diff options
author | Matt Caswell <matt@openssl.org> | 2015-06-04 11:41:30 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2015-06-04 12:44:47 +0100 |
commit | 91e64e142770bc13145346a5e89e9d95bc3e22dd (patch) | |
tree | 9dcda7f16d4493af7ea4344106cbed5ff6c44408 | |
parent | 0d3a7e7c9147357ca69993944a279cd0931963d5 (diff) | |
download | openssl-91e64e142770bc13145346a5e89e9d95bc3e22dd.tar.gz |
Clean Kerberos pre-master secret
Ensure the Kerberos pre-master secret has OPENSSL_cleanse called on it.
With thanks to the Open Crypto Audit Project for reporting this issue.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit 4e3dbe37ca39fa68b6949fbde62f3ec0f0584f7e)
-rw-r--r-- | ssl/s3_srvr.c | 21 |
1 files changed, 16 insertions, 5 deletions
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c index 8e30083234..8d3244f9e4 100644 --- a/ssl/s3_srvr.c +++ b/ssl/s3_srvr.c @@ -2215,6 +2215,7 @@ int ssl3_get_client_key_exchange(SSL *s) int padl, outl; krb5_timestamp authtime = 0; krb5_ticket_times ttimes; + int kerr = 0; EVP_CIPHER_CTX_init(&ciph_ctx); @@ -2317,23 +2318,27 @@ int ssl3_get_client_key_exchange(SSL *s) { SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, SSL_R_DECRYPTION_FAILED); - goto err; + kerr = 1; + goto kclean; } if (outl > SSL_MAX_MASTER_KEY_LENGTH) { SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, SSL_R_DATA_LENGTH_TOO_LONG); - goto err; + kerr = 1; + goto kclean; } if (!EVP_DecryptFinal_ex(&ciph_ctx, &(pms[outl]), &padl)) { SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, SSL_R_DECRYPTION_FAILED); - goto err; + kerr = 1; + goto kclean; } outl += padl; if (outl > SSL_MAX_MASTER_KEY_LENGTH) { SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, SSL_R_DATA_LENGTH_TOO_LONG); - goto err; + kerr = 1; + goto kclean; } if (!((pms[0] == (s->client_version >> 8)) && (pms[1] == (s->client_version & 0xff)))) { @@ -2350,7 +2355,8 @@ int ssl3_get_client_key_exchange(SSL *s) if (!(s->options & SSL_OP_TLS_ROLLBACK_BUG)) { SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, SSL_AD_DECODE_ERROR); - goto err; + kerr = 1; + goto kclean; } } @@ -2376,6 +2382,11 @@ int ssl3_get_client_key_exchange(SSL *s) * kssl_ctx = kssl_ctx_free(kssl_ctx); * if (s->kssl_ctx) s->kssl_ctx = NULL; */ + + kclean: + OPENSSL_cleanse(pms, sizeof(pms)); + if (kerr) + goto err; } else #endif /* OPENSSL_NO_KRB5 */ |