Nuke ssl3_change_cipher_state().

ok "flensing knife"
author: jsing <> 2015-09-11 17:03:03 +0000
committer: jsing <> 2015-09-11 17:03:03 +0000
commit: 8f3e1ab94cc25f58aae0b1a657811b5fbddf802a (patch)
tree: 566335f344d2d45b46306411899ca96eac0c558d /src
parent: 0686d07ac86970fbb47c7a013cee2695bb47bbe7 (diff)
download: openbsd-8f3e1ab94cc25f58aae0b1a657811b5fbddf802a.tar.gz
openbsd-8f3e1ab94cc25f58aae0b1a657811b5fbddf802a.tar.bz2
openbsd-8f3e1ab94cc25f58aae0b1a657811b5fbddf802a.zip
3 files changed, 3 insertions, 113 deletions
diff --git a/src/lib/libssl/src/ssl/s3_enc.c b/src/lib/libssl/src/ssl/s3_enc.c
index ced1083497..14c29e4edd 100644
--- a/src/lib/libssl/src/ssl/s3_enc.c
+++ b/src/lib/libssl/src/ssl/s3_enc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_enc.c,v 1.66 2015/09/11 17:01:19 jsing Exp $ */
+/* $OpenBSD: s3_enc.c,v 1.67 2015/09/11 17:03:03 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -163,114 +163,6 @@ static unsigned char ssl3_pad_2[48] = {
 static int ssl3_handshake_mac(SSL *s, int md_nid, const char *sender,
    int len, unsigned char *p);
-int
-ssl3_change_cipher_state(SSL *s, int which)
-{
-        const unsigned char *client_write_mac_secret, *server_write_mac_secret;
-        const unsigned char *client_write_key, *server_write_key;
-        const unsigned char *client_write_iv, *server_write_iv;
-        const unsigned char *mac_secret, *key, *iv;
-        unsigned char *key_block;
-        int mac_len, key_len, iv_len;
-        char is_read, use_client_keys;
-        EVP_CIPHER_CTX *cipher_ctx;
-        const EVP_CIPHER *cipher;
-        const EVP_MD *mac;
-        cipher = s->s3->tmp.new_sym_enc;
-        mac = s->s3->tmp.new_hash;
-        /* mac == NULL will lead to a crash later */
-        OPENSSL_assert(mac);
-        /*
-         * is_read is true if we have just read a ChangeCipherSpec message,
-         * that is we need to update the read cipherspec. Otherwise we have
-         * just written one.
-         */
-        is_read = (which & SSL3_CC_READ) != 0;
-        /*
-         * use_client_keys is true if we wish to use the keys for the "client
-         * write" direction. This is the case if we're a client sending a
-         * ChangeCipherSpec, or a server reading a client's ChangeCipherSpec.
-         */
-        use_client_keys = ((which == SSL3_CHANGE_CIPHER_CLIENT_WRITE) ||
-            (which == SSL3_CHANGE_CIPHER_SERVER_READ));
-        if (is_read) {
-                EVP_CIPHER_CTX_free(s->enc_read_ctx);
-                s->enc_read_ctx = NULL;
-                if ((cipher_ctx = EVP_CIPHER_CTX_new()) == NULL)
-                        goto err;
-                s->enc_read_ctx = cipher_ctx;
-                if (ssl_replace_hash(&s->read_hash, mac) == NULL)
-                        goto err;
-        } else {
-                EVP_CIPHER_CTX_free(s->enc_write_ctx);
-                s->enc_write_ctx = NULL;
-                if ((cipher_ctx = EVP_CIPHER_CTX_new()) == NULL)
-                        goto err;
-                s->enc_write_ctx = cipher_ctx;
-                if (ssl_replace_hash(&s->write_hash, mac) == NULL)
-                        goto err;
-        }
-        memset(is_read ? s->s3->read_sequence : s->s3->write_sequence,
-            0, SSL3_SEQUENCE_SIZE);
-        mac_len = EVP_MD_size(mac);
-        key_len = EVP_CIPHER_key_length(cipher);
-        iv_len = EVP_CIPHER_iv_length(cipher);
-        if (mac_len < 0)
-                goto err2;
-        key_block = s->s3->tmp.key_block;
-        client_write_mac_secret = key_block;
-        key_block += mac_len;
-        server_write_mac_secret = key_block;
-        key_block += mac_len;
-        client_write_key = key_block;
-        key_block += key_len;
-        server_write_key = key_block;
-        key_block += key_len;
-        client_write_iv = key_block;
-        key_block += iv_len;
-        server_write_iv = key_block;
-        key_block += iv_len;
-        if (use_client_keys) {
-                mac_secret = client_write_mac_secret;
-                key = client_write_key;
-                iv = client_write_iv;
-        } else {
-                mac_secret = server_write_mac_secret;
-                key = server_write_key;
-                iv = server_write_iv;
-        }
-        if (key_block - s->s3->tmp.key_block != s->s3->tmp.key_block_length) {
-                SSLerr(SSL_F_SSL3_CHANGE_CIPHER_STATE, ERR_R_INTERNAL_ERROR);
-                goto err2;
-        }
-        memcpy(is_read ? s->s3->read_mac_secret : s->s3->write_mac_secret,
-            mac_secret, mac_len);
-        EVP_CipherInit_ex(cipher_ctx, cipher, NULL, key, iv, !is_read);
-        return (1);
-err:
-        SSLerr(SSL_F_SSL3_CHANGE_CIPHER_STATE, ERR_R_MALLOC_FAILURE);
-err2:
-        return (0);
-}
 void
 ssl3_cleanup_key_block(SSL *s)
 {
diff --git a/src/lib/libssl/src/ssl/ssl_locl.h b/src/lib/libssl/src/ssl/ssl_locl.h
index ec30c9cb6a..e4c6c45196 100644
--- a/src/lib/libssl/src/ssl/ssl_locl.h
+++ b/src/lib/libssl/src/ssl/ssl_locl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_locl.h,v 1.109 2015/09/11 17:01:19 jsing Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.110 2015/09/11 17:03:03 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -603,7 +603,6 @@ int ssl3_send_newsession_ticket(SSL *s);
 int ssl3_send_cert_status(SSL *s);
 int ssl3_get_finished(SSL *s, int state_a, int state_b);
 int ssl3_send_change_cipher_spec(SSL *s, int state_a, int state_b);
-int ssl3_change_cipher_state(SSL *s, int which);
 void ssl3_cleanup_key_block(SSL *s);
 int ssl3_do_write(SSL *s, int type);
 int ssl3_send_alert(SSL *s, int level, int desc);
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h
index ec30c9cb6a..e4c6c45196 100644
--- a/src/lib/libssl/ssl_locl.h
+++ b/src/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_locl.h,v 1.109 2015/09/11 17:01:19 jsing Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.110 2015/09/11 17:03:03 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -603,7 +603,6 @@ int ssl3_send_newsession_ticket(SSL *s);
 int ssl3_send_cert_status(SSL *s);
 int ssl3_get_finished(SSL *s, int state_a, int state_b);
 int ssl3_send_change_cipher_spec(SSL *s, int state_a, int state_b);
-int ssl3_change_cipher_state(SSL *s, int which);
 void ssl3_cleanup_key_block(SSL *s);
 int ssl3_do_write(SSL *s, int type);
 int ssl3_send_alert(SSL *s, int level, int desc);
author	jsing <>	2015-09-11 17:03:03 +0000
committer	jsing <>	2015-09-11 17:03:03 +0000
commit	8f3e1ab94cc25f58aae0b1a657811b5fbddf802a (patch)
tree	566335f344d2d45b46306411899ca96eac0c558d /src
parent	0686d07ac86970fbb47c7a013cee2695bb47bbe7 (diff)
download	openbsd-8f3e1ab94cc25f58aae0b1a657811b5fbddf802a.tar.gz openbsd-8f3e1ab94cc25f58aae0b1a657811b5fbddf802a.tar.bz2 openbsd-8f3e1ab94cc25f58aae0b1a657811b5fbddf802a.zip

diff --git a/src/lib/libssl/src/ssl/s3_enc.c b/src/lib/libssl/src/ssl/s3_enc.c index ced1083497..14c29e4edd 100644 --- a/src/lib/libssl/src/ssl/s3_enc.c +++ b/src/lib/libssl/src/ssl/s3_enc.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: s3_enc.c,v 1.66 2015/09/11 17:01:19 jsing Exp $ */	1	/* $OpenBSD: s3_enc.c,v 1.67 2015/09/11 17:03:03 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -163,114 +163,6 @@ static unsigned char ssl3_pad_2[48] = {
163	static int ssl3_handshake_mac(SSL s, int md_nid, const char sender,	163	static int ssl3_handshake_mac(SSL s, int md_nid, const char sender,
164	int len, unsigned char *p);	164	int len, unsigned char *p);
165		165
166	int
167	ssl3_change_cipher_state(SSL *s, int which)
168	{
169	const unsigned char client_write_mac_secret, server_write_mac_secret;
170	const unsigned char client_write_key, server_write_key;
171	const unsigned char client_write_iv, server_write_iv;
172	const unsigned char mac_secret, key, *iv;
173	unsigned char *key_block;
174	int mac_len, key_len, iv_len;
175	char is_read, use_client_keys;
176	EVP_CIPHER_CTX *cipher_ctx;
177	const EVP_CIPHER *cipher;
178	const EVP_MD *mac;
179
180
181	cipher = s->s3->tmp.new_sym_enc;
182	mac = s->s3->tmp.new_hash;
183
184	/* mac == NULL will lead to a crash later */
185	OPENSSL_assert(mac);
186
187	/*
188	* is_read is true if we have just read a ChangeCipherSpec message,
189	* that is we need to update the read cipherspec. Otherwise we have
190	* just written one.
191	*/
192	is_read = (which & SSL3_CC_READ) != 0;
193
194	/*
195	* use_client_keys is true if we wish to use the keys for the "client
196	* write" direction. This is the case if we're a client sending a
197	* ChangeCipherSpec, or a server reading a client's ChangeCipherSpec.
198	*/
199	use_client_keys = ((which == SSL3_CHANGE_CIPHER_CLIENT_WRITE) \|\|
200	(which == SSL3_CHANGE_CIPHER_SERVER_READ));
201
202
203	if (is_read) {
204	EVP_CIPHER_CTX_free(s->enc_read_ctx);
205	s->enc_read_ctx = NULL;
206	if ((cipher_ctx = EVP_CIPHER_CTX_new()) == NULL)
207	goto err;
208	s->enc_read_ctx = cipher_ctx;
209
210	if (ssl_replace_hash(&s->read_hash, mac) == NULL)
211	goto err;
212	} else {
213	EVP_CIPHER_CTX_free(s->enc_write_ctx);
214	s->enc_write_ctx = NULL;
215	if ((cipher_ctx = EVP_CIPHER_CTX_new()) == NULL)
216	goto err;
217	s->enc_write_ctx = cipher_ctx;
218
219	if (ssl_replace_hash(&s->write_hash, mac) == NULL)
220	goto err;
221	}
222
223	memset(is_read ? s->s3->read_sequence : s->s3->write_sequence,
224	0, SSL3_SEQUENCE_SIZE);
225
226	mac_len = EVP_MD_size(mac);
227	key_len = EVP_CIPHER_key_length(cipher);
228	iv_len = EVP_CIPHER_iv_length(cipher);
229
230	if (mac_len < 0)
231	goto err2;
232
233	key_block = s->s3->tmp.key_block;
234	client_write_mac_secret = key_block;
235	key_block += mac_len;
236	server_write_mac_secret = key_block;
237	key_block += mac_len;
238	client_write_key = key_block;
239	key_block += key_len;
240	server_write_key = key_block;
241	key_block += key_len;
242	client_write_iv = key_block;
243	key_block += iv_len;
244	server_write_iv = key_block;
245	key_block += iv_len;
246
247	if (use_client_keys) {
248	mac_secret = client_write_mac_secret;
249	key = client_write_key;
250	iv = client_write_iv;
251	} else {
252	mac_secret = server_write_mac_secret;
253	key = server_write_key;
254	iv = server_write_iv;
255	}
256
257	if (key_block - s->s3->tmp.key_block != s->s3->tmp.key_block_length) {
258	SSLerr(SSL_F_SSL3_CHANGE_CIPHER_STATE, ERR_R_INTERNAL_ERROR);
259	goto err2;
260	}
261
262	memcpy(is_read ? s->s3->read_mac_secret : s->s3->write_mac_secret,
263	mac_secret, mac_len);
264
265	EVP_CipherInit_ex(cipher_ctx, cipher, NULL, key, iv, !is_read);
266
267	return (1);
268	err:
269	SSLerr(SSL_F_SSL3_CHANGE_CIPHER_STATE, ERR_R_MALLOC_FAILURE);
270	err2:
271	return (0);
272	}
273
274	void	166	void
275	ssl3_cleanup_key_block(SSL *s)	167	ssl3_cleanup_key_block(SSL *s)
276	{	168	{


diff --git a/src/lib/libssl/src/ssl/ssl_locl.h b/src/lib/libssl/src/ssl/ssl_locl.h index ec30c9cb6a..e4c6c45196 100644 --- a/src/lib/libssl/src/ssl/ssl_locl.h +++ b/src/lib/libssl/src/ssl/ssl_locl.h
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_locl.h,v 1.109 2015/09/11 17:01:19 jsing Exp $ */	1	/* $OpenBSD: ssl_locl.h,v 1.110 2015/09/11 17:03:03 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -603,7 +603,6 @@ int ssl3_send_newsession_ticket(SSL *s);
603	int ssl3_send_cert_status(SSL *s);	603	int ssl3_send_cert_status(SSL *s);
604	int ssl3_get_finished(SSL *s, int state_a, int state_b);	604	int ssl3_get_finished(SSL *s, int state_a, int state_b);
605	int ssl3_send_change_cipher_spec(SSL *s, int state_a, int state_b);	605	int ssl3_send_change_cipher_spec(SSL *s, int state_a, int state_b);
606	int ssl3_change_cipher_state(SSL *s, int which);
607	void ssl3_cleanup_key_block(SSL *s);	606	void ssl3_cleanup_key_block(SSL *s);
608	int ssl3_do_write(SSL *s, int type);	607	int ssl3_do_write(SSL *s, int type);
609	int ssl3_send_alert(SSL *s, int level, int desc);	608	int ssl3_send_alert(SSL *s, int level, int desc);


diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h index ec30c9cb6a..e4c6c45196 100644 --- a/src/lib/libssl/ssl_locl.h +++ b/src/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_locl.h,v 1.109 2015/09/11 17:01:19 jsing Exp $ */	1	/* $OpenBSD: ssl_locl.h,v 1.110 2015/09/11 17:03:03 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -603,7 +603,6 @@ int ssl3_send_newsession_ticket(SSL *s);
603	int ssl3_send_cert_status(SSL *s);	603	int ssl3_send_cert_status(SSL *s);
604	int ssl3_get_finished(SSL *s, int state_a, int state_b);	604	int ssl3_get_finished(SSL *s, int state_a, int state_b);
605	int ssl3_send_change_cipher_spec(SSL *s, int state_a, int state_b);	605	int ssl3_send_change_cipher_spec(SSL *s, int state_a, int state_b);
606	int ssl3_change_cipher_state(SSL *s, int which);
607	void ssl3_cleanup_key_block(SSL *s);	606	void ssl3_cleanup_key_block(SSL *s);
608	int ssl3_do_write(SSL *s, int type);	607	int ssl3_do_write(SSL *s, int type);
609	int ssl3_send_alert(SSL *s, int level, int desc);	608	int ssl3_send_alert(SSL *s, int level, int desc);