session tickets: use more sizeof

author Kurt Roeckx <kurt@roeckx.be>

Wed, 2 Mar 2016 13:39:14 +0000 (14:39 +0100)

committer Kurt Roeckx <kurt@roeckx.be>

Mon, 16 May 2016 18:43:20 +0000 (20:43 +0200)
author Kurt Roeckx <kurt@roeckx.be>
Wed, 2 Mar 2016 13:39:14 +0000 (14:39 +0100)
committer Kurt Roeckx <kurt@roeckx.be>
Mon, 16 May 2016 18:43:20 +0000 (20:43 +0200)
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c

index 6f9b23b1eafa07c7836ade7f2a10505d7066f55e..a742b952a8955f3e578dfd6d064d39f8a46807d8 100644 (file)
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -3396,8 +3396,8 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
          {
              unsigned char *keys = parg;
              long tlsext_tick_keylen = (sizeof(ctx->tlsext_tick_key_name) +
-                sizeof(ctx->tlsext_tick_hmac_key) + (ctx->tlsext_tick_aes_key));
-            if (!keys)
+                sizeof(ctx->tlsext_tick_hmac_key) + sizeof(ctx->tlsext_tick_aes_key));
+            if (keys == NULL)
                  return tlsext_tick_keylen;
              if (larg != tlsext_tick_keylen) {
                  SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_TICKET_KEYS_LENGTH);
diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h

index b39f387483f0803e58ebe5b03348b82ca4a7a8e3..5cc1dcf39100f7b0830a05c970194e24be3bf5b8 100644 (file)
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -686,6 +686,8 @@ DEFINE_LHASH_OF(SSL_SESSION);
  /* Needed in ssl_cert.c */
  DEFINE_LHASH_OF(X509_NAME);
  
+#define TLSEXT_KEYNAME_LENGTH 16
+
  struct ssl_ctx_st {
      const SSL_METHOD *method;
      STACK_OF(SSL_CIPHER) *cipher_list;
@@ -857,7 +859,7 @@ struct ssl_ctx_st {
      int (*tlsext_servername_callback) (SSL *, int *, void *);
      void *tlsext_servername_arg;
      /* RFC 4507 session ticket keys */
-    unsigned char tlsext_tick_key_name[16];
+    unsigned char tlsext_tick_key_name[TLSEXT_KEYNAME_LENGTH];
      unsigned char tlsext_tick_hmac_key[32];
      unsigned char tlsext_tick_aes_key[32];
      /* Callback to support customisation of ticket key setting */
diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c

index 60f92e5fb9f4eec2e990401577fa14e7ff3b7862..8aa0915a1992ef716c2c9e2d1e7762a1cd692cc2 100644 (file)
--- a/ssl/statem/statem_srvr.c
+++ b/ssl/statem/statem_srvr.c
@@ -2978,7 +2978,8 @@ int tls_construct_new_session_ticket(SSL *s)
      unsigned int hlen;
      SSL_CTX *tctx = s->initial_ctx;
      unsigned char iv[EVP_MAX_IV_LENGTH];
-    unsigned char key_name[16];
+    unsigned char key_name[TLSEXT_KEYNAME_LENGTH];
+    int iv_len;
  
      /* get session encoding length */
      slen_full = i2d_SSL_SESSION(s->session, NULL);
@@ -3028,13 +3029,14 @@ int tls_construct_new_session_ticket(SSL *s)
       * Grow buffer if need be: the length calculation is as
       * follows handshake_header_length +
       * 4 (ticket lifetime hint) + 2 (ticket length) +
-     * 16 (key name) + max_iv_len (iv length) +
-     * session_length + max_enc_block_size (max encrypted session
-     * length) + max_md_size (HMAC).
+     * sizeof(keyname) + max_iv_len (iv length) +
+     * max_enc_block_size (max encrypted session * length) +
+     * max_md_size (HMAC) + session_length.
       */
      if (!BUF_MEM_grow(s->init_buf,
-                      SSL_HM_HEADER_LENGTH(s) + 22 + EVP_MAX_IV_LENGTH +
-                      EVP_MAX_BLOCK_LENGTH + EVP_MAX_MD_SIZE + slen))
+                      SSL_HM_HEADER_LENGTH(s) + 6 + sizeof(key_name) +
+                      EVP_MAX_IV_LENGTH + EVP_MAX_BLOCK_LENGTH +
+                      EVP_MAX_MD_SIZE + slen))
          goto err;
  
      p = ssl_handshake_start(s);
@@ -3045,10 +3047,14 @@ int tls_construct_new_session_ticket(SSL *s)
      if (tctx->tlsext_ticket_key_cb) {
          if (tctx->tlsext_ticket_key_cb(s, key_name, iv, ctx, hctx, 1) < 0)
              goto err;
+        iv_len = EVP_CIPHER_CTX_iv_length(ctx);
      } else {
-        if (RAND_bytes(iv, 16) <= 0)
+        const EVP_CIPHER *cipher = EVP_aes_256_cbc();
+
+        iv_len = EVP_CIPHER_iv_length(cipher);
+        if (RAND_bytes(iv, iv_len) <= 0)
              goto err;
-        if (!EVP_EncryptInit_ex(ctx, EVP_aes_256_cbc(), NULL,
+        if (!EVP_EncryptInit_ex(ctx, cipher, NULL,
                                  tctx->tlsext_tick_aes_key, iv))
              goto err;
          if (!HMAC_Init_ex(hctx, tctx->tlsext_tick_hmac_key,
@@ -3070,11 +3076,11 @@ int tls_construct_new_session_ticket(SSL *s)
      p += 2;
      /* Output key name */
      macstart = p;
-    memcpy(p, key_name, 16);
-    p += 16;
+    memcpy(p, key_name, sizeof(key_name));
+    p += sizeof(key_name);
      /* output IV */
-    memcpy(p, iv, EVP_CIPHER_CTX_iv_length(ctx));
-    p += EVP_CIPHER_CTX_iv_length(ctx);
+    memcpy(p, iv, iv_len);
+    p += iv_len;
      /* Encrypt session data */
      if (!EVP_EncryptUpdate(ctx, p, &len, senc, slen))
          goto err;
author	Kurt Roeckx <kurt@roeckx.be>
	Wed, 2 Mar 2016 13:39:14 +0000 (14:39 +0100)
committer	Kurt Roeckx <kurt@roeckx.be>
	Mon, 16 May 2016 18:43:20 +0000 (20:43 +0200)
ssl/s3_lib.c		patch \| blob \| history
ssl/ssl_locl.h		patch \| blob \| history
ssl/statem/statem_srvr.c		patch \| blob \| history