[openssl-commits] [openssl] master update
Dr. Stephen Henson
steve at openssl.org
Tue May 23 14:52:31 UTC 2017
The branch master has been updated
via caf2b6b54f04e89585184ba7bb4cb80b818d5ede (commit)
from 719b289d62d32fe45226e8bc5b4fb0d76f6a1b5d (commit)
- Log -----------------------------------------------------------------
commit caf2b6b54f04e89585184ba7bb4cb80b818d5ede
Author: Dr. Stephen Henson <steve at openssl.org>
Date: Tue May 23 12:56:51 2017 +0100
Don't use one shot API for SSLv3.
SSLv3 (specifically with client auth) cannot use one shot APIs: the digested
data and the master secret are handled in separate update operations. So
in the special case of SSLv3 use the streaming API.
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3527)
-----------------------------------------------------------------------
Summary of changes:
ssl/statem/statem_lib.c | 55 ++++++++++++++++++++++++++++---------------------
1 file changed, 32 insertions(+), 23 deletions(-)
diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c
index fbf5a3c..c2b1485 100644
--- a/ssl/statem/statem_lib.c
+++ b/ssl/statem/statem_lib.c
@@ -264,16 +264,18 @@ int tls_construct_cert_verify(SSL *s, WPACKET *pkt)
SSLerr(SSL_F_TLS_CONSTRUCT_CERT_VERIFY, ERR_R_EVP_LIB);
goto err;
}
- } else if (s->version == SSL3_VERSION) {
- if (!EVP_MD_CTX_ctrl(mctx, EVP_CTRL_SSL3_MASTER_SECRET,
- (int)s->session->master_key_length,
- s->session->master_key)) {
+ }
+ if (s->version == SSL3_VERSION) {
+ if (EVP_DigestSignUpdate(mctx, hdata, hdatalen) <= 0
+ || !EVP_MD_CTX_ctrl(mctx, EVP_CTRL_SSL3_MASTER_SECRET,
+ (int)s->session->master_key_length,
+ s->session->master_key)
+ || EVP_DigestSignFinal(mctx, sig, &siglen) <= 0) {
+
SSLerr(SSL_F_TLS_CONSTRUCT_CERT_VERIFY, ERR_R_EVP_LIB);
goto err;
}
- }
-
- if (EVP_DigestSign(mctx, sig, &siglen, hdata, hdatalen) <= 0) {
+ } else if (EVP_DigestSign(mctx, sig, &siglen, hdata, hdatalen) <= 0) {
SSLerr(SSL_F_TLS_CONSTRUCT_CERT_VERIFY, ERR_R_EVP_LIB);
goto err;
}
@@ -436,23 +438,30 @@ MSG_PROCESS_RETURN tls_process_cert_verify(SSL *s, PACKET *pkt)
SSLerr(SSL_F_TLS_PROCESS_CERT_VERIFY, ERR_R_EVP_LIB);
goto f_err;
}
- } else if (s->version == SSL3_VERSION
- && !EVP_MD_CTX_ctrl(mctx, EVP_CTRL_SSL3_MASTER_SECRET,
- (int)s->session->master_key_length,
- s->session->master_key)) {
- SSLerr(SSL_F_TLS_PROCESS_CERT_VERIFY, ERR_R_EVP_LIB);
- goto f_err;
}
-
- j = EVP_DigestVerify(mctx, data, len, hdata, hdatalen);
-
- if (j < 0) {
- SSLerr(SSL_F_TLS_PROCESS_CERT_VERIFY, ERR_R_EVP_LIB);
- goto f_err;
- } else if (j == 0) {
- al = SSL_AD_DECRYPT_ERROR;
- SSLerr(SSL_F_TLS_PROCESS_CERT_VERIFY, SSL_R_BAD_SIGNATURE);
- goto f_err;
+ if (s->version == SSL3_VERSION) {
+ if (EVP_DigestVerifyUpdate(mctx, hdata, hdatalen) <= 0
+ || !EVP_MD_CTX_ctrl(mctx, EVP_CTRL_SSL3_MASTER_SECRET,
+ (int)s->session->master_key_length,
+ s->session->master_key)) {
+ SSLerr(SSL_F_TLS_PROCESS_CERT_VERIFY, ERR_R_EVP_LIB);
+ goto f_err;
+ }
+ if (EVP_DigestVerifyFinal(mctx, data, len) <= 0) {
+ al = SSL_AD_DECRYPT_ERROR;
+ SSLerr(SSL_F_TLS_PROCESS_CERT_VERIFY, SSL_R_BAD_SIGNATURE);
+ goto f_err;
+ }
+ } else {
+ j = EVP_DigestVerify(mctx, data, len, hdata, hdatalen);
+ if (j < 0) {
+ SSLerr(SSL_F_TLS_PROCESS_CERT_VERIFY, ERR_R_EVP_LIB);
+ goto f_err;
+ } else if (j == 0) {
+ al = SSL_AD_DECRYPT_ERROR;
+ SSLerr(SSL_F_TLS_PROCESS_CERT_VERIFY, SSL_R_BAD_SIGNATURE);
+ goto f_err;
+ }
}
ret = MSG_PROCESS_CONTINUE_READING;
More information about the openssl-commits
mailing list