-/* ssl/statem/statem_clnt.c */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
const SSL_CIPHER *c;
PACKET session_id;
size_t session_id_len;
- unsigned char *cipherchars;
+ const unsigned char *cipherchars;
int i, al = SSL_AD_INTERNAL_ERROR;
unsigned int compression;
unsigned int sversion;
int al, i, ret = MSG_PROCESS_ERROR, exp_idx;
unsigned long cert_list_len, cert_len;
X509 *x = NULL;
- unsigned char *certstart, *certbytes;
+ const unsigned char *certstart, *certbytes;
STACK_OF(X509) *sk = NULL;
EVP_PKEY *pkey = NULL;
#ifndef OPENSSL_NO_EC
else if (alg_k & (SSL_kECDHE | SSL_kECDHEPSK)) {
PACKET encoded_pt;
- unsigned char *ecparams;
+ const unsigned char *ecparams;
int curve_nid;
/*
}
if (SSL_USE_SIGALGS(s)) {
- unsigned char *sigalgs;
+ const unsigned char *sigalgs;
int rv;
if (!PACKET_get_bytes(pkt, &sigalgs, 2)) {
SSLerr(SSL_F_TLS_PROCESS_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
#ifdef SSL_DEBUG
fprintf(stderr, "USING TLSv1.2 HASH %s\n", EVP_MD_name(md));
#endif
- } else if (pkey->type == EVP_PKEY_RSA) {
+ } else if (EVP_PKEY_id(pkey) == EVP_PKEY_RSA) {
md = EVP_md5_sha1();
} else {
md = EVP_sha1();
int ret = MSG_PROCESS_ERROR;
unsigned int list_len, ctype_num, i, name_len;
X509_NAME *xn = NULL;
- unsigned char *data;
- unsigned char *namestart, *namebytes;
+ const unsigned char *data;
+ const unsigned char *namestart, *namebytes;
STACK_OF(X509_NAME) *ca_sk = NULL;
if ((ca_sk = sk_X509_NAME_new(ca_dn_cmp)) == NULL) {
}
pkey = X509_get0_pubkey(s->session->peer);
- if ((pkey == NULL) || (pkey->type != EVP_PKEY_RSA)
- || (pkey->pkey.rsa == NULL)) {
+ if (EVP_PKEY_get0_RSA(pkey) == NULL) {
SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_KEY_EXCHANGE,
ERR_R_INTERNAL_ERROR);
goto err;
#endif
#ifndef OPENSSL_NO_EC
- else if (alg_k & (SSL_kECDHE | SSL_kECDHr | SSL_kECDHe | SSL_kECDHEPSK)) {
+ else if (alg_k & (SSL_kECDHE | SSL_kECDHEPSK)) {
- if (s->s3->peer_tmp != NULL) {
- skey = s->s3->peer_tmp;
- } else {
- /* Get the Server Public Key from Cert */
- skey = X509_get0_pubkey(s->session->peer);
- if ((skey == NULL)
- || (skey->type != EVP_PKEY_EC)
- || (skey->pkey.ec == NULL)) {
- SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_KEY_EXCHANGE,
+ skey = s->s3->peer_tmp;
+ if ((skey == NULL) || EVP_PKEY_get0_EC_KEY(skey) == NULL) {
+ SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_KEY_EXCHANGE,
ERR_R_INTERNAL_ERROR);
- goto err;
+ goto err;
}
- }
ckey = ssl_generate_pkey(skey, NID_undef);
goto err;
}
#ifndef OPENSSL_NO_GOST
- if (pkey->type == NID_id_GostR3410_2001
- || pkey->type == NID_id_GostR3410_2012_256
- || pkey->type == NID_id_GostR3410_2012_512) {
- BUF_reverse(p + 2, NULL, u);
+ {
+ int pktype = EVP_PKEY_id(pkey);
+ if (pktype == NID_id_GostR3410_2001
+ || pktype == NID_id_GostR3410_2012_256
+ || pktype == NID_id_GostR3410_2012_512)
+ BUF_reverse(p + 2, NULL, u);
}
#endif
SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
SSL_R_MISSING_ECDSA_SIGNING_CERT);
goto f_err;
- } else if (alg_k & (SSL_kECDHr | SSL_kECDHe)) {
- SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, SSL_R_MISSING_ECDH_CERT);
- goto f_err;
}
#endif
pkey = X509_get0_pubkey(s->session->peer);