summaryrefslogtreecommitdiff
path: root/drivers/builtin_openssl2/ssl/t1_enc.c
diff options
context:
space:
mode:
Diffstat (limited to 'drivers/builtin_openssl2/ssl/t1_enc.c')
-rw-r--r--drivers/builtin_openssl2/ssl/t1_enc.c68
1 files changed, 51 insertions, 17 deletions
diff --git a/drivers/builtin_openssl2/ssl/t1_enc.c b/drivers/builtin_openssl2/ssl/t1_enc.c
index 9786b263eb..514fcb3e4e 100644
--- a/drivers/builtin_openssl2/ssl/t1_enc.c
+++ b/drivers/builtin_openssl2/ssl/t1_enc.c
@@ -160,7 +160,7 @@ static int tls1_P_hash(const EVP_MD *md, const unsigned char *sec,
{
int chunk;
size_t j;
- EVP_MD_CTX ctx, ctx_tmp;
+ EVP_MD_CTX ctx, ctx_tmp, ctx_init;
EVP_PKEY *mac_key;
unsigned char A1[EVP_MAX_MD_SIZE];
size_t A1_len;
@@ -171,14 +171,14 @@ static int tls1_P_hash(const EVP_MD *md, const unsigned char *sec,
EVP_MD_CTX_init(&ctx);
EVP_MD_CTX_init(&ctx_tmp);
- EVP_MD_CTX_set_flags(&ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
- EVP_MD_CTX_set_flags(&ctx_tmp, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
+ EVP_MD_CTX_init(&ctx_init);
+ EVP_MD_CTX_set_flags(&ctx_init, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
mac_key = EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, NULL, sec, sec_len);
if (!mac_key)
goto err;
- if (!EVP_DigestSignInit(&ctx, NULL, md, NULL, mac_key))
+ if (!EVP_DigestSignInit(&ctx_init, NULL, md, NULL, mac_key))
goto err;
- if (!EVP_DigestSignInit(&ctx_tmp, NULL, md, NULL, mac_key))
+ if (!EVP_MD_CTX_copy_ex(&ctx, &ctx_init))
goto err;
if (seed1 && !EVP_DigestSignUpdate(&ctx, seed1, seed1_len))
goto err;
@@ -195,13 +195,11 @@ static int tls1_P_hash(const EVP_MD *md, const unsigned char *sec,
for (;;) {
/* Reinit mac contexts */
- if (!EVP_DigestSignInit(&ctx, NULL, md, NULL, mac_key))
- goto err;
- if (!EVP_DigestSignInit(&ctx_tmp, NULL, md, NULL, mac_key))
+ if (!EVP_MD_CTX_copy_ex(&ctx, &ctx_init))
goto err;
if (!EVP_DigestSignUpdate(&ctx, A1, A1_len))
goto err;
- if (!EVP_DigestSignUpdate(&ctx_tmp, A1, A1_len))
+ if (olen > chunk && !EVP_MD_CTX_copy_ex(&ctx_tmp, &ctx))
goto err;
if (seed1 && !EVP_DigestSignUpdate(&ctx, seed1, seed1_len))
goto err;
@@ -235,6 +233,7 @@ static int tls1_P_hash(const EVP_MD *md, const unsigned char *sec,
EVP_PKEY_free(mac_key);
EVP_MD_CTX_cleanup(&ctx);
EVP_MD_CTX_cleanup(&ctx_tmp);
+ EVP_MD_CTX_cleanup(&ctx_init);
OPENSSL_cleanse(A1, sizeof(A1));
return ret;
}
@@ -407,9 +406,9 @@ int tls1_change_cipher_state(SSL *s, int which)
}
#endif
/*
- * this is done by dtls1_reset_seq_numbers for DTLS1_VERSION
+ * this is done by dtls1_reset_seq_numbers for DTLS
*/
- if (s->version != DTLS1_VERSION)
+ if (!SSL_IS_DTLS(s))
memset(&(s->s3->read_sequence[0]), 0, 8);
mac_secret = &(s->s3->read_mac_secret[0]);
mac_secret_size = &(s->s3->read_mac_secret_size);
@@ -448,9 +447,9 @@ int tls1_change_cipher_state(SSL *s, int which)
}
#endif
/*
- * this is done by dtls1_reset_seq_numbers for DTLS1_VERSION
+ * this is done by dtls1_reset_seq_numbers for DTLS
*/
- if (s->version != DTLS1_VERSION)
+ if (!SSL_IS_DTLS(s))
memset(&(s->s3->write_sequence[0]), 0, 8);
mac_secret = &(s->s3->write_mac_secret[0]);
mac_secret_size = &(s->s3->write_mac_secret_size);
@@ -584,6 +583,25 @@ int tls1_change_cipher_state(SSL *s, int which)
SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE, ERR_R_INTERNAL_ERROR);
goto err2;
}
+#ifdef OPENSSL_SSL_TRACE_CRYPTO
+ if (s->msg_callback) {
+ int wh = which & SSL3_CC_WRITE ? TLS1_RT_CRYPTO_WRITE : 0;
+ if (*mac_secret_size)
+ s->msg_callback(2, s->version, wh | TLS1_RT_CRYPTO_MAC,
+ mac_secret, *mac_secret_size,
+ s, s->msg_callback_arg);
+ if (c->key_len)
+ s->msg_callback(2, s->version, wh | TLS1_RT_CRYPTO_KEY,
+ key, c->key_len, s, s->msg_callback_arg);
+ if (k) {
+ if (EVP_CIPHER_mode(c) == EVP_CIPH_GCM_MODE)
+ wh |= TLS1_RT_CRYPTO_FIXED_IV;
+ else
+ wh |= TLS1_RT_CRYPTO_IV;
+ s->msg_callback(2, s->version, wh, iv, k, s, s->msg_callback_arg);
+ }
+ }
+#endif
#ifdef TLS_DEBUG
printf("which = %04X\nkey=", which);
@@ -751,7 +769,7 @@ int tls1_enc(SSL *s, int send)
int ivlen;
enc = EVP_CIPHER_CTX_cipher(s->enc_write_ctx);
/* For TLSv1.1 and later explicit IV */
- if (s->version >= TLS1_1_VERSION
+ if (SSL_USE_EXPLICIT_IV(s)
&& EVP_CIPHER_mode(enc) == EVP_CIPH_CBC_MODE)
ivlen = EVP_CIPHER_iv_length(enc);
else
@@ -799,7 +817,7 @@ int tls1_enc(SSL *s, int send)
seq = send ? s->s3->write_sequence : s->s3->read_sequence;
- if (s->version == DTLS1_VERSION || s->version == DTLS1_BAD_VER) {
+ if (SSL_IS_DTLS(s)) {
unsigned char dtlsseq[9], *p = dtlsseq;
s2n(send ? s->d1->w_epoch : s->d1->r_epoch, p);
@@ -1021,7 +1039,7 @@ int tls1_mac(SSL *ssl, unsigned char *md, int send)
mac_ctx = &hmac;
}
- if (ssl->version == DTLS1_VERSION || ssl->version == DTLS1_BAD_VER) {
+ if (SSL_IS_DTLS(ssl)) {
unsigned char dtlsseq[8], *p = dtlsseq;
s2n(send ? ssl->d1->w_epoch : ssl->d1->r_epoch, p);
@@ -1096,7 +1114,7 @@ int tls1_mac(SSL *ssl, unsigned char *md, int send)
}
#endif
- if (ssl->version != DTLS1_VERSION && ssl->version != DTLS1_BAD_VER) {
+ if (!SSL_IS_DTLS(ssl)) {
for (i = 7; i >= 0; i--) {
++seq[i];
if (seq[i] != 0)
@@ -1162,6 +1180,22 @@ int tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p,
SSL3_MASTER_SECRET_SIZE);
#endif
+#ifdef OPENSSL_SSL_TRACE_CRYPTO
+ if (s->msg_callback) {
+ s->msg_callback(2, s->version, TLS1_RT_CRYPTO_PREMASTER,
+ p, len, s, s->msg_callback_arg);
+ s->msg_callback(2, s->version, TLS1_RT_CRYPTO_CLIENT_RANDOM,
+ s->s3->client_random, SSL3_RANDOM_SIZE,
+ s, s->msg_callback_arg);
+ s->msg_callback(2, s->version, TLS1_RT_CRYPTO_SERVER_RANDOM,
+ s->s3->server_random, SSL3_RANDOM_SIZE,
+ s, s->msg_callback_arg);
+ s->msg_callback(2, s->version, TLS1_RT_CRYPTO_MASTER,
+ s->session->master_key,
+ SSL3_MASTER_SECRET_SIZE, s, s->msg_callback_arg);
+ }
+#endif
+
#ifdef KSSL_DEBUG
fprintf(stderr, "tls1_generate_master_secret() complete\n");
#endif /* KSSL_DEBUG */
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-20 09:54:24 +0000