Commit b9768521 authored by Robert Golebiowski's avatar Robert Golebiowski Committed by Bjorn Munch

Updated yassl to yassl-2.3.8

(cherry picked from commit 7f9941eab55ed672bfcccd382dafbdbcfdc75aaa)
parent 0243a2d4
...@@ -12,6 +12,14 @@ before calling SSL_new(); ...@@ -12,6 +12,14 @@ before calling SSL_new();
*** end Note *** *** end Note ***
yaSSL Release notes, version 2.3.8 (9/17/2015)
This release of yaSSL fixes a high security vulnerability. All users
SHOULD update. If using yaSSL for TLS on the server side with private
RSA keys allowing ephemeral key exchange you MUST update and regenerate
the RSA private keys. This report is detailed in:
https://people.redhat.com/~fweimer/rsa-crt-leaks.pdf
yaSSL now detects RSA signature faults and returns an error.
yaSSL Patch notes, version 2.3.7e (6/26/2015) yaSSL Patch notes, version 2.3.7e (6/26/2015)
This release of yaSSL includes a fix for Date less than comparison. This release of yaSSL includes a fix for Date less than comparison.
Previously yaSSL would return true on less than comparisons if the Dates Previously yaSSL would return true on less than comparisons if the Dates
......
...@@ -35,7 +35,7 @@ ...@@ -35,7 +35,7 @@
#include "rsa.h" #include "rsa.h"
#define YASSL_VERSION "2.3.7e" #define YASSL_VERSION "2.3.8"
#if defined(__cplusplus) #if defined(__cplusplus)
......
...@@ -53,7 +53,8 @@ enum YasslError { ...@@ -53,7 +53,8 @@ enum YasslError {
compress_error = 118, compress_error = 118,
decompress_error = 119, decompress_error = 119,
pms_version_error = 120, pms_version_error = 120,
sanityCipher_error = 121 sanityCipher_error = 121,
rsaSignFault_error = 122
// !!!! add error message to .cpp !!!! // !!!! add error message to .cpp !!!!
......
...@@ -1172,6 +1172,8 @@ void sendCertificateVerify(SSL& ssl, BufferOutput buffer) ...@@ -1172,6 +1172,8 @@ void sendCertificateVerify(SSL& ssl, BufferOutput buffer)
CertificateVerify verify; CertificateVerify verify;
verify.Build(ssl); verify.Build(ssl);
if (ssl.GetError()) return;
RecordLayerHeader rlHeader; RecordLayerHeader rlHeader;
HandShakeHeader hsHeader; HandShakeHeader hsHeader;
mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer); mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer);
......
...@@ -148,6 +148,10 @@ void SetErrorString(YasslError error, char* buffer) ...@@ -148,6 +148,10 @@ void SetErrorString(YasslError error, char* buffer)
strncpy(buffer, "sanity check on cipher text size error", max); strncpy(buffer, "sanity check on cipher text size error", max);
break; break;
case rsaSignFault_error:
strncpy(buffer, "rsa signature fault error", max);
break;
// openssl errors // openssl errors
case SSL_ERROR_WANT_READ : case SSL_ERROR_WANT_READ :
strncpy(buffer, "the read operation would block", max); strncpy(buffer, "the read operation would block", max);
......
...@@ -196,9 +196,16 @@ void DH_Server::build(SSL& ssl) ...@@ -196,9 +196,16 @@ void DH_Server::build(SSL& ssl)
sha.update(tmp.get_buffer(), tmp.get_size()); sha.update(tmp.get_buffer(), tmp.get_size());
sha.get_digest(&hash[MD5_LEN]); sha.get_digest(&hash[MD5_LEN]);
if (ssl.getSecurity().get_parms().sig_algo_ == rsa_sa_algo) if (ssl.getSecurity().get_parms().sig_algo_ == rsa_sa_algo) {
auth->sign(signature_, hash, sizeof(hash), auth->sign(signature_, hash, sizeof(hash),
ssl.getCrypto().get_random()); ssl.getCrypto().get_random());
// check for rsa signautre fault
if (!auth->verify(hash, sizeof(hash), signature_,
auth->get_signatureLength())) {
ssl.SetError(rsaSignFault_error);
return;
}
}
else { else {
auth->sign(signature_, &hash[MD5_LEN], SHA_LEN, auth->sign(signature_, &hash[MD5_LEN], SHA_LEN,
ssl.getCrypto().get_random()); ssl.getCrypto().get_random());
...@@ -2159,6 +2166,12 @@ void CertificateVerify::Build(SSL& ssl) ...@@ -2159,6 +2166,12 @@ void CertificateVerify::Build(SSL& ssl)
memcpy(sig.get(), len, VERIFY_HEADER); memcpy(sig.get(), len, VERIFY_HEADER);
rsa.sign(sig.get() + VERIFY_HEADER, hashes_.md5_, sizeof(Hashes), rsa.sign(sig.get() + VERIFY_HEADER, hashes_.md5_, sizeof(Hashes),
ssl.getCrypto().get_random()); ssl.getCrypto().get_random());
// check for rsa signautre fault
if (!rsa.verify(hashes_.md5_, sizeof(Hashes), sig.get() + VERIFY_HEADER,
rsa.get_cipherLength())) {
ssl.SetError(rsaSignFault_error);
return;
}
} }
else { // DSA else { // DSA
DSS dss(cert.get_privateKey(), cert.get_privateKeyLength(), false); DSS dss(cert.get_privateKey(), cert.get_privateKeyLength(), false);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment