Merge remote-tracking branch 'upstream-restricted/pr/433' into development-restricted

This commit is contained in:
Gilles Peskine 2017-12-19 19:20:27 +01:00
commit 82d607eb9e

View file

@ -1203,9 +1203,12 @@ int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exch
/* /*
* SSLv3.0 MAC functions * SSLv3.0 MAC functions
*/ */
static void ssl_mac( mbedtls_md_context_t *md_ctx, unsigned char *secret, #define SSL_MAC_MAX_BYTES 20 /* MD-5 or SHA-1 */
unsigned char *buf, size_t len, static void ssl_mac( mbedtls_md_context_t *md_ctx,
unsigned char *ctr, int type ) const unsigned char *secret,
const unsigned char *buf, size_t len,
const unsigned char *ctr, int type,
unsigned char out[SSL_MAC_MAX_BYTES] )
{ {
unsigned char header[11]; unsigned char header[11];
unsigned char padding[48]; unsigned char padding[48];
@ -1230,14 +1233,14 @@ static void ssl_mac( mbedtls_md_context_t *md_ctx, unsigned char *secret,
mbedtls_md_update( md_ctx, padding, padlen ); mbedtls_md_update( md_ctx, padding, padlen );
mbedtls_md_update( md_ctx, header, 11 ); mbedtls_md_update( md_ctx, header, 11 );
mbedtls_md_update( md_ctx, buf, len ); mbedtls_md_update( md_ctx, buf, len );
mbedtls_md_finish( md_ctx, buf + len ); mbedtls_md_finish( md_ctx, out );
memset( padding, 0x5C, padlen ); memset( padding, 0x5C, padlen );
mbedtls_md_starts( md_ctx ); mbedtls_md_starts( md_ctx );
mbedtls_md_update( md_ctx, secret, md_size ); mbedtls_md_update( md_ctx, secret, md_size );
mbedtls_md_update( md_ctx, padding, padlen ); mbedtls_md_update( md_ctx, padding, padlen );
mbedtls_md_update( md_ctx, buf + len, md_size ); mbedtls_md_update( md_ctx, out, md_size );
mbedtls_md_finish( md_ctx, buf + len ); mbedtls_md_finish( md_ctx, out );
} }
#endif /* MBEDTLS_SSL_PROTO_SSL3 */ #endif /* MBEDTLS_SSL_PROTO_SSL3 */
@ -1290,10 +1293,15 @@ static int ssl_encrypt_buf( mbedtls_ssl_context *ssl )
#if defined(MBEDTLS_SSL_PROTO_SSL3) #if defined(MBEDTLS_SSL_PROTO_SSL3)
if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 )
{ {
unsigned char mac[SSL_MAC_MAX_BYTES];
ssl_mac( &ssl->transform_out->md_ctx_enc, ssl_mac( &ssl->transform_out->md_ctx_enc,
ssl->transform_out->mac_enc, ssl->transform_out->mac_enc,
ssl->out_msg, ssl->out_msglen, ssl->out_msg, ssl->out_msglen,
ssl->out_ctr, ssl->out_msgtype ); ssl->out_ctr, ssl->out_msgtype,
mac );
memcpy( ssl->out_msg + ssl->out_msglen, mac, ssl->transform_out->maclen );
} }
else else
#endif #endif
@ -1940,7 +1948,8 @@ static int ssl_decrypt_buf( mbedtls_ssl_context *ssl )
ssl_mac( &ssl->transform_in->md_ctx_dec, ssl_mac( &ssl->transform_in->md_ctx_dec,
ssl->transform_in->mac_dec, ssl->transform_in->mac_dec,
ssl->in_msg, ssl->in_msglen, ssl->in_msg, ssl->in_msglen,
ssl->in_ctr, ssl->in_msgtype ); ssl->in_ctr, ssl->in_msgtype,
mac_expect );
} }
else else
#endif /* MBEDTLS_SSL_PROTO_SSL3 */ #endif /* MBEDTLS_SSL_PROTO_SSL3 */