EVP_add_cipher_alias(SN_aes_256_cbc,"AES256");
EVP_add_cipher_alias(SN_aes_256_cbc,"aes256");
#endif
-#endif
#ifndef OPENSSL_NO_CAMELLIA
EVP_add_cipher(EVP_camellia_128_ecb());
if (send)
{
- if (EVP_MD_CTX_md(s->write_hash))
+ if (s->write_hash)
{
- mac_size=EVP_MD_CTX_size(s->write_hash);
+ mac_size=EVP_MD_size(s->write_hash);
if (mac_size < 0)
return -1;
}
}
else
{
- if (EVP_MD_CTX_md(s->read_hash))
+ if (s->read_hash)
{
- mac_size=EVP_MD_CTX_size(s->read_hash);
+ mac_size=EVP_MD_size(s->read_hash);
if (mac_size < 0)
return -1;
}
unsigned char md[EVP_MAX_MD_SIZE];
int decryption_failed_or_bad_record_mac = 0;
unsigned char *mac = NULL;
+ int i;
rr= &(s->s3->rrec);
unsigned mac_size)
{
unsigned padding_length, good, to_check, i;
- const char has_explicit_iv =
- s->version >= TLS1_1_VERSION || s->version == DTLS1_VERSION;
+ const char has_explicit_iv = s->version == DTLS1_VERSION;
const unsigned overhead = 1 /* padding length byte */ +
mac_size +
(has_explicit_iv ? block_size : 0);
/* ssl3_cbc_record_digest_supported returns 1 iff |ctx| uses a hash function
* which ssl3_cbc_digest_record supports. */
-char ssl3_cbc_record_digest_supported(const EVP_MD_CTX *ctx)
+char ssl3_cbc_record_digest_supported(const EVP_MD *digest)
{
- switch (ctx->digest->type)
+ switch (digest->type)
{
case NID_md5:
case NID_sha1:
* a padding byte and MAC. (If the padding was invalid, it might contain the
* padding too. ) */
void ssl3_cbc_digest_record(
- const EVP_MD_CTX *ctx,
+ const EVP_MD *digest,
unsigned char* md_out,
size_t* md_out_size,
const unsigned char header[13],
* many possible overflows later in this function. */
OPENSSL_assert(data_plus_mac_plus_padding_size < 1024*1024);
- switch (ctx->digest->type)
+ switch (digest->type)
{
case NID_md5:
MD5_Init((MD5_CTX*)md_state);
}
EVP_MD_CTX_init(&md_ctx);
- EVP_DigestInit_ex(&md_ctx, ctx->digest, NULL /* engine */);
+ EVP_DigestInit_ex(&md_ctx, digest, NULL /* engine */);
if (is_sslv3)
{
/* We repurpose |hmac_pad| to contain the SSLv3 pad2 block. */
rec->orig_len = rec->length;
- if (EVP_MD_CTX_md(s->read_hash) != NULL)
- mac_size = EVP_MD_CTX_size(s->read_hash);
+ if (s->read_hash != NULL)
+ mac_size = EVP_MD_size(s->read_hash);
if ((bs != 1) && !send)
return ssl3_cbc_remove_padding(s, rec, bs, mac_size);
}
/* Chop the digest off the end :-) */
EVP_MD_CTX_init(&md_ctx);
- EVP_MD_CTX_copy_ex( &md_ctx,hash);
+ EVP_DigestInit_ex( &md_ctx,hash, NULL);
EVP_DigestUpdate(&md_ctx,mac_sec,md_size);
EVP_DigestUpdate(&md_ctx,ssl3_pad_1,npad);
EVP_DigestUpdate(&md_ctx,seq,8);
EVP_DigestUpdate(&md_ctx,rec->input,rec->length);
EVP_DigestFinal_ex( &md_ctx,md,NULL);
- EVP_MD_CTX_copy_ex( &md_ctx,hash);
+ EVP_DigestInit_ex( &md_ctx,hash, NULL);
EVP_DigestUpdate(&md_ctx,mac_sec,md_size);
EVP_DigestUpdate(&md_ctx,ssl3_pad_2,npad);
EVP_DigestUpdate(&md_ctx,md,md_size);
/* !clear => s->read_hash != NULL => mac_size != -1 */
unsigned char *mac = NULL;
unsigned char mac_tmp[EVP_MAX_MD_SIZE];
- mac_size=EVP_MD_CTX_size(s->read_hash);
+ mac_size=EVP_MD_size(s->read_hash);
OPENSSL_assert(mac_size <= EVP_MAX_MD_SIZE);
/* orig_len is the length of the record before any padding was
SSL3_RECORD *rec,
unsigned block_size,
unsigned mac_size);
-char ssl3_cbc_record_digest_supported(const EVP_MD_CTX *ctx);
+char ssl3_cbc_record_digest_supported(const EVP_MD *hash);
void ssl3_cbc_digest_record(
- const EVP_MD_CTX *ctx,
+ const EVP_MD *hash,
unsigned char* md_out,
size_t* md_out_size,
const unsigned char header[13],
rec->orig_len = rec->length;
ret = 1;
- if (EVP_MD_CTX_md(s->read_hash) != NULL)
- mac_size = EVP_MD_CTX_size(s->read_hash);
+ if (s->read_hash != NULL)
+ mac_size = EVP_MD_size(s->read_hash);
if ((bs != 1) && !send)
ret = tls1_cbc_remove_padding(s, rec, bs, mac_size);
if (pad && !send)
SSL3_RECORD *rec;
unsigned char *mac_sec,*seq;
const EVP_MD *hash;
- unsigned int md_size;
+ size_t md_size;
int i;
- EVP_MD_CTX hmac, *mac_ctx;
+ HMAC_CTX hmac;
unsigned char header[13];
- int stream_mac = (send?(ssl->mac_flags & SSL_MAC_FLAG_WRITE_MAC_STREAM):(ssl->mac_flags&SSL_MAC_FLAG_READ_MAC_STREAM));
- int t;
if (send)
{
if (!send &&
EVP_CIPHER_CTX_mode(ssl->enc_read_ctx) == EVP_CIPH_CBC_MODE &&
- ssl3_cbc_record_digest_supported(mac_ctx))
+ ssl3_cbc_record_digest_supported(hash))
{
/* This is a CBC-encrypted record. We must avoid leaking any
* timing-side channel information about how many blocks of
* data we are hashing because that gives an attacker a
* timing-oracle. */
ssl3_cbc_digest_record(
- mac_ctx,
+ hash,
md, &md_size,
header, rec->input,
rec->length + md_size, rec->orig_len,
ssl->s3->read_mac_secret,
- ssl->s3->read_mac_secret_size,
+ EVP_MD_size(ssl->read_hash),
0 /* not SSLv3 */);
}
else
{
- EVP_DigestSignUpdate(mac_ctx,header,sizeof(header));
- EVP_DigestSignUpdate(mac_ctx,rec->input,rec->length);
- t=EVP_DigestSignFinal(mac_ctx,md,&md_size);
- OPENSSL_assert(t > 0);
+ unsigned mds;
+
+ HMAC_Update(&hmac,header,sizeof(header));
+ HMAC_Update(&hmac,rec->input,rec->length);
+ HMAC_Final(&hmac,md,&mds);
+ md_size = mds;
}
- if (!stream_mac)
- EVP_MD_CTX_cleanup(&hmac);
+ HMAC_CTX_cleanup(&hmac);
#ifdef TLS_DEBUG
printf("sec=");
{unsigned int z; for (z=0; z<md_size; z++) printf("%02X ",mac_sec[z]); printf("\n"); }
projects / openssl.git / commitdiff