e_aes_cbc_hmac_sha1.c: handle zero-length payload and engage empty frag
authorAndy Polyakov <appro@openssl.org>
Sun, 15 Apr 2012 14:23:03 +0000 (14:23 +0000)
committerAndy Polyakov <appro@openssl.org>
Sun, 15 Apr 2012 14:23:03 +0000 (14:23 +0000)
countermeasure [from HEAD].

PR: 2778

crypto/evp/e_aes_cbc_hmac_sha1.c
ssl/s3_pkt.c

index 278c6caa280ac8e83016951cec23e92f0317924c..710fb79baf456f6865402f2673777d9f8a86d4ef 100644 (file)
@@ -83,6 +83,8 @@ typedef struct
     } aux;
     } EVP_AES_HMAC_SHA1;
 
+#define NO_PAYLOAD_LENGTH      ((size_t)-1)
+
 #if    defined(AES_ASM) &&     ( \
        defined(__x86_64)       || defined(__x86_64__)  || \
        defined(_M_AMD64)       || defined(_M_X64)      || \
@@ -124,7 +126,7 @@ static int aesni_cbc_hmac_sha1_init_key(EVP_CIPHER_CTX *ctx,
        key->tail = key->head;
        key->md   = key->head;
 
-       key->payload_length = 0;
+       key->payload_length = NO_PAYLOAD_LENGTH;
 
        return ret<0?0:1;
        }
@@ -185,7 +187,7 @@ static int aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
        if (len%AES_BLOCK_SIZE) return 0;
 
        if (ctx->encrypt) {
-               if (plen==0)
+               if (plen==NO_PAYLOAD_LENGTH)
                        plen = len;
                else if (len!=((plen+SHA_DIGEST_LENGTH+AES_BLOCK_SIZE)&-AES_BLOCK_SIZE))
                        return 0;
@@ -271,7 +273,7 @@ static int aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
                }
        }
 
-       key->payload_length = 0;
+       key->payload_length = NO_PAYLOAD_LENGTH;
 
        return 1;
        }
index 3c56a86933ffd5d69b829362c30f30a0369d12da..a0169dcc0695d0a6f1da82d74754a7f488e42396 100644 (file)
@@ -664,10 +664,14 @@ static int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
        if (    (sess == NULL) ||
                (s->enc_write_ctx == NULL) ||
                (EVP_MD_CTX_md(s->write_hash) == NULL))
+               {
+#if 1
+               clear=s->enc_write_ctx?0:1;     /* must be AEAD cipher */
+#else
                clear=1;
-
-       if (clear)
+#endif
                mac_size=0;
+               }
        else
                {
                mac_size=EVP_MD_CTX_size(s->write_hash);