diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/libssl/tls12_record_layer.c | 25 |
1 files changed, 17 insertions, 8 deletions
diff --git a/src/lib/libssl/tls12_record_layer.c b/src/lib/libssl/tls12_record_layer.c index b7e891d268..d69370d025 100644 --- a/src/lib/libssl/tls12_record_layer.c +++ b/src/lib/libssl/tls12_record_layer.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: tls12_record_layer.c,v 1.19 2021/02/27 14:20:50 jsing Exp $ */ | 1 | /* $OpenBSD: tls12_record_layer.c,v 1.20 2021/03/02 17:16:44 jsing Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2020 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2020 Joel Sing <jsing@openbsd.org> |
| 4 | * | 4 | * |
| @@ -28,13 +28,13 @@ struct tls12_record_protection { | |||
| 28 | 28 | ||
| 29 | SSL_AEAD_CTX *aead_ctx; | 29 | SSL_AEAD_CTX *aead_ctx; |
| 30 | 30 | ||
| 31 | EVP_CIPHER_CTX *cipher_ctx; | ||
| 32 | EVP_MD_CTX *hash_ctx; | ||
| 33 | |||
| 31 | int stream_mac; | 34 | int stream_mac; |
| 32 | 35 | ||
| 33 | uint8_t *mac_key; | 36 | uint8_t *mac_key; |
| 34 | size_t mac_key_len; | 37 | size_t mac_key_len; |
| 35 | |||
| 36 | EVP_CIPHER_CTX *cipher_ctx; | ||
| 37 | EVP_MD_CTX *hash_ctx; | ||
| 38 | }; | 38 | }; |
| 39 | 39 | ||
| 40 | static struct tls12_record_protection * | 40 | static struct tls12_record_protection * |
| @@ -83,6 +83,13 @@ tls12_record_protection_engaged(struct tls12_record_protection *rp) | |||
| 83 | } | 83 | } |
| 84 | 84 | ||
| 85 | static int | 85 | static int |
| 86 | tls12_record_protection_unused(struct tls12_record_protection *rp) | ||
| 87 | { | ||
| 88 | return rp->aead_ctx == NULL && rp->cipher_ctx == NULL && | ||
| 89 | rp->hash_ctx == NULL && rp->mac_key == NULL; | ||
| 90 | } | ||
| 91 | |||
| 92 | static int | ||
| 86 | tls12_record_protection_eiv_len(struct tls12_record_protection *rp, | 93 | tls12_record_protection_eiv_len(struct tls12_record_protection *rp, |
| 87 | size_t *out_eiv_len) | 94 | size_t *out_eiv_len) |
| 88 | { | 95 | { |
| @@ -363,6 +370,9 @@ tls12_record_layer_ccs_aead(struct tls12_record_layer *rl, | |||
| 363 | { | 370 | { |
| 364 | size_t aead_nonce_len = EVP_AEAD_nonce_length(rl->aead); | 371 | size_t aead_nonce_len = EVP_AEAD_nonce_length(rl->aead); |
| 365 | 372 | ||
| 373 | if (!tls12_record_protection_unused(rp)) | ||
| 374 | return 0; | ||
| 375 | |||
| 366 | if ((rp->aead_ctx = calloc(1, sizeof(*rp->aead_ctx))) == NULL) | 376 | if ((rp->aead_ctx = calloc(1, sizeof(*rp->aead_ctx))) == NULL) |
| 367 | return 0; | 377 | return 0; |
| 368 | 378 | ||
| @@ -414,6 +424,9 @@ tls12_record_layer_ccs_cipher(struct tls12_record_layer *rl, | |||
| 414 | int mac_type; | 424 | int mac_type; |
| 415 | int ret = 0; | 425 | int ret = 0; |
| 416 | 426 | ||
| 427 | if (!tls12_record_protection_unused(rp)) | ||
| 428 | return 0; | ||
| 429 | |||
| 417 | mac_type = EVP_PKEY_HMAC; | 430 | mac_type = EVP_PKEY_HMAC; |
| 418 | rp->stream_mac = 0; | 431 | rp->stream_mac = 0; |
| 419 | 432 | ||
| @@ -479,10 +492,6 @@ tls12_record_layer_change_cipher_state(struct tls12_record_layer *rl, | |||
| 479 | size_t mac_key_len, const uint8_t *key, size_t key_len, const uint8_t *iv, | 492 | size_t mac_key_len, const uint8_t *key, size_t key_len, const uint8_t *iv, |
| 480 | size_t iv_len) | 493 | size_t iv_len) |
| 481 | { | 494 | { |
| 482 | /* Require unused record protection. */ | ||
| 483 | if (rp->cipher_ctx != NULL || rp->aead_ctx != NULL) | ||
| 484 | return 0; | ||
| 485 | |||
| 486 | if (mac_key_len > INT_MAX || key_len > INT_MAX || iv_len > INT_MAX) | 495 | if (mac_key_len > INT_MAX || key_len > INT_MAX || iv_len > INT_MAX) |
| 487 | return 0; | 496 | return 0; |
| 488 | 497 | ||