OLD | NEW |
1 /* ssl/d1_enc.c */ | 1 /* ssl/d1_enc.c */ |
2 /* | 2 /* |
3 * DTLS implementation written by Nagendra Modadugu | 3 * DTLS implementation written by Nagendra Modadugu |
4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. | 4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. |
5 */ | 5 */ |
6 /* ==================================================================== | 6 /* ==================================================================== |
7 * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved. | 7 * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved. |
8 * | 8 * |
9 * Redistribution and use in source and binary forms, with or without | 9 * Redistribution and use in source and binary forms, with or without |
10 * modification, are permitted provided that the following conditions | 10 * modification, are permitted provided that the following conditions |
(...skipping 118 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
129 int dtls1_enc(SSL *s, int send) | 129 int dtls1_enc(SSL *s, int send) |
130 { | 130 { |
131 SSL3_RECORD *rec; | 131 SSL3_RECORD *rec; |
132 EVP_CIPHER_CTX *ds; | 132 EVP_CIPHER_CTX *ds; |
133 unsigned long l; | 133 unsigned long l; |
134 int bs,i,ii,j,k,n=0; | 134 int bs,i,ii,j,k,n=0; |
135 const EVP_CIPHER *enc; | 135 const EVP_CIPHER *enc; |
136 | 136 |
137 if (send) | 137 if (send) |
138 { | 138 { |
139 » » if (s->write_hash != NULL) | 139 » » if (EVP_MD_CTX_md(s->write_hash)) |
140 » » » n=EVP_MD_size(s->write_hash); | 140 » » » { |
| 141 » » » n=EVP_MD_CTX_size(s->write_hash); |
| 142 » » » if (n < 0) |
| 143 » » » » return -1; |
| 144 » » » } |
141 ds=s->enc_write_ctx; | 145 ds=s->enc_write_ctx; |
142 rec= &(s->s3->wrec); | 146 rec= &(s->s3->wrec); |
143 if (s->enc_write_ctx == NULL) | 147 if (s->enc_write_ctx == NULL) |
144 enc=NULL; | 148 enc=NULL; |
145 else | 149 else |
146 { | 150 { |
147 enc=EVP_CIPHER_CTX_cipher(s->enc_write_ctx); | 151 enc=EVP_CIPHER_CTX_cipher(s->enc_write_ctx); |
148 if ( rec->data != rec->input) | 152 if ( rec->data != rec->input) |
149 /* we can't write into the input stream */ | 153 /* we can't write into the input stream */ |
150 fprintf(stderr, "%s:%d: rec->data != rec->input\
n", | 154 fprintf(stderr, "%s:%d: rec->data != rec->input\
n", |
151 __FILE__, __LINE__); | 155 __FILE__, __LINE__); |
152 else if ( EVP_CIPHER_block_size(ds->cipher) > 1) | 156 else if ( EVP_CIPHER_block_size(ds->cipher) > 1) |
153 { | 157 { |
154 if (RAND_bytes(rec->input, EVP_CIPHER_block_size
(ds->cipher)) <= 0) | 158 if (RAND_bytes(rec->input, EVP_CIPHER_block_size
(ds->cipher)) <= 0) |
155 return -1; | 159 return -1; |
156 } | 160 } |
157 } | 161 } |
158 } | 162 } |
159 else | 163 else |
160 { | 164 { |
161 » » if (s->read_hash != NULL) | 165 » » if (EVP_MD_CTX_md(s->read_hash)) |
162 » » » n=EVP_MD_size(s->read_hash); | 166 » » » { |
| 167 » » » n=EVP_MD_CTX_size(s->read_hash); |
| 168 » » » if (n < 0) |
| 169 » » » » return -1; |
| 170 » » » } |
163 ds=s->enc_read_ctx; | 171 ds=s->enc_read_ctx; |
164 rec= &(s->s3->rrec); | 172 rec= &(s->s3->rrec); |
165 if (s->enc_read_ctx == NULL) | 173 if (s->enc_read_ctx == NULL) |
166 enc=NULL; | 174 enc=NULL; |
167 else | 175 else |
168 enc=EVP_CIPHER_CTX_cipher(s->enc_read_ctx); | 176 enc=EVP_CIPHER_CTX_cipher(s->enc_read_ctx); |
169 } | 177 } |
170 | 178 |
171 #ifdef KSSL_DEBUG | 179 #ifdef KSSL_DEBUG |
172 printf("dtls1_enc(%d)\n", send); | 180 printf("dtls1_enc(%d)\n", send); |
(...skipping 26 matching lines...) Expand all Loading... |
199 for (k=(int)l; k<(int)(l+i); k++) | 207 for (k=(int)l; k<(int)(l+i); k++) |
200 rec->input[k]=j; | 208 rec->input[k]=j; |
201 l+=i; | 209 l+=i; |
202 rec->length+=i; | 210 rec->length+=i; |
203 } | 211 } |
204 | 212 |
205 #ifdef KSSL_DEBUG | 213 #ifdef KSSL_DEBUG |
206 { | 214 { |
207 unsigned long ui; | 215 unsigned long ui; |
208 printf("EVP_Cipher(ds=%p,rec->data=%p,rec->input=%p,l=%ld) ==>\n
", | 216 printf("EVP_Cipher(ds=%p,rec->data=%p,rec->input=%p,l=%ld) ==>\n
", |
209 (void *)ds,rec->data,rec->input,l); | 217 ds,rec->data,rec->input,l); |
210 » » printf("\tEVP_CIPHER_CTX: %d buf_len, %d key_len [%ld %ld], %d i
v_len\n", | 218 » » printf("\tEVP_CIPHER_CTX: %d buf_len, %d key_len [%d %d], %d iv_
len\n", |
211 ds->buf_len, ds->cipher->key_len, | 219 ds->buf_len, ds->cipher->key_len, |
212 (unsigned long)DES_KEY_SZ, | 220 DES_KEY_SZ, DES_SCHEDULE_SZ, |
213 » » » (unsigned long)DES_SCHEDULE_SZ, | |
214 ds->cipher->iv_len); | 221 ds->cipher->iv_len); |
215 printf("\t\tIV: "); | 222 printf("\t\tIV: "); |
216 for (i=0; i<ds->cipher->iv_len; i++) printf("%02X", ds->iv[i]); | 223 for (i=0; i<ds->cipher->iv_len; i++) printf("%02X", ds->iv[i]); |
217 printf("\n"); | 224 printf("\n"); |
218 printf("\trec->input="); | 225 printf("\trec->input="); |
219 for (ui=0; ui<l; ui++) printf(" %02x", rec->input[ui]); | 226 for (ui=0; ui<l; ui++) printf(" %02x", rec->input[ui]); |
220 printf("\n"); | 227 printf("\n"); |
221 } | 228 } |
222 #endif /* KSSL_DEBUG */ | 229 #endif /* KSSL_DEBUG */ |
223 | 230 |
224 if (!send) | 231 if (!send) |
225 { | 232 { |
226 if (l == 0 || l%bs != 0) | 233 if (l == 0 || l%bs != 0) |
227 » » » » { | 234 » » » » return -1; |
228 » » » » SSLerr(SSL_F_DTLS1_ENC,SSL_R_BLOCK_CIPHER_PAD_IS
_WRONG); | |
229 » » » » ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECRYPTIO
N_FAILED); | |
230 » » » » return 0; | |
231 » » » » } | |
232 } | 235 } |
233 | 236 |
234 EVP_Cipher(ds,rec->data,rec->input,l); | 237 EVP_Cipher(ds,rec->data,rec->input,l); |
235 | 238 |
236 #ifdef KSSL_DEBUG | 239 #ifdef KSSL_DEBUG |
237 { | 240 { |
238 unsigned long ki; | 241 unsigned long i; |
239 printf("\trec->data="); | 242 printf("\trec->data="); |
240 » » for (ki=0; ki<l; ki++) | 243 » » for (i=0; i<l; i++) |
241 printf(" %02x", rec->data[ki]); printf("\n"); | 244 printf(" %02x", rec->data[i]); printf("\n"); |
242 } | 245 } |
243 #endif /* KSSL_DEBUG */ | 246 #endif /* KSSL_DEBUG */ |
244 | 247 |
245 if ((bs != 1) && !send) | 248 if ((bs != 1) && !send) |
246 { | 249 { |
247 ii=i=rec->data[l-1]; /* padding_length */ | 250 ii=i=rec->data[l-1]; /* padding_length */ |
248 i++; | 251 i++; |
249 if (s->options&SSL_OP_TLS_BLOCK_PADDING_BUG) | 252 if (s->options&SSL_OP_TLS_BLOCK_PADDING_BUG) |
250 { | 253 { |
251 /* First packet is even in size, so check */ | 254 /* First packet is even in size, so check */ |
(...skipping 25 matching lines...) Expand all Loading... |
277 rec->length-=i; | 280 rec->length-=i; |
278 | 281 |
279 rec->data += bs; /* skip the implicit IV */ | 282 rec->data += bs; /* skip the implicit IV */ |
280 rec->input += bs; | 283 rec->input += bs; |
281 rec->length -= bs; | 284 rec->length -= bs; |
282 } | 285 } |
283 } | 286 } |
284 return(1); | 287 return(1); |
285 } | 288 } |
286 | 289 |
OLD | NEW |