abc/GmSSL
1
0
Fork 0
mirror of https://github.com/guanzhi/GmSSL.git synced 2026-06-20 03:44:15 +08:00
Code Issues Packages Projects Releases Wiki Activity

Fix sm2_decrypt overflow

Browse Source
This commit is contained in:
Zhi Guan
2026-06-16 23:27:46 +08:00
parent e180ed8e9b
commit 80c754976c
3 changed files with 15 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
CMakeLists.txt
View File

@@ -818,7 +818,7 @@ endif()
# #
set(CPACK_PACKAGE_NAME "GmSSL") set(CPACK_PACKAGE_NAME "GmSSL")
set(CPACK_PACKAGE_VENDOR "GmSSL develop team") set(CPACK_PACKAGE_VENDOR "GmSSL develop team")
set(CPACK_PACKAGE_VERSION "3.2.0-dev.1064") set(CPACK_PACKAGE_VERSION "3.2.0-dev.1065")
set(CPACK_PACKAGE_DESCRIPTION_FILE ${PROJECT_SOURCE_DIR}/README.md) set(CPACK_PACKAGE_DESCRIPTION_FILE ${PROJECT_SOURCE_DIR}/README.md)
set(CPACK_NSIS_MODIFY_PATH ON) set(CPACK_NSIS_MODIFY_PATH ON)
include(CPack) include(CPack)

2
include/gmssl/version.h
View File

@@ -18,7 +18,7 @@ extern "C" {
#define GMSSL_VERSION_NUM 30200 #define GMSSL_VERSION_NUM 30200
#define GMSSL_VERSION_STR "GmSSL 3.2.0-dev.1064" #define GMSSL_VERSION_STR "GmSSL 3.2.0-dev.1065"
int gmssl_version_num(void); int gmssl_version_num(void);
const char *gmssl_version_str(void); const char *gmssl_version_str(void);

14
src/tlcp.c
View File

@@ -1773,6 +1773,8 @@ int tlcp_recv_client_key_exchange(TLS_CONNECT *conn)
int ret; int ret;
const uint8_t *enced_pms; const uint8_t *enced_pms;
size_t enced_pms_len; size_t enced_pms_len;
uint8_t pre_master_secret[SM2_MAX_PLAINTEXT_SIZE];
size_t pre_master_secret_len;
X509_KEY *enc_key; X509_KEY *enc_key;
if ((ret = tls_recv_record(conn)) != 1) { if ((ret = tls_recv_record(conn)) != 1) {
@@ -1828,11 +1830,21 @@ int tlcp_recv_client_key_exchange(TLS_CONNECT *conn)
return -1; return -1;
} }
if (sm2_decrypt(&enc_key->u.sm2_key, enced_pms, enced_pms_len, if (sm2_decrypt(&enc_key->u.sm2_key, enced_pms, enced_pms_len,
conn->pre_master_secret, &conn->pre_master_secret_len) != 1) { pre_master_secret, &pre_master_secret_len) != 1) {
error_print(); error_print();
tls_send_alert(conn, TLS_alert_decrypt_error); tls_send_alert(conn, TLS_alert_decrypt_error);
return -1; return -1;
} }
if (pre_master_secret_len != 48) {
gmssl_secure_clear(pre_master_secret, pre_master_secret_len);
error_print();
tls_send_alert(conn, TLS_alert_illegal_parameter);
return -1;
}
memcpy(conn->pre_master_secret, pre_master_secret, pre_master_secret_len);
conn->pre_master_secret_len = pre_master_secret_len;
gmssl_secure_clear(pre_master_secret, pre_master_secret_len);
if (tlcp_check_pre_master_secret(conn) != 1) { if (tlcp_check_pre_master_secret(conn) != 1) {
error_print(); error_print();
tls_send_alert(conn, TLS_alert_illegal_parameter); tls_send_alert(conn, TLS_alert_illegal_parameter);