summaryrefslogtreecommitdiff
path: root/src/lib/libssl/t1_enc.c
diff options
context:
space:
mode:
authorjsing <>2020-08-30 15:40:20 +0000
committerjsing <>2020-08-30 15:40:20 +0000
commit09997f3d41692022beb138f1e238f51af93a8024 (patch)
tree18ad8015f1e0ba01f043e52b0e4feb24b04656f8 /src/lib/libssl/t1_enc.c
parent3a0362608e329661831d8a0de2005821d2cc1fe0 (diff)
downloadopenbsd-09997f3d41692022beb138f1e238f51af93a8024.tar.gz
openbsd-09997f3d41692022beb138f1e238f51af93a8024.tar.bz2
openbsd-09997f3d41692022beb138f1e238f51af93a8024.zip
Start replacing the existing TLSv1.2 record layer.
This takes the same design/approach used in TLSv1.3 and provides an opaque struct that is self contained and cannot reach back into other layers. For now this just implements/replaces the writing of records for DTLSv1/TLSv1.0/TLSv1.1/TLSv1.2. In doing so we stop copying the plaintext into the same buffer that is used to transmit to the wire. ok inoguchi@ tb@
Diffstat (limited to 'src/lib/libssl/t1_enc.c')
-rw-r--r--src/lib/libssl/t1_enc.c32
1 files changed, 23 insertions, 9 deletions
diff --git a/src/lib/libssl/t1_enc.c b/src/lib/libssl/t1_enc.c
index 2893e1d4dc..a66c82bdca 100644
--- a/src/lib/libssl/t1_enc.c
+++ b/src/lib/libssl/t1_enc.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: t1_enc.c,v 1.122 2020/03/16 15:25:14 tb Exp $ */ 1/* $OpenBSD: t1_enc.c,v 1.123 2020/08/30 15:40:20 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -350,11 +350,17 @@ tls1_change_cipher_state_aead(SSL *s, char is_read, const unsigned char *key,
350 if (!tls1_aead_ctx_init(&s->internal->aead_read_ctx)) 350 if (!tls1_aead_ctx_init(&s->internal->aead_read_ctx))
351 return 0; 351 return 0;
352 aead_ctx = s->internal->aead_read_ctx; 352 aead_ctx = s->internal->aead_read_ctx;
353
354 if (!tls12_record_layer_set_read_aead(s->internal->rl, aead_ctx))
355 return 0;
353 } else { 356 } else {
354 ssl_clear_cipher_write_state(s); 357 ssl_clear_cipher_write_state(s);
355 if (!tls1_aead_ctx_init(&s->internal->aead_write_ctx)) 358 if (!tls1_aead_ctx_init(&s->internal->aead_write_ctx))
356 return 0; 359 return 0;
357 aead_ctx = s->internal->aead_write_ctx; 360 aead_ctx = s->internal->aead_write_ctx;
361
362 if (!tls12_record_layer_set_write_aead(s->internal->rl, aead_ctx))
363 return 0;
358 } 364 }
359 365
360 if (!EVP_AEAD_CTX_init(&aead_ctx->ctx, aead, key, key_len, 366 if (!EVP_AEAD_CTX_init(&aead_ctx->ctx, aead, key, key_len,
@@ -408,14 +414,16 @@ tls1_change_cipher_state_cipher(SSL *s, char is_read,
408 EVP_MD_CTX *mac_ctx; 414 EVP_MD_CTX *mac_ctx;
409 EVP_PKEY *mac_key; 415 EVP_PKEY *mac_key;
410 const EVP_MD *mac; 416 const EVP_MD *mac;
417 int stream_mac;
411 int mac_type; 418 int mac_type;
412 419
413 cipher = S3I(s)->tmp.new_sym_enc; 420 cipher = S3I(s)->tmp.new_sym_enc;
414 mac = S3I(s)->tmp.new_hash; 421 mac = S3I(s)->tmp.new_hash;
415 mac_type = S3I(s)->tmp.new_mac_pkey_type; 422 mac_type = S3I(s)->tmp.new_mac_pkey_type;
423 stream_mac = S3I(s)->hs.new_cipher->algorithm2 & TLS1_STREAM_MAC;
416 424
417 if (is_read) { 425 if (is_read) {
418 if (S3I(s)->hs.new_cipher->algorithm2 & TLS1_STREAM_MAC) 426 if (stream_mac)
419 s->internal->mac_flags |= SSL_MAC_FLAG_READ_MAC_STREAM; 427 s->internal->mac_flags |= SSL_MAC_FLAG_READ_MAC_STREAM;
420 else 428 else
421 s->internal->mac_flags &= ~SSL_MAC_FLAG_READ_MAC_STREAM; 429 s->internal->mac_flags &= ~SSL_MAC_FLAG_READ_MAC_STREAM;
@@ -428,8 +436,12 @@ tls1_change_cipher_state_cipher(SSL *s, char is_read,
428 if ((mac_ctx = EVP_MD_CTX_new()) == NULL) 436 if ((mac_ctx = EVP_MD_CTX_new()) == NULL)
429 goto err; 437 goto err;
430 s->read_hash = mac_ctx; 438 s->read_hash = mac_ctx;
439
440 if (!tls12_record_layer_set_read_cipher_hash(s->internal->rl,
441 cipher_ctx, mac_ctx, stream_mac))
442 goto err;
431 } else { 443 } else {
432 if (S3I(s)->hs.new_cipher->algorithm2 & TLS1_STREAM_MAC) 444 if (stream_mac)
433 s->internal->mac_flags |= SSL_MAC_FLAG_WRITE_MAC_STREAM; 445 s->internal->mac_flags |= SSL_MAC_FLAG_WRITE_MAC_STREAM;
434 else 446 else
435 s->internal->mac_flags &= ~SSL_MAC_FLAG_WRITE_MAC_STREAM; 447 s->internal->mac_flags &= ~SSL_MAC_FLAG_WRITE_MAC_STREAM;
@@ -450,6 +462,10 @@ tls1_change_cipher_state_cipher(SSL *s, char is_read,
450 if ((mac_ctx = EVP_MD_CTX_new()) == NULL) 462 if ((mac_ctx = EVP_MD_CTX_new()) == NULL)
451 goto err; 463 goto err;
452 s->internal->write_hash = mac_ctx; 464 s->internal->write_hash = mac_ctx;
465
466 if (!tls12_record_layer_set_write_cipher_hash(s->internal->rl,
467 cipher_ctx, mac_ctx, stream_mac))
468 goto err;
453 } 469 }
454 470
455 EVP_CipherInit_ex(cipher_ctx, cipher, NULL, key, iv, !is_read); 471 EVP_CipherInit_ex(cipher_ctx, cipher, NULL, key, iv, !is_read);
@@ -677,9 +693,8 @@ tls1_enc(SSL *s, int send)
677 int bs, i, j, k, ret, mac_size = 0; 693 int bs, i, j, k, ret, mac_size = 0;
678 694
679 if (send) { 695 if (send) {
680 aead = s->internal->aead_write_ctx; 696 /* No longer supported. */
681 rec = &S3I(s)->wrec; 697 return -1;
682 seq = S3I(s)->write_sequence;
683 } else { 698 } else {
684 aead = s->internal->aead_read_ctx; 699 aead = s->internal->aead_read_ctx;
685 rec = &S3I(s)->rrec; 700 rec = &S3I(s)->rrec;
@@ -946,9 +961,8 @@ tls1_mac(SSL *ssl, unsigned char *md, int send)
946 int t; 961 int t;
947 962
948 if (send) { 963 if (send) {
949 rec = &(ssl->s3->internal->wrec); 964 /* No longer supported. */
950 seq = &(ssl->s3->internal->write_sequence[0]); 965 return -1;
951 hash = ssl->internal->write_hash;
952 } else { 966 } else {
953 rec = &(ssl->s3->internal->rrec); 967 rec = &(ssl->s3->internal->rrec);
954 seq = &(ssl->s3->internal->read_sequence[0]); 968 seq = &(ssl->s3->internal->read_sequence[0]);
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-16 23:00:50 +0000