MatrixSSL 4.6.0

2022-12-29 11:25:01 +02:00
parent 69b5f2c6c3
commit effeb14219
15 changed files with 73 additions and 20 deletions
--- a/apps/ssl/server.c
+++ b/apps/ssl/server.c
@@ -1934,7 +1934,7 @@ static int32 sighandlers(void)
 /* Warn on segmentation violation */
 static void sigsegv_handler(int unused)
 {
-    Printf("Segfault! Please report this as a bug to support@peersec.com\n");
+    Printf("Segfault! Please report this as a bug to matrixssl@rambus.com\n");
    exit(EXIT_FAILURE);
 }

--- a/core/include/psStat.h
+++ b/core/include/psStat.h
@@ -166,6 +166,7 @@ typedef enum
    PS_STAT_ID_IKEV1_DERIVE_KEYING_MATERIAL,
    PS_STAT_ID_RBG_TEST_VECTOR,
    PS_STAT_ID_RBG_RAW_ENTROPY,
+    PS_STAT_ID_RBG_RAW_NOISE,
    PS_STAT_ID_ASSET_ALLOCATE_EX,
    PS_STAT_ID_ASSET_REBIND,
    PS_STAT_ID_ASSET_ALLOCATE_AND_ASSOCIATE_KEY_EXTRA_EX,
--- a/crypto/common/alg_info.c
+++ b/crypto/common/alg_info.c
@@ -86,6 +86,7 @@ psResSize_t psSigAlgToHashLen(int32_t sigAlg)
    case OID_MD5_RSA_SIG:
        return MD5_HASH_SIZE;
    case OID_SHA1_RSA_SIG:
+    case OID_SHA1_RSA_SIG2:
    case OID_SHA1_ECDSA_SIG:
    case OID_SHA1_DSA_SIG:
        return SHA1_HASH_SIZE;
@@ -132,7 +133,7 @@ psResSize_t psSigAlgToHashLen(int32_t sigAlg)
    }
 }

-# ifdef USE_PKCS1_PSS
+# if defined(USE_PKCS1_PSS) || defined(USE_PKCS1_OAEP)
 psResSize_t psPssHashAlgToHashLen(int32_t pssHashAlg)
 {
    switch(pssHashAlg)
@@ -420,8 +421,8 @@ psBool_t psIsEcdheGroup(uint16_t namedGroup)
            namedGroup == namedgroup_secp256r1 ||
            namedGroup == namedgroup_secp384r1 ||
            namedGroup == namedgroup_secp521r1 ||
-# ifdef USE_BRAIN521R1
-            namedGroup == namedgroup_brain521r1 ||
+# ifdef USE_BRAIN512R1
+            namedGroup == namedgroup_brain512r1 ||
 # endif
 # ifdef USE_BRAIN384R1
            namedGroup == namedgroup_brain384r1 ||
--- a/crypto/crypto_sign/ps_ed25519.c
+++ b/crypto/crypto_sign/ps_ed25519.c
@@ -41,6 +41,7 @@
 #endif

 #ifdef USE_MATRIX_ED25519
+/* The pubkey must be the genuine key matching the privKey */
 int32_t psEd25519Sign(const unsigned char *msg,
        psSizeL_t msgLen,
        unsigned char *sigOut,
--- a/crypto/crypto_sign/ps_ed25519.h
+++ b/crypto/crypto_sign/ps_ed25519.h
@@ -44,6 +44,7 @@
 # include "osdep-types.h"

 #ifdef USE_MATRIX_ED25519
+/* The pubkey must be the genuine key matching the privKey */
 int32_t psEd25519Sign(const unsigned char *msg,
        psSizeL_t msgLen,
        unsigned char *sigOut,
--- a/crypto/cryptolib.h
+++ b/crypto/cryptolib.h
@@ -474,7 +474,7 @@ extern int32_t psGetPrngLocked(unsigned char *bytes, psSize_t size,
 #  define namedgroup_secp521r1   0x0019
 #  define namedgroup_brain256r1  0x001a
 #  define namedgroup_brain384r1  0x001b
-#  define namedgroup_brain521r1  0x001c
+#  define namedgroup_brain512r1  0x001c
 #  define namedgroup_x25519      0x001d
 #  define namedgroup_x448        0x001e
 #  define namedgroup_ffdhe2048   0x0100
--- a/doc/CHANGES_v4.x.html
+++ b/doc/CHANGES_v4.x.html
@@ -1,5 +1,12 @@
 <h1>MatrixSSL 4.x changelog</h1>

+<h2>Changes between 4.5.1 and 4.6.0 [December 2022]</h2>
+
+<pre><code>* Fixed a integer overflow (CVE-2022-43974) The vulnerability was found by
+  Robert Hörr and Alissar Ibrahim, Security Evaluators of the Telekom
+  Security Evaluation Facility.
+</code></pre>
+
 <h2>Changes between 4.5.0 and 4.5.1 [July 2022]</h2>

 <pre><code>* Fix a usage of return value of psX509ParseCert when a flag is set
--- a/doc/CHANGES_v4.x.md
+++ b/doc/CHANGES_v4.x.md
@@ -1,5 +1,11 @@
 # MatrixSSL 4.x changelog

+## Changes between 4.5.1 and 4.6.0 [December 2022]
+
+    * Fixed a integer overflow (CVE-2022-43974) The vulnerability was found by
+      Robert Hörr and Alissar Ibrahim, Security Evaluators of the Telekom
+      Security Evaluation Facility.
+
 ## Changes between 4.5.0 and 4.5.1 [July 2022]

    * Fix a usage of return value of psX509ParseCert when a flag is set
--- a/doc/CHANGES_v4.x.txt
+++ b/doc/CHANGES_v4.x.txt
@@ -1,5 +1,11 @@
                            MatrixSSL 4.x changelog

+Changes between 4.5.1 and 4.6.0 [December 2022]
+
+* Fixed a integer overflow (CVE-2022-43974) The vulnerability was found by
+  Robert Hörr and Alissar Ibrahim, Security Evaluators of the Telekom
+  Security Evaluation Facility.
+
 Changes between 4.5.0 and 4.5.1 [July 2022]

 * Fix a usage of return value of psX509ParseCert when a flag is set
--- a/matrixssl/test/pkcs12Test.c
+++ b/matrixssl/test/pkcs12Test.c
@@ -5,7 +5,7 @@
 *      Test program that tries out the new extensions to pkcs12 parsing.
 */
 /*
- *      Copyright (c) 2020 Rambus Inc
+ *      Copyright (c) 2020 INSIDE Secure Corporation
 *      All Rights Reserved
 *
 *      The latest version of this code is available at http://www.matrixssl.org
--- a/matrixssl/test/provider.c
+++ b/matrixssl/test/provider.c
@@ -5,7 +5,7 @@
 *      Example how to set crypto provider programmatically.
 */
 /*
- *      Copyright (c) 2017-2017 Rambus Inc
+ *      Copyright (c) 2017-2017 INSIDE Secure Corporation
 *      All Rights Reserved
 *
 *      The latest version of this code is available at http://www.matrixssl.org
--- a/matrixssl/test/sslTest.c
+++ b/matrixssl/test/sslTest.c
@@ -7,7 +7,7 @@
 *      Iterates over all supported protocol versions and ciphersuites.
 */
 /*
- *      Copyright (c) 2014-2018 Rambus Inc
+ *      Copyright (c) 2014-2018 INSIDE Secure Corporation
 *      Copyright (c) PeerSec Networks, 2002-2011
 *      All Rights Reserved
 *
@@ -362,6 +362,9 @@ static __THREAD uint32_t ECCKEY_SIZE, ECC_SIZE, ECCCA_SIZE;
 #   include "testkeys/DH/2048_DH_PARAMS.h"
 #   include "testkeys/DH/3072_DH_PARAMS.h"
 #   include "testkeys/DH/4096_DH_PARAMS.h"
+#   include "testkeys/DH/ffdhe2048_DH_PARAMS.h"
+#   include "testkeys/DH/ffdhe3072_DH_PARAMS.h"
+#   include "testkeys/DH/ffdhe4096_DH_PARAMS.h"
 #   ifdef USE_LARGE_DH_GROUPS
 #    include "testkeys/DH/ffdhe6144_DH_PARAMS.h"
 #    include "testkeys/DH/ffdhe8192_DH_PARAMS.h"
@@ -1660,24 +1663,36 @@ L_NEXT_DH:
            switch (DH_SIZE)
            {
            case 0:
-                DHPARAM = DHPARAM1024; DH_SIZE = DHPARAM1024_SIZE;
-                keysize = 1024;
-                break;
+                {
+                    DHPARAM = DHPARAM1024; DH_SIZE = DHPARAM1024_SIZE;
+                    keysize = 1024;
+                    break;
+                }
            case DHPARAM1024_SIZE:
-                DHPARAM = DHPARAM2048; DH_SIZE = DHPARAM2048_SIZE;
-                keysize = 2048;
-                break;
+                {
+                    DHPARAM = DHPARAM2048; DH_SIZE = DHPARAM2048_SIZE;
+                    keysize = 2048;
+                    break;
+                }
            case DHPARAM2048_SIZE:
                DHPARAM = DHPARAM3072; DH_SIZE = DHPARAM3072_SIZE;
                keysize = 3072;
                break;
+            case ffdhe2048_DH_PARAMS_SIZE:
+                DHPARAM = ffdhe3072_DH_PARAMS; DH_SIZE = ffdhe3072_DH_PARAMS_SIZE;
+                keysize = 3072;
+                break;
+            case ffdhe3072_DH_PARAMS_SIZE:
+                DHPARAM = ffdhe4096_DH_PARAMS; DH_SIZE = ffdhe4096_DH_PARAMS_SIZE;
+                keysize = 4096;
+                break;
            case DHPARAM3072_SIZE:
 #   if !defined(EMBEDDED) || defined(USE_LARGE_DH_GROUPS)
                DHPARAM = DHPARAM4096; DH_SIZE = DHPARAM4096_SIZE;
                keysize = 4096;
                break;
 #   if defined(USE_LARGE_DH_GROUPS)
-            case DHPARAM4096_SIZE:
+            case DHPARAM4096_SIZE:case ffdhe4096_DH_PARAMS_SIZE:
                DHPARAM = ffdhe6144_DH_PARAMS;
                DH_SIZE = ffdhe6144_DH_PARAMS_SIZE;
                keysize = 6144;
@@ -1689,7 +1704,7 @@ L_NEXT_DH:
                break;
            case ffdhe8192_DH_PARAMS_SIZE:
 #   else
-            case DHPARAM4096_SIZE:
+            case DHPARAM4096_SIZE:case ffdhe4096_DH_PARAMS_SIZE:
 #   endif
 #   endif       /* !EMBEDDED || USE_LARGE_DH_GROUPS */
                DH_SIZE = 0;
@@ -1702,6 +1717,7 @@ L_NEXT_DH:
        }
 #  endif /* REQUIRE_DH_PARAMS */

+
 # ifdef USE_PSK_CIPHER_SUITE
        if (spec->type == CS_PSK)
        {
--- a/matrixssl/tls13Decode.c
+++ b/matrixssl/tls13Decode.c
@@ -269,7 +269,14 @@ parse_next_record_header:
        }
        /* Done - tell the caller what we've consumed. */
        *in += parsedBytes;
-        *len -= parsedBytes;
+        if (*len >= parsedBytes)
+        {
+            *len -= parsedBytes;
+        }
+        else
+        {
+            return MATRIXSSL_ERROR;
+        }
        *remaining -= PS_MIN(parsedBytes, *remaining);
        /* If there's handshake message waiting in outbuf then send it */
        if (ssl->outlen > 0)
--- a/matrixssl/version.h
+++ b/matrixssl/version.h
@@ -8,10 +8,10 @@
 extern "C" {
 #endif

-#define MATRIXSSL_VERSION      "4.5.1-OPEN"
+#define MATRIXSSL_VERSION      "4.6.0-OPEN"
 #define MATRIXSSL_VERSION_MAJOR 4
-#define MATRIXSSL_VERSION_MINOR 5
-#define MATRIXSSL_VERSION_PATCH 1
+#define MATRIXSSL_VERSION_MINOR 6
+#define MATRIXSSL_VERSION_PATCH 0
 #define MATRIXSSL_VERSION_CODE "OPEN"

 #ifdef __cplusplus
--- a/release_notes-4-6-0-open.html
+++ b/release_notes-4-6-0-open.html
@@ -1,5 +1,12 @@
 <h1>MatrixSSL 4.x changelog</h1>

+<h2>Changes between 4.5.1 and 4.6.0 [December 2022]</h2>
+
+<pre><code>* Fixed a integer overflow (CVE-2022-43974) The vulnerability was found by
+  Robert Hörr and Alissar Ibrahim, Security Evaluators of the Telekom
+  Security Evaluation Facility.
+</code></pre>
+
 <h2>Changes between 4.5.0 and 4.5.1 [July 2022]</h2>

 <pre><code>* Fix a usage of return value of psX509ParseCert when a flag is set