Utility function to retrieve handshake hashes.

Retrieve handshake hashes in a separate function. This tidies the existing
code and will be used for extended master secret generation.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>

diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 2a84ff248f7b5e3b68c2c06edc92d1932a48095e..3392d1a6a9805b17bdbd3cb93bd6094e22b06fcc 100644 (file)
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -3479,6 +3479,35 @@ void ssl_clear_hash_ctx(EVP_MD_CTX **hash)
     *hash = NULL;
 }
 
     *hash = NULL;
 }
 

+/* Retrieve handshake hashes */
+int ssl_handshake_hash(SSL *s, unsigned char *out, int outlen)
+{
+    unsigned char *p = out;
+    int idx, ret = 0;
+    long mask;
+    EVP_MD_CTX ctx;
+    const EVP_MD *md;
+    EVP_MD_CTX_init(&ctx);
+    for (idx = 0; ssl_get_handshake_digest(idx, &mask, &md); idx++) {
+        if (mask & ssl_get_algorithm2(s)) {
+            int hashsize = EVP_MD_size(md);
+            EVP_MD_CTX *hdgst = s->s3->handshake_dgst[idx];
+            if (!hdgst || hashsize < 0 || hashsize > outlen)
+                goto err;
+            if (!EVP_MD_CTX_copy_ex(&ctx, hdgst))
+                goto err;
+            if (!EVP_DigestFinal_ex(&ctx, p, NULL))
+                goto err;
+            p += hashsize;
+            outlen -= hashsize;
+        }
+    }
+    ret = p - out;
+ err:
+    EVP_MD_CTX_cleanup(&ctx);
+    return ret;
+}
+

 void SSL_set_debug(SSL *s, int debug)
 {
     s->debug = debug;
 void SSL_set_debug(SSL *s, int debug)
 {
     s->debug = debug;

diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
index 513940fc3ec80e8c1fc4c924216c621bee2bdb29..0d461302c5d1719c754799d8f8cb2e98f7221a6c 100644 (file)
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -2411,6 +2411,8 @@ int ssl_add_serverhello_use_srtp_ext(SSL *s, unsigned char *p, int *len,
 int ssl_parse_serverhello_use_srtp_ext(SSL *s, unsigned char *d, int len,
                                        int *al);
 
 int ssl_parse_serverhello_use_srtp_ext(SSL *s, unsigned char *d, int len,
                                        int *al);
 

+int ssl_handshake_hash(SSL *s, unsigned char *out, int outlen);
+

 /* s3_cbc.c */
 void ssl3_cbc_copy_mac(unsigned char *out,
                        const SSL3_RECORD *rec, unsigned md_size);
 /* s3_cbc.c */
 void ssl3_cbc_copy_mac(unsigned char *out,
                        const SSL3_RECORD *rec, unsigned md_size);

diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c
index 3f4973e9ac51ed11585f2e724b54fd7a944f2bfe..666864e85c72c3c8049e6b140cb70b10174b3b8b 100644 (file)
--- a/ssl/t1_enc.c
+++ b/ssl/t1_enc.c
@@ -919,57 +919,28 @@ int tls1_cert_verify_mac(SSL *s, int md_nid, unsigned char *out)
     return ((int)ret);
 }
 
     return ((int)ret);
 }
 

-int tls1_final_finish_mac(SSL *s,
-                          const char *str, int slen, unsigned char *out)
+int tls1_final_finish_mac(SSL *s, const char *str, int slen,
+                          unsigned char *out)

 {
 {

-    unsigned int i;
-    EVP_MD_CTX ctx;
-    unsigned char buf[2 * EVP_MAX_MD_SIZE];
-    unsigned char *q, buf2[12];
-    int idx;
-    long mask;
-    int err = 0;
-    const EVP_MD *md;
-
-    q = buf;
+    int hashlen;
+    unsigned char hash[2 * EVP_MAX_MD_SIZE];
+    unsigned char buf2[12];

 
     if (s->s3->handshake_buffer)
         if (!ssl3_digest_cached_records(s))
             return 0;
 
 
     if (s->s3->handshake_buffer)
         if (!ssl3_digest_cached_records(s))
             return 0;
 

-    EVP_MD_CTX_init(&ctx);
+    hashlen = ssl_handshake_hash(s, hash, sizeof(hash));

 
 

-    for (idx = 0; ssl_get_handshake_digest(idx, &mask, &md); idx++) {
-        if (mask & ssl_get_algorithm2(s)) {
-            int hashsize = EVP_MD_size(md);
-            EVP_MD_CTX *hdgst = s->s3->handshake_dgst[idx];
-            if (!hdgst || hashsize < 0
-                || hashsize > (int)(sizeof buf - (size_t)(q - buf))) {
-                /*
-                 * internal error: 'buf' is too small for this cipersuite!
-                 */
-                err = 1;
-            } else {
-                if (!EVP_MD_CTX_copy_ex(&ctx, hdgst) ||
-                    !EVP_DigestFinal_ex(&ctx, q, &i) ||
-                    (i != (unsigned int)hashsize))
-                    err = 1;
-                q += hashsize;
-            }
-        }
-    }
+    if (hashlen == 0)
+        return 0;

 
     if (!tls1_PRF(ssl_get_algorithm2(s),
 
     if (!tls1_PRF(ssl_get_algorithm2(s),

-                  str, slen, buf, (int)(q - buf), NULL, 0, NULL, 0, NULL, 0,
+                  str, slen, hash, hashlen, NULL, 0, NULL, 0, NULL, 0,

                   s->session->master_key, s->session->master_key_length,
                   out, buf2, sizeof buf2))
                   s->session->master_key, s->session->master_key_length,
                   out, buf2, sizeof buf2))

-        err = 1;
-    EVP_MD_CTX_cleanup(&ctx);
-
-    if (err)

         return 0;
         return 0;

-    else
-        return sizeof buf2;
+    return sizeof buf2;

 }
 
 int tls1_mac(SSL *ssl, unsigned char *md, int send)
 }
 
 int tls1_mac(SSL *ssl, unsigned char *md, int send)