summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/lib/libssl/d1_clnt.c10
-rw-r--r--src/lib/libssl/d1_lib.c15
-rw-r--r--src/lib/libssl/d1_pkt.c6
-rw-r--r--src/lib/libssl/d1_srvr.c14
-rw-r--r--src/lib/libssl/ssl_both.c18
-rw-r--r--src/lib/libssl/ssl_clnt.c24
-rw-r--r--src/lib/libssl/ssl_lib.c4
-rw-r--r--src/lib/libssl/ssl_locl.h22
-rw-r--r--src/lib/libssl/ssl_pkt.c22
-rw-r--r--src/lib/libssl/ssl_srvr.c22
-rw-r--r--src/lib/libssl/t1_lib.c41
11 files changed, 63 insertions, 135 deletions
diff --git a/src/lib/libssl/d1_clnt.c b/src/lib/libssl/d1_clnt.c
index 5f8b56ebed..c0f90dce6f 100644
--- a/src/lib/libssl/d1_clnt.c
+++ b/src/lib/libssl/d1_clnt.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: d1_clnt.c,v 1.70 2017/01/26 05:31:25 jsing Exp $ */ 1/* $OpenBSD: d1_clnt.c,v 1.71 2017/01/26 06:32:58 jsing Exp $ */
2/* 2/*
3 * DTLS implementation written by Nagendra Modadugu 3 * DTLS implementation written by Nagendra Modadugu
4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. 4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -437,12 +437,12 @@ dtls1_connect(SSL *s)
437 s->internal->init_num = 0; 437 s->internal->init_num = 0;
438 438
439 s->session->cipher = S3I(s)->tmp.new_cipher; 439 s->session->cipher = S3I(s)->tmp.new_cipher;
440 if (!s->method->internal->ssl3_enc->setup_key_block(s)) { 440 if (!tls1_setup_key_block(s)) {
441 ret = -1; 441 ret = -1;
442 goto end; 442 goto end;
443 } 443 }
444 444
445 if (!s->method->internal->ssl3_enc->change_cipher_state(s, 445 if (!tls1_change_cipher_state(s,
446 SSL3_CHANGE_CIPHER_CLIENT_WRITE)) { 446 SSL3_CHANGE_CIPHER_CLIENT_WRITE)) {
447 ret = -1; 447 ret = -1;
448 goto end; 448 goto end;
@@ -458,8 +458,8 @@ dtls1_connect(SSL *s)
458 dtls1_start_timer(s); 458 dtls1_start_timer(s);
459 ret = ssl3_send_finished(s, 459 ret = ssl3_send_finished(s,
460 SSL3_ST_CW_FINISHED_A, SSL3_ST_CW_FINISHED_B, 460 SSL3_ST_CW_FINISHED_A, SSL3_ST_CW_FINISHED_B,
461 s->method->internal->ssl3_enc->client_finished_label, 461 TLS_MD_CLIENT_FINISH_CONST,
462 s->method->internal->ssl3_enc->client_finished_label_len); 462 TLS_MD_CLIENT_FINISH_CONST_SIZE);
463 if (ret <= 0) 463 if (ret <= 0)
464 goto end; 464 goto end;
465 s->internal->state = SSL3_ST_CW_FLUSH; 465 s->internal->state = SSL3_ST_CW_FLUSH;
diff --git a/src/lib/libssl/d1_lib.c b/src/lib/libssl/d1_lib.c
index e4805a1efa..e193d4ab81 100644
--- a/src/lib/libssl/d1_lib.c
+++ b/src/lib/libssl/d1_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: d1_lib.c,v 1.38 2017/01/25 06:38:01 jsing Exp $ */ 1/* $OpenBSD: d1_lib.c,v 1.39 2017/01/26 06:32:58 jsing Exp $ */
2/* 2/*
3 * DTLS implementation written by Nagendra Modadugu 3 * DTLS implementation written by Nagendra Modadugu
4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. 4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -74,19 +74,6 @@ static int dtls1_listen(SSL *s, struct sockaddr *client);
74 74
75SSL3_ENC_METHOD DTLSv1_enc_data = { 75SSL3_ENC_METHOD DTLSv1_enc_data = {
76 .enc = dtls1_enc, 76 .enc = dtls1_enc,
77 .mac = tls1_mac,
78 .setup_key_block = tls1_setup_key_block,
79 .generate_master_secret = tls1_generate_master_secret,
80 .change_cipher_state = tls1_change_cipher_state,
81 .final_finish_mac = tls1_final_finish_mac,
82 .finish_mac_length = TLS1_FINISH_MAC_LENGTH,
83 .cert_verify_mac = tls1_cert_verify_mac,
84 .client_finished_label = TLS_MD_CLIENT_FINISH_CONST,
85 .client_finished_label_len = TLS_MD_CLIENT_FINISH_CONST_SIZE,
86 .server_finished_label = TLS_MD_SERVER_FINISH_CONST,
87 .server_finished_label_len = TLS_MD_SERVER_FINISH_CONST_SIZE,
88 .alert_value = tls1_alert_code,
89 .export_keying_material = tls1_export_keying_material,
90 .enc_flags = SSL_ENC_FLAG_EXPLICIT_IV, 77 .enc_flags = SSL_ENC_FLAG_EXPLICIT_IV,
91}; 78};
92 79
diff --git a/src/lib/libssl/d1_pkt.c b/src/lib/libssl/d1_pkt.c
index 19853d2375..3ea02700b5 100644
--- a/src/lib/libssl/d1_pkt.c
+++ b/src/lib/libssl/d1_pkt.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: d1_pkt.c,v 1.59 2017/01/25 06:13:02 jsing Exp $ */ 1/* $OpenBSD: d1_pkt.c,v 1.60 2017/01/26 06:32:58 jsing Exp $ */
2/* 2/*
3 * DTLS implementation written by Nagendra Modadugu 3 * DTLS implementation written by Nagendra Modadugu
4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. 4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -417,7 +417,7 @@ dtls1_process_record(SSL *s)
417 mac = &rr->data[rr->length]; 417 mac = &rr->data[rr->length];
418 } 418 }
419 419
420 i = s->method->internal->ssl3_enc->mac(s, md, 0 /* not send */); 420 i = tls1_mac(s, md, 0 /* not send */);
421 if (i < 0 || mac == NULL || timingsafe_memcmp(md, mac, (size_t)mac_size) != 0) 421 if (i < 0 || mac == NULL || timingsafe_memcmp(md, mac, (size_t)mac_size) != 0)
422 enc_err = -1; 422 enc_err = -1;
423 if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH + mac_size) 423 if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH + mac_size)
@@ -1272,7 +1272,7 @@ do_dtls1_write(SSL *s, int type, const unsigned char *buf, unsigned int len)
1272 * wr->data still points in the wb->buf */ 1272 * wr->data still points in the wb->buf */
1273 1273
1274 if (mac_size != 0) { 1274 if (mac_size != 0) {
1275 if (s->method->internal->ssl3_enc->mac(s, &(p[wr->length + bs]), 1) < 0) 1275 if (tls1_mac(s, &(p[wr->length + bs]), 1) < 0)
1276 goto err; 1276 goto err;
1277 wr->length += mac_size; 1277 wr->length += mac_size;
1278 } 1278 }
diff --git a/src/lib/libssl/d1_srvr.c b/src/lib/libssl/d1_srvr.c
index 1be0e4b596..f36d3f40cd 100644
--- a/src/lib/libssl/d1_srvr.c
+++ b/src/lib/libssl/d1_srvr.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: d1_srvr.c,v 1.80 2017/01/26 05:31:25 jsing Exp $ */ 1/* $OpenBSD: d1_srvr.c,v 1.81 2017/01/26 06:32:58 jsing Exp $ */
2/* 2/*
3 * DTLS implementation written by Nagendra Modadugu 3 * DTLS implementation written by Nagendra Modadugu
4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. 4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -522,9 +522,9 @@ dtls1_accept(SSL *s)
522 522
523 /* We need to get hashes here so if there is 523 /* We need to get hashes here so if there is
524 * a client cert, it can be verified */ 524 * a client cert, it can be verified */
525 s->method->internal->ssl3_enc->cert_verify_mac(s, 525 tls1_cert_verify_mac(s,
526 NID_md5, &(S3I(s)->tmp.cert_verify_md[0])); 526 NID_md5, &(S3I(s)->tmp.cert_verify_md[0]));
527 s->method->internal->ssl3_enc->cert_verify_mac(s, 527 tls1_cert_verify_mac(s,
528 NID_sha1, 528 NID_sha1,
529 &(S3I(s)->tmp.cert_verify_md[MD5_DIGEST_LENGTH])); 529 &(S3I(s)->tmp.cert_verify_md[MD5_DIGEST_LENGTH]));
530 } 530 }
@@ -582,7 +582,7 @@ dtls1_accept(SSL *s)
582 case SSL3_ST_SW_CHANGE_B: 582 case SSL3_ST_SW_CHANGE_B:
583 583
584 s->session->cipher = S3I(s)->tmp.new_cipher; 584 s->session->cipher = S3I(s)->tmp.new_cipher;
585 if (!s->method->internal->ssl3_enc->setup_key_block(s)) { 585 if (!tls1_setup_key_block(s)) {
586 ret = -1; 586 ret = -1;
587 goto end; 587 goto end;
588 } 588 }
@@ -597,7 +597,7 @@ dtls1_accept(SSL *s)
597 s->internal->state = SSL3_ST_SW_FINISHED_A; 597 s->internal->state = SSL3_ST_SW_FINISHED_A;
598 s->internal->init_num = 0; 598 s->internal->init_num = 0;
599 599
600 if (!s->method->internal->ssl3_enc->change_cipher_state(s, 600 if (!tls1_change_cipher_state(s,
601 SSL3_CHANGE_CIPHER_SERVER_WRITE)) { 601 SSL3_CHANGE_CIPHER_SERVER_WRITE)) {
602 ret = -1; 602 ret = -1;
603 goto end; 603 goto end;
@@ -610,8 +610,8 @@ dtls1_accept(SSL *s)
610 case SSL3_ST_SW_FINISHED_B: 610 case SSL3_ST_SW_FINISHED_B:
611 ret = ssl3_send_finished(s, 611 ret = ssl3_send_finished(s,
612 SSL3_ST_SW_FINISHED_A, SSL3_ST_SW_FINISHED_B, 612 SSL3_ST_SW_FINISHED_A, SSL3_ST_SW_FINISHED_B,
613 s->method->internal->ssl3_enc->server_finished_label, 613 TLS_MD_SERVER_FINISH_CONST,
614 s->method->internal->ssl3_enc->server_finished_label_len); 614 TLS_MD_SERVER_FINISH_CONST_SIZE);
615 if (ret <= 0) 615 if (ret <= 0)
616 goto end; 616 goto end;
617 s->internal->state = SSL3_ST_SW_FLUSH; 617 s->internal->state = SSL3_ST_SW_FLUSH;
diff --git a/src/lib/libssl/ssl_both.c b/src/lib/libssl/ssl_both.c
index e556e336ed..9d0dadef83 100644
--- a/src/lib/libssl/ssl_both.c
+++ b/src/lib/libssl/ssl_both.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_both.c,v 1.1 2017/01/26 05:51:54 jsing Exp $ */ 1/* $OpenBSD: ssl_both.c,v 1.2 2017/01/26 06:32:58 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -170,10 +170,10 @@ ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen)
170 int md_len; 170 int md_len;
171 171
172 if (s->internal->state == a) { 172 if (s->internal->state == a) {
173 md_len = s->method->internal->ssl3_enc->finish_mac_length; 173 md_len = TLS1_FINISH_MAC_LENGTH;
174 OPENSSL_assert(md_len <= EVP_MAX_MD_SIZE); 174 OPENSSL_assert(md_len <= EVP_MAX_MD_SIZE);
175 175
176 if (s->method->internal->ssl3_enc->final_finish_mac(s, sender, slen, 176 if (tls1_final_finish_mac(s, sender, slen,
177 S3I(s)->tmp.finish_md) != md_len) 177 S3I(s)->tmp.finish_md) != md_len)
178 return (0); 178 return (0);
179 S3I(s)->tmp.finish_md_len = md_len; 179 S3I(s)->tmp.finish_md_len = md_len;
@@ -217,15 +217,15 @@ ssl3_take_mac(SSL *s)
217 return; 217 return;
218 218
219 if (s->internal->state & SSL_ST_CONNECT) { 219 if (s->internal->state & SSL_ST_CONNECT) {
220 sender = s->method->internal->ssl3_enc->server_finished_label; 220 sender = TLS_MD_SERVER_FINISH_CONST;
221 slen = s->method->internal->ssl3_enc->server_finished_label_len; 221 slen = TLS_MD_SERVER_FINISH_CONST_SIZE;
222 } else { 222 } else {
223 sender = s->method->internal->ssl3_enc->client_finished_label; 223 sender = TLS_MD_CLIENT_FINISH_CONST;
224 slen = s->method->internal->ssl3_enc->client_finished_label_len; 224 slen = TLS_MD_CLIENT_FINISH_CONST_SIZE;
225 } 225 }
226 226
227 S3I(s)->tmp.peer_finish_md_len = 227 S3I(s)->tmp.peer_finish_md_len =
228 s->method->internal->ssl3_enc->final_finish_mac(s, sender, slen, 228 tls1_final_finish_mac(s, sender, slen,
229 S3I(s)->tmp.peer_finish_md); 229 S3I(s)->tmp.peer_finish_md);
230} 230}
231 231
@@ -249,7 +249,7 @@ ssl3_get_finished(SSL *s, int a, int b)
249 } 249 }
250 S3I(s)->change_cipher_spec = 0; 250 S3I(s)->change_cipher_spec = 0;
251 251
252 md_len = s->method->internal->ssl3_enc->finish_mac_length; 252 md_len = TLS1_FINISH_MAC_LENGTH;
253 253
254 if (n < 0) { 254 if (n < 0) {
255 al = SSL_AD_DECODE_ERROR; 255 al = SSL_AD_DECODE_ERROR;
diff --git a/src/lib/libssl/ssl_clnt.c b/src/lib/libssl/ssl_clnt.c
index e7c78b139b..f7bbca0d78 100644
--- a/src/lib/libssl/ssl_clnt.c
+++ b/src/lib/libssl/ssl_clnt.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_clnt.c,v 1.1 2017/01/26 05:51:54 jsing Exp $ */ 1/* $OpenBSD: ssl_clnt.c,v 1.2 2017/01/26 06:32:58 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -419,12 +419,12 @@ ssl3_connect(SSL *s)
419 s->internal->init_num = 0; 419 s->internal->init_num = 0;
420 420
421 s->session->cipher = S3I(s)->tmp.new_cipher; 421 s->session->cipher = S3I(s)->tmp.new_cipher;
422 if (!s->method->internal->ssl3_enc->setup_key_block(s)) { 422 if (!tls1_setup_key_block(s)) {
423 ret = -1; 423 ret = -1;
424 goto end; 424 goto end;
425 } 425 }
426 426
427 if (!s->method->internal->ssl3_enc->change_cipher_state(s, 427 if (!tls1_change_cipher_state(s,
428 SSL3_CHANGE_CIPHER_CLIENT_WRITE)) { 428 SSL3_CHANGE_CIPHER_CLIENT_WRITE)) {
429 ret = -1; 429 ret = -1;
430 goto end; 430 goto end;
@@ -444,8 +444,8 @@ ssl3_connect(SSL *s)
444 case SSL3_ST_CW_FINISHED_B: 444 case SSL3_ST_CW_FINISHED_B:
445 ret = ssl3_send_finished(s, SSL3_ST_CW_FINISHED_A, 445 ret = ssl3_send_finished(s, SSL3_ST_CW_FINISHED_A,
446 SSL3_ST_CW_FINISHED_B, 446 SSL3_ST_CW_FINISHED_B,
447 s->method->internal->ssl3_enc->client_finished_label, 447 TLS_MD_CLIENT_FINISH_CONST,
448 s->method->internal->ssl3_enc->client_finished_label_len); 448 TLS_MD_CLIENT_FINISH_CONST_SIZE);
449 if (ret <= 0) 449 if (ret <= 0)
450 goto end; 450 goto end;
451 s->s3->flags |= SSL3_FLAGS_CCS_OK; 451 s->s3->flags |= SSL3_FLAGS_CCS_OK;
@@ -2005,7 +2005,7 @@ ssl3_send_client_kex_rsa(SSL *s, SESS_CERT *sess_cert, CBB *cbb)
2005 goto err; 2005 goto err;
2006 2006
2007 s->session->master_key_length = 2007 s->session->master_key_length =
2008 s->method->internal->ssl3_enc->generate_master_secret(s, 2008 tls1_generate_master_secret(s,
2009 s->session->master_key, pms, sizeof(pms)); 2009 s->session->master_key, pms, sizeof(pms));
2010 2010
2011 ret = 1; 2011 ret = 1;
@@ -2060,7 +2060,7 @@ ssl3_send_client_kex_dhe(SSL *s, SESS_CERT *sess_cert, CBB *cbb)
2060 2060
2061 /* Generate master key from the result. */ 2061 /* Generate master key from the result. */
2062 s->session->master_key_length = 2062 s->session->master_key_length =
2063 s->method->internal->ssl3_enc->generate_master_secret(s, 2063 tls1_generate_master_secret(s,
2064 s->session->master_key, key, key_len); 2064 s->session->master_key, key, key_len);
2065 2065
2066 if (!CBB_add_u16_length_prefixed(cbb, &dh_Yc)) 2066 if (!CBB_add_u16_length_prefixed(cbb, &dh_Yc))
@@ -2135,7 +2135,7 @@ ssl3_send_client_kex_ecdhe_ecp(SSL *s, SESS_CERT *sc, CBB *cbb)
2135 2135
2136 /* Generate master key from the result. */ 2136 /* Generate master key from the result. */
2137 s->session->master_key_length = 2137 s->session->master_key_length =
2138 s->method->internal->ssl3_enc->generate_master_secret(s, 2138 tls1_generate_master_secret(s,
2139 s->session->master_key, key, key_len); 2139 s->session->master_key, key, key_len);
2140 2140
2141 encoded_len = EC_POINT_point2oct(group, EC_KEY_get0_public_key(ecdh), 2141 encoded_len = EC_POINT_point2oct(group, EC_KEY_get0_public_key(ecdh),
@@ -2204,7 +2204,7 @@ ssl3_send_client_kex_ecdhe_ecx(SSL *s, SESS_CERT *sc, CBB *cbb)
2204 2204
2205 /* Generate master key from the result. */ 2205 /* Generate master key from the result. */
2206 s->session->master_key_length = 2206 s->session->master_key_length =
2207 s->method->internal->ssl3_enc->generate_master_secret(s, 2207 tls1_generate_master_secret(s,
2208 s->session->master_key, shared_key, X25519_KEY_LENGTH); 2208 s->session->master_key, shared_key, X25519_KEY_LENGTH);
2209 2209
2210 ret = 1; 2210 ret = 1;
@@ -2344,7 +2344,7 @@ ssl3_send_client_kex_gost(SSL *s, SESS_CERT *sess_cert, CBB *cbb)
2344 } 2344 }
2345 EVP_PKEY_CTX_free(pkey_ctx); 2345 EVP_PKEY_CTX_free(pkey_ctx);
2346 s->session->master_key_length = 2346 s->session->master_key_length =
2347 s->method->internal->ssl3_enc->generate_master_secret(s, 2347 tls1_generate_master_secret(s,
2348 s->session->master_key, premaster_secret, 32); 2348 s->session->master_key, premaster_secret, 32);
2349 2349
2350 ret = 1; 2350 ret = 1;
@@ -2441,7 +2441,7 @@ ssl3_send_client_verify(SSL *s)
2441 EVP_PKEY_sign_init(pctx); 2441 EVP_PKEY_sign_init(pctx);
2442 if (EVP_PKEY_CTX_set_signature_md(pctx, EVP_sha1()) > 0) { 2442 if (EVP_PKEY_CTX_set_signature_md(pctx, EVP_sha1()) > 0) {
2443 if (!SSL_USE_SIGALGS(s)) 2443 if (!SSL_USE_SIGALGS(s))
2444 s->method->internal->ssl3_enc->cert_verify_mac(s, 2444 tls1_cert_verify_mac(s,
2445 NID_sha1, &(data[MD5_DIGEST_LENGTH])); 2445 NID_sha1, &(data[MD5_DIGEST_LENGTH]));
2446 } else { 2446 } else {
2447 ERR_clear_error(); 2447 ERR_clear_error();
@@ -2475,7 +2475,7 @@ ssl3_send_client_verify(SSL *s)
2475 if (!tls1_digest_cached_records(s)) 2475 if (!tls1_digest_cached_records(s))
2476 goto err; 2476 goto err;
2477 } else if (pkey->type == EVP_PKEY_RSA) { 2477 } else if (pkey->type == EVP_PKEY_RSA) {
2478 s->method->internal->ssl3_enc->cert_verify_mac( 2478 tls1_cert_verify_mac(
2479 s, NID_md5, &(data[0])); 2479 s, NID_md5, &(data[0]));
2480 if (RSA_sign(NID_md5_sha1, data, 2480 if (RSA_sign(NID_md5_sha1, data,
2481 MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH, &(p[2]), 2481 MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH, &(p[2]),
diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c
index 6f31d6dcdf..6d5d5c468b 100644
--- a/src/lib/libssl/ssl_lib.c
+++ b/src/lib/libssl/ssl_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_lib.c,v 1.152 2017/01/26 06:01:44 jsing Exp $ */ 1/* $OpenBSD: ssl_lib.c,v 1.153 2017/01/26 06:32:58 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -1732,7 +1732,7 @@ SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen,
1732 const char *label, size_t llen, const unsigned char *p, size_t plen, 1732 const char *label, size_t llen, const unsigned char *p, size_t plen,
1733 int use_context) 1733 int use_context)
1734{ 1734{
1735 return (s->method->internal->ssl3_enc->export_keying_material(s, out, olen, 1735 return (tls1_export_keying_material(s, out, olen,
1736 label, llen, p, plen, use_context)); 1736 label, llen, p, plen, use_context));
1737} 1737}
1738 1738
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h
index bff28b1772..6834592516 100644
--- a/src/lib/libssl/ssl_locl.h
+++ b/src/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_locl.h,v 1.169 2017/01/26 05:31:25 jsing Exp $ */ 1/* $OpenBSD: ssl_locl.h,v 1.170 2017/01/26 06:32:58 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -1012,28 +1012,8 @@ typedef struct sess_cert_st {
1012/*#define SSL_DEBUG */ 1012/*#define SSL_DEBUG */
1013/*#define RSA_DEBUG */ 1013/*#define RSA_DEBUG */
1014 1014
1015/* This is for the SSLv3/TLSv1.0 differences in crypto/hash stuff
1016 * It is a bit of a mess of functions, but hell, think of it as
1017 * an opaque structure :-) */
1018typedef struct ssl3_enc_method { 1015typedef struct ssl3_enc_method {
1019 int (*enc)(SSL *, int); 1016 int (*enc)(SSL *, int);
1020 int (*mac)(SSL *, unsigned char *, int);
1021 int (*setup_key_block)(SSL *);
1022 int (*generate_master_secret)(SSL *, unsigned char *,
1023 unsigned char *, int);
1024 int (*change_cipher_state)(SSL *, int);
1025 int (*final_finish_mac)(SSL *, const char *, int, unsigned char *);
1026 int finish_mac_length;
1027 int (*cert_verify_mac)(SSL *, int, unsigned char *);
1028 const char *client_finished_label;
1029 int client_finished_label_len;
1030 const char *server_finished_label;
1031 int server_finished_label_len;
1032 int (*alert_value)(int);
1033 int (*export_keying_material)(SSL *, unsigned char *, size_t,
1034 const char *, size_t, const unsigned char *, size_t,
1035 int use_context);
1036 /* Flags indicating protocol version requirements. */
1037 unsigned int enc_flags; 1017 unsigned int enc_flags;
1038} SSL3_ENC_METHOD; 1018} SSL3_ENC_METHOD;
1039 1019
diff --git a/src/lib/libssl/ssl_pkt.c b/src/lib/libssl/ssl_pkt.c
index 2ab264f33f..ef5b5737aa 100644
--- a/src/lib/libssl/ssl_pkt.c
+++ b/src/lib/libssl/ssl_pkt.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_pkt.c,v 1.1 2017/01/26 05:51:54 jsing Exp $ */ 1/* $OpenBSD: ssl_pkt.c,v 1.2 2017/01/26 06:32:58 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -475,7 +475,7 @@ again:
475 mac = &rr->data[rr->length]; 475 mac = &rr->data[rr->length];
476 } 476 }
477 477
478 i = s->method->internal->ssl3_enc->mac(s,md,0 /* not send */); 478 i = tls1_mac(s,md,0 /* not send */);
479 if (i < 0 || mac == NULL || 479 if (i < 0 || mac == NULL ||
480 timingsafe_memcmp(md, mac, (size_t)mac_size) != 0) 480 timingsafe_memcmp(md, mac, (size_t)mac_size) != 0)
481 enc_err = -1; 481 enc_err = -1;
@@ -747,7 +747,7 @@ do_ssl3_write(SSL *s, int type, const unsigned char *buf,
747 * wr->data still points in the wb->buf */ 747 * wr->data still points in the wb->buf */
748 748
749 if (mac_size != 0) { 749 if (mac_size != 0) {
750 if (s->method->internal->ssl3_enc->mac(s, 750 if (tls1_mac(s,
751 &(p[wr->length + eivlen]), 1) < 0) 751 &(p[wr->length + eivlen]), 1) < 0)
752 goto err; 752 goto err;
753 wr->length += mac_size; 753 wr->length += mac_size;
@@ -1360,25 +1360,25 @@ ssl3_do_change_cipher_spec(SSL *s)
1360 } 1360 }
1361 1361
1362 s->session->cipher = S3I(s)->tmp.new_cipher; 1362 s->session->cipher = S3I(s)->tmp.new_cipher;
1363 if (!s->method->internal->ssl3_enc->setup_key_block(s)) 1363 if (!tls1_setup_key_block(s))
1364 return (0); 1364 return (0);
1365 } 1365 }
1366 1366
1367 if (!s->method->internal->ssl3_enc->change_cipher_state(s, i)) 1367 if (!tls1_change_cipher_state(s, i))
1368 return (0); 1368 return (0);
1369 1369
1370 /* we have to record the message digest at 1370 /* we have to record the message digest at
1371 * this point so we can get it before we read 1371 * this point so we can get it before we read
1372 * the finished message */ 1372 * the finished message */
1373 if (s->internal->state & SSL_ST_CONNECT) { 1373 if (s->internal->state & SSL_ST_CONNECT) {
1374 sender = s->method->internal->ssl3_enc->server_finished_label; 1374 sender = TLS_MD_SERVER_FINISH_CONST;
1375 slen = s->method->internal->ssl3_enc->server_finished_label_len; 1375 slen = TLS_MD_SERVER_FINISH_CONST_SIZE;
1376 } else { 1376 } else {
1377 sender = s->method->internal->ssl3_enc->client_finished_label; 1377 sender = TLS_MD_CLIENT_FINISH_CONST;
1378 slen = s->method->internal->ssl3_enc->client_finished_label_len; 1378 slen = TLS_MD_CLIENT_FINISH_CONST_SIZE;
1379 } 1379 }
1380 1380
1381 i = s->method->internal->ssl3_enc->final_finish_mac(s, sender, slen, 1381 i = tls1_final_finish_mac(s, sender, slen,
1382 S3I(s)->tmp.peer_finish_md); 1382 S3I(s)->tmp.peer_finish_md);
1383 if (i == 0) { 1383 if (i == 0) {
1384 SSLerr(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC, ERR_R_INTERNAL_ERROR); 1384 SSLerr(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC, ERR_R_INTERNAL_ERROR);
@@ -1393,7 +1393,7 @@ int
1393ssl3_send_alert(SSL *s, int level, int desc) 1393ssl3_send_alert(SSL *s, int level, int desc)
1394{ 1394{
1395 /* Map tls/ssl alert value to correct one */ 1395 /* Map tls/ssl alert value to correct one */
1396 desc = s->method->internal->ssl3_enc->alert_value(desc); 1396 desc = tls1_alert_code(desc);
1397 if (desc < 0) 1397 if (desc < 0)
1398 return -1; 1398 return -1;
1399 /* If a fatal one, remove from cache */ 1399 /* If a fatal one, remove from cache */
diff --git a/src/lib/libssl/ssl_srvr.c b/src/lib/libssl/ssl_srvr.c
index dfc6ee67b6..a716947ab9 100644
--- a/src/lib/libssl/ssl_srvr.c
+++ b/src/lib/libssl/ssl_srvr.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_srvr.c,v 1.1 2017/01/26 05:51:54 jsing Exp $ */ 1/* $OpenBSD: ssl_srvr.c,v 1.2 2017/01/26 06:32:58 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -519,7 +519,7 @@ ssl3_accept(SSL *s)
519 if (S3I(s)->handshake_dgst[dgst_num]) { 519 if (S3I(s)->handshake_dgst[dgst_num]) {
520 int dgst_size; 520 int dgst_size;
521 521
522 s->method->internal->ssl3_enc->cert_verify_mac(s, 522 tls1_cert_verify_mac(s,
523 EVP_MD_CTX_type( 523 EVP_MD_CTX_type(
524 S3I(s)->handshake_dgst[dgst_num]), 524 S3I(s)->handshake_dgst[dgst_num]),
525 &(S3I(s)->tmp.cert_verify_md[offset])); 525 &(S3I(s)->tmp.cert_verify_md[offset]));
@@ -598,7 +598,7 @@ ssl3_accept(SSL *s)
598 case SSL3_ST_SW_CHANGE_B: 598 case SSL3_ST_SW_CHANGE_B:
599 599
600 s->session->cipher = S3I(s)->tmp.new_cipher; 600 s->session->cipher = S3I(s)->tmp.new_cipher;
601 if (!s->method->internal->ssl3_enc->setup_key_block(s)) { 601 if (!tls1_setup_key_block(s)) {
602 ret = -1; 602 ret = -1;
603 goto end; 603 goto end;
604 } 604 }
@@ -611,7 +611,7 @@ ssl3_accept(SSL *s)
611 s->internal->state = SSL3_ST_SW_FINISHED_A; 611 s->internal->state = SSL3_ST_SW_FINISHED_A;
612 s->internal->init_num = 0; 612 s->internal->init_num = 0;
613 613
614 if (!s->method->internal->ssl3_enc->change_cipher_state( 614 if (!tls1_change_cipher_state(
615 s, SSL3_CHANGE_CIPHER_SERVER_WRITE)) { 615 s, SSL3_CHANGE_CIPHER_SERVER_WRITE)) {
616 ret = -1; 616 ret = -1;
617 goto end; 617 goto end;
@@ -623,8 +623,8 @@ ssl3_accept(SSL *s)
623 case SSL3_ST_SW_FINISHED_B: 623 case SSL3_ST_SW_FINISHED_B:
624 ret = ssl3_send_finished(s, 624 ret = ssl3_send_finished(s,
625 SSL3_ST_SW_FINISHED_A, SSL3_ST_SW_FINISHED_B, 625 SSL3_ST_SW_FINISHED_A, SSL3_ST_SW_FINISHED_B,
626 s->method->internal->ssl3_enc->server_finished_label, 626 TLS_MD_SERVER_FINISH_CONST,
627 s->method->internal->ssl3_enc->server_finished_label_len); 627 TLS_MD_SERVER_FINISH_CONST_SIZE);
628 if (ret <= 0) 628 if (ret <= 0)
629 goto end; 629 goto end;
630 s->internal->state = SSL3_ST_SW_FLUSH; 630 s->internal->state = SSL3_ST_SW_FLUSH;
@@ -1808,7 +1808,7 @@ ssl3_get_client_kex_rsa(SSL *s, unsigned char *p, long n)
1808 } 1808 }
1809 1809
1810 s->session->master_key_length = 1810 s->session->master_key_length =
1811 s->method->internal->ssl3_enc->generate_master_secret(s, 1811 tls1_generate_master_secret(s,
1812 s->session->master_key, p, i); 1812 s->session->master_key, p, i);
1813 1813
1814 explicit_bzero(p, i); 1814 explicit_bzero(p, i);
@@ -1864,7 +1864,7 @@ ssl3_get_client_kex_dhe(SSL *s, unsigned char *p, long n)
1864 } 1864 }
1865 1865
1866 s->session->master_key_length = 1866 s->session->master_key_length =
1867 s->method->internal->ssl3_enc->generate_master_secret( 1867 tls1_generate_master_secret(
1868 s, s->session->master_key, p, key_size); 1868 s, s->session->master_key, p, key_size);
1869 1869
1870 explicit_bzero(p, key_size); 1870 explicit_bzero(p, key_size);
@@ -2018,7 +2018,7 @@ ssl3_get_client_kex_ecdhe_ecp(SSL *s, unsigned char *p, long n)
2018 2018
2019 /* Compute the master secret */ 2019 /* Compute the master secret */
2020 s->session->master_key_length = 2020 s->session->master_key_length =
2021 s->method->internal->ssl3_enc->generate_master_secret( 2021 tls1_generate_master_secret(
2022 s, s->session->master_key, p, i); 2022 s, s->session->master_key, p, i);
2023 2023
2024 explicit_bzero(p, i); 2024 explicit_bzero(p, i);
@@ -2060,7 +2060,7 @@ ssl3_get_client_kex_ecdhe_ecx(SSL *s, unsigned char *p, long n)
2060 S3I(s)->tmp.x25519 = NULL; 2060 S3I(s)->tmp.x25519 = NULL;
2061 2061
2062 s->session->master_key_length = 2062 s->session->master_key_length =
2063 s->method->internal->ssl3_enc->generate_master_secret( 2063 tls1_generate_master_secret(
2064 s, s->session->master_key, shared_key, X25519_KEY_LENGTH); 2064 s, s->session->master_key, shared_key, X25519_KEY_LENGTH);
2065 2065
2066 ret = 1; 2066 ret = 1;
@@ -2136,7 +2136,7 @@ ssl3_get_client_kex_gost(SSL *s, unsigned char *p, long n)
2136 } 2136 }
2137 /* Generate master secret */ 2137 /* Generate master secret */
2138 s->session->master_key_length = 2138 s->session->master_key_length =
2139 s->method->internal->ssl3_enc->generate_master_secret( 2139 tls1_generate_master_secret(
2140 s, s->session->master_key, premaster_secret, 32); 2140 s, s->session->master_key, premaster_secret, 32);
2141 /* Check if pubkey from client certificate was used */ 2141 /* Check if pubkey from client certificate was used */
2142 if (EVP_PKEY_CTX_ctrl(pkey_ctx, -1, -1, 2142 if (EVP_PKEY_CTX_ctrl(pkey_ctx, -1, -1,
diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c
index 9b60d664e5..3585a3ac55 100644
--- a/src/lib/libssl/t1_lib.c
+++ b/src/lib/libssl/t1_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: t1_lib.c,v 1.111 2017/01/24 14:57:31 jsing Exp $ */ 1/* $OpenBSD: t1_lib.c,v 1.112 2017/01/26 06:32:58 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -125,55 +125,16 @@ static int tls_decrypt_ticket(SSL *s, const unsigned char *tick, int ticklen,
125 125
126SSL3_ENC_METHOD TLSv1_enc_data = { 126SSL3_ENC_METHOD TLSv1_enc_data = {
127 .enc = tls1_enc, 127 .enc = tls1_enc,
128 .mac = tls1_mac,
129 .setup_key_block = tls1_setup_key_block,
130 .generate_master_secret = tls1_generate_master_secret,
131 .change_cipher_state = tls1_change_cipher_state,
132 .final_finish_mac = tls1_final_finish_mac,
133 .finish_mac_length = TLS1_FINISH_MAC_LENGTH,
134 .cert_verify_mac = tls1_cert_verify_mac,
135 .client_finished_label = TLS_MD_CLIENT_FINISH_CONST,
136 .client_finished_label_len = TLS_MD_CLIENT_FINISH_CONST_SIZE,
137 .server_finished_label = TLS_MD_SERVER_FINISH_CONST,
138 .server_finished_label_len = TLS_MD_SERVER_FINISH_CONST_SIZE,
139 .alert_value = tls1_alert_code,
140 .export_keying_material = tls1_export_keying_material,
141 .enc_flags = 0, 128 .enc_flags = 0,
142}; 129};
143 130
144SSL3_ENC_METHOD TLSv1_1_enc_data = { 131SSL3_ENC_METHOD TLSv1_1_enc_data = {
145 .enc = tls1_enc, 132 .enc = tls1_enc,
146 .mac = tls1_mac,
147 .setup_key_block = tls1_setup_key_block,
148 .generate_master_secret = tls1_generate_master_secret,
149 .change_cipher_state = tls1_change_cipher_state,
150 .final_finish_mac = tls1_final_finish_mac,
151 .finish_mac_length = TLS1_FINISH_MAC_LENGTH,
152 .cert_verify_mac = tls1_cert_verify_mac,
153 .client_finished_label = TLS_MD_CLIENT_FINISH_CONST,
154 .client_finished_label_len = TLS_MD_CLIENT_FINISH_CONST_SIZE,
155 .server_finished_label = TLS_MD_SERVER_FINISH_CONST,
156 .server_finished_label_len = TLS_MD_SERVER_FINISH_CONST_SIZE,
157 .alert_value = tls1_alert_code,
158 .export_keying_material = tls1_export_keying_material,
159 .enc_flags = SSL_ENC_FLAG_EXPLICIT_IV, 133 .enc_flags = SSL_ENC_FLAG_EXPLICIT_IV,
160}; 134};
161 135
162SSL3_ENC_METHOD TLSv1_2_enc_data = { 136SSL3_ENC_METHOD TLSv1_2_enc_data = {
163 .enc = tls1_enc, 137 .enc = tls1_enc,
164 .mac = tls1_mac,
165 .setup_key_block = tls1_setup_key_block,
166 .generate_master_secret = tls1_generate_master_secret,
167 .change_cipher_state = tls1_change_cipher_state,
168 .final_finish_mac = tls1_final_finish_mac,
169 .finish_mac_length = TLS1_FINISH_MAC_LENGTH,
170 .cert_verify_mac = tls1_cert_verify_mac,
171 .client_finished_label = TLS_MD_CLIENT_FINISH_CONST,
172 .client_finished_label_len = TLS_MD_CLIENT_FINISH_CONST_SIZE,
173 .server_finished_label = TLS_MD_SERVER_FINISH_CONST,
174 .server_finished_label_len = TLS_MD_SERVER_FINISH_CONST_SIZE,
175 .alert_value = tls1_alert_code,
176 .export_keying_material = tls1_export_keying_material,
177 .enc_flags = SSL_ENC_FLAG_EXPLICIT_IV|SSL_ENC_FLAG_SIGALGS| 138 .enc_flags = SSL_ENC_FLAG_EXPLICIT_IV|SSL_ENC_FLAG_SIGALGS|
178 SSL_ENC_FLAG_SHA256_PRF|SSL_ENC_FLAG_TLS1_2_CIPHERS, 139 SSL_ENC_FLAG_SHA256_PRF|SSL_ENC_FLAG_TLS1_2_CIPHERS,
179}; 140};
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-21 15:39:47 +0000