summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat (limited to 'dev-libs/openssl/files/openssl-1.1.1a-revert-reduce-stack-usage-in-tls13_hkdf_expand.patch')
-rw-r--r--dev-libs/openssl/files/openssl-1.1.1a-revert-reduce-stack-usage-in-tls13_hkdf_expand.patch56
1 files changed, 56 insertions, 0 deletions
diff --git a/dev-libs/openssl/files/openssl-1.1.1a-revert-reduce-stack-usage-in-tls13_hkdf_expand.patch b/dev-libs/openssl/files/openssl-1.1.1a-revert-reduce-stack-usage-in-tls13_hkdf_expand.patch
new file mode 100644
index 000000000000..5ea4fb97bfce
--- /dev/null
+++ b/dev-libs/openssl/files/openssl-1.1.1a-revert-reduce-stack-usage-in-tls13_hkdf_expand.patch
@@ -0,0 +1,56 @@
+From ed371b8cbac0d0349667558c061c1ae380cf75eb Mon Sep 17 00:00:00 2001
+From: Matt Caswell <matt@openssl.org>
+Date: Mon, 3 Dec 2018 18:14:57 +0000
+Subject: [PATCH] Revert "Reduce stack usage in tls13_hkdf_expand"
+
+This reverts commit ec0c5f5693e39c5a013f81e6dd9dfd09ec65162d.
+
+SSL_export_keying_material() may use longer label lengths.
+
+Fixes #7712
+
+Reviewed-by: Tim Hudson <tjh@openssl.org>
+(Merged from https://github.com/openssl/openssl/pull/7755)
+---
+ ssl/tls13_enc.c | 16 ++++------------
+ 1 file changed, 4 insertions(+), 12 deletions(-)
+
+diff --git a/ssl/tls13_enc.c b/ssl/tls13_enc.c
+index b6825d20c2d..f7ab0fa4704 100644
+--- a/ssl/tls13_enc.c
++++ b/ssl/tls13_enc.c
+@@ -13,14 +13,7 @@
+ #include <openssl/evp.h>
+ #include <openssl/kdf.h>
+
+-/*
+- * RFC 8446, 7.1 Key Schedule, says:
+- * Note: With common hash functions, any label longer than 12 characters
+- * requires an additional iteration of the hash function to compute.
+- * The labels in this specification have all been chosen to fit within
+- * this limit.
+- */
+-#define TLS13_MAX_LABEL_LEN 12
++#define TLS13_MAX_LABEL_LEN 246
+
+ /* Always filled with zeros */
+ static const unsigned char default_zeros[EVP_MAX_MD_SIZE];
+@@ -36,15 +29,14 @@ int tls13_hkdf_expand(SSL *s, const EVP_MD *md, const unsigned char *secret,
+ const unsigned char *data, size_t datalen,
+ unsigned char *out, size_t outlen)
+ {
+- static const unsigned char label_prefix[] = "tls13 ";
++ const unsigned char label_prefix[] = "tls13 ";
+ EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL);
+ int ret;
+ size_t hkdflabellen;
+ size_t hashlen;
+ /*
+- * 2 bytes for length of derived secret + 1 byte for length of combined
+- * prefix and label + bytes for the label itself + 1 byte length of hash
+- * + bytes for the hash itself
++ * 2 bytes for length of whole HkdfLabel + 1 byte for length of combined
++ * prefix and label + bytes for the label itself + bytes for the hash
+ */
+ unsigned char hkdflabel[sizeof(uint16_t) + sizeof(uint8_t) +
+ + sizeof(label_prefix) + TLS13_MAX_LABEL_LEN