diff options
| author | Bodo Möller <bodo@openssl.org> | 2003-02-28 15:37:10 +0000 |
|---|---|---|
| committer | Bodo Möller <bodo@openssl.org> | 2003-02-28 15:37:10 +0000 |
| commit | 176f31ddec84a51d35871dc021a013df9f3cbccd (patch) | |
| tree | 727fd06fa996652c5a8597b8c6cc79c96e07dc05 /ssl | |
| parent | fe14ee96db3ccef6a7a090bd0264d476a79e3f43 (diff) | |
- new ECDH_compute_key interface (KDF is no longer a fixed built-in)
- bugfix: in ECDH_compute_key, pad x coordinate with leading zeros if necessary
Diffstat (limited to 'ssl')
| -rw-r--r-- | ssl/s3_clnt.c | 17 | ||||
| -rw-r--r-- | ssl/s3_srvr.c | 17 |
2 files changed, 30 insertions, 4 deletions
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c index 2f12695377..211dd03b11 100644 --- a/ssl/s3_clnt.c +++ b/ssl/s3_clnt.c @@ -56,7 +56,7 @@ * [including the GNU Public Licence.] */ /* ==================================================================== - * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. + * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -1574,6 +1574,19 @@ static int ssl3_get_server_done(SSL *s) return(ret); } + +static const int KDF1_SHA1_len = 20; +static void *KDF1_SHA1(void *in, size_t inlen, void *out, size_t outlen) + { +#ifndef OPENSSL_NO_SHA + if (outlen != SHA_DIGEST_LENGTH) + return NULL; + return SHA1(in, inlen, out); +#else + return NULL; +#endif + } + static int ssl3_send_client_key_exchange(SSL *s) { unsigned char *p,*d; @@ -1949,7 +1962,7 @@ static int ssl3_send_client_key_exchange(SSL *s) * make sure to clear it out afterwards */ - n=ECDH_compute_key(p, srvr_ecpoint, clnt_ecdh); + n=ECDH_compute_key(p, KDF1_SHA1_len, srvr_ecpoint, clnt_ecdh, KDF1_SHA1); if (n <= 0) { SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c index 3db3e78d5e..a2f5b843db 100644 --- a/ssl/s3_srvr.c +++ b/ssl/s3_srvr.c @@ -56,7 +56,7 @@ * [including the GNU Public Licence.] */ /* ==================================================================== - * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. + * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -1577,6 +1577,19 @@ err: return(-1); } + +static const int KDF1_SHA1_len = 20; +static void *KDF1_SHA1(void *in, size_t inlen, void *out, size_t outlen) + { +#ifndef OPENSSL_NO_SHA + if (outlen != SHA_DIGEST_LENGTH) + return NULL; + return SHA1(in, inlen, out); +#else + return NULL; +#endif + } + static int ssl3_get_client_key_exchange(SSL *s) { int i,al,ok; @@ -2047,7 +2060,7 @@ static int ssl3_get_client_key_exchange(SSL *s) } /* Compute the shared pre-master secret */ - i = ECDH_compute_key(p, clnt_ecpoint, srvr_ecdh); + i = ECDH_compute_key(p, KDF1_SHA1_len, clnt_ecpoint, srvr_ecdh, KDF1_SHA1); if (i <= 0) { SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, |