projects / rtos / tinyara.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 10c020f)
net/tls: fix a potential security hole that bypasses signature verification
authorJunyeon LEE <junyeon2.lee@samsung.com>
Thu, 6 Apr 2017 13:19:41 +0000 (22:19 +0900)
committerHeesub Shin <heesub.shin@samsung.com>
Tue, 18 Apr 2017 03:02:08 +0000 (12:02 +0900)
This commit fixes a critical issue about ECDH_ANON key-exchange. When
MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED is enabled, TLS client could
bypass the signature verification and it would makes security hole.

Change-Id: I6123552ab3e899919a6fc046a5c4600a3d1b9ca2
Signed-off-by: Junyeon LEE <junyeon2.lee@samsung.com>
os/net/tls/ssl_cli.c patch | blob | history

diff --git a/os/net/tls/ssl_cli.c b/os/net/tls/ssl_cli.c
index 36cdc3b..ff1a35c 100644 (file)
--- a/os/net/tls/ssl_cli.c
+++ b/os/net/tls/ssl_cli.c
@@ -2149,7 +2149,9 @@ defined(MBEDTLS_SSL_PROTO_TLS1_1)
 
 // Anonim cipher suite without sign, ecdh param only
 #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED)
-               goto exit;
+               if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ANON) {
+                       goto exit;
+               }
 #endif
                /*
                 * Read signature
Domain: TinyAra / TinyAra Platform;