diff options
| author | jsing <> | 2014-07-09 11:25:42 +0000 |
|---|---|---|
| committer | jsing <> | 2014-07-09 11:25:42 +0000 |
| commit | c90a1a4bb021e5a2622323df8464bf574d0c4364 (patch) | |
| tree | 604b9084e9f8d9e522922bc0cd6be5e22478e9ee /src/lib/libssl/t1_enc.c | |
| parent | 4afcbff6153d561348af47fa000f298df3693a3c (diff) | |
| download | openbsd-c90a1a4bb021e5a2622323df8464bf574d0c4364.tar.gz openbsd-c90a1a4bb021e5a2622323df8464bf574d0c4364.tar.bz2 openbsd-c90a1a4bb021e5a2622323df8464bf574d0c4364.zip | |
tedu the SSL export cipher handling - since we do not have enabled export
ciphers we no longer need the flags or code to support it.
ok beck@ miod@
Diffstat (limited to 'src/lib/libssl/t1_enc.c')
| -rw-r--r-- | src/lib/libssl/t1_enc.c | 64 |
1 files changed, 1 insertions, 63 deletions
diff --git a/src/lib/libssl/t1_enc.c b/src/lib/libssl/t1_enc.c index 46238dc6c3..26d98522d0 100644 --- a/src/lib/libssl/t1_enc.c +++ b/src/lib/libssl/t1_enc.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: t1_enc.c,v 1.64 2014/07/08 16:05:52 beck Exp $ */ | 1 | /* $OpenBSD: t1_enc.c,v 1.65 2014/07/09 11:25:42 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -375,21 +375,12 @@ tls1_change_cipher_state_cipher(SSL *s, char is_read, char use_client_keys, | |||
| 375 | const unsigned char *key, unsigned int key_len, const unsigned char *iv, | 375 | const unsigned char *key, unsigned int key_len, const unsigned char *iv, |
| 376 | unsigned int iv_len) | 376 | unsigned int iv_len) |
| 377 | { | 377 | { |
| 378 | static const unsigned char empty[] = ""; | ||
| 379 | unsigned char export_tmp1[EVP_MAX_KEY_LENGTH]; | ||
| 380 | unsigned char export_tmp2[EVP_MAX_KEY_LENGTH]; | ||
| 381 | unsigned char export_iv1[EVP_MAX_IV_LENGTH * 2]; | ||
| 382 | unsigned char export_iv2[EVP_MAX_IV_LENGTH * 2]; | ||
| 383 | unsigned char *exp_label; | ||
| 384 | int exp_label_len; | ||
| 385 | EVP_CIPHER_CTX *cipher_ctx; | 378 | EVP_CIPHER_CTX *cipher_ctx; |
| 386 | const EVP_CIPHER *cipher; | 379 | const EVP_CIPHER *cipher; |
| 387 | EVP_MD_CTX *mac_ctx; | 380 | EVP_MD_CTX *mac_ctx; |
| 388 | const EVP_MD *mac; | 381 | const EVP_MD *mac; |
| 389 | int mac_type; | 382 | int mac_type; |
| 390 | int is_export; | ||
| 391 | 383 | ||
| 392 | is_export = SSL_C_IS_EXPORT(s->s3->tmp.new_cipher); | ||
| 393 | cipher = s->s3->tmp.new_sym_enc; | 384 | cipher = s->s3->tmp.new_sym_enc; |
| 394 | mac = s->s3->tmp.new_hash; | 385 | mac = s->s3->tmp.new_hash; |
| 395 | mac_type = s->s3->tmp.new_mac_pkey_type; | 386 | mac_type = s->s3->tmp.new_mac_pkey_type; |
| @@ -438,41 +429,6 @@ tls1_change_cipher_state_cipher(SSL *s, char is_read, char use_client_keys, | |||
| 438 | s->write_hash = mac_ctx; | 429 | s->write_hash = mac_ctx; |
| 439 | } | 430 | } |
| 440 | 431 | ||
| 441 | if (is_export) { | ||
| 442 | /* | ||
| 443 | * Both the read and write key/iv are set to the same value | ||
| 444 | * since only the correct one will be used :-). | ||
| 445 | */ | ||
| 446 | if (use_client_keys) { | ||
| 447 | exp_label = TLS_MD_CLIENT_WRITE_KEY_CONST; | ||
| 448 | exp_label_len = TLS_MD_CLIENT_WRITE_KEY_CONST_SIZE; | ||
| 449 | } else { | ||
| 450 | exp_label = TLS_MD_SERVER_WRITE_KEY_CONST; | ||
| 451 | exp_label_len = TLS_MD_SERVER_WRITE_KEY_CONST_SIZE; | ||
| 452 | } | ||
| 453 | if (!tls1_PRF(ssl_get_algorithm2(s), exp_label, exp_label_len, | ||
| 454 | s->s3->client_random, SSL3_RANDOM_SIZE, | ||
| 455 | s->s3->server_random, SSL3_RANDOM_SIZE, | ||
| 456 | NULL, 0, NULL, 0, key, key_len, export_tmp1, export_tmp2, | ||
| 457 | EVP_CIPHER_key_length(cipher))) | ||
| 458 | goto err2; | ||
| 459 | key = export_tmp1; | ||
| 460 | |||
| 461 | if (iv_len > 0) { | ||
| 462 | if (!tls1_PRF(ssl_get_algorithm2(s), | ||
| 463 | TLS_MD_IV_BLOCK_CONST, TLS_MD_IV_BLOCK_CONST_SIZE, | ||
| 464 | s->s3->client_random, SSL3_RANDOM_SIZE, | ||
| 465 | s->s3->server_random, SSL3_RANDOM_SIZE, | ||
| 466 | NULL, 0, NULL, 0, empty, 0, | ||
| 467 | export_iv1, export_iv2, iv_len * 2)) | ||
| 468 | goto err2; | ||
| 469 | if (use_client_keys) | ||
| 470 | iv = export_iv1; | ||
| 471 | else | ||
| 472 | iv = &(export_iv1[iv_len]); | ||
| 473 | } | ||
| 474 | } | ||
| 475 | |||
| 476 | if (EVP_CIPHER_mode(cipher) == EVP_CIPH_GCM_MODE) { | 432 | if (EVP_CIPHER_mode(cipher) == EVP_CIPH_GCM_MODE) { |
| 477 | EVP_CipherInit_ex(cipher_ctx, cipher, NULL, key, NULL, | 433 | EVP_CipherInit_ex(cipher_ctx, cipher, NULL, key, NULL, |
| 478 | !is_read); | 434 | !is_read); |
| @@ -494,18 +450,10 @@ tls1_change_cipher_state_cipher(SSL *s, char is_read, char use_client_keys, | |||
| 494 | mac_secret_size, (unsigned char *)mac_secret); | 450 | mac_secret_size, (unsigned char *)mac_secret); |
| 495 | } | 451 | } |
| 496 | 452 | ||
| 497 | if (is_export) { | ||
| 498 | OPENSSL_cleanse(export_tmp1, sizeof(export_tmp1)); | ||
| 499 | OPENSSL_cleanse(export_tmp2, sizeof(export_tmp2)); | ||
| 500 | OPENSSL_cleanse(export_iv1, sizeof(export_iv1)); | ||
| 501 | OPENSSL_cleanse(export_iv2, sizeof(export_iv2)); | ||
| 502 | } | ||
| 503 | |||
| 504 | return (1); | 453 | return (1); |
| 505 | 454 | ||
| 506 | err: | 455 | err: |
| 507 | SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE_CIPHER, ERR_R_MALLOC_FAILURE); | 456 | SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE_CIPHER, ERR_R_MALLOC_FAILURE); |
| 508 | err2: | ||
| 509 | return (0); | 457 | return (0); |
| 510 | } | 458 | } |
| 511 | 459 | ||
| @@ -521,13 +469,11 @@ tls1_change_cipher_state(SSL *s, int which) | |||
| 521 | const EVP_CIPHER *cipher; | 469 | const EVP_CIPHER *cipher; |
| 522 | const EVP_AEAD *aead; | 470 | const EVP_AEAD *aead; |
| 523 | char is_read, use_client_keys; | 471 | char is_read, use_client_keys; |
| 524 | int is_export; | ||
| 525 | 472 | ||
| 526 | #ifndef OPENSSL_NO_COMP | 473 | #ifndef OPENSSL_NO_COMP |
| 527 | const SSL_COMP *comp; | 474 | const SSL_COMP *comp; |
| 528 | #endif | 475 | #endif |
| 529 | 476 | ||
| 530 | is_export = SSL_C_IS_EXPORT(s->s3->tmp.new_cipher); | ||
| 531 | cipher = s->s3->tmp.new_sym_enc; | 477 | cipher = s->s3->tmp.new_sym_enc; |
| 532 | aead = s->s3->tmp.new_aead; | 478 | aead = s->s3->tmp.new_aead; |
| 533 | 479 | ||
| @@ -598,10 +544,6 @@ tls1_change_cipher_state(SSL *s, int which) | |||
| 598 | key_len = EVP_CIPHER_key_length(cipher); | 544 | key_len = EVP_CIPHER_key_length(cipher); |
| 599 | iv_len = EVP_CIPHER_iv_length(cipher); | 545 | iv_len = EVP_CIPHER_iv_length(cipher); |
| 600 | 546 | ||
| 601 | if (is_export && | ||
| 602 | key_len > SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher)) | ||
| 603 | key_len = SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher); | ||
| 604 | |||
| 605 | /* If GCM mode only part of IV comes from PRF. */ | 547 | /* If GCM mode only part of IV comes from PRF. */ |
| 606 | if (EVP_CIPHER_mode(cipher) == EVP_CIPH_GCM_MODE) | 548 | if (EVP_CIPHER_mode(cipher) == EVP_CIPH_GCM_MODE) |
| 607 | iv_len = EVP_GCM_TLS_FIXED_IV_LEN; | 549 | iv_len = EVP_GCM_TLS_FIXED_IV_LEN; |
| @@ -700,10 +642,6 @@ tls1_setup_key_block(SSL *s) | |||
| 700 | key_len = EVP_CIPHER_key_length(cipher); | 642 | key_len = EVP_CIPHER_key_length(cipher); |
| 701 | iv_len = EVP_CIPHER_iv_length(cipher); | 643 | iv_len = EVP_CIPHER_iv_length(cipher); |
| 702 | 644 | ||
| 703 | if (SSL_C_IS_EXPORT(s->session->cipher) && | ||
| 704 | key_len > SSL_C_EXPORT_KEYLENGTH(s->session->cipher)) | ||
| 705 | key_len = SSL_C_EXPORT_KEYLENGTH(s->session->cipher); | ||
| 706 | |||
| 707 | /* If GCM mode only part of IV comes from PRF. */ | 645 | /* If GCM mode only part of IV comes from PRF. */ |
| 708 | if (EVP_CIPHER_mode(cipher) == EVP_CIPH_GCM_MODE) | 646 | if (EVP_CIPHER_mode(cipher) == EVP_CIPH_GCM_MODE) |
| 709 | iv_len = EVP_GCM_TLS_FIXED_IV_LEN; | 647 | iv_len = EVP_GCM_TLS_FIXED_IV_LEN; |