Date: Mon, 12 Aug 2002 19:23:22 -0700 (PDT) From: Peter Wemm <peter@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 15889 for review Message-ID: <200208130223.g7D2NMkD067101@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://people.freebsd.org/~peter/p4db/chv.cgi?CH=15889 Change 15889 by peter@peter_daintree on 2002/08/12 19:23:06 un-fubar this file too Affected files ... .. //depot/projects/ia64/crypto/openssl/ssl/s3_enc.c#4 integrate Differences ... ==== //depot/projects/ia64/crypto/openssl/ssl/s3_enc.c#4 (text+ko) ==== @@ -528,212 +528,143 @@ EVP_DigestUpdate(&ctx,ssl3_pad_1,npad); EVP_DigestFinal(&ctx,md_buf,&i); -d); + EVP_DigestInit(&ctx,EVP_MD_CTX_md(&ctx)); + EVP_DigestUpdate(&ctx,s->session->master_key, + s->session->master_key_length); + EVP_DigestUpdate(&ctx,ssl3_pad_2,npad); + EVP_DigestUpdate(&ctx,md_buf,i); + EVP_DigestFinal(&ctx,p,&ret); - s->state=SSL3_ST_CW_KEY_EXCH_B; - /* number of bytes to write */ - s->init_num=n+4; - s->init_off=0; - } + memset(&ctx,0,sizeof(EVP_MD_CTX)); - /* SSL3_ST_CW_KEY_EXCH_B */ - return(ssl3_do_write(s,SSL3_RT_HANDSHAKE)); -err: - return(-1); + return((int)ret); } -static int ssl3_send_client_verify(SSL *s) +int ssl3_mac(SSL *ssl, unsigned char *md, int send) { - unsigned char *p,*d; - unsigned char data[MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH]; - EVP_PKEY *pkey; -#ifndef NO_RSA - unsigned u=0; -#endif - unsigned long n; -#ifndef NO_DSA - int j; -#endif + SSL3_RECORD *rec; + unsigned char *mac_sec,*seq; + EVP_MD_CTX md_ctx; + const EVP_MD *hash; + unsigned char *p,rec_char; + unsigned int md_size; + int npad,i; - if (s->state == SSL3_ST_CW_CERT_VRFY_A) + if (send) { - d=(unsigned char *)s->init_buf->data; - p= &(d[4]); - pkey=s->cert->key->privatekey; - - s->method->ssl3_enc->cert_verify_mac(s,&(s->s3->finish_dgst2), - &(data[MD5_DIGEST_LENGTH])); - -#ifndef NO_RSA - if (pkey->type == EVP_PKEY_RSA) - { - s->method->ssl3_enc->cert_verify_mac(s, - &(s->s3->finish_dgst1),&(data[0])); - if (RSA_sign(NID_md5_sha1, data, - MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH, - &(p[2]), &u, pkey->pkey.rsa) <= 0 ) - { - SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,ERR_R_RSA_LIB); - goto err; - } - s2n(u,p); - n=u+2; - } - else -#endif -#ifndef NO_DSA - if (pkey->type == EVP_PKEY_DSA) - { - if (!DSA_sign(pkey->save_type, - &(data[MD5_DIGEST_LENGTH]), - SHA_DIGEST_LENGTH,&(p[2]), - (unsigned int *)&j,pkey->pkey.dsa)) - { - SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,ERR_R_DSA_LIB); - goto err; - } - s2n(j,p); - n=j+2; - } - else -#endif - { - SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,SSL_R_INTERNAL_ERROR); - goto err; - } - *(d++)=SSL3_MT_CERTIFICATE_VERIFY; - l2n3(n,d); - - s->init_num=(int)n+4; - s->init_off=0; + rec= &(ssl->s3->wrec); + mac_sec= &(ssl->s3->write_mac_secret[0]); + seq= &(ssl->s3->write_sequence[0]); + hash=ssl->write_hash; } - return(ssl3_do_write(s,SSL3_RT_HANDSHAKE)); -err: - return(-1); - } - -static int ssl3_send_client_certificate(SSL *s) - { - X509 *x509=NULL; - EVP_PKEY *pkey=NULL; - int i; - unsigned long l; - - if (s->state == SSL3_ST_CW_CERT_A) + else { - if ((s->cert == NULL) || - (s->cert->key->x509 == NULL) || - (s->cert->key->privatekey == NULL)) - s->state=SSL3_ST_CW_CERT_B; - else - s->state=SSL3_ST_CW_CERT_C; + rec= &(ssl->s3->rrec); + mac_sec= &(ssl->s3->read_mac_secret[0]); + seq= &(ssl->s3->read_sequence[0]); + hash=ssl->read_hash; } - /* We need to get a client cert */ - if (s->state == SSL3_ST_CW_CERT_B) - { - /* If we get an error, we need to - * ssl->rwstate=SSL_X509_LOOKUP; return(-1); - * We then get retied later */ - i=0; - if (s->ctx->client_cert_cb != NULL) - i=s->ctx->client_cert_cb(s,&(x509),&(pkey)); - if (i < 0) - { - s->rwstate=SSL_X509_LOOKUP; - return(-1); - } - s->rwstate=SSL_NOTHING; - if ((i == 1) && (pkey != NULL) && (x509 != NULL)) - { - s->state=SSL3_ST_CW_CERT_B; - if ( !SSL_use_certificate(s,x509) || - !SSL_use_PrivateKey(s,pkey)) - i=0; - } - else if (i == 1) - { - i=0; - SSLerr(SSL_F_SSL3_SEND_CLIENT_CERTIFICATE,SSL_R_BAD_DATA_RETURNED_BY_CALLBACK); - } + md_size=EVP_MD_size(hash); + npad=(48/md_size)*md_size; + + /* Chop the digest off the end :-) */ - if (x509 != NULL) X509_free(x509); - if (pkey != NULL) EVP_PKEY_free(pkey); - if (i == 0) - { - if (s->version == SSL3_VERSION) - { - s->s3->tmp.cert_req=0; - ssl3_send_alert(s,SSL3_AL_WARNING,SSL_AD_NO_CERTIFICATE); - return(1); - } - else - { - s->s3->tmp.cert_req=2; - } - } + EVP_DigestInit( &md_ctx,hash); + EVP_DigestUpdate(&md_ctx,mac_sec,md_size); + EVP_DigestUpdate(&md_ctx,ssl3_pad_1,npad); + EVP_DigestUpdate(&md_ctx,seq,8); + rec_char=rec->type; + EVP_DigestUpdate(&md_ctx,&rec_char,1); + p=md; + s2n(rec->length,p); + EVP_DigestUpdate(&md_ctx,md,2); + EVP_DigestUpdate(&md_ctx,rec->input,rec->length); + EVP_DigestFinal( &md_ctx,md,NULL); - /* Ok, we have a cert */ - s->state=SSL3_ST_CW_CERT_C; - } + EVP_DigestInit( &md_ctx,hash); + EVP_DigestUpdate(&md_ctx,mac_sec,md_size); + EVP_DigestUpdate(&md_ctx,ssl3_pad_2,npad); + EVP_DigestUpdate(&md_ctx,md,md_size); + EVP_DigestFinal( &md_ctx,md,&md_size); - if (s->state == SSL3_ST_CW_CERT_C) + for (i=7; i>=0; i--) { - s->state=SSL3_ST_CW_CERT_D; - l=ssl3_output_cert_chain(s, - (s->s3->tmp.cert_req == 2)?NULL:s->cert->key->x509); - s->init_num=(int)l; - s->init_off=0; + ++seq[i]; + if (seq[i] != 0) break; } - /* SSL3_ST_CW_CERT_D */ - return(ssl3_do_write(s,SSL3_RT_HANDSHAKE)); + + return(md_size); } -#define has_bits(i,m) (((i)&(m)) == (m)) - -static int ssl3_check_cert_and_algorithm(SSL *s) +int ssl3_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p, + int len) { - int i,idx; - long algs; - EVP_PKEY *pkey=NULL; - SESS_CERT *sc; -#ifndef NO_RSA - RSA *rsa; + static const unsigned char *salt[3]={ +#ifndef CHARSET_EBCDIC + (const unsigned char *)"A", + (const unsigned char *)"BB", + (const unsigned char *)"CCC", +#else + (const unsigned char *)"\x41", + (const unsigned char *)"\x42\x42", + (const unsigned char *)"\x43\x43\x43", #endif -#ifndef NO_DH - DH *dh; -#endif + }; + unsigned char buf[EVP_MAX_MD_SIZE]; + EVP_MD_CTX ctx; + int i,ret=0; + unsigned int n; - sc=s->session->sess_cert; + for (i=0; i<3; i++) + { + EVP_DigestInit(&ctx,s->ctx->sha1); + EVP_DigestUpdate(&ctx,salt[i],strlen((const char *)salt[i])); + EVP_DigestUpdate(&ctx,p,len); + EVP_DigestUpdate(&ctx,&(s->s3->client_random[0]), + SSL3_RANDOM_SIZE); + EVP_DigestUpdate(&ctx,&(s->s3->server_random[0]), + SSL3_RANDOM_SIZE); + EVP_DigestFinal(&ctx,buf,&n); - if (sc == NULL) - { - SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_INTERNAL_ERROR); - goto err; + EVP_DigestInit(&ctx,s->ctx->md5); + EVP_DigestUpdate(&ctx,p,len); + EVP_DigestUpdate(&ctx,buf,n); + EVP_DigestFinal(&ctx,out,&n); + out+=n; + ret+=n; } + return(ret); + } - algs=s->s3->tmp.new_cipher->algorithms; - - /* we don't have a certificate */ - if (algs & (SSL_aDH|SSL_aNULL)) - return(1); - -#ifndef NO_RSA - rsa=s->session->sess_cert->peer_rsa_tmp; -#endif -#ifndef NO_DH - dh=s->session->sess_cert->peer_dh_tmp; -#endif - - /* This is the passed certificate */ - - idx=sc->peer_cert_type; - pkey=X509_get_pubkey(sc->peer_pkeys[idx].x509); - i=X509_certificate_type(sc->peer_pkeys[idx].x509,pkey); - EVP_PKEY_free(pkey); - - - /* Check that we have a certificate SSL_AD_NO_RENEGOTIATION: return(-1); /* Don't send it :-) */ +int ssl3_alert_code(int code) + { + switch (code) + { + case SSL_AD_CLOSE_NOTIFY: return(SSL3_AD_CLOSE_NOTIFY); + case SSL_AD_UNEXPECTED_MESSAGE: return(SSL3_AD_UNEXPECTED_MESSAGE); + case SSL_AD_BAD_RECORD_MAC: return(SSL3_AD_BAD_RECORD_MAC); + case SSL_AD_DECRYPTION_FAILED: return(SSL3_AD_BAD_RECORD_MAC); + case SSL_AD_RECORD_OVERFLOW: return(SSL3_AD_BAD_RECORD_MAC); + case SSL_AD_DECOMPRESSION_FAILURE:return(SSL3_AD_DECOMPRESSION_FAILURE); + case SSL_AD_HANDSHAKE_FAILURE: return(SSL3_AD_HANDSHAKE_FAILURE); + case SSL_AD_NO_CERTIFICATE: return(SSL3_AD_NO_CERTIFICATE); + case SSL_AD_BAD_CERTIFICATE: return(SSL3_AD_BAD_CERTIFICATE); + case SSL_AD_UNSUPPORTED_CERTIFICATE:return(SSL3_AD_UNSUPPORTED_CERTIFICATE); + case SSL_AD_CERTIFICATE_REVOKED:return(SSL3_AD_CERTIFICATE_REVOKED); + case SSL_AD_CERTIFICATE_EXPIRED:return(SSL3_AD_CERTIFICATE_EXPIRED); + case SSL_AD_CERTIFICATE_UNKNOWN:return(SSL3_AD_CERTIFICATE_UNKNOWN); + case SSL_AD_ILLEGAL_PARAMETER: return(SSL3_AD_ILLEGAL_PARAMETER); + case SSL_AD_UNKNOWN_CA: return(SSL3_AD_BAD_CERTIFICATE); + case SSL_AD_ACCESS_DENIED: return(SSL3_AD_HANDSHAKE_FAILURE); + case SSL_AD_DECODE_ERROR: return(SSL3_AD_HANDSHAKE_FAILURE); + case SSL_AD_DECRYPT_ERROR: return(SSL3_AD_HANDSHAKE_FAILURE); + case SSL_AD_EXPORT_RESTRICTION: return(SSL3_AD_HANDSHAKE_FAILURE); + case SSL_AD_PROTOCOL_VERSION: return(SSL3_AD_HANDSHAKE_FAILURE); + case SSL_AD_INSUFFICIENT_SECURITY:return(SSL3_AD_HANDSHAKE_FAILURE); + case SSL_AD_INTERNAL_ERROR: return(SSL3_AD_HANDSHAKE_FAILURE); + case SSL_AD_USER_CANCELLED: return(SSL3_AD_HANDSHAKE_FAILURE); + case SSL_AD_NO_RENEGOTIATION: return(-1); /* Don't send it :-) */ default: return(-1); } } To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe p4-projects" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200208130223.g7D2NMkD067101>