#include "statem_local.h"
#include "internal/cryptlib.h"
-DEFINE_STACK_OF(SRTP_PROTECTION_PROFILE)
DEFINE_STACK_OF(OCSP_RESPID)
-DEFINE_STACK_OF(X509_EXTENSION)
#define COOKIE_STATE_FORMAT_VERSION 0
return 0;
}
- /*
- * TODO(3.0) Remove this when EVP_PKEY_get1_tls_encodedpoint()
- * knows how to get a key from an encoded point with the help of
- * a OSSL_SERIALIZER deserializer. We know that EVP_PKEY_get0()
- * downgrades an EVP_PKEY to contain a legacy key.
- *
- * THIS IS TEMPORARY
- */
- EVP_PKEY_get0(s->s3.peer_tmp);
- if (EVP_PKEY_id(s->s3.peer_tmp) == EVP_PKEY_NONE) {
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PARSE_CTOS_KEY_SHARE,
- ERR_R_INTERNAL_ERROR);
- return 0;
- }
-
s->s3.group_id = group_id;
if (!EVP_PKEY_set1_tls_encodedpoint(s->s3.peer_tmp,
/* Verify the HMAC of the cookie */
hctx = EVP_MD_CTX_create();
- pkey = EVP_PKEY_new_raw_private_key(EVP_PKEY_HMAC, NULL,
- s->session_ctx->ext.cookie_hmac_key,
- sizeof(s->session_ctx->ext
- .cookie_hmac_key));
+ pkey = EVP_PKEY_new_raw_private_key_with_libctx(s->ctx->libctx, "HMAC",
+ s->ctx->propq,
+ s->session_ctx->ext.cookie_hmac_key,
+ sizeof(s->session_ctx->ext
+ .cookie_hmac_key));
if (hctx == NULL || pkey == NULL) {
EVP_MD_CTX_free(hctx);
EVP_PKEY_free(pkey);
}
hmaclen = SHA256_DIGEST_LENGTH;
- if (EVP_DigestSignInit_ex(hctx, NULL, "SHA2-256", s->ctx->propq, pkey,
- s->ctx->libctx) <= 0
+ if (EVP_DigestSignInit_with_libctx(hctx, NULL, "SHA2-256",
+ s->ctx->libctx, s->ctx->propq, pkey) <= 0
|| EVP_DigestSign(hctx, hmac, &hmaclen, data,
rawlen - SHA256_DIGEST_LENGTH) <= 0
|| hmaclen != SHA256_DIGEST_LENGTH) {
{
const uint16_t *groups;
size_t numgroups, i, first = 1;
+ int version;
/* s->s3.group_id is non zero if we accepted a key_share */
if (s->s3.group_id == 0)
}
/* Copy group ID if supported */
+ version = SSL_version(s);
for (i = 0; i < numgroups; i++) {
uint16_t group = groups[i];
- if (tls_valid_group(s, group, SSL_version(s))
+ if (tls_valid_group(s, group, version, version)
&& tls_group_allowed(s, group, SSL_SECOP_CURVE_SUPPORTED)) {
if (first) {
/*
if (s->s3.tmp.new_cipher->algorithm_mac == SSL_AEAD
|| s->s3.tmp.new_cipher->algorithm_enc == SSL_RC4
|| s->s3.tmp.new_cipher->algorithm_enc == SSL_eGOST2814789CNT
- || s->s3.tmp.new_cipher->algorithm_enc == SSL_eGOST2814789CNT12) {
+ || s->s3.tmp.new_cipher->algorithm_enc == SSL_eGOST2814789CNT12
+ || s->s3.tmp.new_cipher->algorithm_enc == SSL_MAGMA
+ || s->s3.tmp.new_cipher->algorithm_enc == SSL_KUZNYECHIK) {
s->ext.use_etm = 0;
return EXT_RETURN_NOT_SENT;
}
return EXT_RETURN_FAIL;
}
- /*
- * TODO(3.0) Remove this when EVP_PKEY_get1_tls_encodedpoint()
- * knows how to get a key from an encoded point with the help of
- * a OSSL_SERIALIZER deserializer. We know that EVP_PKEY_get0()
- * downgrades an EVP_PKEY to contain a legacy key.
- *
- * THIS IS TEMPORARY
- */
- EVP_PKEY_get0(skey);
- if (EVP_PKEY_id(skey) == EVP_PKEY_NONE) {
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_STOC_KEY_SHARE,
- ERR_R_INTERNAL_ERROR);
- return EXT_RETURN_FAIL;
- }
-
/* Generate encoding of server key */
encoded_pt_len = EVP_PKEY_get1_tls_encodedpoint(skey, &encodedPoint);
if (encoded_pt_len == 0) {
/* HMAC the cookie */
hctx = EVP_MD_CTX_create();
- pkey = EVP_PKEY_new_raw_private_key(EVP_PKEY_HMAC, NULL,
- s->session_ctx->ext.cookie_hmac_key,
- sizeof(s->session_ctx->ext
- .cookie_hmac_key));
+ pkey = EVP_PKEY_new_raw_private_key_with_libctx(s->ctx->libctx, "HMAC",
+ s->ctx->propq,
+ s->session_ctx->ext.cookie_hmac_key,
+ sizeof(s->session_ctx->ext
+ .cookie_hmac_key));
if (hctx == NULL || pkey == NULL) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_STOC_COOKIE,
ERR_R_MALLOC_FAILURE);
goto err;
}
- if (EVP_DigestSignInit_ex(hctx, NULL, "SHA2-256", s->ctx->propq, pkey,
- s->ctx->libctx) <= 0
+ if (EVP_DigestSignInit_with_libctx(hctx, NULL, "SHA2-256",
+ s->ctx->libctx, s->ctx->propq,
+ pkey) <= 0
|| EVP_DigestSign(hctx, hmac, &hmaclen, cookie,
totcookielen) <= 0) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_STOC_COOKIE,