diff --git a/apps/ssl/server.c b/apps/ssl/server.c
index 49a8c4f..7a1c309 100644
--- a/apps/ssl/server.c
+++ b/apps/ssl/server.c
@@ -1934,7 +1934,7 @@ static int32 sighandlers(void)
/* Warn on segmentation violation */
static void sigsegv_handler(int unused)
{
- Printf("Segfault! Please report this as a bug to support@peersec.com\n");
+ Printf("Segfault! Please report this as a bug to matrixssl@rambus.com\n");
exit(EXIT_FAILURE);
}
diff --git a/core/include/psStat.h b/core/include/psStat.h
index 52a1642..9918691 100644
--- a/core/include/psStat.h
+++ b/core/include/psStat.h
@@ -166,6 +166,7 @@ typedef enum
PS_STAT_ID_IKEV1_DERIVE_KEYING_MATERIAL,
PS_STAT_ID_RBG_TEST_VECTOR,
PS_STAT_ID_RBG_RAW_ENTROPY,
+ PS_STAT_ID_RBG_RAW_NOISE,
PS_STAT_ID_ASSET_ALLOCATE_EX,
PS_STAT_ID_ASSET_REBIND,
PS_STAT_ID_ASSET_ALLOCATE_AND_ASSOCIATE_KEY_EXTRA_EX,
diff --git a/crypto/common/alg_info.c b/crypto/common/alg_info.c
index c57684c..4f1b4e1 100644
--- a/crypto/common/alg_info.c
+++ b/crypto/common/alg_info.c
@@ -86,6 +86,7 @@ psResSize_t psSigAlgToHashLen(int32_t sigAlg)
case OID_MD5_RSA_SIG:
return MD5_HASH_SIZE;
case OID_SHA1_RSA_SIG:
+ case OID_SHA1_RSA_SIG2:
case OID_SHA1_ECDSA_SIG:
case OID_SHA1_DSA_SIG:
return SHA1_HASH_SIZE;
@@ -132,7 +133,7 @@ psResSize_t psSigAlgToHashLen(int32_t sigAlg)
}
}
-# ifdef USE_PKCS1_PSS
+# if defined(USE_PKCS1_PSS) || defined(USE_PKCS1_OAEP)
psResSize_t psPssHashAlgToHashLen(int32_t pssHashAlg)
{
switch(pssHashAlg)
@@ -420,8 +421,8 @@ psBool_t psIsEcdheGroup(uint16_t namedGroup)
namedGroup == namedgroup_secp256r1 ||
namedGroup == namedgroup_secp384r1 ||
namedGroup == namedgroup_secp521r1 ||
-# ifdef USE_BRAIN521R1
- namedGroup == namedgroup_brain521r1 ||
+# ifdef USE_BRAIN512R1
+ namedGroup == namedgroup_brain512r1 ||
# endif
# ifdef USE_BRAIN384R1
namedGroup == namedgroup_brain384r1 ||
diff --git a/crypto/crypto_sign/ps_ed25519.c b/crypto/crypto_sign/ps_ed25519.c
index 975f421..56056ac 100644
--- a/crypto/crypto_sign/ps_ed25519.c
+++ b/crypto/crypto_sign/ps_ed25519.c
@@ -41,6 +41,7 @@
#endif
#ifdef USE_MATRIX_ED25519
+/* The pubkey must be the genuine key matching the privKey */
int32_t psEd25519Sign(const unsigned char *msg,
psSizeL_t msgLen,
unsigned char *sigOut,
diff --git a/crypto/crypto_sign/ps_ed25519.h b/crypto/crypto_sign/ps_ed25519.h
index 0197565..cab2c42 100644
--- a/crypto/crypto_sign/ps_ed25519.h
+++ b/crypto/crypto_sign/ps_ed25519.h
@@ -44,6 +44,7 @@
# include "osdep-types.h"
#ifdef USE_MATRIX_ED25519
+/* The pubkey must be the genuine key matching the privKey */
int32_t psEd25519Sign(const unsigned char *msg,
psSizeL_t msgLen,
unsigned char *sigOut,
diff --git a/crypto/cryptolib.h b/crypto/cryptolib.h
index e3b525f..b358d7e 100644
--- a/crypto/cryptolib.h
+++ b/crypto/cryptolib.h
@@ -474,7 +474,7 @@ extern int32_t psGetPrngLocked(unsigned char *bytes, psSize_t size,
# define namedgroup_secp521r1 0x0019
# define namedgroup_brain256r1 0x001a
# define namedgroup_brain384r1 0x001b
-# define namedgroup_brain521r1 0x001c
+# define namedgroup_brain512r1 0x001c
# define namedgroup_x25519 0x001d
# define namedgroup_x448 0x001e
# define namedgroup_ffdhe2048 0x0100
diff --git a/doc/CHANGES_v4.x.html b/doc/CHANGES_v4.x.html
index 565bdfc..87b86b9 100644
--- a/doc/CHANGES_v4.x.html
+++ b/doc/CHANGES_v4.x.html
@@ -1,5 +1,12 @@
MatrixSSL 4.x changelog
+Changes between 4.5.1 and 4.6.0 [December 2022]
+
+* Fixed a integer overflow (CVE-2022-43974) The vulnerability was found by
+ Robert Hörr and Alissar Ibrahim, Security Evaluators of the Telekom
+ Security Evaluation Facility.
+
+
Changes between 4.5.0 and 4.5.1 [July 2022]
* Fix a usage of return value of psX509ParseCert when a flag is set
diff --git a/doc/CHANGES_v4.x.md b/doc/CHANGES_v4.x.md
index 6d2f6bd..2730e7e 100644
--- a/doc/CHANGES_v4.x.md
+++ b/doc/CHANGES_v4.x.md
@@ -1,5 +1,11 @@
# MatrixSSL 4.x changelog
+## Changes between 4.5.1 and 4.6.0 [December 2022]
+
+ * Fixed a integer overflow (CVE-2022-43974) The vulnerability was found by
+ Robert Hörr and Alissar Ibrahim, Security Evaluators of the Telekom
+ Security Evaluation Facility.
+
## Changes between 4.5.0 and 4.5.1 [July 2022]
* Fix a usage of return value of psX509ParseCert when a flag is set
diff --git a/doc/CHANGES_v4.x.txt b/doc/CHANGES_v4.x.txt
index 23fef3e..134a4a5 100644
--- a/doc/CHANGES_v4.x.txt
+++ b/doc/CHANGES_v4.x.txt
@@ -1,5 +1,11 @@
MatrixSSL 4.x changelog
+Changes between 4.5.1 and 4.6.0 [December 2022]
+
+* Fixed a integer overflow (CVE-2022-43974) The vulnerability was found by
+ Robert Hörr and Alissar Ibrahim, Security Evaluators of the Telekom
+ Security Evaluation Facility.
+
Changes between 4.5.0 and 4.5.1 [July 2022]
* Fix a usage of return value of psX509ParseCert when a flag is set
diff --git a/matrixssl/test/pkcs12Test.c b/matrixssl/test/pkcs12Test.c
index cb822b7..4dc4135 100644
--- a/matrixssl/test/pkcs12Test.c
+++ b/matrixssl/test/pkcs12Test.c
@@ -5,7 +5,7 @@
* Test program that tries out the new extensions to pkcs12 parsing.
*/
/*
- * Copyright (c) 2020 Rambus Inc
+ * Copyright (c) 2020 INSIDE Secure Corporation
* All Rights Reserved
*
* The latest version of this code is available at http://www.matrixssl.org
diff --git a/matrixssl/test/provider.c b/matrixssl/test/provider.c
index 6dd0622..92961ac 100644
--- a/matrixssl/test/provider.c
+++ b/matrixssl/test/provider.c
@@ -5,7 +5,7 @@
* Example how to set crypto provider programmatically.
*/
/*
- * Copyright (c) 2017-2017 Rambus Inc
+ * Copyright (c) 2017-2017 INSIDE Secure Corporation
* All Rights Reserved
*
* The latest version of this code is available at http://www.matrixssl.org
diff --git a/matrixssl/test/sslTest.c b/matrixssl/test/sslTest.c
index d5330ff..6223db0 100644
--- a/matrixssl/test/sslTest.c
+++ b/matrixssl/test/sslTest.c
@@ -7,7 +7,7 @@
* Iterates over all supported protocol versions and ciphersuites.
*/
/*
- * Copyright (c) 2014-2018 Rambus Inc
+ * Copyright (c) 2014-2018 INSIDE Secure Corporation
* Copyright (c) PeerSec Networks, 2002-2011
* All Rights Reserved
*
@@ -362,6 +362,9 @@ static __THREAD uint32_t ECCKEY_SIZE, ECC_SIZE, ECCCA_SIZE;
# include "testkeys/DH/2048_DH_PARAMS.h"
# include "testkeys/DH/3072_DH_PARAMS.h"
# include "testkeys/DH/4096_DH_PARAMS.h"
+# include "testkeys/DH/ffdhe2048_DH_PARAMS.h"
+# include "testkeys/DH/ffdhe3072_DH_PARAMS.h"
+# include "testkeys/DH/ffdhe4096_DH_PARAMS.h"
# ifdef USE_LARGE_DH_GROUPS
# include "testkeys/DH/ffdhe6144_DH_PARAMS.h"
# include "testkeys/DH/ffdhe8192_DH_PARAMS.h"
@@ -1660,24 +1663,36 @@ L_NEXT_DH:
switch (DH_SIZE)
{
case 0:
- DHPARAM = DHPARAM1024; DH_SIZE = DHPARAM1024_SIZE;
- keysize = 1024;
- break;
+ {
+ DHPARAM = DHPARAM1024; DH_SIZE = DHPARAM1024_SIZE;
+ keysize = 1024;
+ break;
+ }
case DHPARAM1024_SIZE:
- DHPARAM = DHPARAM2048; DH_SIZE = DHPARAM2048_SIZE;
- keysize = 2048;
- break;
+ {
+ DHPARAM = DHPARAM2048; DH_SIZE = DHPARAM2048_SIZE;
+ keysize = 2048;
+ break;
+ }
case DHPARAM2048_SIZE:
DHPARAM = DHPARAM3072; DH_SIZE = DHPARAM3072_SIZE;
keysize = 3072;
break;
+ case ffdhe2048_DH_PARAMS_SIZE:
+ DHPARAM = ffdhe3072_DH_PARAMS; DH_SIZE = ffdhe3072_DH_PARAMS_SIZE;
+ keysize = 3072;
+ break;
+ case ffdhe3072_DH_PARAMS_SIZE:
+ DHPARAM = ffdhe4096_DH_PARAMS; DH_SIZE = ffdhe4096_DH_PARAMS_SIZE;
+ keysize = 4096;
+ break;
case DHPARAM3072_SIZE:
# if !defined(EMBEDDED) || defined(USE_LARGE_DH_GROUPS)
DHPARAM = DHPARAM4096; DH_SIZE = DHPARAM4096_SIZE;
keysize = 4096;
break;
# if defined(USE_LARGE_DH_GROUPS)
- case DHPARAM4096_SIZE:
+ case DHPARAM4096_SIZE:case ffdhe4096_DH_PARAMS_SIZE:
DHPARAM = ffdhe6144_DH_PARAMS;
DH_SIZE = ffdhe6144_DH_PARAMS_SIZE;
keysize = 6144;
@@ -1689,7 +1704,7 @@ L_NEXT_DH:
break;
case ffdhe8192_DH_PARAMS_SIZE:
# else
- case DHPARAM4096_SIZE:
+ case DHPARAM4096_SIZE:case ffdhe4096_DH_PARAMS_SIZE:
# endif
# endif /* !EMBEDDED || USE_LARGE_DH_GROUPS */
DH_SIZE = 0;
@@ -1702,6 +1717,7 @@ L_NEXT_DH:
}
# endif /* REQUIRE_DH_PARAMS */
+
# ifdef USE_PSK_CIPHER_SUITE
if (spec->type == CS_PSK)
{
diff --git a/matrixssl/tls13Decode.c b/matrixssl/tls13Decode.c
index 2ae88e2..0249bc7 100644
--- a/matrixssl/tls13Decode.c
+++ b/matrixssl/tls13Decode.c
@@ -269,7 +269,14 @@ parse_next_record_header:
}
/* Done - tell the caller what we've consumed. */
*in += parsedBytes;
- *len -= parsedBytes;
+ if (*len >= parsedBytes)
+ {
+ *len -= parsedBytes;
+ }
+ else
+ {
+ return MATRIXSSL_ERROR;
+ }
*remaining -= PS_MIN(parsedBytes, *remaining);
/* If there's handshake message waiting in outbuf then send it */
if (ssl->outlen > 0)
diff --git a/matrixssl/version.h b/matrixssl/version.h
index 8b313b9..1ab38a7 100644
--- a/matrixssl/version.h
+++ b/matrixssl/version.h
@@ -8,10 +8,10 @@
extern "C" {
#endif
-#define MATRIXSSL_VERSION "4.5.1-OPEN"
+#define MATRIXSSL_VERSION "4.6.0-OPEN"
#define MATRIXSSL_VERSION_MAJOR 4
-#define MATRIXSSL_VERSION_MINOR 5
-#define MATRIXSSL_VERSION_PATCH 1
+#define MATRIXSSL_VERSION_MINOR 6
+#define MATRIXSSL_VERSION_PATCH 0
#define MATRIXSSL_VERSION_CODE "OPEN"
#ifdef __cplusplus
diff --git a/release_notes-4-5-1-open.html b/release_notes-4-6-0-open.html
similarity index 98%
rename from release_notes-4-5-1-open.html
rename to release_notes-4-6-0-open.html
index 565bdfc..87b86b9 100644
--- a/release_notes-4-5-1-open.html
+++ b/release_notes-4-6-0-open.html
@@ -1,5 +1,12 @@
MatrixSSL 4.x changelog
+Changes between 4.5.1 and 4.6.0 [December 2022]
+
+* Fixed a integer overflow (CVE-2022-43974) The vulnerability was found by
+ Robert Hörr and Alissar Ibrahim, Security Evaluators of the Telekom
+ Security Evaluation Facility.
+
+
Changes between 4.5.0 and 4.5.1 [July 2022]
* Fix a usage of return value of psX509ParseCert when a flag is set