Convert ssl3_get_client_kex_dhe() to CBS and perform some general code

cleanup, including the removal of a dead code path. ok beck@
author: jsing <> 2016-11-17 15:22:41 +0000
committer: jsing <> 2016-11-17 15:22:41 +0000
commit: 97d8f4f2e9be51170c67b25d8bd287ad57bd0b36 (patch)
tree: 03ed9c16b6d28775390cf787effaa148114be103
parent: d6caefed0c7b02fb889999d13b628d13e0ca4512 (diff)
download: openbsd-97d8f4f2e9be51170c67b25d8bd287ad57bd0b36.tar.gz
openbsd-97d8f4f2e9be51170c67b25d8bd287ad57bd0b36.tar.bz2
openbsd-97d8f4f2e9be51170c67b25d8bd287ad57bd0b36.zip
1 files changed, 29 insertions, 38 deletions
diff --git a/src/lib/libssl/s3_srvr.c b/src/lib/libssl/s3_srvr.c
index 65625cef26..e0d16e5cf2 100644
--- a/src/lib/libssl/s3_srvr.c
+++ b/src/lib/libssl/s3_srvr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_srvr.c,v 1.132 2016/11/06 15:06:52 jsing Exp $ */
+/* $OpenBSD: s3_srvr.c,v 1.133 2016/11/17 15:22:41 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -1742,62 +1742,53 @@ err:
 static int
 ssl3_get_client_kex_dhe(SSL *s, unsigned char *p, long n)
 {
-        BIGNUM *pub = NULL;
+        BIGNUM *bn = NULL;
-        DH *dh_srvr;
+        int key_size, al;
-        int i, al;
+        CBS cbs, dh_Yc;
+        DH *dh;
-        if (2 > n)
+        if (n < 0)
-                goto truncated;
-        n2s(p, i);
-        if (n != i + 2) {
-                SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
-                    SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG);
                goto err;
-        }
-        if (n == 0L) {
+        CBS_init(&cbs, p, n);
-                /* the parameters are in the cert */
+        if (!CBS_get_u16_length_prefixed(&cbs, &dh_Yc))
+                goto truncated;
+        if (CBS_len(&cbs) != 0)
+                goto truncated;
+        if (s->s3->tmp.dh == NULL) {
                al = SSL_AD_HANDSHAKE_FAILURE;
                SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
-                    SSL_R_UNABLE_TO_DECODE_DH_CERTS);
+                    SSL_R_MISSING_TMP_DH_KEY);
                goto f_err;
-        } else {
-                if (s->s3->tmp.dh == NULL) {
-                        al = SSL_AD_HANDSHAKE_FAILURE;
-                        SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
-                            SSL_R_MISSING_TMP_DH_KEY);
-                        goto f_err;
-                } else
-                        dh_srvr = s->s3->tmp.dh;
        }
+        dh = s->s3->tmp.dh;
-        pub = BN_bin2bn(p, i, NULL);
+        if ((bn = BN_bin2bn(CBS_data(&dh_Yc), CBS_len(&dh_Yc), NULL)) == NULL) {
-        if (pub == NULL) {
                SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
                    SSL_R_BN_LIB);
                goto err;
        }
-        i = DH_compute_key(p, pub, dh_srvr);
+        key_size = DH_compute_key(p, bn, dh);
+        if (key_size <= 0) {
-        if (i <= 0) {
+                SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_DH_LIB);
-                SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+                BN_clear_free(bn);
-                    ERR_R_DH_LIB);
-                BN_clear_free(pub);
                goto err;
        }
-        DH_free(s->s3->tmp.dh);
-        s->s3->tmp.dh = NULL;
-        BN_clear_free(pub);
-        pub = NULL;
        s->session->master_key_length =
            s->method->ssl3_enc->generate_master_secret(
-                s, s->session->master_key, p, i);
+                s, s->session->master_key, p, key_size);
-        explicit_bzero(p, i);
+        explicit_bzero(p, key_size);
+        DH_free(s->s3->tmp.dh);
+        s->s3->tmp.dh = NULL;
+        BN_clear_free(bn);
        return (1);
author	jsing <>	2016-11-17 15:22:41 +0000
committer	jsing <>	2016-11-17 15:22:41 +0000
commit	97d8f4f2e9be51170c67b25d8bd287ad57bd0b36 (patch)
tree	03ed9c16b6d28775390cf787effaa148114be103
parent	d6caefed0c7b02fb889999d13b628d13e0ca4512 (diff)
download	openbsd-97d8f4f2e9be51170c67b25d8bd287ad57bd0b36.tar.gz openbsd-97d8f4f2e9be51170c67b25d8bd287ad57bd0b36.tar.bz2 openbsd-97d8f4f2e9be51170c67b25d8bd287ad57bd0b36.zip

diff --git a/src/lib/libssl/s3_srvr.c b/src/lib/libssl/s3_srvr.c index 65625cef26..e0d16e5cf2 100644 --- a/src/lib/libssl/s3_srvr.c +++ b/src/lib/libssl/s3_srvr.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: s3_srvr.c,v 1.132 2016/11/06 15:06:52 jsing Exp $ */	1	/* $OpenBSD: s3_srvr.c,v 1.133 2016/11/17 15:22:41 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -1742,62 +1742,53 @@ err:
1742	static int	1742	static int
1743	ssl3_get_client_kex_dhe(SSL s, unsigned char p, long n)	1743	ssl3_get_client_kex_dhe(SSL s, unsigned char p, long n)
1744	{	1744	{
1745	BIGNUM *pub = NULL;	1745	BIGNUM *bn = NULL;
1746	DH *dh_srvr;	1746	int key_size, al;
1747	int i, al;	1747	CBS cbs, dh_Yc;
		1748	DH *dh;
1748		1749
1749	if (2 > n)	1750	if (n < 0)
1750	goto truncated;
1751	n2s(p, i);
1752	if (n != i + 2) {
1753	SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
1754	SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG);
1755	goto err;	1751	goto err;
1756	}
1757		1752
1758	if (n == 0L) {	1753	CBS_init(&cbs, p, n);
1759	/* the parameters are in the cert */	1754
		1755	if (!CBS_get_u16_length_prefixed(&cbs, &dh_Yc))
		1756	goto truncated;
		1757
		1758	if (CBS_len(&cbs) != 0)
		1759	goto truncated;
		1760
		1761	if (s->s3->tmp.dh == NULL) {
1760	al = SSL_AD_HANDSHAKE_FAILURE;	1762	al = SSL_AD_HANDSHAKE_FAILURE;
1761	SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,	1763	SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
1762	SSL_R_UNABLE_TO_DECODE_DH_CERTS);	1764	SSL_R_MISSING_TMP_DH_KEY);
1763	goto f_err;	1765	goto f_err;
1764	} else {
1765	if (s->s3->tmp.dh == NULL) {
1766	al = SSL_AD_HANDSHAKE_FAILURE;
1767	SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
1768	SSL_R_MISSING_TMP_DH_KEY);
1769	goto f_err;
1770	} else
1771	dh_srvr = s->s3->tmp.dh;
1772	}	1766	}
		1767	dh = s->s3->tmp.dh;
1773		1768
1774	pub = BN_bin2bn(p, i, NULL);	1769	if ((bn = BN_bin2bn(CBS_data(&dh_Yc), CBS_len(&dh_Yc), NULL)) == NULL) {
1775	if (pub == NULL) {
1776	SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,	1770	SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
1777	SSL_R_BN_LIB);	1771	SSL_R_BN_LIB);
1778	goto err;	1772	goto err;
1779	}	1773	}
1780		1774
1781	i = DH_compute_key(p, pub, dh_srvr);	1775	key_size = DH_compute_key(p, bn, dh);
1782		1776	if (key_size <= 0) {
1783	if (i <= 0) {	1777	SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_DH_LIB);
1784	SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,	1778	BN_clear_free(bn);
1785	ERR_R_DH_LIB);
1786	BN_clear_free(pub);
1787	goto err;	1779	goto err;
1788	}	1780	}
1789		1781
1790	DH_free(s->s3->tmp.dh);
1791	s->s3->tmp.dh = NULL;
1792
1793	BN_clear_free(pub);
1794	pub = NULL;
1795
1796	s->session->master_key_length =	1782	s->session->master_key_length =
1797	s->method->ssl3_enc->generate_master_secret(	1783	s->method->ssl3_enc->generate_master_secret(
1798	s, s->session->master_key, p, i);	1784	s, s->session->master_key, p, key_size);
1799		1785
1800	explicit_bzero(p, i);	1786	explicit_bzero(p, key_size);
		1787
		1788	DH_free(s->s3->tmp.dh);
		1789	s->s3->tmp.dh = NULL;
		1790
		1791	BN_clear_free(bn);
1801		1792
1802	return (1);	1793	return (1);
1803		1794