Convert ssl3_get_server_kex_dhe() to CBS.

ok beck@
author: jsing <> 2016-11-04 15:05:29 +0000
committer: jsing <> 2016-11-04 15:05:29 +0000
commit: f8f8b38885d68124ff34c69bf38a1c2b4499cc40 (patch)
tree: 7f4f22dc7a59c5f9b343f147031d401f6e014ab1 /src/lib
parent: cc2b73e7f33aa109d4920aaf5a4130f56285ec86 (diff)
download: openbsd-f8f8b38885d68124ff34c69bf38a1c2b4499cc40.tar.gz
openbsd-f8f8b38885d68124ff34c69bf38a1c2b4499cc40.tar.bz2
openbsd-f8f8b38885d68124ff34c69bf38a1c2b4499cc40.zip
1 files changed, 19 insertions, 42 deletions
diff --git a/src/lib/libssl/s3_clnt.c b/src/lib/libssl/s3_clnt.c
index e9db8e27c2..8e02239392 100644
--- a/src/lib/libssl/s3_clnt.c
+++ b/src/lib/libssl/s3_clnt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_clnt.c,v 1.140 2016/11/03 13:20:35 jsing Exp $ */
+/* $OpenBSD: s3_clnt.c,v 1.141 2016/11/04 15:05:29 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -1094,68 +1094,47 @@ err:
 static int
 ssl3_get_server_kex_dhe(SSL *s, EVP_PKEY **pkey, unsigned char **pp, long *nn)
 {
+        CBS cbs, dhp, dhg, dhpk;
        BN_CTX *bn_ctx = NULL;
        SESS_CERT *sc = NULL;
        DH *dh = NULL;
-        int al, i, param_len;
+        long alg_a;
-        unsigned char *p;
+        int al;
-        long alg_a, n;
        alg_a = s->s3->tmp.new_cipher->algorithm_auth;
-        n = *nn;
-        p = *pp;
        sc = s->session->sess_cert;
+        if (*nn < 0)
+                goto err;
+        CBS_init(&cbs, *pp, *nn);
        if ((dh = DH_new()) == NULL) {
                SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_DH_LIB);
                goto err;
        }
-        if (2 > n)
+        if (!CBS_get_u16_length_prefixed(&cbs, &dhp))
                goto truncated;
-        n2s(p, i);
+        if ((dh->p = BN_bin2bn(CBS_data(&dhp), CBS_len(&dhp), NULL)) == NULL) {
-        param_len = i + 2;
-        if (param_len > n) {
-                al = SSL_AD_DECODE_ERROR;
-                SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_DH_P_LENGTH);
-                goto f_err;
-        }
-        if (!(dh->p = BN_bin2bn(p, i, NULL))) {
                SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_BN_LIB);
                goto err;
        }
-        p += i;
-        if (param_len + 2 > n)
+        if (!CBS_get_u16_length_prefixed(&cbs, &dhg))
                goto truncated;
-        n2s(p, i);
+        if ((dh->g = BN_bin2bn(CBS_data(&dhg), CBS_len(&dhg), NULL)) == NULL) {
-        param_len += i + 2;
-        if (param_len > n) {
-                al = SSL_AD_DECODE_ERROR;
-                SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_DH_G_LENGTH);
-                goto f_err;
-        }
-        if (!(dh->g = BN_bin2bn(p, i, NULL))) {
                SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_BN_LIB);
                goto err;
        }
-        p += i;
-        if (param_len + 2 > n)
+        if (!CBS_get_u16_length_prefixed(&cbs, &dhpk))
                goto truncated;
-        n2s(p, i);
+        if ((dh->pub_key = BN_bin2bn(CBS_data(&dhpk), CBS_len(&dhpk),
-        param_len += i + 2;
+            NULL)) == NULL) {
-        if (param_len > n) {
-                al = SSL_AD_DECODE_ERROR;
-                SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
-                    SSL_R_BAD_DH_PUB_KEY_LENGTH);
-                goto f_err;
-        }
-        if (!(dh->pub_key = BN_bin2bn(p, i, NULL))) {
                SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_BN_LIB);
                goto err;
        }
-        p += i;
-        n -= param_len;
        /*
         * Check the strength of the DH key just constructed.
@@ -1176,16 +1155,14 @@ ssl3_get_server_kex_dhe(SSL *s, EVP_PKEY **pkey, unsigned char **pp, long *nn)
        sc->peer_dh_tmp = dh;
-        *nn = n;
+        *nn = CBS_len(&cbs);
-        *pp = p;
+        *pp = (unsigned char *)CBS_data(&cbs);
        return (1);
 truncated:
        al = SSL_AD_DECODE_ERROR;
        SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_PACKET_LENGTH);
- f_err:
        ssl3_send_alert(s, SSL3_AL_FATAL, al);
 err:
author	jsing <>	2016-11-04 15:05:29 +0000
committer	jsing <>	2016-11-04 15:05:29 +0000
commit	f8f8b38885d68124ff34c69bf38a1c2b4499cc40 (patch)
tree	7f4f22dc7a59c5f9b343f147031d401f6e014ab1 /src/lib
parent	cc2b73e7f33aa109d4920aaf5a4130f56285ec86 (diff)
download	openbsd-f8f8b38885d68124ff34c69bf38a1c2b4499cc40.tar.gz openbsd-f8f8b38885d68124ff34c69bf38a1c2b4499cc40.tar.bz2 openbsd-f8f8b38885d68124ff34c69bf38a1c2b4499cc40.zip

diff --git a/src/lib/libssl/s3_clnt.c b/src/lib/libssl/s3_clnt.c index e9db8e27c2..8e02239392 100644 --- a/src/lib/libssl/s3_clnt.c +++ b/src/lib/libssl/s3_clnt.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: s3_clnt.c,v 1.140 2016/11/03 13:20:35 jsing Exp $ */	1	/* $OpenBSD: s3_clnt.c,v 1.141 2016/11/04 15:05:29 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -1094,68 +1094,47 @@ err:
1094	static int	1094	static int
1095	ssl3_get_server_kex_dhe(SSL s, EVP_PKEY pkey, unsigned char pp, long nn)	1095	ssl3_get_server_kex_dhe(SSL s, EVP_PKEY pkey, unsigned char pp, long nn)
1096	{	1096	{
		1097	CBS cbs, dhp, dhg, dhpk;
1097	BN_CTX *bn_ctx = NULL;	1098	BN_CTX *bn_ctx = NULL;
1098	SESS_CERT *sc = NULL;	1099	SESS_CERT *sc = NULL;
1099	DH *dh = NULL;	1100	DH *dh = NULL;
1100	int al, i, param_len;	1101	long alg_a;
1101	unsigned char *p;	1102	int al;
1102	long alg_a, n;
1103		1103
1104	alg_a = s->s3->tmp.new_cipher->algorithm_auth;	1104	alg_a = s->s3->tmp.new_cipher->algorithm_auth;
1105	n = *nn;
1106	p = *pp;
1107	sc = s->session->sess_cert;	1105	sc = s->session->sess_cert;
1108		1106
		1107	if (*nn < 0)
		1108	goto err;
		1109
		1110	CBS_init(&cbs, pp, nn);
		1111
1109	if ((dh = DH_new()) == NULL) {	1112	if ((dh = DH_new()) == NULL) {
1110	SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_DH_LIB);	1113	SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_DH_LIB);
1111	goto err;	1114	goto err;
1112	}	1115	}
1113	if (2 > n)	1116
		1117	if (!CBS_get_u16_length_prefixed(&cbs, &dhp))
1114	goto truncated;	1118	goto truncated;
1115	n2s(p, i);	1119	if ((dh->p = BN_bin2bn(CBS_data(&dhp), CBS_len(&dhp), NULL)) == NULL) {
1116	param_len = i + 2;
1117	if (param_len > n) {
1118	al = SSL_AD_DECODE_ERROR;
1119	SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_DH_P_LENGTH);
1120	goto f_err;
1121	}
1122	if (!(dh->p = BN_bin2bn(p, i, NULL))) {
1123	SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_BN_LIB);	1120	SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_BN_LIB);
1124	goto err;	1121	goto err;
1125	}	1122	}
1126	p += i;
1127		1123
1128	if (param_len + 2 > n)	1124	if (!CBS_get_u16_length_prefixed(&cbs, &dhg))
1129	goto truncated;	1125	goto truncated;
1130	n2s(p, i);	1126	if ((dh->g = BN_bin2bn(CBS_data(&dhg), CBS_len(&dhg), NULL)) == NULL) {
1131	param_len += i + 2;
1132	if (param_len > n) {
1133	al = SSL_AD_DECODE_ERROR;
1134	SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_DH_G_LENGTH);
1135	goto f_err;
1136	}
1137	if (!(dh->g = BN_bin2bn(p, i, NULL))) {
1138	SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_BN_LIB);	1127	SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_BN_LIB);
1139	goto err;	1128	goto err;
1140	}	1129	}
1141	p += i;
1142		1130
1143	if (param_len + 2 > n)	1131	if (!CBS_get_u16_length_prefixed(&cbs, &dhpk))
1144	goto truncated;	1132	goto truncated;
1145	n2s(p, i);	1133	if ((dh->pub_key = BN_bin2bn(CBS_data(&dhpk), CBS_len(&dhpk),
1146	param_len += i + 2;	1134	NULL)) == NULL) {
1147	if (param_len > n) {
1148	al = SSL_AD_DECODE_ERROR;
1149	SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
1150	SSL_R_BAD_DH_PUB_KEY_LENGTH);
1151	goto f_err;
1152	}
1153	if (!(dh->pub_key = BN_bin2bn(p, i, NULL))) {
1154	SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_BN_LIB);	1135	SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_BN_LIB);
1155	goto err;	1136	goto err;
1156	}	1137	}
1157	p += i;
1158	n -= param_len;
1159		1138
1160	/*	1139	/*
1161	* Check the strength of the DH key just constructed.	1140	* Check the strength of the DH key just constructed.
@@ -1176,16 +1155,14 @@ ssl3_get_server_kex_dhe(SSL s, EVP_PKEY pkey, unsigned char pp, long nn)
1176		1155
1177	sc->peer_dh_tmp = dh;	1156	sc->peer_dh_tmp = dh;
1178		1157
1179	*nn = n;	1158	*nn = CBS_len(&cbs);
1180	*pp = p;	1159	pp = (unsigned char )CBS_data(&cbs);
1181		1160
1182	return (1);	1161	return (1);
1183		1162
1184	truncated:	1163	truncated:
1185	al = SSL_AD_DECODE_ERROR;	1164	al = SSL_AD_DECODE_ERROR;
1186	SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_PACKET_LENGTH);	1165	SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_PACKET_LENGTH);
1187
1188	f_err:
1189	ssl3_send_alert(s, SSL3_AL_FATAL, al);	1166	ssl3_send_alert(s, SSL3_AL_FATAL, al);
1190		1167
1191	err:	1168	err: