1 files changed, 1 insertions, 63 deletions
diff --git a/src/lib/libssl/t1_enc.c b/src/lib/libssl/t1_enc.c
index 46238dc6c3..26d98522d0 100644
--- a/src/lib/libssl/t1_enc.c
+++ b/src/lib/libssl/t1_enc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: t1_enc.c,v 1.64 2014/07/08 16:05:52 beck Exp $ */
+/* $OpenBSD: t1_enc.c,v 1.65 2014/07/09 11:25:42 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -375,21 +375,12 @@ tls1_change_cipher_state_cipher(SSL *s, char is_read, char use_client_keys,
    const unsigned char *key, unsigned int key_len, const unsigned char *iv,
    unsigned int iv_len)
 {
-        static const unsigned char empty[] = "";
-        unsigned char export_tmp1[EVP_MAX_KEY_LENGTH];
-        unsigned char export_tmp2[EVP_MAX_KEY_LENGTH];
-        unsigned char export_iv1[EVP_MAX_IV_LENGTH * 2];
-        unsigned char export_iv2[EVP_MAX_IV_LENGTH * 2];
-        unsigned char *exp_label;
-        int exp_label_len;
        EVP_CIPHER_CTX *cipher_ctx;
        const EVP_CIPHER *cipher;
        EVP_MD_CTX *mac_ctx;
        const EVP_MD *mac;
        int mac_type;
-        int is_export;
-        is_export = SSL_C_IS_EXPORT(s->s3->tmp.new_cipher);
        cipher = s->s3->tmp.new_sym_enc;
        mac = s->s3->tmp.new_hash;
        mac_type = s->s3->tmp.new_mac_pkey_type;
@@ -438,41 +429,6 @@ tls1_change_cipher_state_cipher(SSL *s, char is_read, char use_client_keys,
                s->write_hash = mac_ctx;
        }
-        if (is_export) {
-                /*
-                 * Both the read and write key/iv are set to the same value
-                 * since only the correct one will be used :-).
-                 */
-                if (use_client_keys) {
-                        exp_label = TLS_MD_CLIENT_WRITE_KEY_CONST;
-                        exp_label_len = TLS_MD_CLIENT_WRITE_KEY_CONST_SIZE;
-                } else {
-                        exp_label = TLS_MD_SERVER_WRITE_KEY_CONST;
-                        exp_label_len = TLS_MD_SERVER_WRITE_KEY_CONST_SIZE;
-                }
-                if (!tls1_PRF(ssl_get_algorithm2(s), exp_label, exp_label_len,
-                    s->s3->client_random, SSL3_RANDOM_SIZE,
-                    s->s3->server_random, SSL3_RANDOM_SIZE,
-                    NULL, 0, NULL, 0, key, key_len, export_tmp1, export_tmp2,
-                    EVP_CIPHER_key_length(cipher)))
-                        goto err2;
-                key = export_tmp1;
-                if (iv_len > 0) {
-                        if (!tls1_PRF(ssl_get_algorithm2(s),
-                            TLS_MD_IV_BLOCK_CONST, TLS_MD_IV_BLOCK_CONST_SIZE,
-                            s->s3->client_random, SSL3_RANDOM_SIZE,
-                            s->s3->server_random, SSL3_RANDOM_SIZE,
-                            NULL, 0, NULL, 0, empty, 0,
-                            export_iv1, export_iv2, iv_len * 2))
-                                goto err2;
-                        if (use_client_keys)
-                                iv = export_iv1;
-                        else
-                                iv = &(export_iv1[iv_len]);
-                }
-        }
        if (EVP_CIPHER_mode(cipher) == EVP_CIPH_GCM_MODE) {
                EVP_CipherInit_ex(cipher_ctx, cipher, NULL, key, NULL,
                    !is_read);
@@ -494,18 +450,10 @@ tls1_change_cipher_state_cipher(SSL *s, char is_read, char use_client_keys,
                    mac_secret_size, (unsigned char *)mac_secret);
        }
-        if (is_export) {
-                OPENSSL_cleanse(export_tmp1, sizeof(export_tmp1));
-                OPENSSL_cleanse(export_tmp2, sizeof(export_tmp2));
-                OPENSSL_cleanse(export_iv1, sizeof(export_iv1));
-                OPENSSL_cleanse(export_iv2, sizeof(export_iv2));
-        }
        return (1);
 err:
        SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE_CIPHER, ERR_R_MALLOC_FAILURE);
-err2:
        return (0);
 }
@@ -521,13 +469,11 @@ tls1_change_cipher_state(SSL *s, int which)
        const EVP_CIPHER *cipher;
        const EVP_AEAD *aead;
        char is_read, use_client_keys;
-        int is_export;
 #ifndef OPENSSL_NO_COMP
        const SSL_COMP *comp;
 #endif
-        is_export = SSL_C_IS_EXPORT(s->s3->tmp.new_cipher);
        cipher = s->s3->tmp.new_sym_enc;
        aead = s->s3->tmp.new_aead;
@@ -598,10 +544,6 @@ tls1_change_cipher_state(SSL *s, int which)
                key_len = EVP_CIPHER_key_length(cipher);
                iv_len = EVP_CIPHER_iv_length(cipher);
-                if (is_export &&
-                    key_len > SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher))
-                        key_len = SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher);
                /* If GCM mode only part of IV comes from PRF. */
                if (EVP_CIPHER_mode(cipher) == EVP_CIPH_GCM_MODE)
                        iv_len = EVP_GCM_TLS_FIXED_IV_LEN;
@@ -700,10 +642,6 @@ tls1_setup_key_block(SSL *s)
                key_len = EVP_CIPHER_key_length(cipher);
                iv_len = EVP_CIPHER_iv_length(cipher);
-                if (SSL_C_IS_EXPORT(s->session->cipher) &&
-                    key_len > SSL_C_EXPORT_KEYLENGTH(s->session->cipher))
-                        key_len = SSL_C_EXPORT_KEYLENGTH(s->session->cipher);
                /* If GCM mode only part of IV comes from PRF. */ 
                if (EVP_CIPHER_mode(cipher) == EVP_CIPH_GCM_MODE)
                        iv_len = EVP_GCM_TLS_FIXED_IV_LEN;

diff --git a/src/lib/libssl/t1_enc.c b/src/lib/libssl/t1_enc.c index 46238dc6c3..26d98522d0 100644 --- a/src/lib/libssl/t1_enc.c +++ b/src/lib/libssl/t1_enc.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: t1_enc.c,v 1.64 2014/07/08 16:05:52 beck Exp $ */	1	/* $OpenBSD: t1_enc.c,v 1.65 2014/07/09 11:25:42 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -375,21 +375,12 @@ tls1_change_cipher_state_cipher(SSL *s, char is_read, char use_client_keys,
375	const unsigned char key, unsigned int key_len, const unsigned char iv,	375	const unsigned char key, unsigned int key_len, const unsigned char iv,
376	unsigned int iv_len)	376	unsigned int iv_len)
377	{	377	{
378	static const unsigned char empty[] = "";
379	unsigned char export_tmp1[EVP_MAX_KEY_LENGTH];
380	unsigned char export_tmp2[EVP_MAX_KEY_LENGTH];
381	unsigned char export_iv1[EVP_MAX_IV_LENGTH * 2];
382	unsigned char export_iv2[EVP_MAX_IV_LENGTH * 2];
383	unsigned char *exp_label;
384	int exp_label_len;
385	EVP_CIPHER_CTX *cipher_ctx;	378	EVP_CIPHER_CTX *cipher_ctx;
386	const EVP_CIPHER *cipher;	379	const EVP_CIPHER *cipher;
387	EVP_MD_CTX *mac_ctx;	380	EVP_MD_CTX *mac_ctx;
388	const EVP_MD *mac;	381	const EVP_MD *mac;
389	int mac_type;	382	int mac_type;
390	int is_export;
391		383
392	is_export = SSL_C_IS_EXPORT(s->s3->tmp.new_cipher);
393	cipher = s->s3->tmp.new_sym_enc;	384	cipher = s->s3->tmp.new_sym_enc;
394	mac = s->s3->tmp.new_hash;	385	mac = s->s3->tmp.new_hash;
395	mac_type = s->s3->tmp.new_mac_pkey_type;	386	mac_type = s->s3->tmp.new_mac_pkey_type;
@@ -438,41 +429,6 @@ tls1_change_cipher_state_cipher(SSL *s, char is_read, char use_client_keys,
438	s->write_hash = mac_ctx;	429	s->write_hash = mac_ctx;
439	}	430	}
440		431
441	if (is_export) {
442	/*
443	* Both the read and write key/iv are set to the same value
444	* since only the correct one will be used :-).
445	*/
446	if (use_client_keys) {
447	exp_label = TLS_MD_CLIENT_WRITE_KEY_CONST;
448	exp_label_len = TLS_MD_CLIENT_WRITE_KEY_CONST_SIZE;
449	} else {
450	exp_label = TLS_MD_SERVER_WRITE_KEY_CONST;
451	exp_label_len = TLS_MD_SERVER_WRITE_KEY_CONST_SIZE;
452	}
453	if (!tls1_PRF(ssl_get_algorithm2(s), exp_label, exp_label_len,
454	s->s3->client_random, SSL3_RANDOM_SIZE,
455	s->s3->server_random, SSL3_RANDOM_SIZE,
456	NULL, 0, NULL, 0, key, key_len, export_tmp1, export_tmp2,
457	EVP_CIPHER_key_length(cipher)))
458	goto err2;
459	key = export_tmp1;
460
461	if (iv_len > 0) {
462	if (!tls1_PRF(ssl_get_algorithm2(s),
463	TLS_MD_IV_BLOCK_CONST, TLS_MD_IV_BLOCK_CONST_SIZE,
464	s->s3->client_random, SSL3_RANDOM_SIZE,
465	s->s3->server_random, SSL3_RANDOM_SIZE,
466	NULL, 0, NULL, 0, empty, 0,
467	export_iv1, export_iv2, iv_len * 2))
468	goto err2;
469	if (use_client_keys)
470	iv = export_iv1;
471	else
472	iv = &(export_iv1[iv_len]);
473	}
474	}
475
476	if (EVP_CIPHER_mode(cipher) == EVP_CIPH_GCM_MODE) {	432	if (EVP_CIPHER_mode(cipher) == EVP_CIPH_GCM_MODE) {
477	EVP_CipherInit_ex(cipher_ctx, cipher, NULL, key, NULL,	433	EVP_CipherInit_ex(cipher_ctx, cipher, NULL, key, NULL,
478	!is_read);	434	!is_read);
@@ -494,18 +450,10 @@ tls1_change_cipher_state_cipher(SSL *s, char is_read, char use_client_keys,
494	mac_secret_size, (unsigned char *)mac_secret);	450	mac_secret_size, (unsigned char *)mac_secret);
495	}	451	}
496		452
497	if (is_export) {
498	OPENSSL_cleanse(export_tmp1, sizeof(export_tmp1));
499	OPENSSL_cleanse(export_tmp2, sizeof(export_tmp2));
500	OPENSSL_cleanse(export_iv1, sizeof(export_iv1));
501	OPENSSL_cleanse(export_iv2, sizeof(export_iv2));
502	}
503
504	return (1);	453	return (1);
505		454
506	err:	455	err:
507	SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE_CIPHER, ERR_R_MALLOC_FAILURE);	456	SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE_CIPHER, ERR_R_MALLOC_FAILURE);
508	err2:
509	return (0);	457	return (0);
510	}	458	}
511		459
@@ -521,13 +469,11 @@ tls1_change_cipher_state(SSL *s, int which)
521	const EVP_CIPHER *cipher;	469	const EVP_CIPHER *cipher;
522	const EVP_AEAD *aead;	470	const EVP_AEAD *aead;
523	char is_read, use_client_keys;	471	char is_read, use_client_keys;
524	int is_export;
525		472
526	#ifndef OPENSSL_NO_COMP	473	#ifndef OPENSSL_NO_COMP
527	const SSL_COMP *comp;	474	const SSL_COMP *comp;
528	#endif	475	#endif
529		476
530	is_export = SSL_C_IS_EXPORT(s->s3->tmp.new_cipher);
531	cipher = s->s3->tmp.new_sym_enc;	477	cipher = s->s3->tmp.new_sym_enc;
532	aead = s->s3->tmp.new_aead;	478	aead = s->s3->tmp.new_aead;
533		479
@@ -598,10 +544,6 @@ tls1_change_cipher_state(SSL *s, int which)
598	key_len = EVP_CIPHER_key_length(cipher);	544	key_len = EVP_CIPHER_key_length(cipher);
599	iv_len = EVP_CIPHER_iv_length(cipher);	545	iv_len = EVP_CIPHER_iv_length(cipher);
600		546
601	if (is_export &&
602	key_len > SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher))
603	key_len = SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher);
604
605	/* If GCM mode only part of IV comes from PRF. */	547	/* If GCM mode only part of IV comes from PRF. */
606	if (EVP_CIPHER_mode(cipher) == EVP_CIPH_GCM_MODE)	548	if (EVP_CIPHER_mode(cipher) == EVP_CIPH_GCM_MODE)
607	iv_len = EVP_GCM_TLS_FIXED_IV_LEN;	549	iv_len = EVP_GCM_TLS_FIXED_IV_LEN;
@@ -700,10 +642,6 @@ tls1_setup_key_block(SSL *s)
700	key_len = EVP_CIPHER_key_length(cipher);	642	key_len = EVP_CIPHER_key_length(cipher);
701	iv_len = EVP_CIPHER_iv_length(cipher);	643	iv_len = EVP_CIPHER_iv_length(cipher);
702		644
703	if (SSL_C_IS_EXPORT(s->session->cipher) &&
704	key_len > SSL_C_EXPORT_KEYLENGTH(s->session->cipher))
705	key_len = SSL_C_EXPORT_KEYLENGTH(s->session->cipher);
706
707	/* If GCM mode only part of IV comes from PRF. */	645	/* If GCM mode only part of IV comes from PRF. */
708	if (EVP_CIPHER_mode(cipher) == EVP_CIPH_GCM_MODE)	646	if (EVP_CIPHER_mode(cipher) == EVP_CIPH_GCM_MODE)
709	iv_len = EVP_GCM_TLS_FIXED_IV_LEN;	647	iv_len = EVP_GCM_TLS_FIXED_IV_LEN;