMS_VERSION_ERROR, exit_dcke); -+ #ifdef DEBUG_WOLFSSL -+ /* check version (debug warning message only) */ -+ if (args->output != NULL) { -+ if (args->output[0] != ssl->chVersion.major || -+ args->output[1] != ssl->chVersion.minor) { -+ WOLFSSL_MSG("preMasterSecret version mismatch"); - } - } -+ #endif -+ -+ /* RFC5246 7.4.7.1: -+ * Treat incorrectly formatted message blocks and/or -+ * mismatched version numbers in a manner -+ * indistinguishable from correctly formatted RSA blocks -+ */ -+ -+ ret = args->lastErr; -+ args->lastErr = 0; /* reset */ -+ -+ /* build PreMasterSecret */ -+ ssl->arrays->preMasterSecret[0] = ssl->chVersion.major; -+ ssl->arrays->preMasterSecret[1] = ssl->chVersion.minor; -+ if (ret == 0 && args->sigSz == SECRET_LEN && -+ args->output != NULL) { -+ XMEMCPY(&ssl->arrays->preMasterSecret[VERSION_SZ], -+ &args->output[VERSION_SZ], -+ SECRET_LEN - VERSION_SZ); -+ } - else { -- ERROR_OUT(RSA_PRIVATE_ERROR, exit_dcke); -+ /* preMasterSecret has RNG and version set */ -+ /* return proper length and ignore error */ -+ /* error will be caught as decryption error */ -+ args->sigSz = SECRET_LEN; -+ ret = 0; - } -+ - break; - } /* rsa_kea */ - #endif /* !NO_RSA */ ---- a/wolfssl/error-ssl.h -+++ b/wolfssl/error-ssl.h -@@ -57,7 +57,7 @@ enum wolfSSL_ErrorCodes { - DOMAIN_NAME_MISMATCH = -322, /* peer subject name mismatch */ - WANT_READ = -323, /* want read, call again */ - NOT_READY_ERROR = -324, /* handshake layer not ready */ -- PMS_VERSION_ERROR = -325, /* pre m secret version error */ -+ - VERSION_ERROR = -326, /* record layer version error */ - WANT_WRITE = -327, /* want write, call again */ - BUFFER_ERROR = -328, /* malformed buffer input */ diff --git a/package/libs/wolfssl/patches/100-disable-hardening-check.patch b/package/libs/wolfssl/patches/100-disable-hardening-check.patch index 83d51b1d5c..d913b5fdea 100644 --- a/package/libs/wolfssl/patches/100-disable-hardening-check.patch +++ b/package/libs/wolfssl/patches/100-disable-hardening-check.patch @@ -1,6 +1,6 @@ --- a/wolfssl/wolfcrypt/settings.h +++ b/wolfssl/wolfcrypt/settings.h -@@ -1553,7 +1553,7 @@ extern void uITRON4_free(void *p) ; +@@ -1624,7 +1624,7 @@ extern void uITRON4_free(void *p) ; #endif /* warning for not using harden build options (default with ./configure) */ |