X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=ssl%2Fs3_enc.c;h=093e527da1480db557df2fc85e7bc77d26dc1427;hb=ca0a7a9a4ebe9bb0f646930262f43372fa73254c;hp=c1222a72c21d15edc239b62a7a3ef909ed06f488;hpb=846e33c729311169d9c988ceba29484b3783f244;p=oweals%2Fopenssl.git diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c index c1222a72c2..093e527da1 100644 --- a/ssl/s3_enc.c +++ b/ssl/s3_enc.c @@ -61,32 +61,35 @@ static int ssl3_generate_key_block(SSL *s, unsigned char *km, int num) EVP_MD_CTX_set_flags(m5, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW); for (i = 0; (int)i < num; i += MD5_DIGEST_LENGTH) { k++; - if (k > sizeof buf) { + if (k > sizeof(buf)) { /* bug: 'buf' is too small for this ciphersuite */ SSLerr(SSL_F_SSL3_GENERATE_KEY_BLOCK, ERR_R_INTERNAL_ERROR); - return 0; + goto err; } for (j = 0; j < k; j++) buf[j] = c; c++; - EVP_DigestInit_ex(s1, EVP_sha1(), NULL); - EVP_DigestUpdate(s1, buf, k); - EVP_DigestUpdate(s1, s->session->master_key, - s->session->master_key_length); - EVP_DigestUpdate(s1, s->s3->server_random, SSL3_RANDOM_SIZE); - EVP_DigestUpdate(s1, s->s3->client_random, SSL3_RANDOM_SIZE); - EVP_DigestFinal_ex(s1, smd, NULL); - - EVP_DigestInit_ex(m5, EVP_md5(), NULL); - EVP_DigestUpdate(m5, s->session->master_key, - s->session->master_key_length); - EVP_DigestUpdate(m5, smd, SHA_DIGEST_LENGTH); + if (!EVP_DigestInit_ex(s1, EVP_sha1(), NULL) + || !EVP_DigestUpdate(s1, buf, k) + || !EVP_DigestUpdate(s1, s->session->master_key, + s->session->master_key_length) + || !EVP_DigestUpdate(s1, s->s3->server_random, SSL3_RANDOM_SIZE) + || !EVP_DigestUpdate(s1, s->s3->client_random, SSL3_RANDOM_SIZE) + || !EVP_DigestFinal_ex(s1, smd, NULL) + || !EVP_DigestInit_ex(m5, EVP_md5(), NULL) + || !EVP_DigestUpdate(m5, s->session->master_key, + s->session->master_key_length) + || !EVP_DigestUpdate(m5, smd, SHA_DIGEST_LENGTH)) + goto err; if ((int)(i + MD5_DIGEST_LENGTH) > num) { - EVP_DigestFinal_ex(m5, smd, NULL); + if (!EVP_DigestFinal_ex(m5, smd, NULL)) + goto err; memcpy(km, smd, (num - i)); - } else - EVP_DigestFinal_ex(m5, km, NULL); + } else { + if (!EVP_DigestFinal_ex(m5, km, NULL)) + goto err; + } km += MD5_DIGEST_LENGTH; } @@ -137,8 +140,8 @@ int ssl3_change_cipher_state(SSL *s, int which) dd = s->enc_read_ctx; if (ssl_replace_hash(&s->read_hash, m) == NULL) { - SSLerr(SSL_F_SSL3_CHANGE_CIPHER_STATE, ERR_R_INTERNAL_ERROR); - goto err2; + SSLerr(SSL_F_SSL3_CHANGE_CIPHER_STATE, ERR_R_INTERNAL_ERROR); + goto err2; } #ifndef OPENSSL_NO_COMP /* COMPRESS */ @@ -167,8 +170,8 @@ int ssl3_change_cipher_state(SSL *s, int which) EVP_CIPHER_CTX_reset(s->enc_write_ctx); dd = s->enc_write_ctx; if (ssl_replace_hash(&s->write_hash, m) == NULL) { - SSLerr(SSL_F_SSL3_CHANGE_CIPHER_STATE, ERR_R_INTERNAL_ERROR); - goto err2; + SSLerr(SSL_F_SSL3_CHANGE_CIPHER_STATE, ERR_R_INTERNAL_ERROR); + goto err2; } #ifndef OPENSSL_NO_COMP /* COMPRESS */ @@ -222,7 +225,8 @@ int ssl3_change_cipher_state(SSL *s, int which) memcpy(mac_secret, ms, i); - EVP_CipherInit_ex(dd, c, NULL, key, iv, (which & SSL3_CC_WRITE)); + if (!EVP_CipherInit_ex(dd, c, NULL, key, iv, (which & SSL3_CC_WRITE))) + goto err2; #ifdef OPENSSL_SSL_TRACE_CRYPTO if (s->msg_callback) { @@ -326,11 +330,18 @@ void ssl3_cleanup_key_block(SSL *s) s->s3->tmp.key_block_length = 0; } -void ssl3_init_finished_mac(SSL *s) +int ssl3_init_finished_mac(SSL *s) { + BIO *buf = BIO_new(BIO_s_mem()); + + if (buf == NULL) { + SSLerr(SSL_F_SSL3_INIT_FINISHED_MAC, ERR_R_MALLOC_FAILURE); + return 0; + } ssl3_free_digest_list(s); - s->s3->handshake_buffer = BIO_new(BIO_s_mem()); + s->s3->handshake_buffer = buf; (void)BIO_set_close(s->s3->handshake_buffer, BIO_CLOSE); + return 1; } /* @@ -346,12 +357,13 @@ void ssl3_free_digest_list(SSL *s) s->s3->handshake_dgst = NULL; } -void ssl3_finish_mac(SSL *s, const unsigned char *buf, int len) +int ssl3_finish_mac(SSL *s, const unsigned char *buf, int len) { if (s->s3->handshake_dgst == NULL) - BIO_write(s->s3->handshake_buffer, (void *)buf, len); + /* Note: this writes to a memory BIO so a failure is a fatal error */ + return BIO_write(s->s3->handshake_buffer, (void *)buf, len) == len; else - EVP_DigestUpdate(s->s3->handshake_dgst, buf, len); + return EVP_DigestUpdate(s->s3->handshake_dgst, buf, len); } int ssl3_digest_cached_records(SSL *s, int keep) @@ -363,7 +375,8 @@ int ssl3_digest_cached_records(SSL *s, int keep) if (s->s3->handshake_dgst == NULL) { hdatalen = BIO_get_mem_data(s->s3->handshake_buffer, &hdata); if (hdatalen <= 0) { - SSLerr(SSL_F_SSL3_DIGEST_CACHED_RECORDS, SSL_R_BAD_HANDSHAKE_LENGTH); + SSLerr(SSL_F_SSL3_DIGEST_CACHED_RECORDS, + SSL_R_BAD_HANDSHAKE_LENGTH); return 0; } @@ -374,14 +387,11 @@ int ssl3_digest_cached_records(SSL *s, int keep) } md = ssl_handshake_md(s); - if (md == NULL) { + if (md == NULL || !EVP_DigestInit_ex(s->s3->handshake_dgst, md, NULL) + || !EVP_DigestUpdate(s->s3->handshake_dgst, hdata, hdatalen)) { SSLerr(SSL_F_SSL3_DIGEST_CACHED_RECORDS, ERR_R_INTERNAL_ERROR); return 0; } - - EVP_DigestInit_ex(s->s3->handshake_dgst, md, NULL); - EVP_DigestUpdate(s->s3->handshake_dgst, hdata, hdatalen); - } if (keep == 0) { BIO_free(s->s3->handshake_buffer); @@ -409,7 +419,10 @@ int ssl3_final_finish_mac(SSL *s, const char *sender, int len, unsigned char *p) SSLerr(SSL_F_SSL3_FINAL_FINISH_MAC, ERR_R_MALLOC_FAILURE); return 0; } - EVP_MD_CTX_copy_ex(ctx, s->s3->handshake_dgst); + if (!EVP_MD_CTX_copy_ex(ctx, s->s3->handshake_dgst)) { + SSLerr(SSL_F_SSL3_FINAL_FINISH_MAC, ERR_R_INTERNAL_ERROR); + return 0; + } ret = EVP_MD_CTX_size(ctx); if (ret < 0) { @@ -418,10 +431,10 @@ int ssl3_final_finish_mac(SSL *s, const char *sender, int len, unsigned char *p) } if ((sender != NULL && EVP_DigestUpdate(ctx, sender, len) <= 0) - || EVP_MD_CTX_ctrl(ctx, EVP_CTRL_SSL3_MASTER_SECRET, - s->session->master_key_length, - s->session->master_key) <= 0 - || EVP_DigestFinal_ex(ctx, p, NULL) <= 0) { + || EVP_MD_CTX_ctrl(ctx, EVP_CTRL_SSL3_MASTER_SECRET, + s->session->master_key_length, + s->session->master_key) <= 0 + || EVP_DigestFinal_ex(ctx, p, NULL) <= 0) { SSLerr(SSL_F_SSL3_FINAL_FINISH_MAC, ERR_R_INTERNAL_ERROR); ret = 0; } @@ -459,19 +472,18 @@ int ssl3_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p, } for (i = 0; i < 3; i++) { if (EVP_DigestInit_ex(ctx, s->ctx->sha1, NULL) <= 0 - || EVP_DigestUpdate(ctx, salt[i], - strlen((const char *)salt[i])) <= 0 - || EVP_DigestUpdate(ctx, p, len) <= 0 - || EVP_DigestUpdate(ctx, &(s->s3->client_random[0]), - SSL3_RANDOM_SIZE) <= 0 - || EVP_DigestUpdate(ctx, &(s->s3->server_random[0]), - SSL3_RANDOM_SIZE) <= 0 - || EVP_DigestFinal_ex(ctx, buf, &n) <= 0 - - || EVP_DigestInit_ex(ctx, s->ctx->md5, NULL) <= 0 - || EVP_DigestUpdate(ctx, p, len) <= 0 - || EVP_DigestUpdate(ctx, buf, n) <= 0 - || EVP_DigestFinal_ex(ctx, out, &n) <= 0) { + || EVP_DigestUpdate(ctx, salt[i], + strlen((const char *)salt[i])) <= 0 + || EVP_DigestUpdate(ctx, p, len) <= 0 + || EVP_DigestUpdate(ctx, &(s->s3->client_random[0]), + SSL3_RANDOM_SIZE) <= 0 + || EVP_DigestUpdate(ctx, &(s->s3->server_random[0]), + SSL3_RANDOM_SIZE) <= 0 + || EVP_DigestFinal_ex(ctx, buf, &n) <= 0 + || EVP_DigestInit_ex(ctx, s->ctx->md5, NULL) <= 0 + || EVP_DigestUpdate(ctx, p, len) <= 0 + || EVP_DigestUpdate(ctx, buf, n) <= 0 + || EVP_DigestFinal_ex(ctx, out, &n) <= 0) { SSLerr(SSL_F_SSL3_GENERATE_MASTER_SECRET, ERR_R_INTERNAL_ERROR); ret = 0; break;