X-Git-Url: https://git.openssl.org/?a=blobdiff_plain;f=ssl%2Fs3_enc.c;h=dc884c5466b69d3ec6d4a6b5f92019e84c7868b9;hb=6e59a892db781658c050e5217127c4147c116ac9;hp=bb900e9ca8f19298fc2aa8b61445991df8f94afd;hpb=28ba2541f9f5e61ddef548d3bead494ff6946db2;p=openssl.git diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c index bb900e9ca8..dc884c5466 100644 --- a/ssl/s3_enc.c +++ b/ssl/s3_enc.c @@ -142,19 +142,24 @@ static int ssl3_generate_key_block(SSL *s, unsigned char *km, int num) { - EVP_MD_CTX m5; - EVP_MD_CTX s1; + EVP_MD_CTX *m5; + EVP_MD_CTX *s1; unsigned char buf[16], smd[SHA_DIGEST_LENGTH]; unsigned char c = 'A'; unsigned int i, j, k; + int ret = 0; #ifdef CHARSET_EBCDIC c = os_toascii[c]; /* 'A' in ASCII */ #endif k = 0; - EVP_MD_CTX_init(&m5); - EVP_MD_CTX_set_flags(&m5, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW); - EVP_MD_CTX_init(&s1); + m5 = EVP_MD_CTX_create(); + s1 = EVP_MD_CTX_create(); + if (m5 == NULL || s1 == NULL) { + SSLerr(SSL_F_SSL3_GENERATE_KEY_BLOCK, ERR_R_MALLOC_FAILURE); + goto err; + } + EVP_MD_CTX_set_flags(m5, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW); for (i = 0; (int)i < num; i += MD5_DIGEST_LENGTH) { k++; if (k > sizeof buf) { @@ -166,30 +171,32 @@ static int ssl3_generate_key_block(SSL *s, unsigned char *km, int num) for (j = 0; j < k; j++) buf[j] = c; c++; - EVP_DigestInit_ex(&s1, EVP_sha1(), NULL); - EVP_DigestUpdate(&s1, buf, k); - EVP_DigestUpdate(&s1, s->session->master_key, + EVP_DigestInit_ex(s1, EVP_sha1(), NULL); + EVP_DigestUpdate(s1, buf, k); + EVP_DigestUpdate(s1, s->session->master_key, s->session->master_key_length); - EVP_DigestUpdate(&s1, s->s3->server_random, SSL3_RANDOM_SIZE); - EVP_DigestUpdate(&s1, s->s3->client_random, SSL3_RANDOM_SIZE); - EVP_DigestFinal_ex(&s1, smd, NULL); + EVP_DigestUpdate(s1, s->s3->server_random, SSL3_RANDOM_SIZE); + EVP_DigestUpdate(s1, s->s3->client_random, SSL3_RANDOM_SIZE); + EVP_DigestFinal_ex(s1, smd, NULL); - EVP_DigestInit_ex(&m5, EVP_md5(), NULL); - EVP_DigestUpdate(&m5, s->session->master_key, + EVP_DigestInit_ex(m5, EVP_md5(), NULL); + EVP_DigestUpdate(m5, s->session->master_key, s->session->master_key_length); - EVP_DigestUpdate(&m5, smd, SHA_DIGEST_LENGTH); + EVP_DigestUpdate(m5, smd, SHA_DIGEST_LENGTH); if ((int)(i + MD5_DIGEST_LENGTH) > num) { - EVP_DigestFinal_ex(&m5, smd, NULL); + EVP_DigestFinal_ex(m5, smd, NULL); memcpy(km, smd, (num - i)); } else - EVP_DigestFinal_ex(&m5, km, NULL); + EVP_DigestFinal_ex(m5, km, NULL); km += MD5_DIGEST_LENGTH; } OPENSSL_cleanse(smd, sizeof(smd)); - EVP_MD_CTX_cleanup(&m5); - EVP_MD_CTX_cleanup(&s1); - return 1; + ret = 1; + err: + EVP_MD_CTX_destroy(m5); + EVP_MD_CTX_destroy(s1); + return ret; } int ssl3_change_cipher_state(SSL *s, int which) @@ -197,18 +204,16 @@ int ssl3_change_cipher_state(SSL *s, int which) unsigned char *p, *mac_secret; unsigned char exp_key[EVP_MAX_KEY_LENGTH]; unsigned char exp_iv[EVP_MAX_IV_LENGTH]; - unsigned char *ms, *key, *iv, *er1, *er2; + unsigned char *ms, *key, *iv; EVP_CIPHER_CTX *dd; const EVP_CIPHER *c; #ifndef OPENSSL_NO_COMP COMP_METHOD *comp; #endif const EVP_MD *m; - EVP_MD_CTX md; - int is_exp, n, i, j, k, cl; + int n, i, j, k, cl; int reuse_dd = 0; - is_exp = SSL_C_IS_EXPORT(s->s3->tmp.new_cipher); c = s->s3->tmp.new_sym_enc; m = s->s3->tmp.new_hash; /* m == NULL will lead to a crash later */ @@ -295,9 +300,7 @@ int ssl3_change_cipher_state(SSL *s, int which) if (i < 0) goto err2; cl = EVP_CIPHER_key_length(c); - j = is_exp ? (cl < SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher) ? - cl : SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher)) : cl; - /* Was j=(is_exp)?5:EVP_CIPHER_key_length(c); */ + j = cl; k = EVP_CIPHER_iv_length(c); if ((which == SSL3_CHANGE_CIPHER_CLIENT_WRITE) || (which == SSL3_CHANGE_CIPHER_SERVER_READ)) { @@ -307,8 +310,6 @@ int ssl3_change_cipher_state(SSL *s, int which) n += j + j; iv = &(p[n]); n += k + k; - er1 = &(s->s3->client_random[0]); - er2 = &(s->s3->server_random[0]); } else { n = i; ms = &(p[n]); @@ -317,8 +318,6 @@ int ssl3_change_cipher_state(SSL *s, int which) n += j + k; iv = &(p[n]); n += k; - er1 = &(s->s3->server_random[0]); - er2 = &(s->s3->client_random[0]); } if (n > s->s3->tmp.key_block_length) { @@ -326,28 +325,7 @@ int ssl3_change_cipher_state(SSL *s, int which) goto err2; } - EVP_MD_CTX_init(&md); memcpy(mac_secret, ms, i); - if (is_exp) { - /* - * In here I set both the read and write key/iv to the same value - * since only the correct one will be used :-). - */ - EVP_DigestInit_ex(&md, EVP_md5(), NULL); - EVP_DigestUpdate(&md, key, j); - EVP_DigestUpdate(&md, er1, SSL3_RANDOM_SIZE); - EVP_DigestUpdate(&md, er2, SSL3_RANDOM_SIZE); - EVP_DigestFinal_ex(&md, &(exp_key[0]), NULL); - key = &(exp_key[0]); - - if (k > 0) { - EVP_DigestInit_ex(&md, EVP_md5(), NULL); - EVP_DigestUpdate(&md, er1, SSL3_RANDOM_SIZE); - EVP_DigestUpdate(&md, er2, SSL3_RANDOM_SIZE); - EVP_DigestFinal_ex(&md, &(exp_iv[0]), NULL); - iv = &(exp_iv[0]); - } - } EVP_CipherInit_ex(dd, c, NULL, key, iv, (which & SSL3_CC_WRITE)); @@ -370,7 +348,6 @@ int ssl3_change_cipher_state(SSL *s, int which) OPENSSL_cleanse(exp_key, sizeof(exp_key)); OPENSSL_cleanse(exp_iv, sizeof(exp_iv)); - EVP_MD_CTX_cleanup(&md); return (1); err: SSLerr(SSL_F_SSL3_CHANGE_CIPHER_STATE, ERR_R_MALLOC_FAILURE); @@ -522,35 +499,39 @@ int ssl3_digest_cached_records(SSL *s, int keep) int ssl3_final_finish_mac(SSL *s, const char *sender, int len, unsigned char *p) { int ret; - EVP_MD_CTX ctx; + EVP_MD_CTX *ctx = NULL; if (!ssl3_digest_cached_records(s, 0)) return 0; if (EVP_MD_CTX_type(s->s3->handshake_dgst) != NID_md5_sha1) { - SSLerr(SSL_F_SSL3_HANDSHAKE_MAC, SSL_R_NO_REQUIRED_DIGEST); + SSLerr(SSL_F_SSL3_FINAL_FINISH_MAC, SSL_R_NO_REQUIRED_DIGEST); return 0; } - EVP_MD_CTX_init(&ctx); - EVP_MD_CTX_copy_ex(&ctx, s->s3->handshake_dgst); + ctx = EVP_MD_CTX_create(); + if (ctx == NULL) { + SSLerr(SSL_F_SSL3_FINAL_FINISH_MAC, ERR_R_MALLOC_FAILURE); + return 0; + } + EVP_MD_CTX_copy_ex(ctx, s->s3->handshake_dgst); - ret = EVP_MD_CTX_size(&ctx); + ret = EVP_MD_CTX_size(ctx); if (ret < 0) { - EVP_MD_CTX_cleanup(&ctx); + EVP_MD_CTX_cleanup(ctx); return 0; } - if ((sender != NULL && EVP_DigestUpdate(&ctx, sender, len) <= 0) - || EVP_MD_CTX_ctrl(&ctx, EVP_CTRL_SSL3_MASTER_SECRET, + if ((sender != NULL && EVP_DigestUpdate(ctx, sender, len) <= 0) + || EVP_MD_CTX_ctrl(ctx, EVP_CTRL_SSL3_MASTER_SECRET, s->session->master_key_length, s->session->master_key) <= 0 - || EVP_DigestFinal_ex(&ctx, p, NULL) <= 0) { - SSLerr(SSL_F_SSL3_HANDSHAKE_MAC, ERR_R_INTERNAL_ERROR); + || EVP_DigestFinal_ex(ctx, p, NULL) <= 0) { + SSLerr(SSL_F_SSL3_FINAL_FINISH_MAC, ERR_R_INTERNAL_ERROR); ret = 0; } - EVP_MD_CTX_cleanup(&ctx); + EVP_MD_CTX_destroy(ctx); return ret; } @@ -570,29 +551,32 @@ int ssl3_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p, #endif }; unsigned char buf[EVP_MAX_MD_SIZE]; - EVP_MD_CTX ctx; + EVP_MD_CTX *ctx = EVP_MD_CTX_create(); int i, ret = 0; unsigned int n; #ifdef OPENSSL_SSL_TRACE_CRYPTO unsigned char *tmpout = out; #endif - EVP_MD_CTX_init(&ctx); + if (ctx == NULL) { + SSLerr(SSL_F_SSL3_GENERATE_MASTER_SECRET, ERR_R_MALLOC_FAILURE); + return 0; + } for (i = 0; i < 3; i++) { - if (EVP_DigestInit_ex(&ctx, s->ctx->sha1, NULL) <= 0 - || EVP_DigestUpdate(&ctx, salt[i], + if (EVP_DigestInit_ex(ctx, s->ctx->sha1, NULL) <= 0 + || EVP_DigestUpdate(ctx, salt[i], strlen((const char *)salt[i])) <= 0 - || EVP_DigestUpdate(&ctx, p, len) <= 0 - || EVP_DigestUpdate(&ctx, &(s->s3->client_random[0]), + || EVP_DigestUpdate(ctx, p, len) <= 0 + || EVP_DigestUpdate(ctx, &(s->s3->client_random[0]), SSL3_RANDOM_SIZE) <= 0 - || EVP_DigestUpdate(&ctx, &(s->s3->server_random[0]), + || EVP_DigestUpdate(ctx, &(s->s3->server_random[0]), SSL3_RANDOM_SIZE) <= 0 - || EVP_DigestFinal_ex(&ctx, buf, &n) <= 0 + || EVP_DigestFinal_ex(ctx, buf, &n) <= 0 - || EVP_DigestInit_ex(&ctx, s->ctx->md5, NULL) <= 0 - || EVP_DigestUpdate(&ctx, p, len) <= 0 - || EVP_DigestUpdate(&ctx, buf, n) <= 0 - || EVP_DigestFinal_ex(&ctx, out, &n) <= 0) { + || EVP_DigestInit_ex(ctx, s->ctx->md5, NULL) <= 0 + || EVP_DigestUpdate(ctx, p, len) <= 0 + || EVP_DigestUpdate(ctx, buf, n) <= 0 + || EVP_DigestFinal_ex(ctx, out, &n) <= 0) { SSLerr(SSL_F_SSL3_GENERATE_MASTER_SECRET, ERR_R_INTERNAL_ERROR); ret = 0; break; @@ -600,7 +584,7 @@ int ssl3_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p, out += n; ret += n; } - EVP_MD_CTX_cleanup(&ctx); + EVP_MD_CTX_destroy(ctx); #ifdef OPENSSL_SSL_TRACE_CRYPTO if (ret > 0 && s->msg_callback) {