1 |
|
|
/* $OpenBSD: t1_hash.c,v 1.2 2017/05/06 16:18:36 jsing Exp $ */ |
2 |
|
|
/* |
3 |
|
|
* Copyright (c) 2017 Joel Sing <jsing@openbsd.org> |
4 |
|
|
* |
5 |
|
|
* Permission to use, copy, modify, and distribute this software for any |
6 |
|
|
* purpose with or without fee is hereby granted, provided that the above |
7 |
|
|
* copyright notice and this permission notice appear in all copies. |
8 |
|
|
* |
9 |
|
|
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES |
10 |
|
|
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF |
11 |
|
|
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR |
12 |
|
|
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES |
13 |
|
|
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN |
14 |
|
|
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF |
15 |
|
|
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
16 |
|
|
*/ |
17 |
|
|
|
18 |
|
|
#include "ssl_locl.h" |
19 |
|
|
|
20 |
|
|
#include <openssl/ssl.h> |
21 |
|
|
|
22 |
|
|
int |
23 |
|
|
tls1_handshake_hash_init(SSL *s) |
24 |
|
|
{ |
25 |
|
16882 |
const EVP_MD *md; |
26 |
|
|
long dlen; |
27 |
|
8441 |
void *data; |
28 |
|
|
|
29 |
|
8441 |
tls1_handshake_hash_free(s); |
30 |
|
|
|
31 |
✗✓ |
8441 |
if (!ssl_get_handshake_evp_md(s, &md)) { |
32 |
|
|
SSLerrorx(ERR_R_INTERNAL_ERROR); |
33 |
|
|
goto err; |
34 |
|
|
} |
35 |
|
|
|
36 |
✗✓ |
8441 |
if ((S3I(s)->handshake_hash = EVP_MD_CTX_create()) == NULL) { |
37 |
|
|
SSLerror(s, ERR_R_MALLOC_FAILURE); |
38 |
|
|
goto err; |
39 |
|
|
} |
40 |
✗✓ |
8441 |
if (!EVP_DigestInit_ex(S3I(s)->handshake_hash, md, NULL)) { |
41 |
|
|
SSLerror(s, ERR_R_EVP_LIB); |
42 |
|
|
goto err; |
43 |
|
|
} |
44 |
|
|
|
45 |
|
8441 |
dlen = BIO_get_mem_data(S3I(s)->handshake_buffer, &data); |
46 |
✗✓ |
8441 |
if (dlen <= 0) { |
47 |
|
|
SSLerror(s, SSL_R_BAD_HANDSHAKE_LENGTH); |
48 |
|
|
goto err; |
49 |
|
|
} |
50 |
✗✓ |
8441 |
if (!tls1_handshake_hash_update(s, data, dlen)) { |
51 |
|
|
SSLerror(s, ERR_R_EVP_LIB); |
52 |
|
|
goto err; |
53 |
|
|
} |
54 |
|
|
|
55 |
|
8441 |
return 1; |
56 |
|
|
|
57 |
|
|
err: |
58 |
|
|
tls1_handshake_hash_free(s); |
59 |
|
|
|
60 |
|
|
return 0; |
61 |
|
8441 |
} |
62 |
|
|
|
63 |
|
|
int |
64 |
|
|
tls1_handshake_hash_update(SSL *s, const unsigned char *buf, size_t len) |
65 |
|
|
{ |
66 |
✓✓ |
98384 |
if (S3I(s)->handshake_hash == NULL) |
67 |
|
16662 |
return 1; |
68 |
|
|
|
69 |
|
32530 |
return EVP_DigestUpdate(S3I(s)->handshake_hash, buf, len); |
70 |
|
49192 |
} |
71 |
|
|
|
72 |
|
|
int |
73 |
|
|
tls1_handshake_hash_value(SSL *s, const unsigned char *out, size_t len, |
74 |
|
|
size_t *outlen) |
75 |
|
|
{ |
76 |
|
|
EVP_MD_CTX *mdctx = NULL; |
77 |
|
50662 |
unsigned int mdlen; |
78 |
|
|
int ret = 0; |
79 |
|
|
|
80 |
✓✗ |
25331 |
if (EVP_MD_CTX_size(S3I(s)->handshake_hash) > len) |
81 |
|
|
goto err; |
82 |
|
|
|
83 |
✗✓ |
25331 |
if ((mdctx = EVP_MD_CTX_create()) == NULL) { |
84 |
|
|
SSLerror(s, ERR_R_MALLOC_FAILURE); |
85 |
|
|
goto err; |
86 |
|
|
} |
87 |
✗✓ |
25331 |
if (!EVP_MD_CTX_copy_ex(mdctx, S3I(s)->handshake_hash)) { |
88 |
|
|
SSLerror(s, ERR_R_EVP_LIB); |
89 |
|
|
goto err; |
90 |
|
|
} |
91 |
✗✓ |
25331 |
if (!EVP_DigestFinal_ex(mdctx, (unsigned char *)out, &mdlen)) { |
92 |
|
|
SSLerror(s, ERR_R_EVP_LIB); |
93 |
|
|
goto err; |
94 |
|
|
} |
95 |
✓✓ |
25331 |
if (outlen != NULL) |
96 |
|
25203 |
*outlen = mdlen; |
97 |
|
|
|
98 |
|
25331 |
ret = 1; |
99 |
|
|
|
100 |
|
|
err: |
101 |
|
25331 |
EVP_MD_CTX_destroy(mdctx); |
102 |
|
|
|
103 |
|
25331 |
return (ret); |
104 |
|
25331 |
} |
105 |
|
|
|
106 |
|
|
void |
107 |
|
|
tls1_handshake_hash_free(SSL *s) |
108 |
|
|
{ |
109 |
|
46318 |
EVP_MD_CTX_destroy(S3I(s)->handshake_hash); |
110 |
|
23159 |
S3I(s)->handshake_hash = NULL; |
111 |
|
23159 |
} |