diff options
| author | Dr. Stephen Henson <steve@openssl.org> | 2015-11-23 16:05:20 +0000 |
|---|---|---|
| committer | Dr. Stephen Henson <steve@openssl.org> | 2015-11-24 19:18:44 +0000 |
| commit | 93972b8c72d5c074278654b3380a8215d741ea1f (patch) | |
| tree | 905419248f0afd0ef40c346f8ae3e1712f94f9cd /crypto/evp/m_md5_sha1.c | |
| parent | e3e11e99cebd2f0cbf0b46cc4200a094a9c4b4eb (diff) | |
| download | openssl-93972b8c72d5c074278654b3380a8215d741ea1f.tar.gz | |
Add ssl3 ctrl to EVP_md5_sha1().
Add a ctrl to EVP_md5_sha1() to handle the additional operations needed
to handle SSL v3 client authentication and finished message.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Diffstat (limited to 'crypto/evp/m_md5_sha1.c')
| -rw-r--r-- | crypto/evp/m_md5_sha1.c | 70 |
1 files changed, 70 insertions, 0 deletions
diff --git a/crypto/evp/m_md5_sha1.c b/crypto/evp/m_md5_sha1.c index 9e8f183ea0..2504e95ff5 100644 --- a/crypto/evp/m_md5_sha1.c +++ b/crypto/evp/m_md5_sha1.c @@ -59,6 +59,7 @@ # include <openssl/x509.h> # include <openssl/md5.h> # include <openssl/sha.h> +# include "internal/cryptlib.h" # ifndef OPENSSL_NO_RSA # include <openssl/rsa.h> # endif @@ -92,6 +93,74 @@ static int final(EVP_MD_CTX *ctx, unsigned char *md) return SHA1_Final(md + MD5_DIGEST_LENGTH, &mctx->sha1); } +static int ctrl(EVP_MD_CTX *ctx, int cmd, int mslen, void *ms) +{ + unsigned char padtmp[48]; + unsigned char md5tmp[MD5_DIGEST_LENGTH]; + unsigned char sha1tmp[SHA_DIGEST_LENGTH]; + struct md5_sha1_ctx *mctx = ctx->md_data; + + if (cmd != EVP_CTRL_SSL3_MASTER_SECRET) + return 0; + + /* SSLv3 client auth handling: see RFC-6101 5.6.8 */ + if (mslen != 48) + return 0; + + /* At this point hash contains all handshake messages, update + * with master secret and pad_1. + */ + + if (update(ctx, ms, mslen) <= 0) + return 0; + + /* Set padtmp to pad_1 value */ + memset(padtmp, 0x36, sizeof(padtmp)); + + if (!MD5_Update(&mctx->md5, padtmp, sizeof(padtmp))) + return 0; + + if (!MD5_Final(md5tmp, &mctx->md5)) + return 0; + + if (!SHA1_Update(&mctx->sha1, padtmp, 40)) + return 0; + + if (!SHA1_Final(sha1tmp, &mctx->sha1)) + return 0; + + /* Reinitialise context */ + + if (!init(ctx)) + return 0; + + if (update(ctx, ms, mslen) <= 0) + return 0; + + /* Set padtmp to pad_2 value */ + memset(padtmp, 0x5c, sizeof(padtmp)); + + if (!MD5_Update(&mctx->md5, padtmp, sizeof(padtmp))) + return 0; + + if (!MD5_Update(&mctx->md5, md5tmp, sizeof(md5tmp))) + return 0; + + if (!SHA1_Update(&mctx->sha1, padtmp, 40)) + return 0; + + if (!SHA1_Update(&mctx->sha1, sha1tmp, sizeof(sha1tmp))) + return 0; + + /* Now when ctx is finalised it will return the SSL v3 hash value */ + + OPENSSL_cleanse(md5tmp, sizeof(md5tmp)); + OPENSSL_cleanse(sha1tmp, sizeof(sha1tmp)); + + return 1; + +} + static const EVP_MD md5_sha1_md = { NID_md5_sha1, NID_md5_sha1, @@ -105,6 +174,7 @@ static const EVP_MD md5_sha1_md = { EVP_PKEY_RSA_method, MD5_CBLOCK, sizeof(EVP_MD *) + sizeof(struct md5_sha1_ctx), + ctrl }; const EVP_MD *EVP_md5_sha1(void) |