Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix incorrect bignum rng buffer size in libssh2-mbedtls backend #17874

Merged
merged 1 commit into from
Aug 10, 2016
Merged

Fix incorrect bignum rng buffer size in libssh2-mbedtls backend #17874

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 1 addition & 5 deletions deps/mbedtls.mk
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -35,15 +35,11 @@ $(SRCDIR)/srccache/$(MBEDTLS_SRC)/CMakeLists.txt: $(SRCDIR)/srccache/$(MBEDTLS_S
$(TAR) -C $(dir $@) --strip-components 1 -xf $<
touch -c $@

$(SRCDIR)/srccache/$(MBEDTLS_SRC)/mbedtls-config.patch-applied: | $(SRCDIR)/srccache/$(MBEDTLS_SRC)/CMakeLists.txt
cd $(SRCDIR)/srccache/$(MBEDTLS_SRC) && patch -p0 -f < $(SRCDIR)/patches/mbedtls-config.patch
echo 1 > $@

$(SRCDIR)/srccache/$(MBEDTLS_SRC)/mbedtls-ssl.h.patch-applied: | $(SRCDIR)/srccache/$(MBEDTLS_SRC)/CMakeLists.txt
cd $(SRCDIR)/srccache/$(MBEDTLS_SRC)/include/mbedtls && patch -p0 -f < $(SRCDIR)/patches/mbedtls-ssl.h.patch
echo 1 > $@

$(BUILDDIR)/mbedtls-$(MBEDTLS_VER)/Makefile: $(SRCDIR)/srccache/$(MBEDTLS_SRC)/CMakeLists.txt $(SRCDIR)/srccache/$(MBEDTLS_SRC)/mbedtls-config.patch-applied $(SRCDIR)/srccache/$(MBEDTLS_SRC)/mbedtls-ssl.h.patch-applied
$(BUILDDIR)/mbedtls-$(MBEDTLS_VER)/Makefile: $(SRCDIR)/srccache/$(MBEDTLS_SRC)/CMakeLists.txt $(SRCDIR)/srccache/$(MBEDTLS_SRC)/mbedtls-ssl.h.patch-applied
mkdir -p $(dir $@)
cd $(dir $@) && \
$(CMAKE) $(dir $<) $(MBEDTLS_OPTS)
Expand Down
85 changes: 62 additions & 23 deletions deps/patches/libssh2-mbedtls.patch
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -159,10 +159,10 @@ index e85aecd..366d007 100644

diff --git a/src/mbedtls.c b/src/mbedtls.c
new file mode 100644
index 0000000..98bc549
index 0000000..1d181e1
--- /dev/null
+++ b/src/mbedtls.c
@@ -0,0 +1,570 @@
@@ -0,0 +1,606 @@
+#include "libssh2_priv.h"
+
+#ifdef LIBSSH2_MBEDTLS /* compile only if we build with mbedtls */
Expand Down Expand Up @@ -277,10 +277,10 @@ index 0000000..98bc549
+ if(!ret)
+ ret = mbedtls_cipher_finish(ctx, output + olen, &finish_olen);
+
+ olen += finish_olen;
+
+ if (!ret)
+ if (!ret) {
+ olen += finish_olen;
+ memcpy(block, output, olen);
+ }
+
+ _libssh2_mbedtls_safe_free(output, osize);
+ }
Expand All @@ -306,6 +306,9 @@ index 0000000..98bc549
+ int ret, hmac;
+
+ md_info = mbedtls_md_info_from_type(mdtype);
+ if(!md_info)
+ return 0;
+
+ hmac = key == NULL ? 0 : 1;
+
+ mbedtls_md_init(ctx);
Expand Down Expand Up @@ -339,6 +342,9 @@ index 0000000..98bc549
+ int ret;
+
+ md_info = mbedtls_md_info_from_type(mdtype);
+ if(!md_info)
+ return 0;
+
+ ret = mbedtls_md(md_info, data, datalen, hash);
+
+ return ret == 0 ? 0 : -1;
Expand All @@ -362,17 +368,47 @@ index 0000000..98bc549
+ return bignum;
+}
+
+void
+_libssh2_mbedtls_bignum_free(_libssh2_bn *bn)
+int
+_libssh2_mbedtls_bignum_random(_libssh2_bn *bn, int bits, int top, int bottom)
+{
+ if (bn)
+ {
+ mbedtls_mpi_free(bn);
+#ifdef LIBSSH2_CLEAR_MEMORY
+ memset(bn, 0, sizeof(_libssh2_bn));
+#endif
+ size_t len;
+ int err;
+ int i;
+
+ if (!bn || bits <= 0)
+ return -1;
+
+ len = (bits + 7) >> 3;
+ err = mbedtls_mpi_fill_random(bn, len, mbedtls_ctr_drbg_random, &_libssh2_mbedtls_ctr_drbg);
+ if (err)
+ return -1;
+
+ /* Zero unsued bits above the most significant bit*/
+ for(i=len*8-1;bits<=i;--i) {
+ err = mbedtls_mpi_set_bit(bn, i, 0);
+ if (err)
+ return -1;
+ }
+
+ /* If `top` is -1, the most significant bit of the random number can be zero.
+ If top is 0, the most significant bit of the random number is set to 1,
+ and if top is 1, the two most significant bits of the number will be set
+ to 1, so that the product of two such random numbers will always have 2*bits length.
+ */
+ for(i=0;i<=top;++i) {
+ err = mbedtls_mpi_set_bit(bn, bits-i-1, 1);
+ if (err)
+ return -1;
+ }
+
+ /* make odd by setting first bit in least significant byte */
+ if (bottom) {
+ err = mbedtls_mpi_set_bit(bn, 0, 1);
+ if (err)
+ return -1;
+ }
+ mbedtls_free(bn);
+
+ return 0;
+}
+
+
Expand Down Expand Up @@ -464,7 +500,7 @@ index 0000000..98bc549
+ mbedtls_pk_init(&pkey);
+
+ ret = mbedtls_pk_parse_keyfile(&pkey, filename, (char *)passphrase);
+ if( ret != 0 )
+ if( ret != 0 || mbedtls_pk_get_type(&pkey) != MBEDTLS_PK_RSA)
+ {
+ mbedtls_pk_free(&pkey);
+ mbedtls_rsa_free(*rsa);
Expand Down Expand Up @@ -498,7 +534,7 @@ index 0000000..98bc549
+
+ ret = mbedtls_pk_parse_key(&pkey, (unsigned char *)filedata,
+ filedata_len, NULL, 0);
+ if( ret != 0 )
+ if( ret != 0 || mbedtls_pk_get_type(&pkey) != MBEDTLS_PK_RSA)
+ {
+ mbedtls_pk_free(&pkey);
+ mbedtls_rsa_free(*rsa);
Expand Down Expand Up @@ -529,7 +565,7 @@ index 0000000..98bc549
+ return -1; /* failure */
+
+ ret = mbedtls_rsa_pkcs1_verify(rsa, NULL, NULL, MBEDTLS_RSA_PUBLIC,
+ MBEDTLS_MD_SHA1, sig_len, hash, sig);
+ MBEDTLS_MD_SHA1, SHA_DIGEST_LENGTH, hash, sig);
+
+ return (ret == 0) ? 0 : -1;
+}
Expand Down Expand Up @@ -735,10 +771,10 @@ index 0000000..98bc549
+#endif /* LIBSSH2_MBEDTLS */
diff --git a/src/mbedtls.h b/src/mbedtls.h
new file mode 100644
index 0000000..f594575
index 0000000..248583e
--- /dev/null
+++ b/src/mbedtls.h
@@ -0,0 +1,368 @@
@@ -0,0 +1,371 @@
+#include <stdlib.h>
+#include <string.h>
+
Expand Down Expand Up @@ -980,8 +1016,8 @@ index 0000000..f594575
+ _libssh2_mbedtls_bignum_init()
+#define _libssh2_bn_init_from_bin() \
+ _libssh2_mbedtls_bignum_init()
+#define _libssh2_bn_rand(bn, bytes, top, bottom) \
+ mbedtls_mpi_fill_random(bn, bytes, mbedtls_ctr_drbg_random, &_libssh2_mbedtls_ctr_drbg)
+#define _libssh2_bn_rand(bn, bits, top, bottom) \
+ _libssh2_mbedtls_bignum_random(bn, bits, top, bottom)
+#define _libssh2_bn_mod_exp(r, a, p, m, ctx) \
+ mbedtls_mpi_exp_mod(r, a, p, m, NULL)
+#define _libssh2_bn_set_word(bn, word) \
Expand All @@ -995,7 +1031,7 @@ index 0000000..f594575
+#define _libssh2_bn_bits(bn) \
+ mbedtls_mpi_bitlen(bn)
+#define _libssh2_bn_free(bn) \
+ _libssh2_mbedtls_bignum_free(bn)
+ mbedtls_mpi_free(bn)
+
+
+/*******************************************************************/
Expand Down Expand Up @@ -1044,6 +1080,9 @@ index 0000000..f594575
+_libssh2_mbedtls_bignum_free(_libssh2_bn *bn);
+
+int
+_libssh2_mbedtls_bignum_random(_libssh2_bn *bn, int bits, int top, int bottom);
+
+int
+_libssh2_mbedtls_rsa_new(libssh2_rsa_ctx **rsa,
+ const unsigned char *edata,
+ unsigned long elen,
Expand Down Expand Up @@ -1106,4 +1145,4 @@ index 0000000..f594575
+ size_t *pubkeydata_len,
+ const char *privatekeydata,
+ size_t privatekeydata_len,
+ const char *passphrase);
+ const char *passphrase);
27 changes: 0 additions & 27 deletions deps/patches/mbedtls-config.patch
View file
Open in desktop

This file was deleted.