/*
* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2005 Nokia. All rights reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* https://www.openssl.org/source/license.html
*/
-/* ====================================================================
- * Copyright 2005 Nokia. All rights reserved.
- *
- * The portions of the attached software ("Contribution") is developed by
- * Nokia Corporation and is licensed pursuant to the OpenSSL open source
- * license.
- *
- * The Contribution, originally written by Mika Kousa and Pasi Eronen of
- * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
- * support (see RFC 4279) to OpenSSL.
- *
- * No patent licenses or other rights except those expressly stated in
- * the OpenSSL open source license shall be deemed granted or received
- * expressly, by implication, estoppel, or otherwise.
- *
- * No assurances are provided by Nokia that the Contribution does not
- * infringe the patent or other intellectual property rights of any third
- * party or that the license provides you with all the necessary rights
- * to make use of the Contribution.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
- * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
- * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
- * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
- * OTHERWISE.
- */
-
#include <stdio.h>
#include "ssl_locl.h"
#include <openssl/evp.h>
#include <openssl/md5.h>
+#include "internal/cryptlib.h"
static int ssl3_generate_key_block(SSL *s, unsigned char *km, int num)
{
EVP_MD_CTX_set_flags(m5, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
for (i = 0; (int)i < num; i += MD5_DIGEST_LENGTH) {
k++;
- if (k > sizeof buf) {
+ if (k > sizeof(buf)) {
/* bug: 'buf' is too small for this ciphersuite */
SSLerr(SSL_F_SSL3_GENERATE_KEY_BLOCK, ERR_R_INTERNAL_ERROR);
- return 0;
+ goto err;
}
for (j = 0; j < k; j++)
c = s->s3->tmp.new_sym_enc;
m = s->s3->tmp.new_hash;
/* m == NULL will lead to a crash later */
- OPENSSL_assert(m);
+ if (!ossl_assert(m != NULL)) {
+ SSLerr(SSL_F_SSL3_CHANGE_CIPHER_STATE, ERR_R_INTERNAL_ERROR);
+ goto err2;
+ }
#ifndef OPENSSL_NO_COMP
if (s->s3->tmp.new_compression == NULL)
comp = NULL;
memcpy(mac_secret, ms, i);
- EVP_CipherInit_ex(dd, c, NULL, key, iv, (which & SSL3_CC_WRITE));
-
-#ifdef OPENSSL_SSL_TRACE_CRYPTO
- if (s->msg_callback) {
-
- int wh = which & SSL3_CC_WRITE ?
- TLS1_RT_CRYPTO_WRITE : TLS1_RT_CRYPTO_READ;
- s->msg_callback(2, s->version, wh | TLS1_RT_CRYPTO_MAC,
- mac_secret, EVP_MD_size(m), s, s->msg_callback_arg);
- if (c->key_len)
- s->msg_callback(2, s->version, wh | TLS1_RT_CRYPTO_KEY,
- key, c->key_len, s, s->msg_callback_arg);
- if (k) {
- s->msg_callback(2, s->version, wh | TLS1_RT_CRYPTO_IV,
- iv, k, s, s->msg_callback_arg);
- }
- }
-#endif
+ if (!EVP_CipherInit_ex(dd, c, NULL, key, iv, (which & SSL3_CC_WRITE)))
+ goto err2;
OPENSSL_cleanse(exp_key, sizeof(exp_key));
OPENSSL_cleanse(exp_iv, sizeof(exp_iv));
if ((sender != NULL && EVP_DigestUpdate(ctx, sender, len) <= 0)
|| EVP_MD_CTX_ctrl(ctx, EVP_CTRL_SSL3_MASTER_SECRET,
- s->session->master_key_length,
+ (int)s->session->master_key_length,
s->session->master_key) <= 0
|| EVP_DigestFinal_ex(ctx, p, NULL) <= 0) {
SSLerr(SSL_F_SSL3_FINAL_FINISH_MAC, ERR_R_INTERNAL_ERROR);
EVP_MD_CTX *ctx = EVP_MD_CTX_new();
int i, ret = 1;
unsigned int n;
-#ifdef OPENSSL_SSL_TRACE_CRYPTO
- unsigned char *tmpout = out;
-#endif
size_t ret_secret_size = 0;
if (ctx == NULL) {
}
EVP_MD_CTX_free(ctx);
-#ifdef OPENSSL_SSL_TRACE_CRYPTO
- if (ret && s->msg_callback) {
- s->msg_callback(2, s->version, TLS1_RT_CRYPTO_PREMASTER,
- p, len, s, s->msg_callback_arg);
- s->msg_callback(2, s->version, TLS1_RT_CRYPTO_CLIENT_RANDOM,
- s->s3->client_random, SSL3_RANDOM_SIZE,
- s, s->msg_callback_arg);
- s->msg_callback(2, s->version, TLS1_RT_CRYPTO_SERVER_RANDOM,
- s->s3->server_random, SSL3_RANDOM_SIZE,
- s, s->msg_callback_arg);
- s->msg_callback(2, s->version, TLS1_RT_CRYPTO_MASTER,
- tmpout, SSL3_MASTER_SECRET_SIZE,
- s, s->msg_callback_arg);
- }
-#endif
OPENSSL_cleanse(buf, sizeof(buf));
if (ret)
*secret_size = ret_secret_size;
return (TLS1_AD_INAPPROPRIATE_FALLBACK);
case SSL_AD_NO_APPLICATION_PROTOCOL:
return (TLS1_AD_NO_APPLICATION_PROTOCOL);
+ case SSL_AD_CERTIFICATE_REQUIRED:
+ return SSL_AD_HANDSHAKE_FAILURE;
default:
return (-1);
}