1c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org/* ssl/d1_enc.c */ 2c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org/* 3c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * DTLS implementation written by Nagendra Modadugu 4c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. 5c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org */ 6c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org/* ==================================================================== 7c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved. 8c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 9c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * Redistribution and use in source and binary forms, with or without 10c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * modification, are permitted provided that the following conditions 11c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * are met: 12c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 13c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 1. Redistributions of source code must retain the above copyright 14c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * notice, this list of conditions and the following disclaimer. 15c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 16c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 2. Redistributions in binary form must reproduce the above copyright 17c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * notice, this list of conditions and the following disclaimer in 18c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * the documentation and/or other materials provided with the 19c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * distribution. 20c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 21c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 3. All advertising materials mentioning features or use of this 22c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * software must display the following acknowledgment: 23c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * "This product includes software developed by the OpenSSL Project 24c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 25c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 26c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 27c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * endorse or promote products derived from this software without 28c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * prior written permission. For written permission, please contact 29c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * openssl-core@openssl.org. 30c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 31c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 5. Products derived from this software may not be called "OpenSSL" 32c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * nor may "OpenSSL" appear in their names without prior written 33c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * permission of the OpenSSL Project. 34c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 35c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 6. Redistributions of any form whatsoever must retain the following 36c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * acknowledgment: 37c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * "This product includes software developed by the OpenSSL Project 38c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * for use in the OpenSSL Toolkit (http://www.openssl.org/)" 39c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 40c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 41c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 43c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 44c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 45c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 46c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 47c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 49c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 50c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 51c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * OF THE POSSIBILITY OF SUCH DAMAGE. 52c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * ==================================================================== 53c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 54c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * This product includes cryptographic software written by Eric Young 55c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * (eay@cryptsoft.com). This product includes software written by Tim 56c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * Hudson (tjh@cryptsoft.com). 57c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 58c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org */ 59c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 60c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * All rights reserved. 61c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 62c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * This package is an SSL implementation written 63c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * by Eric Young (eay@cryptsoft.com). 64c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * The implementation was written so as to conform with Netscapes SSL. 65c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 66c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * This library is free for commercial and non-commercial use as long as 67c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * the following conditions are aheared to. The following conditions 68c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * apply to all code found in this distribution, be it the RC4, RSA, 69c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * lhash, DES, etc., code; not just the SSL code. The SSL documentation 70c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * included with this distribution is covered by the same copyright terms 71c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * except that the holder is Tim Hudson (tjh@cryptsoft.com). 72c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 73c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * Copyright remains Eric Young's, and as such any Copyright notices in 74c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * the code are not to be removed. 75c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * If this package is used in a product, Eric Young should be given attribution 76c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * as the author of the parts of the library used. 77c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * This can be in the form of a textual message at program startup or 78c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * in documentation (online or textual) provided with the package. 79c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 80c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * Redistribution and use in source and binary forms, with or without 81c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * modification, are permitted provided that the following conditions 82c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * are met: 83c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 1. Redistributions of source code must retain the copyright 84c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * notice, this list of conditions and the following disclaimer. 85c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 2. Redistributions in binary form must reproduce the above copyright 86c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * notice, this list of conditions and the following disclaimer in the 87c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * documentation and/or other materials provided with the distribution. 88c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 3. All advertising materials mentioning features or use of this software 89c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * must display the following acknowledgement: 90c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * "This product includes cryptographic software written by 91c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * Eric Young (eay@cryptsoft.com)" 92c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * The word 'cryptographic' can be left out if the rouines from the library 93c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * being used are not cryptographic related :-). 94c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 4. If you include any Windows specific code (or a derivative thereof) from 95c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * the apps directory (application code) you must include an acknowledgement: 96c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 97c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 98c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 99c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 100c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 101c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 102c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 103c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 104c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 105c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 106c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 107c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 108c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * SUCH DAMAGE. 109c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 110c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * The licence and distribution terms for any publically available version or 111c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * derivative of this code cannot be changed. i.e. this code cannot simply be 112c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * copied and put under another distribution licence 113c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * [including the GNU Public Licence.] 114c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org */ 115c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 116c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#include <stdio.h> 117c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#include "ssl_locl.h" 118c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifndef OPENSSL_NO_COMP 119c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#include <openssl/comp.h> 120c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 121c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#include <openssl/evp.h> 122c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#include <openssl/hmac.h> 123c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#include <openssl/md5.h> 124c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#include <openssl/rand.h> 125c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifdef KSSL_DEBUG 126c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#include <openssl/des.h> 127c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 128c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1297453c6c0666947e06d87565404f4397a4b387f91digit@chromium.org/* dtls1_enc encrypts/decrypts the record in |s->wrec| / |s->rrec|, respectively. 1307453c6c0666947e06d87565404f4397a4b387f91digit@chromium.org * 1317453c6c0666947e06d87565404f4397a4b387f91digit@chromium.org * Returns: 1327453c6c0666947e06d87565404f4397a4b387f91digit@chromium.org * 0: (in non-constant time) if the record is publically invalid (i.e. too 1337453c6c0666947e06d87565404f4397a4b387f91digit@chromium.org * short etc). 1347453c6c0666947e06d87565404f4397a4b387f91digit@chromium.org * 1: if the record's padding is valid / the encryption was successful. 1357453c6c0666947e06d87565404f4397a4b387f91digit@chromium.org * -1: if the record's padding/AEAD-authenticator is invalid or, if sending, 1367453c6c0666947e06d87565404f4397a4b387f91digit@chromium.org * an internal error occured. */ 137c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgint dtls1_enc(SSL *s, int send) 138c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 139c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org SSL3_RECORD *rec; 140c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org EVP_CIPHER_CTX *ds; 141c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org unsigned long l; 1427453c6c0666947e06d87565404f4397a4b387f91digit@chromium.org int bs,i,j,k,mac_size=0; 143c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org const EVP_CIPHER *enc; 144c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 145c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (send) 146c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 147480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (EVP_MD_CTX_md(s->write_hash)) 148480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org { 1497453c6c0666947e06d87565404f4397a4b387f91digit@chromium.org mac_size=EVP_MD_CTX_size(s->write_hash); 1507453c6c0666947e06d87565404f4397a4b387f91digit@chromium.org if (mac_size < 0) 151480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org return -1; 152480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org } 153c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ds=s->enc_write_ctx; 154c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org rec= &(s->s3->wrec); 155c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (s->enc_write_ctx == NULL) 156c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org enc=NULL; 157c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else 158c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 159c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org enc=EVP_CIPHER_CTX_cipher(s->enc_write_ctx); 160c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if ( rec->data != rec->input) 161c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org /* we can't write into the input stream */ 162c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org fprintf(stderr, "%s:%d: rec->data != rec->input\n", 163c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org __FILE__, __LINE__); 164c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if ( EVP_CIPHER_block_size(ds->cipher) > 1) 165c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 166c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (RAND_bytes(rec->input, EVP_CIPHER_block_size(ds->cipher)) <= 0) 167c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org return -1; 168c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 169c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 170c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 171c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else 172c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 173480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (EVP_MD_CTX_md(s->read_hash)) 174480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org { 1757453c6c0666947e06d87565404f4397a4b387f91digit@chromium.org mac_size=EVP_MD_CTX_size(s->read_hash); 1767453c6c0666947e06d87565404f4397a4b387f91digit@chromium.org OPENSSL_assert(mac_size >= 0); 177480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org } 178c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ds=s->enc_read_ctx; 179c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org rec= &(s->s3->rrec); 180c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (s->enc_read_ctx == NULL) 181c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org enc=NULL; 182c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else 183c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org enc=EVP_CIPHER_CTX_cipher(s->enc_read_ctx); 184c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 185c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 186c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifdef KSSL_DEBUG 187c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org printf("dtls1_enc(%d)\n", send); 188c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif /* KSSL_DEBUG */ 189c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 190c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if ((s->session == NULL) || (ds == NULL) || 191c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org (enc == NULL)) 192c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 193c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org memmove(rec->data,rec->input,rec->length); 194c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org rec->input=rec->data; 195c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 196c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else 197c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 198c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org l=rec->length; 199c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org bs=EVP_CIPHER_block_size(ds->cipher); 200c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 201c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if ((bs != 1) && send) 202c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 203c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org i=bs-((int)l%bs); 204c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 205c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org /* Add weird padding of upto 256 bytes */ 206c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 207c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org /* we need to add 'i' padding bytes of value j */ 208c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org j=i-1; 209c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (s->options & SSL_OP_TLS_BLOCK_PADDING_BUG) 210c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 211c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (s->s3->flags & TLS1_FLAGS_TLS_PADDING_BUG) 212c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org j++; 213c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 214c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org for (k=(int)l; k<(int)(l+i); k++) 215c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org rec->input[k]=j; 216c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org l+=i; 217c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org rec->length+=i; 218c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 219c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 220c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifdef KSSL_DEBUG 221c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 222c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org unsigned long ui; 223c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org printf("EVP_Cipher(ds=%p,rec->data=%p,rec->input=%p,l=%ld) ==>\n", 224480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org ds,rec->data,rec->input,l); 225480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org printf("\tEVP_CIPHER_CTX: %d buf_len, %d key_len [%d %d], %d iv_len\n", 226c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ds->buf_len, ds->cipher->key_len, 227480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org DES_KEY_SZ, DES_SCHEDULE_SZ, 228c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ds->cipher->iv_len); 229c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org printf("\t\tIV: "); 230c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org for (i=0; i<ds->cipher->iv_len; i++) printf("%02X", ds->iv[i]); 231c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org printf("\n"); 232c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org printf("\trec->input="); 233c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org for (ui=0; ui<l; ui++) printf(" %02x", rec->input[ui]); 234c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org printf("\n"); 235c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 236c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif /* KSSL_DEBUG */ 237c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 238c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!send) 239c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 240c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (l == 0 || l%bs != 0) 2417453c6c0666947e06d87565404f4397a4b387f91digit@chromium.org return 0; 242c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 243c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 244c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org EVP_Cipher(ds,rec->data,rec->input,l); 245c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 246c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifdef KSSL_DEBUG 247c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 248480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org unsigned long i; 249c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org printf("\trec->data="); 250480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org for (i=0; i<l; i++) 251480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org printf(" %02x", rec->data[i]); printf("\n"); 252c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 253c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif /* KSSL_DEBUG */ 254c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 255c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if ((bs != 1) && !send) 2567453c6c0666947e06d87565404f4397a4b387f91digit@chromium.org return tls1_cbc_remove_padding(s, rec, bs, mac_size); 257c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 258c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org return(1); 259c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 260c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 261