[LINK] Apple SSL/TLS bug February-2014

Phillip Musumeci pmusumeci at gmail.com
Tue Feb 25 12:26:34 AEDT 2014

Extract from https://www.imperialviolet.org/2014/02/22/applebug.html might
be of interest to LINK given recent discussions (the posting continues with
a cut down code fragment and discussion):

Yesterday, Apple pushed a rather spooky security
update<http://support.apple.com/kb/HT6147> for
iOS that suggested that something was horribly wrong with SSL/TLS in iOS
but gave no details. Since the answer is at the
top<https://news.ycombinator.com/item?id=7281378> of
the Hacker News thread, I guess the cat's out of the bag already and we're
into the misinformation-quashing stage now.

So here's the Apple bug:

static OSStatus
SSLVerifySignedServerKeyExchange(SSLContext *ctx, bool isRsa,
SSLBuffer signedParams,
                                 uint8_t *signature, UInt16 signatureLen)
	OSStatus        err;

	if ((err = SSLHashSHA1.update(&hashCtx, &serverRandom)) != 0)
		goto fail;
	if ((err = SSLHashSHA1.update(&hashCtx, &signedParams)) != 0)
		goto fail;
		goto fail;
	if ((err = SSLHashSHA1.final(&hashCtx, &hashOut)) != 0)
		goto fail;

	return err;

(Quoted from Apple's published source

Note the two goto fail lines in a row. ...

Contact/projects https://sites.google.com/site/pmusumeci/

More information about the Link mailing list