Use correct digest when exporting keying material.

[openssl.git] / ssl / t1_enc.c

diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c
index 0432801b163bc2c613fa71c2be876653834bda93..ab86e7e3e6440d3676dc1874ec8752607e494c29 100644 (file)
--- a/ssl/t1_enc.c
+++ b/ssl/t1_enc.c
@@ -160,7 +160,7 @@ static int tls1_P_hash(const EVP_MD *md, const unsigned char *sec,
        {
        int chunk;
        size_t j;
-       EVP_MD_CTX ctx, ctx_tmp;
+       EVP_MD_CTX ctx, ctx_tmp, ctx_init;
        EVP_PKEY *mac_key;
        unsigned char A1[EVP_MAX_MD_SIZE];
        size_t A1_len;
@@ -171,14 +171,14 @@ static int tls1_P_hash(const EVP_MD *md, const unsigned char *sec,
 
        EVP_MD_CTX_init(&ctx);
        EVP_MD_CTX_init(&ctx_tmp);
-       EVP_MD_CTX_set_flags(&ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
-       EVP_MD_CTX_set_flags(&ctx_tmp, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
+       EVP_MD_CTX_init(&ctx_init);
+       EVP_MD_CTX_set_flags(&ctx_init, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
        mac_key = EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, NULL, sec, sec_len);
        if (!mac_key)
                goto err;
-       if (!EVP_DigestSignInit(&ctx,NULL,md, NULL, mac_key))
+       if (!EVP_DigestSignInit(&ctx_init,NULL,md, NULL, mac_key))
                goto err;
-       if (!EVP_DigestSignInit(&ctx_tmp,NULL,md, NULL, mac_key))
+       if (!EVP_MD_CTX_copy_ex(&ctx,&ctx_init))
                goto err;
        if (seed1 && !EVP_DigestSignUpdate(&ctx,seed1,seed1_len))
                goto err;
@@ -196,13 +196,11 @@ static int tls1_P_hash(const EVP_MD *md, const unsigned char *sec,
        for (;;)
                {
                /* Reinit mac contexts */
-               if (!EVP_DigestSignInit(&ctx,NULL,md, NULL, mac_key))
-                       goto err;
-               if (!EVP_DigestSignInit(&ctx_tmp,NULL,md, NULL, mac_key))
+               if (!EVP_MD_CTX_copy_ex(&ctx,&ctx_init))
                        goto err;
                if (!EVP_DigestSignUpdate(&ctx,A1,A1_len))
                        goto err;
-               if (!EVP_DigestSignUpdate(&ctx_tmp,A1,A1_len))
+               if (olen>chunk && !EVP_MD_CTX_copy_ex(&ctx_tmp,&ctx))
                        goto err;
                if (seed1 && !EVP_DigestSignUpdate(&ctx,seed1,seed1_len))
                        goto err;
@@ -238,6 +236,7 @@ err:
        EVP_PKEY_free(mac_key);
        EVP_MD_CTX_cleanup(&ctx);
        EVP_MD_CTX_cleanup(&ctx_tmp);
+       EVP_MD_CTX_cleanup(&ctx_init);
        OPENSSL_cleanse(A1,sizeof(A1));
        return ret;
        }
@@ -1010,7 +1009,8 @@ int tls1_mac(SSL *ssl, unsigned char *md, int send)
                }
                else
                {
-                       EVP_MD_CTX_copy(&hmac,hash);
+                       if (!EVP_MD_CTX_copy(&hmac,hash))
+                               return -1;
                        mac_ctx = &hmac;
                }
 
@@ -1067,14 +1067,10 @@ int tls1_mac(SSL *ssl, unsigned char *md, int send)
        if (!stream_mac)
                EVP_MD_CTX_cleanup(&hmac);
 #ifdef TLS_DEBUG
-printf("sec=");
-{unsigned int z; for (z=0; z<md_size; z++) printf("%02X ",mac_sec[z]); printf("\n"); }
 printf("seq=");
 {int z; for (z=0; z<8; z++) printf("%02X ",seq[z]); printf("\n"); }
-printf("buf=");
-{int z; for (z=0; z<5; z++) printf("%02X ",buf[z]); printf("\n"); }
 printf("rec=");
-{unsigned int z; for (z=0; z<rec->length; z++) printf("%02X ",buf[z]); printf("\n"); }
+{unsigned int z; for (z=0; z<rec->length; z++) printf("%02X ",rec->data[z]); printf("\n"); }
 #endif
 
        if (!SSL_IS_DTLS(ssl))
@@ -1222,7 +1218,7 @@ int tls1_export_keying_material(SSL *s, unsigned char *out, size_t olen,
        if (memcmp(val, TLS_MD_KEY_EXPANSION_CONST,
                 TLS_MD_KEY_EXPANSION_CONST_SIZE) == 0) goto err1;
 
-       rv = tls1_PRF(s->s3->tmp.new_cipher->algorithm2,
+       rv = tls1_PRF(ssl_get_algorithm2(s),
                      val, vallen,
                      NULL, 0,
                      NULL, 0,