session tickets: Use sizeof() for the various fields (4e2e1ec9) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

ssl/s3_lib.c

+20 −8

Original line number	Diff line number	Diff line
		@@ -3395,20 +3395,32 @@ long ssl3_ctx_ctrl(SSL_CTX ctx, int cmd, long larg, void parg)
		case SSL_CTRL_GET_TLSEXT_TICKET_KEYS:
		{
		unsigned char *keys = parg;
		long tlsext_tick_keylen = (sizeof(ctx->tlsext_tick_key_name) +
		sizeof(ctx->tlsext_tick_hmac_key) + (ctx->tlsext_tick_aes_key));
		if (!keys)
		return 48;
		if (larg != 48) {
		return tlsext_tick_keylen;
		if (larg != tlsext_tick_keylen) {
		SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_TICKET_KEYS_LENGTH);
		return 0;
		}
		if (cmd == SSL_CTRL_SET_TLSEXT_TICKET_KEYS) {
		memcpy(ctx->tlsext_tick_key_name, keys, 16);
		memcpy(ctx->tlsext_tick_hmac_key, keys + 16, 16);
		memcpy(ctx->tlsext_tick_aes_key, keys + 32, 16);
		memcpy(ctx->tlsext_tick_key_name, keys,
		sizeof(ctx->tlsext_tick_key_name));
		memcpy(ctx->tlsext_tick_hmac_key,
		keys + sizeof(ctx->tlsext_tick_key_name),
		sizeof(ctx->tlsext_tick_hmac_key));
		memcpy(ctx->tlsext_tick_aes_key,
		keys + sizeof(ctx->tlsext_tick_key_name) + sizeof(ctx->tlsext_tick_hmac_key),
		sizeof(ctx->tlsext_tick_aes_key));
		} else {
		memcpy(keys, ctx->tlsext_tick_key_name, 16);
		memcpy(keys + 16, ctx->tlsext_tick_hmac_key, 16);
		memcpy(keys + 32, ctx->tlsext_tick_aes_key, 16);
		memcpy(keys, ctx->tlsext_tick_key_name,
		sizeof(ctx->tlsext_tick_key_name));
		memcpy(keys + sizeof(ctx->tlsext_tick_key_name),
		ctx->tlsext_tick_hmac_key,
		sizeof(ctx->tlsext_tick_hmac_key));
		memcpy(keys + sizeof(ctx->tlsext_tick_key_name) + sizeof(ctx->tlsext_tick_hmac_key),
		ctx->tlsext_tick_aes_key,
		sizeof(ctx->tlsext_tick_aes_key));
		}
		return 1;
		}

+4 −4

Original line number	Diff line number	Diff line
		@@ -2461,10 +2461,10 @@ SSL_CTX SSL_CTX_new(const SSL_METHOD meth)
		ret->max_send_fragment = SSL3_RT_MAX_PLAIN_LENGTH;
		ret->split_send_fragment = SSL3_RT_MAX_PLAIN_LENGTH;

		/* Setup RFC4507 ticket keys */
		if ((RAND_bytes(ret->tlsext_tick_key_name, 16) <= 0)
		\|\| (RAND_bytes(ret->tlsext_tick_hmac_key, 16) <= 0)
		\|\| (RAND_bytes(ret->tlsext_tick_aes_key, 16) <= 0))
		/* Setup RFC5077 ticket keys */
		if ((RAND_bytes(ret->tlsext_tick_key_name, sizeof(ret->tlsext_tick_key_name)) <= 0)
		\|\| (RAND_bytes(ret->tlsext_tick_hmac_key, sizeof(ret->tlsext_tick_hmac_key)) <= 0)
		\|\| (RAND_bytes(ret->tlsext_tick_aes_key, sizeof(ret->tlsext_tick_aes_key)) <= 0))
		ret->options \|= SSL_OP_NO_TICKET;

		#ifndef OPENSSL_NO_SRP

+4 −2

Original line number	Diff line number	Diff line
		@@ -3051,10 +3051,12 @@ int tls_construct_new_session_ticket(SSL *s)
		if (!EVP_EncryptInit_ex(ctx, EVP_aes_128_cbc(), NULL,
		tctx->tlsext_tick_aes_key, iv))
		goto err;
		if (!HMAC_Init_ex(hctx, tctx->tlsext_tick_hmac_key, 16,
		if (!HMAC_Init_ex(hctx, tctx->tlsext_tick_hmac_key,
		sizeof(tctx->tlsext_tick_hmac_key),
		EVP_sha256(), NULL))
		goto err;
		memcpy(key_name, tctx->tlsext_tick_key_name, 16);
		memcpy(key_name, tctx->tlsext_tick_key_name,
		sizeof(tctx->tlsext_tick_key_name));
		}

		/*

+5 −3

Original line number	Diff line number	Diff line
		@@ -3129,15 +3129,17 @@ static int tls_decrypt_ticket(SSL s, const unsigned char etick,
		renew_ticket = 1;
		} else {
		/* Check key name matches */
		if (memcmp(etick, tctx->tlsext_tick_key_name, 16)) {
		if (memcmp(etick, tctx->tlsext_tick_key_name,
		sizeof(tctx->tlsext_tick_key_name)) != 0) {
		ret = 2;
		goto err;
		}
		if (HMAC_Init_ex(hctx, tctx->tlsext_tick_hmac_key, 16,
		if (HMAC_Init_ex(hctx, tctx->tlsext_tick_hmac_key,
		sizeof(tctx->tlsext_tick_hmac_key),
		EVP_sha256(), NULL) <= 0
		\|\| EVP_DecryptInit_ex(ctx, EVP_aes_128_cbc(), NULL,
		tctx->tlsext_tick_aes_key,
		etick + 16) <= 0) {
		etick + sizeof(tctx->tlsext_tick_key_name)) <= 0) {
		goto err;
		}
		}