#include <stdio.h>
#include "ssl_locl.h"
+#ifndef OPENSSL_NO_COMP
#include <openssl/comp.h>
+#endif
#include <openssl/evp.h>
#include <openssl/hmac.h>
#include <openssl/md5.h>
+#ifdef KSSL_DEBUG
+#include <openssl/des.h>
+#endif
/* seed1 through seed5 are virtually concatenated */
static void tls1_P_hash(const EVP_MD *md, const unsigned char *sec,
unsigned int A1_len;
chunk=EVP_MD_size(md);
+ OPENSSL_assert(chunk >= 0);
HMAC_CTX_init(&ctx);
HMAC_CTX_init(&ctx_tmp);
if (send)
{
if (EVP_MD_CTX_md(s->write_hash))
+ {
n=EVP_MD_CTX_size(s->write_hash);
+ OPENSSL_assert(n >= 0);
+ }
ds=s->enc_write_ctx;
rec= &(s->s3->wrec);
if (s->enc_write_ctx == NULL)
else
{
if (EVP_MD_CTX_md(s->read_hash))
+ {
n=EVP_MD_CTX_size(s->read_hash);
+ OPENSSL_assert(n >= 0);
+ }
ds=s->enc_read_ctx;
rec= &(s->s3->rrec);
if (s->enc_read_ctx == NULL)
int i;
if (s->s3->handshake_buffer)
- ssl3_digest_cached_records(s);
+ if (!ssl3_digest_cached_records(s))
+ return 0;
+
for (i=0;i<SSL_MAX_DIGEST;i++)
{
if (s->s3->handshake_dgst[i]&&EVP_MD_CTX_type(s->s3->handshake_dgst[i])==md_nid)
q=buf;
- EVP_MD_CTX_init(&ctx);
-
if (s->s3->handshake_buffer)
- ssl3_digest_cached_records(s);
+ if (!ssl3_digest_cached_records(s))
+ return 0;
+
+ EVP_MD_CTX_init(&ctx);
for (idx=0;ssl_get_handshake_digest(idx,&mask,&md);idx++)
{
if (mask & s->s3->tmp.new_cipher->algorithm2)
{
int hashsize = EVP_MD_size(md);
- if ((size_t)hashsize > (sizeof buf - (size_t)(q-buf)))
+ if (hashsize < 0 || hashsize > (int)(sizeof buf - (size_t)(q-buf)))
{
/* internal error: 'buf' is too small for this cipersuite! */
err = 1;
{
EVP_MD_CTX_copy_ex(&ctx,s->s3->handshake_dgst[idx]);
EVP_DigestFinal_ex(&ctx,q,&i);
- if (i != hashsize) /* can't really happen */
+ if (i != (unsigned int)hashsize) /* can't really happen */
err = 1;
q+=i;
}
EVP_MD_CTX hmac, *mac_ctx;
unsigned char buf[5];
int stream_mac = (send?(ssl->mac_flags & SSL_MAC_FLAG_WRITE_MAC_STREAM):(ssl->mac_flags&SSL_MAC_FLAG_READ_MAC_STREAM));
+ int t;
+
if (send)
{
rec= &(ssl->s3->wrec);
hash=ssl->read_hash;
}
- md_size=EVP_MD_CTX_size(hash);
+ t=EVP_MD_CTX_size(hash);
+ OPENSSL_assert(t >= 0);
+ md_size=t;
buf[0]=rec->type;
- buf[1]=TLS1_VERSION_MAJOR;
- buf[2]=TLS1_VERSION_MINOR;
+ buf[1]=(unsigned char)(ssl->version>>8);
+ buf[2]=(unsigned char)(ssl->version);
buf[3]=rec->length>>8;
buf[4]=rec->length&0xff;
{
EVP_MD_CTX_copy(&hmac,hash);
mac_ctx = &hmac;
- }
- EVP_DigestSignUpdate(mac_ctx,seq,8);
+ }
+
+ if (ssl->version == DTLS1_VERSION || ssl->version == DTLS1_BAD_VER)
+ {
+ unsigned char dtlsseq[8],*p=dtlsseq;
+
+ s2n(send?ssl->d1->w_epoch:ssl->d1->r_epoch, p);
+ memcpy (p,&seq[2],6);
+
+ EVP_DigestSignUpdate(mac_ctx,dtlsseq,8);
+ }
+ else
+ EVP_DigestSignUpdate(mac_ctx,seq,8);
+
EVP_DigestSignUpdate(mac_ctx,buf,5);
EVP_DigestSignUpdate(mac_ctx,rec->input,rec->length);
- if (stream_mac) EVP_MD_CTX_copy(&hmac,hash);
- EVP_DigestSignFinal(&hmac,md,&md_size);
- EVP_MD_CTX_cleanup(&hmac);
+ t=EVP_DigestSignFinal(mac_ctx,md,&md_size);
+ OPENSSL_assert(t > 0);
+
+ if (!stream_mac) EVP_MD_CTX_cleanup(&hmac);
#ifdef TLS_DEBUG
printf("sec=");
{unsigned int z; for (z=0; z<md_size; z++) printf("%02X ",mac_sec[z]); printf("\n"); }
{unsigned int z; for (z=0; z<rec->length; z++) printf("%02X ",buf[z]); printf("\n"); }
#endif
- if ( SSL_version(ssl) != DTLS1_VERSION)
- {
+ if (ssl->version != DTLS1_VERSION && ssl->version != DTLS1_BAD_VER)
+ {
for (i=7; i>=0; i--)
{
++seq[i];
{
unsigned char buff[SSL_MAX_MASTER_KEY_LENGTH];
const void *co = NULL, *so = NULL;
- int col = 0, sol = NULL;
+ int col = 0, sol = 0;
#ifdef KSSL_DEBUG
printf ("tls1_generate_master_secret(%p,%p, %p, %d)\n", s,out, p,len);