diff --git a/kdc/httpkadmind.c b/kdc/httpkadmind.c index de3c7b38b..697ae189e 100644 --- a/kdc/httpkadmind.c +++ b/kdc/httpkadmind.c @@ -1740,15 +1740,22 @@ mac_csrf_token(kadmin_request_desc r, krb5_storage *sp) ret = krb5_enomem(r->context); /* HMAC the token body and the client principal name */ if (ret == 0) { - HMAC_Init_ex(ctx, princ.key_data[i].key_data_contents[0], princ.key_data[i].key_data_length[0], EVP_sha256(), NULL); - HMAC_Update(ctx, data.data, data.length); - HMAC_Update(ctx, r->cname, strlen(r->cname)); - HMAC_Final(ctx, mac, &maclen); - krb5_data_free(&data); - data.length = maclen; - data.data = mac; - if (krb5_storage_write(sp, mac, maclen) != maclen) + if (HMAC_Init_ex(ctx, princ.key_data[i].key_data_contents[0], + princ.key_data[i].key_data_length[0], EVP_sha256(), + NULL) == 0) { + HMAC_CTX_cleanup(ctx); ret = krb5_enomem(r->context); + } else { + HMAC_Update(ctx, data.data, data.length); + HMAC_Update(ctx, r->cname, strlen(r->cname)); + HMAC_Final(ctx, mac, &maclen); + HMAC_CTX_cleanup(ctx); + krb5_data_free(&data); + data.length = maclen; + data.data = mac; + if (krb5_storage_write(sp, mac, maclen) != maclen) + ret = krb5_enomem(r->context); + } } krb5_free_principal(r->context, p); if (freeit) diff --git a/kdc/kx509.c b/kdc/kx509.c index 26edef19c..a5f960929 100644 --- a/kdc/kx509.c +++ b/kdc/kx509.c @@ -157,9 +157,11 @@ verify_req_hash(krb5_context context, } HMAC_CTX_init(&ctx); - HMAC_Init_ex(&ctx, - key->keyvalue.data, key->keyvalue.length, - EVP_sha1(), NULL); + if (HMAC_Init_ex(&ctx, key->keyvalue.data, key->keyvalue.length, + EVP_sha1(), NULL) == 0) { + HMAC_CTX_cleanup(&ctx); + return krb5_enomem(context); + } if (sizeof(digest) != HMAC_size(&ctx)) krb5_abortx(context, "runtime error, hmac buffer wrong size in kx509"); HMAC_Update(&ctx, version_2_0, sizeof(version_2_0)); @@ -186,14 +188,17 @@ calculate_reply_hash(krb5_context context, krb5_keyblock *key, Kx509Response *rep) { - krb5_error_code ret; + krb5_error_code ret = 0; HMAC_CTX ctx; HMAC_CTX_init(&ctx); - HMAC_Init_ex(&ctx, key->keyvalue.data, key->keyvalue.length, - EVP_sha1(), NULL); - ret = krb5_data_alloc(rep->hash, HMAC_size(&ctx)); + if (HMAC_Init_ex(&ctx, key->keyvalue.data, key->keyvalue.length, + EVP_sha1(), NULL) == 0) + ret = krb5_enomem(context); + + if (ret == 0) + ret = krb5_data_alloc(rep->hash, HMAC_size(&ctx)); if (ret) { HMAC_CTX_cleanup(&ctx); return krb5_enomem(context); diff --git a/lib/gssapi/ntlm/crypto.c b/lib/gssapi/ntlm/crypto.c index a8c670c50..efa71d911 100644 --- a/lib/gssapi/ntlm/crypto.c +++ b/lib/gssapi/ntlm/crypto.c @@ -194,7 +194,10 @@ v2_sign_message(gss_buffer_t in, HMAC_CTX c; HMAC_CTX_init(&c); - HMAC_Init_ex(&c, signkey, 16, EVP_md5(), NULL); + if (HMAC_Init_ex(&c, signkey, 16, EVP_md5(), NULL) == 0) { + HMAC_CTX_cleanup(&c); + return GSS_S_FAILURE; + } encode_le_uint32(seq, hmac); HMAC_Update(&c, hmac, 4); diff --git a/lib/hcrypto/hmac.c b/lib/hcrypto/hmac.c index c5265310f..6b387ae90 100644 --- a/lib/hcrypto/hmac.c +++ b/lib/hcrypto/hmac.c @@ -167,7 +167,10 @@ HMAC(const EVP_MD *md, HMAC_CTX ctx; HMAC_CTX_init(&ctx); - HMAC_Init_ex(&ctx, key, key_size, md, NULL); + if (HMAC_Init_ex(&ctx, key, key_size, md, NULL) == 0) { + HMAC_CTX_cleanup(&ctx); + return NULL; + } HMAC_Update(&ctx, data, data_size); HMAC_Final(&ctx, hash, hash_len); HMAC_CTX_cleanup(&ctx); diff --git a/lib/hcrypto/test_hmac.c b/lib/hcrypto/test_hmac.c index 063a461cc..36a5626a7 100644 --- a/lib/hcrypto/test_hmac.c +++ b/lib/hcrypto/test_hmac.c @@ -51,7 +51,11 @@ main(int argc, char **argv) "\x6f\xd1\x52\x4d\x54\x58\x73\x0f\xf3\x24"; HMAC_CTX_init(&c); - HMAC_Init_ex(&c, hmackey, hmackey_size, EVP_sha1(), NULL); + if (HMAC_Init_ex(&c, hmackey, hmackey_size, EVP_sha1(), NULL) == 0) { + HMAC_CTX_cleanup(&c); + printf("out of memory\n"); + return 1; + } HMAC_Update(&c, buf, sizeof(buf)); HMAC_Final(&c, hmac, &hmaclen); HMAC_CTX_cleanup(&c); diff --git a/lib/hcrypto/validate.c b/lib/hcrypto/validate.c index 562e5aa4d..4b655f262 100644 --- a/lib/hcrypto/validate.c +++ b/lib/hcrypto/validate.c @@ -276,7 +276,8 @@ check_hmac(void) "\x6f\xd1\x52\x4d\x54\x58\x73\x0f\xf3\x24"; HMAC_CTX_init(&c); - HMAC_Init_ex(&c, hmackey, hmackey_size, EVP_sha1(), NULL); + if (HMAC_Init_ex(&c, hmackey, hmackey_size, EVP_sha1(), NULL) == 0) + errx(1, "HMAC_Init_ex() out of memory"); HMAC_Update(&c, buf, sizeof(buf)); HMAC_Final(&c, hmac, &hmaclen); HMAC_CTX_cleanup(&c); diff --git a/lib/kafs/rxkad_kdf.c b/lib/kafs/rxkad_kdf.c index 174fa3a61..88f499db3 100644 --- a/lib/kafs/rxkad_kdf.c +++ b/lib/kafs/rxkad_kdf.c @@ -89,12 +89,16 @@ rxkad_derive_des_key(const void *in, size_t insize, char out[8]) /* stop when 8 bit counter wraps to 0 */ for (i = 1; i; i++) { HMAC_CTX_init(&mctx); - HMAC_Init_ex(&mctx, in, insize, EVP_md5(), NULL); + if (HMAC_Init_ex(&mctx, in, insize, EVP_md5(), NULL) == 0) { + HMAC_CTX_cleanup(&mctx); + return ENOMEM; + } HMAC_Update(&mctx, &i, 1); HMAC_Update(&mctx, label, sizeof(label)); /* includes label and separator */ HMAC_Update(&mctx, Lbuf, 4); mdsize = sizeof(tmp); HMAC_Final(&mctx, tmp, &mdsize); + HMAC_CTX_cleanup(&mctx); memcpy(ktmp, tmp, 8); DES_set_odd_parity(&ktmp); if (!DES_is_weak_key(&ktmp)) { diff --git a/lib/krb5/crypto-evp.c b/lib/krb5/crypto-evp.c index a16b83cb0..a03cdca2e 100644 --- a/lib/krb5/crypto-evp.c +++ b/lib/krb5/crypto-evp.c @@ -137,8 +137,11 @@ _krb5_evp_hmac_iov(krb5_context context, if (ctx == NULL) return krb5_enomem(context); - HMAC_Init_ex(ctx, key->key->keyvalue.data, key->key->keyvalue.length, - md, engine); + if (HMAC_Init_ex(ctx, key->key->keyvalue.data, key->key->keyvalue.length, + md, engine) == 0) { + HMAC_CTX_free(ctx); + return krb5_enomem(context); + } for (i = 0; i < niov; i++) { if (_krb5_crypto_iov_should_sign(&iov[i])) { diff --git a/lib/krb5/kx509.c b/lib/krb5/kx509.c index bd5991fcb..55cd0f345 100644 --- a/lib/krb5/kx509.c +++ b/lib/krb5/kx509.c @@ -848,21 +848,28 @@ mk_kx509_req(krb5_context context, /* Add the the key and HMAC to the message */ HMAC_CTX_init(&ctx); - HMAC_Init_ex(&ctx, kx509_ctx->hmac_key->keyvalue.data, - kx509_ctx->hmac_key->keyvalue.length, EVP_sha1(), NULL); - HMAC_Update(&ctx, version_2_0, sizeof(version_2_0)); - if (private_key || kx509_ctx->given_csr.data) { - HMAC_Update(&ctx, kx509_req.pk_key.data, kx509_req.pk_key.length); + if (HMAC_Init_ex(&ctx, kx509_ctx->hmac_key->keyvalue.data, + kx509_ctx->hmac_key->keyvalue.length, + EVP_sha1(), NULL) == 0) { + HMAC_CTX_cleanup(&ctx); + ret = krb5_enomem(context); } else { - /* Probe */ - HMAC_Update(&ctx, kx509_req.authenticator.data, kx509_req.authenticator.length); + HMAC_Update(&ctx, version_2_0, sizeof(version_2_0)); + if (private_key || kx509_ctx->given_csr.data) { + HMAC_Update(&ctx, kx509_req.pk_key.data, kx509_req.pk_key.length); + } else { + /* Probe */ + HMAC_Update(&ctx, kx509_req.authenticator.data, kx509_req.authenticator.length); + } + HMAC_Final(&ctx, kx509_req.pk_hash.data, 0); + HMAC_CTX_cleanup(&ctx); } - HMAC_Final(&ctx, kx509_req.pk_hash.data, 0); - HMAC_CTX_cleanup(&ctx); /* Encode the message, prefix `version_2_0', output the result */ - ASN1_MALLOC_ENCODE(Kx509Request, pre_req.data, pre_req.length, &kx509_req, &len, ret); - ret = krb5_data_alloc(req, pre_req.length + sizeof(version_2_0)); + if (ret == 0) + ASN1_MALLOC_ENCODE(Kx509Request, pre_req.data, pre_req.length, &kx509_req, &len, ret); + if (ret == 0) + ret = krb5_data_alloc(req, pre_req.length + sizeof(version_2_0)); if (ret == 0) { memcpy(req->data, version_2_0, sizeof(version_2_0)); memcpy(((unsigned char *)req->data) + sizeof(version_2_0), @@ -984,8 +991,13 @@ rd_kx509_resp(krb5_context context, } HMAC_CTX_init(&ctx); - HMAC_Init_ex(&ctx, kx509_ctx->hmac_key->keyvalue.data, - kx509_ctx->hmac_key->keyvalue.length, EVP_sha1(), NULL); + if (HMAC_Init_ex(&ctx, kx509_ctx->hmac_key->keyvalue.data, + kx509_ctx->hmac_key->keyvalue.length, EVP_sha1(), NULL) == 0) { + free_Kx509Response(&r); + HMAC_CTX_cleanup(&ctx); + return krb5_enomem(context); + } + HMAC_Update(&ctx, version_2_0, sizeof(version_2_0)); { diff --git a/lib/krb5/sp800-108-kdf.c b/lib/krb5/sp800-108-kdf.c index 37e06dec3..4a12067c6 100755 --- a/lib/krb5/sp800-108-kdf.c +++ b/lib/krb5/sp800-108-kdf.c @@ -73,7 +73,10 @@ _krb5_SP800_108_HMAC_KDF(krb5_context context, unsigned char tmp[4]; size_t len; - HMAC_Init_ex(&c, kdf_K1->data, kdf_K1->length, md, NULL); + if (HMAC_Init_ex(&c, kdf_K1->data, kdf_K1->length, md, NULL) == 0) { + HMAC_CTX_cleanup(&c); + return krb5_enomem(context); + } _krb5_put_int(tmp, i + 1, 4); HMAC_Update(&c, tmp, 4); diff --git a/lib/ntlm/ntlm.c b/lib/ntlm/ntlm.c index 9670a9718..622aa6c25 100644 --- a/lib/ntlm/ntlm.c +++ b/lib/ntlm/ntlm.c @@ -1324,7 +1324,10 @@ heim_ntlm_v2_base_session(void *key, size_t len, /* Note: key is the NTLMv2 key */ HMAC_CTX_init(&c); - HMAC_Init_ex(&c, key, len, EVP_md5(), NULL); + if (HMAC_Init_ex(&c, key, len, EVP_md5(), NULL) == 0) { + HMAC_CTX_cleanup(&c); + return ENOMEM; + } HMAC_Update(&c, ntlmResponse->data, 16); HMAC_Final(&c, session->data, &hmaclen); HMAC_CTX_cleanup(&c); @@ -1443,7 +1446,7 @@ heim_ntlm_build_ntlm2_master(void *key, size_t len, ret = heim_ntlm_v2_base_session(key, len, blob, &sess); if (ret) - return ret; + return ret; ret = heim_ntlm_keyex_wrap(&sess, session, master); heim_ntlm_free_buf(&sess); @@ -1523,25 +1526,26 @@ heim_ntlm_ntlmv2_key(const void *key, size_t len, { int ret; unsigned int hmaclen; + struct ntlm_buf buf; HMAC_CTX c; HMAC_CTX_init(&c); - HMAC_Init_ex(&c, key, len, EVP_md5(), NULL); - { - struct ntlm_buf buf; - /* uppercase username and turn it into ucs2-le */ - ret = ascii2ucs2le(username, 1, &buf); - if (ret) - goto out; - HMAC_Update(&c, buf.data, buf.length); - free(buf.data); - /* turn target into ucs2-le */ - ret = ascii2ucs2le(target, upper_case_target, &buf); - if (ret) - goto out; - HMAC_Update(&c, buf.data, buf.length); - free(buf.data); + if (HMAC_Init_ex(&c, key, len, EVP_md5(), NULL) == 0) { + ret = ENOMEM; + goto out; } + /* uppercase username and turn it into ucs2-le */ + ret = ascii2ucs2le(username, 1, &buf); + if (ret) + goto out; + HMAC_Update(&c, buf.data, buf.length); + free(buf.data); + /* turn target into ucs2-le */ + ret = ascii2ucs2le(target, upper_case_target, &buf); + if (ret) + goto out; + HMAC_Update(&c, buf.data, buf.length); + free(buf.data); HMAC_Final(&c, ntlmv2, &hmaclen); out: HMAC_CTX_cleanup(&c); @@ -1599,6 +1603,7 @@ heim_ntlm_calculate_lm2(const void *key, size_t len, struct ntlm_buf *answer) { unsigned char clientchallenge[8]; + krb5_error_code ret; if (RAND_bytes(clientchallenge, sizeof(clientchallenge)) != 1) return HNTLM_ERR_RAND; @@ -1612,12 +1617,12 @@ heim_ntlm_calculate_lm2(const void *key, size_t len, return ENOMEM; answer->length = 24; - heim_ntlm_derive_ntlm2_sess(ntlmv2, clientchallenge, 8, - serverchallenge, answer->data); + ret = heim_ntlm_derive_ntlm2_sess(ntlmv2, clientchallenge, 8, + serverchallenge, answer->data); + if (ret == 0) + memcpy(((unsigned char *)answer->data) + 16, clientchallenge, 8); - memcpy(((unsigned char *)answer->data) + 16, clientchallenge, 8); - - return 0; + return ret; } @@ -1695,7 +1700,10 @@ heim_ntlm_calculate_ntlm2(const void *key, size_t len, krb5_storage_free(sp); sp = NULL; - heim_ntlm_derive_ntlm2_sess(ntlmv2, data.data, data.length, serverchallenge, ntlmv2answer); + ret = heim_ntlm_derive_ntlm2_sess(ntlmv2, data.data, data.length, + serverchallenge, ntlmv2answer); + if (ret) + return ret; sp = krb5_storage_emem(); if (sp == NULL) { @@ -1809,10 +1817,13 @@ verify_ntlm2(const void *key, size_t len, goto out; } - heim_ntlm_derive_ntlm2_sess(ntlmv2, - ((unsigned char *)answer->data) + 16, answer->length - 16, - serverchallenge, - serveranswer); + ret = heim_ntlm_derive_ntlm2_sess(ntlmv2, + ((unsigned char *)answer->data) + 16, + answer->length - 16, + serverchallenge, + serveranswer); + if (ret) + goto out; if (memcmp(serveranswer, clientanswer, 16) != 0) { heim_ntlm_free_buf(infotarget); @@ -1995,7 +2006,7 @@ heim_ntlm_calculate_ntlm2_sess_hash(const unsigned char clnt_nonce[8], * @ingroup ntlm_core */ -void +int heim_ntlm_derive_ntlm2_sess(const unsigned char sessionkey[16], const unsigned char *clnt_nonce, size_t clnt_nonce_length, const unsigned char svr_chal[8], @@ -2006,10 +2017,14 @@ heim_ntlm_derive_ntlm2_sess(const unsigned char sessionkey[16], /* HMAC(Ksession, serverchallenge || clientchallenge) */ HMAC_CTX_init(&c); - HMAC_Init_ex(&c, sessionkey, 16, EVP_md5(), NULL); + if (HMAC_Init_ex(&c, sessionkey, 16, EVP_md5(), NULL) == 0) { + HMAC_CTX_cleanup(&c); + return ENOMEM; + } HMAC_Update(&c, svr_chal, 8); HMAC_Update(&c, clnt_nonce, clnt_nonce_length); HMAC_Final(&c, derivedkey, &hmaclen); HMAC_CTX_cleanup(&c); memset(&c, 0, sizeof(c)); + return 0; }