X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=test%2Fbad_dtls_test.c;h=9716b521931b44a94754fccab2828607183f051a;hb=ad5be194c6b08e89f9a6e2a78b85ff19a3c40d40;hp=7f6ffdc3caf082cb644a5b3c8336a41e37935446;hpb=176db6dc51ec0a972bfa8836cfdab8f6767c978a;p=oweals%2Fopenssl.git diff --git a/test/bad_dtls_test.c b/test/bad_dtls_test.c index 7f6ffdc3ca..9716b52193 100644 --- a/test/bad_dtls_test.c +++ b/test/bad_dtls_test.c @@ -1,7 +1,7 @@ /* * Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved. * - * Licensed under the OpenSSL license (the "License"). You may not use + * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy * in the file LICENSE in the source distribution or at * https://www.openssl.org/source/license.html @@ -19,7 +19,7 @@ * Note that unlike other SSL tests, we don't test against our own SSL * server method. Firstly because we don't have one; we *only* support * DTLS1_BAD_VER as a client. And secondly because even if that were - * fixed up it's the wrong thing to test against — because if changes + * fixed up it's the wrong thing to test against - because if changes * are made in generic DTLS code which don't take DTLS1_BAD_VER into * account, there's plenty of scope for making those changes such that * they break *both* the client and the server in the same way. @@ -29,6 +29,8 @@ */ #include +#include +#include #include #include #include @@ -37,7 +39,7 @@ #include #include #include -#include "../ssl/packet_locl.h" +#include "internal/packet.h" #include "internal/nelem.h" #include "testutil.h" @@ -118,7 +120,7 @@ static int validate_client_hello(BIO *wbio) long len; unsigned char *data; int cookie_found = 0; - unsigned int u; + unsigned int u = 0; len = BIO_get_mem_data(wbio, (char **)&data); if (!PACKET_buf_init(&pkt, data, len)) @@ -278,11 +280,13 @@ static int send_record(BIO *rbio, unsigned char type, uint64_t seqnr, static unsigned char seq[6] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; static unsigned char ver[2] = { 0x01, 0x00 }; /* DTLS1_BAD_VER */ unsigned char lenbytes[2]; - HMAC_CTX *ctx; + EVP_MAC *hmac; + EVP_MAC_CTX *ctx; EVP_CIPHER_CTX *enc_ctx; unsigned char iv[16]; unsigned char pad; unsigned char *enc; + OSSL_PARAM params[3]; seq[0] = (seqnr >> 40) & 0xff; seq[1] = (seqnr >> 32) & 0xff; @@ -300,18 +304,26 @@ static int send_record(BIO *rbio, unsigned char type, uint64_t seqnr, memcpy(enc, msg, len); /* Append HMAC to data */ - ctx = HMAC_CTX_new(); - HMAC_Init_ex(ctx, mac_key, 20, EVP_sha1(), NULL); - HMAC_Update(ctx, epoch, 2); - HMAC_Update(ctx, seq, 6); - HMAC_Update(ctx, &type, 1); - HMAC_Update(ctx, ver, 2); /* Version */ - lenbytes[0] = len >> 8; - lenbytes[1] = len & 0xff; - HMAC_Update(ctx, lenbytes, 2); /* Length */ - HMAC_Update(ctx, enc, len); /* Finally the data itself */ - HMAC_Final(ctx, enc + len, NULL); - HMAC_CTX_free(ctx); + hmac = EVP_MAC_fetch(NULL, "HMAC", NULL); + ctx = EVP_MAC_CTX_new(hmac); + EVP_MAC_free(hmac); + params[0] = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST, + "SHA1", 0); + params[1] = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY, + mac_key, 20); + params[2] = OSSL_PARAM_construct_end(); + EVP_MAC_CTX_set_params(ctx, params); + EVP_MAC_init(ctx); + EVP_MAC_update(ctx, epoch, 2); + EVP_MAC_update(ctx, seq, 6); + EVP_MAC_update(ctx, &type, 1); + EVP_MAC_update(ctx, ver, 2); /* Version */ + lenbytes[0] = (unsigned char)(len >> 8); + lenbytes[1] = (unsigned char)(len); + EVP_MAC_update(ctx, lenbytes, 2); /* Length */ + EVP_MAC_update(ctx, enc, len); /* Finally the data itself */ + EVP_MAC_final(ctx, enc + len, NULL, SHA_DIGEST_LENGTH); + EVP_MAC_CTX_free(ctx); /* Append padding bytes */ len += SHA_DIGEST_LENGTH; @@ -331,8 +343,8 @@ static int send_record(BIO *rbio, unsigned char type, uint64_t seqnr, BIO_write(rbio, ver, 2); BIO_write(rbio, epoch, 2); BIO_write(rbio, seq, 6); - lenbytes[0] = (len + sizeof(iv)) >> 8; - lenbytes[1] = (len + sizeof(iv)) & 0xff; + lenbytes[0] = (unsigned char)((len + sizeof(iv)) >> 8); + lenbytes[1] = (unsigned char)(len + sizeof(iv)); BIO_write(rbio, lenbytes, 2); BIO_write(rbio, iv, sizeof(iv));