diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2002-08-21 15:44:13 +0000 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2002-08-21 15:44:13 +0000 |
commit | 01efdb4e9530731cbfc4e269abb2af61d4bc5b49 (patch) | |
tree | 50cdd33c3e8f29a035ef687512cd53d1559c8c99 | |
parent | e3b2389b5fbb3550c25615ed0b84ab5e4e255f4b (diff) | |
download | gnutls-01efdb4e9530731cbfc4e269abb2af61d4bc5b49.tar.gz |
corrected bug in SSL3 random generation function. Now the export ciphersuite works in SSL3 mode too.
-rw-r--r-- | lib/gnutls_constate.c | 14 | ||||
-rw-r--r-- | lib/gnutls_hash_int.c | 166 |
2 files changed, 104 insertions, 76 deletions
diff --git a/lib/gnutls_constate.c b/lib/gnutls_constate.c index 9d02e19c0c..db1c89af68 100644 --- a/lib/gnutls_constate.c +++ b/lib/gnutls_constate.c @@ -54,6 +54,9 @@ static const int servwrite_length = sizeof(servwrite) - 1; int _gnutls_set_keys(GNUTLS_STATE state, int hash_size, int IV_size, int key_size, int export_flag) { + +/* FIXME: This function is too long + */ opaque *key_block; char random[2 * TLS_RANDOM_SIZE]; char rrandom[2 * TLS_RANDOM_SIZE]; @@ -199,13 +202,12 @@ int _gnutls_set_keys(GNUTLS_STATE state, int hash_size, int IV_size, client_write_key_size = EXPORT_FINAL_KEY_SIZE; pos += key_size; - if (state->security_parameters.version == GNUTLS_SSL3) { /* SSL 3 */ + if (state->security_parameters.version == GNUTLS_SSL3) { /* SSL 3 */ ret = - _gnutls_ssl3_hash_md5(&key_block - [pos], key_size, - random, 2 * TLS_RANDOM_SIZE, - EXPORT_FINAL_KEY_SIZE, - server_write_key); + _gnutls_ssl3_hash_md5(&key_block[pos], key_size, + random, 2 * TLS_RANDOM_SIZE, + EXPORT_FINAL_KEY_SIZE, + server_write_key); } else { /* TLS 1.0 */ ret = _gnutls_PRF(&key_block[pos], key_size, diff --git a/lib/gnutls_hash_int.c b/lib/gnutls_hash_int.c index 4d772e0ae8..0c054d9aff 100644 --- a/lib/gnutls_hash_int.c +++ b/lib/gnutls_hash_int.c @@ -35,7 +35,8 @@ GNUTLS_HASH_HANDLE _gnutls_hash_init(MACAlgorithm algorithm) switch (algorithm) { case GNUTLS_MAC_SHA: ret = gnutls_malloc(sizeof(GNUTLS_MAC_HANDLE_INT)); - if (ret==NULL) return GNUTLS_HASH_FAILED; + if (ret == NULL) + return GNUTLS_HASH_FAILED; #ifdef USE_MHASH ret->handle = mhash_init(MHASH_SHA1); #else @@ -49,7 +50,8 @@ GNUTLS_HASH_HANDLE _gnutls_hash_init(MACAlgorithm algorithm) case GNUTLS_MAC_MD5: ret = gnutls_malloc(sizeof(GNUTLS_MAC_HANDLE_INT)); - if (ret==NULL) return GNUTLS_HASH_FAILED; + if (ret == NULL) + return GNUTLS_HASH_FAILED; #ifdef USE_MHASH ret->handle = mhash_init(MHASH_MD5); #else @@ -65,7 +67,8 @@ GNUTLS_HASH_HANDLE _gnutls_hash_init(MACAlgorithm algorithm) ret = GNUTLS_HASH_FAILED; } - if (ret!=GNUTLS_HASH_FAILED) ret->algorithm = algorithm; + if (ret != GNUTLS_HASH_FAILED) + ret->algorithm = algorithm; return ret; } @@ -101,23 +104,24 @@ int _gnutls_hash(GNUTLS_HASH_HANDLE handle, const void *text, int textlen) { if (textlen > 0) #ifdef USE_MHASH - mhash(handle->handle, text, textlen); + mhash(handle->handle, text, textlen); #else - gcry_md_write(handle->handle, text, textlen); + gcry_md_write(handle->handle, text, textlen); #endif return 0; } GNUTLS_HASH_HANDLE _gnutls_hash_copy(GNUTLS_HASH_HANDLE handle) { -GNUTLS_HASH_HANDLE ret; + GNUTLS_HASH_HANDLE ret; ret = gnutls_malloc(sizeof(GNUTLS_MAC_HANDLE_INT)); - if (ret==NULL) return GNUTLS_HASH_FAILED; + if (ret == NULL) + return GNUTLS_HASH_FAILED; ret->algorithm = handle->algorithm; - ret->key = NULL; /* it's a hash anyway */ + ret->key = NULL; /* it's a hash anyway */ ret->keysize = 0; #ifdef USE_MHASH @@ -126,27 +130,27 @@ GNUTLS_HASH_HANDLE ret; ret->handle = gcry_md_copy(handle->handle); #endif - if (ret->handle==NULL) { - gnutls_free( ret); + if (ret->handle == NULL) { + gnutls_free(ret); return GNUTLS_HASH_FAILED; } - + return ret; } -void _gnutls_hash_deinit(GNUTLS_HASH_HANDLE handle, void* digest) +void _gnutls_hash_deinit(GNUTLS_HASH_HANDLE handle, void *digest) { char *mac; int maclen; #ifdef USE_MHASH - opaque* ret; - - if (digest!=NULL) + opaque *ret; + + if (digest != NULL) mhash_deinit(handle->handle, digest); else { - opaque* ret; - ret = mhash_end( handle->handle); + opaque *ret; + ret = mhash_end(handle->handle); free(ret); } #else @@ -156,8 +160,9 @@ void _gnutls_hash_deinit(GNUTLS_HASH_HANDLE handle, void* digest) maclen = gcry_md_get_algo_dlen(gcry_md_get_algo(handle->handle)); gcry_md_final(handle->handle); mac = gcry_md_read(handle->handle, 0); - if (digest!=NULL) - memcpy( digest, mac, _gnutls_hash_get_algo_len(handle->algorithm)); + if (digest != NULL) + memcpy(digest, mac, + _gnutls_hash_get_algo_len(handle->algorithm)); gcry_md_close(handle->handle); #endif @@ -166,8 +171,8 @@ void _gnutls_hash_deinit(GNUTLS_HASH_HANDLE handle, void* digest) } -GNUTLS_MAC_HANDLE _gnutls_hmac_init(MACAlgorithm algorithm, const void *key, - int keylen) +GNUTLS_MAC_HANDLE _gnutls_hmac_init(MACAlgorithm algorithm, + const void *key, int keylen) { GNUTLS_MAC_HANDLE ret; @@ -177,7 +182,8 @@ GNUTLS_MAC_HANDLE _gnutls_hmac_init(MACAlgorithm algorithm, const void *key, break; case GNUTLS_MAC_SHA: ret = gnutls_malloc(sizeof(GNUTLS_MAC_HANDLE_INT)); - if (ret==NULL) return GNUTLS_MAC_FAILED; + if (ret == NULL) + return GNUTLS_MAC_FAILED; #ifdef USE_MHASH ret->handle = mhash_hmac_init(MHASH_SHA1, key, keylen, 0); #else @@ -189,7 +195,8 @@ GNUTLS_MAC_HANDLE _gnutls_hmac_init(MACAlgorithm algorithm, const void *key, break; case GNUTLS_MAC_MD5: ret = gnutls_malloc(sizeof(GNUTLS_MAC_HANDLE_INT)); - if (ret==NULL) return GNUTLS_MAC_FAILED; + if (ret == NULL) + return GNUTLS_MAC_FAILED; #ifdef USE_MHASH ret->handle = mhash_hmac_init(MHASH_MD5, key, keylen, 0); #else @@ -259,7 +266,7 @@ int _gnutls_hmac(GNUTLS_MAC_HANDLE handle, const void *text, int textlen) } -void _gnutls_hmac_deinit(GNUTLS_MAC_HANDLE handle, void* digest) +void _gnutls_hmac_deinit(GNUTLS_MAC_HANDLE handle, void *digest) { char *mac; int maclen; @@ -267,11 +274,11 @@ void _gnutls_hmac_deinit(GNUTLS_MAC_HANDLE handle, void* digest) #ifdef USE_MHASH char *ret; - if (digest!=NULL) + if (digest != NULL) mhash_hmac_deinit(handle->handle, digest); else { - opaque* ret; - ret = mhash_hmac_end( handle->handle); + opaque *ret; + ret = mhash_hmac_end(handle->handle); free(ret); } #else @@ -280,8 +287,8 @@ void _gnutls_hmac_deinit(GNUTLS_MAC_HANDLE handle, void* digest) gcry_md_final(handle->handle); mac = gcry_md_read(handle->handle, 0); - if (digest!=NULL) - memcpy( digest, mac, maclen); + if (digest != NULL) + memcpy(digest, mac, maclen); gcry_md_close(handle->handle); #endif @@ -306,29 +313,30 @@ GNUTLS_MAC_HANDLE _gnutls_mac_init_ssl3(MACAlgorithm algorithm, void *key, default: padsize = 0; } - if (padsize>0) { + if (padsize > 0) { memset(ipad, 0x36, padsize); } - ret = _gnutls_hash_init( algorithm); - if (ret!=GNUTLS_HASH_FAILED) { + ret = _gnutls_hash_init(algorithm); + if (ret != GNUTLS_HASH_FAILED) { ret->key = key; ret->keysize = keylen; - if (keylen > 0) _gnutls_hash(ret, key, keylen); + if (keylen > 0) + _gnutls_hash(ret, key, keylen); _gnutls_hash(ret, ipad, padsize); } return ret; } -void _gnutls_mac_deinit_ssl3(GNUTLS_MAC_HANDLE handle, void* digest) +void _gnutls_mac_deinit_ssl3(GNUTLS_MAC_HANDLE handle, void *digest) { opaque ret[MAX_HASH_SIZE]; GNUTLS_MAC_HANDLE td; char opad[48]; int padsize; int block; - + switch (handle->algorithm) { case GNUTLS_MAC_MD5: padsize = 48; @@ -337,15 +345,16 @@ void _gnutls_mac_deinit_ssl3(GNUTLS_MAC_HANDLE handle, void* digest) padsize = 40; break; default: - padsize=0; + padsize = 0; } if (padsize > 0) { memset(opad, 0x5C, padsize); } - td = _gnutls_hash_init( handle->algorithm); - if (td!=GNUTLS_MAC_FAILED) { - if (handle->keysize > 0) _gnutls_hash(td, handle->key, handle->keysize); + td = _gnutls_hash_init(handle->algorithm); + if (td != GNUTLS_MAC_FAILED) { + if (handle->keysize > 0) + _gnutls_hash(td, handle->key, handle->keysize); _gnutls_hash(td, opad, padsize); block = _gnutls_hmac_get_algo_len(handle->algorithm); @@ -357,7 +366,9 @@ void _gnutls_mac_deinit_ssl3(GNUTLS_MAC_HANDLE handle, void* digest) return; } -void _gnutls_mac_deinit_ssl3_handshake(GNUTLS_MAC_HANDLE handle, void* digest, opaque* key, uint32 key_size) +void _gnutls_mac_deinit_ssl3_handshake(GNUTLS_MAC_HANDLE handle, + void *digest, opaque * key, + uint32 key_size) { opaque ret[MAX_HASH_SIZE]; GNUTLS_MAC_HANDLE td; @@ -365,7 +376,7 @@ void _gnutls_mac_deinit_ssl3_handshake(GNUTLS_MAC_HANDLE handle, void* digest, o char ipad[48]; int padsize; int block; - + switch (handle->algorithm) { case GNUTLS_MAC_MD5: padsize = 48; @@ -374,21 +385,23 @@ void _gnutls_mac_deinit_ssl3_handshake(GNUTLS_MAC_HANDLE handle, void* digest, o padsize = 40; break; default: - padsize=0; + padsize = 0; } if (padsize > 0) { memset(opad, 0x5C, padsize); memset(ipad, 0x36, padsize); } - td = _gnutls_hash_init( handle->algorithm); - if (td!=GNUTLS_HASH_FAILED) { - if (key_size > 0) _gnutls_hash(td, key, key_size); + td = _gnutls_hash_init(handle->algorithm); + if (td != GNUTLS_HASH_FAILED) { + if (key_size > 0) + _gnutls_hash(td, key, key_size); _gnutls_hash(td, opad, padsize); block = _gnutls_hmac_get_algo_len(handle->algorithm); - - if (key_size > 0) _gnutls_hash( handle, key, key_size); + + if (key_size > 0) + _gnutls_hash(handle, key, key_size); _gnutls_hash(handle, ipad, padsize); _gnutls_hash_deinit(handle, ret); /* get the previous hash */ @@ -400,7 +413,7 @@ void _gnutls_mac_deinit_ssl3_handshake(GNUTLS_MAC_HANDLE handle, void* digest, o } static int ssl3_sha(int i, char *secret, int secret_len, char *random, - int random_len, void* digest) + int random_len, void *digest) { int j; char text1[26]; @@ -420,18 +433,18 @@ static int ssl3_sha(int i, char *secret, int secret_len, char *random, _gnutls_hash(td, text1, i + 1); _gnutls_hash(td, secret, secret_len); _gnutls_hash(td, random, random_len); - + _gnutls_hash_deinit(td, digest); return 0; } static int ssl3_md5(int i, char *secret, int secret_len, char *random, - int random_len, void* digest) + int random_len, void *digest) { opaque tmp[MAX_HASH_SIZE]; GNUTLS_MAC_HANDLE td; int ret; - + td = _gnutls_hash_init(GNUTLS_MAC_MD5); if (td == NULL) { gnutls_assert(); @@ -453,13 +466,14 @@ static int ssl3_md5(int i, char *secret, int secret_len, char *random, return 0; } -int _gnutls_ssl3_hash_md5(void *first, int first_len, - void *second, int second_len, int ret_len, opaque* ret) +int _gnutls_ssl3_hash_md5(void *first, int first_len, + void *second, int second_len, int ret_len, + opaque * ret) { opaque digest[MAX_HASH_SIZE]; GNUTLS_MAC_HANDLE td; int block = _gnutls_hash_get_algo_len(GNUTLS_MAC_MD5); - + td = _gnutls_hash_init(GNUTLS_MAC_MD5); if (td == NULL) { gnutls_assert(); @@ -470,39 +484,51 @@ int _gnutls_ssl3_hash_md5(void *first, int first_len, _gnutls_hash(td, second, second_len); _gnutls_hash_deinit(td, digest); - - if ( block > ret_len) { + + if (ret_len > block) { gnutls_assert(); return GNUTLS_E_INTERNAL_ERROR; } - memcpy( ret, digest, ret_len); + memcpy(ret, digest, ret_len); return 0; - + } -int _gnutls_ssl3_generate_random(void *secret, int secret_len, void *random, - int random_len, int bytes, opaque* ret) +int _gnutls_ssl3_generate_random(void *secret, int secret_len, + void *random, int random_len, + int ret_bytes, opaque * ret) { - int size = 0, i = 0; + int i = 0, copy, output_bytes; char digest[MAX_HASH_SIZE]; int block = _gnutls_hash_get_algo_len(GNUTLS_MAC_MD5); - int result; + int result, times; - while (size < bytes) { + output_bytes = 0; + do { + output_bytes += block; + } while (output_bytes < ret_bytes); - result = ssl3_md5(i, secret, secret_len, random, random_len, digest); + times = output_bytes / block; + + for (i = 0; i < times; i++) { + + result = + ssl3_md5(i, secret, secret_len, random, random_len, + digest); if (result < 0) { gnutls_assert(); return result; } - - size += block; - - memcpy(&ret[size - block], digest, - size > bytes ? (block - (bytes % block)) : block); - i++; + + if ((1 + i) * block < ret_bytes) { + copy = block; + } else { + copy = ret_bytes - (i) * block; + } + + memcpy(&ret[i * block], digest, copy); } return 0; |