Commit 2eb2b4f3a12d0b8807447913a3b16f21104c701b - openssl

Key zeroization fix for EVP_SealInit + added simple test Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/7105) Shane Lontis authored 5 years ago Pauli committed 5 years ago

2 changed file(s) with 58 addition(s) and 6 deletion(s). Raw diff Collapse all Expand all

+13

-6

crypto/evp/p_seal.c less more

20	20	{
21	21	unsigned char key[EVP_MAX_KEY_LENGTH];
22	22	int i;
	23	int rv = 0;
23	24
24	25	if (type) {
25	26	EVP_CIPHER_CTX_reset(ctx);

30	31	return 1;
31	32	if (EVP_CIPHER_CTX_rand_key(ctx, key) <= 0)
32	33	return 0;
	34
33	35	if (EVP_CIPHER_CTX_iv_length(ctx)
34		&& RAND_bytes(iv, EVP_CIPHER_CTX_iv_length(ctx)) <= 0)
35		return 0;
	36	&& RAND_bytes(iv, EVP_CIPHER_CTX_iv_length(ctx)) <= 0)
	37	goto err;
36	38
37	39	if (!EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv))
38		return 0;
	40	goto err;
39	41
40	42	for (i = 0; i < npubk; i++) {
41	43	ekl[i] =
42	44	EVP_PKEY_encrypt_old(ek[i], key, EVP_CIPHER_CTX_key_length(ctx),
43	45	pubk[i]);
44		if (ekl[i] <= 0)
45		return -1;
	46	if (ekl[i] <= 0) {
	47	rv = -1;
	48	goto err;
	49	}
46	50	}
47		return npubk;
	51	rv = npubk;
	52	err:
	53	OPENSSL_cleanse(key, sizeof(key));
	54	return rv;
48	55	}
49	56
50	57	int EVP_SealFinal(EVP_CIPHER_CTX ctx, unsigned char out, int *outl)

+45

-0

test/evp_extra_test.c less more

355	355	return ret;
356	356	}
357	357
	358	static int test_EVP_Enveloped(void)
	359	{
	360	int ret = 0;
	361	EVP_CIPHER_CTX *ctx = NULL;
	362	EVP_PKEY *keypair = NULL;
	363	unsigned char *kek = NULL;
	364	unsigned char iv[EVP_MAX_IV_LENGTH];
	365	static const unsigned char msg[] = { 1, 2, 3, 4, 5, 6, 7, 8 };
	366	int len, kek_len, ciphertext_len, plaintext_len;
	367	unsigned char ciphertext[32], plaintext[16];
	368	const EVP_CIPHER *type = EVP_aes_256_cbc();
	369
	370	if (!TEST_ptr(keypair = load_example_rsa_key())
	371	\|\| !TEST_ptr(kek = OPENSSL_zalloc(EVP_PKEY_size(keypair)))
	372	\|\| !TEST_ptr(ctx = EVP_CIPHER_CTX_new())
	373	\|\| !TEST_true(EVP_SealInit(ctx, type, &kek, &kek_len, iv,
	374	&keypair, 1))
	375	\|\| !TEST_true(EVP_SealUpdate(ctx, ciphertext, &ciphertext_len,
	376	msg, sizeof(msg)))
	377	\|\| !TEST_true(EVP_SealFinal(ctx, ciphertext + ciphertext_len,
	378	&len)))
	379	goto err;
	380
	381	ciphertext_len += len;
	382
	383	if (!TEST_true(EVP_OpenInit(ctx, type, kek, kek_len, iv, keypair))
	384	\|\| !TEST_true(EVP_OpenUpdate(ctx, plaintext, &plaintext_len,
	385	ciphertext, ciphertext_len))
	386	\|\| !TEST_true(EVP_OpenFinal(ctx, plaintext + plaintext_len, &len)))
	387	goto err;
	388
	389	plaintext_len += len;
	390	if (!TEST_mem_eq(msg, sizeof(msg), plaintext, plaintext_len))
	391	goto err;
	392
	393	ret = 1;
	394	err:
	395	OPENSSL_free(kek);
	396	EVP_PKEY_free(keypair);
	397	EVP_CIPHER_CTX_free(ctx);
	398	return ret;
	399	}
	400
	401
358	402	static int test_EVP_DigestSignInit(void)
359	403	{
360	404	int ret = 0;

780	824	{
781	825	ADD_TEST(test_EVP_DigestSignInit);
782	826	ADD_TEST(test_EVP_DigestVerifyInit);
	827	ADD_TEST(test_EVP_Enveloped);
783	828	ADD_ALL_TESTS(test_d2i_AutoPrivateKey, OSSL_NELEM(keydata));
784	829	#ifndef OPENSSL_NO_EC
785	830	ADD_TEST(test_EVP_PKCS82PKEY);