Use single master secret generation function.
authorDr. Stephen Henson <steve@openssl.org>
Wed, 17 Jun 2015 03:10:04 +0000 (04:10 +0100)
committerDr. Stephen Henson <steve@openssl.org>
Mon, 29 Jun 2015 10:47:59 +0000 (11:47 +0100)
Reviewed-by: Matt Caswell <matt@openssl.org>
include/openssl/ssl.h
ssl/s3_clnt.c
ssl/s3_lib.c
ssl/s3_srvr.c
ssl/ssl_locl.h
ssl/tls_srp.c

index cd932e5..3027617 100644 (file)
@@ -636,9 +636,7 @@ __owur int SSL_CTX_SRP_CTX_init(SSL_CTX *ctx);
 int SSL_SRP_CTX_free(SSL *ctx);
 int SSL_CTX_SRP_CTX_free(SSL_CTX *ctx);
 __owur int SSL_srp_server_param_with_username(SSL *s, int *ad);
-__owur int SRP_generate_server_master_secret(SSL *s, unsigned char *master_key);
 __owur int SRP_Calc_A_param(SSL *s);
-__owur int SRP_generate_client_master_secret(SSL *s, unsigned char *master_key);
 
 # endif
 
index f912f2c..1a925a7 100644 (file)
@@ -2891,13 +2891,10 @@ int ssl3_send_client_key_exchange(SSL *s)
     if (s->s3->tmp.new_cipher->algorithm_mkey & SSL_kSRP) {
         /*
          * If everything written generate master key: no need to save PMS as
-         * SRP_generate_client_master_secret generates it internally.
+         * srp_generate_client_master_secret generates it internally.
          */
         if (n > 0) {
-            if ((s->session->master_key_length =
-                 SRP_generate_client_master_secret(s,
-                                                   s->session->master_key)) <
-                0) {
+            if (!srp_generate_client_master_secret(s)) {
                 SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
                        ERR_R_INTERNAL_ERROR);
                 goto err;
@@ -2920,14 +2917,7 @@ int ssl3_send_client_key_exchange(SSL *s)
             SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
             goto err;
         }
-        s->session->master_key_length =
-            s->method->ssl3_enc->generate_master_secret(s,
-                                                        s->
-                                                        session->master_key,
-                                                        pms, pmslen);
-        OPENSSL_clear_free(pms, pmslen);
-        s->s3->tmp.pms = NULL;
-        if (s->session->master_key_length < 0) {
+        if (!ssl_generate_master_secret(s, pms, pmslen, 1)) {
             ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
             SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
             goto err;
index 0550471..54c902d 100644 (file)
@@ -4291,3 +4291,18 @@ int ssl_fill_hello_random(SSL *s, int server, unsigned char *result, int len)
     } else
         return RAND_bytes(result, len);
 }
+
+int ssl_generate_master_secret(SSL *s, unsigned char *pms, size_t pmslen,
+                               int free_pms)
+{
+    s->session->master_key_length =
+        s->method->ssl3_enc->generate_master_secret(s, s->session->master_key,
+                                                    pms, pmslen);
+    if (free_pms)
+        OPENSSL_clear_free(pms, pmslen);
+    else
+        OPENSSL_cleanse(pms, pmslen);
+    if (s->server == 0)
+        s->s3->tmp.pms = NULL;
+    return s->session->master_key_length >= 0;
+}
index 203e894..cbe80eb 100644 (file)
@@ -2381,15 +2381,7 @@ int ssl3_get_client_key_exchange(SSL *s)
                                           rand_premaster_secret[j]);
         }
 
-        s->session->master_key_length =
-            s->method->ssl3_enc->generate_master_secret(s,
-                                                        s->
-                                                        session->master_key,
-                                                        p,
-                                                        sizeof
-                                                        (rand_premaster_secret));
-        OPENSSL_cleanse(p, sizeof(rand_premaster_secret));
-        if (s->session->master_key_length < 0) {
+        if (!ssl_generate_master_secret(s, p, sizeof(rand_premaster_secret), 0)) {
             al = SSL_AD_INTERNAL_ERROR;
             SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
             goto f_err;
@@ -2480,13 +2472,7 @@ int ssl3_get_client_key_exchange(SSL *s)
         else
             BN_clear_free(pub);
         pub = NULL;
-        s->session->master_key_length =
-            s->method->ssl3_enc->generate_master_secret(s,
-                                                        s->
-                                                        session->master_key,
-                                                        p, i);
-        OPENSSL_cleanse(p, i);
-        if (s->session->master_key_length < 0) {
+        if (!ssl_generate_master_secret(s, p, i, 0)) {
             al = SSL_AD_INTERNAL_ERROR;
             SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
             goto f_err;
@@ -2618,15 +2604,7 @@ int ssl3_get_client_key_exchange(SSL *s)
         EC_KEY_free(s->s3->tmp.ecdh);
         s->s3->tmp.ecdh = NULL;
 
-        /* Compute the master secret */
-        s->session->master_key_length =
-            s->method->ssl3_enc->generate_master_secret(s,
-                                                        s->
-                                                        session->master_key,
-                                                        p, i);
-
-        OPENSSL_cleanse(p, i);
-        if (s->session->master_key_length < 0) {
+        if (!ssl_generate_master_secret(s, p, i, 0)) {
             al = SSL_AD_INTERNAL_ERROR;
             SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
             goto f_err;
@@ -2707,22 +2685,17 @@ int ssl3_get_client_key_exchange(SSL *s)
             goto psk_err;
         }
 
-        s->session->master_key_length =
-            s->method->ssl3_enc->generate_master_secret(s,
-                                                        s->
-                                                        session->master_key,
-                                                        psk_or_pre_ms,
-                                                        pre_ms_len);
-        if (s->session->master_key_length < 0) {
+        if (!ssl_generate_master_secret(s, psk_or_pre_ms, pre_ms_len, 0)) {
             al = SSL_AD_INTERNAL_ERROR;
             SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
-            goto psk_err;
+            goto f_err;
         }
         psk_err = 0;
  psk_err:
-        OPENSSL_cleanse(psk_or_pre_ms, sizeof(psk_or_pre_ms));
-        if (psk_err != 0)
+        if (psk_err != 0) {
+            OPENSSL_cleanse(psk_or_pre_ms, sizeof(psk_or_pre_ms));
             goto f_err;
+        }
     } else
 #endif
 #ifndef OPENSSL_NO_SRP
@@ -2755,9 +2728,7 @@ int ssl3_get_client_key_exchange(SSL *s)
             goto err;
         }
 
-        if ((s->session->master_key_length =
-             SRP_generate_server_master_secret(s,
-                                               s->session->master_key)) < 0) {
+        if (!srp_generate_server_master_secret(s)) {
             SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
             goto err;
         }
@@ -2813,13 +2784,8 @@ int ssl3_get_client_key_exchange(SSL *s)
             goto gerr;
         }
         /* Generate master secret */
-        s->session->master_key_length =
-            s->method->ssl3_enc->generate_master_secret(s,
-                                                        s->
-                                                        session->master_key,
-                                                        premaster_secret, 32);
-        OPENSSL_cleanse(premaster_secret, sizeof(premaster_secret));
-        if (s->session->master_key_length < 0) {
+        if (!ssl_generate_master_secret(s, premaster_secret,
+                                        sizeof(premaster_secret), 0)) {
             al = SSL_AD_INTERNAL_ERROR;
             SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
             goto f_err;
index 8f8d997..3507d9a 100644 (file)
@@ -1890,6 +1890,8 @@ __owur STACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s);
 __owur int ssl_verify_alarm_type(long type);
 void ssl_load_ciphers(void);
 __owur int ssl_fill_hello_random(SSL *s, int server, unsigned char *field, int len);
+__owur int ssl_generate_master_secret(SSL *s, unsigned char *pms, size_t pmslen,
+                                      int free_pms);
 
 __owur const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p);
 __owur int ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p);
@@ -2159,6 +2161,8 @@ void tls_fips_digest_extra(const EVP_CIPHER_CTX *cipher_ctx,
                            EVP_MD_CTX *mac_ctx, const unsigned char *data,
                            size_t data_len, size_t orig_len);
 
+__owur int srp_generate_server_master_secret(SSL *s);
+__owur int srp_generate_client_master_secret(SSL *s);
 __owur int srp_verify_server_param(SSL *s, int *al);
 
 /* t1_ext.c */
index 6bd7845..91b88cd 100644 (file)
@@ -332,7 +332,7 @@ int SSL_set_srp_server_param(SSL *s, const BIGNUM *N, const BIGNUM *g,
     return 1;
 }
 
-int SRP_generate_server_master_secret(SSL *s, unsigned char *master_key)
+int srp_generate_server_master_secret(SSL *s)
 {
     BIGNUM *K = NULL, *u = NULL;
     int ret = -1, tmp_len = 0;
@@ -350,17 +350,15 @@ int SRP_generate_server_master_secret(SSL *s, unsigned char *master_key)
     if ((tmp = OPENSSL_malloc(tmp_len)) == NULL)
         goto err;
     BN_bn2bin(K, tmp);
-    ret = s->method->ssl3_enc->generate_master_secret(s, master_key, tmp,
-                                                      tmp_len);
+    ret = ssl_generate_master_secret(s, tmp, tmp_len, 1);
  err:
-    OPENSSL_clear_free(tmp, tmp_len);
     BN_clear_free(K);
     BN_clear_free(u);
     return ret;
 }
 
 /* client side */
-int SRP_generate_client_master_secret(SSL *s, unsigned char *master_key)
+int srp_generate_client_master_secret(SSL *s)
 {
     BIGNUM *x = NULL, *u = NULL, *K = NULL;
     int ret = -1, tmp_len = 0;
@@ -391,11 +389,8 @@ int SRP_generate_client_master_secret(SSL *s, unsigned char *master_key)
     if ((tmp = OPENSSL_malloc(tmp_len)) == NULL)
         goto err;
     BN_bn2bin(K, tmp);
-    ret =
-        s->method->ssl3_enc->generate_master_secret(s, master_key, tmp,
-                                                    tmp_len);
+    ret = ssl_generate_master_secret(s, tmp, tmp_len, 1);
  err:
-    OPENSSL_clear_free(tmp, tmp_len);
     BN_clear_free(K);
     BN_clear_free(x);
     OPENSSL_clear_free(passwd, strlen(passwd));