fix incorrect bignum rng buffer size [fix #17772] (#17874)

JuliaLang · Aug 10, 2016 · 99c4add · 99c4add
1 parent bba57b0
commit 99c4add
Show file tree

Hide file tree

Showing 3 changed files with 63 additions and 55 deletions.
diff --git a/deps/mbedtls.mk b/deps/mbedtls.mk
@@ -35,15 +35,11 @@ $(SRCDIR)/srccache/$(MBEDTLS_SRC)/CMakeLists.txt: $(SRCDIR)/srccache/$(MBEDTLS_S
 	$(TAR) -C $(dir $@) --strip-components 1 -xf $<
 	touch -c $@
 
-$(SRCDIR)/srccache/$(MBEDTLS_SRC)/mbedtls-config.patch-applied: | $(SRCDIR)/srccache/$(MBEDTLS_SRC)/CMakeLists.txt
-	cd $(SRCDIR)/srccache/$(MBEDTLS_SRC) && patch -p0 -f < $(SRCDIR)/patches/mbedtls-config.patch
-	echo 1 > $@
-
 $(SRCDIR)/srccache/$(MBEDTLS_SRC)/mbedtls-ssl.h.patch-applied: | $(SRCDIR)/srccache/$(MBEDTLS_SRC)/CMakeLists.txt
 	cd $(SRCDIR)/srccache/$(MBEDTLS_SRC)/include/mbedtls && patch -p0 -f < $(SRCDIR)/patches/mbedtls-ssl.h.patch
 	echo 1 > $@
 
-$(BUILDDIR)/mbedtls-$(MBEDTLS_VER)/Makefile: $(SRCDIR)/srccache/$(MBEDTLS_SRC)/CMakeLists.txt $(SRCDIR)/srccache/$(MBEDTLS_SRC)/mbedtls-config.patch-applied $(SRCDIR)/srccache/$(MBEDTLS_SRC)/mbedtls-ssl.h.patch-applied
+$(BUILDDIR)/mbedtls-$(MBEDTLS_VER)/Makefile: $(SRCDIR)/srccache/$(MBEDTLS_SRC)/CMakeLists.txt $(SRCDIR)/srccache/$(MBEDTLS_SRC)/mbedtls-ssl.h.patch-applied
 	mkdir -p $(dir $@)
 	cd $(dir $@) && \
 	$(CMAKE) $(dir $<) $(MBEDTLS_OPTS)

diff --git a/deps/patches/libssh2-mbedtls.patch b/deps/patches/libssh2-mbedtls.patch
@@ -159,10 +159,10 @@ index e85aecd..366d007 100644
 
 diff --git a/src/mbedtls.c b/src/mbedtls.c
 new file mode 100644
-index 0000000..98bc549
+index 0000000..1d181e1
 --- /dev/null
 +++ b/src/mbedtls.c
-@@ -0,0 +1,570 @@
+@@ -0,0 +1,606 @@
 +#include "libssh2_priv.h"
 +
 +#ifdef LIBSSH2_MBEDTLS /* compile only if we build with mbedtls */
@@ -277,10 +277,10 @@ index 0000000..98bc549
 +        if(!ret)
 +            ret = mbedtls_cipher_finish(ctx, output + olen, &finish_olen);
 +
-+        olen += finish_olen;
-+
-+        if (!ret)
++        if (!ret) {
++            olen += finish_olen;
 +            memcpy(block, output, olen);
++        }
 +
 +        _libssh2_mbedtls_safe_free(output, osize);
 +    }
@@ -306,6 +306,9 @@ index 0000000..98bc549
 +    int ret, hmac;
 +
 +    md_info = mbedtls_md_info_from_type(mdtype);
++    if(!md_info)
++        return 0;
++
 +    hmac = key == NULL ? 0 : 1;
 +
 +    mbedtls_md_init(ctx);
@@ -339,6 +342,9 @@ index 0000000..98bc549
 +    int ret;
 +
 +    md_info = mbedtls_md_info_from_type(mdtype);
++    if(!md_info)
++        return 0;
++
 +    ret = mbedtls_md(md_info, data, datalen, hash);
 +
 +    return ret == 0 ? 0 : -1;
@@ -362,17 +368,47 @@ index 0000000..98bc549
 +    return bignum;
 +}
 +
-+void
-+_libssh2_mbedtls_bignum_free(_libssh2_bn *bn)
++int
++_libssh2_mbedtls_bignum_random(_libssh2_bn *bn, int bits, int top, int bottom)
 +{
-+    if (bn)
-+    {
-+        mbedtls_mpi_free(bn);
-+#ifdef LIBSSH2_CLEAR_MEMORY
-+        memset(bn, 0, sizeof(_libssh2_bn));
-+#endif
++    size_t len;
++    int err;
++    int i;
++
++    if (!bn || bits <= 0)
++        return -1;
++
++    len = (bits + 7) >> 3;
++    err = mbedtls_mpi_fill_random(bn, len, mbedtls_ctr_drbg_random, &_libssh2_mbedtls_ctr_drbg);
++    if (err)
++        return -1;
++
++    /* Zero unsued bits above the most significant bit*/
++    for(i=len*8-1;bits<=i;--i) {
++        err = mbedtls_mpi_set_bit(bn, i, 0);
++        if (err)
++            return -1;
++    }
++
++    /* If `top` is -1, the most significant bit of the random number can be zero.
++       If top is 0, the most significant bit of the random number is set to 1,
++       and if top is 1, the two most significant bits of the number will be set
++       to 1, so that the product of two such random numbers will always have 2*bits length.
++    */
++    for(i=0;i<=top;++i) {
++        err = mbedtls_mpi_set_bit(bn, bits-i-1, 1);
++        if (err)
++            return -1;
++    }
++
++    /* make odd by setting first bit in least significant byte */
++    if (bottom) {
++        err = mbedtls_mpi_set_bit(bn, 0, 1);
++        if (err)
++            return -1;
 +    }
-+    mbedtls_free(bn);
++
++    return 0;
 +}
 +
 +
@@ -464,7 +500,7 @@ index 0000000..98bc549
 +    mbedtls_pk_init(&pkey);
 +
 +    ret = mbedtls_pk_parse_keyfile(&pkey, filename, (char *)passphrase);
-+    if( ret != 0 )
++    if( ret != 0 || mbedtls_pk_get_type(&pkey) != MBEDTLS_PK_RSA)
 +    {
 +        mbedtls_pk_free(&pkey);
 +        mbedtls_rsa_free(*rsa);
@@ -498,7 +534,7 @@ index 0000000..98bc549
 +
 +    ret = mbedtls_pk_parse_key(&pkey, (unsigned char *)filedata,
 +                              filedata_len, NULL, 0);
-+    if( ret != 0 )
++    if( ret != 0 || mbedtls_pk_get_type(&pkey) != MBEDTLS_PK_RSA)
 +    {
 +        mbedtls_pk_free(&pkey);
 +        mbedtls_rsa_free(*rsa);
@@ -529,7 +565,7 @@ index 0000000..98bc549
 +        return -1; /* failure */
 +
 +    ret = mbedtls_rsa_pkcs1_verify(rsa, NULL, NULL, MBEDTLS_RSA_PUBLIC,
-+                                   MBEDTLS_MD_SHA1, sig_len, hash, sig);
++                                   MBEDTLS_MD_SHA1, SHA_DIGEST_LENGTH, hash, sig);
 +
 +    return (ret == 0) ? 0 : -1;
 +}
@@ -735,10 +771,10 @@ index 0000000..98bc549
 +#endif /* LIBSSH2_MBEDTLS */
 diff --git a/src/mbedtls.h b/src/mbedtls.h
 new file mode 100644
-index 0000000..f594575
+index 0000000..248583e
 --- /dev/null
 +++ b/src/mbedtls.h
-@@ -0,0 +1,368 @@
+@@ -0,0 +1,371 @@
 +#include <stdlib.h>
 +#include <string.h>
 +
@@ -980,8 +1016,8 @@ index 0000000..f594575
 +  _libssh2_mbedtls_bignum_init()
 +#define _libssh2_bn_init_from_bin() \
 +  _libssh2_mbedtls_bignum_init()
-+#define _libssh2_bn_rand(bn, bytes, top, bottom) \
-+  mbedtls_mpi_fill_random(bn, bytes, mbedtls_ctr_drbg_random, &_libssh2_mbedtls_ctr_drbg)
++#define _libssh2_bn_rand(bn, bits, top, bottom) \
++  _libssh2_mbedtls_bignum_random(bn, bits, top, bottom)
 +#define _libssh2_bn_mod_exp(r, a, p, m, ctx) \
 +  mbedtls_mpi_exp_mod(r, a, p, m, NULL)
 +#define _libssh2_bn_set_word(bn, word) \
@@ -995,7 +1031,7 @@ index 0000000..f594575
 +#define _libssh2_bn_bits(bn) \
 +  mbedtls_mpi_bitlen(bn)
 +#define _libssh2_bn_free(bn) \
-+  _libssh2_mbedtls_bignum_free(bn)
++  mbedtls_mpi_free(bn)
 +
 +
 +/*******************************************************************/
@@ -1044,6 +1080,9 @@ index 0000000..f594575
 +_libssh2_mbedtls_bignum_free(_libssh2_bn *bn);
 +
 +int
++_libssh2_mbedtls_bignum_random(_libssh2_bn *bn, int bits, int top, int bottom);
++
++int
 +_libssh2_mbedtls_rsa_new(libssh2_rsa_ctx **rsa,
 +                        const unsigned char *edata,
 +                        unsigned long elen,
@@ -1106,4 +1145,4 @@ index 0000000..f594575
 +                                       size_t *pubkeydata_len,
 +                                       const char *privatekeydata,
 +                                       size_t privatekeydata_len,
-+                                       const char *passphrase);
++                                       const char *passphrase);
diff --git a/deps/patches/mbedtls-config.patch b/deps/patches/mbedtls-config.patch