summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/lib/libssl/t1_enc.c51
1 files changed, 26 insertions, 25 deletions
diff --git a/src/lib/libssl/t1_enc.c b/src/lib/libssl/t1_enc.c
index 65abcbdcaf..a63da9c263 100644
--- a/src/lib/libssl/t1_enc.c
+++ b/src/lib/libssl/t1_enc.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: t1_enc.c,v 1.152 2021/10/23 15:02:27 jsing Exp $ */ 1/* $OpenBSD: t1_enc.c,v 1.153 2021/12/09 17:54:41 tb Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -164,8 +164,8 @@ tls1_P_hash(const EVP_MD *md, const unsigned char *secret, size_t secret_len,
164{ 164{
165 unsigned char A1[EVP_MAX_MD_SIZE], hmac[EVP_MAX_MD_SIZE]; 165 unsigned char A1[EVP_MAX_MD_SIZE], hmac[EVP_MAX_MD_SIZE];
166 size_t A1_len, hmac_len; 166 size_t A1_len, hmac_len;
167 EVP_MD_CTX ctx; 167 EVP_MD_CTX *ctx = NULL;
168 EVP_PKEY *mac_key; 168 EVP_PKEY *mac_key = NULL;
169 int ret = 0; 169 int ret = 0;
170 int chunk; 170 int chunk;
171 size_t i; 171 size_t i;
@@ -173,42 +173,43 @@ tls1_P_hash(const EVP_MD *md, const unsigned char *secret, size_t secret_len,
173 chunk = EVP_MD_size(md); 173 chunk = EVP_MD_size(md);
174 OPENSSL_assert(chunk >= 0); 174 OPENSSL_assert(chunk >= 0);
175 175
176 EVP_MD_CTX_init(&ctx); 176 if ((ctx = EVP_MD_CTX_new()) == NULL)
177 goto err;
177 178
178 mac_key = EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, NULL, secret, secret_len); 179 mac_key = EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, NULL, secret, secret_len);
179 if (!mac_key) 180 if (mac_key == NULL)
180 goto err; 181 goto err;
181 if (!EVP_DigestSignInit(&ctx, NULL, md, NULL, mac_key)) 182 if (!EVP_DigestSignInit(ctx, NULL, md, NULL, mac_key))
182 goto err; 183 goto err;
183 if (seed1 && !EVP_DigestSignUpdate(&ctx, seed1, seed1_len)) 184 if (seed1 && !EVP_DigestSignUpdate(ctx, seed1, seed1_len))
184 goto err; 185 goto err;
185 if (seed2 && !EVP_DigestSignUpdate(&ctx, seed2, seed2_len)) 186 if (seed2 && !EVP_DigestSignUpdate(ctx, seed2, seed2_len))
186 goto err; 187 goto err;
187 if (seed3 && !EVP_DigestSignUpdate(&ctx, seed3, seed3_len)) 188 if (seed3 && !EVP_DigestSignUpdate(ctx, seed3, seed3_len))
188 goto err; 189 goto err;
189 if (seed4 && !EVP_DigestSignUpdate(&ctx, seed4, seed4_len)) 190 if (seed4 && !EVP_DigestSignUpdate(ctx, seed4, seed4_len))
190 goto err; 191 goto err;
191 if (seed5 && !EVP_DigestSignUpdate(&ctx, seed5, seed5_len)) 192 if (seed5 && !EVP_DigestSignUpdate(ctx, seed5, seed5_len))
192 goto err; 193 goto err;
193 if (!EVP_DigestSignFinal(&ctx, A1, &A1_len)) 194 if (!EVP_DigestSignFinal(ctx, A1, &A1_len))
194 goto err; 195 goto err;
195 196
196 for (;;) { 197 for (;;) {
197 if (!EVP_DigestSignInit(&ctx, NULL, md, NULL, mac_key)) 198 if (!EVP_DigestSignInit(ctx, NULL, md, NULL, mac_key))
198 goto err; 199 goto err;
199 if (!EVP_DigestSignUpdate(&ctx, A1, A1_len)) 200 if (!EVP_DigestSignUpdate(ctx, A1, A1_len))
200 goto err; 201 goto err;
201 if (seed1 && !EVP_DigestSignUpdate(&ctx, seed1, seed1_len)) 202 if (seed1 && !EVP_DigestSignUpdate(ctx, seed1, seed1_len))
202 goto err; 203 goto err;
203 if (seed2 && !EVP_DigestSignUpdate(&ctx, seed2, seed2_len)) 204 if (seed2 && !EVP_DigestSignUpdate(ctx, seed2, seed2_len))
204 goto err; 205 goto err;
205 if (seed3 && !EVP_DigestSignUpdate(&ctx, seed3, seed3_len)) 206 if (seed3 && !EVP_DigestSignUpdate(ctx, seed3, seed3_len))
206 goto err; 207 goto err;
207 if (seed4 && !EVP_DigestSignUpdate(&ctx, seed4, seed4_len)) 208 if (seed4 && !EVP_DigestSignUpdate(ctx, seed4, seed4_len))
208 goto err; 209 goto err;
209 if (seed5 && !EVP_DigestSignUpdate(&ctx, seed5, seed5_len)) 210 if (seed5 && !EVP_DigestSignUpdate(ctx, seed5, seed5_len))
210 goto err; 211 goto err;
211 if (!EVP_DigestSignFinal(&ctx, hmac, &hmac_len)) 212 if (!EVP_DigestSignFinal(ctx, hmac, &hmac_len))
212 goto err; 213 goto err;
213 214
214 if (hmac_len > out_len) 215 if (hmac_len > out_len)
@@ -223,18 +224,18 @@ tls1_P_hash(const EVP_MD *md, const unsigned char *secret, size_t secret_len,
223 if (out_len == 0) 224 if (out_len == 0)
224 break; 225 break;
225 226
226 if (!EVP_DigestSignInit(&ctx, NULL, md, NULL, mac_key)) 227 if (!EVP_DigestSignInit(ctx, NULL, md, NULL, mac_key))
227 goto err; 228 goto err;
228 if (!EVP_DigestSignUpdate(&ctx, A1, A1_len)) 229 if (!EVP_DigestSignUpdate(ctx, A1, A1_len))
229 goto err; 230 goto err;
230 if (!EVP_DigestSignFinal(&ctx, A1, &A1_len)) 231 if (!EVP_DigestSignFinal(ctx, A1, &A1_len))
231 goto err; 232 goto err;
232 } 233 }
233 ret = 1; 234 ret = 1;
234 235
235 err: 236 err:
236 EVP_PKEY_free(mac_key); 237 EVP_PKEY_free(mac_key);
237 EVP_MD_CTX_cleanup(&ctx); 238 EVP_MD_CTX_free(ctx);
238 239
239 explicit_bzero(A1, sizeof(A1)); 240 explicit_bzero(A1, sizeof(A1));
240 explicit_bzero(hmac, sizeof(hmac)); 241 explicit_bzero(hmac, sizeof(hmac));
@@ -256,7 +257,7 @@ tls1_PRF(SSL *s, const unsigned char *secret, size_t secret_len,
256 if (!ssl_get_handshake_evp_md(s, &md)) 257 if (!ssl_get_handshake_evp_md(s, &md))
257 return (0); 258 return (0);
258 259
259 if (md->type == NID_md5_sha1) { 260 if (EVP_MD_type(md) == NID_md5_sha1) {
260 /* 261 /*
261 * Partition secret between MD5 and SHA1, then XOR result. 262 * Partition secret between MD5 and SHA1, then XOR result.
262 * If the secret length is odd, a one byte overlap is used. 263 * If the secret length is odd, a one byte overlap is used.
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-20 23:26:48 +0000