diff options
author | Matt Caswell <matt@openssl.org> | 2018-01-23 12:23:23 +0000 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2018-01-24 18:02:37 +0000 |
commit | 97ea1e7f42eea97b117af08b3c1d29f6443850ab (patch) | |
tree | a0100b95025d6da5f9fb4c3b1293ff92322b3780 /ssl | |
parent | d0debc0a1cea232d3131b941dba435dc001f3cd3 (diff) |
Updates following review of SSL_stateless() code
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4435)
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/statem/extensions.c | 1 | ||||
-rw-r--r-- | ssl/statem/extensions_srvr.c | 17 |
2 files changed, 9 insertions, 9 deletions
diff --git a/ssl/statem/extensions.c b/ssl/statem/extensions.c index 335c9452ff..5a0fa25571 100644 --- a/ssl/statem/extensions.c +++ b/ssl/statem/extensions.c @@ -321,6 +321,7 @@ static const EXTENSION_DEFINITION ext_defs[] = { }, #endif { + /* Must be after key_share */ TLSEXT_TYPE_cookie, SSL_EXT_CLIENT_HELLO | SSL_EXT_TLS1_3_HELLO_RETRY_REQUEST | SSL_EXT_TLS_IMPLEMENTATION_ONLY | SSL_EXT_TLS1_3_ONLY, diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c index 60fa34201c..fadc6a70ea 100644 --- a/ssl/statem/extensions_srvr.c +++ b/ssl/statem/extensions_srvr.c @@ -26,12 +26,12 @@ /* * Message header + 2 bytes for protocol version + number of random bytes + - * + number of bytes in legacy session id + 2 bytes for ciphersuite - * + 1 byte for legacy compression + 2 bytes for extension block length - * + 6 bytes for key_share extension + 4 bytes for cookie extension header - * + the number of bytes in the cookie + * + 1 byte for legacy session id length + number of bytes in legacy session id + * + 2 bytes for ciphersuite + 1 byte for legacy compression + * + 2 bytes for extension block length + 6 bytes for key_share extension + * + 4 bytes for cookie extension header + the number of bytes in the cookie */ -#define MAX_HRR_SIZE (SSL3_HM_HEADER_LENGTH + 2 + SSL3_RANDOM_SIZE \ +#define MAX_HRR_SIZE (SSL3_HM_HEADER_LENGTH + 2 + SSL3_RANDOM_SIZE + 1 \ + SSL_MAX_SSL_SESSION_ID_LENGTH + 2 + 1 + 2 + 6 + 4 \ + MAX_COOKIE_SIZE) @@ -742,11 +742,10 @@ int tls_parse_ctos_cookie(SSL *s, PACKET *pkt, unsigned int context, X509 *x, return 0; } - hmaclen = sizeof(s->session_ctx->ext.cookie_hmac_key); + hmaclen = SHA256_DIGEST_LENGTH; if (EVP_DigestSignInit(hctx, NULL, EVP_sha256(), NULL, pkey) <= 0 - || EVP_DigestSignUpdate(hctx, data, - rawlen - SHA256_DIGEST_LENGTH) <= 0 - || EVP_DigestSignFinal(hctx, hmac, &hmaclen) <= 0 + || EVP_DigestSign(hctx, hmac, &hmaclen, data, + rawlen - SHA256_DIGEST_LENGTH) <= 0 || hmaclen != SHA256_DIGEST_LENGTH) { EVP_MD_CTX_free(hctx); EVP_PKEY_free(pkey); |