From: Matt Caswell Date: Tue, 24 Nov 2015 13:52:07 +0000 (+0000) Subject: Updates to GOST2012 X-Git-Tag: OpenSSL_1_1_0-pre1~159 X-Git-Url: https://git.openssl.org/?p=openssl.git;a=commitdiff_plain;h=2a9b96548afc0d540ab873a31dc1a72c66cba434 Updates to GOST2012 Various updates following feedback from the recent commit of the new GOST2012 code. Reviewed-by: Andy Polyakov --- diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index 8c1b4aa18f..bf7336cbfc 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -1144,7 +1144,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl3_ciphers[] = { }, /* GOST Ciphersuites */ - +#ifndef OPENSL_NO_GOST { 1, "GOST2001-GOST89-GOST89", @@ -1173,7 +1173,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl3_ciphers[] = { 0, 0 }, - +#endif #ifndef OPENSSL_NO_CAMELLIA /* Camellia ciphersuites from RFC4132 (256-bit portion) */ @@ -3769,7 +3769,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl3_ciphers[] = { 256, 256, }, - +#ifndef OPENSSL_NO_GOST { 1, "GOST2012-GOST8912-GOST8912", @@ -3796,7 +3796,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl3_ciphers[] = { SSL_HANDSHAKE_MAC_GOST12_256 | TLS1_PRF_GOST12_256, 0, 0}, - +#endif /* end of list */ }; diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index e02b04906e..a9370dcb87 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -2068,6 +2068,7 @@ void ssl_set_masks(SSL *s, const SSL_CIPHER *cipher) rsa_enc_export, rsa_sign, dsa_sign, dh_rsa, dh_dsa); #endif +#ifndef OPENSSL_NO_GOST cpk = &(c->pkeys[SSL_PKEY_GOST12_512]); if (cpk->x509 != NULL && cpk->privatekey != NULL) { mask_k |= SSL_kGOST; @@ -2083,6 +2084,7 @@ void ssl_set_masks(SSL *s, const SSL_CIPHER *cipher) mask_k |= SSL_kGOST; mask_a |= SSL_aGOST01; } +#endif if (rsa_enc || (rsa_tmp && rsa_sign)) mask_k |= SSL_kRSA; diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c index c6bc86f0fe..527101b126 100644 --- a/ssl/statem/statem_clnt.c +++ b/ssl/statem/statem_clnt.c @@ -2715,6 +2715,7 @@ psk_err: EVP_PKEY_free(srvr_pub_pkey); } #endif /* !OPENSSL_NO_EC */ +#ifndef OPENSSL_NO_GOST else if (alg_k & SSL_kGOST) { /* GOST key exchange message creation */ EVP_PKEY_CTX *pkey_ctx; @@ -2836,6 +2837,7 @@ psk_err: EVP_PKEY_free(pub_key); } +#endif #ifndef OPENSSL_NO_SRP else if (alg_k & SSL_kSRP) { if (s->srp_ctx.A != NULL) { @@ -2964,7 +2966,7 @@ int tls_construct_client_verify(SSL *s) const EVP_MD *md = s->s3->tmp.md[s->cert->key - s->cert->pkeys]; EVP_MD_CTX mctx; unsigned u = 0; - unsigned long n; + unsigned long n = 0; long hdatalen = 0; void *hdata; @@ -2984,6 +2986,7 @@ int tls_construct_client_verify(SSL *s) goto err; } p += 2; + n = 2; } #ifdef SSL_DEBUG fprintf(stderr, "Using client alg %s\n", EVP_MD_name(md)); @@ -2998,21 +3001,16 @@ int tls_construct_client_verify(SSL *s) SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_VERIFY, ERR_R_EVP_LIB); goto err; } +#ifndef OPENSSL_NO_GOST if (pkey->type == NID_id_GostR3410_2001 || pkey->type == NID_id_GostR3410_2012_256 || pkey->type == NID_id_GostR3410_2012_512) { - unsigned int i, k; - for (i = u - 1, k = 0; k < u/2; k++, i--) { - char c = p[2 + k]; - p[2 + k] = p[2 + i]; - p[2 + i] = c; - } + BUF_reverse(p + 2, NULL, u); } +#endif s2n(u, p); - n = u + 2; - if (SSL_USE_SIGALGS(s)) - n += 2; + n += u + 2; /* Digest cached records and discard handshake buffer */ if (!ssl3_digest_cached_records(s, 0)) goto err; diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c index 24bbded5eb..ab860f6146 100644 --- a/ssl/statem/statem_lib.c +++ b/ssl/statem/statem_lib.c @@ -623,13 +623,16 @@ int ssl_cert_type(X509 *x, EVP_PKEY *pkey) ret = SSL_PKEY_ECC; } #endif +#ifndef OPENSSL_NO_GOST else if (i == NID_id_GostR3410_2001) { ret = SSL_PKEY_GOST01; } else if (i == NID_id_GostR3410_2012_256) { ret = SSL_PKEY_GOST12_256; } else if (i == NID_id_GostR3410_2012_512) { ret = SSL_PKEY_GOST12_512; - } else if (x && (i == EVP_PKEY_DH || i == EVP_PKEY_DHX)) { + } +#endif + else if (x && (i == EVP_PKEY_DH || i == EVP_PKEY_DHX)) { /* * For DH two cases: DH certificate signed with RSA and DH * certificate signed with DSA. diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c index d1146218a6..dcfb44fdbf 100644 --- a/ssl/statem/statem_srvr.c +++ b/ssl/statem/statem_srvr.c @@ -2761,6 +2761,7 @@ MSG_PROCESS_RETURN tls_process_client_key_exchange(SSL *s, PACKET *pkt) } } else #endif /* OPENSSL_NO_SRP */ +#ifndef OPENSSL_NO_GOST if (alg_k & SSL_kGOST) { EVP_PKEY_CTX *pkey_ctx; EVP_PKEY *client_pub_pkey = NULL, *pk = NULL; @@ -2854,7 +2855,9 @@ MSG_PROCESS_RETURN tls_process_client_key_exchange(SSL *s, PACKET *pkt) EVP_PKEY_free(client_pub_pkey); EVP_PKEY_CTX_free(pkey_ctx); goto f_err; - } else { + } else +#endif + { al = SSL_AD_HANDSHAKE_FAILURE; SSLerr(SSL_F_TLS_PROCESS_CLIENT_KEY_EXCHANGE, SSL_R_UNKNOWN_CIPHER_TYPE); goto f_err; @@ -2988,9 +2991,12 @@ MSG_PROCESS_RETURN tls_process_cert_verify(SSL *s, PACKET *pkt) * If key is GOST and n is exactly 64, it is bare signature without * length field (CryptoPro implementations at least till CSP 4.0) */ +#ifndef OPENSSL_NO_GOST if (PACKET_remaining(pkt) == 64 && pkey->type == NID_id_GostR3410_2001) { len = 64; - } else { + } else +#endif + { if (SSL_USE_SIGALGS(s)) { int rv; @@ -3049,16 +3055,13 @@ MSG_PROCESS_RETURN tls_process_cert_verify(SSL *s, PACKET *pkt) goto f_err; } +#ifndef OPENSSL_NO_GOST if (pkey->type == NID_id_GostR3410_2001 || pkey->type == NID_id_GostR3410_2012_256 || pkey->type == NID_id_GostR3410_2012_512) { - unsigned int j1, j2; - for (j1 = len - 1, j2 = 0; j2 < len/2; j2++, j1--) { - char c = data[j2]; - data[j2] = data[j1]; - data[j1] = c; - } + BUF_reverse(data, NULL, len); } +#endif if (s->version == SSL3_VERSION && !EVP_MD_CTX_ctrl(&mctx, EVP_CTRL_SSL3_MASTER_SECRET, diff --git a/ssl/t1_trce.c b/ssl/t1_trce.c index dc595acead..3a4f039a8c 100644 --- a/ssl/t1_trce.c +++ b/ssl/t1_trce.c @@ -537,26 +537,26 @@ static ssl_trace_tbl ssl_point_tbl[] = { }; static ssl_trace_tbl ssl_md_tbl[] = { - {0, "none"}, - {1, "md5"}, - {2, "sha1"}, - {3, "sha224"}, - {4, "sha256"}, - {5, "sha384"}, - {6, "sha512"}, - {237, "md_gost94"}, - {238, "md_gost2012_256"}, - {239, "md_gost2012_512"}, + {TLSEXT_hash_none, "none"}, + {TLSEXT_hash_md5, "md5"}, + {TLSEXT_hash_sha1, "sha1"}, + {TLSEXT_hash_sha224, "sha224"}, + {TLSEXT_hash_sha256, "sha256"}, + {TLSEXT_hash_sha384, "sha384"}, + {TLSEXT_hash_sha512, "sha512"}, + {TLSEXT_hash_gostr3411, "md_gost94"}, + {TLSEXT_hash_gostr34112012_256, "md_gost2012_256"}, + {TLSEXT_hash_gostr34112012_512, "md_gost2012_512"} }; static ssl_trace_tbl ssl_sig_tbl[] = { - {0, "anonymous"}, - {1, "rsa"}, - {2, "dsa"}, - {3, "ecdsa"}, - {237, "gost2001"}, - {238, "gost2012_256"}, - {239, "gost2012_512"}, + {TLSEXT_signature_anonymous, "anonymous"}, + {TLSEXT_signature_rsa, "rsa"}, + {TLSEXT_signature_dsa, "dsa"}, + {TLSEXT_signature_ecdsa, "ecdsa"}, + {TLSEXT_signature_gostr34102001, "gost2001"}, + {TLSEXT_signature_gostr34102012_256, "gost2012_256"}, + {TLSEXT_signature_gostr34102012_512, "gost2012_512"} }; static ssl_trace_tbl ssl_hb_tbl[] = {