From e26eeaa4a45f5c99de33c77e188d1d2a6beef5b2 Mon Sep 17 00:00:00 2001 From: tb <> Date: Mon, 14 Dec 2020 15:26:36 +0000 Subject: Fix SSL_get{,_peer}_finished() with TLSv1.3 As reported by Steffen Ullrich and bluhm, the Finished tests in p5-Net-SSLeay's t/local/43_misc_functions.t broke with with TLSv1.3. The reason for this is that we don't copy the MDs over to the SSL, so the API functions can't retrieve them. This commit fixes this part of the test (one unrelated test still fails). ok inoguchi jsing --- src/lib/libssl/tls13_client.c | 15 ++++++++++++++- src/lib/libssl/tls13_server.c | 15 ++++++++++++++- 2 files changed, 28 insertions(+), 2 deletions(-) (limited to 'src/lib') diff --git a/src/lib/libssl/tls13_client.c b/src/lib/libssl/tls13_client.c index 35409d92bd..f804f27293 100644 --- a/src/lib/libssl/tls13_client.c +++ b/src/lib/libssl/tls13_client.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls13_client.c,v 1.67 2020/09/11 17:36:27 jsing Exp $ */ +/* $OpenBSD: tls13_client.c,v 1.68 2020/12/14 15:26:36 tb Exp $ */ /* * Copyright (c) 2018, 2019 Joel Sing * @@ -756,6 +756,7 @@ tls13_server_finished_recv(struct tls13_ctx *ctx, CBS *cbs) uint8_t key[EVP_MAX_MD_SIZE]; HMAC_CTX *hmac_ctx = NULL; unsigned int hlen; + SSL *s = ctx->ssl; int ret = 0; /* @@ -790,6 +791,11 @@ tls13_server_finished_recv(struct tls13_ctx *ctx, CBS *cbs) goto err; } + if (!CBS_write_bytes(cbs, S3I(s)->tmp.peer_finish_md, + sizeof(S3I(s)->tmp.peer_finish_md), + &S3I(s)->tmp.peer_finish_md_len)) + goto err; + if (!CBS_skip(cbs, verify_data_len)) goto err; @@ -1036,6 +1042,8 @@ tls13_client_finished_send(struct tls13_ctx *ctx, CBB *cbb) size_t hmac_len; unsigned int hlen; HMAC_CTX *hmac_ctx = NULL; + CBS cbs; + SSL *s = ctx->ssl; int ret = 0; finished_key.data = key; @@ -1066,6 +1074,11 @@ tls13_client_finished_send(struct tls13_ctx *ctx, CBB *cbb) if (hlen != hmac_len) goto err; + CBS_init(&cbs, verify_data, hmac_len); + if (!CBS_write_bytes(&cbs, S3I(s)->tmp.finish_md, + sizeof(S3I(s)->tmp.finish_md), &S3I(s)->tmp.finish_md_len)) + goto err; + ret = 1; err: diff --git a/src/lib/libssl/tls13_server.c b/src/lib/libssl/tls13_server.c index a3adf9e6b3..1c8644ab27 100644 --- a/src/lib/libssl/tls13_server.c +++ b/src/lib/libssl/tls13_server.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls13_server.c,v 1.63 2020/11/17 07:02:30 tb Exp $ */ +/* $OpenBSD: tls13_server.c,v 1.64 2020/12/14 15:26:36 tb Exp $ */ /* * Copyright (c) 2019, 2020 Joel Sing * Copyright (c) 2020 Bob Beck @@ -776,6 +776,8 @@ tls13_server_finished_send(struct tls13_ctx *ctx, CBB *cbb) size_t hmac_len; unsigned int hlen; HMAC_CTX *hmac_ctx = NULL; + CBS cbs; + SSL *s = ctx->ssl; int ret = 0; finished_key.data = key; @@ -806,6 +808,11 @@ tls13_server_finished_send(struct tls13_ctx *ctx, CBB *cbb) if (hlen != hmac_len) goto err; + CBS_init(&cbs, verify_data, hmac_len); + if (!CBS_write_bytes(&cbs, S3I(s)->tmp.finish_md, + sizeof(S3I(s)->tmp.finish_md), &S3I(s)->tmp.finish_md_len)) + goto err; + ret = 1; err: @@ -1036,6 +1043,7 @@ tls13_client_finished_recv(struct tls13_ctx *ctx, CBS *cbs) uint8_t key[EVP_MAX_MD_SIZE]; HMAC_CTX *hmac_ctx = NULL; unsigned int hlen; + SSL *s = ctx->ssl; int ret = 0; /* @@ -1070,6 +1078,11 @@ tls13_client_finished_recv(struct tls13_ctx *ctx, CBS *cbs) goto err; } + if (!CBS_write_bytes(cbs, S3I(s)->tmp.peer_finish_md, + sizeof(S3I(s)->tmp.peer_finish_md), + &S3I(s)->tmp.peer_finish_md_len)) + goto err; + if (!CBS_skip(cbs, verify_data_len)) goto err; -- cgit v1.2.3-55-g6feb