-/* $OpenBSD: ssl_clnt.c,v 1.93 2021/04/25 13:15:22 jsing Exp $ */
+/* $OpenBSD: ssl_clnt.c,v 1.94 2021/04/30 19:26:44 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
if (!CBB_flush(cbb))
goto err;
- s->session->master_key_length =
- tls1_generate_master_secret(s,
- s->session->master_key, pms, sizeof(pms));
+ if (!tls12_derive_master_secret(s, pms, sizeof(pms)))
+ goto err;
ret = 1;
goto err;
}
- /* Generate master key from the result. */
- s->session->master_key_length =
- tls1_generate_master_secret(s,
- s->session->master_key, key, key_len);
+ if (!tls12_derive_master_secret(s, key, key_len))
+ goto err;
if (!CBB_add_u16_length_prefixed(cbb, &dh_Yc))
goto err;
if (!ssl_kex_derive_ecdhe_ecp(ecdh, sc->peer_ecdh_tmp, &key, &key_len))
goto err;
- s->session->master_key_length = tls1_generate_master_secret(s,
- s->session->master_key, key, key_len);
+ if (!tls12_derive_master_secret(s, key, key_len))
+ goto err;
ret = 1;
if (!CBB_flush(cbb))
goto err;
- /* Generate master key from the result. */
- s->session->master_key_length =
- tls1_generate_master_secret(s,
- s->session->master_key, shared_key, X25519_KEY_LENGTH);
+ if (!tls12_derive_master_secret(s, shared_key, X25519_KEY_LENGTH))
+ goto err;
ret = 1;
s->s3->flags |= TLS1_FLAGS_SKIP_CERT_VERIFY;
}
EVP_PKEY_CTX_free(pkey_ctx);
- s->session->master_key_length =
- tls1_generate_master_secret(s,
- s->session->master_key, premaster_secret, 32);
+
+ if (!tls12_derive_master_secret(s, premaster_secret, 32))
+ goto err;
ret = 1;
-/* $OpenBSD: ssl_locl.h,v 1.338 2021/04/25 13:15:22 jsing Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.339 2021/04/30 19:26:44 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
void tls1_cleanup_key_block(SSL *s);
int tls1_change_cipher_state(SSL *s, int which);
int tls1_setup_key_block(SSL *s);
-int tls1_generate_master_secret(SSL *s, unsigned char *out,
- unsigned char *p, int len);
int tls1_export_keying_material(SSL *s, unsigned char *out, size_t olen,
const char *label, size_t llen, const unsigned char *p, size_t plen,
int use_context);
int tls12_derive_finished(SSL *s);
int tls12_derive_peer_finished(SSL *s);
+int tls12_derive_master_secret(SSL *s, uint8_t *premaster_secret,
+ size_t premaster_secret_len);
int ssl_using_ecc_cipher(SSL *s);
int ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s);
-/* $OpenBSD: ssl_srvr.c,v 1.104 2021/04/25 13:15:22 jsing Exp $ */
+/* $OpenBSD: ssl_srvr.c,v 1.105 2021/04/30 19:26:45 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
p = fakekey;
}
- s->session->master_key_length =
- tls1_generate_master_secret(s,
- s->session->master_key, p, SSL_MAX_MASTER_KEY_LENGTH);
+ if (!tls12_derive_master_secret(s, p, SSL_MAX_MASTER_KEY_LENGTH))
+ goto err;
freezero(pms, pms_len);
goto fatal_err;
}
- s->session->master_key_length = tls1_generate_master_secret(s,
- s->session->master_key, key, key_len);
+ if (!tls12_derive_master_secret(s, key, key_len))
+ goto err;
DH_free(S3I(s)->tmp.dh);
S3I(s)->tmp.dh = NULL;
/* Derive the shared secret and compute master secret. */
if (!ssl_kex_derive_ecdhe_ecp(ecdh, ecdh_peer, &key, &key_len))
goto err;
- s->session->master_key_length = tls1_generate_master_secret(s,
- s->session->master_key, key, key_len);
+ if (!tls12_derive_master_secret(s, key, key_len))
+ goto err;
EC_KEY_free(S3I(s)->tmp.ecdh);
S3I(s)->tmp.ecdh = NULL;
freezero(S3I(s)->tmp.x25519, X25519_KEY_LENGTH);
S3I(s)->tmp.x25519 = NULL;
- s->session->master_key_length =
- tls1_generate_master_secret(
- s, s->session->master_key, shared_key, X25519_KEY_LENGTH);
+ if (!tls12_derive_master_secret(s, shared_key, X25519_KEY_LENGTH))
+ goto err;
ret = 1;
goto gerr;
}
- /* Generate master secret */
- s->session->master_key_length =
- tls1_generate_master_secret(
- s, s->session->master_key, premaster_secret, 32);
+ if (!tls12_derive_master_secret(s, premaster_secret, 32))
+ goto err;
/* Check if pubkey from client certificate was used */
if (EVP_PKEY_CTX_ctrl(pkey_ctx, -1, -1,
-/* $OpenBSD: t1_enc.c,v 1.139 2021/04/25 13:15:22 jsing Exp $ */
+/* $OpenBSD: t1_enc.c,v 1.140 2021/04/30 19:26:45 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
return (ret);
}
-int
-tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p,
- int len)
-{
- if (len < 0)
- return 0;
-
- if (!tls1_PRF(s, p, len,
- TLS_MD_MASTER_SECRET_CONST, TLS_MD_MASTER_SECRET_CONST_SIZE,
- s->s3->client_random, SSL3_RANDOM_SIZE, NULL, 0,
- s->s3->server_random, SSL3_RANDOM_SIZE, NULL, 0,
- s->session->master_key, SSL_MAX_MASTER_KEY_LENGTH))
- return 0;
-
- return (SSL_MAX_MASTER_KEY_LENGTH);
-}
-
int
tls1_export_keying_material(SSL *s, unsigned char *out, size_t olen,
const char *label, size_t llen, const unsigned char *context,
-/* $OpenBSD: tls12_lib.c,v 1.1 2021/04/25 13:15:23 jsing Exp $ */
+/* $OpenBSD: tls12_lib.c,v 1.2 2021/04/30 19:26:45 jsing Exp $ */
/*
* Copyright (c) 2021 Joel Sing <jsing@openbsd.org>
*
&S3I(s)->hs.peer_finished_len);
}
}
+
+int
+tls12_derive_master_secret(SSL *s, uint8_t *premaster_secret,
+ size_t premaster_secret_len)
+{
+ s->session->master_key_length = 0;
+
+ if (premaster_secret_len == 0)
+ return 0;
+
+ CTASSERT(sizeof(s->session->master_key) == SSL_MAX_MASTER_KEY_LENGTH);
+
+ if (!tls1_PRF(s, premaster_secret, premaster_secret_len,
+ TLS_MD_MASTER_SECRET_CONST, TLS_MD_MASTER_SECRET_CONST_SIZE,
+ s->s3->client_random, SSL3_RANDOM_SIZE, NULL, 0,
+ s->s3->server_random, SSL3_RANDOM_SIZE, NULL, 0,
+ s->session->master_key, sizeof(s->session->master_key)))
+ return 0;
+
+ s->session->master_key_length = SSL_MAX_MASTER_KEY_LENGTH;
+
+ return 1;
+}