diff options
Diffstat (limited to 'src/lib')
| -rw-r--r-- | src/lib/libssl/src/ssl/t1_enc.c | 33 | ||||
| -rw-r--r-- | src/lib/libssl/t1_enc.c | 33 |
2 files changed, 36 insertions, 30 deletions
diff --git a/src/lib/libssl/src/ssl/t1_enc.c b/src/lib/libssl/src/ssl/t1_enc.c index 87e241edca..c20682a129 100644 --- a/src/lib/libssl/src/ssl/t1_enc.c +++ b/src/lib/libssl/src/ssl/t1_enc.c | |||
| @@ -300,11 +300,11 @@ tls1_generate_key_block(SSL *s, unsigned char *km, unsigned char *tmp, int num) | |||
| 300 | int | 300 | int |
| 301 | tls1_change_cipher_state(SSL *s, int which) | 301 | tls1_change_cipher_state(SSL *s, int which) |
| 302 | { | 302 | { |
| 303 | static const unsigned char empty[]=""; | 303 | static const unsigned char empty[] = ""; |
| 304 | unsigned char tmp1[EVP_MAX_KEY_LENGTH]; | 304 | unsigned char export_tmp1[EVP_MAX_KEY_LENGTH]; |
| 305 | unsigned char tmp2[EVP_MAX_KEY_LENGTH]; | 305 | unsigned char export_tmp2[EVP_MAX_KEY_LENGTH]; |
| 306 | unsigned char iv1[EVP_MAX_IV_LENGTH*2]; | 306 | unsigned char export_iv1[EVP_MAX_IV_LENGTH * 2]; |
| 307 | unsigned char iv2[EVP_MAX_IV_LENGTH*2]; | 307 | unsigned char export_iv2[EVP_MAX_IV_LENGTH * 2]; |
| 308 | 308 | ||
| 309 | const unsigned char *client_write_mac_secret, *server_write_mac_secret; | 309 | const unsigned char *client_write_mac_secret, *server_write_mac_secret; |
| 310 | const unsigned char *client_write_key, *server_write_key; | 310 | const unsigned char *client_write_key, *server_write_key; |
| @@ -503,26 +503,26 @@ tls1_change_cipher_state(SSL *s, int which) | |||
| 503 | exp_label, exp_label_len, | 503 | exp_label, exp_label_len, |
| 504 | s->s3->client_random, SSL3_RANDOM_SIZE, | 504 | s->s3->client_random, SSL3_RANDOM_SIZE, |
| 505 | s->s3->server_random, SSL3_RANDOM_SIZE, | 505 | s->s3->server_random, SSL3_RANDOM_SIZE, |
| 506 | NULL, 0, NULL, 0, key, key_len, tmp1, tmp2, | 506 | NULL, 0, NULL, 0, key, key_len, export_tmp1, export_tmp2, |
| 507 | EVP_CIPHER_key_length(cipher))) | 507 | EVP_CIPHER_key_length(cipher))) |
| 508 | goto err2; | 508 | goto err2; |
| 509 | key = tmp1; | 509 | key = export_tmp1; |
| 510 | 510 | ||
| 511 | if (iv_len > 0) { | 511 | if (iv_len > 0) { |
| 512 | if (!tls1_PRF(ssl_get_algorithm2(s), | 512 | if (!tls1_PRF(ssl_get_algorithm2(s), |
| 513 | TLS_MD_IV_BLOCK_CONST, TLS_MD_IV_BLOCK_CONST_SIZE, | 513 | TLS_MD_IV_BLOCK_CONST, TLS_MD_IV_BLOCK_CONST_SIZE, |
| 514 | s->s3->client_random, SSL3_RANDOM_SIZE, | 514 | s->s3->client_random, SSL3_RANDOM_SIZE, |
| 515 | s->s3->server_random, SSL3_RANDOM_SIZE, | 515 | s->s3->server_random, SSL3_RANDOM_SIZE, |
| 516 | NULL, 0, NULL, 0, empty, 0, iv1, iv2, iv_len * 2)) | 516 | NULL, 0, NULL, 0, empty, 0, |
| 517 | export_iv1, export_iv2, iv_len * 2)) | ||
| 517 | goto err2; | 518 | goto err2; |
| 518 | if (use_client_keys) | 519 | if (use_client_keys) |
| 519 | iv = iv1; | 520 | iv = export_iv1; |
| 520 | else | 521 | else |
| 521 | iv = &(iv1[iv_len]); | 522 | iv = &(export_iv1[iv_len]); |
| 522 | } | 523 | } |
| 523 | } | 524 | } |
| 524 | 525 | ||
| 525 | |||
| 526 | if (EVP_CIPHER_mode(cipher) == EVP_CIPH_GCM_MODE) { | 526 | if (EVP_CIPHER_mode(cipher) == EVP_CIPH_GCM_MODE) { |
| 527 | EVP_CipherInit_ex(cipher_ctx, cipher, NULL, key, NULL, | 527 | EVP_CipherInit_ex(cipher_ctx, cipher, NULL, key, NULL, |
| 528 | (which & SSL3_CC_WRITE)); | 528 | (which & SSL3_CC_WRITE)); |
| @@ -538,10 +538,13 @@ tls1_change_cipher_state(SSL *s, int which) | |||
| 538 | EVP_CIPHER_CTX_ctrl(cipher_ctx, EVP_CTRL_AEAD_SET_MAC_KEY, | 538 | EVP_CIPHER_CTX_ctrl(cipher_ctx, EVP_CTRL_AEAD_SET_MAC_KEY, |
| 539 | mac_secret_size, (unsigned char *)mac_secret); | 539 | mac_secret_size, (unsigned char *)mac_secret); |
| 540 | 540 | ||
| 541 | OPENSSL_cleanse(tmp1, sizeof(tmp1)); | 541 | if (is_export) { |
| 542 | OPENSSL_cleanse(tmp2, sizeof(tmp2)); | 542 | OPENSSL_cleanse(export_tmp1, sizeof(export_tmp1)); |
| 543 | OPENSSL_cleanse(iv1, sizeof(iv1)); | 543 | OPENSSL_cleanse(export_tmp2, sizeof(export_tmp2)); |
| 544 | OPENSSL_cleanse(iv2, sizeof(iv2)); | 544 | OPENSSL_cleanse(export_iv1, sizeof(export_iv1)); |
| 545 | OPENSSL_cleanse(export_iv2, sizeof(export_iv2)); | ||
| 546 | } | ||
| 547 | |||
| 545 | return (1); | 548 | return (1); |
| 546 | 549 | ||
| 547 | err: | 550 | err: |
diff --git a/src/lib/libssl/t1_enc.c b/src/lib/libssl/t1_enc.c index 87e241edca..c20682a129 100644 --- a/src/lib/libssl/t1_enc.c +++ b/src/lib/libssl/t1_enc.c | |||
| @@ -300,11 +300,11 @@ tls1_generate_key_block(SSL *s, unsigned char *km, unsigned char *tmp, int num) | |||
| 300 | int | 300 | int |
| 301 | tls1_change_cipher_state(SSL *s, int which) | 301 | tls1_change_cipher_state(SSL *s, int which) |
| 302 | { | 302 | { |
| 303 | static const unsigned char empty[]=""; | 303 | static const unsigned char empty[] = ""; |
| 304 | unsigned char tmp1[EVP_MAX_KEY_LENGTH]; | 304 | unsigned char export_tmp1[EVP_MAX_KEY_LENGTH]; |
| 305 | unsigned char tmp2[EVP_MAX_KEY_LENGTH]; | 305 | unsigned char export_tmp2[EVP_MAX_KEY_LENGTH]; |
| 306 | unsigned char iv1[EVP_MAX_IV_LENGTH*2]; | 306 | unsigned char export_iv1[EVP_MAX_IV_LENGTH * 2]; |
| 307 | unsigned char iv2[EVP_MAX_IV_LENGTH*2]; | 307 | unsigned char export_iv2[EVP_MAX_IV_LENGTH * 2]; |
| 308 | 308 | ||
| 309 | const unsigned char *client_write_mac_secret, *server_write_mac_secret; | 309 | const unsigned char *client_write_mac_secret, *server_write_mac_secret; |
| 310 | const unsigned char *client_write_key, *server_write_key; | 310 | const unsigned char *client_write_key, *server_write_key; |
| @@ -503,26 +503,26 @@ tls1_change_cipher_state(SSL *s, int which) | |||
| 503 | exp_label, exp_label_len, | 503 | exp_label, exp_label_len, |
| 504 | s->s3->client_random, SSL3_RANDOM_SIZE, | 504 | s->s3->client_random, SSL3_RANDOM_SIZE, |
| 505 | s->s3->server_random, SSL3_RANDOM_SIZE, | 505 | s->s3->server_random, SSL3_RANDOM_SIZE, |
| 506 | NULL, 0, NULL, 0, key, key_len, tmp1, tmp2, | 506 | NULL, 0, NULL, 0, key, key_len, export_tmp1, export_tmp2, |
| 507 | EVP_CIPHER_key_length(cipher))) | 507 | EVP_CIPHER_key_length(cipher))) |
| 508 | goto err2; | 508 | goto err2; |
| 509 | key = tmp1; | 509 | key = export_tmp1; |
| 510 | 510 | ||
| 511 | if (iv_len > 0) { | 511 | if (iv_len > 0) { |
| 512 | if (!tls1_PRF(ssl_get_algorithm2(s), | 512 | if (!tls1_PRF(ssl_get_algorithm2(s), |
| 513 | TLS_MD_IV_BLOCK_CONST, TLS_MD_IV_BLOCK_CONST_SIZE, | 513 | TLS_MD_IV_BLOCK_CONST, TLS_MD_IV_BLOCK_CONST_SIZE, |
| 514 | s->s3->client_random, SSL3_RANDOM_SIZE, | 514 | s->s3->client_random, SSL3_RANDOM_SIZE, |
| 515 | s->s3->server_random, SSL3_RANDOM_SIZE, | 515 | s->s3->server_random, SSL3_RANDOM_SIZE, |
| 516 | NULL, 0, NULL, 0, empty, 0, iv1, iv2, iv_len * 2)) | 516 | NULL, 0, NULL, 0, empty, 0, |
| 517 | export_iv1, export_iv2, iv_len * 2)) | ||
| 517 | goto err2; | 518 | goto err2; |
| 518 | if (use_client_keys) | 519 | if (use_client_keys) |
| 519 | iv = iv1; | 520 | iv = export_iv1; |
| 520 | else | 521 | else |
| 521 | iv = &(iv1[iv_len]); | 522 | iv = &(export_iv1[iv_len]); |
| 522 | } | 523 | } |
| 523 | } | 524 | } |
| 524 | 525 | ||
| 525 | |||
| 526 | if (EVP_CIPHER_mode(cipher) == EVP_CIPH_GCM_MODE) { | 526 | if (EVP_CIPHER_mode(cipher) == EVP_CIPH_GCM_MODE) { |
| 527 | EVP_CipherInit_ex(cipher_ctx, cipher, NULL, key, NULL, | 527 | EVP_CipherInit_ex(cipher_ctx, cipher, NULL, key, NULL, |
| 528 | (which & SSL3_CC_WRITE)); | 528 | (which & SSL3_CC_WRITE)); |
| @@ -538,10 +538,13 @@ tls1_change_cipher_state(SSL *s, int which) | |||
| 538 | EVP_CIPHER_CTX_ctrl(cipher_ctx, EVP_CTRL_AEAD_SET_MAC_KEY, | 538 | EVP_CIPHER_CTX_ctrl(cipher_ctx, EVP_CTRL_AEAD_SET_MAC_KEY, |
| 539 | mac_secret_size, (unsigned char *)mac_secret); | 539 | mac_secret_size, (unsigned char *)mac_secret); |
| 540 | 540 | ||
| 541 | OPENSSL_cleanse(tmp1, sizeof(tmp1)); | 541 | if (is_export) { |
| 542 | OPENSSL_cleanse(tmp2, sizeof(tmp2)); | 542 | OPENSSL_cleanse(export_tmp1, sizeof(export_tmp1)); |
| 543 | OPENSSL_cleanse(iv1, sizeof(iv1)); | 543 | OPENSSL_cleanse(export_tmp2, sizeof(export_tmp2)); |
| 544 | OPENSSL_cleanse(iv2, sizeof(iv2)); | 544 | OPENSSL_cleanse(export_iv1, sizeof(export_iv1)); |
| 545 | OPENSSL_cleanse(export_iv2, sizeof(export_iv2)); | ||
| 546 | } | ||
| 547 | |||
| 545 | return (1); | 548 | return (1); |
| 546 | 549 | ||
| 547 | err: | 550 | err: |