diff options
author | Joel Sing <jsing@cvs.openbsd.org> | 2014-06-01 01:57:10 +0000 |
---|---|---|
committer | Joel Sing <jsing@cvs.openbsd.org> | 2014-06-01 01:57:10 +0000 |
commit | 2805bee3d9484f2286ca630d0837784220f99a0e (patch) | |
tree | 5e58c7306d07bd1d2a60c50f9a58ca603b0ec085 | |
parent | 70b444e77643e8ad72591af495361a2242706faf (diff) |
Clean up the tls1_change_cipher_state() key length handling and use a
single variable with a descriptive name, instead of two poorly named
variables.
Largely based on Adam Langley's chromium patches.
ok miod@
-rw-r--r-- | lib/libssl/t1_enc.c | 22 |
1 files changed, 12 insertions, 10 deletions
diff --git a/lib/libssl/t1_enc.c b/lib/libssl/t1_enc.c index 96c28e14cfb..9a2d979fd7e 100644 --- a/lib/libssl/t1_enc.c +++ b/lib/libssl/t1_enc.c @@ -319,7 +319,7 @@ tls1_change_cipher_state(SSL *s, int which) int *mac_secret_size; EVP_MD_CTX *mac_ctx; EVP_PKEY *mac_key; - int is_export, n, i, j, k, exp_label_len, cl; + int is_export, n, i, k, exp_label_len, key_len; int reuse_dd = 0; char is_read; @@ -434,11 +434,13 @@ tls1_change_cipher_state(SSL *s, int which) p = s->s3->tmp.key_block; i = *mac_secret_size = s->s3->tmp.new_mac_secret_size; - cl = EVP_CIPHER_key_length(c); - j = is_export ? (cl < SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher) ? - cl : SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher)) : cl; - /* Was j=(exp)?5:EVP_CIPHER_key_length(c); */ - /* If GCM mode only part of IV comes from PRF */ + key_len = EVP_CIPHER_key_length(c); + if (is_export) { + if (key_len > SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher)) + key_len = SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher); + } + + /* If GCM mode only part of IV comes from PRF. */ if (EVP_CIPHER_mode(c) == EVP_CIPH_GCM_MODE) k = EVP_GCM_TLS_FIXED_IV_LEN; else @@ -448,7 +450,7 @@ tls1_change_cipher_state(SSL *s, int which) ms = &(p[0]); n = i + i; key = &(p[n]); - n += j + j; + n += key_len + key_len; iv = &(p[n]); n += k + k; exp_label = (unsigned char *)TLS_MD_CLIENT_WRITE_KEY_CONST; @@ -457,9 +459,9 @@ tls1_change_cipher_state(SSL *s, int which) } else { n = i; ms = &(p[n]); - n += i + j; + n += i + key_len; key = &(p[n]); - n += j + k; + n += key_len + k; iv = &(p[n]); n += k; exp_label = (unsigned char *)TLS_MD_SERVER_WRITE_KEY_CONST; @@ -488,7 +490,7 @@ tls1_change_cipher_state(SSL *s, int which) exp_label, exp_label_len, s->s3->client_random, SSL3_RANDOM_SIZE, s->s3->server_random, SSL3_RANDOM_SIZE, - NULL, 0, NULL, 0, key, j, tmp1, tmp2, + NULL, 0, NULL, 0, key, key_len, tmp1, tmp2, EVP_CIPHER_key_length(c))) goto err2; key = tmp1; |