diff options
Diffstat (limited to 'src/lib/libssl/t1_enc.c')
| -rw-r--r-- | src/lib/libssl/t1_enc.c | 50 | 
1 files changed, 25 insertions, 25 deletions
| diff --git a/src/lib/libssl/t1_enc.c b/src/lib/libssl/t1_enc.c index 3146388c73..497b767d57 100644 --- a/src/lib/libssl/t1_enc.c +++ b/src/lib/libssl/t1_enc.c | |||
| @@ -313,22 +313,22 @@ tls1_change_cipher_state(SSL *s, int which) | |||
| 313 | int mac_secret_size, key_len, iv_len; | 313 | int mac_secret_size, key_len, iv_len; | 
| 314 | unsigned char *key_block, *exp_label; | 314 | unsigned char *key_block, *exp_label; | 
| 315 | 315 | ||
| 316 | EVP_CIPHER_CTX *dd; | 316 | EVP_CIPHER_CTX *cipher_ctx; | 
| 317 | const EVP_CIPHER *c; | 317 | const EVP_CIPHER *cipher; | 
| 318 | #ifndef OPENSSL_NO_COMP | 318 | #ifndef OPENSSL_NO_COMP | 
| 319 | const SSL_COMP *comp; | 319 | const SSL_COMP *comp; | 
| 320 | #endif | 320 | #endif | 
| 321 | const EVP_MD *m; | 321 | const EVP_MD *mac; | 
| 322 | int mac_type; | 322 | int mac_type; | 
| 323 | EVP_MD_CTX *mac_ctx; | 323 | EVP_MD_CTX *mac_ctx; | 
| 324 | EVP_PKEY *mac_key; | 324 | EVP_PKEY *mac_key; | 
| 325 | int is_export, exp_label_len; | 325 | int is_export, exp_label_len; | 
| 326 | int reuse_dd = 0; | ||
| 327 | char is_read, use_client_keys; | 326 | char is_read, use_client_keys; | 
| 327 | int reuse_dd = 0; | ||
| 328 | 328 | ||
| 329 | is_export = SSL_C_IS_EXPORT(s->s3->tmp.new_cipher); | 329 | is_export = SSL_C_IS_EXPORT(s->s3->tmp.new_cipher); | 
| 330 | c = s->s3->tmp.new_sym_enc; | 330 | cipher = s->s3->tmp.new_sym_enc; | 
| 331 | m = s->s3->tmp.new_hash; | 331 | mac = s->s3->tmp.new_hash; | 
| 332 | mac_type = s->s3->tmp.new_mac_pkey_type; | 332 | mac_type = s->s3->tmp.new_mac_pkey_type; | 
| 333 | 333 | ||
| 334 | /* | 334 | /* | 
| @@ -396,7 +396,7 @@ tls1_change_cipher_state(SSL *s, int which) | |||
| 396 | /* make sure it's intialized in case we exit later with an error */ | 396 | /* make sure it's intialized in case we exit later with an error */ | 
| 397 | EVP_CIPHER_CTX_init(s->enc_read_ctx); | 397 | EVP_CIPHER_CTX_init(s->enc_read_ctx); | 
| 398 | } | 398 | } | 
| 399 | dd = s->enc_read_ctx; | 399 | cipher_ctx = s->enc_read_ctx; | 
| 400 | 400 | ||
| 401 | ssl_clear_hash_ctx(&s->read_hash); | 401 | ssl_clear_hash_ctx(&s->read_hash); | 
| 402 | if ((mac_ctx = EVP_MD_CTX_create()) == NULL) | 402 | if ((mac_ctx = EVP_MD_CTX_create()) == NULL) | 
| @@ -415,7 +415,7 @@ tls1_change_cipher_state(SSL *s, int which) | |||
| 415 | reuse_dd = 1; | 415 | reuse_dd = 1; | 
| 416 | else if ((s->enc_write_ctx = EVP_CIPHER_CTX_new()) == NULL) | 416 | else if ((s->enc_write_ctx = EVP_CIPHER_CTX_new()) == NULL) | 
| 417 | goto err; | 417 | goto err; | 
| 418 | dd = s->enc_write_ctx; | 418 | cipher_ctx = s->enc_write_ctx; | 
| 419 | 419 | ||
| 420 | /* | 420 | /* | 
| 421 | * DTLS fragments retain a pointer to the compression, cipher | 421 | * DTLS fragments retain a pointer to the compression, cipher | 
| @@ -436,19 +436,19 @@ tls1_change_cipher_state(SSL *s, int which) | |||
| 436 | } | 436 | } | 
| 437 | 437 | ||
| 438 | if (reuse_dd) | 438 | if (reuse_dd) | 
| 439 | EVP_CIPHER_CTX_cleanup(dd); | 439 | EVP_CIPHER_CTX_cleanup(cipher_ctx); | 
| 440 | 440 | ||
| 441 | key_len = EVP_CIPHER_key_length(c); | 441 | key_len = EVP_CIPHER_key_length(cipher); | 
| 442 | if (is_export) { | 442 | if (is_export) { | 
| 443 | if (key_len > SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher)) | 443 | if (key_len > SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher)) | 
| 444 | key_len = SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher); | 444 | key_len = SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher); | 
| 445 | } | 445 | } | 
| 446 | 446 | ||
| 447 | /* If GCM mode only part of IV comes from PRF. */ | 447 | /* If GCM mode only part of IV comes from PRF. */ | 
| 448 | if (EVP_CIPHER_mode(c) == EVP_CIPH_GCM_MODE) | 448 | if (EVP_CIPHER_mode(cipher) == EVP_CIPH_GCM_MODE) | 
| 449 | iv_len = EVP_GCM_TLS_FIXED_IV_LEN; | 449 | iv_len = EVP_GCM_TLS_FIXED_IV_LEN; | 
| 450 | else | 450 | else | 
| 451 | iv_len = EVP_CIPHER_iv_length(c); | 451 | iv_len = EVP_CIPHER_iv_length(cipher); | 
| 452 | 452 | ||
| 453 | mac_secret_size = s->s3->tmp.new_mac_secret_size; | 453 | mac_secret_size = s->s3->tmp.new_mac_secret_size; | 
| 454 | 454 | ||
| @@ -493,10 +493,10 @@ tls1_change_cipher_state(SSL *s, int which) | |||
| 493 | s->s3->write_mac_secret_size = mac_secret_size; | 493 | s->s3->write_mac_secret_size = mac_secret_size; | 
| 494 | } | 494 | } | 
| 495 | 495 | ||
| 496 | if (!(EVP_CIPHER_flags(c) & EVP_CIPH_FLAG_AEAD_CIPHER)) { | 496 | if (!(EVP_CIPHER_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER)) { | 
| 497 | mac_key = EVP_PKEY_new_mac_key(mac_type, NULL, | 497 | mac_key = EVP_PKEY_new_mac_key(mac_type, NULL, | 
| 498 | mac_secret, mac_secret_size); | 498 | mac_secret, mac_secret_size); | 
| 499 | EVP_DigestSignInit(mac_ctx, NULL, m, NULL, mac_key); | 499 | EVP_DigestSignInit(mac_ctx, NULL, mac, NULL, mac_key); | 
| 500 | EVP_PKEY_free(mac_key); | 500 | EVP_PKEY_free(mac_key); | 
| 501 | } | 501 | } | 
| 502 | if (is_export) { | 502 | if (is_export) { | 
| @@ -508,7 +508,7 @@ tls1_change_cipher_state(SSL *s, int which) | |||
| 508 | s->s3->client_random, SSL3_RANDOM_SIZE, | 508 | s->s3->client_random, SSL3_RANDOM_SIZE, | 
| 509 | s->s3->server_random, SSL3_RANDOM_SIZE, | 509 | s->s3->server_random, SSL3_RANDOM_SIZE, | 
| 510 | NULL, 0, NULL, 0, key, key_len, tmp1, tmp2, | 510 | NULL, 0, NULL, 0, key, key_len, tmp1, tmp2, | 
| 511 | EVP_CIPHER_key_length(c))) | 511 | EVP_CIPHER_key_length(cipher))) | 
| 512 | goto err2; | 512 | goto err2; | 
| 513 | key = tmp1; | 513 | key = tmp1; | 
| 514 | 514 | ||
| @@ -527,19 +527,19 @@ tls1_change_cipher_state(SSL *s, int which) | |||
| 527 | } | 527 | } | 
| 528 | 528 | ||
| 529 | 529 | ||
| 530 | if (EVP_CIPHER_mode(c) == EVP_CIPH_GCM_MODE) { | 530 | if (EVP_CIPHER_mode(cipher) == EVP_CIPH_GCM_MODE) { | 
| 531 | EVP_CipherInit_ex(dd, c, NULL, key, NULL, | 531 | EVP_CipherInit_ex(cipher_ctx, cipher, NULL, key, NULL, | 
| 532 | (which & SSL3_CC_WRITE)); | 532 | (which & SSL3_CC_WRITE)); | 
| 533 | EVP_CIPHER_CTX_ctrl(dd, EVP_CTRL_GCM_SET_IV_FIXED, iv_len, | 533 | EVP_CIPHER_CTX_ctrl(cipher_ctx, EVP_CTRL_GCM_SET_IV_FIXED, | 
| 534 | (unsigned char *)iv); | 534 | iv_len, (unsigned char *)iv); | 
| 535 | } else | 535 | } else | 
| 536 | EVP_CipherInit_ex(dd, c, NULL, key, iv, | 536 | EVP_CipherInit_ex(cipher_ctx, cipher, NULL, key, iv, | 
| 537 | (which & SSL3_CC_WRITE)); | 537 | (which & SSL3_CC_WRITE)); | 
| 538 | 538 | ||
| 539 | /* Needed for "composite" AEADs, such as RC4-HMAC-MD5 */ | 539 | /* Needed for "composite" AEADs, such as RC4-HMAC-MD5 */ | 
| 540 | if ((EVP_CIPHER_flags(c) & EVP_CIPH_FLAG_AEAD_CIPHER) && | 540 | if ((EVP_CIPHER_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER) && | 
| 541 | mac_secret_size) | 541 | mac_secret_size) | 
| 542 | EVP_CIPHER_CTX_ctrl(dd, EVP_CTRL_AEAD_SET_MAC_KEY, | 542 | EVP_CIPHER_CTX_ctrl(cipher_ctx, EVP_CTRL_AEAD_SET_MAC_KEY, | 
| 543 | mac_secret_size, (unsigned char *)mac_secret); | 543 | mac_secret_size, (unsigned char *)mac_secret); | 
| 544 | 544 | ||
| 545 | OPENSSL_cleanse(tmp1, sizeof(tmp1)); | 545 | OPENSSL_cleanse(tmp1, sizeof(tmp1)); | 
| @@ -561,7 +561,7 @@ tls1_setup_key_block(SSL *s) | |||
| 561 | int mac_type = NID_undef, mac_secret_size = 0; | 561 | int mac_type = NID_undef, mac_secret_size = 0; | 
| 562 | int key_block_len, key_len, iv_len; | 562 | int key_block_len, key_len, iv_len; | 
| 563 | const EVP_CIPHER *cipher; | 563 | const EVP_CIPHER *cipher; | 
| 564 | const EVP_MD *hash; | 564 | const EVP_MD *mac; | 
| 565 | SSL_COMP *comp; | 565 | SSL_COMP *comp; | 
| 566 | int ret = 0; | 566 | int ret = 0; | 
| 567 | 567 | ||
| @@ -574,7 +574,7 @@ tls1_setup_key_block(SSL *s) | |||
| 574 | return (0); | 574 | return (0); | 
| 575 | } | 575 | } | 
| 576 | 576 | ||
| 577 | if (!ssl_cipher_get_evp(s->session, &cipher, &hash, &mac_type, | 577 | if (!ssl_cipher_get_evp(s->session, &cipher, &mac, &mac_type, | 
| 578 | &mac_secret_size)) { | 578 | &mac_secret_size)) { | 
| 579 | SSLerr(SSL_F_TLS1_SETUP_KEY_BLOCK, | 579 | SSLerr(SSL_F_TLS1_SETUP_KEY_BLOCK, | 
| 580 | SSL_R_CIPHER_OR_HASH_UNAVAILABLE); | 580 | SSL_R_CIPHER_OR_HASH_UNAVAILABLE); | 
| @@ -589,7 +589,7 @@ tls1_setup_key_block(SSL *s) | |||
| 589 | iv_len = EVP_CIPHER_iv_length(cipher); | 589 | iv_len = EVP_CIPHER_iv_length(cipher); | 
| 590 | 590 | ||
| 591 | s->s3->tmp.new_sym_enc = cipher; | 591 | s->s3->tmp.new_sym_enc = cipher; | 
| 592 | s->s3->tmp.new_hash = hash; | 592 | s->s3->tmp.new_hash = mac; | 
| 593 | s->s3->tmp.new_mac_pkey_type = mac_type; | 593 | s->s3->tmp.new_mac_pkey_type = mac_type; | 
| 594 | s->s3->tmp.new_mac_secret_size = mac_secret_size; | 594 | s->s3->tmp.new_mac_secret_size = mac_secret_size; | 
| 595 | key_block_len = (mac_secret_size + key_len + iv_len) * 2; | 595 | key_block_len = (mac_secret_size + key_len + iv_len) * 2; | 
