256,
256,
},
-#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
{
1,
TLS1_3_RFC_CHACHA20_POLY1305_SHA256,
256,
256,
},
-#endif
{
1,
TLS1_3_RFC_AES_128_CCM_SHA256,
256,
},
-#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
{
1,
TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305,
256,
256,
},
-#endif /* !defined(OPENSSL_NO_CHACHA) &&
- * !defined(OPENSSL_NO_POLY1305) */
-#ifndef OPENSSL_NO_CAMELLIA
{
1,
TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA256,
256,
256,
},
-#endif /* OPENSSL_NO_CAMELLIA */
#ifndef OPENSSL_NO_GOST
{
},
#endif /* OPENSSL_NO_GOST */
-#ifndef OPENSSL_NO_IDEA
{
1,
SSL3_TXT_RSA_IDEA_128_SHA,
128,
128,
},
-#endif
-#ifndef OPENSSL_NO_SEED
{
1,
TLS1_TXT_RSA_WITH_SEED_SHA,
128,
128,
},
-#endif /* OPENSSL_NO_SEED */
#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
{
},
#endif /* OPENSSL_NO_WEAK_SSL_CIPHERS */
-#ifndef OPENSSL_NO_ARIA
{
1,
TLS1_TXT_RSA_WITH_ARIA_128_GCM_SHA256,
256,
256,
},
-#endif /* OPENSSL_NO_ARIA */
};
/*
int ssl3_new(SSL *s)
{
#ifndef OPENSSL_NO_SRP
- if (!SSL_SRP_CTX_init(s))
+ if (!ssl_srp_ctx_init_intern(s))
return 0;
#endif
OPENSSL_free(s->s3.alpn_proposed);
#ifndef OPENSSL_NO_SRP
- SSL_SRP_CTX_free(s);
+ ssl_srp_ctx_free_intern(s);
#endif
memset(&s->s3, 0, sizeof(s->s3));
}
&s->ext.supportedgroups_len,
parg);
}
-#endif
+#endif /* !OPENSSL_NO_DEPRECATED_3_0 */
case SSL_CTRL_SET_TLSEXT_HOSTNAME:
/*
* This API is only used for a client to set what SNI it will request
return id;
}
case SSL_CTRL_GET_NEGOTIATED_GROUP:
- ret = tls1_group_id2nid(s->s3.group_id, 1);
- break;
+ {
+ unsigned int id;
+ if (SSL_IS_TLS13(s) && s->s3.did_kex)
+ id = s->s3.group_id;
+ else
+ id = s->session->kex_group;
+ ret = tls1_group_id2nid(id, 1);
+ break;
+ }
case SSL_CTRL_SET_SIGALGS:
return tls1_set_sigalgs(s->cert, parg, larg, 0);
return 1;
}
-#ifndef OPENSSL_NO_EC
case SSL_CTRL_GET_EC_POINT_FORMATS:
{
const unsigned char **pformat = parg;
*pformat = s->ext.peer_ecpointformats;
return (int)s->ext.peer_ecpointformats_len;
}
-#endif
default:
break;
&ctx->ext.supportedgroups_len,
parg);
}
-#endif
+#endif /* !OPENSSL_NO_DEPRECATED_3_0 */
case SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG:
ctx->ext.servername_arg = parg;
break;
STACK_OF(SSL_CIPHER) *prio, *allow;
int i, ii, ok, prefer_sha256 = 0;
unsigned long alg_k = 0, alg_a = 0, mask_k = 0, mask_a = 0;
-#ifndef OPENSSL_NO_CHACHA
STACK_OF(SSL_CIPHER) *prio_chacha = NULL;
-#endif
/* Let's see which ciphers we can support */
} else if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) {
prio = srvr;
allow = clnt;
-#ifndef OPENSSL_NO_CHACHA
+
/* If ChaCha20 is at the top of the client preference list,
and there are ChaCha20 ciphers in the server list, then
temporarily prioritize all ChaCha20 ciphers in the servers list. */
}
}
}
-# endif
} else {
prio = clnt;
allow = srvr;
"%d:[%08lX:%08lX:%08lX:%08lX]%p:%s\n",
ok, alg_k, alg_a, mask_k, mask_a, (void *)c, c->name);
-#ifndef OPENSSL_NO_EC
/*
* if we are considering an ECC cipher suite that uses an ephemeral
* EC key check it
*/
if (alg_k & SSL_kECDHE)
ok = ok && tls1_check_ec_tmp_key(s, c->id);
-#endif /* OPENSSL_NO_EC */
if (!ok)
continue;
if (!ssl_security(s, SSL_SECOP_CIPHER_SHARED,
c->strength_bits, 0, (void *)c))
continue;
-#if !defined(OPENSSL_NO_EC)
+
if ((alg_k & SSL_kECDHE) && (alg_a & SSL_aECDSA)
&& s->s3.is_probably_safari) {
if (!ret)
ret = sk_SSL_CIPHER_value(allow, ii);
continue;
}
-#endif
+
if (prefer_sha256) {
const SSL_CIPHER *tmp = sk_SSL_CIPHER_value(allow, ii);
- /*
- * TODO: When there are no more legacy digests we can just use
- * OSSL_DIGEST_NAME_SHA2_256 instead of calling OBJ_nid2sn
- */
if (EVP_MD_is_a(ssl_md(s->ctx, tmp->algorithm2),
- OBJ_nid2sn(NID_sha256))) {
+ OSSL_DIGEST_NAME_SHA2_256)) {
ret = tmp;
break;
}
break;
}
}
-#ifndef OPENSSL_NO_CHACHA
+
sk_SSL_CIPHER_free(prio_chacha);
-#endif
+
return ret;
}
OPENSSL_clear_free(s->s3.tmp.psk, psklen);
s->s3.tmp.psk = NULL;
+ s->s3.tmp.psklen = 0;
if (!s->method->ssl3_enc->generate_master_secret(s,
s->session->master_key, pskpms, pskpmslen,
&s->session->master_key_length)) {
else
OPENSSL_cleanse(pms, pmslen);
}
- if (s->server == 0)
+ if (s->server == 0) {
s->s3.tmp.pms = NULL;
+ s->s3.tmp.pmslen = 0;
+ }
return ret;
}
pctx = EVP_PKEY_CTX_new_from_pkey(s->ctx->libctx, privkey, s->ctx->propq);
- if (EVP_PKEY_decapsulate_init(pctx) <= 0
+ if (EVP_PKEY_decapsulate_init(pctx, NULL) <= 0
|| EVP_PKEY_decapsulate(pctx, NULL, &pmslen, ct, ctlen) <= 0) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
goto err;
pctx = EVP_PKEY_CTX_new_from_pkey(s->ctx->libctx, pubkey, s->ctx->propq);
- if (EVP_PKEY_encapsulate_init(pctx) <= 0
+ if (EVP_PKEY_encapsulate_init(pctx, NULL) <= 0
|| EVP_PKEY_encapsulate(pctx, NULL, &ctlen, NULL, &pmslen) <= 0
|| pmslen == 0 || ctlen == 0) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);