session tickets: Use sizeof() for the various fields Signed-off-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Matt Caswell <matt@openssl.org> GH: #515, MR: #2153
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index eaf6ee2..6f9b23b 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c
@@ -3395,20 +3395,32 @@ case SSL_CTRL_GET_TLSEXT_TICKET_KEYS: { unsigned char *keys = parg; + long tlsext_tick_keylen = (sizeof(ctx->tlsext_tick_key_name) + + sizeof(ctx->tlsext_tick_hmac_key) + (ctx->tlsext_tick_aes_key)); if (!keys) - return 48; - if (larg != 48) { + return tlsext_tick_keylen; + if (larg != tlsext_tick_keylen) { SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_TICKET_KEYS_LENGTH); return 0; } if (cmd == SSL_CTRL_SET_TLSEXT_TICKET_KEYS) { - memcpy(ctx->tlsext_tick_key_name, keys, 16); - memcpy(ctx->tlsext_tick_hmac_key, keys + 16, 16); - memcpy(ctx->tlsext_tick_aes_key, keys + 32, 16); + memcpy(ctx->tlsext_tick_key_name, keys, + sizeof(ctx->tlsext_tick_key_name)); + memcpy(ctx->tlsext_tick_hmac_key, + keys + sizeof(ctx->tlsext_tick_key_name), + sizeof(ctx->tlsext_tick_hmac_key)); + memcpy(ctx->tlsext_tick_aes_key, + keys + sizeof(ctx->tlsext_tick_key_name) + sizeof(ctx->tlsext_tick_hmac_key), + sizeof(ctx->tlsext_tick_aes_key)); } else { - memcpy(keys, ctx->tlsext_tick_key_name, 16); - memcpy(keys + 16, ctx->tlsext_tick_hmac_key, 16); - memcpy(keys + 32, ctx->tlsext_tick_aes_key, 16); + memcpy(keys, ctx->tlsext_tick_key_name, + sizeof(ctx->tlsext_tick_key_name)); + memcpy(keys + sizeof(ctx->tlsext_tick_key_name), + ctx->tlsext_tick_hmac_key, + sizeof(ctx->tlsext_tick_hmac_key)); + memcpy(keys + sizeof(ctx->tlsext_tick_key_name) + sizeof(ctx->tlsext_tick_hmac_key), + ctx->tlsext_tick_aes_key, + sizeof(ctx->tlsext_tick_aes_key)); } return 1; }
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 471779b..2c5548d 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c
@@ -2461,10 +2461,10 @@ ret->max_send_fragment = SSL3_RT_MAX_PLAIN_LENGTH; ret->split_send_fragment = SSL3_RT_MAX_PLAIN_LENGTH; - /* Setup RFC4507 ticket keys */ - if ((RAND_bytes(ret->tlsext_tick_key_name, 16) <= 0) - || (RAND_bytes(ret->tlsext_tick_hmac_key, 16) <= 0) - || (RAND_bytes(ret->tlsext_tick_aes_key, 16) <= 0)) + /* Setup RFC5077 ticket keys */ + if ((RAND_bytes(ret->tlsext_tick_key_name, sizeof(ret->tlsext_tick_key_name)) <= 0) + || (RAND_bytes(ret->tlsext_tick_hmac_key, sizeof(ret->tlsext_tick_hmac_key)) <= 0) + || (RAND_bytes(ret->tlsext_tick_aes_key, sizeof(ret->tlsext_tick_aes_key)) <= 0)) ret->options |= SSL_OP_NO_TICKET; #ifndef OPENSSL_NO_SRP
diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c index 90b9d2d..c8c68dc 100644 --- a/ssl/statem/statem_srvr.c +++ b/ssl/statem/statem_srvr.c
@@ -3051,10 +3051,12 @@ if (!EVP_EncryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, tctx->tlsext_tick_aes_key, iv)) goto err; - if (!HMAC_Init_ex(hctx, tctx->tlsext_tick_hmac_key, 16, + if (!HMAC_Init_ex(hctx, tctx->tlsext_tick_hmac_key, + sizeof(tctx->tlsext_tick_hmac_key), EVP_sha256(), NULL)) goto err; - memcpy(key_name, tctx->tlsext_tick_key_name, 16); + memcpy(key_name, tctx->tlsext_tick_key_name, + sizeof(tctx->tlsext_tick_key_name)); } /*
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 3082a59..996a132 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c
@@ -3129,15 +3129,17 @@ renew_ticket = 1; } else { /* Check key name matches */ - if (memcmp(etick, tctx->tlsext_tick_key_name, 16)) { + if (memcmp(etick, tctx->tlsext_tick_key_name, + sizeof(tctx->tlsext_tick_key_name)) != 0) { ret = 2; goto err; } - if (HMAC_Init_ex(hctx, tctx->tlsext_tick_hmac_key, 16, + if (HMAC_Init_ex(hctx, tctx->tlsext_tick_hmac_key, + sizeof(tctx->tlsext_tick_hmac_key), EVP_sha256(), NULL) <= 0 || EVP_DecryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, tctx->tlsext_tick_aes_key, - etick + 16) <= 0) { + etick + sizeof(tctx->tlsext_tick_key_name)) <= 0) { goto err; } }