1/*
2 * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10#include <openssl/crypto.h>
11#include <openssl/opensslconf.h>
12
13#include <openssl/opensslv.h>
14#include <openssl/evp.h>
15#include <openssl/sha.h>
16
17/* The implementation is in ../md32_common.h */
18
19#include "sha_local.h"
20#include "crypto/sha.h"
21
22int sha1_ctrl(SHA_CTX *sha1, int cmd, int mslen, void *ms)
23{
24 unsigned char padtmp[40];
25 unsigned char sha1tmp[SHA_DIGEST_LENGTH];
26
27 if (cmd != EVP_CTRL_SSL3_MASTER_SECRET)
28 return -2;
29
30 if (sha1 == NULL)
31 return 0;
32
33 /* SSLv3 client auth handling: see RFC-6101 5.6.8 */
34 if (mslen != 48)
35 return 0;
36
37 /* At this point hash contains all handshake messages, update
38 * with master secret and pad_1.
39 */
40
41 if (SHA1_Update(sha1, ms, mslen) <= 0)
42 return 0;
43
44 /* Set padtmp to pad_1 value */
45 memset(padtmp, 0x36, sizeof(padtmp));
46
47 if (!SHA1_Update(sha1, padtmp, sizeof(padtmp)))
48 return 0;
49
50 if (!SHA1_Final(sha1tmp, sha1))
51 return 0;
52
53 /* Reinitialise context */
54
55 if (!SHA1_Init(sha1))
56 return 0;
57
58 if (SHA1_Update(sha1, ms, mslen) <= 0)
59 return 0;
60
61 /* Set padtmp to pad_2 value */
62 memset(padtmp, 0x5c, sizeof(padtmp));
63
64 if (!SHA1_Update(sha1, padtmp, sizeof(padtmp)))
65 return 0;
66
67 if (!SHA1_Update(sha1, sha1tmp, sizeof(sha1tmp)))
68 return 0;
69
70 /* Now when ctx is finalised it will return the SSL v3 hash value */
71 OPENSSL_cleanse(sha1tmp, sizeof(sha1tmp));
72
73 return 1;
74}
75