summaryrefslogtreecommitdiff
path: root/src/lib
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib')
-rw-r--r--src/lib/libcrypto/evp/e_aes_cbc_hmac_sha1.c20
1 files changed, 13 insertions, 7 deletions
diff --git a/src/lib/libcrypto/evp/e_aes_cbc_hmac_sha1.c b/src/lib/libcrypto/evp/e_aes_cbc_hmac_sha1.c
index f25b927aeb..9be17e36f2 100644
--- a/src/lib/libcrypto/evp/e_aes_cbc_hmac_sha1.c
+++ b/src/lib/libcrypto/evp/e_aes_cbc_hmac_sha1.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: e_aes_cbc_hmac_sha1.c,v 1.14 2016/11/05 10:47:57 miod Exp $ */ 1/* $OpenBSD: e_aes_cbc_hmac_sha1.c,v 1.15 2019/04/03 15:33:37 tb Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 2011-2013 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 2011-2013 The OpenSSL Project. All rights reserved.
4 * 4 *
@@ -249,7 +249,11 @@ aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
249 /* decrypt HMAC|padding at once */ 249 /* decrypt HMAC|padding at once */
250 aesni_cbc_encrypt(in, out, len, &key->ks, ctx->iv, 0); 250 aesni_cbc_encrypt(in, out, len, &key->ks, ctx->iv, 0);
251 251
252 if (plen) { /* "TLS" mode of operation */ 252 if (plen == 0 || plen == NO_PAYLOAD_LENGTH) {
253 SHA1_Update(&key->md, out, len);
254 } else if (plen < 4) {
255 return 0;
256 } else { /* "TLS" mode of operation */
253 size_t inp_len, mask, j, i; 257 size_t inp_len, mask, j, i;
254 unsigned int res, maxpad, pad, bitlen; 258 unsigned int res, maxpad, pad, bitlen;
255 int ret = 1; 259 int ret = 1;
@@ -459,8 +463,6 @@ aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
459 ret &= (int)~res; 463 ret &= (int)~res;
460#endif 464#endif
461 return ret; 465 return ret;
462 } else {
463 SHA1_Update(&key->md, out, len);
464 } 466 }
465 } 467 }
466 468
@@ -505,7 +507,13 @@ aesni_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
505 case EVP_CTRL_AEAD_TLS1_AAD: 507 case EVP_CTRL_AEAD_TLS1_AAD:
506 { 508 {
507 unsigned char *p = ptr; 509 unsigned char *p = ptr;
508 unsigned int len = p[arg - 2] << 8 | p[arg - 1]; 510 unsigned int len;
511
512 /* RFC 5246, 6.2.3.3: additional data has length 13 */
513 if (arg != 13)
514 return -1;
515
516 len = p[arg - 2] << 8 | p[arg - 1];
509 517
510 if (ctx->encrypt) { 518 if (ctx->encrypt) {
511 key->payload_length = len; 519 key->payload_length = len;
@@ -521,8 +529,6 @@ aesni_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
521 return (int)(((len + SHA_DIGEST_LENGTH + 529 return (int)(((len + SHA_DIGEST_LENGTH +
522 AES_BLOCK_SIZE) & -AES_BLOCK_SIZE) - len); 530 AES_BLOCK_SIZE) & -AES_BLOCK_SIZE) - len);
523 } else { 531 } else {
524 if (arg > 13)
525 arg = 13;
526 memcpy(key->aux.tls_aad, ptr, arg); 532 memcpy(key->aux.tls_aad, ptr, arg);
527 key->payload_length = arg; 533 key->payload_length = arg;
528 534
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-05-02 12:57:08 +0000