Re: EVP_CIPHER_CTX_copy() segv with XTS

Mon, 30 Jun 2014 03:08:27 -0700


Test code suggests it segv's.

XTS128_CONTEXT contains a couple of pointers to expanded AES keys, the expanded keys and the pointers inside the XTS128_CONTEXT are copied, but if the original context has gone away by the time the copy is used the pointers are to disposed of data. Game over.

Something like this is probably the fix.

static int aes_xts_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
{
  EVP_AES_XTS_CTX *xctx = c->cipher_data;
  switch(type) {
  case EVP_CTRL_INIT:
    /* key1 and key2 are used as an indicator both key and IV are set */
    xctx->xts.key1 = NULL;
    xctx->xts.key2 = NULL;
    return 1;
  default:
    return -1;    
  case EVP_CTRL_COPY:
    {
      EVP_CIPHER_CTX *out = ptr;
      EVP_AES_XTS_CTX *xctx_out = out->cipher_data;
      xctx_out->xts.key1 = &(xctx_out->ks1);
      xctx_out->xts.key2 = &(xctx_out->ks2);
    }
    return 1;
  }               
}

...

#define XTS_FLAGS       (EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_CUSTOM_IV \
                         | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CTRL_INIT \
                         | EVP_CIPH_CUSTOM_COPY)

Pete



-----owner-openssl-...@openssl.org wrote: -----
To: openssl-dev@openssl.org
From: Huzaifa Sidhpurwala
Sent by: owner-openssl-...@openssl.org
Date: 06/30/2014 07:19PM
Subject: Re: EVP_CIPHER_CTX_copy() segv with XTS

Hi Peter,

Are you facing any issues similar to http://rt.openssl.org/Ticket/Display.html?user=guest&pass=guest&id=3272 ? or are just commenting on the previous GCM fix?

A quick look at the EVP_AES_XTS_CTX suggests that the only pointer in there is (*stream) which points to the function which is responsible for doing encryption/decryption and should be safe to copy to the new CTX


On Mon, Jun 30, 2014 at 9:42 AM, Peter Waltenberg <pwal...@au1.ibm.com > wrote:
This appears to be the same 'pattern' error as GCM.  For XTS ctx->
cipher_data contains pointers and the contents are aren't being fully
duplicated by the copy.


Peter



______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       openssl-dev@openssl.org
Automated List Manager                           majord...@openssl.org
______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org

Reply via email to