summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJoel Sing <jsing@cvs.openbsd.org>2021-03-24 18:40:04 +0000
committerJoel Sing <jsing@cvs.openbsd.org>2021-03-24 18:40:04 +0000
commitb0ed34bb3747533bf0286779b2dbe48eaf1a77c1 (patch)
treed67fff43b222ed306e1b357a9e75b6597483e938
parent8f7bfecca9a387c255b40cd99da398c6156428db (diff)
Add SSL_HANDSHAKE_TLS12 for TLSv1.2 specific handshake data.
Move TLSv1.2 specific components over from SSL_HANDSHAKE. ok inoguchi@ tb@
-rw-r--r--lib/libssl/ssl_clnt.c14
-rw-r--r--lib/libssl/ssl_locl.h33
-rw-r--r--lib/libssl/ssl_pkt.c4
-rw-r--r--lib/libssl/ssl_srvr.c18
-rw-r--r--lib/libssl/t1_enc.c19
5 files changed, 48 insertions, 40 deletions
diff --git a/lib/libssl/ssl_clnt.c b/lib/libssl/ssl_clnt.c
index 06941530c6e..0f602bef7e4 100644
--- a/lib/libssl/ssl_clnt.c
+++ b/lib/libssl/ssl_clnt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_clnt.c,v 1.86 2021/03/11 17:14:46 jsing Exp $ */
+/* $OpenBSD: ssl_clnt.c,v 1.87 2021/03/24 18:40:03 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -278,7 +278,7 @@ ssl3_connect(SSL *s)
if (SSL_is_dtls(s) && D1I(s)->send_cookie) {
S3I(s)->hs.state = SSL3_ST_CW_FLUSH;
- S3I(s)->hs.next_state = SSL3_ST_CR_SRVR_HELLO_A;
+ S3I(s)->hs.tls12.next_state = SSL3_ST_CR_SRVR_HELLO_A;
} else
S3I(s)->hs.state = SSL3_ST_CR_SRVR_HELLO_A;
@@ -509,14 +509,14 @@ ssl3_connect(SSL *s)
/* clear flags */
if (s->internal->hit) {
- S3I(s)->hs.next_state = SSL_ST_OK;
+ S3I(s)->hs.tls12.next_state = SSL_ST_OK;
} else {
/* Allow NewSessionTicket if ticket expected */
if (s->internal->tlsext_ticket_expected)
- S3I(s)->hs.next_state =
+ S3I(s)->hs.tls12.next_state =
SSL3_ST_CR_SESSION_TICKET_A;
else
- S3I(s)->hs.next_state =
+ S3I(s)->hs.tls12.next_state =
SSL3_ST_CR_FINISHED_A;
}
s->internal->init_num = 0;
@@ -567,14 +567,14 @@ ssl3_connect(SSL *s)
/* If the write error was fatal, stop trying */
if (!BIO_should_retry(s->wbio)) {
s->internal->rwstate = SSL_NOTHING;
- S3I(s)->hs.state = S3I(s)->hs.next_state;
+ S3I(s)->hs.state = S3I(s)->hs.tls12.next_state;
}
}
ret = -1;
goto end;
}
s->internal->rwstate = SSL_NOTHING;
- S3I(s)->hs.state = S3I(s)->hs.next_state;
+ S3I(s)->hs.state = S3I(s)->hs.tls12.next_state;
break;
case SSL_ST_OK:
diff --git a/lib/libssl/ssl_locl.h b/lib/libssl/ssl_locl.h
index 33eb3bba7df..5f953b8e64e 100644
--- a/lib/libssl/ssl_locl.h
+++ b/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_locl.h,v 1.328 2021/03/21 18:36:34 jsing Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.329 2021/03/24 18:40:03 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -416,6 +416,15 @@ typedef struct cert_pkey_st {
STACK_OF(X509) *chain;
} CERT_PKEY;
+typedef struct ssl_handshake_tls12_st {
+ /* Used when SSL_ST_FLUSH_DATA is entered. */
+ int next_state;
+
+ /* Record-layer key block for TLS 1.2 and earlier. */
+ unsigned char *key_block;
+ size_t key_block_len;
+} SSL_HANDSHAKE_TLS12;
+
typedef struct ssl_handshake_tls13_st {
int use_legacy;
int hrr;
@@ -466,27 +475,25 @@ typedef struct ssl_handshake_st {
*/
uint16_t negotiated_tls_version;
- SSL_HANDSHAKE_TLS13 tls13;
-
- /* state contains one of the SSL3_ST_* values. */
+ /*
+ * Current handshake state - contains one of the SSL3_ST_* values and
+ * is used by the TLSv1.2 state machine, as well as being updated by
+ * the TLSv1.3 stack due to it being exposed externally.
+ */
int state;
- /* used when SSL_ST_FLUSH_DATA is entered */
- int next_state;
-
- /* new_cipher is the cipher being negotiated in this handshake. */
+ /* Cipher being negotiated in this handshake. */
const SSL_CIPHER *new_cipher;
- /* key_block is the record-layer key block for TLS 1.2 and earlier. */
- size_t key_block_len;
- unsigned char *key_block;
-
/* Extensions seen in this handshake. */
uint32_t extensions_seen;
/* sigalgs offered in this handshake in wire form */
- size_t sigalgs_len;
uint8_t *sigalgs;
+ size_t sigalgs_len;
+
+ SSL_HANDSHAKE_TLS12 tls12;
+ SSL_HANDSHAKE_TLS13 tls13;
} SSL_HANDSHAKE;
struct tls12_record_layer;
diff --git a/lib/libssl/ssl_pkt.c b/lib/libssl/ssl_pkt.c
index 5b1af504fb5..37bee9e69f0 100644
--- a/lib/libssl/ssl_pkt.c
+++ b/lib/libssl/ssl_pkt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_pkt.c,v 1.37 2021/03/10 18:27:02 jsing Exp $ */
+/* $OpenBSD: ssl_pkt.c,v 1.38 2021/03/24 18:40:03 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -1163,7 +1163,7 @@ ssl3_do_change_cipher_spec(SSL *s)
else
i = SSL3_CHANGE_CIPHER_CLIENT_READ;
- if (S3I(s)->hs.key_block == NULL) {
+ if (S3I(s)->hs.tls12.key_block == NULL) {
if (s->session == NULL || s->session->master_key_length == 0) {
/* might happen if dtls1_read_bytes() calls this */
SSLerror(s, SSL_R_CCS_RECEIVED_EARLY);
diff --git a/lib/libssl/ssl_srvr.c b/lib/libssl/ssl_srvr.c
index 19fedde87ab..3dc87a00c80 100644
--- a/lib/libssl/ssl_srvr.c
+++ b/lib/libssl/ssl_srvr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_srvr.c,v 1.97 2021/03/11 17:14:47 jsing Exp $ */
+/* $OpenBSD: ssl_srvr.c,v 1.98 2021/03/24 18:40:03 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -290,9 +290,9 @@ ssl3_accept(SSL *s)
if (ret <= 0)
goto end;
if (SSL_is_dtls(s))
- S3I(s)->hs.next_state = SSL3_ST_SR_CLNT_HELLO_A;
+ S3I(s)->hs.tls12.next_state = SSL3_ST_SR_CLNT_HELLO_A;
else
- S3I(s)->hs.next_state = SSL3_ST_SW_HELLO_REQ_C;
+ S3I(s)->hs.tls12.next_state = SSL3_ST_SW_HELLO_REQ_C;
S3I(s)->hs.state = SSL3_ST_SW_FLUSH;
s->internal->init_num = 0;
@@ -365,7 +365,7 @@ ssl3_accept(SSL *s)
if (ret <= 0)
goto end;
S3I(s)->hs.state = SSL3_ST_SW_FLUSH;
- S3I(s)->hs.next_state = SSL3_ST_SR_CLNT_HELLO_A;
+ S3I(s)->hs.tls12.next_state = SSL3_ST_SR_CLNT_HELLO_A;
/* HelloVerifyRequest resets Finished MAC. */
tls1_transcript_reset(s);
@@ -488,7 +488,7 @@ ssl3_accept(SSL *s)
ret = ssl3_send_server_done(s);
if (ret <= 0)
goto end;
- S3I(s)->hs.next_state = SSL3_ST_SR_CERT_A;
+ S3I(s)->hs.tls12.next_state = SSL3_ST_SR_CERT_A;
S3I(s)->hs.state = SSL3_ST_SW_FLUSH;
s->internal->init_num = 0;
break;
@@ -510,14 +510,14 @@ ssl3_accept(SSL *s)
/* If the write error was fatal, stop trying. */
if (!BIO_should_retry(s->wbio)) {
s->internal->rwstate = SSL_NOTHING;
- S3I(s)->hs.state = S3I(s)->hs.next_state;
+ S3I(s)->hs.state = S3I(s)->hs.tls12.next_state;
}
}
ret = -1;
goto end;
}
s->internal->rwstate = SSL_NOTHING;
- S3I(s)->hs.state = S3I(s)->hs.next_state;
+ S3I(s)->hs.state = S3I(s)->hs.tls12.next_state;
break;
case SSL3_ST_SR_CERT_A:
@@ -674,10 +674,10 @@ ssl3_accept(SSL *s)
goto end;
S3I(s)->hs.state = SSL3_ST_SW_FLUSH;
if (s->internal->hit) {
- S3I(s)->hs.next_state = SSL3_ST_SR_FINISHED_A;
+ S3I(s)->hs.tls12.next_state = SSL3_ST_SR_FINISHED_A;
tls1_transcript_free(s);
} else
- S3I(s)->hs.next_state = SSL_ST_OK;
+ S3I(s)->hs.tls12.next_state = SSL_ST_OK;
s->internal->init_num = 0;
break;
diff --git a/lib/libssl/t1_enc.c b/lib/libssl/t1_enc.c
index 05a5b1d9534..5d889fa6654 100644
--- a/lib/libssl/t1_enc.c
+++ b/lib/libssl/t1_enc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: t1_enc.c,v 1.133 2021/02/27 14:20:50 jsing Exp $ */
+/* $OpenBSD: t1_enc.c,v 1.134 2021/03/24 18:40:03 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -152,9 +152,9 @@ int tls1_PRF(SSL *s, const unsigned char *secret, size_t secret_len,
void
tls1_cleanup_key_block(SSL *s)
{
- freezero(S3I(s)->hs.key_block, S3I(s)->hs.key_block_len);
- S3I(s)->hs.key_block = NULL;
- S3I(s)->hs.key_block_len = 0;
+ freezero(S3I(s)->hs.tls12.key_block, S3I(s)->hs.tls12.key_block_len);
+ S3I(s)->hs.tls12.key_block = NULL;
+ S3I(s)->hs.tls12.key_block_len = 0;
}
void
@@ -351,7 +351,7 @@ tls1_change_cipher_state(SSL *s, int which)
mac_secret_size = S3I(s)->tmp.new_mac_secret_size;
- key_block = S3I(s)->hs.key_block;
+ key_block = S3I(s)->hs.tls12.key_block;
client_write_mac_secret = key_block;
key_block += mac_secret_size;
server_write_mac_secret = key_block;
@@ -375,7 +375,8 @@ tls1_change_cipher_state(SSL *s, int which)
iv = server_write_iv;
}
- if (key_block - S3I(s)->hs.key_block != S3I(s)->hs.key_block_len) {
+ if (key_block - S3I(s)->hs.tls12.key_block !=
+ S3I(s)->hs.tls12.key_block_len) {
SSLerror(s, ERR_R_INTERNAL_ERROR);
goto err;
}
@@ -410,7 +411,7 @@ tls1_setup_key_block(SSL *s)
const EVP_MD *mac_hash = NULL;
int ret = 0;
- if (S3I(s)->hs.key_block_len != 0)
+ if (S3I(s)->hs.tls12.key_block_len != 0)
return (1);
if (s->session->cipher &&
@@ -451,8 +452,8 @@ tls1_setup_key_block(SSL *s)
}
key_block_len = (mac_secret_size + key_len + iv_len) * 2;
- S3I(s)->hs.key_block_len = key_block_len;
- S3I(s)->hs.key_block = key_block;
+ S3I(s)->hs.tls12.key_block_len = key_block_len;
+ S3I(s)->hs.tls12.key_block = key_block;
if (!tls1_generate_key_block(s, key_block, key_block_len))
goto err;