mirror of
https://github.com/openssl/openssl.git
synced 2025-01-18 13:44:20 +08:00
Use separate arrays for certificate verify and for finished hashes.
This commit is contained in:
Bodo Möller
parent
245206eadd
commit
f2d9a32cf4
3
CHANGES
3
CHANGES
@ -4,6 +4,9 @@
|
||||
|
||||
Changes between 0.9.4 and 0.9.5 [xx XXX 1999]
|
||||
|
||||
*) Clean up 'Finished' handling.
|
||||
[Bodo Moeller]
|
||||
|
||||
*) Enhanced support for Alpha Linux is added. Now ./config checks if
|
||||
the host supports BWX extension and if Compaq C is present on the
|
||||
$PATH. Just exploiting of the BWX extention results in 20-30%
|
||||
|
||||
@ -56,6 +56,7 @@
|
||||
* [including the GNU Public Licence.]
|
||||
*/
|
||||
|
||||
#include <string.h>
|
||||
#include <stdio.h>
|
||||
#include <openssl/buffer.h>
|
||||
#include <openssl/rand.h>
|
||||
@ -69,6 +70,19 @@ int ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen)
|
||||
unsigned char *p,*d;
|
||||
int i;
|
||||
unsigned long l;
|
||||
unsigned char *finish_md;
|
||||
int *finish_md_len;
|
||||
|
||||
if (s->state & SSL_ST_ACCEPT)
|
||||
{
|
||||
finish_md = s->s3->tmp.server_finish_md;
|
||||
finish_md_len = &s->s3->tmp.server_finish_md_len;
|
||||
}
|
||||
else
|
||||
{
|
||||
finish_md = s->s3->tmp.client_finish_md;
|
||||
finish_md_len = &s->s3->tmp.client_finish_md_len;
|
||||
}
|
||||
|
||||
if (s->state == a)
|
||||
{
|
||||
@ -78,7 +92,9 @@ int ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen)
|
||||
i=s->method->ssl3_enc->final_finish_mac(s,
|
||||
&(s->s3->finish_dgst1),
|
||||
&(s->s3->finish_dgst2),
|
||||
sender,slen,p);
|
||||
sender,slen,finish_md);
|
||||
*finish_md_len = i;
|
||||
memcpy(p, finish_md, i);
|
||||
p+=i;
|
||||
l=i;
|
||||
|
||||
@ -106,9 +122,22 @@ int ssl3_get_finished(SSL *s, int a, int b)
|
||||
int al,i,ok;
|
||||
long n;
|
||||
unsigned char *p;
|
||||
unsigned char *finish_md;
|
||||
int *finish_md_len;
|
||||
|
||||
if (s->state & SSL_ST_ACCEPT)
|
||||
{
|
||||
finish_md = s->s3->tmp.client_finish_md;
|
||||
finish_md_len = &s->s3->tmp.client_finish_md_len;
|
||||
}
|
||||
else
|
||||
{
|
||||
finish_md = s->s3->tmp.server_finish_md;
|
||||
finish_md_len = &s->s3->tmp.server_finish_md_len;
|
||||
}
|
||||
|
||||
/* the mac has already been generated when we received the
|
||||
* change cipher spec message and is in s->s3->tmp.finish_md
|
||||
* change cipher spec message and is in finish_md
|
||||
*/
|
||||
|
||||
n=ssl3_get_message(s,
|
||||
@ -131,7 +160,7 @@ int ssl3_get_finished(SSL *s, int a, int b)
|
||||
|
||||
p=(unsigned char *)s->init_buf->data;
|
||||
|
||||
i=s->method->ssl3_enc->finish_mac_length;
|
||||
i=*finish_md_len;
|
||||
|
||||
if (i != n)
|
||||
{
|
||||
@ -140,7 +169,7 @@ int ssl3_get_finished(SSL *s, int a, int b)
|
||||
goto f_err;
|
||||
}
|
||||
|
||||
if (memcmp( p, (char *)&(s->s3->tmp.finish_md[0]),i) != 0)
|
||||
if (memcmp(p, finish_md, i) != 0)
|
||||
{
|
||||
al=SSL_AD_DECRYPT_ERROR;
|
||||
SSLerr(SSL_F_SSL3_GET_FINISHED,SSL_R_DIGEST_CHECK_FAILED);
|
||||
|
||||
@ -79,7 +79,7 @@ static unsigned char ssl3_pad_2[48]={
|
||||
0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c };
|
||||
|
||||
static int ssl3_handshake_mac(SSL *s, EVP_MD_CTX *in_ctx,
|
||||
unsigned char *sender, int len, unsigned char *p);
|
||||
const char *sender, int len, unsigned char *p);
|
||||
|
||||
static void ssl3_generate_key_block(SSL *s, unsigned char *km, int num)
|
||||
{
|
||||
@ -423,7 +423,7 @@ int ssl3_final_finish_mac(SSL *s, EVP_MD_CTX *ctx1, EVP_MD_CTX *ctx2,
|
||||
}
|
||||
|
||||
static int ssl3_handshake_mac(SSL *s, EVP_MD_CTX *in_ctx,
|
||||
unsigned char *sender, int len, unsigned char *p)
|
||||
const char *sender, int len, unsigned char *p)
|
||||
{
|
||||
unsigned int ret;
|
||||
int npad,n;
|
||||
|
||||
10
ssl/s3_pkt.c
10
ssl/s3_pkt.c
@ -937,6 +937,8 @@ static int do_change_cipher_spec(SSL *s)
|
||||
int i;
|
||||
const char *sender;
|
||||
int slen;
|
||||
unsigned char *finish_md;
|
||||
int *finish_md_len;
|
||||
|
||||
if (s->state & SSL_ST_ACCEPT)
|
||||
i=SSL3_CHANGE_CIPHER_SERVER_READ;
|
||||
@ -959,17 +961,21 @@ static int do_change_cipher_spec(SSL *s)
|
||||
{
|
||||
sender=s->method->ssl3_enc->server_finished_label;
|
||||
slen=s->method->ssl3_enc->server_finished_label_len;
|
||||
finish_md = s->s3->tmp.server_finish_md;
|
||||
finish_md_len = &s->s3->tmp.server_finish_md_len;
|
||||
}
|
||||
else
|
||||
{
|
||||
sender=s->method->ssl3_enc->client_finished_label;
|
||||
slen=s->method->ssl3_enc->client_finished_label_len;
|
||||
finish_md = s->s3->tmp.client_finish_md;
|
||||
finish_md_len = &s->s3->tmp.client_finish_md_len;
|
||||
}
|
||||
|
||||
s->method->ssl3_enc->final_finish_mac(s,
|
||||
*finish_md_len = s->method->ssl3_enc->final_finish_mac(s,
|
||||
&(s->s3->finish_dgst1),
|
||||
&(s->s3->finish_dgst2),
|
||||
sender,slen,&(s->s3->tmp.finish_md[0]));
|
||||
sender,slen,finish_md);
|
||||
|
||||
return(1);
|
||||
}
|
||||
|
||||
@ -368,10 +368,10 @@ int ssl3_accept(SSL *s)
|
||||
* a client cert, it can be verified */
|
||||
s->method->ssl3_enc->cert_verify_mac(s,
|
||||
&(s->s3->finish_dgst1),
|
||||
&(s->s3->tmp.finish_md[0]));
|
||||
&(s->s3->tmp.cert_verify_md[0]));
|
||||
s->method->ssl3_enc->cert_verify_mac(s,
|
||||
&(s->s3->finish_dgst2),
|
||||
&(s->s3->tmp.finish_md[MD5_DIGEST_LENGTH]));
|
||||
&(s->s3->tmp.cert_verify_md[MD5_DIGEST_LENGTH]));
|
||||
|
||||
break;
|
||||
|
||||
@ -1484,7 +1484,7 @@ static int ssl3_get_cert_verify(SSL *s)
|
||||
#ifndef NO_RSA
|
||||
if (pkey->type == EVP_PKEY_RSA)
|
||||
{
|
||||
i=RSA_verify(NID_md5_sha1, s->s3->tmp.finish_md,
|
||||
i=RSA_verify(NID_md5_sha1, s->s3->tmp.cert_verify_md,
|
||||
MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH, p, i,
|
||||
pkey->pkey.rsa);
|
||||
if (i < 0)
|
||||
@ -1506,7 +1506,7 @@ static int ssl3_get_cert_verify(SSL *s)
|
||||
if (pkey->type == EVP_PKEY_DSA)
|
||||
{
|
||||
j=DSA_verify(pkey->save_type,
|
||||
&(s->s3->tmp.finish_md[MD5_DIGEST_LENGTH]),
|
||||
&(s->s3->tmp.cert_verify_md[MD5_DIGEST_LENGTH]),
|
||||
SHA_DIGEST_LENGTH,p,i,pkey->pkey.dsa);
|
||||
if (j <= 0)
|
||||
{
|
||||
|
||||
10
ssl/ssl3.h
10
ssl/ssl3.h
@ -314,8 +314,14 @@ typedef struct ssl3_ctx_st
|
||||
int in_read_app_data;
|
||||
|
||||
struct {
|
||||
/* Actually only needs to be 16+20 for SSLv3 and 12 for TLS */
|
||||
unsigned char finish_md[EVP_MAX_MD_SIZE*2];
|
||||
/* actually only needs to be 16+20 */
|
||||
unsigned char cert_verify_md[EVP_MAX_MD_SIZE*2];
|
||||
|
||||
/* actually only need to be 16+20 for SSLv3 and 12 for TLS */
|
||||
unsigned char server_finish_md[EVP_MAX_MD_SIZE*2];
|
||||
int server_finish_md_len;
|
||||
unsigned char client_finish_md[EVP_MAX_MD_SIZE*2];
|
||||
int client_finish_md_len;
|
||||
|
||||
unsigned long message_size;
|
||||
int message_type;
|
||||
|
||||
@ -442,7 +442,7 @@ int ssl3_dispatch_alert(SSL *s);
|
||||
int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len);
|
||||
int ssl3_part_read(SSL *s, int i);
|
||||
int ssl3_write_bytes(SSL *s, int type, const void *buf, int len);
|
||||
int ssl3_final_finish_mac(SSL *s, EVP_MD_CTX *ctx1,EVP_MD_CTX *ctx2,
|
||||
int ssl3_final_finish_mac(SSL *s, EVP_MD_CTX *ctx1, EVP_MD_CTX *ctx2,
|
||||
const char *sender, int slen,unsigned char *p);
|
||||
int ssl3_cert_verify_mac(SSL *s, EVP_MD_CTX *in, unsigned char *p);
|
||||
void ssl3_finish_mac(SSL *s, const unsigned char *buf, int len);
|
||||
|
||||
Loading…
Reference in New Issue
Block a user