#include <openssl/evp.h>
#include <openssl/hmac.h>
#include <openssl/md5.h>
+#ifdef KSSL_DEBUG
+#include <openssl/des.h>
+#endif
/* seed1 through seed5 are virtually concatenated */
static void tls1_P_hash(const EVP_MD *md, const unsigned char *sec,
int i;
if (s->s3->handshake_buffer)
- ssl3_digest_cached_records(s);
+ if (!ssl3_digest_cached_records(s))
+ return 0;
+
for (i=0;i<SSL_MAX_DIGEST;i++)
{
if (s->s3->handshake_dgst[i]&&EVP_MD_CTX_type(s->s3->handshake_dgst[i])==md_nid)
q=buf;
- EVP_MD_CTX_init(&ctx);
-
if (s->s3->handshake_buffer)
- ssl3_digest_cached_records(s);
+ if (!ssl3_digest_cached_records(s))
+ return 0;
+
+ EVP_MD_CTX_init(&ctx);
for (idx=0;ssl_get_handshake_digest(idx,&mask,&md);idx++)
{
if (mask & s->s3->tmp.new_cipher->algorithm2)
{
- int hashsize = EVP_MD_size(md);
- if ((size_t)hashsize > (sizeof buf - (size_t)(q-buf)))
+ unsigned int hashsize = EVP_MD_size(md);
+ if (hashsize > (sizeof buf - (size_t)(q-buf)))
{
/* internal error: 'buf' is too small for this cipersuite! */
err = 1;
EVP_DigestSignUpdate(mac_ctx,buf,5);
EVP_DigestSignUpdate(mac_ctx,rec->input,rec->length);
- if (stream_mac) EVP_MD_CTX_copy(&hmac,hash);
- EVP_DigestSignFinal(&hmac,md,&md_size);
- EVP_MD_CTX_cleanup(&hmac);
+ EVP_DigestSignFinal(mac_ctx,md,&md_size);
+ if (!stream_mac) EVP_MD_CTX_cleanup(&hmac);
#ifdef TLS_DEBUG
printf("sec=");
{unsigned int z; for (z=0; z<md_size; z++) printf("%02X ",mac_sec[z]); printf("\n"); }