]> granicus.if.org Git - openssl/commitdiff
SSL export fixes (from Adam Langley) [original from 1.0.1]
authorDr. Stephen Henson <steve@openssl.org>
Wed, 22 Feb 2012 15:06:56 +0000 (15:06 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Wed, 22 Feb 2012 15:06:56 +0000 (15:06 +0000)
ssl/s3_lib.c
ssl/ssl_lib.c
ssl/ssl_locl.h
ssl/t1_enc.c
ssl/tls1.h

index 9f1e1dfaa0306d89887ee5dcd81fd1cdd4628f33..db79a99ccd69cfaa66f5fa0f974a76650b688480 100644 (file)
@@ -2904,8 +2904,8 @@ SSL3_ENC_METHOD SSLv3_enc_data={
        SSL3_MD_CLIENT_FINISHED_CONST,4,
        SSL3_MD_SERVER_FINISHED_CONST,4,
        ssl3_alert_code,
-       (int (*)(SSL *, unsigned char *, unsigned int, const char *,
-                unsigned int, const unsigned char *, unsigned int,
+       (int (*)(SSL *, unsigned char *, size_t, const char *,
+                size_t, const unsigned char *, size_t,
                 int use_context))ssl_undefined_function,
        };
 
index c1c825b533ecb43533272b798eb28c43a3eb02fe..7a4943dec6fe195e3564178a5662b082016a118b 100644 (file)
@@ -178,9 +178,9 @@ SSL3_ENC_METHOD ssl3_undef_enc_method={
        NULL,   /* server_finished_label */
        0,      /* server_finished_label_len */
        (int (*)(int))ssl_undefined_function,
-       (int (*)(SSL *, unsigned char *, unsigned int, const char *,
-                unsigned int, const unsigned char *, unsigned int,
-                int use_context))ssl_undefined_function,
+       (int (*)(SSL *, unsigned char *, size_t, const char *,
+                size_t, const unsigned char *, size_t,
+                int use_context)) ssl_undefined_function,
        };
 
 int SSL_clear(SSL *s)
@@ -1632,8 +1632,9 @@ void SSL_CTX_set_next_proto_select_cb(SSL_CTX *ctx, int (*cb) (SSL *s, unsigned
 # endif
 #endif
 
-int SSL_export_keying_material(SSL *s, unsigned char *out, int olen, 
-        char *label, int llen, unsigned char *p, int plen, int use_context)
+int SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen,
+       const char *label, size_t llen, const unsigned char *p, size_t plen,
+       int use_context)
        {
        if (s->version < TLS1_VERSION)
                return -1;
index 95b531e8324c717cb950ca958862e4b15587b680..bdaca8bf4004e0085e93e0f9f7fa596ca30c143b 100644 (file)
@@ -571,11 +571,11 @@ typedef struct ssl3_enc_method
        const char *server_finished_label;
        int server_finished_label_len;
        int (*alert_value)(int);
-        int (*export_keying_material)(SSL *, unsigned char *, unsigned int,
-                                     const char *, unsigned int,
-                                     const unsigned char *, unsigned int,
-                                     int use_context);
-       } SSL3_ENC_METHOD;
+       int (*export_keying_material)(SSL *, unsigned char *, size_t,
+                                     const char *, size_t,
+                                     const unsigned char *, size_t,
+                                     int use_context);
+       } SSL3_ENC_METHOD;
 
 #ifndef OPENSSL_NO_COMP
 /* Used for holding the relevant compression methods loaded into SSL_CTX */
@@ -1068,9 +1068,9 @@ int tls1_cert_verify_mac(SSL *s, int md_nid, unsigned char *p);
 int tls1_mac(SSL *ssl, unsigned char *md, int snd);
 int tls1_generate_master_secret(SSL *s, unsigned char *out,
        unsigned char *p, int len);
-int tls1_export_keying_material(SSL *s, unsigned char *out, unsigned int olen, 
-       const char *label, unsigned int llen, const unsigned char *p, 
-        unsigned int plen, int use_context);
+int tls1_export_keying_material(SSL *s, unsigned char *out, size_t olen,
+       const char *label, size_t llen,
+       const unsigned char *p, size_t plen, int use_context);
 int tls1_alert_code(int code);
 int ssl3_alert_code(int code);
 int ssl_ok(SSL *s);
index 5c1074e245e7407160b3ed82db4b2ee04adacf69..f32393c56b0c6954b4f47a7f5dcf50c4fa5e4882 100644 (file)
@@ -1119,16 +1119,17 @@ int tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p,
        return(SSL3_MASTER_SECRET_SIZE);
        }
 
-int tls1_export_keying_material(SSL *s, unsigned char *out, unsigned int olen, 
-         const char *label, unsigned int llen, const unsigned char *context, 
-         unsigned int contextlen, int use_context)
+int tls1_export_keying_material(SSL *s, unsigned char *out, size_t olen,
+        const char *label, size_t llen, const unsigned char *context,
+        size_t contextlen, int use_context)
        {
        unsigned char *buff;
        unsigned char *val = NULL;
-       unsigned int vallen, currentvalpos, rv;
+       size_t vallen, currentvalpos;
+       int rv;
 
 #ifdef KSSL_DEBUG
-       printf ("tls1_export_keying_material(%p, %p,%d, %s,%d, %p,%d)\n", s, out,olen, label,llen, p,plen);
+       printf ("tls1_export_keying_material(%p,%p,%d,%s,%d,%p,%d)\n", s, out, olen, label, llen, p, plen);
 #endif /* KSSL_DEBUG */
 
        buff = OPENSSL_malloc(olen);
@@ -1140,10 +1141,10 @@ int tls1_export_keying_material(SSL *s, unsigned char *out, unsigned int olen,
         * does not create a prohibited label.
         */
        vallen = llen + SSL3_RANDOM_SIZE * 2;
-        if (use_context) 
-                {
-                vallen +=  2 + contextlen;
-                }
+       if (use_context)
+               {
+               vallen += 2 + contextlen;
+               }
 
        val = OPENSSL_malloc(vallen);
        if (val == NULL) goto err2;
@@ -1155,17 +1156,17 @@ int tls1_export_keying_material(SSL *s, unsigned char *out, unsigned int olen,
        memcpy(val + currentvalpos, s->s3->server_random, SSL3_RANDOM_SIZE);
        currentvalpos += SSL3_RANDOM_SIZE;
 
-        if (use_context)
-                {
-                val[currentvalpos] = (contextlen << 8) & 0xff;
-                currentvalpos++;
-                val[currentvalpos] = contextlen & 0xff;
-                currentvalpos++;
-                if ((contextlen > 0) || (context != NULL)) 
-                        {
-                        memcpy(val + currentvalpos, context, contextlen);
-                        }
-                }
+       if (use_context)
+               {
+               val[currentvalpos] = (contextlen >> 8) & 0xff;
+               currentvalpos++;
+               val[currentvalpos] = contextlen & 0xff;
+               currentvalpos++;
+               if ((contextlen > 0) || (context != NULL))
+                       {
+                       memcpy(val + currentvalpos, context, contextlen);
+                       }
+               }
 
        /* disallow prohibited labels
         * note that SSL3_RANDOM_SIZE > max(prohibited label len) =
@@ -1181,19 +1182,18 @@ int tls1_export_keying_material(SSL *s, unsigned char *out, unsigned int olen,
        if (memcmp(val, TLS_MD_KEY_EXPANSION_CONST,
                 TLS_MD_KEY_EXPANSION_CONST_SIZE) == 0) goto err1;
 
-       tls1_PRF(s->s3->tmp.new_cipher->algorithm2,
-               val, vallen,
-               NULL, 0,
-               NULL, 0,
-               NULL, 0,
-               NULL, 0,
-               s->session->master_key,s->session->master_key_length,
-               out,buff,olen);
+       rv = tls1_PRF(s->s3->tmp.new_cipher->algorithm2,
+                     val, vallen,
+                     NULL, 0,
+                     NULL, 0,
+                     NULL, 0,
+                     NULL, 0,
+                     s->session->master_key,s->session->master_key_length,
+                     out,buff,olen);
 
 #ifdef KSSL_DEBUG
        printf ("tls1_export_keying_material() complete\n");
 #endif /* KSSL_DEBUG */
-       rv = olen;
        goto ret;
 err1:
        SSLerr(SSL_F_TLS1_EXPORT_KEYING_MATERIAL, SSL_R_TLS_ILLEGAL_EXPORTER_LABEL);
index 49575e79890759c2a126118d4e9a0fad66de3789..c5e3a70022b5ac5c13b1176db53ad6757af1bcb0 100644 (file)
@@ -265,8 +265,16 @@ extern "C" {
 
 const char *SSL_get_servername(const SSL *s, const int type);
 int SSL_get_servername_type(const SSL *s);
-int SSL_export_keying_material(SSL *s, unsigned char *out, int olen, 
-        char *label, int llen, unsigned char *p, int plen, int use_context);
+/* SSL_export_keying_material exports a value derived from the master secret,
+ * as specified in RFC 5705. It writes |olen| bytes to |out| given a label and
+ * optional context. (Since a zero length context is allowed, the |use_context|
+ * flag controls whether a context is included.)
+ *
+ * It returns 1 on success and zero otherwise.
+ */
+int SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen,
+       const char *label, size_t llen, const unsigned char *p, size_t plen,
+       int use_context);
 
 #define SSL_set_tlsext_host_name(s,name) \
 SSL_ctrl(s,SSL_CTRL_SET_TLSEXT_HOSTNAME,TLSEXT_NAMETYPE_host_name,(char *)name)