diff --git a/ssl/aes.c b/ssl/aes.c index 8aefbf4f6..9154a5153 100644 --- a/ssl/aes.c +++ b/ssl/aes.c @@ -17,8 +17,6 @@ */ /** - * @file aes.c - * * AES implementation - this is a small code version. There are much faster * versions around but they are much larger in size (i.e. they use large * submix tables). @@ -34,12 +32,13 @@ #define rot2(x) (((x) << 16) | ((x) >> 16)) #define rot3(x) (((x) << 8) | ((x) >> 24)) -/* This cute trick does 4 'mul by two' at once. Stolen from +/* + * This cute trick does 4 'mul by two' at once. Stolen from * Dr B. R. Gladman but I'm sure the u-(u>>7) is * a standard graphics trick * The key to this is that we need to xor with 0x1b if the top bit is set. * a 1xxx xxxx 0xxx 0xxx First we mask the 7bit, - * b 1000 0000 0000 0000 then we shift right by 7 puting the 7bit in 0bit, + * b 1000 0000 0000 0000 then we shift right by 7 putting the 7bit in 0bit, * c 0000 0001 0000 0000 we then subtract (c) from (b) * d 0111 1111 0000 0000 and now we and with our mask * e 0001 1011 0000 0000 @@ -194,7 +193,7 @@ void AES_set_key(AES_CTX *ctx, const uint8_t *key, ctx->rounds = i; ctx->key_size = words; W = ctx->ks; - for (i=0; iks; k += 4; + for (i=ctx->rounds*4; i>4; i--) { w= *k; @@ -474,4 +476,3 @@ static void AES_decrypt(const AES_CTX *ctx, uint32_t *data) } #endif - diff --git a/ssl/bigint_impl.h b/ssl/bigint_impl.h index 156e94054..762a7ccbb 100644 --- a/ssl/bigint_impl.h +++ b/ssl/bigint_impl.h @@ -81,7 +81,6 @@ typedef struct /**< A big integer "session" context. */ bigint *bi_normalised_mod[BIGINT_NUM_MODS]; /**< Normalised mod storage. */ bigint **g; /**< Used by sliding-window. */ int window; /**< The size of the sliding window */ - int active_count; /**< Number of active bigints. */ int free_count; /**< Number of free bigints. */ diff --git a/ssl/crypto_misc.c b/ssl/crypto_misc.c index fa3f09390..4d5ebd4ab 100644 --- a/ssl/crypto_misc.c +++ b/ssl/crypto_misc.c @@ -17,8 +17,6 @@ */ /** - * @file misc.c - * * Some misc. routines to help things out */ @@ -310,4 +308,3 @@ void print_blob(const char *format, void print_blob(const char *format, const unsigned char *data, int size, ...) {} #endif - diff --git a/ssl/hmac.c b/ssl/hmac.c index aaa499dd2..8ac6ad3c1 100644 --- a/ssl/hmac.c +++ b/ssl/hmac.c @@ -17,8 +17,6 @@ */ /** - * @file hmac.c - * * HMAC implementation - This code was originally taken from RFC2104 */ diff --git a/ssl/md5.c b/ssl/md5.c index f2a2ded67..87dfa04ed 100644 --- a/ssl/md5.c +++ b/ssl/md5.c @@ -17,8 +17,6 @@ */ /** - * @file md5.c - * * This file implements the MD5 algorithm as defined in RFC1321 */ @@ -49,26 +47,24 @@ static void MD5Transform(uint32_t state[4], const uint8_t block[64]); static void Encode(uint8_t *output, uint32_t *input, uint32_t len); static void Decode(uint32_t *output, const uint8_t *input, uint32_t len); -static uint8_t PADDING[64] = { - 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 +static uint8_t PADDING[64] = +{ + 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }; -/* F, G, H and I are basic MD5 functions. - */ +/* F, G, H and I are basic MD5 functions. */ #define F(x, y, z) (((x) & (y)) | ((~x) & (z))) #define G(x, y, z) (((x) & (z)) | ((y) & (~z))) #define H(x, y, z) ((x) ^ (y) ^ (z)) #define I(x, y, z) ((y) ^ ((x) | (~z))) -/* ROTATE_LEFT rotates x left n bits. - */ +/* ROTATE_LEFT rotates x left n bits. */ #define ROTATE_LEFT(x, n) (((x) << (n)) | ((x) >> (32-(n)))) /* FF, GG, HH, and II transformations for rounds 1, 2, 3, and 4. - Rotation is separate from addition to prevent recomputation. - */ + Rotation is separate from addition to prevent recomputation. */ #define FF(a, b, c, d, x, s, ac) { \ (a) += F ((b), (c), (d)) + (x) + (uint32_t)(ac); \ (a) = ROTATE_LEFT ((a), (s)); \ @@ -117,11 +113,10 @@ void MD5Update(MD5_CTX *ctx, const uint8_t * msg, int len) x = (uint32_t)((ctx->count[0] >> 3) & 0x3F); /* Update number of bits */ - if ((ctx->count[0] += ((uint32_t)len << 3)) - < ((uint32_t)len << 3)) + if ((ctx->count[0] += ((uint32_t)len << 3)) < ((uint32_t)len << 3)) ctx->count[1]++; - ctx->count[1] += ((uint32_t)len >> 29); + ctx->count[1] += ((uint32_t)len >> 29); partLen = 64 - x; /* Transform as many times as possible. */ @@ -131,7 +126,9 @@ void MD5Update(MD5_CTX *ctx, const uint8_t * msg, int len) MD5Transform(ctx->state, ctx->buffer); for (i = partLen; i + 63 < len; i += 64) + { MD5Transform(ctx->state, &msg[i]); + } x = 0; } @@ -147,114 +144,110 @@ void MD5Update(MD5_CTX *ctx, const uint8_t * msg, int len) */ void MD5Final(MD5_CTX *ctx, uint8_t *digest) { - uint8_t bits[8]; - uint32_t x, padLen; + uint8_t bits[8]; + uint32_t x, padlen; - /* Save number of bits */ - Encode(bits, ctx->count, 8); + /* save number of bits */ + encode(bits, ctx->count, 8); - /* Pad out to 56 mod 64. - */ - x = (uint32_t)((ctx->count[0] >> 3) & 0x3f); - padLen = (x < 56) ? (56 - x) : (120 - x); - MD5Update(ctx, PADDING, padLen); - - /* Append length (before padding) */ - MD5Update(ctx, bits, 8); + /* pad out to 56 mod 64. */ + x = (uint32_t)((ctx->count[0] >> 3) & 0x3f); + padlen = (x < 56) ? (56 - x) : (120 - x); + md5update(ctx, padding, padlen); - /* Store state in digest */ - Encode(digest, ctx->state, MD5_SIZE); + /* append length (before padding) */ + md5update(ctx, bits, 8); + + /* store state in digest */ + encode(digest, ctx->state, md5_size); } /** - * MD5 basic transformation. Transforms state based on block. + * md5 basic transformation. transforms state based on block. */ -static void MD5Transform(uint32_t state[4], const uint8_t block[64]) +static void md5transform(uint32_t state[4], const uint8_t block[64]) { - uint32_t a = state[0], b = state[1], c = state[2], d = state[3], x[MD5_SIZE]; - - Decode(x, block, 64); + uint32_t a = state[0], b = state[1], c = state[2], + d = state[3], x[md5_size]; - /* Round 1 */ - FF (a, b, c, d, x[ 0], S11, 0xd76aa478); /* 1 */ - FF (d, a, b, c, x[ 1], S12, 0xe8c7b756); /* 2 */ - FF (c, d, a, b, x[ 2], S13, 0x242070db); /* 3 */ - FF (b, c, d, a, x[ 3], S14, 0xc1bdceee); /* 4 */ - FF (a, b, c, d, x[ 4], S11, 0xf57c0faf); /* 5 */ - FF (d, a, b, c, x[ 5], S12, 0x4787c62a); /* 6 */ - FF (c, d, a, b, x[ 6], S13, 0xa8304613); /* 7 */ - FF (b, c, d, a, x[ 7], S14, 0xfd469501); /* 8 */ - FF (a, b, c, d, x[ 8], S11, 0x698098d8); /* 9 */ - FF (d, a, b, c, x[ 9], S12, 0x8b44f7af); /* 10 */ - FF (c, d, a, b, x[10], S13, 0xffff5bb1); /* 11 */ - FF (b, c, d, a, x[11], S14, 0x895cd7be); /* 12 */ - FF (a, b, c, d, x[12], S11, 0x6b901122); /* 13 */ - FF (d, a, b, c, x[13], S12, 0xfd987193); /* 14 */ - FF (c, d, a, b, x[14], S13, 0xa679438e); /* 15 */ - FF (b, c, d, a, x[15], S14, 0x49b40821); /* 16 */ + decode(x, block, 64); - /* Round 2 */ - GG (a, b, c, d, x[ 1], S21, 0xf61e2562); /* 17 */ - GG (d, a, b, c, x[ 6], S22, 0xc040b340); /* 18 */ - GG (c, d, a, b, x[11], S23, 0x265e5a51); /* 19 */ - GG (b, c, d, a, x[ 0], S24, 0xe9b6c7aa); /* 20 */ - GG (a, b, c, d, x[ 5], S21, 0xd62f105d); /* 21 */ - GG (d, a, b, c, x[10], S22, 0x2441453); /* 22 */ - GG (c, d, a, b, x[15], S23, 0xd8a1e681); /* 23 */ - GG (b, c, d, a, x[ 4], S24, 0xe7d3fbc8); /* 24 */ - GG (a, b, c, d, x[ 9], S21, 0x21e1cde6); /* 25 */ - GG (d, a, b, c, x[14], S22, 0xc33707d6); /* 26 */ - GG (c, d, a, b, x[ 3], S23, 0xf4d50d87); /* 27 */ - GG (b, c, d, a, x[ 8], S24, 0x455a14ed); /* 28 */ - GG (a, b, c, d, x[13], S21, 0xa9e3e905); /* 29 */ - GG (d, a, b, c, x[ 2], S22, 0xfcefa3f8); /* 30 */ - GG (c, d, a, b, x[ 7], S23, 0x676f02d9); /* 31 */ - GG (b, c, d, a, x[12], S24, 0x8d2a4c8a); /* 32 */ + /* round 1 */ + ff(a, b, c, d, x[ 0], s11, 0xd76aa478); /* 1 */ + ff(d, a, b, c, x[ 1], s12, 0xe8c7b756); /* 2 */ + ff(c, d, a, b, x[ 2], s13, 0x242070db); /* 3 */ + ff(b, c, d, a, x[ 3], s14, 0xc1bdceee); /* 4 */ + ff(a, b, c, d, x[ 4], s11, 0xf57c0faf); /* 5 */ + ff(d, a, b, c, x[ 5], s12, 0x4787c62a); /* 6 */ + ff(c, d, a, b, x[ 6], s13, 0xa8304613); /* 7 */ + ff(b, c, d, a, x[ 7], s14, 0xfd469501); /* 8 */ + ff(a, b, c, d, x[ 8], s11, 0x698098d8); /* 9 */ + ff(d, a, b, c, x[ 9], s12, 0x8b44f7af); /* 10 */ + ff(c, d, a, b, x[10], s13, 0xffff5bb1); /* 11 */ + ff(b, c, d, a, x[11], s14, 0x895cd7be); /* 12 */ + ff(a, b, c, d, x[12], s11, 0x6b901122); /* 13 */ + ff(d, a, b, c, x[13], s12, 0xfd987193); /* 14 */ + ff(c, d, a, b, x[14], s13, 0xa679438e); /* 15 */ + ff(b, c, d, a, x[15], s14, 0x49b40821); /* 16 */ - /* Round 3 */ - HH (a, b, c, d, x[ 5], S31, 0xfffa3942); /* 33 */ - HH (d, a, b, c, x[ 8], S32, 0x8771f681); /* 34 */ - HH (c, d, a, b, x[11], S33, 0x6d9d6122); /* 35 */ - HH (b, c, d, a, x[14], S34, 0xfde5380c); /* 36 */ - HH (a, b, c, d, x[ 1], S31, 0xa4beea44); /* 37 */ - HH (d, a, b, c, x[ 4], S32, 0x4bdecfa9); /* 38 */ - HH (c, d, a, b, x[ 7], S33, 0xf6bb4b60); /* 39 */ - HH (b, c, d, a, x[10], S34, 0xbebfbc70); /* 40 */ - HH (a, b, c, d, x[13], S31, 0x289b7ec6); /* 41 */ - HH (d, a, b, c, x[ 0], S32, 0xeaa127fa); /* 42 */ - HH (c, d, a, b, x[ 3], S33, 0xd4ef3085); /* 43 */ - HH (b, c, d, a, x[ 6], S34, 0x4881d05); /* 44 */ - HH (a, b, c, d, x[ 9], S31, 0xd9d4d039); /* 45 */ - HH (d, a, b, c, x[12], S32, 0xe6db99e5); /* 46 */ - HH (c, d, a, b, x[15], S33, 0x1fa27cf8); /* 47 */ - HH (b, c, d, a, x[ 2], S34, 0xc4ac5665); /* 48 */ + /* round 2 */ + gg(a, b, c, d, x[ 1], s21, 0xf61e2562); /* 17 */ + gg(d, a, b, c, x[ 6], s22, 0xc040b340); /* 18 */ + gg(c, d, a, b, x[11], s23, 0x265e5a51); /* 19 */ + gg(b, c, d, a, x[ 0], s24, 0xe9b6c7aa); /* 20 */ + gg(a, b, c, d, x[ 5], s21, 0xd62f105d); /* 21 */ + gg(d, a, b, c, x[10], s22, 0x2441453); /* 22 */ + gg(c, d, a, b, x[15], s23, 0xd8a1e681); /* 23 */ + gg(b, c, d, a, x[ 4], s24, 0xe7d3fbc8); /* 24 */ + gg(a, b, c, d, x[ 9], s21, 0x21e1cde6); /* 25 */ + gg(d, a, b, c, x[14], s22, 0xc33707d6); /* 26 */ + gg(c, d, a, b, x[ 3], s23, 0xf4d50d87); /* 27 */ + gg(b, c, d, a, x[ 8], s24, 0x455a14ed); /* 28 */ + gg(a, b, c, d, x[13], s21, 0xa9e3e905); /* 29 */ + gg(d, a, b, c, x[ 2], s22, 0xfcefa3f8); /* 30 */ + gg(c, d, a, b, x[ 7], s23, 0x676f02d9); /* 31 */ + gg(b, c, d, a, x[12], s24, 0x8d2a4c8a); /* 32 */ - /* Round 4 */ - II (a, b, c, d, x[ 0], S41, 0xf4292244); /* 49 */ - II (d, a, b, c, x[ 7], S42, 0x432aff97); /* 50 */ - II (c, d, a, b, x[14], S43, 0xab9423a7); /* 51 */ - II (b, c, d, a, x[ 5], S44, 0xfc93a039); /* 52 */ - II (a, b, c, d, x[12], S41, 0x655b59c3); /* 53 */ - II (d, a, b, c, x[ 3], S42, 0x8f0ccc92); /* 54 */ - II (c, d, a, b, x[10], S43, 0xffeff47d); /* 55 */ - II (b, c, d, a, x[ 1], S44, 0x85845dd1); /* 56 */ - II (a, b, c, d, x[ 8], S41, 0x6fa87e4f); /* 57 */ - II (d, a, b, c, x[15], S42, 0xfe2ce6e0); /* 58 */ - II (c, d, a, b, x[ 6], S43, 0xa3014314); /* 59 */ - II (b, c, d, a, x[13], S44, 0x4e0811a1); /* 60 */ - II (a, b, c, d, x[ 4], S41, 0xf7537e82); /* 61 */ - II (d, a, b, c, x[11], S42, 0xbd3af235); /* 62 */ - II (c, d, a, b, x[ 2], S43, 0x2ad7d2bb); /* 63 */ - II (b, c, d, a, x[ 9], S44, 0xeb86d391); /* 64 */ + /* round 3 */ + hh(a, b, c, d, x[ 5], s31, 0xfffa3942); /* 33 */ + hh(d, a, b, c, x[ 8], s32, 0x8771f681); /* 34 */ + hh(c, d, a, b, x[11], s33, 0x6d9d6122); /* 35 */ + hh(b, c, d, a, x[14], s34, 0xfde5380c); /* 36 */ + hh(a, b, c, d, x[ 1], s31, 0xa4beea44); /* 37 */ + hh(d, a, b, c, x[ 4], s32, 0x4bdecfa9); /* 38 */ + hh(c, d, a, b, x[ 7], s33, 0xf6bb4b60); /* 39 */ + hh(b, c, d, a, x[10], s34, 0xbebfbc70); /* 40 */ + hh(a, b, c, d, x[13], s31, 0x289b7ec6); /* 41 */ + hh(d, a, b, c, x[ 0], s32, 0xeaa127fa); /* 42 */ + hh(c, d, a, b, x[ 3], s33, 0xd4ef3085); /* 43 */ + hh(b, c, d, a, x[ 6], s34, 0x4881d05); /* 44 */ + hh(a, b, c, d, x[ 9], s31, 0xd9d4d039); /* 45 */ + hh(d, a, b, c, x[12], s32, 0xe6db99e5); /* 46 */ + hh(c, d, a, b, x[15], s33, 0x1fa27cf8); /* 47 */ + hh(b, c, d, a, x[ 2], s34, 0xc4ac5665); /* 48 */ - state[0] += a; - state[1] += b; - state[2] += c; - state[3] += d; - - /* Zeroize sensitive information. - */ - memset(x, 0, sizeof(x)); + /* round 4 */ + ii(a, b, c, d, x[ 0], s41, 0xf4292244); /* 49 */ + ii(d, a, b, c, x[ 7], s42, 0x432aff97); /* 50 */ + ii(c, d, a, b, x[14], s43, 0xab9423a7); /* 51 */ + ii(b, c, d, a, x[ 5], s44, 0xfc93a039); /* 52 */ + ii(a, b, c, d, x[12], s41, 0x655b59c3); /* 53 */ + ii(d, a, b, c, x[ 3], s42, 0x8f0ccc92); /* 54 */ + ii(c, d, a, b, x[10], s43, 0xffeff47d); /* 55 */ + ii(b, c, d, a, x[ 1], s44, 0x85845dd1); /* 56 */ + ii(a, b, c, d, x[ 8], s41, 0x6fa87e4f); /* 57 */ + ii(d, a, b, c, x[15], s42, 0xfe2ce6e0); /* 58 */ + ii(c, d, a, b, x[ 6], s43, 0xa3014314); /* 59 */ + ii(b, c, d, a, x[13], s44, 0x4e0811a1); /* 60 */ + ii(a, b, c, d, x[ 4], s41, 0xf7537e82); /* 61 */ + ii(d, a, b, c, x[11], s42, 0xbd3af235); /* 62 */ + ii(c, d, a, b, x[ 2], s43, 0x2ad7d2bb); /* 63 */ + ii(b, c, d, a, x[ 9], s44, 0xeb86d391); /* 64 */ + + state[0] += a; + state[1] += b; + state[2] += c; + state[3] += d; } /** @@ -263,15 +256,15 @@ static void MD5Transform(uint32_t state[4], const uint8_t block[64]) */ static void Encode(uint8_t *output, uint32_t *input, uint32_t len) { - uint32_t i, j; + uint32_t i, j; - for (i = 0, j = 0; j < len; i++, j += 4) - { - output[j] = (uint8_t)(input[i] & 0xff); - output[j+1] = (uint8_t)((input[i] >> 8) & 0xff); - output[j+2] = (uint8_t)((input[i] >> 16) & 0xff); - output[j+3] = (uint8_t)((input[i] >> 24) & 0xff); - } + for (i = 0, j = 0; j < len; i++, j += 4) + { + output[j] = (uint8_t)(input[i] & 0xff); + output[j+1] = (uint8_t)((input[i] >> 8) & 0xff); + output[j+2] = (uint8_t)((input[i] >> 16) & 0xff); + output[j+3] = (uint8_t)((input[i] >> 24) & 0xff); + } } /** @@ -280,9 +273,9 @@ static void Encode(uint8_t *output, uint32_t *input, uint32_t len) */ static void Decode(uint32_t *output, const uint8_t *input, uint32_t len) { - uint32_t i, j; + uint32_t i, j; - for (i = 0, j = 0; j < len; i++, j += 4) - output[i] = ((uint32_t)input[j]) | (((uint32_t)input[j+1]) << 8) | - (((uint32_t)input[j+2]) << 16) | (((uint32_t)input[j+3]) << 24); + for (i = 0, j = 0; j < len; i++, j += 4) + output[i] = ((uint32_t)input[j]) | (((uint32_t)input[j+1]) << 8) | + (((uint32_t)input[j+2]) << 16) | (((uint32_t)input[j+3]) << 24); } diff --git a/ssl/rc4.c b/ssl/rc4.c index 661d027c9..884bcb534 100644 --- a/ssl/rc4.c +++ b/ssl/rc4.c @@ -17,11 +17,8 @@ */ /** - * @file rc4.c - * - * An implementation of the RC4/ARC4 algorithm - * - * Originally written by Christophe Devine + * An implementation of the RC4/ARC4 algorithm. + * Originally written by Christophe Devine. */ #include @@ -47,7 +44,8 @@ void RC4_setup(RC4_CTX *ctx, const uint8_t *key, int length) { a = m[i]; j = (uint8_t)(j + a + key[k]); - m[i] = m[j]; m[j] = a; + m[i] = m[j]; + m[j] = a; if (++k >= length) { diff --git a/ssl/sha1.c b/ssl/sha1.c index 80f311b18..9a42801f2 100644 --- a/ssl/sha1.c +++ b/ssl/sha1.c @@ -17,8 +17,6 @@ */ /** - * @file sha1.c - * * SHA1 implementation - as defined in FIPS PUB 180-1 published April 17, 1995. * This code was originally taken from RFC3174 */ @@ -179,7 +177,6 @@ static void SHA1ProcessMessageBlock(SHA1_CTX *ctx) ctx->Intermediate_Hash[2] += C; ctx->Intermediate_Hash[3] += D; ctx->Intermediate_Hash[4] += E; - ctx->Message_Block_Index = 0; } @@ -239,6 +236,5 @@ static void SHA1PadMessage(SHA1_CTX *ctx) ctx->Message_Block[61] = ctx->Length_Low >> 16; ctx->Message_Block[62] = ctx->Length_Low >> 8; ctx->Message_Block[63] = ctx->Length_Low; - SHA1ProcessMessageBlock(ctx); } diff --git a/ssl/tls1.c b/ssl/tls1.c index 219423518..e27d91198 100644 --- a/ssl/tls1.c +++ b/ssl/tls1.c @@ -596,7 +596,8 @@ static void increment_write_sequence(SSL *ssl) if (++ssl->write_sequence[i]) break; } -} +} + /** * Work out the HMAC digest in a packet. */ @@ -674,7 +675,6 @@ static int verify_digest(SSL *ssl, int mode, const uint8_t *buf, int read_len) ssl->record_buf[3] = hmac_offset >> 8; /* insert size */ ssl->record_buf[4] = hmac_offset & 0xff; - add_hmac_digest(ssl, mode, buf, hmac_offset, hmac_buf); if (memcmp(hmac_buf, &buf[hmac_offset], ssl->cipher_info->digest_size)) @@ -974,7 +974,6 @@ int send_packet(SSL *ssl, uint8_t protocol, const uint8_t *in, int length) /* add the packet digest */ msg_length += ssl->cipher_info->digest_size; ssl->bm_buf.index = msg_length; - add_hmac_digest(ssl, mode, ssl->bm_buf.data, length, &ssl->bm_buf.data[length]); @@ -1066,8 +1065,8 @@ static void set_key_block(SSL *ssl, int is_write) memcpy(server_key, q, ciph_info->key_size); q += ciph_info->key_size; -#ifndef CONFIG_SSL_SKELETON_MODE /* RC4 has no IV */ - if (ciph_info->iv_size) +#ifndef CONFIG_SSL_SKELETON_MODE + if (ciph_info->iv_size) /* RC4 has no IV, AES does */ { memcpy(client_iv, q, ciph_info->iv_size); q += ciph_info->iv_size; @@ -1118,7 +1117,7 @@ static void set_key_block(SSL *ssl, int is_write) */ int basic_read(SSL *ssl, uint8_t **in_data) { - int ret = SSL_OK, version = -1; + int ret = SSL_OK; int read_len, is_record; uint8_t *buf = ssl->bm_buf.data; int is_client = IS_SET_SSL_FLAG(SSL_IS_CLIENT); @@ -1165,17 +1164,7 @@ int basic_read(SSL *ssl, uint8_t **in_data) goto error; /* not an error - just get out of here */ } - version = (buf[1] << 4) + buf[2]; ssl->need_bytes = (buf[3] << 8) + buf[4]; - - /* should be v3.1 (TLSv1) or better - we'll send in v3.1 mode anyway */ - if (version < 0x31) - { - ret = SSL_ERROR_INVALID_VERSION; - ssl_display_error(ret); - goto error; - } - CLR_SSL_FLAG(SSL_NEED_RECORD); memcpy(ssl->record_buf, buf, 3); /* store for hmac */ is_record = 1; @@ -1286,8 +1275,7 @@ static int do_handshake(SSL *ssl, uint8_t *buf, int read_len) ssl->bm_buf.index = hs_len; /* store the size and check later */ DISPLAY_STATE(ssl, 0, handshake_type, 0); - if (handshake_type != HS_CERT_VERIFY && - handshake_type != HS_HELLO_REQUEST) + if (handshake_type != HS_CERT_VERIFY && handshake_type != HS_HELLO_REQUEST) { add_packet(ssl, buf, hs_len); } @@ -1338,19 +1326,19 @@ int send_finished(SSL *ssl) /* now add the finished digest mac (12 bytes) */ finished_digest(ssl, - IS_SET_SSL_FLAG(SSL_IS_CLIENT) ? + IS_SET_SSL_FLAG(SSL_IS_CLIENT) ? client_finished : server_finished, &buf[4]); #ifndef CONFIG_SSL_SKELETON_MODE /* store in the session cache */ if (!IS_SET_SSL_FLAG(SSL_SESSION_RESUME) && ssl->ssl_ctx->num_sessions) { - memcpy(ssl->session->master_secret, + memcpy(ssl->session->master_secret, ssl->master_secret, SSL_SECRET_SIZE); } #endif - return send_packet(ssl, PT_HANDSHAKE_PROTOCOL, + return send_packet(ssl, PT_HANDSHAKE_PROTOCOL, NULL, SSL_FINISHED_HASH_SIZE+4); } @@ -1421,7 +1409,6 @@ int send_alert(SSL *ssl, int error_code) buf[0] = is_warning ? 1 : 2; buf[1] = alert_num; - send_packet(ssl, PT_ALERT_PROTOCOL, buf, sizeof(buf)); DISPLAY_ALERT(ssl, alert_num); return is_warning ? 0 : 1; @@ -1505,7 +1492,6 @@ int send_certificate(SSL *ssl) chain_length += 3; buf[2] = chain_length >> 8; /* handshake length */ buf[3] = chain_length & 0xff; - ssl->bm_buf.index = offset; return send_packet(ssl, PT_HANDSHAKE_PROTOCOL, NULL, offset); } @@ -1516,8 +1502,7 @@ int send_certificate(SSL *ssl) * master secret from this session for session resumption. */ SSL_SESS *ssl_session_update(int max_sessions, - SSL_SESS *ssl_sessions[], SSL *ssl, - const uint8_t *session_id) + SSL_SESS *ssl_sessions[], SSL *ssl, const uint8_t *session_id) { time_t tm = time(NULL); time_t oldest_sess_time = tm; diff --git a/ssl/tls1_clnt.c b/ssl/tls1_clnt.c index da6034be2..b9642b34e 100644 --- a/ssl/tls1_clnt.c +++ b/ssl/tls1_clnt.c @@ -211,11 +211,12 @@ static int process_server_hello(SSL *ssl) uint8_t *buf = ssl->bm_buf.data; int pkt_size = ssl->bm_buf.index; int offset; - int ret = SSL_OK; + int version = (buf[4] << 4) + buf[5]; int num_sessions = ssl->ssl_ctx->num_sessions; + int ret = SSL_OK; /* check that we are talking to a TLSv1 server */ - if (buf[4] != 0x03 || buf[5] != 0x01) + if (version != 0x31) { return SSL_ERROR_INVALID_VERSION; } diff --git a/ssl/tls1_svr.c b/ssl/tls1_svr.c index b3505c266..ad463def3 100644 --- a/ssl/tls1_svr.c +++ b/ssl/tls1_svr.c @@ -108,10 +108,20 @@ int do_svr_handshake(SSL *ssl, int handshake_type, uint8_t *buf, int hs_len) static int process_client_hello(SSL *ssl) { uint8_t *buf = ssl->bm_buf.data; + uint8_t *record_buf = ssl->record_buf; int pkt_size = ssl->bm_buf.index; int i, j, cs_len, id_len, offset = 6 + SSL_RANDOM_SIZE; + int version = (record_buf[1] << 4) + record_buf[2]; int ret = SSL_OK; + /* should be v3.1 (TLSv1) or better - we'll send in v3.1 mode anyway */ + if (version < 0x31) + { + ret = SSL_ERROR_INVALID_VERSION; + ssl_display_error(ret); + goto error; + } + memcpy(ssl->client_random, &buf[6], SSL_RANDOM_SIZE); /* process the session id */ @@ -174,8 +184,8 @@ int process_sslv23_client_hello(SSL *ssl) DISPLAY_BYTES(ssl, "received %d bytes", buf, read_len, read_len); - /* must be 3.1 (TLSv1) */ - if (version != 0x31) + /* should be v3.1 (TLSv1) or better - we'll send in v3.1 mode anyway */ + if (version < 0x31) { return SSL_ERROR_INVALID_VERSION; }