X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=ssl%2Fstatem%2Fstatem_lib.c;h=31736c0663fb09461de5bf8c2c1da1268b907ca2;hp=e4c8c668af86f17ba0c7ff1cdbf20438e1dc134c;hb=52fd27f9784c9648af55b507d03d0d9e3a368855;hpb=07afa3d8809f312e79340fcca117abccb61c8e8f diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c index e4c8c668af..31736c0663 100644 --- a/ssl/statem/statem_lib.c +++ b/ssl/statem/statem_lib.c @@ -221,9 +221,8 @@ int tls_construct_cert_verify(SSL *s, WPACKET *pkt) goto err; } pkey = s->s3->tmp.cert->privatekey; - md = ssl_md(lu->hash_idx); - if (pkey == NULL || md == NULL) { + if (pkey == NULL || !tls1_lookup_md(lu, &md)) { SSLerr(SSL_F_TLS_CONSTRUCT_CERT_VERIFY, ERR_R_INTERNAL_ERROR); goto err; } @@ -369,7 +368,11 @@ MSG_PROCESS_RETURN tls_process_cert_verify(SSL *s, PACKET *pkt) goto f_err; } - md = ssl_md(s->s3->tmp.peer_sigalg->hash_idx); + if (!tls1_lookup_md(s->s3->tmp.peer_sigalg, &md)) { + SSLerr(SSL_F_TLS_PROCESS_CERT_VERIFY, ERR_R_INTERNAL_ERROR); + al = SSL_AD_INTERNAL_ERROR; + goto f_err; + } /* Check for broken implementations of GOST ciphersuites */ /* @@ -456,10 +459,7 @@ MSG_PROCESS_RETURN tls_process_cert_verify(SSL *s, PACKET *pkt) } } else { j = EVP_DigestVerify(mctx, data, len, hdata, hdatalen); - if (j < 0) { - SSLerr(SSL_F_TLS_PROCESS_CERT_VERIFY, ERR_R_EVP_LIB); - goto f_err; - } else if (j == 0) { + if (j <= 0) { al = SSL_AD_DECRYPT_ERROR; SSLerr(SSL_F_TLS_PROCESS_CERT_VERIFY, SSL_R_BAD_SIGNATURE); goto f_err; @@ -501,7 +501,12 @@ int tls_construct_finished(SSL *s, WPACKET *pkt) && (!s->method->ssl3_enc->change_cipher_state(s, SSL3_CC_HANDSHAKE | SSL3_CHANGE_CIPHER_CLIENT_WRITE))) { SSLerr(SSL_F_TLS_CONSTRUCT_FINISHED, SSL_R_CANNOT_CHANGE_CIPHER); - goto err; + /* + * This is a fatal error, which leaves + * enc_write_ctx in an inconsistent state + * and thus ssl3_send_alert may crash. + */ + return 0; } if (s->server) { @@ -1233,35 +1238,6 @@ int tls_get_message_body(SSL *s, size_t *len) return 1; } -int ssl_cert_type(const X509 *x, const EVP_PKEY *pk) -{ - if (pk == NULL && (pk = X509_get0_pubkey(x)) == NULL) - return -1; - - switch (EVP_PKEY_id(pk)) { - default: - return -1; - case EVP_PKEY_RSA: - return SSL_PKEY_RSA; - case EVP_PKEY_DSA: - return SSL_PKEY_DSA_SIGN; -#ifndef OPENSSL_NO_EC - case EVP_PKEY_EC: - return SSL_PKEY_ECC; - case NID_ED25519: - return SSL_PKEY_ED25519; -#endif -#ifndef OPENSSL_NO_GOST - case NID_id_GostR3410_2001: - return SSL_PKEY_GOST01; - case NID_id_GostR3410_2012_256: - return SSL_PKEY_GOST12_256; - case NID_id_GostR3410_2012_512: - return SSL_PKEY_GOST12_512; -#endif - } -} - int ssl_verify_alarm_type(long type) { int al; @@ -2129,3 +2105,21 @@ int construct_ca_names(SSL *s, WPACKET *pkt) return 1; } + +/* Create a buffer containing data to be signed for server key exchange */ +size_t construct_key_exchange_tbs(const SSL *s, unsigned char **ptbs, + const void *param, size_t paramlen) +{ + size_t tbslen = 2 * SSL3_RANDOM_SIZE + paramlen; + unsigned char *tbs = OPENSSL_malloc(tbslen); + + if (tbs == NULL) + return 0; + memcpy(tbs, s->s3->client_random, SSL3_RANDOM_SIZE); + memcpy(tbs + SSL3_RANDOM_SIZE, s->s3->server_random, SSL3_RANDOM_SIZE); + + memcpy(tbs + SSL3_RANDOM_SIZE * 2, param, paramlen); + + *ptbs = tbs; + return tbslen; +}