summaryrefslogtreecommitdiff
path: root/src/lib
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib')
-rw-r--r--src/lib/libssl/t1_enc.c67
1 files changed, 19 insertions, 48 deletions
diff --git a/src/lib/libssl/t1_enc.c b/src/lib/libssl/t1_enc.c
index 62578beeea..84f2e182d9 100644
--- a/src/lib/libssl/t1_enc.c
+++ b/src/lib/libssl/t1_enc.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: t1_enc.c,v 1.97 2017/03/05 14:39:53 jsing Exp $ */ 1/* $OpenBSD: t1_enc.c,v 1.98 2017/03/06 15:08:57 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -372,67 +372,39 @@ err:
372 372
373/* seed1 through seed5 are virtually concatenated */ 373/* seed1 through seed5 are virtually concatenated */
374static int 374static int
375tls1_PRF(long digest_mask, const void *seed1, int seed1_len, const void *seed2, 375tls1_PRF(SSL *s, const void *seed1, int seed1_len, const void *seed2,
376 int seed2_len, const void *seed3, int seed3_len, const void *seed4, 376 int seed2_len, const void *seed3, int seed3_len, const void *seed4,
377 int seed4_len, const void *seed5, int seed5_len, const unsigned char *sec, 377 int seed4_len, const void *seed5, int seed5_len, const unsigned char *sec,
378 int slen, unsigned char *out1, unsigned char *out2, int olen) 378 int slen, unsigned char *out1, unsigned char *out2, int olen)
379{ 379{
380 int len, i, idx, count;
381 const unsigned char *S1;
382 long m;
383 const EVP_MD *md; 380 const EVP_MD *md;
384 int ret = 0; 381 int i;
385 382
386 /* Count number of digests and partition sec evenly */
387 count = 0;
388 for (idx = 0; ssl_get_handshake_digest(idx, &m, &md); idx++) {
389 if ((m << TLS1_PRF_DGST_SHIFT) & digest_mask)
390 count++;
391 }
392 if (count == 0) {
393 SSLerrorx(SSL_R_SSL_HANDSHAKE_FAILURE);
394 goto err;
395 }
396 len = slen / count;
397 if (count == 1)
398 slen = 0;
399 S1 = sec;
400 memset(out1, 0, olen); 383 memset(out1, 0, olen);
401 for (idx = 0; ssl_get_handshake_digest(idx, &m, &md); idx++) {
402 if ((m << TLS1_PRF_DGST_SHIFT) & digest_mask) {
403 if (!md) {
404 SSLerrorx(SSL_R_UNSUPPORTED_DIGEST_TYPE);
405 goto err;
406 }
407 if (!tls1_P_hash(md , S1, len + (slen&1), seed1,
408 seed1_len, seed2, seed2_len, seed3, seed3_len,
409 seed4, seed4_len, seed5, seed5_len, out2, olen))
410 goto err;
411 S1 += len;
412 for (i = 0; i < olen; i++) {
413 out1[i] ^= out2[i];
414 }
415 }
416 }
417 ret = 1;
418 384
419err: 385 if (!ssl_get_handshake_evp_md(s, &md))
420 return ret; 386 return (0);
387
388 if (!tls1_P_hash(md, sec, slen, seed1, seed1_len, seed2, seed2_len,
389 seed3, seed3_len, seed4, seed4_len, seed5, seed5_len, out2, olen))
390 return (0);
391
392 for (i = 0; i < olen; i++)
393 out1[i] ^= out2[i];
394
395 return (1);
421} 396}
422 397
423static int 398static int
424tls1_generate_key_block(SSL *s, unsigned char *km, unsigned char *tmp, int num) 399tls1_generate_key_block(SSL *s, unsigned char *km, unsigned char *tmp, int num)
425{ 400{
426 int ret; 401 return tls1_PRF(s,
427
428 ret = tls1_PRF(ssl_get_algorithm2(s),
429 TLS_MD_KEY_EXPANSION_CONST, TLS_MD_KEY_EXPANSION_CONST_SIZE, 402 TLS_MD_KEY_EXPANSION_CONST, TLS_MD_KEY_EXPANSION_CONST_SIZE,
430 s->s3->server_random, SSL3_RANDOM_SIZE, 403 s->s3->server_random, SSL3_RANDOM_SIZE,
431 s->s3->client_random, SSL3_RANDOM_SIZE, 404 s->s3->client_random, SSL3_RANDOM_SIZE,
432 NULL, 0, NULL, 0, 405 NULL, 0, NULL, 0,
433 s->session->master_key, s->session->master_key_length, 406 s->session->master_key, s->session->master_key_length,
434 km, tmp, num); 407 km, tmp, num);
435 return ret;
436} 408}
437 409
438/* 410/*
@@ -1138,8 +1110,7 @@ tls1_final_finish_mac(SSL *s, const char *str, int slen, unsigned char *out)
1138 if (hlen > INT_MAX) 1110 if (hlen > INT_MAX)
1139 return 0; 1111 return 0;
1140 1112
1141 if (!tls1_PRF(ssl_get_algorithm2(s), str, slen, buf1, hlen, 1113 if (!tls1_PRF(s, str, slen, buf1, hlen, NULL, 0, NULL, 0, NULL, 0,
1142 NULL, 0, NULL, 0, NULL, 0,
1143 s->session->master_key, s->session->master_key_length, 1114 s->session->master_key, s->session->master_key_length,
1144 out, buf2, sizeof(buf2))) 1115 out, buf2, sizeof(buf2)))
1145 return 0; 1116 return 0;
@@ -1235,7 +1206,8 @@ tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p,
1235{ 1206{
1236 unsigned char buff[SSL_MAX_MASTER_KEY_LENGTH]; 1207 unsigned char buff[SSL_MAX_MASTER_KEY_LENGTH];
1237 1208
1238 tls1_PRF(ssl_get_algorithm2(s), 1209 /* XXX - check return value. */
1210 tls1_PRF(s,
1239 TLS_MD_MASTER_SECRET_CONST, TLS_MD_MASTER_SECRET_CONST_SIZE, 1211 TLS_MD_MASTER_SECRET_CONST, TLS_MD_MASTER_SECRET_CONST_SIZE,
1240 s->s3->client_random, SSL3_RANDOM_SIZE, NULL, 0, 1212 s->s3->client_random, SSL3_RANDOM_SIZE, NULL, 0,
1241 s->s3->server_random, SSL3_RANDOM_SIZE, NULL, 0, 1213 s->s3->server_random, SSL3_RANDOM_SIZE, NULL, 0,
@@ -1307,8 +1279,7 @@ tls1_export_keying_material(SSL *s, unsigned char *out, size_t olen,
1307 TLS_MD_KEY_EXPANSION_CONST_SIZE) == 0) 1279 TLS_MD_KEY_EXPANSION_CONST_SIZE) == 0)
1308 goto err1; 1280 goto err1;
1309 1281
1310 rv = tls1_PRF(ssl_get_algorithm2(s), 1282 rv = tls1_PRF(s, val, vallen, NULL, 0, NULL, 0, NULL, 0, NULL, 0,
1311 val, vallen, NULL, 0, NULL, 0, NULL, 0, NULL, 0,
1312 s->session->master_key, s->session->master_key_length, 1283 s->session->master_key, s->session->master_key_length,
1313 out, buff, olen); 1284 out, buff, olen);
1314 1285
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-22 23:34:12 +0000