diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2015-11-24 14:20:58 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2015-11-24 19:18:44 +0000 |
commit | 00f5263b78910da233ed0258bf8ea8fd1758abbc (patch) | |
tree | 94f1ff38b6369943bf6ab2e9fb46ff7eaae37d84 /crypto/evp/m_sha1.c | |
parent | 9cc6fa1ce83ce7857660ee11c3285651ceff0f43 (diff) | |
download | openssl-00f5263b78910da233ed0258bf8ea8fd1758abbc.tar.gz |
Add ctrl for SHA1 and SSLv3
Add SSLv3 ctrl to EVP_sha1() this is only needed if SSLv3 client
authentication is used with DSA/ECDSA.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Diffstat (limited to 'crypto/evp/m_sha1.c')
-rw-r--r-- | crypto/evp/m_sha1.c | 55 |
1 files changed, 55 insertions, 0 deletions
diff --git a/crypto/evp/m_sha1.c b/crypto/evp/m_sha1.c index 7deed91dff..42e986d878 100644 --- a/crypto/evp/m_sha1.c +++ b/crypto/evp/m_sha1.c @@ -81,6 +81,60 @@ static int final(EVP_MD_CTX *ctx, unsigned char *md) return SHA1_Final(md, ctx->md_data); } +static int ctrl(EVP_MD_CTX *ctx, int cmd, int mslen, void *ms) +{ + unsigned char padtmp[40]; + unsigned char sha1tmp[SHA_DIGEST_LENGTH]; + + SHA_CTX *sha1 = ctx->md_data; + + if (cmd != EVP_CTRL_SSL3_MASTER_SECRET) + return 0; + + /* SSLv3 client auth handling: see RFC-6101 5.6.8 */ + if (mslen != 48) + return 0; + + /* At this point hash contains all handshake messages, update + * with master secret and pad_1. + */ + + if (SHA1_Update(sha1, ms, mslen) <= 0) + return 0; + + /* Set padtmp to pad_1 value */ + memset(padtmp, 0x36, sizeof(padtmp)); + + if (!SHA1_Update(sha1, padtmp, sizeof(padtmp))) + return 0; + + if (!SHA1_Final(sha1tmp, sha1)) + return 0; + + /* Reinitialise context */ + + if (!SHA1_Init(sha1)) + return 0; + + if (SHA1_Update(sha1, ms, mslen) <= 0) + return 0; + + /* Set padtmp to pad_2 value */ + memset(padtmp, 0x5c, sizeof(padtmp)); + + if (!SHA1_Update(sha1, padtmp, sizeof(padtmp))) + return 0; + + if (!SHA1_Update(sha1, sha1tmp, sizeof(sha1tmp))) + return 0; + + /* Now when ctx is finalised it will return the SSL v3 hash value */ + OPENSSL_cleanse(sha1tmp, sizeof(sha1tmp)); + + return 1; + +} + static const EVP_MD sha1_md = { NID_sha1, NID_sha1WithRSAEncryption, @@ -94,6 +148,7 @@ static const EVP_MD sha1_md = { EVP_PKEY_NULL_method, SHA_CBLOCK, sizeof(EVP_MD *) + sizeof(SHA_CTX), + ctrl }; const EVP_MD *EVP_sha1(void) |