{
int i;
for (i=0; i<s->s3->tmp.key_block_length; i++)
- printf("%02x", key_block[i]); printf("\n");
+ printf("%02x", s->s3->tmp.key_block[i]); printf("\n");
}
#endif /* KSSL_DEBUG */
EVP_CIPHER_CTX_ctrl(dd,EVP_CTRL_AEAD_SET_MAC_KEY,
*mac_secret_size,mac_secret);
+#ifdef OPENSSL_SSL_TRACE_CRYPTO
+ if (s->msg_callback)
+ {
+ int wh = which & SSL3_CC_WRITE ? TLS1_RT_CRYPTO_WRITE : 0;
+ if (*mac_secret_size)
+ s->msg_callback(2, s->version, wh | TLS1_RT_CRYPTO_MAC,
+ mac_secret, *mac_secret_size,
+ s, s->msg_callback_arg);
+ if (c->key_len)
+ s->msg_callback(2, s->version, wh | TLS1_RT_CRYPTO_KEY,
+ key, c->key_len,
+ s, s->msg_callback_arg);
+ if (k)
+ {
+ if (EVP_CIPHER_mode(c) == EVP_CIPH_GCM_MODE)
+ wh |= TLS1_RT_CRYPTO_FIXED_IV;
+ else
+ wh |= TLS1_RT_CRYPTO_IV;
+ s->msg_callback(2, s->version, wh, iv, k,
+ s, s->msg_callback_arg);
+ }
+ }
+#endif
+
#ifdef TLS_DEBUG
printf("which = %04X\nkey=",which);
{ int z; for (z=0; z<EVP_CIPHER_key_length(c); z++) printf("%02X%c",key[z],((z+1)%16)?' ':'\n'); }
}
}
- if (EVP_Cipher(ds,rec->data,rec->input,l) < 0)
+ i = EVP_Cipher(ds,rec->data,rec->input,l);
+ if ((EVP_CIPHER_flags(ds->cipher)&EVP_CIPH_FLAG_CUSTOM_CIPHER)
+ ?(i<0)
+ :(i==0))
return -1; /* AEAD can fail to verify MAC */
if (EVP_CIPHER_mode(enc) == EVP_CIPH_GCM_MODE && !send)
{
if (s->version >= TLS1_1_VERSION
&& EVP_CIPHER_CTX_mode(ds) == EVP_CIPH_CBC_MODE)
{
+ if (bs > (int)rec->length)
+ return -1;
rec->data += bs; /* skip the explicit IV */
rec->input += bs;
rec->length -= bs;
BIO_dump_fp(stderr, (char *)s->session->master_key, SSL3_MASTER_SECRET_SIZE);
#endif
+#ifdef OPENSSL_SSL_TRACE_CRYPTO
+ if (s->msg_callback)
+ {
+ s->msg_callback(2, s->version, TLS1_RT_CRYPTO_PREMASTER,
+ p, len, s, s->msg_callback_arg);
+ s->msg_callback(2, s->version, TLS1_RT_CRYPTO_CLIENT_RANDOM,
+ s->s3->client_random, SSL3_RANDOM_SIZE,
+ s, s->msg_callback_arg);
+ s->msg_callback(2, s->version, TLS1_RT_CRYPTO_SERVER_RANDOM,
+ s->s3->server_random, SSL3_RANDOM_SIZE,
+ s, s->msg_callback_arg);
+ s->msg_callback(2, s->version, TLS1_RT_CRYPTO_MASTER,
+ s->session->master_key,
+ SSL3_MASTER_SECRET_SIZE,
+ s, s->msg_callback_arg);
+ }
+#endif
+
#ifdef KSSL_DEBUG
printf ("tls1_generate_master_secret() complete\n");
#endif /* KSSL_DEBUG */
default: return(-1);
}
}
-
-int SSL_tls1_key_exporter(SSL *s,
- const unsigned char *label, int label_len,
- const unsigned char *context, int context_len,
- unsigned char *out, int olen)
- {
- unsigned char *tmp;
- int rv;
- unsigned char context_len_16[2];
-
- if (context_len > 0xffff)
- return 0;
-
- tmp = OPENSSL_malloc(olen);
-
- if (!tmp)
- return 0;
-
- context_len_16[0] = context_len >> 8;
- context_len_16[1] = context_len;
-
- rv = tls1_PRF(ssl_get_algorithm2(s),
- label, label_len,
- s->s3->client_random,SSL3_RANDOM_SIZE,
- s->s3->server_random,SSL3_RANDOM_SIZE,
- context_len_16, sizeof(context_len_16),
- context, context_len,
- s->session->master_key, s->session->master_key_length,
- out, tmp, olen);
-
- OPENSSL_free(tmp);
- return rv;
- }