Fixups.
authorBen Laurie <ben@links.org>
Wed, 30 Jan 2013 16:56:30 +0000 (16:56 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Tue, 5 Feb 2013 16:50:33 +0000 (16:50 +0000)
crypto/evp/c_allc.c
ssl/d1_enc.c
ssl/d1_pkt.c
ssl/s3_cbc.c
ssl/s3_enc.c
ssl/s3_pkt.c
ssl/ssl_locl.h
ssl/t1_enc.c

index 354090f..e45cee8 100644 (file)
@@ -194,7 +194,6 @@ void OpenSSL_add_all_ciphers(void)
        EVP_add_cipher_alias(SN_aes_256_cbc,"AES256");
        EVP_add_cipher_alias(SN_aes_256_cbc,"aes256");
 #endif
-#endif
 
 #ifndef OPENSSL_NO_CAMELLIA
        EVP_add_cipher(EVP_camellia_128_ecb());
index 0ff1b41..ab8ccd1 100644 (file)
@@ -136,9 +136,9 @@ int dtls1_enc(SSL *s, int send)
 
        if (send)
                {
-               if (EVP_MD_CTX_md(s->write_hash))
+               if (s->write_hash)
                        {
-                       mac_size=EVP_MD_CTX_size(s->write_hash);
+                       mac_size=EVP_MD_size(s->write_hash);
                        if (mac_size < 0)
                                return -1;
                        }
@@ -162,9 +162,9 @@ int dtls1_enc(SSL *s, int send)
                }
        else
                {
-               if (EVP_MD_CTX_md(s->read_hash))
+               if (s->read_hash)
                        {
-                       mac_size=EVP_MD_CTX_size(s->read_hash);
+                       mac_size=EVP_MD_size(s->read_hash);
                        if (mac_size < 0)
                                return -1;
                        }
index 8e9ee5a..cdbbe34 100644 (file)
@@ -336,6 +336,7 @@ dtls1_process_record(SSL *s)
        unsigned char md[EVP_MAX_MD_SIZE];
        int decryption_failed_or_bad_record_mac = 0;
        unsigned char *mac = NULL;
+       int i;
 
 
        rr= &(s->s3->rrec);
index e9b112c..a29ff66 100644 (file)
@@ -139,8 +139,7 @@ int tls1_cbc_remove_padding(const SSL* s,
                            unsigned mac_size)
        {
        unsigned padding_length, good, to_check, i;
-       const char has_explicit_iv =
-               s->version >= TLS1_1_VERSION || s->version == DTLS1_VERSION;
+       const char has_explicit_iv = s->version == DTLS1_VERSION;
        const unsigned overhead = 1 /* padding length byte */ +
                                  mac_size +
                                  (has_explicit_iv ? block_size : 0);
@@ -366,9 +365,9 @@ static void tls1_sha512_final_raw(void* ctx, unsigned char *md_out)
 
 /* ssl3_cbc_record_digest_supported returns 1 iff |ctx| uses a hash function
  * which ssl3_cbc_digest_record supports. */
-char ssl3_cbc_record_digest_supported(const EVP_MD_CTX *ctx)
+char ssl3_cbc_record_digest_supported(const EVP_MD *digest)
        {
-       switch (ctx->digest->type)
+       switch (digest->type)
                {
                case NID_md5:
                case NID_sha1:
@@ -402,7 +401,7 @@ char ssl3_cbc_record_digest_supported(const EVP_MD_CTX *ctx)
  * a padding byte and MAC. (If the padding was invalid, it might contain the
  * padding too. ) */
 void ssl3_cbc_digest_record(
-       const EVP_MD_CTX *ctx,
+       const EVP_MD *digest,
        unsigned char* md_out,
        size_t* md_out_size,
        const unsigned char header[13],
@@ -436,7 +435,7 @@ void ssl3_cbc_digest_record(
         * many possible overflows later in this function. */
        OPENSSL_assert(data_plus_mac_plus_padding_size < 1024*1024);
 
-       switch (ctx->digest->type)
+       switch (digest->type)
                {
                case NID_md5:
                        MD5_Init((MD5_CTX*)md_state);
@@ -670,7 +669,7 @@ void ssl3_cbc_digest_record(
                }
 
        EVP_MD_CTX_init(&md_ctx);
-       EVP_DigestInit_ex(&md_ctx, ctx->digest, NULL /* engine */);
+       EVP_DigestInit_ex(&md_ctx, digest, NULL /* engine */);
        if (is_sslv3)
                {
                /* We repurpose |hmac_pad| to contain the SSLv3 pad2 block. */
index 845557b..6471ac4 100644 (file)
@@ -501,8 +501,8 @@ int ssl3_enc(SSL *s, int send)
 
                rec->orig_len = rec->length;
 
-               if (EVP_MD_CTX_md(s->read_hash) != NULL)
-                       mac_size = EVP_MD_CTX_size(s->read_hash);
+               if (s->read_hash != NULL)
+                       mac_size = EVP_MD_size(s->read_hash);
                if ((bs != 1) && !send)
                        return ssl3_cbc_remove_padding(s, rec, bs, mac_size);
                }
@@ -643,7 +643,7 @@ int ssl3_mac(SSL *ssl, unsigned char *md, int send)
                /* Chop the digest off the end :-) */
                EVP_MD_CTX_init(&md_ctx);
 
-               EVP_MD_CTX_copy_ex( &md_ctx,hash);
+               EVP_DigestInit_ex( &md_ctx,hash, NULL);
                EVP_DigestUpdate(&md_ctx,mac_sec,md_size);
                EVP_DigestUpdate(&md_ctx,ssl3_pad_1,npad);
                EVP_DigestUpdate(&md_ctx,seq,8);
@@ -655,7 +655,7 @@ int ssl3_mac(SSL *ssl, unsigned char *md, int send)
                EVP_DigestUpdate(&md_ctx,rec->input,rec->length);
                EVP_DigestFinal_ex( &md_ctx,md,NULL);
 
-               EVP_MD_CTX_copy_ex( &md_ctx,hash);
+               EVP_DigestInit_ex( &md_ctx,hash, NULL);
                EVP_DigestUpdate(&md_ctx,mac_sec,md_size);
                EVP_DigestUpdate(&md_ctx,ssl3_pad_2,npad);
                EVP_DigestUpdate(&md_ctx,md,md_size);
index dabcfd2..0d27f51 100644 (file)
@@ -377,7 +377,7 @@ printf("\n");
                /* !clear => s->read_hash != NULL => mac_size != -1 */
                unsigned char *mac = NULL;
                unsigned char mac_tmp[EVP_MAX_MD_SIZE];
-               mac_size=EVP_MD_CTX_size(s->read_hash);
+               mac_size=EVP_MD_size(s->read_hash);
                OPENSSL_assert(mac_size <= EVP_MAX_MD_SIZE);
 
                /* orig_len is the length of the record before any padding was
index fefc0bc..4136b24 100644 (file)
@@ -1023,9 +1023,9 @@ int tls1_cbc_remove_padding(const SSL* s,
                            SSL3_RECORD *rec,
                            unsigned block_size,
                            unsigned mac_size);
-char ssl3_cbc_record_digest_supported(const EVP_MD_CTX *ctx);
+char ssl3_cbc_record_digest_supported(const EVP_MD *hash);
 void ssl3_cbc_digest_record(
-       const EVP_MD_CTX *ctx,
+       const EVP_MD *hash,
        unsigned char* md_out,
        size_t* md_out_size,
        const unsigned char header[13],
index bb0cae1..6d6046b 100644 (file)
@@ -631,8 +631,8 @@ int tls1_enc(SSL *s, int send)
                rec->orig_len = rec->length;
 
                ret = 1;
-               if (EVP_MD_CTX_md(s->read_hash) != NULL)
-                       mac_size = EVP_MD_CTX_size(s->read_hash);
+               if (s->read_hash != NULL)
+                       mac_size = EVP_MD_size(s->read_hash);
                if ((bs != 1) && !send)
                        ret = tls1_cbc_remove_padding(s, rec, bs, mac_size);
                if (pad && !send)
@@ -686,12 +686,10 @@ int tls1_mac(SSL *ssl, unsigned char *md, int send)
        SSL3_RECORD *rec;
        unsigned char *mac_sec,*seq;
        const EVP_MD *hash;
-       unsigned int md_size;
+       size_t md_size;
        int i;
-       EVP_MD_CTX hmac, *mac_ctx;
+       HMAC_CTX hmac;
        unsigned char header[13];
-       int stream_mac = (send?(ssl->mac_flags & SSL_MAC_FLAG_WRITE_MAC_STREAM):(ssl->mac_flags&SSL_MAC_FLAG_READ_MAC_STREAM));
-       int t;
 
        if (send)
                {
@@ -734,31 +732,32 @@ int tls1_mac(SSL *ssl, unsigned char *md, int send)
 
        if (!send &&
            EVP_CIPHER_CTX_mode(ssl->enc_read_ctx) == EVP_CIPH_CBC_MODE &&
-           ssl3_cbc_record_digest_supported(mac_ctx))
+           ssl3_cbc_record_digest_supported(hash))
                {
                /* This is a CBC-encrypted record. We must avoid leaking any
                 * timing-side channel information about how many blocks of
                 * data we are hashing because that gives an attacker a
                 * timing-oracle. */
                ssl3_cbc_digest_record(
-                       mac_ctx,
+                       hash,
                        md, &md_size,
                        header, rec->input,
                        rec->length + md_size, rec->orig_len,
                        ssl->s3->read_mac_secret,
-                       ssl->s3->read_mac_secret_size,
+                       EVP_MD_size(ssl->read_hash),
                        0 /* not SSLv3 */);
                }
        else
                {
-               EVP_DigestSignUpdate(mac_ctx,header,sizeof(header));
-               EVP_DigestSignUpdate(mac_ctx,rec->input,rec->length);
-               t=EVP_DigestSignFinal(mac_ctx,md,&md_size);
-               OPENSSL_assert(t > 0);
+               unsigned mds;
+
+               HMAC_Update(&hmac,header,sizeof(header));
+               HMAC_Update(&hmac,rec->input,rec->length);
+               HMAC_Final(&hmac,md,&mds);
+               md_size = mds;
                }
                
-       if (!stream_mac)
-               EVP_MD_CTX_cleanup(&hmac);
+       HMAC_CTX_cleanup(&hmac);
 #ifdef TLS_DEBUG
 printf("sec=");
 {unsigned int z; for (z=0; z<md_size; z++) printf("%02X ",mac_sec[z]); printf("\n"); }