Closed Bug 1351314 Opened 8 years ago Closed 8 years ago

TLS exporter: reject contexts that are longer than 2^16

Categories

(NSS :: Libraries, enhancement)

Product:
NSS
Component:
Libraries
Type:
enhancement
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: mt, Assigned: kmckinley)

Details

(Keywords: good-first-bug)

Attachments

(1 file, 2 obsolete files)

Add a length check to conform to RFC 5705 and tests
6.07 KB, patch
Details | Diff | Splinter Review
In TLS 1.2 and earlier, there is a size limit on the context that is passed to SSL_ExportKeyingMaterial. We don't enforce this limit.
Assignee: nobody → kmckinley
Status: NEW → ASSIGNED
Attachment #8865675 - Flags: review?(franziskuskiefer)
Comment on attachment 8865675 [details] [diff] [review] Add a length check to conform to RFC 5705 and tests Review of attachment 8865675 [details] [diff] [review]: ----------------------------------------------------------------- You should be putting these up on phabricator. https://nss-review.dev.mozaws.net/ ::: gtests/ssl_gtest/ssl_exporter_unittest.cc @@ +94,5 @@ > + EXPECT_EQ(SECFailure, > + SSL_ExportKeyingMaterial( > + server->ssl_fd(), kExporterLabel, strlen(kExporterLabel), > + PR_TRUE, kExporterContextTooLong, > + sizeof(kExporterContextTooLong), server_value, sizeof(server_value))); You need to check the value returned by PORT_GetError() as well. @@ +110,5 @@ > +TEST_P(TlsConnectPre12, ExporterContextLengthTooLongPreTls12) { > + EnsureTlsSetup(); > + server_->EnableSingleCipher(TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA); > + Connect(); > + CheckKeys(); You shouldn't need to split this test into two, you are only doing that to get a different cipher suite, which is an unnecessary step. ::: lib/ssl/sslinfo.c @@ +1,5 @@ > /* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ > /* This Source Code Form is subject to the terms of the Mozilla Public > * License, v. 2.0. If a copy of the MPL was not distributed with this > * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ > +#include <limits.h> NSPR has its own limits, which you should use here. I know, crappy.
* Change limits.h/climits to stdint.h to compile on Windows * Use TlsConnectGenericPre13 * clang-format
Attachment #8865675 - Attachment is obsolete: true
Attachment #8865675 - Flags: review?(franziskuskiefer)
Attachment #8865686 - Flags: review?(franziskuskiefer)
Waiting for Phabricator access
Attachment #8865686 - Attachment is obsolete: true
Attachment #8865686 - Flags: review?(franziskuskiefer)
Comment on attachment 8865691 [details] [diff] [review] Add a length check to conform to RFC 5705 and tests Review of attachment 8865691 [details] [diff] [review]: ----------------------------------------------------------------- ::: gtests/ssl_gtest/ssl_exporter_unittest.cc @@ +106,5 @@ > + server_->EnableSingleCipher(TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA); > + Connect(); > + CheckKeys(); > + > + TooLongContextLengthShouldFail(client_, server_); You can inline this when it's not used anywhere else.
Status: ASSIGNED → RESOLVED
Closed: 8 years ago
Resolution: --- → FIXED
Target Milestone: --- → 3.31
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: