[openssl/openssl] f3a7e6: evp: process key length and iv length early if pre...

Pauli noreply at github.com
Tue Oct 24 16:25:19 UTC 2023 

  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: f3a7e6c057b5054aa05710f3d528b92e3e885268
      https://github.com/openssl/openssl/commit/f3a7e6c057b5054aa05710f3d528b92e3e885268
  Author: Pauli <pauli at openssl.org>
  Date:   2023-10-24 (Tue, 24 Oct 2023)

  Changed paths:
    M crypto/evp/evp_enc.c

  Log Message:
  -----------
  evp: process key length and iv length early if present

evp_cipher_init_internal() takes a params array argument and this is processed
late in the initialisation process for some ciphers (AEAD ones).

This means that changing the IV length as a parameter will either truncate the
IV (very bad if SP 800-38d section 8.2.1 is used) or grab extra uninitialised
bytes.

Truncation is very bad if SP 800-38d section 8.2.1 is being used to
contruct a deterministic IV.  This leads to an instant loss of confidentiality.

Grabbing extra bytes isn't so serious, it will most likely result in a bad
decryption.

Problem reported by Tony Battersby of Cybernetics.com but earlier discovered
and raised as issue #19822.

Fixes CVE-2023-5363
Fixes #19822

Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>


  Commit: 1e6e682ac27abd9d028f5a7876f7da1a176c175a
      https://github.com/openssl/openssl/commit/1e6e682ac27abd9d028f5a7876f7da1a176c175a
  Author: Pauli <pauli at openssl.org>
  Date:   2023-10-24 (Tue, 24 Oct 2023)

  Changed paths:
    M CHANGES.md
    M NEWS.md

  Log Message:
  -----------
  changes and news entries for CVE-2023-5363

Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>


  Commit: a2fe10ca39f9a8e251b98bc03c3b1bbb6ad1496f
      https://github.com/openssl/openssl/commit/a2fe10ca39f9a8e251b98bc03c3b1bbb6ad1496f
  Author: Pauli <pauli at openssl.org>
  Date:   2023-10-24 (Tue, 24 Oct 2023)

  Changed paths:
    M test/evp_extra_test.c

  Log Message:
  -----------
  test: add unit test for CVE-2023-5363

Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>


Compare: https://github.com/openssl/openssl/compare/0bf18140f491...a2fe10ca39f9

More information about the openssl-commits mailing list