#include <openssl/evp.h>
#include <openssl/hmac.h>
#include "ssl_locl.h"
+#include <openssl/md5.h>
static void tls1_P_hash(const EVP_MD *md, const unsigned char *sec,
int sec_len, unsigned char *seed, int seed_len,
chunk=EVP_MD_size(md);
+ HMAC_CTX_init(&ctx);
+ HMAC_CTX_init(&ctx_tmp);
HMAC_Init(&ctx,sec,sec_len,md);
HMAC_Init(&ctx_tmp,sec,sec_len,md);
HMAC_Update(&ctx,seed,seed_len);
break;
}
}
- HMAC_cleanup(&ctx);
- HMAC_cleanup(&ctx_tmp);
+ HMAC_CTX_cleanup(&ctx);
+ HMAC_CTX_cleanup(&ctx_tmp);
memset(A1,0,sizeof(A1));
}
#ifdef KSSL_DEBUG
{
- unsigned long i;
+ unsigned long ui;
printf("EVP_Cipher(ds=%p,rec->data=%p,rec->input=%p,l=%ld) ==>\n",
ds,rec->data,rec->input,l);
printf("\tEVP_CIPHER_CTX: %d buf_len, %d key_len [%d %d], %d iv_len\n",
for (i=0; i<ds->cipher->iv_len; i++) printf("%02X", ds->iv[i]);
printf("\n");
printf("\trec->input=");
- for (i=0; i<l; i++) printf(" %02x", rec->input[i]);
+ for (ui=0; ui<l; ui++) printf(" %02x", rec->input[ui]);
printf("\n");
}
#endif /* KSSL_DEBUG */
if (l == 0 || l%bs != 0)
{
SSLerr(SSL_F_TLS1_ENC,SSL_R_BLOCK_CIPHER_PAD_IS_WRONG);
- ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECRYPT_ERROR);
- return(0);
+ ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECRYPTION_FAILED);
+ return 0;
}
}
* All of them must have value 'padding_length'. */
if (i > (int)rec->length)
{
- SSLerr(SSL_F_TLS1_ENC,SSL_R_BLOCK_CIPHER_PAD_IS_WRONG);
- ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECRYPTION_FAILED);
- return(0);
+ /* Incorrect padding. SSLerr() and ssl3_alert are done
+ * by caller: we don't want to reveal whether this is
+ * a decryption error or a MAC verification failure
+ * (see http://www.openssl.org/~bodo/tls-cbc.txt) */
+ return -1;
}
for (j=(int)(l-i); j<(int)l; j++)
{
if (rec->data[j] != ii)
{
- SSLerr(SSL_F_TLS1_ENC,SSL_R_DECRYPTION_FAILED);
- ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECRYPTION_FAILED);
- return(0);
+ /* Incorrect padding */
+ return -1;
}
}
rec->length-=i;
unsigned int ret;
EVP_MD_CTX ctx;
+ EVP_MD_CTX_init(&ctx);
EVP_MD_CTX_copy(&ctx,in_ctx);
EVP_DigestFinal(&ctx,out,&ret);
+ EVP_MD_CTX_cleanup(&ctx);
return((int)ret);
}
memcpy(q,str,slen);
q+=slen;
+ EVP_MD_CTX_init(&ctx);
EVP_MD_CTX_copy(&ctx,in1_ctx);
EVP_DigestFinal(&ctx,q,&i);
q+=i;
tls1_PRF(s->ctx->md5,s->ctx->sha1,buf,(int)(q-buf),
s->session->master_key,s->session->master_key_length,
out,buf2,12);
- memset(&ctx,0,sizeof(EVP_MD_CTX));
+ EVP_MD_CTX_cleanup(&ctx);
return((int)12);
}
buf[4]=rec->length&0xff;
/* I should fix this up TLS TLS TLS TLS TLS XXXXXXXX */
+ HMAC_CTX_init(&hmac);
HMAC_Init(&hmac,mac_sec,EVP_MD_size(hash),hash);
HMAC_Update(&hmac,seq,8);
HMAC_Update(&hmac,buf,5);
HMAC_Update(&hmac,rec->input,rec->length);
HMAC_Final(&hmac,md,&md_size);
- HMAC_cleanup(&hmac);
+ HMAC_CTX_cleanup(&hmac);
#ifdef TLS_DEBUG
printf("sec=");