diff options
| author | Neil Horman <nhorman@openssl.org> | 2023-09-12 23:09:06 +0200 |
|---|---|---|
| committer | Pauli <pauli@openssl.org> | 2023-09-17 13:02:58 +0200 |
| commit | 0ca5cf989101cae6ffeaef3518e99839fbccb9ba (patch) | |
| tree | 9ccdbfab977295ca262df97fa33e92923e349f54 /providers | |
| parent | Fix regression in evp_test for provider compat CI (diff) | |
| download | openssl-0ca5cf989101cae6ffeaef3518e99839fbccb9ba.tar.xz openssl-0ca5cf989101cae6ffeaef3518e99839fbccb9ba.zip | |
Fix a key repointing in various ciphers
In the dupctx fixups I missed a pointer that needed to be repointed to
the surrounding structures AES_KEY structure for the sm4/aes/aria
ccm/gcm variants. This caused a colliding use of the key and possible
use after free issues.
Fixes #22076
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22102)
Diffstat (limited to 'providers')
5 files changed, 35 insertions, 5 deletions
diff --git a/providers/implementations/ciphers/cipher_aes_gcm.c b/providers/implementations/ciphers/cipher_aes_gcm.c index 0a15693cc1..edc3cc262e 100644 --- a/providers/implementations/ciphers/cipher_aes_gcm.c +++ b/providers/implementations/ciphers/cipher_aes_gcm.c @@ -37,10 +37,16 @@ static void *aes_gcm_newctx(void *provctx, size_t keybits) static void *aes_gcm_dupctx(void *provctx) { PROV_AES_GCM_CTX *ctx = provctx; + PROV_AES_GCM_CTX *dctx = NULL; if (ctx == NULL) return NULL; - return OPENSSL_memdup(ctx, sizeof(*ctx)); + + dctx = OPENSSL_memdup(ctx, sizeof(*ctx)); + if (dctx != NULL && dctx->base.gcm.key != NULL) + dctx->base.gcm.key = &dctx->ks.ks; + + return dctx; } static OSSL_FUNC_cipher_freectx_fn aes_gcm_freectx; diff --git a/providers/implementations/ciphers/cipher_aria_ccm.c b/providers/implementations/ciphers/cipher_aria_ccm.c index 39a96a6f14..5fae593469 100644 --- a/providers/implementations/ciphers/cipher_aria_ccm.c +++ b/providers/implementations/ciphers/cipher_aria_ccm.c @@ -31,10 +31,16 @@ static void *aria_ccm_newctx(void *provctx, size_t keybits) static void *aria_ccm_dupctx(void *provctx) { PROV_ARIA_CCM_CTX *ctx = provctx; + PROV_ARIA_CCM_CTX *dctx = NULL; if (ctx == NULL) return NULL; - return OPENSSL_memdup(ctx, sizeof(*ctx)); + + dctx = OPENSSL_memdup(ctx, sizeof(*ctx)); + if (dctx != NULL && dctx->base.ccm_ctx.key != NULL) + dctx->base.ccm_ctx.key = &dctx->ks.ks; + + return dctx; } static void aria_ccm_freectx(void *vctx) diff --git a/providers/implementations/ciphers/cipher_aria_gcm.c b/providers/implementations/ciphers/cipher_aria_gcm.c index 6ffa0910fa..f9eb64cc19 100644 --- a/providers/implementations/ciphers/cipher_aria_gcm.c +++ b/providers/implementations/ciphers/cipher_aria_gcm.c @@ -30,10 +30,16 @@ static void *aria_gcm_newctx(void *provctx, size_t keybits) static void *aria_gcm_dupctx(void *provctx) { PROV_ARIA_GCM_CTX *ctx = provctx; + PROV_ARIA_GCM_CTX *dctx = NULL; if (ctx == NULL) return NULL; - return OPENSSL_memdup(ctx, sizeof(*ctx)); + + dctx = OPENSSL_memdup(ctx, sizeof(*ctx)); + if (dctx != NULL && dctx->base.gcm.key != NULL) + dctx->base.gcm.key = &dctx->ks.ks; + + return dctx; } static OSSL_FUNC_cipher_freectx_fn aria_gcm_freectx; diff --git a/providers/implementations/ciphers/cipher_sm4_ccm.c b/providers/implementations/ciphers/cipher_sm4_ccm.c index 5fd7d1a114..47fc6e103c 100644 --- a/providers/implementations/ciphers/cipher_sm4_ccm.c +++ b/providers/implementations/ciphers/cipher_sm4_ccm.c @@ -31,10 +31,16 @@ static void *sm4_ccm_newctx(void *provctx, size_t keybits) static void *sm4_ccm_dupctx(void *provctx) { PROV_SM4_CCM_CTX *ctx = provctx; + PROV_SM4_CCM_CTX *dctx = NULL; if (ctx == NULL) return NULL; - return OPENSSL_memdup(ctx, sizeof(*ctx)); + + dctx = OPENSSL_memdup(ctx, sizeof(*ctx)); + if (dctx != NULL && dctx->base.ccm_ctx.key != NULL) + dctx->base.ccm_ctx.key = &dctx->ks.ks; + + return dctx; } static void sm4_ccm_freectx(void *vctx) diff --git a/providers/implementations/ciphers/cipher_sm4_gcm.c b/providers/implementations/ciphers/cipher_sm4_gcm.c index 79e1b556d4..e8fcf5787e 100644 --- a/providers/implementations/ciphers/cipher_sm4_gcm.c +++ b/providers/implementations/ciphers/cipher_sm4_gcm.c @@ -32,10 +32,16 @@ static void *sm4_gcm_newctx(void *provctx, size_t keybits) static void *sm4_gcm_dupctx(void *provctx) { PROV_SM4_GCM_CTX *ctx = provctx; + PROV_SM4_GCM_CTX *dctx = NULL; if (ctx == NULL) return NULL; - return OPENSSL_memdup(ctx, sizeof(*ctx)); + + dctx = OPENSSL_memdup(ctx, sizeof(*ctx)); + if (dctx != NULL && dctx->base.gcm.key != NULL) + dctx->base.gcm.key = &dctx->ks.ks; + + return dctx; } static void sm4_gcm_freectx(void *vctx) |