From 9926eaf69525e13a08dbd26cb54b93cb142dc001 Mon Sep 17 00:00:00 2001 From: Piotr Nowicki Date: Wed, 20 Nov 2019 14:54:36 +0100 Subject: [PATCH 1/2] Do not allow configuring zero-length PSK fix error when calloc is called with size 0 --- library/ssl_tls.c | 7 ++++++- programs/ssl/ssl_client2.c | 18 +++++++++++------- programs/ssl/ssl_server2.c | 17 +++++++++++------ 3 files changed, 28 insertions(+), 14 deletions(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 69a46b9d5..e4502071a 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -9171,8 +9171,13 @@ int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf, ssl_conf_remove_psk( conf ); /* Check and set raw PSK */ - if( psk == NULL || psk_len > MBEDTLS_PSK_MAX_LEN ) + if( psk == NULL ) return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if( psk_len == 0 ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if( psk_len > MBEDTLS_PSK_MAX_LEN ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if( ( conf->psk = mbedtls_calloc( 1, psk_len ) ) == NULL ) return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); conf->psk_len = psk_len; diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 558fa2821..cbda4d109 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -194,7 +194,8 @@ int main( void ) #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) #define USAGE_PSK_RAW \ - " psk=%%s default: \"\" (in hex, without 0x)\n" \ + " psk=%%s default: \"\" (disabled)\n" \ + " The PSK values are in hex, without 0x.\n" \ " psk_identity=%%s default: \"Client_identity\"\n" #if defined(MBEDTLS_USE_PSA_CRYPTO) #define USAGE_PSK_SLOT \ @@ -2374,13 +2375,16 @@ int main( int argc, char *argv[] ) } else #endif /* MBEDTLS_USE_PSA_CRYPTO */ - if( ( ret = mbedtls_ssl_conf_psk( &conf, psk, psk_len, - (const unsigned char *) opt.psk_identity, - strlen( opt.psk_identity ) ) ) != 0 ) + if( psk_len > 0 ) { - mbedtls_printf( " failed\n ! mbedtls_ssl_conf_psk returned %d\n\n", - ret ); - goto exit; + ret = mbedtls_ssl_conf_psk( &conf, psk, psk_len, + (const unsigned char *) opt.psk_identity, + strlen( opt.psk_identity ) ); + if( ret != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_conf_psk returned %d\n\n", ret ); + goto exit; + } } #endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 27ffbb930..27f231230 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -259,7 +259,8 @@ int main( void ) #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) #define USAGE_PSK_RAW \ - " psk=%%s default: \"\" (in hex, without 0x)\n" \ + " psk=%%s default: \"\" (disabled)\n" \ + " The PSK values are in hex, without 0x.\n" \ " psk_list=%%s default: \"\"\n" \ " A list of (PSK identity, PSK value) pairs.\n" \ " The PSK values are in hex, without 0x.\n" \ @@ -3364,12 +3365,16 @@ int main( int argc, char *argv[] ) } else #endif /* MBEDTLS_USE_PSA_CRYPTO */ - if( ( ret = mbedtls_ssl_conf_psk( &conf, psk, psk_len, - (const unsigned char *) opt.psk_identity, - strlen( opt.psk_identity ) ) ) != 0 ) + if( psk_len > 0 ) { - mbedtls_printf( " failed\n mbedtls_ssl_conf_psk returned -0x%04X\n\n", - ret ); - goto exit; + ret = mbedtls_ssl_conf_psk( &conf, psk, psk_len, + (const unsigned char *) opt.psk_identity, + strlen( opt.psk_identity ) ); + if( ret != 0 ) + { + mbedtls_printf( " failed\n mbedtls_ssl_conf_psk returned -0x%04X\n\n", - ret ); + goto exit; + } } } From 7d01ef6562b7a9a8b13ac26934cc3d1f7b703e33 Mon Sep 17 00:00:00 2001 From: Piotr Nowicki Date: Wed, 20 Nov 2019 15:00:17 +0100 Subject: [PATCH 2/2] Added buffer-based mbedtls allocator support to ssl_client2 --- programs/ssl/ssl_client2.c | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index cbda4d109..8f0d3b501 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -54,6 +54,10 @@ int main( void ) } #else +#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) +#include "mbedtls/memory_buffer_alloc.h" +#endif + #include "mbedtls/net_sockets.h" #include "mbedtls/ssl.h" #include "mbedtls/entropy.h" @@ -73,6 +77,10 @@ int main( void ) #include #include +/* Size of memory to be allocated for the heap, when using the library's memory + * management and MBEDTLS_MEMORY_BUFFER_ALLOC_C is enabled. */ +#define MEMORY_HEAP_SIZE 120000 + #define MAX_REQUEST_SIZE 20000 #define MAX_REQUEST_SIZE_STR "20000" @@ -1130,6 +1138,11 @@ int main( int argc, char *argv[] ) #if defined(MBEDTLS_SSL_ALPN) const char *alpn_list[ALPN_LIST_SIZE]; #endif + +#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) + unsigned char alloc_buf[MEMORY_HEAP_SIZE]; +#endif + #if defined(MBEDTLS_ECP_C) mbedtls_ecp_group_id curve_list[CURVE_LIST_SIZE]; const mbedtls_ecp_curve_info *curve_cur; @@ -1179,6 +1192,10 @@ int main( int argc, char *argv[] ) eap_tls_keys eap_tls_keying; #endif +#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) + mbedtls_memory_buffer_alloc_init( alloc_buf, sizeof(alloc_buf) ); +#endif + /* * Make sure memory references are valid. */ @@ -3291,6 +3308,13 @@ exit: #endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED && MBEDTLS_USE_PSA_CRYPTO */ +#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) +#if defined(MBEDTLS_MEMORY_DEBUG) + mbedtls_memory_buffer_alloc_status(); +#endif + mbedtls_memory_buffer_alloc_free(); +#endif + #if defined(_WIN32) mbedtls_printf( " + Press Enter to exit this program.\n" ); fflush( stdout ); getchar();