EVP_MD_CTX_set_flags(m5, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
for (i = 0; (int)i < num; i += MD5_DIGEST_LENGTH) {
k++;
- if (k > sizeof buf) {
+ if (k > sizeof(buf)) {
/* bug: 'buf' is too small for this ciphersuite */
SSLerr(SSL_F_SSL3_GENERATE_KEY_BLOCK, ERR_R_INTERNAL_ERROR);
- return 0;
+ goto err;
}
for (j = 0; j < k; j++)
buf[j] = c;
c++;
- EVP_DigestInit_ex(s1, EVP_sha1(), NULL);
- EVP_DigestUpdate(s1, buf, k);
- EVP_DigestUpdate(s1, s->session->master_key,
- s->session->master_key_length);
- EVP_DigestUpdate(s1, s->s3->server_random, SSL3_RANDOM_SIZE);
- EVP_DigestUpdate(s1, s->s3->client_random, SSL3_RANDOM_SIZE);
- EVP_DigestFinal_ex(s1, smd, NULL);
-
- EVP_DigestInit_ex(m5, EVP_md5(), NULL);
- EVP_DigestUpdate(m5, s->session->master_key,
- s->session->master_key_length);
- EVP_DigestUpdate(m5, smd, SHA_DIGEST_LENGTH);
+ if (!EVP_DigestInit_ex(s1, EVP_sha1(), NULL)
+ || !EVP_DigestUpdate(s1, buf, k)
+ || !EVP_DigestUpdate(s1, s->session->master_key,
+ s->session->master_key_length)
+ || !EVP_DigestUpdate(s1, s->s3->server_random, SSL3_RANDOM_SIZE)
+ || !EVP_DigestUpdate(s1, s->s3->client_random, SSL3_RANDOM_SIZE)
+ || !EVP_DigestFinal_ex(s1, smd, NULL)
+ || !EVP_DigestInit_ex(m5, EVP_md5(), NULL)
+ || !EVP_DigestUpdate(m5, s->session->master_key,
+ s->session->master_key_length)
+ || !EVP_DigestUpdate(m5, smd, SHA_DIGEST_LENGTH))
+ goto err;
if ((int)(i + MD5_DIGEST_LENGTH) > num) {
- EVP_DigestFinal_ex(m5, smd, NULL);
+ if (!EVP_DigestFinal_ex(m5, smd, NULL))
+ goto err;
memcpy(km, smd, (num - i));
- } else
- EVP_DigestFinal_ex(m5, km, NULL);
+ } else {
+ if (!EVP_DigestFinal_ex(m5, km, NULL))
+ goto err;
+ }
km += MD5_DIGEST_LENGTH;
}
dd = s->enc_read_ctx;
if (ssl_replace_hash(&s->read_hash, m) == NULL) {
- SSLerr(SSL_F_SSL3_CHANGE_CIPHER_STATE, ERR_R_INTERNAL_ERROR);
- goto err2;
+ SSLerr(SSL_F_SSL3_CHANGE_CIPHER_STATE, ERR_R_INTERNAL_ERROR);
+ goto err2;
}
#ifndef OPENSSL_NO_COMP
/* COMPRESS */
EVP_CIPHER_CTX_reset(s->enc_write_ctx);
dd = s->enc_write_ctx;
if (ssl_replace_hash(&s->write_hash, m) == NULL) {
- SSLerr(SSL_F_SSL3_CHANGE_CIPHER_STATE, ERR_R_INTERNAL_ERROR);
- goto err2;
+ SSLerr(SSL_F_SSL3_CHANGE_CIPHER_STATE, ERR_R_INTERNAL_ERROR);
+ goto err2;
}
#ifndef OPENSSL_NO_COMP
/* COMPRESS */
memcpy(mac_secret, ms, i);
- EVP_CipherInit_ex(dd, c, NULL, key, iv, (which & SSL3_CC_WRITE));
+ if (!EVP_CipherInit_ex(dd, c, NULL, key, iv, (which & SSL3_CC_WRITE)))
+ goto err2;
#ifdef OPENSSL_SSL_TRACE_CRYPTO
if (s->msg_callback) {
s->s3->handshake_dgst = NULL;
}
-void ssl3_finish_mac(SSL *s, const unsigned char *buf, int len)
+int ssl3_finish_mac(SSL *s, const unsigned char *buf, int len)
{
if (s->s3->handshake_dgst == NULL)
- BIO_write(s->s3->handshake_buffer, (void *)buf, len);
+ /* Note: this writes to a memory BIO so a failure is a fatal error */
+ return BIO_write(s->s3->handshake_buffer, (void *)buf, len) == len;
else
- EVP_DigestUpdate(s->s3->handshake_dgst, buf, len);
+ return EVP_DigestUpdate(s->s3->handshake_dgst, buf, len);
}
int ssl3_digest_cached_records(SSL *s, int keep)
if (s->s3->handshake_dgst == NULL) {
hdatalen = BIO_get_mem_data(s->s3->handshake_buffer, &hdata);
if (hdatalen <= 0) {
- SSLerr(SSL_F_SSL3_DIGEST_CACHED_RECORDS, SSL_R_BAD_HANDSHAKE_LENGTH);
+ SSLerr(SSL_F_SSL3_DIGEST_CACHED_RECORDS,
+ SSL_R_BAD_HANDSHAKE_LENGTH);
return 0;
}
}
md = ssl_handshake_md(s);
- if ( md == NULL
- || !EVP_DigestInit_ex(s->s3->handshake_dgst, md, NULL)
- || !EVP_DigestUpdate(s->s3->handshake_dgst, hdata, hdatalen))
- {
+ if (md == NULL || !EVP_DigestInit_ex(s->s3->handshake_dgst, md, NULL)
+ || !EVP_DigestUpdate(s->s3->handshake_dgst, hdata, hdatalen)) {
SSLerr(SSL_F_SSL3_DIGEST_CACHED_RECORDS, ERR_R_INTERNAL_ERROR);
return 0;
}
}
if ((sender != NULL && EVP_DigestUpdate(ctx, sender, len) <= 0)
- || EVP_MD_CTX_ctrl(ctx, EVP_CTRL_SSL3_MASTER_SECRET,
- s->session->master_key_length,
- s->session->master_key) <= 0
- || EVP_DigestFinal_ex(ctx, p, NULL) <= 0) {
+ || EVP_MD_CTX_ctrl(ctx, EVP_CTRL_SSL3_MASTER_SECRET,
+ s->session->master_key_length,
+ s->session->master_key) <= 0
+ || EVP_DigestFinal_ex(ctx, p, NULL) <= 0) {
SSLerr(SSL_F_SSL3_FINAL_FINISH_MAC, ERR_R_INTERNAL_ERROR);
ret = 0;
}
}
for (i = 0; i < 3; i++) {
if (EVP_DigestInit_ex(ctx, s->ctx->sha1, NULL) <= 0
- || EVP_DigestUpdate(ctx, salt[i],
- strlen((const char *)salt[i])) <= 0
- || EVP_DigestUpdate(ctx, p, len) <= 0
- || EVP_DigestUpdate(ctx, &(s->s3->client_random[0]),
- SSL3_RANDOM_SIZE) <= 0
- || EVP_DigestUpdate(ctx, &(s->s3->server_random[0]),
- SSL3_RANDOM_SIZE) <= 0
- || EVP_DigestFinal_ex(ctx, buf, &n) <= 0
-
- || EVP_DigestInit_ex(ctx, s->ctx->md5, NULL) <= 0
- || EVP_DigestUpdate(ctx, p, len) <= 0
- || EVP_DigestUpdate(ctx, buf, n) <= 0
- || EVP_DigestFinal_ex(ctx, out, &n) <= 0) {
+ || EVP_DigestUpdate(ctx, salt[i],
+ strlen((const char *)salt[i])) <= 0
+ || EVP_DigestUpdate(ctx, p, len) <= 0
+ || EVP_DigestUpdate(ctx, &(s->s3->client_random[0]),
+ SSL3_RANDOM_SIZE) <= 0
+ || EVP_DigestUpdate(ctx, &(s->s3->server_random[0]),
+ SSL3_RANDOM_SIZE) <= 0
+ || EVP_DigestFinal_ex(ctx, buf, &n) <= 0
+ || EVP_DigestInit_ex(ctx, s->ctx->md5, NULL) <= 0
+ || EVP_DigestUpdate(ctx, p, len) <= 0
+ || EVP_DigestUpdate(ctx, buf, n) <= 0
+ || EVP_DigestFinal_ex(ctx, out, &n) <= 0) {
SSLerr(SSL_F_SSL3_GENERATE_MASTER_SECRET, ERR_R_INTERNAL_ERROR);
ret = 0;
break;