s->s3->tmp.key_block_length=0;
}
+/* ssl3_enc encrypts/decrypts the record in |s->wrec| / |s->rrec|, respectively.
+ *
+ * Returns:
+ * 0: (in non-constant time) if the record is publically invalid (i.e. too
+ * short etc).
+ * 1: if the record's padding is valid / the encryption was successful.
+ * -1: if the record's padding is invalid or, if sending, an internal error
+ * occured.
+ */
int ssl3_enc(SSL *s, int send)
{
SSL3_RECORD *rec;
if (!send)
{
if (l == 0 || l%bs != 0)
- {
- SSLerr(SSL_F_SSL3_ENC,SSL_R_BLOCK_CIPHER_PAD_IS_WRONG);
- ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECRYPTION_FAILED);
return 0;
- }
/* otherwise, rec->length >= bs */
}
EVP_Cipher(ds,rec->data,rec->input,l);
- rec->orig_len = rec->length;
-
if (EVP_MD_CTX_md(s->read_hash) != NULL)
mac_size = EVP_MD_CTX_size(s->read_hash);
if ((bs != 1) && !send)
int ssl3_final_finish_mac(SSL *s,
const char *sender, int len, unsigned char *p)
{
- int ret;
+ int ret, sha1len;
ret=ssl3_handshake_mac(s,NID_md5,sender,len,p);
+ if(ret == 0)
+ return 0;
+
p+=ret;
- ret+=ssl3_handshake_mac(s,NID_sha1,sender,len,p);
+
+ sha1len=ssl3_handshake_mac(s,NID_sha1,sender,len,p);
+ if(sha1len == 0)
+ return 0;
+
+ ret+=sha1len;
return(ret);
}
static int ssl3_handshake_mac(SSL *s, int md_nid,
EVP_MD_CTX md_ctx;
const EVP_MD_CTX *hash;
unsigned char *p,rec_char;
- size_t md_size;
+ size_t md_size, orig_len;
int npad;
int t;
md_size=t;
npad=(48/md_size)*md_size;
+ /* kludge: ssl3_cbc_remove_padding passes padding length in rec->type */
+ orig_len = rec->length+md_size+((unsigned int)rec->type>>8);
+ rec->type &= 0xff;
+
if (!send &&
EVP_CIPHER_CTX_mode(ssl->enc_read_ctx) == EVP_CIPH_CBC_MODE &&
ssl3_cbc_record_digest_supported(hash))
hash,
md, &md_size,
header, rec->input,
- rec->length + md_size, rec->orig_len,
+ rec->length + md_size, orig_len,
mac_sec, md_size,
1 /* is SSLv3 */);
}
projects / openssl.git / blobdiff