Nuke ssl3_setup_key_block() and ssl3_generate_key_block().

ok "flensing knife"
author: jsing <> 2015-09-11 16:59:17 +0000
committer: jsing <> 2015-09-11 16:59:17 +0000
commit: cdbe672f603c17740ecbdd417aab58c8aef23b7a (patch)
tree: 7867e12927c33227d264f83f17d747d71ddf5818 /src
parent: 58137d6816f0d777d205ec5e0b82a0561c74c50b (diff)
download: openbsd-cdbe672f603c17740ecbdd417aab58c8aef23b7a.tar.gz
openbsd-cdbe672f603c17740ecbdd417aab58c8aef23b7a.tar.bz2
openbsd-cdbe672f603c17740ecbdd417aab58c8aef23b7a.zip
3 files changed, 3 insertions, 122 deletions
diff --git a/src/lib/libssl/src/ssl/s3_enc.c b/src/lib/libssl/src/ssl/s3_enc.c
index 6a7026e158..06ce4b0fbb 100644
--- a/src/lib/libssl/src/ssl/s3_enc.c
+++ b/src/lib/libssl/src/ssl/s3_enc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_enc.c,v 1.64 2015/09/11 16:56:17 jsing Exp $ */
+/* $OpenBSD: s3_enc.c,v 1.65 2015/09/11 16:59:17 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -163,58 +163,6 @@ static unsigned char ssl3_pad_2[48] = {
 static int ssl3_handshake_mac(SSL *s, int md_nid, const char *sender,
    int len, unsigned char *p);
-static int
-ssl3_generate_key_block(SSL *s, unsigned char *km, int num)
-{
-        EVP_MD_CTX m5;
-        EVP_MD_CTX s1;
-        unsigned char buf[16], smd[SHA_DIGEST_LENGTH];
-        unsigned char c = 'A';
-        unsigned int i, j, k;
-        k = 0;
-        EVP_MD_CTX_init(&m5);
-        EVP_MD_CTX_init(&s1);
-        for (i = 0; (int)i < num; i += MD5_DIGEST_LENGTH) {
-                k++;
-                if (k > sizeof buf) {
-                        /* bug: 'buf' is too small for this ciphersuite */
-                        SSLerr(SSL_F_SSL3_GENERATE_KEY_BLOCK,
-                            ERR_R_INTERNAL_ERROR);
-                        return 0;
-                }
-                for (j = 0; j < k; j++)
-                        buf[j] = c;
-                c++;
-                if (!EVP_DigestInit_ex(&s1, EVP_sha1(), NULL))
-                        return 0;
-                EVP_DigestUpdate(&s1, buf, k);
-                EVP_DigestUpdate(&s1, s->session->master_key,
-                    s->session->master_key_length);
-                EVP_DigestUpdate(&s1, s->s3->server_random, SSL3_RANDOM_SIZE);
-                EVP_DigestUpdate(&s1, s->s3->client_random, SSL3_RANDOM_SIZE);
-                EVP_DigestFinal_ex(&s1, smd, NULL);
-                if (!EVP_DigestInit_ex(&m5, EVP_md5(), NULL))
-                        return 0;
-                EVP_DigestUpdate(&m5, s->session->master_key,
-                    s->session->master_key_length);
-                EVP_DigestUpdate(&m5, smd, SHA_DIGEST_LENGTH);
-                if ((int)(i + MD5_DIGEST_LENGTH) > num) {
-                        EVP_DigestFinal_ex(&m5, smd, NULL);
-                        memcpy(km, smd, (num - i));
-                } else
-                        EVP_DigestFinal_ex(&m5, km, NULL);
-                km += MD5_DIGEST_LENGTH;
-        }
-        explicit_bzero(smd, SHA_DIGEST_LENGTH);
-        EVP_MD_CTX_cleanup(&m5);
-        EVP_MD_CTX_cleanup(&s1);
-        return 1;
-}
 int
 ssl3_change_cipher_state(SSL *s, int which)
 {
@@ -323,71 +271,6 @@ err2:
        return (0);
 }
-int
-ssl3_setup_key_block(SSL *s)
-{
-        int key_block_len, mac_len, key_len, iv_len;
-        unsigned char *key_block;
-        const EVP_CIPHER *cipher;
-        const EVP_MD *mac;
-        int ret = 0;
-        if (s->s3->tmp.key_block_length != 0)
-                return (1);
-        if (!ssl_cipher_get_evp(s->session, &cipher, &mac, NULL, NULL)) {
-                SSLerr(SSL_F_SSL3_SETUP_KEY_BLOCK,
-                    SSL_R_CIPHER_OR_HASH_UNAVAILABLE);
-                return (0);
-        }
-        s->s3->tmp.new_sym_enc = cipher;
-        s->s3->tmp.new_hash = mac;
-        mac_len = EVP_MD_size(mac);
-        key_len = EVP_CIPHER_key_length(cipher);
-        iv_len = EVP_CIPHER_iv_length(cipher);
-        if (mac_len < 0)
-                return 0;
-        ssl3_cleanup_key_block(s);
-        if ((key_block = reallocarray(NULL, mac_len + key_len + iv_len, 2))
-            == NULL)
-                goto err;
-        key_block_len = (mac_len + key_len + iv_len) * 2;
-        s->s3->tmp.key_block_length = key_block_len;
-        s->s3->tmp.key_block = key_block;
-        ret = ssl3_generate_key_block(s, key_block, key_block_len);
-        if (!(s->options & SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS)) {
-                /*
-                 * Enable vulnerability countermeasure for CBC ciphers with
-                 * known-IV problem (http://www.openssl.org/~bodo/tls-cbc.txt)
-                 */
-                s->s3->need_empty_fragments = 1;
-                if (s->session->cipher != NULL) {
-                        if (s->session->cipher->algorithm_enc == SSL_eNULL)
-                                s->s3->need_empty_fragments = 0;
-#ifndef OPENSSL_NO_RC4
-                        if (s->session->cipher->algorithm_enc == SSL_RC4)
-                                s->s3->need_empty_fragments = 0;
-#endif
-                }
-        }
-        return ret;
-err:
-        SSLerr(SSL_F_SSL3_SETUP_KEY_BLOCK, ERR_R_MALLOC_FAILURE);
-        return (0);
-}
 void
 ssl3_cleanup_key_block(SSL *s)
 {
diff --git a/src/lib/libssl/src/ssl/ssl_locl.h b/src/lib/libssl/src/ssl/ssl_locl.h
index 1b46e990de..939808e3fb 100644
--- a/src/lib/libssl/src/ssl/ssl_locl.h
+++ b/src/lib/libssl/src/ssl/ssl_locl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_locl.h,v 1.107 2015/09/11 16:56:17 jsing Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.108 2015/09/11 16:59:17 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -602,7 +602,6 @@ int ssl3_send_server_certificate(SSL *s);
 int ssl3_send_newsession_ticket(SSL *s);
 int ssl3_send_cert_status(SSL *s);
 int ssl3_get_finished(SSL *s, int state_a, int state_b);
-int ssl3_setup_key_block(SSL *s);
 int ssl3_send_change_cipher_spec(SSL *s, int state_a, int state_b);
 int ssl3_change_cipher_state(SSL *s, int which);
 void ssl3_cleanup_key_block(SSL *s);
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h
index 1b46e990de..939808e3fb 100644
--- a/src/lib/libssl/ssl_locl.h
+++ b/src/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_locl.h,v 1.107 2015/09/11 16:56:17 jsing Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.108 2015/09/11 16:59:17 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -602,7 +602,6 @@ int ssl3_send_server_certificate(SSL *s);
 int ssl3_send_newsession_ticket(SSL *s);
 int ssl3_send_cert_status(SSL *s);
 int ssl3_get_finished(SSL *s, int state_a, int state_b);
-int ssl3_setup_key_block(SSL *s);
 int ssl3_send_change_cipher_spec(SSL *s, int state_a, int state_b);
 int ssl3_change_cipher_state(SSL *s, int which);
 void ssl3_cleanup_key_block(SSL *s);
author	jsing <>	2015-09-11 16:59:17 +0000
committer	jsing <>	2015-09-11 16:59:17 +0000
commit	cdbe672f603c17740ecbdd417aab58c8aef23b7a (patch)
tree	7867e12927c33227d264f83f17d747d71ddf5818 /src
parent	58137d6816f0d777d205ec5e0b82a0561c74c50b (diff)
download	openbsd-cdbe672f603c17740ecbdd417aab58c8aef23b7a.tar.gz openbsd-cdbe672f603c17740ecbdd417aab58c8aef23b7a.tar.bz2 openbsd-cdbe672f603c17740ecbdd417aab58c8aef23b7a.zip

diff --git a/src/lib/libssl/src/ssl/s3_enc.c b/src/lib/libssl/src/ssl/s3_enc.c index 6a7026e158..06ce4b0fbb 100644 --- a/src/lib/libssl/src/ssl/s3_enc.c +++ b/src/lib/libssl/src/ssl/s3_enc.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: s3_enc.c,v 1.64 2015/09/11 16:56:17 jsing Exp $ */	1	/* $OpenBSD: s3_enc.c,v 1.65 2015/09/11 16:59:17 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -163,58 +163,6 @@ static unsigned char ssl3_pad_2[48] = {
163	static int ssl3_handshake_mac(SSL s, int md_nid, const char sender,	163	static int ssl3_handshake_mac(SSL s, int md_nid, const char sender,
164	int len, unsigned char *p);	164	int len, unsigned char *p);
165		165
166	static int
167	ssl3_generate_key_block(SSL s, unsigned char km, int num)
168	{
169	EVP_MD_CTX m5;
170	EVP_MD_CTX s1;
171	unsigned char buf[16], smd[SHA_DIGEST_LENGTH];
172	unsigned char c = 'A';
173	unsigned int i, j, k;
174
175	k = 0;
176	EVP_MD_CTX_init(&m5);
177	EVP_MD_CTX_init(&s1);
178	for (i = 0; (int)i < num; i += MD5_DIGEST_LENGTH) {
179	k++;
180	if (k > sizeof buf) {
181	/* bug: 'buf' is too small for this ciphersuite */
182	SSLerr(SSL_F_SSL3_GENERATE_KEY_BLOCK,
183	ERR_R_INTERNAL_ERROR);
184	return 0;
185	}
186
187	for (j = 0; j < k; j++)
188	buf[j] = c;
189	c++;
190	if (!EVP_DigestInit_ex(&s1, EVP_sha1(), NULL))
191	return 0;
192	EVP_DigestUpdate(&s1, buf, k);
193	EVP_DigestUpdate(&s1, s->session->master_key,
194	s->session->master_key_length);
195	EVP_DigestUpdate(&s1, s->s3->server_random, SSL3_RANDOM_SIZE);
196	EVP_DigestUpdate(&s1, s->s3->client_random, SSL3_RANDOM_SIZE);
197	EVP_DigestFinal_ex(&s1, smd, NULL);
198
199	if (!EVP_DigestInit_ex(&m5, EVP_md5(), NULL))
200	return 0;
201	EVP_DigestUpdate(&m5, s->session->master_key,
202	s->session->master_key_length);
203	EVP_DigestUpdate(&m5, smd, SHA_DIGEST_LENGTH);
204	if ((int)(i + MD5_DIGEST_LENGTH) > num) {
205	EVP_DigestFinal_ex(&m5, smd, NULL);
206	memcpy(km, smd, (num - i));
207	} else
208	EVP_DigestFinal_ex(&m5, km, NULL);
209
210	km += MD5_DIGEST_LENGTH;
211	}
212	explicit_bzero(smd, SHA_DIGEST_LENGTH);
213	EVP_MD_CTX_cleanup(&m5);
214	EVP_MD_CTX_cleanup(&s1);
215	return 1;
216	}
217
218	int	166	int
219	ssl3_change_cipher_state(SSL *s, int which)	167	ssl3_change_cipher_state(SSL *s, int which)
220	{	168	{
@@ -323,71 +271,6 @@ err2:
323	return (0);	271	return (0);
324	}	272	}
325		273
326	int
327	ssl3_setup_key_block(SSL *s)
328	{
329	int key_block_len, mac_len, key_len, iv_len;
330	unsigned char *key_block;
331	const EVP_CIPHER *cipher;
332	const EVP_MD *mac;
333	int ret = 0;
334
335	if (s->s3->tmp.key_block_length != 0)
336	return (1);
337
338	if (!ssl_cipher_get_evp(s->session, &cipher, &mac, NULL, NULL)) {
339	SSLerr(SSL_F_SSL3_SETUP_KEY_BLOCK,
340	SSL_R_CIPHER_OR_HASH_UNAVAILABLE);
341	return (0);
342	}
343
344	s->s3->tmp.new_sym_enc = cipher;
345	s->s3->tmp.new_hash = mac;
346
347	mac_len = EVP_MD_size(mac);
348	key_len = EVP_CIPHER_key_length(cipher);
349	iv_len = EVP_CIPHER_iv_length(cipher);
350
351	if (mac_len < 0)
352	return 0;
353
354	ssl3_cleanup_key_block(s);
355
356	if ((key_block = reallocarray(NULL, mac_len + key_len + iv_len, 2))
357	== NULL)
358	goto err;
359	key_block_len = (mac_len + key_len + iv_len) * 2;
360
361	s->s3->tmp.key_block_length = key_block_len;
362	s->s3->tmp.key_block = key_block;
363
364	ret = ssl3_generate_key_block(s, key_block, key_block_len);
365
366	if (!(s->options & SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS)) {
367	/*
368	* Enable vulnerability countermeasure for CBC ciphers with
369	* known-IV problem (http://www.openssl.org/~bodo/tls-cbc.txt)
370	*/
371	s->s3->need_empty_fragments = 1;
372
373	if (s->session->cipher != NULL) {
374	if (s->session->cipher->algorithm_enc == SSL_eNULL)
375	s->s3->need_empty_fragments = 0;
376
377	#ifndef OPENSSL_NO_RC4
378	if (s->session->cipher->algorithm_enc == SSL_RC4)
379	s->s3->need_empty_fragments = 0;
380	#endif
381	}
382	}
383
384	return ret;
385
386	err:
387	SSLerr(SSL_F_SSL3_SETUP_KEY_BLOCK, ERR_R_MALLOC_FAILURE);
388	return (0);
389	}
390
391	void	274	void
392	ssl3_cleanup_key_block(SSL *s)	275	ssl3_cleanup_key_block(SSL *s)
393	{	276	{


diff --git a/src/lib/libssl/src/ssl/ssl_locl.h b/src/lib/libssl/src/ssl/ssl_locl.h index 1b46e990de..939808e3fb 100644 --- a/src/lib/libssl/src/ssl/ssl_locl.h +++ b/src/lib/libssl/src/ssl/ssl_locl.h
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_locl.h,v 1.107 2015/09/11 16:56:17 jsing Exp $ */	1	/* $OpenBSD: ssl_locl.h,v 1.108 2015/09/11 16:59:17 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -602,7 +602,6 @@ int ssl3_send_server_certificate(SSL *s);
602	int ssl3_send_newsession_ticket(SSL *s);	602	int ssl3_send_newsession_ticket(SSL *s);
603	int ssl3_send_cert_status(SSL *s);	603	int ssl3_send_cert_status(SSL *s);
604	int ssl3_get_finished(SSL *s, int state_a, int state_b);	604	int ssl3_get_finished(SSL *s, int state_a, int state_b);
605	int ssl3_setup_key_block(SSL *s);
606	int ssl3_send_change_cipher_spec(SSL *s, int state_a, int state_b);	605	int ssl3_send_change_cipher_spec(SSL *s, int state_a, int state_b);
607	int ssl3_change_cipher_state(SSL *s, int which);	606	int ssl3_change_cipher_state(SSL *s, int which);
608	void ssl3_cleanup_key_block(SSL *s);	607	void ssl3_cleanup_key_block(SSL *s);


diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h index 1b46e990de..939808e3fb 100644 --- a/src/lib/libssl/ssl_locl.h +++ b/src/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_locl.h,v 1.107 2015/09/11 16:56:17 jsing Exp $ */	1	/* $OpenBSD: ssl_locl.h,v 1.108 2015/09/11 16:59:17 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -602,7 +602,6 @@ int ssl3_send_server_certificate(SSL *s);
602	int ssl3_send_newsession_ticket(SSL *s);	602	int ssl3_send_newsession_ticket(SSL *s);
603	int ssl3_send_cert_status(SSL *s);	603	int ssl3_send_cert_status(SSL *s);
604	int ssl3_get_finished(SSL *s, int state_a, int state_b);	604	int ssl3_get_finished(SSL *s, int state_a, int state_b);
605	int ssl3_setup_key_block(SSL *s);
606	int ssl3_send_change_cipher_spec(SSL *s, int state_a, int state_b);	605	int ssl3_send_change_cipher_spec(SSL *s, int state_a, int state_b);
607	int ssl3_change_cipher_state(SSL *s, int which);	606	int ssl3_change_cipher_state(SSL *s, int which);
608	void ssl3_cleanup_key_block(SSL *s);	607	void ssl3_cleanup_key_block(SSL *s);