diff options
Diffstat (limited to 'src/lib/libssl/s3_clnt.c')
| -rw-r--r-- | src/lib/libssl/s3_clnt.c | 22 |
1 files changed, 12 insertions, 10 deletions
diff --git a/src/lib/libssl/s3_clnt.c b/src/lib/libssl/s3_clnt.c index a70e5492a3..7a327a76a3 100644 --- a/src/lib/libssl/s3_clnt.c +++ b/src/lib/libssl/s3_clnt.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: s3_clnt.c,v 1.147 2016/12/03 12:38:10 jsing Exp $ */ | 1 | /* $OpenBSD: s3_clnt.c,v 1.148 2016/12/04 14:25:44 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -1877,12 +1877,16 @@ static int | |||
| 1877 | ssl3_send_client_kex_rsa(SSL *s, SESS_CERT *sess_cert, unsigned char *p, | 1877 | ssl3_send_client_kex_rsa(SSL *s, SESS_CERT *sess_cert, unsigned char *p, |
| 1878 | int *outlen) | 1878 | int *outlen) |
| 1879 | { | 1879 | { |
| 1880 | unsigned char tmp_buf[SSL_MAX_MASTER_KEY_LENGTH]; | 1880 | unsigned char pms[SSL_MAX_MASTER_KEY_LENGTH]; |
| 1881 | EVP_PKEY *pkey = NULL; | 1881 | EVP_PKEY *pkey = NULL; |
| 1882 | unsigned char *q; | 1882 | unsigned char *q; |
| 1883 | int ret = -1; | 1883 | int ret = -1; |
| 1884 | int n; | 1884 | int n; |
| 1885 | 1885 | ||
| 1886 | /* | ||
| 1887 | * RSA-Encrypted Premaster Secret Message - RFC 5246 section 7.4.7.1. | ||
| 1888 | */ | ||
| 1889 | |||
| 1886 | pkey = X509_get_pubkey(sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509); | 1890 | pkey = X509_get_pubkey(sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509); |
| 1887 | if (pkey == NULL || pkey->type != EVP_PKEY_RSA || | 1891 | if (pkey == NULL || pkey->type != EVP_PKEY_RSA || |
| 1888 | pkey->pkey.rsa == NULL) { | 1892 | pkey->pkey.rsa == NULL) { |
| @@ -1891,16 +1895,14 @@ ssl3_send_client_kex_rsa(SSL *s, SESS_CERT *sess_cert, unsigned char *p, | |||
| 1891 | goto err; | 1895 | goto err; |
| 1892 | } | 1896 | } |
| 1893 | 1897 | ||
| 1894 | tmp_buf[0] = s->client_version >> 8; | 1898 | pms[0] = s->client_version >> 8; |
| 1895 | tmp_buf[1] = s->client_version & 0xff; | 1899 | pms[1] = s->client_version & 0xff; |
| 1896 | arc4random_buf(&tmp_buf[2], sizeof(tmp_buf) - 2); | 1900 | arc4random_buf(&pms[2], sizeof(pms) - 2); |
| 1897 | |||
| 1898 | s->session->master_key_length = sizeof(tmp_buf); | ||
| 1899 | 1901 | ||
| 1900 | q = p; | 1902 | q = p; |
| 1901 | p += 2; | 1903 | p += 2; |
| 1902 | 1904 | ||
| 1903 | n = RSA_public_encrypt(sizeof(tmp_buf), tmp_buf, p, pkey->pkey.rsa, | 1905 | n = RSA_public_encrypt(sizeof(pms), pms, p, pkey->pkey.rsa, |
| 1904 | RSA_PKCS1_PADDING); | 1906 | RSA_PKCS1_PADDING); |
| 1905 | if (n <= 0) { | 1907 | if (n <= 0) { |
| 1906 | SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, | 1908 | SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, |
| @@ -1913,13 +1915,13 @@ ssl3_send_client_kex_rsa(SSL *s, SESS_CERT *sess_cert, unsigned char *p, | |||
| 1913 | 1915 | ||
| 1914 | s->session->master_key_length = | 1916 | s->session->master_key_length = |
| 1915 | s->method->ssl3_enc->generate_master_secret(s, | 1917 | s->method->ssl3_enc->generate_master_secret(s, |
| 1916 | s->session->master_key, tmp_buf, sizeof(tmp_buf)); | 1918 | s->session->master_key, pms, sizeof(pms)); |
| 1917 | 1919 | ||
| 1918 | *outlen = n; | 1920 | *outlen = n; |
| 1919 | ret = 1; | 1921 | ret = 1; |
| 1920 | 1922 | ||
| 1921 | err: | 1923 | err: |
| 1922 | explicit_bzero(tmp_buf, sizeof(tmp_buf)); | 1924 | explicit_bzero(pms, sizeof(pms)); |
| 1923 | EVP_PKEY_free(pkey); | 1925 | EVP_PKEY_free(pkey); |
| 1924 | 1926 | ||
| 1925 | return (ret); | 1927 | return (ret); |