int ssl3_setup_key_block(SSL *s)
{
unsigned char *p;
const EVP_CIPHER *c;
const EVP_MD *hash;
int num;
int ret = 0;
SSL_COMP *comp;
if (s->s3->tmp.key_block_length != 0)
return(1);
if (!ssl_cipher_get_evp(s->session,&c,&hash,&comp))
{
SSLerr(SSL_F_SSL3_SETUP_KEY_BLOCK,SSL_R_CIPHER_OR_HASH_UNAVAILABLE);
return(0);
}
s->s3->tmp.new_sym_enc=c;
s->s3->tmp.new_hash=hash;
s->s3->tmp.new_compression=comp;
num=EVP_CIPHER_key_length(c)+EVP_MD_size(hash)+EVP_CIPHER_iv_length(c);
num*=2;
ssl3_cleanup_key_block(s);
if ((p=OPENSSL_malloc(num)) == NULL)
goto err;
s->s3->tmp.key_block_length=num;
s->s3->tmp.key_block=p;
ret = ssl3_generate_key_block(s,p,num);
if (!(s->options & SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS))
{
/* enable vulnerability countermeasure for CBC ciphers with
* known-IV problem (http://www.openssl.org/~bodo/tls-cbc.txt)
*/
s->s3->need_empty_fragments = 1;
if (s->session->cipher != NULL)
{
if ((s->session->cipher->algorithms & SSL_ENC_MASK) == SSL_eNULL)
s->s3->need_empty_fragments = 0;
#ifndef OPENSSL_NO_RC4
if ((s->session->cipher->algorithms & SSL_ENC_MASK) == SSL_RC4)
s->s3->need_empty_fragments = 0;
#endif
}
}
return ret;
err:
SSLerr(SSL_F_SSL3_SETUP_KEY_BLOCK,ERR_R_MALLOC_FAILURE);
return(0);
}
int ssl2_enc_init(SSL *s, int client)
{
/* Max number of bytes needed */
EVP_CIPHER_CTX *rs, *ws;
const EVP_CIPHER *c;
const EVP_MD *md;
int num;
if (!ssl_cipher_get_evp(s->session, &c, &md, NULL, NULL, NULL)) {
ssl2_return_error(s, SSL2_PE_NO_CIPHER);
SSLerr(SSL_F_SSL2_ENC_INIT, SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS);
return (0);
}
ssl_replace_hash(&s->read_hash, md);
ssl_replace_hash(&s->write_hash, md);
if ((s->enc_read_ctx == NULL) && ((s->enc_read_ctx = (EVP_CIPHER_CTX *)
OPENSSL_malloc(sizeof(EVP_CIPHER_CTX)))
== NULL))
goto err;
/*
* make sure it's intialized in case the malloc for enc_write_ctx fails
* and we exit with an error
*/
rs = s->enc_read_ctx;
EVP_CIPHER_CTX_init(rs);
if ((s->enc_write_ctx == NULL) && ((s->enc_write_ctx = (EVP_CIPHER_CTX *)
OPENSSL_malloc(sizeof
(EVP_CIPHER_CTX))) ==
NULL))
goto err;
ws = s->enc_write_ctx;
EVP_CIPHER_CTX_init(ws);
num = c->key_len;
s->s2->key_material_length = num * 2;
OPENSSL_assert(s->s2->key_material_length <= sizeof s->s2->key_material);
if (ssl2_generate_key_material(s) <= 0)
return 0;
OPENSSL_assert(c->iv_len <= (int)sizeof(s->session->key_arg));
EVP_EncryptInit_ex(ws, c, NULL,
&(s->s2->key_material[(client) ? num : 0]),
s->session->key_arg);
EVP_DecryptInit_ex(rs, c, NULL,
&(s->s2->key_material[(client) ? 0 : num]),
s->session->key_arg);
s->s2->read_key = &(s->s2->key_material[(client) ? 0 : num]);
s->s2->write_key = &(s->s2->key_material[(client) ? num : 0]);
return (1);
err:
SSLerr(SSL_F_SSL2_ENC_INIT, ERR_R_MALLOC_FAILURE);
return (0);
}
/*
* There isn't really a key block in TLSv1.3, but we still need this function
* for initialising the cipher and hash. Returns 1 on success or 0 on failure.
*/
int tls13_setup_key_block(SSL *s)
{
const EVP_CIPHER *c;
const EVP_MD *hash;
int mac_type = NID_undef;
s->session->cipher = s->s3->tmp.new_cipher;
if (!ssl_cipher_get_evp
(s->session, &c, &hash, &mac_type, NULL, NULL, 0)) {
SSLerr(SSL_F_TLS13_SETUP_KEY_BLOCK, SSL_R_CIPHER_OR_HASH_UNAVAILABLE);
return 0;
}
s->s3->tmp.new_sym_enc = c;
s->s3->tmp.new_hash = hash;
return 1;
}
int ssl3_setup_key_block(SSL *s)
{
unsigned char *p;
const EVP_CIPHER *c;
const EVP_MD *hash;
int num;
SSL_COMP *comp;
if (s->s3->tmp.key_block_length != 0)
return(1);
if (!ssl_cipher_get_evp(s->session,&c,&hash,&comp))
{
SSLerr(SSL_F_SSL3_SETUP_KEY_BLOCK,SSL_R_CIPHER_OR_HASH_UNAVAILABLE);
return(0);
}
s->s3->tmp.new_sym_enc=c;
s->s3->tmp.new_hash=hash;
s->s3->tmp.new_compression=comp;
num=EVP_CIPHER_key_length(c)+EVP_MD_size(hash)+EVP_CIPHER_iv_length(c);
num*=2;
ssl3_cleanup_key_block(s);
if ((p=OPENSSL_malloc(num)) == NULL)
goto err;
s->s3->tmp.key_block_length=num;
s->s3->tmp.key_block=p;
ssl3_generate_key_block(s,p,num);
return(1);
err:
SSLerr(SSL_F_SSL3_SETUP_KEY_BLOCK,ERR_R_MALLOC_FAILURE);
return(0);
}
int tls1_setup_key_block(SSL *s)
{
unsigned char *p1,*p2=NULL;
const EVP_CIPHER *c;
const EVP_MD *hash;
int num;
SSL_COMP *comp;
int mac_type= NID_undef,mac_secret_size=0;
int ret=0;
#ifdef KSSL_DEBUG
TINYCLR_SSL_PRINTF ("tls1_setup_key_block()\n");
#endif /* KSSL_DEBUG */
if (s->s3->tmp.key_block_length != 0)
return(1);
if (!ssl_cipher_get_evp(s->session,&c,&hash,&mac_type,&mac_secret_size,&comp))
{
SSLerr(SSL_F_TLS1_SETUP_KEY_BLOCK,SSL_R_CIPHER_OR_HASH_UNAVAILABLE);
return(0);
}
s->s3->tmp.new_sym_enc=c;
s->s3->tmp.new_hash=hash;
s->s3->tmp.new_mac_pkey_type = mac_type;
s->s3->tmp.new_mac_secret_size = mac_secret_size;
num=EVP_CIPHER_key_length(c)+mac_secret_size+EVP_CIPHER_iv_length(c);
num*=2;
ssl3_cleanup_key_block(s);
if ((p1=(unsigned char *)OPENSSL_malloc(num)) == NULL)
{
SSLerr(SSL_F_TLS1_SETUP_KEY_BLOCK,ERR_R_MALLOC_FAILURE);
goto err;
}
s->s3->tmp.key_block_length=num;
s->s3->tmp.key_block=p1;
if ((p2=(unsigned char *)OPENSSL_malloc(num)) == NULL)
{
SSLerr(SSL_F_TLS1_SETUP_KEY_BLOCK,ERR_R_MALLOC_FAILURE);
goto err;
}
#ifdef TLS_DEBUG
TINYCLR_SSL_PRINTF("client random\n");
{ int z; for (z=0; z<SSL3_RANDOM_SIZE; z++) TINYCLR_SSL_PRINTF("%02X%c",s->s3->client_random[z],((z+1)%16)?' ':'\n'); }
TINYCLR_SSL_PRINTF("server random\n");
{ int z; for (z=0; z<SSL3_RANDOM_SIZE; z++) TINYCLR_SSL_PRINTF("%02X%c",s->s3->server_random[z],((z+1)%16)?' ':'\n'); }
TINYCLR_SSL_PRINTF("pre-master\n");
{ int z; for (z=0; z<s->session->master_key_length; z++) TINYCLR_SSL_PRINTF("%02X%c",s->session->master_key[z],((z+1)%16)?' ':'\n'); }
#endif
if (!tls1_generate_key_block(s,p1,p2,num))
goto err;
#ifdef TLS_DEBUG
TINYCLR_SSL_PRINTF("\nkey block\n");
{ int z; for (z=0; z<num; z++) TINYCLR_SSL_PRINTF("%02X%c",p1[z],((z+1)%16)?' ':'\n'); }
#endif
if (!(s->options & SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS))
{
/* enable vulnerability countermeasure for CBC ciphers with
* known-IV problem (http://www.openssl.org/~bodo/tls-cbc.txt)
*/
s->s3->need_empty_fragments = 1;
if (s->session->cipher != NULL)
{
if (s->session->cipher->algorithm_enc == SSL_eNULL)
s->s3->need_empty_fragments = 0;
#ifndef OPENSSL_NO_RC4
if (s->session->cipher->algorithm_enc == SSL_RC4)
s->s3->need_empty_fragments = 0;
#endif
}
}
ret = 1;
err:
if (p2)
{
OPENSSL_cleanse(p2,num);
OPENSSL_free(p2);
}
return(ret);
}
int SSL_SESSION_print(BIO *bp, const SSL_SESSION *x)
{
unsigned int i;
const char *s;
if (x == NULL) goto err;
if (BIO_puts(bp,"SSL-Session:\n") <= 0) goto err;
if (x->ssl_version == SSL2_VERSION)
s="SSLv2";
else if (x->ssl_version == SSL3_VERSION)
s="SSLv3";
else if (x->ssl_version == TLS1_VERSION)
s="TLSv1";
else
s="unknown";
if (BIO_printf(bp," Protocol : %s\n",s) <= 0) goto err;
if (x->cipher == NULL)
{
if (((x->cipher_id) & 0xff000000) == 0x02000000)
{
if (BIO_printf(bp," Cipher : %06lX\n",x->cipher_id&0xffffff) <= 0)
goto err;
}
else
{
if (BIO_printf(bp," Cipher : %04lX\n",x->cipher_id&0xffff) <= 0)
goto err;
}
}
else
{
if (BIO_printf(bp," Cipher : %s\n",((x->cipher == NULL)?"unknown":x->cipher->name)) <= 0)
goto err;
}
if (BIO_puts(bp," Session-ID: ") <= 0) goto err;
for (i=0; i<x->session_id_length; i++)
{
if (BIO_printf(bp,"%02X",x->session_id[i]) <= 0) goto err;
}
if (BIO_puts(bp,"\n Session-ID-ctx: ") <= 0) goto err;
for (i=0; i<x->sid_ctx_length; i++)
{
if (BIO_printf(bp,"%02X",x->sid_ctx[i]) <= 0)
goto err;
}
if (BIO_puts(bp,"\n Master-Key: ") <= 0) goto err;
for (i=0; i<(unsigned int)x->master_key_length; i++)
{
if (BIO_printf(bp,"%02X",x->master_key[i]) <= 0) goto err;
}
if (BIO_puts(bp,"\n Key-Arg : ") <= 0) goto err;
if (x->key_arg_length == 0)
{
if (BIO_puts(bp,"None") <= 0) goto err;
}
else
for (i=0; i<x->key_arg_length; i++)
{
if (BIO_printf(bp,"%02X",x->key_arg[i]) <= 0) goto err;
}
#ifndef OPENSSL_NO_KRB5
if (BIO_puts(bp,"\n Krb5 Principal: ") <= 0) goto err;
if (x->krb5_client_princ_len == 0)
{
if (BIO_puts(bp,"None") <= 0) goto err;
}
else
for (i=0; i<x->krb5_client_princ_len; i++)
{
if (BIO_printf(bp,"%02X",x->krb5_client_princ[i]) <= 0) goto err;
}
#endif /* OPENSSL_NO_KRB5 */
#ifndef OPENSSL_NO_TLSEXT
if (x->tlsext_tick_lifetime_hint)
{
if (BIO_printf(bp,
"\n TLS session ticket lifetime hint: %ld (seconds)",
x->tlsext_tick_lifetime_hint) <=0)
goto err;
}
if (x->tlsext_tick)
{
if (BIO_puts(bp, "\n TLS session ticket:\n") <= 0) goto err;
if (BIO_dump_indent(bp, (char *)x->tlsext_tick, x->tlsext_ticklen, 4) <= 0)
goto err;
}
#endif
#ifndef OPENSSL_NO_COMP
if (x->compress_meth != 0)
{
SSL_COMP *comp = NULL;
ssl_cipher_get_evp(x,NULL,NULL,&comp);
if (comp == NULL)
{
if (BIO_printf(bp,"\n Compression: %d",x->compress_meth) <= 0) goto err;
}
else
{
if (BIO_printf(bp,"\n Compression: %d (%s)", comp->id,comp->method->name) <= 0) goto err;
}
}
#endif
if (x->time != 0L)
{
if (BIO_printf(bp, "\n Start Time: %ld",x->time) <= 0) goto err;
}
if (x->timeout != 0L)
{
if (BIO_printf(bp, "\n Timeout : %ld (sec)",x->timeout) <= 0) goto err;
}
if (BIO_puts(bp,"\n") <= 0) goto err;
if (BIO_puts(bp, " Verify return code: ") <= 0) goto err;
if (BIO_printf(bp, "%ld (%s)\n", x->verify_result,
X509_verify_cert_error_string(x->verify_result)) <= 0) goto err;
return(1);
err:
return(0);
}
static int client_master_key(SSL *s)
{
unsigned char *buf;
unsigned char *p,*d;
int clear,enc,karg,i;
SSL_SESSION *sess;
const EVP_CIPHER *c;
const EVP_MD *md;
buf=(unsigned char *)s->init_buf->data;
if (s->state == SSL2_ST_SEND_CLIENT_MASTER_KEY_A)
{
if (!ssl_cipher_get_evp(s->session,&c,&md,NULL))
{
ssl2_return_error(s,SSL2_PE_NO_CIPHER);
SSLerr(SSL_F_CLIENT_MASTER_KEY,SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS);
return(-1);
}
sess=s->session;
p=buf;
d=p+10;
*(p++)=SSL2_MT_CLIENT_MASTER_KEY;/* type */
i=ssl_put_cipher_by_char(s,sess->cipher,p);
p+=i;
/* make key_arg data */
i=EVP_CIPHER_iv_length(c);
sess->key_arg_length=i;
if (i > SSL_MAX_KEY_ARG_LENGTH)
{
ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
SSLerr(SSL_F_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
return -1;
}
if (i > 0)
if (RAND_pseudo_bytes(sess->key_arg,i) <= 0)
return -1;
/* make a master key */
i=EVP_CIPHER_key_length(c);
sess->master_key_length=i;
if (i > 0)
{
if (i > (int)sizeof(sess->master_key))
{
ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
SSLerr(SSL_F_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
return -1;
}
if (RAND_bytes(sess->master_key,i) <= 0)
{
ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
return(-1);
}
}
if (sess->cipher->algorithm2 & SSL2_CF_8_BYTE_ENC)
enc=8;
else if (SSL_C_IS_EXPORT(sess->cipher))
enc=5;
else
enc=i;
if ((int)i < enc)
{
ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
SSLerr(SSL_F_CLIENT_MASTER_KEY,SSL_R_CIPHER_TABLE_SRC_ERROR);
return(-1);
}
clear=i-enc;
s2n(clear,p);
memcpy(d,sess->master_key,(unsigned int)clear);
d+=clear;
enc=ssl_rsa_public_encrypt(sess->sess_cert,enc,
&(sess->master_key[clear]),d,
(s->s2->ssl2_rollback)?RSA_SSLV23_PADDING:RSA_PKCS1_PADDING);
if (enc <= 0)
{
ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
SSLerr(SSL_F_CLIENT_MASTER_KEY,SSL_R_PUBLIC_KEY_ENCRYPT_ERROR);
return(-1);
}
#ifdef PKCS1_CHECK
if (s->options & SSL_OP_PKCS1_CHECK_1) d[1]++;
if (s->options & SSL_OP_PKCS1_CHECK_2)
sess->master_key[clear]++;
#endif
s2n(enc,p);
d+=enc;
karg=sess->key_arg_length;
s2n(karg,p); /* key arg size */
if (karg > (int)sizeof(sess->key_arg))
{
ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
SSLerr(SSL_F_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
return -1;
}
memcpy(d,sess->key_arg,(unsigned int)karg);
d+=karg;
s->state=SSL2_ST_SEND_CLIENT_MASTER_KEY_B;
s->init_num=d-buf;
s->init_off=0;
}
/* SSL2_ST_SEND_CLIENT_MASTER_KEY_B */
return(ssl2_do_write(s));
}
int SSL_SESSION_print(BIO *bp, const SSL_SESSION *x)
{
unsigned int i;
const char *s;
if (x == NULL)
goto err;
if (BIO_puts(bp, "SSL-Session:\n") <= 0)
goto err;
if (x->ssl_version == SSL3_VERSION)
s = "SSLv3";
else if (x->ssl_version == TLS1_2_VERSION)
s = "TLSv1.2";
else if (x->ssl_version == TLS1_1_VERSION)
s = "TLSv1.1";
else if (x->ssl_version == TLS1_VERSION)
s = "TLSv1";
else if (x->ssl_version == DTLS1_VERSION)
s = "DTLSv1";
else if (x->ssl_version == DTLS1_2_VERSION)
s = "DTLSv1.2";
else if (x->ssl_version == DTLS1_BAD_VER)
s = "DTLSv1-bad";
else
s = "unknown";
if (BIO_printf(bp, " Protocol : %s\n", s) <= 0)
goto err;
if (x->cipher == NULL) {
if (((x->cipher_id) & 0xff000000) == 0x02000000) {
if (BIO_printf
(bp, " Cipher : %06lX\n", x->cipher_id & 0xffffff) <= 0)
goto err;
} else {
if (BIO_printf
(bp, " Cipher : %04lX\n", x->cipher_id & 0xffff) <= 0)
goto err;
}
} else {
if (BIO_printf
(bp, " Cipher : %s\n",
((x->cipher == NULL) ? "unknown" : x->cipher->name)) <= 0)
goto err;
}
if (BIO_puts(bp, " Session-ID: ") <= 0)
goto err;
for (i = 0; i < x->session_id_length; i++) {
if (BIO_printf(bp, "%02X", x->session_id[i]) <= 0)
goto err;
}
if (BIO_puts(bp, "\n Session-ID-ctx: ") <= 0)
goto err;
for (i = 0; i < x->sid_ctx_length; i++) {
if (BIO_printf(bp, "%02X", x->sid_ctx[i]) <= 0)
goto err;
}
if (BIO_puts(bp, "\n Master-Key: ") <= 0)
goto err;
for (i = 0; i < (unsigned int)x->master_key_length; i++) {
if (BIO_printf(bp, "%02X", x->master_key[i]) <= 0)
goto err;
}
#ifndef OPENSSL_NO_PSK
if (BIO_puts(bp, "\n PSK identity: ") <= 0)
goto err;
if (BIO_printf(bp, "%s", x->psk_identity ? x->psk_identity : "None") <= 0)
goto err;
if (BIO_puts(bp, "\n PSK identity hint: ") <= 0)
goto err;
if (BIO_printf
(bp, "%s", x->psk_identity_hint ? x->psk_identity_hint : "None") <= 0)
goto err;
#endif
#ifndef OPENSSL_NO_SRP
if (BIO_puts(bp, "\n SRP username: "******"%s", x->srp_username ? x->srp_username : "******") <= 0)
goto err;
#endif
#ifndef OPENSSL_NO_TLSEXT
if (x->tlsext_tick_lifetime_hint) {
if (BIO_printf(bp,
"\n TLS session ticket lifetime hint: %ld (seconds)",
x->tlsext_tick_lifetime_hint) <= 0)
goto err;
}
if (x->tlsext_tick) {
if (BIO_puts(bp, "\n TLS session ticket:\n") <= 0)
goto err;
if (BIO_dump_indent(bp, (char *)x->tlsext_tick, x->tlsext_ticklen, 4)
<= 0)
goto err;
}
#endif
#ifndef OPENSSL_NO_COMP
if (x->compress_meth != 0) {
SSL_COMP *comp = NULL;
if (!ssl_cipher_get_evp(x, NULL, NULL, NULL, NULL, &comp, 0))
goto err;
if (comp == NULL) {
if (BIO_printf(bp, "\n Compression: %d", x->compress_meth) <=
0)
goto err;
} else {
if (BIO_printf(bp, "\n Compression: %d (%s)", comp->id,
comp->name) <= 0)
goto err;
}
}
#endif
if (x->time != 0L) {
if (BIO_printf(bp, "\n Start Time: %ld", x->time) <= 0)
goto err;
}
if (x->timeout != 0L) {
if (BIO_printf(bp, "\n Timeout : %ld (sec)", x->timeout) <= 0)
goto err;
}
if (BIO_puts(bp, "\n") <= 0)
goto err;
if (BIO_puts(bp, " Verify return code: ") <= 0)
goto err;
if (BIO_printf(bp, "%ld (%s)\n", x->verify_result,
X509_verify_cert_error_string(x->verify_result)) <= 0)
goto err;
if (BIO_printf(bp, " Extended master secret: %s\n",
x->flags & SSL_SESS_FLAG_EXTMS ? "yes" : "no") <= 0)
goto err;
return (1);
err:
return (0);
}
int ssl3_setup_key_block(SSL *s)
{
unsigned char *p;
const EVP_CIPHER *c;
const EVP_MD *hash;
int num;
int ret = 0;
SSL_COMP *comp;
if (s->s3->tmp.key_block_length != 0)
return 1;
if (!ssl_cipher_get_evp(s->session, &c, &hash, NULL, NULL, &comp, 0)) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL3_SETUP_KEY_BLOCK,
SSL_R_CIPHER_OR_HASH_UNAVAILABLE);
return 0;
}
s->s3->tmp.new_sym_enc = c;
s->s3->tmp.new_hash = hash;
#ifdef OPENSSL_NO_COMP
s->s3->tmp.new_compression = NULL;
#else
s->s3->tmp.new_compression = comp;
#endif
num = EVP_MD_size(hash);
if (num < 0)
return 0;
num = EVP_CIPHER_key_length(c) + num + EVP_CIPHER_iv_length(c);
num *= 2;
ssl3_cleanup_key_block(s);
if ((p = OPENSSL_malloc(num)) == NULL) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL3_SETUP_KEY_BLOCK,
ERR_R_MALLOC_FAILURE);
return 0;
}
s->s3->tmp.key_block_length = num;
s->s3->tmp.key_block = p;
/* Calls SSLfatal() as required */
ret = ssl3_generate_key_block(s, p, num);
if (!(s->options & SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS)) {
/*
* enable vulnerability countermeasure for CBC ciphers with known-IV
* problem (http://www.openssl.org/~bodo/tls-cbc.txt)
*/
s->s3->need_empty_fragments = 1;
if (s->session->cipher != NULL) {
if (s->session->cipher->algorithm_enc == SSL_eNULL)
s->s3->need_empty_fragments = 0;
#ifndef OPENSSL_NO_RC4
if (s->session->cipher->algorithm_enc == SSL_RC4)
s->s3->need_empty_fragments = 0;
#endif
}
}
return ret;
}
int tls1_setup_key_block(SSL *s)
{
unsigned char *p1,*p2;
const EVP_CIPHER *c;
const EVP_MD *hash;
int num;
SSL_COMP *comp;
if (s->s3->tmp.key_block_length != 0)
return(1);
if (!ssl_cipher_get_evp(s->session,&c,&hash,&comp))
{
SSLerr(SSL_F_TLS1_SETUP_KEY_BLOCK,SSL_R_CIPHER_OR_HASH_UNAVAILABLE);
return(0);
}
s->s3->tmp.new_sym_enc=c;
s->s3->tmp.new_hash=hash;
num=EVP_CIPHER_key_length(c)+EVP_MD_size(hash)+EVP_CIPHER_iv_length(c);
num*=2;
ssl3_cleanup_key_block(s);
if ((p1=(unsigned char *)OPENSSL_malloc(num)) == NULL)
goto err;
if ((p2=(unsigned char *)OPENSSL_malloc(num)) == NULL)
goto err;
s->s3->tmp.key_block_length=num;
s->s3->tmp.key_block=p1;
#ifdef TLS_DEBUG
printf("client random\n");
{ int z; for (z=0; z<SSL3_RANDOM_SIZE; z++) printf("%02X%c",s->s3->client_random[z],((z+1)%16)?' ':'\n'); }
printf("server random\n");
{ int z; for (z=0; z<SSL3_RANDOM_SIZE; z++) printf("%02X%c",s->s3->server_random[z],((z+1)%16)?' ':'\n'); }
printf("pre-master\n");
{ int z; for (z=0; z<s->session->master_key_length; z++) printf("%02X%c",s->session->master_key[z],((z+1)%16)?' ':'\n'); }
#endif
tls1_generate_key_block(s,p1,p2,num);
memset(p2,0,num);
OPENSSL_free(p2);
#ifdef TLS_DEBUG
printf("\nkey block\n");
{ int z; for (z=0; z<num; z++) printf("%02X%c",p1[z],((z+1)%16)?' ':'\n'); }
#endif
/* enable vulnerability countermeasure for CBC ciphers with
* known-IV problem (http://www.openssl.org/~bodo/tls-cbc.txt) */
s->s3->need_empty_fragments = 1;
#ifndef NO_RC4
if ((s->session->cipher != NULL) && ((s->session->cipher->algorithms & SSL_ENC_MASK) == SSL_RC4))
s->s3->need_empty_fragments = 0;
#endif
return(1);
err:
SSLerr(SSL_F_TLS1_SETUP_KEY_BLOCK,ERR_R_MALLOC_FAILURE);
return(0);
}
