diff options
| author | jsing <> | 2014-06-01 01:57:09 +0000 |
|---|---|---|
| committer | jsing <> | 2014-06-01 01:57:09 +0000 |
| commit | 310f4abbcfabc125e38e6ebdb3ae21ebdd980c60 (patch) | |
| tree | 6755746863af204ffcaea080cb33ee6289e3c4ff /src/lib | |
| parent | e951e06dd09f76940d341867de95774f4e9814b7 (diff) | |
| download | openbsd-310f4abbcfabc125e38e6ebdb3ae21ebdd980c60.tar.gz openbsd-310f4abbcfabc125e38e6ebdb3ae21ebdd980c60.tar.bz2 openbsd-310f4abbcfabc125e38e6ebdb3ae21ebdd980c60.zip | |
Clean up the tls1_change_cipher_state() key length handling and use a
single variable with a descriptive name, instead of two poorly named
variables.
Largely based on Adam Langley's chromium patches.
ok miod@
Diffstat (limited to 'src/lib')
| -rw-r--r-- | src/lib/libssl/src/ssl/t1_enc.c | 22 | ||||
| -rw-r--r-- | src/lib/libssl/t1_enc.c | 22 |
2 files changed, 24 insertions, 20 deletions
diff --git a/src/lib/libssl/src/ssl/t1_enc.c b/src/lib/libssl/src/ssl/t1_enc.c index 96c28e14cf..9a2d979fd7 100644 --- a/src/lib/libssl/src/ssl/t1_enc.c +++ b/src/lib/libssl/src/ssl/t1_enc.c | |||
| @@ -319,7 +319,7 @@ tls1_change_cipher_state(SSL *s, int which) | |||
| 319 | int *mac_secret_size; | 319 | int *mac_secret_size; |
| 320 | EVP_MD_CTX *mac_ctx; | 320 | EVP_MD_CTX *mac_ctx; |
| 321 | EVP_PKEY *mac_key; | 321 | EVP_PKEY *mac_key; |
| 322 | int is_export, n, i, j, k, exp_label_len, cl; | 322 | int is_export, n, i, k, exp_label_len, key_len; |
| 323 | int reuse_dd = 0; | 323 | int reuse_dd = 0; |
| 324 | char is_read; | 324 | char is_read; |
| 325 | 325 | ||
| @@ -434,11 +434,13 @@ tls1_change_cipher_state(SSL *s, int which) | |||
| 434 | p = s->s3->tmp.key_block; | 434 | p = s->s3->tmp.key_block; |
| 435 | i = *mac_secret_size = s->s3->tmp.new_mac_secret_size; | 435 | i = *mac_secret_size = s->s3->tmp.new_mac_secret_size; |
| 436 | 436 | ||
| 437 | cl = EVP_CIPHER_key_length(c); | 437 | key_len = EVP_CIPHER_key_length(c); |
| 438 | j = is_export ? (cl < SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher) ? | 438 | if (is_export) { |
| 439 | cl : SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher)) : cl; | 439 | if (key_len > SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher)) |
| 440 | /* Was j=(exp)?5:EVP_CIPHER_key_length(c); */ | 440 | key_len = SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher); |
| 441 | /* If GCM mode only part of IV comes from PRF */ | 441 | } |
| 442 | |||
| 443 | /* If GCM mode only part of IV comes from PRF. */ | ||
| 442 | if (EVP_CIPHER_mode(c) == EVP_CIPH_GCM_MODE) | 444 | if (EVP_CIPHER_mode(c) == EVP_CIPH_GCM_MODE) |
| 443 | k = EVP_GCM_TLS_FIXED_IV_LEN; | 445 | k = EVP_GCM_TLS_FIXED_IV_LEN; |
| 444 | else | 446 | else |
| @@ -448,7 +450,7 @@ tls1_change_cipher_state(SSL *s, int which) | |||
| 448 | ms = &(p[0]); | 450 | ms = &(p[0]); |
| 449 | n = i + i; | 451 | n = i + i; |
| 450 | key = &(p[n]); | 452 | key = &(p[n]); |
| 451 | n += j + j; | 453 | n += key_len + key_len; |
| 452 | iv = &(p[n]); | 454 | iv = &(p[n]); |
| 453 | n += k + k; | 455 | n += k + k; |
| 454 | exp_label = (unsigned char *)TLS_MD_CLIENT_WRITE_KEY_CONST; | 456 | exp_label = (unsigned char *)TLS_MD_CLIENT_WRITE_KEY_CONST; |
| @@ -457,9 +459,9 @@ tls1_change_cipher_state(SSL *s, int which) | |||
| 457 | } else { | 459 | } else { |
| 458 | n = i; | 460 | n = i; |
| 459 | ms = &(p[n]); | 461 | ms = &(p[n]); |
| 460 | n += i + j; | 462 | n += i + key_len; |
| 461 | key = &(p[n]); | 463 | key = &(p[n]); |
| 462 | n += j + k; | 464 | n += key_len + k; |
| 463 | iv = &(p[n]); | 465 | iv = &(p[n]); |
| 464 | n += k; | 466 | n += k; |
| 465 | exp_label = (unsigned char *)TLS_MD_SERVER_WRITE_KEY_CONST; | 467 | exp_label = (unsigned char *)TLS_MD_SERVER_WRITE_KEY_CONST; |
| @@ -488,7 +490,7 @@ tls1_change_cipher_state(SSL *s, int which) | |||
| 488 | exp_label, exp_label_len, | 490 | exp_label, exp_label_len, |
| 489 | s->s3->client_random, SSL3_RANDOM_SIZE, | 491 | s->s3->client_random, SSL3_RANDOM_SIZE, |
| 490 | s->s3->server_random, SSL3_RANDOM_SIZE, | 492 | s->s3->server_random, SSL3_RANDOM_SIZE, |
| 491 | NULL, 0, NULL, 0, key, j, tmp1, tmp2, | 493 | NULL, 0, NULL, 0, key, key_len, tmp1, tmp2, |
| 492 | EVP_CIPHER_key_length(c))) | 494 | EVP_CIPHER_key_length(c))) |
| 493 | goto err2; | 495 | goto err2; |
| 494 | key = tmp1; | 496 | key = tmp1; |
diff --git a/src/lib/libssl/t1_enc.c b/src/lib/libssl/t1_enc.c index 96c28e14cf..9a2d979fd7 100644 --- a/src/lib/libssl/t1_enc.c +++ b/src/lib/libssl/t1_enc.c | |||
| @@ -319,7 +319,7 @@ tls1_change_cipher_state(SSL *s, int which) | |||
| 319 | int *mac_secret_size; | 319 | int *mac_secret_size; |
| 320 | EVP_MD_CTX *mac_ctx; | 320 | EVP_MD_CTX *mac_ctx; |
| 321 | EVP_PKEY *mac_key; | 321 | EVP_PKEY *mac_key; |
| 322 | int is_export, n, i, j, k, exp_label_len, cl; | 322 | int is_export, n, i, k, exp_label_len, key_len; |
| 323 | int reuse_dd = 0; | 323 | int reuse_dd = 0; |
| 324 | char is_read; | 324 | char is_read; |
| 325 | 325 | ||
| @@ -434,11 +434,13 @@ tls1_change_cipher_state(SSL *s, int which) | |||
| 434 | p = s->s3->tmp.key_block; | 434 | p = s->s3->tmp.key_block; |
| 435 | i = *mac_secret_size = s->s3->tmp.new_mac_secret_size; | 435 | i = *mac_secret_size = s->s3->tmp.new_mac_secret_size; |
| 436 | 436 | ||
| 437 | cl = EVP_CIPHER_key_length(c); | 437 | key_len = EVP_CIPHER_key_length(c); |
| 438 | j = is_export ? (cl < SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher) ? | 438 | if (is_export) { |
| 439 | cl : SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher)) : cl; | 439 | if (key_len > SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher)) |
| 440 | /* Was j=(exp)?5:EVP_CIPHER_key_length(c); */ | 440 | key_len = SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher); |
| 441 | /* If GCM mode only part of IV comes from PRF */ | 441 | } |
| 442 | |||
| 443 | /* If GCM mode only part of IV comes from PRF. */ | ||
| 442 | if (EVP_CIPHER_mode(c) == EVP_CIPH_GCM_MODE) | 444 | if (EVP_CIPHER_mode(c) == EVP_CIPH_GCM_MODE) |
| 443 | k = EVP_GCM_TLS_FIXED_IV_LEN; | 445 | k = EVP_GCM_TLS_FIXED_IV_LEN; |
| 444 | else | 446 | else |
| @@ -448,7 +450,7 @@ tls1_change_cipher_state(SSL *s, int which) | |||
| 448 | ms = &(p[0]); | 450 | ms = &(p[0]); |
| 449 | n = i + i; | 451 | n = i + i; |
| 450 | key = &(p[n]); | 452 | key = &(p[n]); |
| 451 | n += j + j; | 453 | n += key_len + key_len; |
| 452 | iv = &(p[n]); | 454 | iv = &(p[n]); |
| 453 | n += k + k; | 455 | n += k + k; |
| 454 | exp_label = (unsigned char *)TLS_MD_CLIENT_WRITE_KEY_CONST; | 456 | exp_label = (unsigned char *)TLS_MD_CLIENT_WRITE_KEY_CONST; |
| @@ -457,9 +459,9 @@ tls1_change_cipher_state(SSL *s, int which) | |||
| 457 | } else { | 459 | } else { |
| 458 | n = i; | 460 | n = i; |
| 459 | ms = &(p[n]); | 461 | ms = &(p[n]); |
| 460 | n += i + j; | 462 | n += i + key_len; |
| 461 | key = &(p[n]); | 463 | key = &(p[n]); |
| 462 | n += j + k; | 464 | n += key_len + k; |
| 463 | iv = &(p[n]); | 465 | iv = &(p[n]); |
| 464 | n += k; | 466 | n += k; |
| 465 | exp_label = (unsigned char *)TLS_MD_SERVER_WRITE_KEY_CONST; | 467 | exp_label = (unsigned char *)TLS_MD_SERVER_WRITE_KEY_CONST; |
| @@ -488,7 +490,7 @@ tls1_change_cipher_state(SSL *s, int which) | |||
| 488 | exp_label, exp_label_len, | 490 | exp_label, exp_label_len, |
| 489 | s->s3->client_random, SSL3_RANDOM_SIZE, | 491 | s->s3->client_random, SSL3_RANDOM_SIZE, |
| 490 | s->s3->server_random, SSL3_RANDOM_SIZE, | 492 | s->s3->server_random, SSL3_RANDOM_SIZE, |
| 491 | NULL, 0, NULL, 0, key, j, tmp1, tmp2, | 493 | NULL, 0, NULL, 0, key, key_len, tmp1, tmp2, |
| 492 | EVP_CIPHER_key_length(c))) | 494 | EVP_CIPHER_key_length(c))) |
| 493 | goto err2; | 495 | goto err2; |
| 494 | key = tmp1; | 496 | key = tmp1; |