1 files changed, 33 insertions, 61 deletions
diff --git a/src/lib/libssl/ssl_srvr.c b/src/lib/libssl/ssl_srvr.c
index ff5b020d7a..3d20f0f900 100644
--- a/src/lib/libssl/ssl_srvr.c
+++ b/src/lib/libssl/ssl_srvr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_srvr.c,v 1.35 2018/06/10 13:50:39 jsing Exp $ */
+/* $OpenBSD: ssl_srvr.c,v 1.36 2018/08/10 17:44:16 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -1504,13 +1504,10 @@ ssl3_send_server_key_exchange(SSL *s)
        CBB cbb;
        unsigned char *params = NULL;
        size_t params_len;
-        unsigned char *q;
-        unsigned char md_buf[MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH];
-        unsigned int u;
        EVP_PKEY *pkey;
        const EVP_MD *md = NULL;
        unsigned char *p, *d;
-        int al, i, j, n, kn;
+        int al, i, n, kn;
        unsigned long type;
        BUF_MEM *buf;
        EVP_MD_CTX md_ctx;
@@ -1570,68 +1567,43 @@ ssl3_send_server_key_exchange(SSL *s)
                n = params_len;
                p += params_len;
-                /* not anonymous */
+                /* Add signature unless anonymous. */
                if (pkey != NULL) {
-                        /*
+                        if (pkey->type == EVP_PKEY_RSA && !SSL_USE_SIGALGS(s))
-                         * n is the length of the params, they start at &(d[4])
+                                md = EVP_md5_sha1();
-                         * and p points to the space at the end.
+                
-                         */
+                        if (md == NULL) {
-                        if (pkey->type == EVP_PKEY_RSA && !SSL_USE_SIGALGS(s)) {
-                                q = md_buf;
-                                j = 0;
-                                if (!EVP_DigestInit_ex(&md_ctx, EVP_md5_sha1(),
-                                    NULL))
-                                        goto err;
-                                EVP_DigestUpdate(&md_ctx, s->s3->client_random,
-                                    SSL3_RANDOM_SIZE);
-                                EVP_DigestUpdate(&md_ctx, s->s3->server_random,
-                                    SSL3_RANDOM_SIZE);
-                                EVP_DigestUpdate(&md_ctx, d, n);
-                                EVP_DigestFinal_ex(&md_ctx, q,
-                                    (unsigned int *)&i);
-                                q += i;
-                                j += i;
-                                if (RSA_sign(NID_md5_sha1, md_buf, j,
-                                    &(p[2]), &u, pkey->pkey.rsa) <= 0) {
-                                        SSLerror(s, ERR_R_RSA_LIB);
-                                        goto err;
-                                }
-                                s2n(u, p);
-                                n += u + 2;
-                        } else if (md) {
-                                /* Send signature algorithm. */
-                                if (SSL_USE_SIGALGS(s)) {
-                                        if (!tls12_get_sigandhash(p, pkey, md)) {
-                                                /* Should never happen */
-                                                al = SSL_AD_INTERNAL_ERROR;
-                                                SSLerror(s, ERR_R_INTERNAL_ERROR);
-                                                goto f_err;
-                                        }
-                                        p += 2;
-                                }
-                                EVP_SignInit_ex(&md_ctx, md, NULL);
-                                EVP_SignUpdate(&md_ctx,
-                                    s->s3->client_random,
-                                    SSL3_RANDOM_SIZE);
-                                EVP_SignUpdate(&md_ctx,
-                                    s->s3->server_random,
-                                    SSL3_RANDOM_SIZE);
-                                EVP_SignUpdate(&md_ctx, d, n);
-                                if (!EVP_SignFinal(&md_ctx, &p[2],
-                                        (unsigned int *)&i, pkey)) {
-                                        SSLerror(s, ERR_R_EVP_LIB);
-                                        goto err;
-                                }
-                                s2n(i, p);
-                                n += i + 2;
-                                if (SSL_USE_SIGALGS(s))
-                                        n += 2;
-                        } else {
                                /* Is this error check actually needed? */
                                al = SSL_AD_HANDSHAKE_FAILURE;
                                SSLerror(s, SSL_R_UNKNOWN_PKEY_TYPE);
                                goto f_err;
                        }
+                        /* Send signature algorithm. */
+                        if (SSL_USE_SIGALGS(s)) {
+                                if (!tls12_get_sigandhash(p, pkey, md)) {
+                                        /* Should never happen */
+                                        al = SSL_AD_INTERNAL_ERROR;
+                                        SSLerror(s, ERR_R_INTERNAL_ERROR);
+                                        goto f_err;
+                                }
+                                p += 2;
+                        }
+                        EVP_SignInit_ex(&md_ctx, md, NULL);
+                        EVP_SignUpdate(&md_ctx, s->s3->client_random,
+                            SSL3_RANDOM_SIZE);
+                        EVP_SignUpdate(&md_ctx, s->s3->server_random,
+                            SSL3_RANDOM_SIZE);
+                        EVP_SignUpdate(&md_ctx, d, n);
+                        if (!EVP_SignFinal(&md_ctx, &p[2], (unsigned int *)&i,
+                            pkey)) {
+                                SSLerror(s, ERR_R_EVP_LIB);
+                                goto err;
+                        }
+                        s2n(i, p);
+                        n += i + 2;
+                        if (SSL_USE_SIGALGS(s))
+                                n += 2;
                }
                ssl3_handshake_msg_finish(s, n);

diff --git a/src/lib/libssl/ssl_srvr.c b/src/lib/libssl/ssl_srvr.c index ff5b020d7a..3d20f0f900 100644 --- a/src/lib/libssl/ssl_srvr.c +++ b/src/lib/libssl/ssl_srvr.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_srvr.c,v 1.35 2018/06/10 13:50:39 jsing Exp $ */	1	/* $OpenBSD: ssl_srvr.c,v 1.36 2018/08/10 17:44:16 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -1504,13 +1504,10 @@ ssl3_send_server_key_exchange(SSL *s)
1504	CBB cbb;	1504	CBB cbb;
1505	unsigned char *params = NULL;	1505	unsigned char *params = NULL;
1506	size_t params_len;	1506	size_t params_len;
1507	unsigned char *q;
1508	unsigned char md_buf[MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH];
1509	unsigned int u;
1510	EVP_PKEY *pkey;	1507	EVP_PKEY *pkey;
1511	const EVP_MD *md = NULL;	1508	const EVP_MD *md = NULL;
1512	unsigned char p, d;	1509	unsigned char p, d;
1513	int al, i, j, n, kn;	1510	int al, i, n, kn;
1514	unsigned long type;	1511	unsigned long type;
1515	BUF_MEM *buf;	1512	BUF_MEM *buf;
1516	EVP_MD_CTX md_ctx;	1513	EVP_MD_CTX md_ctx;
@@ -1570,68 +1567,43 @@ ssl3_send_server_key_exchange(SSL *s)
1570	n = params_len;	1567	n = params_len;
1571	p += params_len;	1568	p += params_len;
1572		1569
1573	/* not anonymous */	1570	/* Add signature unless anonymous. */
1574	if (pkey != NULL) {	1571	if (pkey != NULL) {
1575	/*	1572	if (pkey->type == EVP_PKEY_RSA && !SSL_USE_SIGALGS(s))
1576	* n is the length of the params, they start at &(d[4])	1573	md = EVP_md5_sha1();
1577	* and p points to the space at the end.	1574
1578	*/	1575	if (md == NULL) {
1579	if (pkey->type == EVP_PKEY_RSA && !SSL_USE_SIGALGS(s)) {
1580	q = md_buf;
1581	j = 0;
1582	if (!EVP_DigestInit_ex(&md_ctx, EVP_md5_sha1(),
1583	NULL))
1584	goto err;
1585	EVP_DigestUpdate(&md_ctx, s->s3->client_random,
1586	SSL3_RANDOM_SIZE);
1587	EVP_DigestUpdate(&md_ctx, s->s3->server_random,
1588	SSL3_RANDOM_SIZE);
1589	EVP_DigestUpdate(&md_ctx, d, n);
1590	EVP_DigestFinal_ex(&md_ctx, q,
1591	(unsigned int *)&i);
1592	q += i;
1593	j += i;
1594	if (RSA_sign(NID_md5_sha1, md_buf, j,
1595	&(p[2]), &u, pkey->pkey.rsa) <= 0) {
1596	SSLerror(s, ERR_R_RSA_LIB);
1597	goto err;
1598	}
1599	s2n(u, p);
1600	n += u + 2;
1601	} else if (md) {
1602	/* Send signature algorithm. */
1603	if (SSL_USE_SIGALGS(s)) {
1604	if (!tls12_get_sigandhash(p, pkey, md)) {
1605	/* Should never happen */
1606	al = SSL_AD_INTERNAL_ERROR;
1607	SSLerror(s, ERR_R_INTERNAL_ERROR);
1608	goto f_err;
1609	}
1610	p += 2;
1611	}
1612	EVP_SignInit_ex(&md_ctx, md, NULL);
1613	EVP_SignUpdate(&md_ctx,
1614	s->s3->client_random,
1615	SSL3_RANDOM_SIZE);
1616	EVP_SignUpdate(&md_ctx,
1617	s->s3->server_random,
1618	SSL3_RANDOM_SIZE);
1619	EVP_SignUpdate(&md_ctx, d, n);
1620	if (!EVP_SignFinal(&md_ctx, &p[2],
1621	(unsigned int *)&i, pkey)) {
1622	SSLerror(s, ERR_R_EVP_LIB);
1623	goto err;
1624	}
1625	s2n(i, p);
1626	n += i + 2;
1627	if (SSL_USE_SIGALGS(s))
1628	n += 2;
1629	} else {
1630	/* Is this error check actually needed? */	1576	/* Is this error check actually needed? */
1631	al = SSL_AD_HANDSHAKE_FAILURE;	1577	al = SSL_AD_HANDSHAKE_FAILURE;
1632	SSLerror(s, SSL_R_UNKNOWN_PKEY_TYPE);	1578	SSLerror(s, SSL_R_UNKNOWN_PKEY_TYPE);
1633	goto f_err;	1579	goto f_err;
1634	}	1580	}
		1581
		1582	/* Send signature algorithm. */
		1583	if (SSL_USE_SIGALGS(s)) {
		1584	if (!tls12_get_sigandhash(p, pkey, md)) {
		1585	/* Should never happen */
		1586	al = SSL_AD_INTERNAL_ERROR;
		1587	SSLerror(s, ERR_R_INTERNAL_ERROR);
		1588	goto f_err;
		1589	}
		1590	p += 2;
		1591	}
		1592	EVP_SignInit_ex(&md_ctx, md, NULL);
		1593	EVP_SignUpdate(&md_ctx, s->s3->client_random,
		1594	SSL3_RANDOM_SIZE);
		1595	EVP_SignUpdate(&md_ctx, s->s3->server_random,
		1596	SSL3_RANDOM_SIZE);
		1597	EVP_SignUpdate(&md_ctx, d, n);
		1598	if (!EVP_SignFinal(&md_ctx, &p[2], (unsigned int *)&i,
		1599	pkey)) {
		1600	SSLerror(s, ERR_R_EVP_LIB);
		1601	goto err;
		1602	}
		1603	s2n(i, p);
		1604	n += i + 2;
		1605	if (SSL_USE_SIGALGS(s))
		1606	n += 2;
1635	}	1607	}
1636		1608
1637	ssl3_handshake_msg_finish(s, n);	1609	ssl3_handshake_msg_finish(s, n);