diff options
| author | jsing <> | 2015-09-11 17:54:23 +0000 |
|---|---|---|
| committer | jsing <> | 2015-09-11 17:54:23 +0000 |
| commit | 29446567e66706a4c7b42878647dcf3b5dd69c97 (patch) | |
| tree | 35a5f44ca373ca373a8705603df40a45831e4f06 /src/lib/libssl/t1_enc.c | |
| parent | 795a0361120faed435ab380a065eb0e8f4be991f (diff) | |
| download | openbsd-29446567e66706a4c7b42878647dcf3b5dd69c97.tar.gz openbsd-29446567e66706a4c7b42878647dcf3b5dd69c97.tar.bz2 openbsd-29446567e66706a4c7b42878647dcf3b5dd69c97.zip | |
Merge the remnants of s3_enc.c into t1_enc.c.
ok beck@
Diffstat (limited to 'src/lib/libssl/t1_enc.c')
| -rw-r--r-- | src/lib/libssl/t1_enc.c | 124 |
1 files changed, 123 insertions, 1 deletions
diff --git a/src/lib/libssl/t1_enc.c b/src/lib/libssl/t1_enc.c index 5d2b8eaf89..892fc31796 100644 --- a/src/lib/libssl/t1_enc.c +++ b/src/lib/libssl/t1_enc.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: t1_enc.c,v 1.81 2015/09/10 15:56:26 jsing Exp $ */ | 1 | /* $OpenBSD: t1_enc.c,v 1.82 2015/09/11 17:54:23 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -143,6 +143,128 @@ | |||
| 143 | #include <openssl/hmac.h> | 143 | #include <openssl/hmac.h> |
| 144 | #include <openssl/md5.h> | 144 | #include <openssl/md5.h> |
| 145 | 145 | ||
| 146 | void | ||
| 147 | ssl3_cleanup_key_block(SSL *s) | ||
| 148 | { | ||
| 149 | if (s->s3->tmp.key_block != NULL) { | ||
| 150 | explicit_bzero(s->s3->tmp.key_block, | ||
| 151 | s->s3->tmp.key_block_length); | ||
| 152 | free(s->s3->tmp.key_block); | ||
| 153 | s->s3->tmp.key_block = NULL; | ||
| 154 | } | ||
| 155 | s->s3->tmp.key_block_length = 0; | ||
| 156 | } | ||
| 157 | |||
| 158 | int | ||
| 159 | ssl3_init_finished_mac(SSL *s) | ||
| 160 | { | ||
| 161 | BIO_free(s->s3->handshake_buffer); | ||
| 162 | ssl3_free_digest_list(s); | ||
| 163 | |||
| 164 | s->s3->handshake_buffer = BIO_new(BIO_s_mem()); | ||
| 165 | if (s->s3->handshake_buffer == NULL) | ||
| 166 | return (0); | ||
| 167 | |||
| 168 | (void)BIO_set_close(s->s3->handshake_buffer, BIO_CLOSE); | ||
| 169 | |||
| 170 | return (1); | ||
| 171 | } | ||
| 172 | |||
| 173 | void | ||
| 174 | ssl3_free_digest_list(SSL *s) | ||
| 175 | { | ||
| 176 | int i; | ||
| 177 | |||
| 178 | if (s == NULL) | ||
| 179 | return; | ||
| 180 | |||
| 181 | if (s->s3->handshake_dgst == NULL) | ||
| 182 | return; | ||
| 183 | for (i = 0; i < SSL_MAX_DIGEST; i++) { | ||
| 184 | if (s->s3->handshake_dgst[i]) | ||
| 185 | EVP_MD_CTX_destroy(s->s3->handshake_dgst[i]); | ||
| 186 | } | ||
| 187 | free(s->s3->handshake_dgst); | ||
| 188 | s->s3->handshake_dgst = NULL; | ||
| 189 | } | ||
| 190 | |||
| 191 | void | ||
| 192 | ssl3_finish_mac(SSL *s, const unsigned char *buf, int len) | ||
| 193 | { | ||
| 194 | if (s->s3->handshake_buffer && | ||
| 195 | !(s->s3->flags & TLS1_FLAGS_KEEP_HANDSHAKE)) { | ||
| 196 | BIO_write(s->s3->handshake_buffer, (void *)buf, len); | ||
| 197 | } else { | ||
| 198 | int i; | ||
| 199 | for (i = 0; i < SSL_MAX_DIGEST; i++) { | ||
| 200 | if (s->s3->handshake_dgst[i]!= NULL) | ||
| 201 | EVP_DigestUpdate(s->s3->handshake_dgst[i], buf, len); | ||
| 202 | } | ||
| 203 | } | ||
| 204 | } | ||
| 205 | |||
| 206 | int | ||
| 207 | ssl3_digest_cached_records(SSL *s) | ||
| 208 | { | ||
| 209 | int i; | ||
| 210 | long mask; | ||
| 211 | const EVP_MD *md; | ||
| 212 | long hdatalen; | ||
| 213 | void *hdata; | ||
| 214 | |||
| 215 | ssl3_free_digest_list(s); | ||
| 216 | |||
| 217 | s->s3->handshake_dgst = calloc(SSL_MAX_DIGEST, sizeof(EVP_MD_CTX *)); | ||
| 218 | if (s->s3->handshake_dgst == NULL) { | ||
| 219 | SSLerr(SSL_F_SSL3_DIGEST_CACHED_RECORDS, ERR_R_MALLOC_FAILURE); | ||
| 220 | return 0; | ||
| 221 | } | ||
| 222 | hdatalen = BIO_get_mem_data(s->s3->handshake_buffer, &hdata); | ||
| 223 | if (hdatalen <= 0) { | ||
| 224 | SSLerr(SSL_F_SSL3_DIGEST_CACHED_RECORDS, | ||
| 225 | SSL_R_BAD_HANDSHAKE_LENGTH); | ||
| 226 | return 0; | ||
| 227 | } | ||
| 228 | |||
| 229 | /* Loop through bits of the algorithm2 field and create MD contexts. */ | ||
| 230 | for (i = 0; ssl_get_handshake_digest(i, &mask, &md); i++) { | ||
| 231 | if ((mask & ssl_get_algorithm2(s)) && md) { | ||
| 232 | s->s3->handshake_dgst[i] = EVP_MD_CTX_create(); | ||
| 233 | if (s->s3->handshake_dgst[i] == NULL) { | ||
| 234 | SSLerr(SSL_F_SSL3_DIGEST_CACHED_RECORDS, | ||
| 235 | ERR_R_MALLOC_FAILURE); | ||
| 236 | return 0; | ||
| 237 | } | ||
| 238 | if (!EVP_DigestInit_ex(s->s3->handshake_dgst[i], | ||
| 239 | md, NULL)) { | ||
| 240 | EVP_MD_CTX_destroy(s->s3->handshake_dgst[i]); | ||
| 241 | return 0; | ||
| 242 | } | ||
| 243 | if (!EVP_DigestUpdate(s->s3->handshake_dgst[i], hdata, | ||
| 244 | hdatalen)) | ||
| 245 | return 0; | ||
| 246 | } | ||
| 247 | } | ||
| 248 | |||
| 249 | if (!(s->s3->flags & TLS1_FLAGS_KEEP_HANDSHAKE)) { | ||
| 250 | BIO_free(s->s3->handshake_buffer); | ||
| 251 | s->s3->handshake_buffer = NULL; | ||
| 252 | } | ||
| 253 | |||
| 254 | return 1; | ||
| 255 | } | ||
| 256 | |||
| 257 | void | ||
| 258 | ssl3_record_sequence_increment(unsigned char *seq) | ||
| 259 | { | ||
| 260 | int i; | ||
| 261 | |||
| 262 | for (i = SSL3_SEQUENCE_SIZE - 1; i >= 0; i--) { | ||
| 263 | if (++seq[i] != 0) | ||
| 264 | break; | ||
| 265 | } | ||
| 266 | } | ||
| 267 | |||
| 146 | /* seed1 through seed5 are virtually concatenated */ | 268 | /* seed1 through seed5 are virtually concatenated */ |
| 147 | static int | 269 | static int |
| 148 | tls1_P_hash(const EVP_MD *md, const unsigned char *sec, int sec_len, | 270 | tls1_P_hash(const EVP_MD *md, const unsigned char *sec, int sec_len, |