lib/libssl/t1_hash.c

   1 /* $OpenBSD: t1_hash.c,v 1.2 2017/05/06 16:18:36 jsing Exp $ */
   2 /*
   3  * Copyright (c) 2017 Joel Sing <jsing@openbsd.org>
   4  *
   5  * Permission to use, copy, modify, and distribute this software for any
   6  * purpose with or without fee is hereby granted, provided that the above
   7  * copyright notice and this permission notice appear in all copies.
   8  *
   9  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
  10  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
  11  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
  12  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
  13  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
  14  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
  15  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  16  */
  17
  18 #include "ssl_locl.h"
  19
  20 #include <openssl/ssl.h>
  21
  22 int
  23 tls1_handshake_hash_init(SSL *s)
  24 {
  25         const EVP_MD *md;
  26         long dlen;
  27         void *data;
  28
  29         tls1_handshake_hash_free(s);
  30
  31         if (!ssl_get_handshake_evp_md(s, &md)) {
  32                 SSLerrorx(ERR_R_INTERNAL_ERROR);
  33                 goto err;
  34         }
  35
  36         if ((S3I(s)->handshake_hash = EVP_MD_CTX_create()) == NULL) {
  37                 SSLerror(s, ERR_R_MALLOC_FAILURE);
  38                 goto err;
  39         }
  40         if (!EVP_DigestInit_ex(S3I(s)->handshake_hash, md, NULL)) {
  41                 SSLerror(s, ERR_R_EVP_LIB);
  42                 goto err;
  43         }
  44
  45         dlen = BIO_get_mem_data(S3I(s)->handshake_buffer, &data);
  46         if (dlen <= 0) {
  47                 SSLerror(s, SSL_R_BAD_HANDSHAKE_LENGTH);
  48                 goto err;
  49         }
  50         if (!tls1_handshake_hash_update(s, data, dlen)) {
  51                 SSLerror(s, ERR_R_EVP_LIB);
  52                 goto err;
  53         }
  54
  55         return 1;
  56
  57  err:
  58         tls1_handshake_hash_free(s);
  59
  60         return 0;
  61 }
  62
  63 int
  64 tls1_handshake_hash_update(SSL *s, const unsigned char *buf, size_t len)
  65 {
  66         if (S3I(s)->handshake_hash == NULL)
  67                 return 1;
  68
  69         return EVP_DigestUpdate(S3I(s)->handshake_hash, buf, len);
  70 }
  71
  72 int
  73 tls1_handshake_hash_value(SSL *s, const unsigned char *out, size_t len,
  74     size_t *outlen)
  75 {
  76         EVP_MD_CTX *mdctx = NULL;
  77         unsigned int mdlen;
  78         int ret = 0;
  79
  80         if (EVP_MD_CTX_size(S3I(s)->handshake_hash) > len)
  81                 goto err;
  82
  83         if ((mdctx = EVP_MD_CTX_create()) == NULL) {
  84                 SSLerror(s, ERR_R_MALLOC_FAILURE);
  85                 goto err;
  86         }
  87         if (!EVP_MD_CTX_copy_ex(mdctx, S3I(s)->handshake_hash)) {
  88                 SSLerror(s, ERR_R_EVP_LIB);
  89                 goto err;
  90         }
  91         if (!EVP_DigestFinal_ex(mdctx, (unsigned char *)out, &mdlen)) {
  92                 SSLerror(s, ERR_R_EVP_LIB);
  93                 goto err;
  94         }
  95         if (outlen != NULL)
  96                 *outlen = mdlen;
  97
  98         ret = 1;
  99
 100  err:
 101         EVP_MD_CTX_destroy(mdctx);
 102
 103         return (ret);
 104 }
 105
 106 void
 107 tls1_handshake_hash_free(SSL *s)
 108 {
 109         EVP_MD_CTX_destroy(S3I(s)->handshake_hash);
 110         S3I(s)->handshake_hash = NULL;
 111 }