X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=ssl%2Fssl_locl.h;h=20a138b1ab3cf7d3ce014d69a5cf5040f4d3388f;hp=69bf8b177c2702a58041d80a31f574a5fc8c1bde;hb=4a419f60188405d6ecc450526b6aa926638d1db2;hpb=17ae384e4995f107f6743ffd61ccb28aed839e1b diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h index 69bf8b177c..20a138b1ab 100644 --- a/ssl/ssl_locl.h +++ b/ssl/ssl_locl.h @@ -229,6 +229,9 @@ # define SSL_PSK (SSL_kPSK | SSL_kRSAPSK | SSL_kECDHEPSK | SSL_kDHEPSK) +/* Any appropriate key exchange algorithm (for TLS 1.3 ciphersuites) */ +# define SSL_kANY 0x00000000U + /* Bits for algorithm_auth (server authentication) */ /* RSA auth */ # define SSL_aRSA 0x00000001U @@ -246,6 +249,8 @@ # define SSL_aSRP 0x00000040U /* GOST R 34.10-2012 signature auth */ # define SSL_aGOST12 0x00000080U +/* Any appropriate signature auth (for TLS 1.3 ciphersuites) */ +# define SSL_aANY 0x00000000U /* Bits for algorithm_enc (symmetric encryption) */ # define SSL_DES 0x00000001U @@ -393,14 +398,13 @@ # define SSL_USE_ETM(s) (s->s3->flags & TLS1_FLAGS_ENCRYPT_THEN_MAC) /* Mostly for SSLv3 */ -# define SSL_PKEY_RSA_ENC 0 -# define SSL_PKEY_RSA_SIGN 1 -# define SSL_PKEY_DSA_SIGN 2 -# define SSL_PKEY_ECC 3 -# define SSL_PKEY_GOST01 4 -# define SSL_PKEY_GOST12_256 5 -# define SSL_PKEY_GOST12_512 6 -# define SSL_PKEY_NUM 7 +# define SSL_PKEY_RSA 0 +# define SSL_PKEY_DSA_SIGN 1 +# define SSL_PKEY_ECC 2 +# define SSL_PKEY_GOST01 3 +# define SSL_PKEY_GOST12_256 4 +# define SSL_PKEY_GOST12_512 5 +# define SSL_PKEY_NUM 6 /* * Pseudo-constant. GOST cipher suites can use different certs for 1 * SSL_CIPHER. So let's see which one we have in fact. @@ -408,10 +412,10 @@ # define SSL_PKEY_GOST_EC SSL_PKEY_NUM+1 /* - * TODO(TLS1.3) for now use RSA_SIGN keys for PSS + * TODO(TLS1.3) for now use SSL_PKEY_RSA keys for PSS */ -#define SSL_PKEY_RSA_PSS_SIGN SSL_PKEY_RSA_SIGN +#define SSL_PKEY_RSA_PSS_SIGN SSL_PKEY_RSA /*- * SSL_kRSA <- RSA_ENC @@ -1001,6 +1005,9 @@ struct ssl_st { unsigned char cert_verify_hash[EVP_MAX_MD_SIZE]; size_t cert_verify_hash_len; + /* Flag to indicate whether we should send a HelloRetryRequest or not */ + int hello_retry_request; + /* * the session_id_context is used to ensure sessions are only reused in * the appropriate context @@ -1150,10 +1157,7 @@ struct ssl_st { /* Have we attempted to find/parse SCTs yet? */ int scts_parsed; # endif - SSL_CTX *initial_ctx; /* initial ctx, used to store sessions */ -# ifndef OPENSSL_NO_NEXTPROTONEG -# endif -# define session_ctx initial_ctx + SSL_CTX *session_ctx; /* initial ctx, used to store sessions */ /* What we'll do */ STACK_OF(SRTP_PROTECTION_PROFILE) *srtp_profiles; /* What's been chosen */ @@ -1290,6 +1294,10 @@ typedef struct ssl3_state_st { unsigned char *psk; size_t psklen; # endif + /* Signature algorithm we actually use */ + const SIGALG_LOOKUP *sigalg; + /* Index of certificate we use */ + int cert_idx; /* * signature algorithms peer reports: e.g. supported signature * algorithms extension for server or as part of a certificate @@ -1300,8 +1308,6 @@ typedef struct ssl3_state_st { size_t peer_sigalgslen; /* Sigalg peer actualy uses */ const SIGALG_LOOKUP *peer_sigalg; - /* Digest peer uses for signing */ - const EVP_MD *peer_md; /* Array of digests used for signing */ const EVP_MD *md[SSL_PKEY_NUM]; /* @@ -1944,6 +1950,15 @@ struct openssl_ssl_test_functions { const char *ssl_protocol_to_string(int version); +/* Returns true if certificate and private key for 'idx' are present */ +static ossl_inline int ssl_has_cert(const SSL *s, int idx) +{ + if (idx < 0 || idx >= SSL_PKEY_NUM) + return 0; + return s->cert->pkeys[idx].x509 != NULL + && s->cert->pkeys[idx].privatekey != NULL; +} + # ifndef OPENSSL_UNIT_TEST void ssl_clear_cipher_ctx(SSL *s); @@ -2188,6 +2203,9 @@ SSL_COMP *ssl3_comp_find(STACK_OF(SSL_COMP) *sk, int n); # define TLS_CURVE_PRIME 0x0 # define TLS_CURVE_CHAR2 0x1 # define TLS_CURVE_CUSTOM 0x2 + +#define bytestogroup(bytes) ((unsigned int)(bytes[0] << 8 | bytes[1])) + __owur int tls1_ec_curve_id2nid(int curve_id, unsigned int *pflags); __owur int tls1_ec_nid2curve_id(int nid); __owur int tls1_check_curve(SSL *s, const unsigned char *p, size_t len); @@ -2241,7 +2259,6 @@ __owur int tls_use_ticket(SSL *s); __owur int tls12_get_sigandhash(SSL *s, WPACKET *pkt, const EVP_PKEY *pk, const EVP_MD *md, int *ispss); -__owur const EVP_MD *tls12_get_hash(int hash_nid); void ssl_set_sig_mask(uint32_t *pmask_a, SSL *s, int op); __owur int tls1_set_sigalgs_list(CERT *c, const char *str, int client); @@ -2263,6 +2280,8 @@ __owur int ssl_security_cert(SSL *s, SSL_CTX *ctx, X509 *x, int vfy, int is_ee); __owur int ssl_security_cert_chain(SSL *s, STACK_OF(X509) *sk, X509 *ex, int vfy); +int tls_choose_sigalg(SSL *s, int *al); + __owur EVP_MD_CTX *ssl_replace_hash(EVP_MD_CTX **hash, const EVP_MD *md); void ssl_clear_hash_ctx(EVP_MD_CTX **hash); __owur long ssl_get_algorithm2(SSL *s); @@ -2293,13 +2312,19 @@ __owur int ssl_log_rsa_client_key_exchange(SSL *ssl, const uint8_t *premaster, size_t premaster_len); -/* ssl_log_master_secret logs |master| to the SSL_CTX associated with |ssl|, if - * logging is enabled. It returns one on success and zero on failure. The entry - * is identified by |client_random|. +/* + * ssl_log_secret logs |secret| to the SSL_CTX associated with |ssl|, if + * logging is available. It returns one on success and zero on failure. It tags + * the entry with |label|. */ -__owur int ssl_log_master_secret(SSL *ssl, const uint8_t *client_random, - size_t client_random_len, - const uint8_t *master, size_t master_len); +__owur int ssl_log_secret(SSL *ssl, const char *label, + const uint8_t *secret, size_t secret_len); + +#define MASTER_SECRET_LABEL "CLIENT_RANDOM" +#define CLIENT_HANDSHAKE_LABEL "CLIENT_HANDSHAKE_TRAFFIC_SECRET" +#define SERVER_HANDSHAKE_LABEL "SERVER_HANDSHAKE_TRAFFIC_SECRET" +#define CLIENT_APPLICATION_LABEL "CLIENT_TRAFFIC_SECRET_0" +#define SERVER_APPLICATION_LABEL "SERVER_TRAFFIC_SECRET_0" /* s3_cbc.c */ __owur char ssl3_cbc_record_digest_supported(const EVP_MD_CTX *ctx);