summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/lib/libssl/t1_lib.c36
1 files changed, 18 insertions, 18 deletions
diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c
index e83a9eaadf..2bae50f5b3 100644
--- a/src/lib/libssl/t1_lib.c
+++ b/src/lib/libssl/t1_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: t1_lib.c,v 1.161 2019/04/23 17:02:45 jsing Exp $ */ 1/* $OpenBSD: t1_lib.c,v 1.162 2019/04/25 04:48:56 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -878,15 +878,15 @@ tls_decrypt_ticket(SSL *s, CBS *session_id, CBS *ticket, SSL_SESSION **psess)
878 size_t session_id_len = 0; 878 size_t session_id_len = 0;
879 unsigned char *sdec = NULL; 879 unsigned char *sdec = NULL;
880 const unsigned char *p; 880 const unsigned char *p;
881 int slen, mlen, renew_ticket = 0; 881 int slen, hlen, renew_ticket = 0;
882 unsigned char hmac[EVP_MAX_MD_SIZE]; 882 unsigned char hmac[EVP_MAX_MD_SIZE];
883 HMAC_CTX hctx; 883 HMAC_CTX hctx;
884 EVP_CIPHER_CTX ctx; 884 EVP_CIPHER_CTX cctx;
885 SSL_CTX *tctx = s->initial_ctx; 885 SSL_CTX *tctx = s->initial_ctx;
886 int ret = -1; 886 int ret = -1;
887 887
888 HMAC_CTX_init(&hctx); 888 HMAC_CTX_init(&hctx);
889 EVP_CIPHER_CTX_init(&ctx); 889 EVP_CIPHER_CTX_init(&cctx);
890 890
891 *psess = NULL; 891 *psess = NULL;
892 892
@@ -910,7 +910,7 @@ tls_decrypt_ticket(SSL *s, CBS *session_id, CBS *ticket, SSL_SESSION **psess)
910 910
911 if ((rv = tctx->internal->tlsext_ticket_key_cb(s, 911 if ((rv = tctx->internal->tlsext_ticket_key_cb(s,
912 (unsigned char *)CBS_data(&ticket_name), 912 (unsigned char *)CBS_data(&ticket_name),
913 (unsigned char *)CBS_data(ticket), &ctx, &hctx, 0)) < 0) 913 (unsigned char *)CBS_data(ticket), &cctx, &hctx, 0)) < 0)
914 goto err; 914 goto err;
915 if (rv == 0) 915 if (rv == 0)
916 goto derr; 916 goto derr;
@@ -922,7 +922,7 @@ tls_decrypt_ticket(SSL *s, CBS *session_id, CBS *ticket, SSL_SESSION **psess)
922 * the IV since its length is known. 922 * the IV since its length is known.
923 */ 923 */
924 if (!CBS_get_bytes(ticket, &ticket_iv, 924 if (!CBS_get_bytes(ticket, &ticket_iv,
925 EVP_CIPHER_CTX_iv_length(&ctx))) 925 EVP_CIPHER_CTX_iv_length(&cctx)))
926 goto derr; 926 goto derr;
927 } else { 927 } else {
928 /* Check that the key name matches. */ 928 /* Check that the key name matches. */
@@ -936,7 +936,7 @@ tls_decrypt_ticket(SSL *s, CBS *session_id, CBS *ticket, SSL_SESSION **psess)
936 if (!CBS_get_bytes(ticket, &ticket_iv, 936 if (!CBS_get_bytes(ticket, &ticket_iv,
937 EVP_CIPHER_iv_length(EVP_aes_128_cbc()))) 937 EVP_CIPHER_iv_length(EVP_aes_128_cbc())))
938 goto derr; 938 goto derr;
939 EVP_DecryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, 939 EVP_DecryptInit_ex(&cctx, EVP_aes_128_cbc(), NULL,
940 tctx->internal->tlsext_tick_aes_key, CBS_data(&ticket_iv)); 940 tctx->internal->tlsext_tick_aes_key, CBS_data(&ticket_iv));
941 } 941 }
942 942
@@ -944,14 +944,14 @@ tls_decrypt_ticket(SSL *s, CBS *session_id, CBS *ticket, SSL_SESSION **psess)
944 * Attempt to process session ticket. 944 * Attempt to process session ticket.
945 */ 945 */
946 946
947 if ((mlen = HMAC_size(&hctx)) < 0) 947 if ((hlen = HMAC_size(&hctx)) < 0)
948 goto err; 948 goto err;
949 949
950 if (mlen > CBS_len(ticket)) 950 if (hlen > CBS_len(ticket))
951 goto derr; 951 goto derr;
952 if (!CBS_get_bytes(ticket, &ticket_encdata, CBS_len(ticket) - mlen)) 952 if (!CBS_get_bytes(ticket, &ticket_encdata, CBS_len(ticket) - hlen))
953 goto derr; 953 goto derr;
954 if (!CBS_get_bytes(ticket, &ticket_hmac, mlen)) 954 if (!CBS_get_bytes(ticket, &ticket_hmac, hlen))
955 goto derr; 955 goto derr;
956 if (CBS_len(ticket) != 0) 956 if (CBS_len(ticket) != 0)
957 goto err; 957 goto err;
@@ -966,28 +966,28 @@ tls_decrypt_ticket(SSL *s, CBS *session_id, CBS *ticket, SSL_SESSION **psess)
966 if (HMAC_Update(&hctx, CBS_data(&ticket_encdata), 966 if (HMAC_Update(&hctx, CBS_data(&ticket_encdata),
967 CBS_len(&ticket_encdata)) <= 0) 967 CBS_len(&ticket_encdata)) <= 0)
968 goto err; 968 goto err;
969 if (HMAC_Final(&hctx, hmac, &mlen) <= 0) 969 if (HMAC_Final(&hctx, hmac, &hlen) <= 0)
970 goto err; 970 goto err;
971 971
972 if (!CBS_mem_equal(&ticket_hmac, hmac, mlen)) 972 if (!CBS_mem_equal(&ticket_hmac, hmac, hlen))
973 goto derr; 973 goto derr;
974 974
975 /* Attempt to decrypt session data. */ 975 /* Attempt to decrypt session data. */
976 if ((sdec = malloc(CBS_len(&ticket_encdata))) == NULL) 976 if ((sdec = malloc(CBS_len(&ticket_encdata))) == NULL)
977 goto err; 977 goto err;
978 if (EVP_DecryptUpdate(&ctx, sdec, &slen, CBS_data(&ticket_encdata), 978 if (EVP_DecryptUpdate(&cctx, sdec, &slen, CBS_data(&ticket_encdata),
979 CBS_len(&ticket_encdata)) <= 0) 979 CBS_len(&ticket_encdata)) <= 0)
980 goto derr; 980 goto derr;
981 if (EVP_DecryptFinal_ex(&ctx, sdec + slen, &mlen) <= 0) 981 if (EVP_DecryptFinal_ex(&cctx, sdec + slen, &hlen) <= 0)
982 goto derr; 982 goto derr;
983 983
984 slen += mlen; 984 slen += hlen;
985 p = sdec;
986 985
987 /* 986 /*
988 * For session parse failures, indicate that we need to send a new 987 * For session parse failures, indicate that we need to send a new
989 * ticket. 988 * ticket.
990 */ 989 */
990 p = sdec;
991 if ((sess = d2i_SSL_SESSION(NULL, &p, slen)) == NULL) 991 if ((sess = d2i_SSL_SESSION(NULL, &p, slen)) == NULL)
992 goto derr; 992 goto derr;
993 993
@@ -1022,7 +1022,7 @@ tls_decrypt_ticket(SSL *s, CBS *session_id, CBS *ticket, SSL_SESSION **psess)
1022 done: 1022 done:
1023 free(sdec); 1023 free(sdec);
1024 HMAC_CTX_cleanup(&hctx); 1024 HMAC_CTX_cleanup(&hctx);
1025 EVP_CIPHER_CTX_cleanup(&ctx); 1025 EVP_CIPHER_CTX_cleanup(&cctx);
1026 SSL_SESSION_free(sess); 1026 SSL_SESSION_free(sess);
1027 1027
1028 if (ret == 2) 1028 if (ret == 2)
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-22 06:33:17 +0000