Use separate arrays for certificate verify and for finished hashes.
authorBodo Möller <bodo@openssl.org>
Thu, 6 Jan 2000 00:24:24 +0000 (00:24 +0000)
committerBodo Möller <bodo@openssl.org>
Thu, 6 Jan 2000 00:24:24 +0000 (00:24 +0000)
CHANGES
ssl/s3_both.c
ssl/s3_enc.c
ssl/s3_pkt.c
ssl/s3_srvr.c
ssl/ssl3.h
ssl/ssl_locl.h

diff --git a/CHANGES b/CHANGES
index 073e7f9..5572e1f 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,9 @@
 
  Changes between 0.9.4 and 0.9.5  [xx XXX 1999]
 
+  *) Clean up 'Finished' handling.
+     [Bodo Moeller]
+
   *) Enhanced support for Alpha Linux is added. Now ./config checks if
      the host supports BWX extension and if Compaq C is present on the
      $PATH. Just exploiting of the BWX extention results in 20-30%
index a6348b6..996f05f 100644 (file)
@@ -56,6 +56,7 @@
  * [including the GNU Public Licence.]
  */
 
+#include <string.h>
 #include <stdio.h>
 #include <openssl/buffer.h>
 #include <openssl/rand.h>
@@ -69,6 +70,19 @@ int ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen)
        unsigned char *p,*d;
        int i;
        unsigned long l;
+       unsigned char *finish_md;
+       int *finish_md_len;
+
+       if (s->state & SSL_ST_ACCEPT)
+               {
+               finish_md = s->s3->tmp.server_finish_md;
+               finish_md_len = &s->s3->tmp.server_finish_md_len;
+               }
+       else
+               {
+               finish_md = s->s3->tmp.client_finish_md;
+               finish_md_len = &s->s3->tmp.client_finish_md_len;
+               }
 
        if (s->state == a)
                {
@@ -78,7 +92,9 @@ int ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen)
                i=s->method->ssl3_enc->final_finish_mac(s,
                        &(s->s3->finish_dgst1),
                        &(s->s3->finish_dgst2),
-                       sender,slen,p);
+                       sender,slen,finish_md);
+               *finish_md_len = i;
+               memcpy(p, finish_md, i);
                p+=i;
                l=i;
 
@@ -106,9 +122,22 @@ int ssl3_get_finished(SSL *s, int a, int b)
        int al,i,ok;
        long n;
        unsigned char *p;
+       unsigned char *finish_md;
+       int *finish_md_len;
+
+       if (s->state & SSL_ST_ACCEPT)
+               {
+               finish_md = s->s3->tmp.client_finish_md;
+               finish_md_len = &s->s3->tmp.client_finish_md_len;
+               }
+       else
+               {
+               finish_md = s->s3->tmp.server_finish_md;
+               finish_md_len = &s->s3->tmp.server_finish_md_len;
+               }
 
        /* the mac has already been generated when we received the
-        * change cipher spec message and is in s->s3->tmp.finish_md
+        * change cipher spec message and is in finish_md
         */ 
 
        n=ssl3_get_message(s,
@@ -131,7 +160,7 @@ int ssl3_get_finished(SSL *s, int a, int b)
 
        p=(unsigned char *)s->init_buf->data;
 
-       i=s->method->ssl3_enc->finish_mac_length;
+       i=*finish_md_len;
 
        if (i != n)
                {
@@ -140,7 +169,7 @@ int ssl3_get_finished(SSL *s, int a, int b)
                goto f_err;
                }
 
-       if (memcmp(  p,    (char *)&(s->s3->tmp.finish_md[0]),i) != 0)
+       if (memcmp(p, finish_md, i) != 0)
                {
                al=SSL_AD_DECRYPT_ERROR;
                SSLerr(SSL_F_SSL3_GET_FINISHED,SSL_R_DIGEST_CHECK_FAILED);
index 1ce1c16..4caf708 100644 (file)
@@ -79,7 +79,7 @@ static unsigned char ssl3_pad_2[48]={
        0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c };
 
 static int ssl3_handshake_mac(SSL *s, EVP_MD_CTX *in_ctx,
-       unsigned char *sender, int len, unsigned char *p);
+       const char *sender, int len, unsigned char *p);
 
 static void ssl3_generate_key_block(SSL *s, unsigned char *km, int num)
        {
@@ -423,7 +423,7 @@ int ssl3_final_finish_mac(SSL *s, EVP_MD_CTX *ctx1, EVP_MD_CTX *ctx2,
        }
 
 static int ssl3_handshake_mac(SSL *s, EVP_MD_CTX *in_ctx,
-            unsigned char *sender, int len, unsigned char *p)
+            const char *sender, int len, unsigned char *p)
        {
        unsigned int ret;
        int npad,n;
index 85b929c..8b8ecdf 100644 (file)
@@ -937,6 +937,8 @@ static int do_change_cipher_spec(SSL *s)
        int i;
        const char *sender;
        int slen;
+       unsigned char *finish_md;
+       int *finish_md_len;
 
        if (s->state & SSL_ST_ACCEPT)
                i=SSL3_CHANGE_CIPHER_SERVER_READ;
@@ -959,17 +961,21 @@ static int do_change_cipher_spec(SSL *s)
                {
                sender=s->method->ssl3_enc->server_finished_label;
                slen=s->method->ssl3_enc->server_finished_label_len;
+               finish_md = s->s3->tmp.server_finish_md;
+               finish_md_len = &s->s3->tmp.server_finish_md_len;
                }
        else
                {
                sender=s->method->ssl3_enc->client_finished_label;
                slen=s->method->ssl3_enc->client_finished_label_len;
+               finish_md = s->s3->tmp.client_finish_md;
+               finish_md_len = &s->s3->tmp.client_finish_md_len;
                }
 
-       s->method->ssl3_enc->final_finish_mac(s,
+       *finish_md_len = s->method->ssl3_enc->final_finish_mac(s,
                &(s->s3->finish_dgst1),
                &(s->s3->finish_dgst2),
-               sender,slen,&(s->s3->tmp.finish_md[0]));
+               sender,slen,finish_md);
 
        return(1);
        }
index 1a4a98b..9e08b75 100644 (file)
@@ -368,10 +368,10 @@ int ssl3_accept(SSL *s)
                         * a client cert, it can be verified */ 
                        s->method->ssl3_enc->cert_verify_mac(s,
                                &(s->s3->finish_dgst1),
-                               &(s->s3->tmp.finish_md[0]));
+                               &(s->s3->tmp.cert_verify_md[0]));
                        s->method->ssl3_enc->cert_verify_mac(s,
                                &(s->s3->finish_dgst2),
-                               &(s->s3->tmp.finish_md[MD5_DIGEST_LENGTH]));
+                               &(s->s3->tmp.cert_verify_md[MD5_DIGEST_LENGTH]));
 
                        break;
 
@@ -1484,7 +1484,7 @@ static int ssl3_get_cert_verify(SSL *s)
 #ifndef NO_RSA 
        if (pkey->type == EVP_PKEY_RSA)
                {
-               i=RSA_verify(NID_md5_sha1, s->s3->tmp.finish_md,
+               i=RSA_verify(NID_md5_sha1, s->s3->tmp.cert_verify_md,
                        MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH, p, i, 
                                                        pkey->pkey.rsa);
                if (i < 0)
@@ -1506,7 +1506,7 @@ static int ssl3_get_cert_verify(SSL *s)
                if (pkey->type == EVP_PKEY_DSA)
                {
                j=DSA_verify(pkey->save_type,
-                       &(s->s3->tmp.finish_md[MD5_DIGEST_LENGTH]),
+                       &(s->s3->tmp.cert_verify_md[MD5_DIGEST_LENGTH]),
                        SHA_DIGEST_LENGTH,p,i,pkey->pkey.dsa);
                if (j <= 0)
                        {
index 41a621b..60f33de 100644 (file)
@@ -314,8 +314,14 @@ typedef struct ssl3_ctx_st
        int in_read_app_data;
 
        struct  {
-               /* Actually only needs to be 16+20 for SSLv3 and 12 for TLS */
-               unsigned char finish_md[EVP_MAX_MD_SIZE*2];
+               /* actually only needs to be 16+20 */
+               unsigned char cert_verify_md[EVP_MAX_MD_SIZE*2];
+
+               /* actually only need to be 16+20 for SSLv3 and 12 for TLS */
+               unsigned char server_finish_md[EVP_MAX_MD_SIZE*2];
+               int server_finish_md_len;
+               unsigned char client_finish_md[EVP_MAX_MD_SIZE*2];
+               int client_finish_md_len;
                
                unsigned long message_size;
                int message_type;
index fbf9105..b8f43c2 100644 (file)
@@ -442,7 +442,7 @@ int ssl3_dispatch_alert(SSL *s);
 int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len);
 int ssl3_part_read(SSL *s, int i);
 int ssl3_write_bytes(SSL *s, int type, const void *buf, int len);
-int ssl3_final_finish_mac(SSL *s, EVP_MD_CTX *ctx1,EVP_MD_CTX *ctx2,
+int ssl3_final_finish_mac(SSL *s, EVP_MD_CTX *ctx1, EVP_MD_CTX *ctx2,
        const char *sender, int slen,unsigned char *p);
 int ssl3_cert_verify_mac(SSL *s, EVP_MD_CTX *in, unsigned char *p);
 void ssl3_finish_mac(SSL *s, const unsigned char *buf, int len);