X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=ssl%2Fs3_lib.c;h=5373fafc3607f8df482c5c8a4a165b87e62f5abf;hp=6c3f04db423c27b6f21cf7b8fdb11adc78bc21e8;hb=d882e4ce56eff950ae27cecaafe164751779c12a;hpb=65dc5c3cc10af7c6f24ecd922adb7b6d17a9fe65 diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index 6c3f04db42..5373fafc36 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -12,11 +12,12 @@ #include #include #include "internal/nelem.h" -#include "ssl_locl.h" +#include "ssl_local.h" #include #include #include #include +#include #include "internal/cryptlib.h" #define TLS13_NUM_CIPHERS OSSL_NELEM(tls13_ciphers) @@ -3317,6 +3318,9 @@ void ssl3_free(SSL *s) s->s3.tmp.pkey = NULL; #endif + ssl_evp_cipher_free(s->s3.tmp.new_sym_enc); + ssl_evp_md_free(s->s3.tmp.new_hash); + OPENSSL_free(s->s3.tmp.ctype); sk_X509_NAME_pop_free(s->s3.tmp.peer_ca_names, X509_NAME_free); OPENSSL_free(s->s3.tmp.ciphers_raw); @@ -3552,6 +3556,7 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) case SSL_CTRL_GET_CHAIN_CERTS: *(STACK_OF(X509) **)parg = s->cert->key->chain; + ret = 1; break; case SSL_CTRL_SELECT_CURRENT_CERT: @@ -3586,8 +3591,8 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) if (!s->session) return 0; - clist = s->session->ext.supportedgroups; - clistlen = s->session->ext.supportedgroups_len; + clist = s->ext.peer_supportedgroups; + clistlen = s->ext.peer_supportedgroups_len; if (parg) { size_t i; int *cptr = parg; @@ -3616,13 +3621,13 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) { uint16_t id = tls1_shared_group(s, larg); - if (larg != -1) { - const TLS_GROUP_INFO *ginf = tls1_group_id_lookup(id); - - return ginf == NULL ? 0 : ginf->nid; - } + if (larg != -1) + return tls1_group_id2nid(id); return id; } + case SSL_CTRL_GET_NEGOTIATED_GROUP: + ret = tls1_group_id2nid(s->s3.group_id); + break; #endif /* !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH) */ case SSL_CTRL_SET_SIGALGS: @@ -3702,13 +3707,12 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) #ifndef OPENSSL_NO_EC case SSL_CTRL_GET_EC_POINT_FORMATS: { - SSL_SESSION *sess = s->session; const unsigned char **pformat = parg; - if (sess == NULL || sess->ext.ecpointformats == NULL) + if (s->ext.peer_ecpointformats == NULL) return 0; - *pformat = sess->ext.ecpointformats; - return (int)sess->ext.ecpointformats_len; + *pformat = s->ext.peer_ecpointformats; + return (int)s->ext.peer_ecpointformats_len; } #endif @@ -3885,7 +3889,7 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) srp_password_from_info_cb; if (ctx->srp_ctx.info != NULL) OPENSSL_free(ctx->srp_ctx.info); - if ((ctx->srp_ctx.info = BUF_strdup((char *)parg)) == NULL) { + if ((ctx->srp_ctx.info = OPENSSL_strdup((char *)parg)) == NULL) { SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_INTERNAL_ERROR); return 0; } @@ -3944,6 +3948,10 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) return 0; } } + if (!X509v3_cache_extensions((X509 *)parg, ctx->libctx, ctx->propq)) { + SSLerr(0, ERR_LIB_X509); + return 0; + } if (!sk_X509_push(ctx->extra_certs, (X509 *)parg)) { SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_MALLOC_FAILURE); return 0; @@ -4008,12 +4016,14 @@ long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp) (void)) ctx->ext.status_cb = (int (*)(SSL *, void *))fp; break; +# ifndef OPENSSL_NO_DEPRECATED_3_0 case SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB: ctx->ext.ticket_key_cb = (int (*)(SSL *, unsigned char *, unsigned char *, EVP_CIPHER_CTX *, HMAC_CTX *, int))fp; break; +#endif #ifndef OPENSSL_NO_SRP case SSL_CTRL_SET_SRP_VERIFY_PARAM_CB: @@ -4042,6 +4052,14 @@ long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp) (void)) return 1; } +int SSL_CTX_set_tlsext_ticket_key_evp_cb + (SSL_CTX *ctx, int (*fp)(SSL *, unsigned char *, unsigned char *, + EVP_CIPHER_CTX *, EVP_MAC_CTX *, int)) +{ + ctx->ext.ticket_key_evp_cb = fp; + return 1; +} + const SSL_CIPHER *ssl3_get_cipher_by_id(uint32_t id) { SSL_CIPHER c; @@ -4126,7 +4144,6 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt, STACK_OF(SSL_CIPHER) *prio, *allow; int i, ii, ok, prefer_sha256 = 0; unsigned long alg_k = 0, alg_a = 0, mask_k = 0, mask_a = 0; - const EVP_MD *mdsha256 = EVP_sha256(); #ifndef OPENSSL_NO_CHACHA STACK_OF(SSL_CIPHER) *prio_chacha = NULL; #endif @@ -4300,7 +4317,12 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt, if (prefer_sha256) { const SSL_CIPHER *tmp = sk_SSL_CIPHER_value(allow, ii); - if (ssl_md(tmp->algorithm2) == mdsha256) { + /* + * TODO: When there are no more legacy digests we can just use + * OSSL_DIGEST_NAME_SHA2_256 instead of calling OBJ_nid2sn + */ + if (EVP_MD_is_a(ssl_md(s->ctx, tmp->algorithm2), + OBJ_nid2sn(NID_sha256))) { ret = tmp; break; } @@ -4570,9 +4592,9 @@ int ssl_fill_hello_random(SSL *s, int server, unsigned char *result, size_t len, unsigned char *p = result; l2n(Time, p); - ret = RAND_bytes(p, len - 4); + ret = RAND_bytes_ex(s->ctx->libctx, p, len - 4); } else { - ret = RAND_bytes(result, len); + ret = RAND_bytes_ex(s->ctx->libctx, result, len); } if (ret > 0) { @@ -4625,7 +4647,7 @@ int ssl_generate_master_secret(SSL *s, unsigned char *pms, size_t pmslen, OPENSSL_clear_free(s->s3.tmp.psk, psklen); s->s3.tmp.psk = NULL; if (!s->method->ssl3_enc->generate_master_secret(s, - s->session->master_key,pskpms, pskpmslen, + s->session->master_key, pskpms, pskpmslen, &s->session->master_key_length)) { OPENSSL_clear_free(pskpms, pskpmslen); /* SSLfatal() already called */ @@ -4659,14 +4681,14 @@ int ssl_generate_master_secret(SSL *s, unsigned char *pms, size_t pmslen, } /* Generate a private key from parameters */ -EVP_PKEY *ssl_generate_pkey(EVP_PKEY *pm) +EVP_PKEY *ssl_generate_pkey(SSL *s, EVP_PKEY *pm) { EVP_PKEY_CTX *pctx = NULL; EVP_PKEY *pkey = NULL; if (pm == NULL) return NULL; - pctx = EVP_PKEY_CTX_new(pm, NULL); + pctx = EVP_PKEY_CTX_new_from_pkey(s->ctx->libctx, pm, s->ctx->propq); if (pctx == NULL) goto err; if (EVP_PKEY_keygen_init(pctx) <= 0) @@ -4699,21 +4721,40 @@ EVP_PKEY *ssl_generate_pkey_group(SSL *s, uint16_t id) goto err; } gtype = ginf->flags & TLS_GROUP_TYPE; + /* + * TODO(3.0): Convert these EVP_PKEY_CTX_new_id calls to ones that take + * s->ctx->libctx and s->ctx->propq when keygen has been updated to be + * provider aware. + */ # ifndef OPENSSL_NO_DH if (gtype == TLS_GROUP_FFDHE) +# if 0 + pctx = EVP_PKEY_CTX_new_from_name(s->ctx->libctx, "DH", s->ctx->propq); +# else pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_DH, NULL); +# endif # ifndef OPENSSL_NO_EC else -# endif -# endif +# endif /* OPENSSL_NO_EC */ +# endif /* OPENSSL_NO_DH */ # ifndef OPENSSL_NO_EC { + /* + * TODO(3.0): When provider based EC key gen is present we can enable + * this code. + */ if (gtype == TLS_GROUP_CURVE_CUSTOM) pctx = EVP_PKEY_CTX_new_id(ginf->nid, NULL); else +# if 0 + pctx = EVP_PKEY_CTX_new_from_name(s->ctx->libctx, "EC", + s->ctx->propq); +# else pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL); +# endif + } -# endif +# endif /* OPENSSL_NO_EC */ if (pctx == NULL) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GENERATE_PKEY_GROUP, ERR_R_MALLOC_FAILURE); @@ -4730,7 +4771,7 @@ EVP_PKEY *ssl_generate_pkey_group(SSL *s, uint16_t id) || (dh = DH_new_by_nid(ginf->nid)) == NULL || !EVP_PKEY_assign(pkey, EVP_PKEY_DH, dh)) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GENERATE_PKEY_GROUP, - ERR_R_EVP_LIB); + ERR_R_EVP_LIB); DH_free(dh); EVP_PKEY_free(pkey); pkey = NULL; @@ -4738,7 +4779,7 @@ EVP_PKEY *ssl_generate_pkey_group(SSL *s, uint16_t id) } if (EVP_PKEY_CTX_set_dh_nid(pctx, ginf->nid) <= 0) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GENERATE_PKEY_GROUP, - ERR_R_EVP_LIB); + ERR_R_EVP_LIB); EVP_PKEY_free(pkey); pkey = NULL; goto err; @@ -4774,12 +4815,16 @@ EVP_PKEY *ssl_generate_pkey_group(SSL *s, uint16_t id) /* * Generate parameters from a group ID */ -EVP_PKEY *ssl_generate_param_group(uint16_t id) +EVP_PKEY *ssl_generate_param_group(SSL *s, uint16_t id) { EVP_PKEY_CTX *pctx = NULL; EVP_PKEY *pkey = NULL; const TLS_GROUP_INFO *ginf = tls1_group_id_lookup(id); +#if 0 + const char *pkey_ctx_name; +#else int pkey_ctx_id; +#endif if (ginf == NULL) goto err; @@ -4792,9 +4837,21 @@ EVP_PKEY *ssl_generate_param_group(uint16_t id) return NULL; } + /* + * TODO(3.0): Convert this EVP_PKEY_CTX_new_id call to one that takes + * s->ctx->libctx and s->ctx->propq when paramgen has been updated to be + * provider aware. + */ +#if 0 + pkey_ctx_name = (ginf->flags & TLS_GROUP_FFDHE) != 0 ? "DH" : "EC"; + pctx = EVP_PKEY_CTX_new_from_name(s->ctx->libctx, pkey_ctx_name, + s->ctx->propq); +#else pkey_ctx_id = (ginf->flags & TLS_GROUP_FFDHE) ? EVP_PKEY_DH : EVP_PKEY_EC; pctx = EVP_PKEY_CTX_new_id(pkey_ctx_id, NULL); +#endif + if (pctx == NULL) goto err; if (EVP_PKEY_paramgen_init(pctx) <= 0) @@ -4838,7 +4895,7 @@ int ssl_derive(SSL *s, EVP_PKEY *privkey, EVP_PKEY *pubkey, int gensecret) return 0; } - pctx = EVP_PKEY_CTX_new(privkey, NULL); + pctx = EVP_PKEY_CTX_new_from_pkey(s->ctx->libctx, privkey, s->ctx->propq); if (EVP_PKEY_derive_init(pctx) <= 0 || EVP_PKEY_derive_set_peer(pctx, pubkey) <= 0