[Openvpn-devel,4/5] Check return values in md_ctx_init and hmac_ctx_init

Message ID 20200907162221.20928-2-arne@rfc2549.org
State Superseded
Headers show
Series None | expand

Commit Message

Arne Schwabe Sept. 7, 2020, 4:22 p.m. UTC
Without this OpenVPN will later segfault on a FIPS enabled system due
to the algorithm available but not allowed.

Signed-off-by: Arne Schwabe <arne@rfc2549.org>
---
 src/openvpn/crypto_openssl.c | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

Comments

Antonio Quartulli Jan. 29, 2021, 8:58 a.m. UTC | #1
Hi,

On 07/09/2020 18:22, Arne Schwabe wrote:
> Without this OpenVPN will later segfault on a FIPS enabled system due
> to the algorithm available but not allowed.
> 
> Signed-off-by: Arne Schwabe <arne@rfc2549.org>
> ---
>  src/openvpn/crypto_openssl.c | 10 ++++++++--
>  1 file changed, 8 insertions(+), 2 deletions(-)
> 
> diff --git a/src/openvpn/crypto_openssl.c b/src/openvpn/crypto_openssl.c
> index c60d4a54..75557cca 100644
> --- a/src/openvpn/crypto_openssl.c
> +++ b/src/openvpn/crypto_openssl.c
> @@ -954,7 +954,10 @@ md_ctx_init(EVP_MD_CTX *ctx, const EVP_MD *kt)
>      ASSERT(NULL != ctx && NULL != kt);
>  
>      EVP_MD_CTX_init(ctx);
> -    EVP_DigestInit(ctx, kt);
> +    if (EVP_DigestInit(ctx, kt) != 1)

Based on the documentation, this function returns 0 on failure and 1 on
success (basically a bool).

How about turning this into:

if (!EVP_DigestInit(ctx, kt))

?

This way it is clear that we are not just looking for '1' as a special
return value, but simply for 'success'. (Same as we do for function
returning a real bool).

What do you think?

> +    {
> +        crypto_msg(M_FATAL, "EVP_DigestInit failed");
> +    }
>  }
>  
>  void
> @@ -1011,7 +1014,10 @@ hmac_ctx_init(HMAC_CTX *ctx, const uint8_t *key, int key_len,
>      ASSERT(NULL != kt && NULL != ctx);
>  
>      HMAC_CTX_reset(ctx);
> -    HMAC_Init_ex(ctx, key, key_len, kt, NULL);
> +    if  (HMAC_Init_ex(ctx, key, key_len, kt, NULL) != 1)

Same for this function.


Regards,

Patch

diff --git a/src/openvpn/crypto_openssl.c b/src/openvpn/crypto_openssl.c
index c60d4a54..75557cca 100644
--- a/src/openvpn/crypto_openssl.c
+++ b/src/openvpn/crypto_openssl.c
@@ -954,7 +954,10 @@  md_ctx_init(EVP_MD_CTX *ctx, const EVP_MD *kt)
     ASSERT(NULL != ctx && NULL != kt);
 
     EVP_MD_CTX_init(ctx);
-    EVP_DigestInit(ctx, kt);
+    if (EVP_DigestInit(ctx, kt) != 1)
+    {
+        crypto_msg(M_FATAL, "EVP_DigestInit failed");
+    }
 }
 
 void
@@ -1011,7 +1014,10 @@  hmac_ctx_init(HMAC_CTX *ctx, const uint8_t *key, int key_len,
     ASSERT(NULL != kt && NULL != ctx);
 
     HMAC_CTX_reset(ctx);
-    HMAC_Init_ex(ctx, key, key_len, kt, NULL);
+    if  (HMAC_Init_ex(ctx, key, key_len, kt, NULL) != 1)
+    {
+        crypto_msg(M_FATAL, "HMAC_Init_ex failed");
+    }
 
     /* make sure we used a big enough key */
     ASSERT(HMAC_size(ctx) <= key_len);