1 /* ssl/s2_enc.c */

     2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)

     3  * All rights reserved.

     4  *

     5  * This package is an SSL implementation written

     6  * by Eric Young (eay@cryptsoft.com).

     7  * The implementation was written so as to conform with Netscapes SSL.

     8  * 

     9  * This library is free for commercial and non-commercial use as long as

    10  * the following conditions are aheared to.  The following conditions

    11  * apply to all code found in this distribution, be it the RC4, RSA,

    12  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation

    13  * included with this distribution is covered by the same copyright terms

    14  * except that the holder is Tim Hudson (tjh@cryptsoft.com).

    15  * 

    16  * Copyright remains Eric Young's, and as such any Copyright notices in

    17  * the code are not to be removed.

    18  * If this package is used in a product, Eric Young should be given attribution

    19  * as the author of the parts of the library used.

    20  * This can be in the form of a textual message at program startup or

    21  * in documentation (online or textual) provided with the package.

    22  * 

    23  * Redistribution and use in source and binary forms, with or without

    24  * modification, are permitted provided that the following conditions

    25  * are met:

    26  * 1. Redistributions of source code must retain the copyright

    27  *    notice, this list of conditions and the following disclaimer.

    28  * 2. Redistributions in binary form must reproduce the above copyright

    29  *    notice, this list of conditions and the following disclaimer in the

    30  *    documentation and/or other materials provided with the distribution.

    31  * 3. All advertising materials mentioning features or use of this software

    32  *    must display the following acknowledgement:

    33  *    "This product includes cryptographic software written by

    34  *     Eric Young (eay@cryptsoft.com)"

    35  *    The word 'cryptographic' can be left out if the rouines from the library

    36  *    being used are not cryptographic related :-).

    37  * 4. If you include any Windows specific code (or a derivative thereof) from 

    38  *    the apps directory (application code) you must include an acknowledgement:

    39  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"

    40  * 

    41  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND

    42  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

    43  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE

    44  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE

    45  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL

    46  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS

    47  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

    48  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT

    49  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY

    50  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF

    51  * SUCH DAMAGE.

    52  * 

    53  * The licence and distribution terms for any publically available version or

    54  * derivative of this code cannot be changed.  i.e. this code cannot simply be

    55  * copied and put under another distribution licence

    56  * [including the GNU Public Licence.]

    57  */

    58 

    59 #include "ssl_locl.h"

    60 #ifndef OPENSSL_NO_SSL2

    61 #include <stdio.h>

    62 

    63 int ssl2_enc_init(SSL *s, int client)

    64 	{

    65 	/* Max number of bytes needed */

    66 	EVP_CIPHER_CTX *rs,*ws;

    67 	const EVP_CIPHER *c;

    68 	const EVP_MD *md;

    69 	int num;

    70 

    71 	if (!ssl_cipher_get_evp(s->session,&c,&md,NULL))

    72 		{

    73 		ssl2_return_error(s,SSL2_PE_NO_CIPHER);

    74 		SSLerr(SSL_F_SSL2_ENC_INIT,SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS);

    75 		return(0);

    76 		}

    77 

    78 	s->read_hash=md;

    79 	s->write_hash=md;

    80 

    81 	if ((s->enc_read_ctx == NULL) &&

    82 		((s->enc_read_ctx=(EVP_CIPHER_CTX *)

    83 		OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL))

    84 		goto err;

    85 

    86 	/* make sure it's intialized in case the malloc for enc_write_ctx fails

    87 	 * and we exit with an error */

    88 	rs= s->enc_read_ctx;

    89 	EVP_CIPHER_CTX_init(rs);

    90 

    91 	if ((s->enc_write_ctx == NULL) &&

    92 		((s->enc_write_ctx=(EVP_CIPHER_CTX *)

    93 		OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL))

    94 		goto err;

    95 

    96 	ws= s->enc_write_ctx;

    97 	EVP_CIPHER_CTX_init(ws);

    98 

    99 	num=c->key_len;

   100 	s->s2->key_material_length=num*2;

   101 	OPENSSL_assert(s->s2->key_material_length <= sizeof s->s2->key_material);

   102 

   103 	if (ssl2_generate_key_material(s) <= 0)

   104 		return 0;

   105 

   106 	OPENSSL_assert(c->iv_len <= (int)sizeof(s->session->key_arg));

   107 	EVP_EncryptInit_ex(ws,c,NULL,&(s->s2->key_material[(client)?num:0]),

   108 		s->session->key_arg);

   109 	EVP_DecryptInit_ex(rs,c,NULL,&(s->s2->key_material[(client)?0:num]),

   110 		s->session->key_arg);

   111 	s->s2->read_key=  &(s->s2->key_material[(client)?0:num]);

   112 	s->s2->write_key= &(s->s2->key_material[(client)?num:0]);

   113 	return(1);

   114 err:

   115 	SSLerr(SSL_F_SSL2_ENC_INIT,ERR_R_MALLOC_FAILURE);

   116 	return(0);

   117 	}

   118 

   119 /* read/writes from s->s2->mac_data using length for encrypt and 

   120  * decrypt.  It sets s->s2->padding and s->[rw]length

   121  * if we are encrypting */

   122 void ssl2_enc(SSL *s, int send)

   123 	{

   124 	EVP_CIPHER_CTX *ds;

   125 	unsigned long l;

   126 	int bs;

   127 

   128 	if (send)

   129 		{

   130 		ds=s->enc_write_ctx;

   131 		l=s->s2->wlength;

   132 		}

   133 	else

   134 		{

   135 		ds=s->enc_read_ctx;

   136 		l=s->s2->rlength;

   137 		}

   138 

   139 	/* check for NULL cipher */

   140 	if (ds == NULL) return;

   141 

   142 

   143 	bs=ds->cipher->block_size;

   144 	/* This should be using (bs-1) and bs instead of 7 and 8, but

   145 	 * what the hell. */

   146 	if (bs == 8)

   147 		l=(l+7)/8*8;

   148 

   149 	EVP_Cipher(ds,s->s2->mac_data,s->s2->mac_data,l);

   150 	}

   151 

   152 void ssl2_mac(SSL *s, unsigned char *md, int send)

   153 	{

   154 	EVP_MD_CTX c;

   155 	unsigned char sequence[4],*p,*sec,*act;

   156 	unsigned long seq;

   157 	unsigned int len;

   158 

   159 	if (send)

   160 		{

   161 		seq=s->s2->write_sequence;

   162 		sec=s->s2->write_key;

   163 		len=s->s2->wact_data_length;

   164 		act=s->s2->wact_data;

   165 		}

   166 	else

   167 		{

   168 		seq=s->s2->read_sequence;

   169 		sec=s->s2->read_key;

   170 		len=s->s2->ract_data_length;

   171 		act=s->s2->ract_data;

   172 		}

   173 

   174 	p= &(sequence[0]);

   175 	l2n(seq,p);

   176 

   177 	/* There has to be a MAC algorithm. */

   178 	EVP_MD_CTX_init(&c);

   179 	EVP_DigestInit_ex(&c, s->read_hash, NULL);

   180 	EVP_DigestUpdate(&c,sec,

   181 		EVP_CIPHER_CTX_key_length(s->enc_read_ctx));

   182 	EVP_DigestUpdate(&c,act,len); 

   183 	/* the above line also does the pad data */

   184 	EVP_DigestUpdate(&c,sequence,4); 

   185 	EVP_DigestFinal_ex(&c,md,NULL);

   186 	EVP_MD_CTX_cleanup(&c);

   187 	}

   188 #else /* !OPENSSL_NO_SSL2 */

   189 

   190 # if PEDANTIC

   191 static void *dummy=&dummy;

   192 # endif

   193 

   194 #endif