From a9d8a3d44829cf9182b252bc951f35fb0d573972 Mon Sep 17 00:00:00 2001 From: Jakub Jelen Date: Wed, 14 May 2025 14:07:58 +0200 Subject: CVE-2025-5372 libgcrypto: Simplify error checking and handling of return codes in ssh_kdf() Signed-off-by: Jakub Jelen Reviewed-by: Andreas Schneider Upstream-Status: Backport [https://git.libssh.org/projects/libssh.git/commit/?id=a9d8a3d44829cf9182b252bc951f35fb0d573972] CVE: CVE-2025-5372 Signed-off-by: Hitendra Prajapati --- src/libcrypto.c | 62 ++++++++++++++++++++++--------------------------- 1 file changed, 28 insertions(+), 34 deletions(-) diff --git a/src/libcrypto.c b/src/libcrypto.c index 4f945d90..76e067d3 100644 --- a/src/libcrypto.c +++ b/src/libcrypto.c @@ -163,7 +163,7 @@ int ssh_kdf(struct ssh_crypto_struct *crypto, uint8_t key_type, unsigned char *output, size_t requested_len) { - int rc = -1; + int ret = SSH_ERROR, rv; #if OPENSSL_VERSION_NUMBER < 0x30000000L EVP_KDF_CTX *ctx = EVP_KDF_CTX_new_id(EVP_KDF_SSHKDF); #else @@ -185,81 +185,75 @@ int ssh_kdf(struct ssh_crypto_struct *crypto, } #if OPENSSL_VERSION_NUMBER < 0x30000000L - rc = EVP_KDF_ctrl(ctx, EVP_KDF_CTRL_SET_MD, + rv = EVP_KDF_ctrl(ctx, EVP_KDF_CTRL_SET_MD, sshkdf_digest_to_md(crypto->digest_type)); - if (rc != 1) { + if (rv != 1) { goto out; } - rc = EVP_KDF_ctrl(ctx, EVP_KDF_CTRL_SET_KEY, key, key_len); - if (rc != 1) { + rv = EVP_KDF_ctrl(ctx, EVP_KDF_CTRL_SET_KEY, key, key_len); + if (rv != 1) { goto out; } - rc = EVP_KDF_ctrl(ctx, EVP_KDF_CTRL_SET_SSHKDF_XCGHASH, + rv = EVP_KDF_ctrl(ctx, EVP_KDF_CTRL_SET_SSHKDF_XCGHASH, crypto->secret_hash, crypto->digest_len); - if (rc != 1) { + if (rv != 1) { goto out; } - rc = EVP_KDF_ctrl(ctx, EVP_KDF_CTRL_SET_SSHKDF_TYPE, key_type); - if (rc != 1) { + rv = EVP_KDF_ctrl(ctx, EVP_KDF_CTRL_SET_SSHKDF_TYPE, key_type); + if (rv != 1) { goto out; } - rc = EVP_KDF_ctrl(ctx, EVP_KDF_CTRL_SET_SSHKDF_SESSION_ID, + rv = EVP_KDF_ctrl(ctx, EVP_KDF_CTRL_SET_SSHKDF_SESSION_ID, crypto->session_id, crypto->session_id_len); - if (rc != 1) { + if (rv != 1) { goto out; } - rc = EVP_KDF_derive(ctx, output, requested_len); - if (rc != 1) { + rv = EVP_KDF_derive(ctx, output, requested_len); + if (rv != 1) { goto out; } #else - rc = OSSL_PARAM_BLD_push_utf8_string(param_bld, OSSL_KDF_PARAM_DIGEST, + rv = OSSL_PARAM_BLD_push_utf8_string(param_bld, OSSL_KDF_PARAM_DIGEST, md, strlen(md)); - if (rc != 1) { - rc = -1; + if (rv != 1) { goto out; } - rc = OSSL_PARAM_BLD_push_octet_string(param_bld, OSSL_KDF_PARAM_KEY, + rv = OSSL_PARAM_BLD_push_octet_string(param_bld, OSSL_KDF_PARAM_KEY, key, key_len); - if (rc != 1) { - rc = -1; + if (rv != 1) { goto out; } - rc = OSSL_PARAM_BLD_push_octet_string(param_bld, + rv = OSSL_PARAM_BLD_push_octet_string(param_bld, OSSL_KDF_PARAM_SSHKDF_XCGHASH, crypto->secret_hash, crypto->digest_len); - if (rc != 1) { - rc = -1; + if (rv != 1) { goto out; } - rc = OSSL_PARAM_BLD_push_octet_string(param_bld, + rv = OSSL_PARAM_BLD_push_octet_string(param_bld, OSSL_KDF_PARAM_SSHKDF_SESSION_ID, crypto->session_id, crypto->session_id_len); - if (rc != 1) { - rc = -1; + if (rv != 1) { goto out; } - rc = OSSL_PARAM_BLD_push_utf8_string(param_bld, OSSL_KDF_PARAM_SSHKDF_TYPE, + rv = OSSL_PARAM_BLD_push_utf8_string(param_bld, OSSL_KDF_PARAM_SSHKDF_TYPE, (const char*)&key_type, 1); - if (rc != 1) { - rc = -1; + if (rv != 1) { goto out; } params = OSSL_PARAM_BLD_to_param(param_bld); if (params == NULL) { - rc = -1; goto out; } - rc = EVP_KDF_derive(ctx, output, requested_len, params); - if (rc != 1) { - rc = -1; + rv = EVP_KDF_derive(ctx, output, requested_len, params); + if (rv != 1) { goto out; } #endif /* OPENSSL_VERSION_NUMBER */ + ret = SSH_OK; out: #if OPENSSL_VERSION_NUMBER >= 0x30000000L @@ -267,8 +261,8 @@ out: OSSL_PARAM_free(params); #endif EVP_KDF_CTX_free(ctx); - if (rc < 0) { - return rc; + if (ret < 0) { + return ret; } return 0; } -- 2.49.0