diff options
author | jsing <> | 2018-11-08 22:28:52 +0000 |
---|---|---|
committer | jsing <> | 2018-11-08 22:28:52 +0000 |
commit | 3ddaece0e07a9c99e3a1f04d188c5ece7176ee46 (patch) | |
tree | ea0388ba51cbbc63fa62e563b9694fedd9ef0f74 /src/lib/libssl/ssl_clnt.c | |
parent | 638a717c204f5dd9a5b399e3c095815fb6d15124 (diff) | |
download | openbsd-3ddaece0e07a9c99e3a1f04d188c5ece7176ee46.tar.gz openbsd-3ddaece0e07a9c99e3a1f04d188c5ece7176ee46.tar.bz2 openbsd-3ddaece0e07a9c99e3a1f04d188c5ece7176ee46.zip |
Clean up and simplify the handshake transcript code.
This provides a cleaner, simpler and more readable API, with code that uses
a BUF_MEM instead of a BIO.
ok beck@ ("hurry up") and tb@.
Diffstat (limited to 'src/lib/libssl/ssl_clnt.c')
-rw-r--r-- | src/lib/libssl/ssl_clnt.c | 46 |
1 files changed, 16 insertions, 30 deletions
diff --git a/src/lib/libssl/ssl_clnt.c b/src/lib/libssl/ssl_clnt.c index 22e41da953..c2aa7e8190 100644 --- a/src/lib/libssl/ssl_clnt.c +++ b/src/lib/libssl/ssl_clnt.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssl_clnt.c,v 1.36 2018/11/08 20:55:18 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_clnt.c,v 1.37 2018/11/08 22:28:52 jsing Exp $ */ |
2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
3 | * All rights reserved. | 3 | * All rights reserved. |
4 | * | 4 | * |
@@ -244,7 +244,7 @@ ssl3_connect(SSL *s) | |||
244 | /* don't push the buffering BIO quite yet */ | 244 | /* don't push the buffering BIO quite yet */ |
245 | 245 | ||
246 | if (!SSL_IS_DTLS(s)) { | 246 | if (!SSL_IS_DTLS(s)) { |
247 | if (!tls1_init_finished_mac(s)) { | 247 | if (!tls1_transcript_init(s)) { |
248 | ret = -1; | 248 | ret = -1; |
249 | goto end; | 249 | goto end; |
250 | } | 250 | } |
@@ -269,7 +269,7 @@ ssl3_connect(SSL *s) | |||
269 | 269 | ||
270 | if (SSL_IS_DTLS(s)) { | 270 | if (SSL_IS_DTLS(s)) { |
271 | /* every DTLS ClientHello resets Finished MAC */ | 271 | /* every DTLS ClientHello resets Finished MAC */ |
272 | if (!tls1_init_finished_mac(s)) { | 272 | if (!tls1_transcript_init(s)) { |
273 | ret = -1; | 273 | ret = -1; |
274 | goto end; | 274 | goto end; |
275 | } | 275 | } |
@@ -583,7 +583,7 @@ ssl3_connect(SSL *s) | |||
583 | /* clean a few things up */ | 583 | /* clean a few things up */ |
584 | tls1_cleanup_key_block(s); | 584 | tls1_cleanup_key_block(s); |
585 | 585 | ||
586 | if (S3I(s)->handshake_buffer != NULL) { | 586 | if (S3I(s)->handshake_transcript != NULL) { |
587 | SSLerror(s, ERR_R_INTERNAL_ERROR); | 587 | SSLerror(s, ERR_R_INTERNAL_ERROR); |
588 | ret = -1; | 588 | ret = -1; |
589 | goto end; | 589 | goto end; |
@@ -988,11 +988,8 @@ ssl3_get_server_hello(SSL *s) | |||
988 | * client authentication. | 988 | * client authentication. |
989 | */ | 989 | */ |
990 | alg_k = S3I(s)->hs.new_cipher->algorithm_mkey; | 990 | alg_k = S3I(s)->hs.new_cipher->algorithm_mkey; |
991 | if (!(SSL_USE_SIGALGS(s) || (alg_k & SSL_kGOST)) && | 991 | if (!(SSL_USE_SIGALGS(s) || (alg_k & SSL_kGOST))) |
992 | !tls1_digest_cached_records(s)) { | 992 | tls1_transcript_free(s); |
993 | al = SSL_AD_INTERNAL_ERROR; | ||
994 | goto f_err; | ||
995 | } | ||
996 | 993 | ||
997 | if (!CBS_get_u8(&cbs, &compression_method)) | 994 | if (!CBS_get_u8(&cbs, &compression_method)) |
998 | goto truncated; | 995 | goto truncated; |
@@ -1619,10 +1616,7 @@ ssl3_get_certificate_request(SSL *s) | |||
1619 | * If we get here we don't need any cached handshake records | 1616 | * If we get here we don't need any cached handshake records |
1620 | * as we wont be doing client auth. | 1617 | * as we wont be doing client auth. |
1621 | */ | 1618 | */ |
1622 | if (S3I(s)->handshake_buffer) { | 1619 | tls1_transcript_free(s); |
1623 | if (!tls1_digest_cached_records(s)) | ||
1624 | goto err; | ||
1625 | } | ||
1626 | return (1); | 1620 | return (1); |
1627 | } | 1621 | } |
1628 | 1622 | ||
@@ -2372,12 +2366,12 @@ ssl3_send_client_verify(SSL *s) | |||
2372 | unsigned char data[MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH]; | 2366 | unsigned char data[MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH]; |
2373 | unsigned char *signature = NULL; | 2367 | unsigned char *signature = NULL; |
2374 | unsigned int signature_len; | 2368 | unsigned int signature_len; |
2369 | const unsigned char *hdata; | ||
2370 | size_t hdatalen; | ||
2375 | EVP_PKEY_CTX *pctx = NULL; | 2371 | EVP_PKEY_CTX *pctx = NULL; |
2376 | EVP_PKEY *pkey; | 2372 | EVP_PKEY *pkey; |
2377 | EVP_MD_CTX mctx; | 2373 | EVP_MD_CTX mctx; |
2378 | const EVP_MD *md; | 2374 | const EVP_MD *md; |
2379 | long hdatalen; | ||
2380 | void *hdata; | ||
2381 | 2375 | ||
2382 | EVP_MD_CTX_init(&mctx); | 2376 | EVP_MD_CTX_init(&mctx); |
2383 | 2377 | ||
@@ -2404,10 +2398,7 @@ ssl3_send_client_verify(SSL *s) | |||
2404 | goto err; | 2398 | goto err; |
2405 | 2399 | ||
2406 | if (!SSL_USE_SIGALGS(s)) { | 2400 | if (!SSL_USE_SIGALGS(s)) { |
2407 | if (S3I(s)->handshake_buffer) { | 2401 | tls1_transcript_free(s); |
2408 | if (!tls1_digest_cached_records(s)) | ||
2409 | goto err; | ||
2410 | } | ||
2411 | if (!tls1_handshake_hash_value(s, data, sizeof(data), | 2402 | if (!tls1_handshake_hash_value(s, data, sizeof(data), |
2412 | NULL)) | 2403 | NULL)) |
2413 | goto err; | 2404 | goto err; |
@@ -2418,10 +2409,9 @@ ssl3_send_client_verify(SSL *s) | |||
2418 | * using agreed digest and cached handshake records. | 2409 | * using agreed digest and cached handshake records. |
2419 | */ | 2410 | */ |
2420 | if (SSL_USE_SIGALGS(s)) { | 2411 | if (SSL_USE_SIGALGS(s)) { |
2421 | hdatalen = BIO_get_mem_data(S3I(s)->handshake_buffer, | ||
2422 | &hdata); | ||
2423 | md = s->cert->key->digest; | 2412 | md = s->cert->key->digest; |
2424 | if (hdatalen <= 0 || | 2413 | |
2414 | if (!tls1_transcript_data(s, &hdata, &hdatalen) || | ||
2425 | !tls12_get_hashandsig(&cert_verify, pkey, md)) { | 2415 | !tls12_get_hashandsig(&cert_verify, pkey, md)) { |
2426 | SSLerror(s, ERR_R_INTERNAL_ERROR); | 2416 | SSLerror(s, ERR_R_INTERNAL_ERROR); |
2427 | goto err; | 2417 | goto err; |
@@ -2433,8 +2423,7 @@ ssl3_send_client_verify(SSL *s) | |||
2433 | SSLerror(s, ERR_R_EVP_LIB); | 2423 | SSLerror(s, ERR_R_EVP_LIB); |
2434 | goto err; | 2424 | goto err; |
2435 | } | 2425 | } |
2436 | if (!tls1_digest_cached_records(s)) | 2426 | tls1_transcript_free(s); |
2437 | goto err; | ||
2438 | } else if (pkey->type == EVP_PKEY_RSA) { | 2427 | } else if (pkey->type == EVP_PKEY_RSA) { |
2439 | if (RSA_sign(NID_md5_sha1, data, | 2428 | if (RSA_sign(NID_md5_sha1, data, |
2440 | MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH, signature, | 2429 | MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH, signature, |
@@ -2457,8 +2446,7 @@ ssl3_send_client_verify(SSL *s) | |||
2457 | size_t sigsize; | 2446 | size_t sigsize; |
2458 | int nid; | 2447 | int nid; |
2459 | 2448 | ||
2460 | hdatalen = BIO_get_mem_data(S3I(s)->handshake_buffer, &hdata); | 2449 | if (!tls1_transcript_data(s, &hdata, &hdatalen)) { |
2461 | if (hdatalen <= 0) { | ||
2462 | SSLerror(s, ERR_R_INTERNAL_ERROR); | 2450 | SSLerror(s, ERR_R_INTERNAL_ERROR); |
2463 | goto err; | 2451 | goto err; |
2464 | } | 2452 | } |
@@ -2482,8 +2470,7 @@ ssl3_send_client_verify(SSL *s) | |||
2482 | if (sigsize > UINT_MAX) | 2470 | if (sigsize > UINT_MAX) |
2483 | goto err; | 2471 | goto err; |
2484 | signature_len = sigsize; | 2472 | signature_len = sigsize; |
2485 | if (!tls1_digest_cached_records(s)) | 2473 | tls1_transcript_free(s); |
2486 | goto err; | ||
2487 | #endif | 2474 | #endif |
2488 | } else { | 2475 | } else { |
2489 | SSLerror(s, ERR_R_INTERNAL_ERROR); | 2476 | SSLerror(s, ERR_R_INTERNAL_ERROR); |
@@ -2563,8 +2550,7 @@ ssl3_send_client_certificate(SSL *s) | |||
2563 | S3I(s)->tmp.cert_req = 2; | 2550 | S3I(s)->tmp.cert_req = 2; |
2564 | 2551 | ||
2565 | /* There is no client certificate to verify. */ | 2552 | /* There is no client certificate to verify. */ |
2566 | if (!tls1_digest_cached_records(s)) | 2553 | tls1_transcript_free(s); |
2567 | goto err; | ||
2568 | } | 2554 | } |
2569 | 2555 | ||
2570 | /* Ok, we have a cert */ | 2556 | /* Ok, we have a cert */ |