PKCS#8 support for alternative PRFs.
[openssl.git] / ssl / s3_enc.c
index 196f073..f1b2641 100644 (file)
@@ -418,7 +418,7 @@ int ssl3_setup_key_block(SSL *s)
        if (s->s3->tmp.key_block_length != 0)
                return(1);
 
-       if (!ssl_cipher_get_evp(s->session,&c,&hash,NULL,NULL,&comp))
+       if (!ssl_cipher_get_evp(s->session,&c,&hash,NULL,NULL,&comp, 0))
                {
                SSLerr(SSL_F_SSL3_SETUP_KEY_BLOCK,SSL_R_CIPHER_OR_HASH_UNAVAILABLE);
                return(0);
@@ -494,7 +494,7 @@ void ssl3_cleanup_key_block(SSL *s)
  *       short etc).
  *   1: if the record's padding is valid / the encryption was successful.
  *   -1: if the record's padding is invalid or, if sending, an internal error
- *       occured.
+ *       occurred.
  */
 int ssl3_enc(SSL *s, int send)
        {
@@ -730,7 +730,7 @@ int n_ssl3_mac(SSL *ssl, unsigned char *md, int send)
        EVP_MD_CTX md_ctx;
        const EVP_MD_CTX *hash;
        unsigned char *p,rec_char;
-       size_t md_size, orig_len;
+       size_t md_size;
        int npad;
        int t;
 
@@ -755,10 +755,6 @@ int n_ssl3_mac(SSL *ssl, unsigned char *md, int send)
        md_size=t;
        npad=(48/md_size)*md_size;
 
-       /* kludge: ssl3_cbc_remove_padding passes padding length in rec->type */
-       orig_len = rec->length+md_size+((unsigned int)rec->type>>8);
-       rec->type &= 0xff;
-
        if (!send &&
            EVP_CIPHER_CTX_mode(ssl->enc_read_ctx) == EVP_CIPH_CBC_MODE &&
            ssl3_cbc_record_digest_supported(hash))
@@ -790,7 +786,7 @@ int n_ssl3_mac(SSL *ssl, unsigned char *md, int send)
                        hash,
                        md, &md_size,
                        header, rec->input,
-                       rec->length + md_size, orig_len,
+                       rec->length + md_size, rec->orig_len,
                        mac_sec, md_size,
                        1 /* is SSLv3 */);
                }