diff options
| author | Dr. Stephen Henson <steve@openssl.org> | 2012-02-22 16:06:56 +0100 |
|---|---|---|
| committer | Dr. Stephen Henson <steve@openssl.org> | 2012-02-22 16:06:56 +0100 |
| commit | 74b4b4949454eff5d704503898520e2e92d17ed6 (patch) | |
| tree | c447f57687546dd20c221679856a9298735e1a52 /ssl/t1_enc.c | |
| parent | initialise i if n == 0 (diff) | |
| download | openssl-74b4b4949454eff5d704503898520e2e92d17ed6.tar.xz openssl-74b4b4949454eff5d704503898520e2e92d17ed6.zip | |
SSL export fixes (from Adam Langley) [original from 1.0.1]
Diffstat (limited to 'ssl/t1_enc.c')
| -rw-r--r-- | ssl/t1_enc.c | 58 |
1 files changed, 29 insertions, 29 deletions
diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c index 5c1074e245..f32393c56b 100644 --- a/ssl/t1_enc.c +++ b/ssl/t1_enc.c @@ -1119,16 +1119,17 @@ int tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p, return(SSL3_MASTER_SECRET_SIZE); } -int tls1_export_keying_material(SSL *s, unsigned char *out, unsigned int olen, - const char *label, unsigned int llen, const unsigned char *context, - unsigned int contextlen, int use_context) +int tls1_export_keying_material(SSL *s, unsigned char *out, size_t olen, + const char *label, size_t llen, const unsigned char *context, + size_t contextlen, int use_context) { unsigned char *buff; unsigned char *val = NULL; - unsigned int vallen, currentvalpos, rv; + size_t vallen, currentvalpos; + int rv; #ifdef KSSL_DEBUG - printf ("tls1_export_keying_material(%p, %p,%d, %s,%d, %p,%d)\n", s, out,olen, label,llen, p,plen); + printf ("tls1_export_keying_material(%p,%p,%d,%s,%d,%p,%d)\n", s, out, olen, label, llen, p, plen); #endif /* KSSL_DEBUG */ buff = OPENSSL_malloc(olen); @@ -1140,10 +1141,10 @@ int tls1_export_keying_material(SSL *s, unsigned char *out, unsigned int olen, * does not create a prohibited label. */ vallen = llen + SSL3_RANDOM_SIZE * 2; - if (use_context) - { - vallen += 2 + contextlen; - } + if (use_context) + { + vallen += 2 + contextlen; + } val = OPENSSL_malloc(vallen); if (val == NULL) goto err2; @@ -1155,17 +1156,17 @@ int tls1_export_keying_material(SSL *s, unsigned char *out, unsigned int olen, memcpy(val + currentvalpos, s->s3->server_random, SSL3_RANDOM_SIZE); currentvalpos += SSL3_RANDOM_SIZE; - if (use_context) - { - val[currentvalpos] = (contextlen << 8) & 0xff; - currentvalpos++; - val[currentvalpos] = contextlen & 0xff; - currentvalpos++; - if ((contextlen > 0) || (context != NULL)) - { - memcpy(val + currentvalpos, context, contextlen); - } - } + if (use_context) + { + val[currentvalpos] = (contextlen >> 8) & 0xff; + currentvalpos++; + val[currentvalpos] = contextlen & 0xff; + currentvalpos++; + if ((contextlen > 0) || (context != NULL)) + { + memcpy(val + currentvalpos, context, contextlen); + } + } /* disallow prohibited labels * note that SSL3_RANDOM_SIZE > max(prohibited label len) = @@ -1181,19 +1182,18 @@ int tls1_export_keying_material(SSL *s, unsigned char *out, unsigned int olen, if (memcmp(val, TLS_MD_KEY_EXPANSION_CONST, TLS_MD_KEY_EXPANSION_CONST_SIZE) == 0) goto err1; - tls1_PRF(s->s3->tmp.new_cipher->algorithm2, - val, vallen, - NULL, 0, - NULL, 0, - NULL, 0, - NULL, 0, - s->session->master_key,s->session->master_key_length, - out,buff,olen); + rv = tls1_PRF(s->s3->tmp.new_cipher->algorithm2, + val, vallen, + NULL, 0, + NULL, 0, + NULL, 0, + NULL, 0, + s->session->master_key,s->session->master_key_length, + out,buff,olen); #ifdef KSSL_DEBUG printf ("tls1_export_keying_material() complete\n"); #endif /* KSSL_DEBUG */ - rv = olen; goto ret; err1: SSLerr(SSL_F_TLS1_EXPORT_KEYING_MATERIAL, SSL_R_TLS_ILLEGAL_EXPORTER_LABEL); |