Symaptic: os/ossrv/ssl/libssl/src/s2_enc.c@bde4ae8d615e (annotated)

sl@0	1	/* ssl/s2_enc.c */
sl@0	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
sl@0	3	* All rights reserved.
sl@0	4	*
sl@0	5	* This package is an SSL implementation written
sl@0	6	* by Eric Young (eay@cryptsoft.com).
sl@0	7	* The implementation was written so as to conform with Netscapes SSL.
sl@0	8	*
sl@0	9	* This library is free for commercial and non-commercial use as long as
sl@0	10	* the following conditions are aheared to. The following conditions
sl@0	11	* apply to all code found in this distribution, be it the RC4, RSA,
sl@0	12	* lhash, DES, etc., code; not just the SSL code. The SSL documentation
sl@0	13	* included with this distribution is covered by the same copyright terms
sl@0	14	* except that the holder is Tim Hudson (tjh@cryptsoft.com).
sl@0	15	*
sl@0	16	* Copyright remains Eric Young's, and as such any Copyright notices in
sl@0	17	* the code are not to be removed.
sl@0	18	* If this package is used in a product, Eric Young should be given attribution
sl@0	19	* as the author of the parts of the library used.
sl@0	20	* This can be in the form of a textual message at program startup or
sl@0	21	* in documentation (online or textual) provided with the package.
sl@0	22	*
sl@0	23	* Redistribution and use in source and binary forms, with or without
sl@0	24	* modification, are permitted provided that the following conditions
sl@0	25	* are met:
sl@0	26	* 1. Redistributions of source code must retain the copyright
sl@0	27	* notice, this list of conditions and the following disclaimer.
sl@0	28	* 2. Redistributions in binary form must reproduce the above copyright
sl@0	29	* notice, this list of conditions and the following disclaimer in the
sl@0	30	* documentation and/or other materials provided with the distribution.
sl@0	31	* 3. All advertising materials mentioning features or use of this software
sl@0	32	* must display the following acknowledgement:
sl@0	33	* "This product includes cryptographic software written by
sl@0	34	* Eric Young (eay@cryptsoft.com)"
sl@0	35	* The word 'cryptographic' can be left out if the rouines from the library
sl@0	36	* being used are not cryptographic related :-).
sl@0	37	* 4. If you include any Windows specific code (or a derivative thereof) from
sl@0	38	* the apps directory (application code) you must include an acknowledgement:
sl@0	39	* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
sl@0	40	*
sl@0	41	* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
sl@0	42	* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
sl@0	43	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
sl@0	44	* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
sl@0	45	* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
sl@0	46	* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
sl@0	47	* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
sl@0	48	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
sl@0	49	* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
sl@0	50	* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
sl@0	51	* SUCH DAMAGE.
sl@0	52	*
sl@0	53	* The licence and distribution terms for any publically available version or
sl@0	54	* derivative of this code cannot be changed. i.e. this code cannot simply be
sl@0	55	* copied and put under another distribution licence
sl@0	56	* [including the GNU Public Licence.]
sl@0	57	*/
sl@0	58
sl@0	59	#include "ssl_locl.h"
sl@0	60	#ifndef OPENSSL_NO_SSL2
sl@0	61	#include <stdio.h>
sl@0	62
sl@0	63	int ssl2_enc_init(SSL *s, int client)
sl@0	64	{
sl@0	65	/* Max number of bytes needed */
sl@0	66	EVP_CIPHER_CTX rs,ws;
sl@0	67	const EVP_CIPHER *c;
sl@0	68	const EVP_MD *md;
sl@0	69	int num;
sl@0	70
sl@0	71	if (!ssl_cipher_get_evp(s->session,&c,&md,NULL))
sl@0	72	{
sl@0	73	ssl2_return_error(s,SSL2_PE_NO_CIPHER);
sl@0	74	SSLerr(SSL_F_SSL2_ENC_INIT,SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS);
sl@0	75	return(0);
sl@0	76	}
sl@0	77
sl@0	78	s->read_hash=md;
sl@0	79	s->write_hash=md;
sl@0	80
sl@0	81	if ((s->enc_read_ctx == NULL) &&
sl@0	82	((s->enc_read_ctx=(EVP_CIPHER_CTX *)
sl@0	83	OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL))
sl@0	84	goto err;
sl@0	85
sl@0	86	/* make sure it's intialized in case the malloc for enc_write_ctx fails
sl@0	87	* and we exit with an error */
sl@0	88	rs= s->enc_read_ctx;
sl@0	89	EVP_CIPHER_CTX_init(rs);
sl@0	90
sl@0	91	if ((s->enc_write_ctx == NULL) &&
sl@0	92	((s->enc_write_ctx=(EVP_CIPHER_CTX *)
sl@0	93	OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL))
sl@0	94	goto err;
sl@0	95
sl@0	96	ws= s->enc_write_ctx;
sl@0	97	EVP_CIPHER_CTX_init(ws);
sl@0	98
sl@0	99	num=c->key_len;
sl@0	100	s->s2->key_material_length=num*2;
sl@0	101	OPENSSL_assert(s->s2->key_material_length <= sizeof s->s2->key_material);
sl@0	102
sl@0	103	if (ssl2_generate_key_material(s) <= 0)
sl@0	104	return 0;
sl@0	105
sl@0	106	OPENSSL_assert(c->iv_len <= (int)sizeof(s->session->key_arg));
sl@0	107	EVP_EncryptInit_ex(ws,c,NULL,&(s->s2->key_material[(client)?num:0]),
sl@0	108	s->session->key_arg);
sl@0	109	EVP_DecryptInit_ex(rs,c,NULL,&(s->s2->key_material[(client)?0:num]),
sl@0	110	s->session->key_arg);
sl@0	111	s->s2->read_key= &(s->s2->key_material[(client)?0:num]);
sl@0	112	s->s2->write_key= &(s->s2->key_material[(client)?num:0]);
sl@0	113	return(1);
sl@0	114	err:
sl@0	115	SSLerr(SSL_F_SSL2_ENC_INIT,ERR_R_MALLOC_FAILURE);
sl@0	116	return(0);
sl@0	117	}
sl@0	118
sl@0	119	/* read/writes from s->s2->mac_data using length for encrypt and
sl@0	120	* decrypt. It sets s->s2->padding and s->[rw]length
sl@0	121	* if we are encrypting */
sl@0	122	void ssl2_enc(SSL *s, int send)
sl@0	123	{
sl@0	124	EVP_CIPHER_CTX *ds;
sl@0	125	unsigned long l;
sl@0	126	int bs;
sl@0	127
sl@0	128	if (send)
sl@0	129	{
sl@0	130	ds=s->enc_write_ctx;
sl@0	131	l=s->s2->wlength;
sl@0	132	}
sl@0	133	else
sl@0	134	{
sl@0	135	ds=s->enc_read_ctx;
sl@0	136	l=s->s2->rlength;
sl@0	137	}
sl@0	138
sl@0	139	/* check for NULL cipher */
sl@0	140	if (ds == NULL) return;
sl@0	141
sl@0	142
sl@0	143	bs=ds->cipher->block_size;
sl@0	144	/* This should be using (bs-1) and bs instead of 7 and 8, but
sl@0	145	* what the hell. */
sl@0	146	if (bs == 8)
sl@0	147	l=(l+7)/8*8;
sl@0	148
sl@0	149	EVP_Cipher(ds,s->s2->mac_data,s->s2->mac_data,l);
sl@0	150	}
sl@0	151
sl@0	152	void ssl2_mac(SSL s, unsigned char md, int send)
sl@0	153	{
sl@0	154	EVP_MD_CTX c;
sl@0	155	unsigned char sequence[4],p,sec,*act;
sl@0	156	unsigned long seq;
sl@0	157	unsigned int len;
sl@0	158
sl@0	159	if (send)
sl@0	160	{
sl@0	161	seq=s->s2->write_sequence;
sl@0	162	sec=s->s2->write_key;
sl@0	163	len=s->s2->wact_data_length;
sl@0	164	act=s->s2->wact_data;
sl@0	165	}
sl@0	166	else
sl@0	167	{
sl@0	168	seq=s->s2->read_sequence;
sl@0	169	sec=s->s2->read_key;
sl@0	170	len=s->s2->ract_data_length;
sl@0	171	act=s->s2->ract_data;
sl@0	172	}
sl@0	173
sl@0	174	p= &(sequence[0]);
sl@0	175	l2n(seq,p);
sl@0	176
sl@0	177	/* There has to be a MAC algorithm. */
sl@0	178	EVP_MD_CTX_init(&c);
sl@0	179	EVP_DigestInit_ex(&c, s->read_hash, NULL);
sl@0	180	EVP_DigestUpdate(&c,sec,
sl@0	181	EVP_CIPHER_CTX_key_length(s->enc_read_ctx));
sl@0	182	EVP_DigestUpdate(&c,act,len);
sl@0	183	/* the above line also does the pad data */
sl@0	184	EVP_DigestUpdate(&c,sequence,4);
sl@0	185	EVP_DigestFinal_ex(&c,md,NULL);
sl@0	186	EVP_MD_CTX_cleanup(&c);
sl@0	187	}
sl@0	188	#else /* !OPENSSL_NO_SSL2 */
sl@0	189
sl@0	190	# if PEDANTIC
sl@0	191	static void *dummy=&dummy;
sl@0	192	# endif
sl@0	193
sl@0	194	#endif

author	sl@SLION-WIN7.fritz.box
	Fri, 15 Jun 2012 03:10:57 +0200
changeset 0	bde4ae8d615e
permissions	-rw-r--r--