[gnutls-devel] gnutls_prf not compliant to RFC 5705 (or confusingly so)

Rick van Rein rick at openfortress.nl
Sun Jul 19 20:47:43 CEST 2015 

Hello,

The gnutls_prf() function takes arguments “extra” and “extra_size”,
which are meant to conform to what RFC 5705 calls a “context”.

 1.

    The function docs state that "extra" is optional, but passing NULL
    in it causes a memcpy() with NULL source, which causes SEGFAULT (on
    Linux) even when copying 0 bytes.

 2.

    The RFC states that the context is preceded with its length in 16
    bits, if a context is provided. But gnutls_prf() does not check the
    length to fit in 16 bits, and it does not prefix the length. The
    function documentation also does not state that the caller must
    prefix the length -- which is probably not the idea anyway.

 3.

    Ample warning about the distinction between "extra == NULL" (in
    which case no context or length is added) and "extra_size == 0"
    (zero bytes of context added, with a zero length preceding it) is
    missing in the function documentation.

 4.

    The different naming of “extra” from “context” was confusing me when
    I was trying to use the function from the API spec plus the RFC;
    perhaps the RFC-name “context” is a good name to preserve.

If you agree that these are potential places for improvement, then
please find patches to resolve the above attached.

  * The 3.2.21 patch was made against the version in which I encountered
    the problem, and against which I patched it.
  * The 3.3.16 patch is virtually the same, but against stable head; it
    has only been tested to compile well.
  * Note that I am not aware of an easy way to compare the generated PRF
    with a known-correct value.

I hope you willl find these changes useful. Let me know if you would
like me to deliver other / better / … variations on top of, or instead
of, these ones.

Thanks!
-Rick

​
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: gnutls_prf-rfc5705-context-fix-3.2.21.patch
URL: </pipermail/attachments/20150719/e38b365d/attachment.ksh>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: gnutls_prf-rfc5705-context-fix-3.3.16.patch
URL: </pipermail/attachments/20150719/e38b365d/attachment-0001.ksh>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 268 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20150719/e38b365d/attachment.sig>

More information about the Gnutls-devel mailing list