src - OpenBSD base system

diff options


context:
space:
mode:

author	Joel Sing <jsing@cvs.openbsd.org>	2014-07-09 11:25:43 +0000
committer	Joel Sing <jsing@cvs.openbsd.org>	2014-07-09 11:25:43 +0000
commit	3503084018e8ae9eba3bfb500407a41cce77aa00 (patch)
tree	74ec52495263587a173f389dd359bb6389c7fdb2 /lib/libssl
parent	5be390edcd0b8b24ec08fce5489441143b95a508 (diff)

tedu the SSL export cipher handling - since we do not have enabled export

ciphers we no longer need the flags or code to support it. ok beck@ miod@

Diffstat (limited to 'lib/libssl')

-rw-r--r--

lib/libssl/src/ssl/d1_srvr.c

-rw-r--r--

lib/libssl/src/ssl/s3_clnt.c

-rw-r--r--

lib/libssl/src/ssl/s3_enc.c

-rw-r--r--

lib/libssl/src/ssl/s3_lib.c

-rw-r--r--

lib/libssl/src/ssl/s3_srvr.c

-rw-r--r--

lib/libssl/src/ssl/ssl.h

-rw-r--r--

lib/libssl/src/ssl/ssl_cert.c

-rw-r--r--

lib/libssl/src/ssl/ssl_ciph.c

-rw-r--r--

lib/libssl/src/ssl/ssl_lib.c

-rw-r--r--

lib/libssl/src/ssl/ssl_locl.h

-rw-r--r--

lib/libssl/src/ssl/t1_enc.c

11 files changed, 48 insertions, 385 deletions

diff --git a/lib/libssl/src/ssl/d1_srvr.c b/lib/libssl/src/ssl/d1_srvr.c
index d4d564a6883..c01dc77254e 100644
--- a/lib/libssl/src/ssl/d1_srvr.c
+++ b/lib/libssl/src/ssl/d1_srvr.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: d1_srvr.c,v 1.27 2014/06/30 14:13:27 tedu Exp $ */

+/* $OpenBSD: d1_srvr.c,v 1.28 2014/07/09 11:25:42 jsing Exp $ */

* DTLS implementation written by Nagendra Modadugu

* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.

@@ -473,9 +473,6 @@ dtls1_accept(SSL *s)

|| (alg_k & SSL_kEECDH)

|| ((alg_k & SSL_kRSA)

&& (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL

- || (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher)

- && EVP_PKEY_size(s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey)*8 > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)

- )

)

) {

@@ -1047,9 +1044,7 @@ dtls1_send_server_key_exchange(SSL *s)

if (type & SSL_kRSA) {

rsa = cert->rsa_tmp;

if ((rsa == NULL) && (s->cert->rsa_tmp_cb != NULL)) {

- rsa = s->cert->rsa_tmp_cb(s,

- SSL_C_IS_EXPORT(s->s3->tmp.new_cipher),

- SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher));

+ rsa = s->cert->rsa_tmp_cb(s, 0, 0);

if (rsa == NULL) {

al = SSL_AD_HANDSHAKE_FAILURE;

SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, SSL_R_ERROR_GENERATING_TMP_RSA_KEY);

@@ -1070,9 +1065,7 @@ dtls1_send_server_key_exchange(SSL *s)

if (type & SSL_kEDH) {

dhp = cert->dh_tmp;

if ((dhp == NULL) && (s->cert->dh_tmp_cb != NULL))

- dhp = s->cert->dh_tmp_cb(s,

- SSL_C_IS_EXPORT(s->s3->tmp.new_cipher),

- SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher));

+ dhp = s->cert->dh_tmp_cb(s, 0, 0);

if (dhp == NULL) {

al = SSL_AD_HANDSHAKE_FAILURE;

SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, SSL_R_MISSING_TMP_DH_KEY);

@@ -1115,11 +1108,8 @@ dtls1_send_server_key_exchange(SSL *s)

const EC_GROUP *group;

ecdhp = cert->ecdh_tmp;

- if ((ecdhp == NULL) && (s->cert->ecdh_tmp_cb != NULL)) {

- ecdhp = s->cert->ecdh_tmp_cb(s,

- SSL_C_IS_EXPORT(s->s3->tmp.new_cipher),

- SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher));

- }

+ if (ecdhp == NULL && s->cert->ecdh_tmp_cb != NULL)

+ ecdhp = s->cert->ecdh_tmp_cb(s, 0, 0);

if (ecdhp == NULL) {

al = SSL_AD_HANDSHAKE_FAILURE;

SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, SSL_R_MISSING_TMP_ECDH_KEY);

@@ -1160,12 +1150,6 @@ dtls1_send_server_key_exchange(SSL *s)

goto err;

}

- if (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) &&

- (EC_GROUP_get_degree(group) > 163)) {

- SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER);

- goto err;

- }

/* XXX: For now, we only support ephemeral ECDH

* keys over named (not generic) curves. For

* supported named curves, curve_id is non-zero.

diff --git a/lib/libssl/src/ssl/s3_clnt.c b/lib/libssl/src/ssl/s3_clnt.c
index 03500190785..61de494244e 100644
--- a/lib/libssl/src/ssl/s3_clnt.c
+++ b/lib/libssl/src/ssl/s3_clnt.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: s3_clnt.c,v 1.72 2014/06/21 20:27:25 tedu Exp $ */

+/* $OpenBSD: s3_clnt.c,v 1.73 2014/07/09 11:25:42 jsing Exp $ */

@@ -1490,14 +1490,6 @@ ssl3_get_key_exchange(SSL *s)

group = EC_KEY_get0_group(ecdh);

- if (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) &&

- (EC_GROUP_get_degree(group) > 163)) {

- al = SSL_AD_EXPORT_RESTRICTION;

- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,

- SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER);

- goto f_err;

- }

p += 3;

/* Next, get the encoded ECPoint */

@@ -2824,28 +2816,6 @@ ssl3_check_cert_and_algorithm(SSL *s)

goto f_err;

}

- if (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) &&

- !has_bits(i, EVP_PKT_EXP)) {

- if (alg_k & SSL_kRSA) {

- if (rsa == NULL || RSA_size(rsa) * 8 >

- SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)) {

- SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,

- SSL_R_MISSING_EXPORT_TMP_RSA_KEY);

- goto f_err;

- }

- } else if (alg_k & (SSL_kEDH|SSL_kDHr|SSL_kDHd)) {

- if (dh == NULL || DH_size(dh) * 8 >

- SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)) {

- SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,

- SSL_R_MISSING_EXPORT_TMP_DH_KEY);

- goto f_err;

- }

- } else {

- SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,

- SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE);

- goto f_err;

- }

return (1);

f_err:

ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);

diff --git a/lib/libssl/src/ssl/s3_enc.c b/lib/libssl/src/ssl/s3_enc.c
index dfb4c283f1e..5111e0e4fa7 100644
--- a/lib/libssl/src/ssl/s3_enc.c
+++ b/lib/libssl/src/ssl/s3_enc.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: s3_enc.c,v 1.50 2014/06/18 04:50:44 miod Exp $ */

+/* $OpenBSD: s3_enc.c,v 1.51 2014/07/09 11:25:42 jsing Exp $ */

@@ -218,21 +218,17 @@ ssl3_change_cipher_state(SSL *s, int which)

const unsigned char *client_write_key, *server_write_key;

const unsigned char *client_write_iv, *server_write_iv;

const unsigned char *mac_secret, *key, *iv;

- unsigned char *key_block, *er1, *er2;

- unsigned char export_key[EVP_MAX_KEY_LENGTH];

- unsigned char export_iv[EVP_MAX_IV_LENGTH];

- int is_export, mac_len, key_len, iv_len;

+ unsigned char *key_block;

+ int mac_len, key_len, iv_len;

char is_read, use_client_keys;

EVP_CIPHER_CTX *cipher_ctx;

const EVP_CIPHER *cipher;

- EVP_MD_CTX mac_ctx;

const EVP_MD *mac;

#ifndef OPENSSL_NO_COMP

const SSL_COMP *comp;

#endif

- is_export = SSL_C_IS_EXPORT(s->s3->tmp.new_cipher);

cipher = s->s3->tmp.new_sym_enc;

mac = s->s3->tmp.new_hash;

@@ -320,10 +316,6 @@ ssl3_change_cipher_state(SSL *s, int which)

if (mac_len < 0)

goto err2;

- if (is_export &&

- key_len > SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher))

- key_len = SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher);

key_block = s->s3->tmp.key_block;

client_write_mac_secret = key_block;

key_block += mac_len;

@@ -342,14 +334,10 @@ ssl3_change_cipher_state(SSL *s, int which)

mac_secret = client_write_mac_secret;

key = client_write_key;

iv = client_write_iv;

- er1 = s->s3->client_random;

- er2 = s->s3->server_random;

} else {

mac_secret = server_write_mac_secret;

key = server_write_key;

iv = server_write_iv;

- er1 = s->s3->server_random;

- er2 = s->s3->client_random;

}

if (key_block - s->s3->tmp.key_block != s->s3->tmp.key_block_length) {

@@ -359,36 +347,9 @@ ssl3_change_cipher_state(SSL *s, int which)

memcpy(is_read ? s->s3->read_mac_secret : s->s3->write_mac_secret,

mac_secret, mac_len);

- EVP_MD_CTX_init(&mac_ctx);

- if (is_export) {

- /* In here I set both the read and write key/iv to the

- * same value since only the correct one will be used :-).

- */

- EVP_DigestInit_ex(&mac_ctx, EVP_md5(), NULL);

- EVP_DigestUpdate(&mac_ctx, key, key_len);

- EVP_DigestUpdate(&mac_ctx, er1, SSL3_RANDOM_SIZE);

- EVP_DigestUpdate(&mac_ctx, er2, SSL3_RANDOM_SIZE);

- EVP_DigestFinal_ex(&mac_ctx, export_key, NULL);

- key = export_key;

- if (iv_len > 0) {

- EVP_DigestInit_ex(&mac_ctx, EVP_md5(), NULL);

- EVP_DigestUpdate(&mac_ctx, er1, SSL3_RANDOM_SIZE);

- EVP_DigestUpdate(&mac_ctx, er2, SSL3_RANDOM_SIZE);

- EVP_DigestFinal_ex(&mac_ctx, export_iv, NULL);

- iv = export_iv;

- }

EVP_CipherInit_ex(cipher_ctx, cipher, NULL, key, iv, !is_read);

- if (is_export) {

- OPENSSL_cleanse(export_key, sizeof(export_key));

- OPENSSL_cleanse(export_iv, sizeof(export_iv));

- }

- EVP_MD_CTX_cleanup(&mac_ctx);

return (1);

err:

SSLerr(SSL_F_SSL3_CHANGE_CIPHER_STATE, ERR_R_MALLOC_FAILURE);

@@ -432,10 +393,6 @@ ssl3_setup_key_block(SSL *s)

if (mac_len < 0)

return 0;

- if (SSL_C_IS_EXPORT(s->session->cipher) &&

- key_len > SSL_C_EXPORT_KEYLENGTH(s->session->cipher))

- key_len = SSL_C_EXPORT_KEYLENGTH(s->session->cipher);

key_block_len = (mac_len + key_len + iv_len) * 2;

ssl3_cleanup_key_block(s);

diff --git a/lib/libssl/src/ssl/s3_lib.c b/lib/libssl/src/ssl/s3_lib.c
index d07d7e7cbc5..5c4e530d34e 100644
--- a/lib/libssl/src/ssl/s3_lib.c
+++ b/lib/libssl/src/ssl/s3_lib.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: s3_lib.c,v 1.66 2014/07/09 11:10:51 bcook Exp $ */

+/* $OpenBSD: s3_lib.c,v 1.67 2014/07/09 11:25:42 jsing Exp $ */

@@ -210,7 +210,7 @@ SSL_CIPHER ssl3_ciphers[] = {

.algorithm_enc = SSL_RC4,

.algorithm_mac = SSL_MD5,

.algorithm_ssl = SSL_SSLV3,

- .algo_strength = SSL_EXPORT|SSL_EXP40,

+ .algo_strength = 0,

.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,

.strength_bits = 40,

.alg_bits = 128,

@@ -258,7 +258,7 @@ SSL_CIPHER ssl3_ciphers[] = {

.algorithm_enc = SSL_RC2,

.algorithm_mac = SSL_MD5,

.algorithm_ssl = SSL_SSLV3,

- .algo_strength = SSL_EXPORT|SSL_EXP40,

+ .algo_strength = 0,

.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,

.strength_bits = 40,

.alg_bits = 128,

@@ -292,7 +292,7 @@ SSL_CIPHER ssl3_ciphers[] = {

.algorithm_enc = SSL_DES,

.algorithm_mac = SSL_SHA1,

.algorithm_ssl = SSL_SSLV3,

- .algo_strength = SSL_EXPORT|SSL_EXP40,

+ .algo_strength = 0,

.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,

.strength_bits = 40,

.alg_bits = 56,

@@ -341,7 +341,7 @@ SSL_CIPHER ssl3_ciphers[] = {

.algorithm_enc = SSL_DES,

.algorithm_mac = SSL_SHA1,

.algorithm_ssl = SSL_SSLV3,

- .algo_strength = SSL_EXPORT|SSL_EXP40,

+ .algo_strength = 0,

.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,

.strength_bits = 40,

.alg_bits = 56,

@@ -389,7 +389,7 @@ SSL_CIPHER ssl3_ciphers[] = {

.algorithm_enc = SSL_DES,

.algorithm_mac = SSL_SHA1,

.algorithm_ssl = SSL_SSLV3,

- .algo_strength = SSL_EXPORT|SSL_EXP40,

+ .algo_strength = 0,

.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,

.strength_bits = 40,

.alg_bits = 56,

@@ -438,7 +438,7 @@ SSL_CIPHER ssl3_ciphers[] = {

.algorithm_enc = SSL_DES,

.algorithm_mac = SSL_SHA1,

.algorithm_ssl = SSL_SSLV3,

- .algo_strength = SSL_EXPORT|SSL_EXP40,

+ .algo_strength = 0,

.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,

.strength_bits = 40,

.alg_bits = 56,

@@ -486,7 +486,7 @@ SSL_CIPHER ssl3_ciphers[] = {

.algorithm_enc = SSL_DES,

.algorithm_mac = SSL_SHA1,

.algorithm_ssl = SSL_SSLV3,

- .algo_strength = SSL_EXPORT|SSL_EXP40,

+ .algo_strength = 0,

.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,

.strength_bits = 40,

.alg_bits = 56,

@@ -534,7 +534,7 @@ SSL_CIPHER ssl3_ciphers[] = {

.algorithm_enc = SSL_RC4,

.algorithm_mac = SSL_MD5,

.algorithm_ssl = SSL_SSLV3,

- .algo_strength = SSL_EXPORT|SSL_EXP40,

+ .algo_strength = 0,

.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,

.strength_bits = 40,

.alg_bits = 128,

@@ -566,7 +566,7 @@ SSL_CIPHER ssl3_ciphers[] = {

.algorithm_enc = SSL_DES,

.algorithm_mac = SSL_SHA1,

.algorithm_ssl = SSL_SSLV3,

- .algo_strength = SSL_EXPORT|SSL_EXP40,

+ .algo_strength = 0,

.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,

.strength_bits = 40,

.alg_bits = 128,

@@ -2999,7 +2999,7 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,

int ec_ok, ec_nid;

unsigned char ec_search1 = 0, ec_search2 = 0;

CERT *cert;

- unsigned long alg_k, alg_a, mask_k, mask_a, emask_k, emask_a;

+ unsigned long alg_k, alg_a, mask_k, mask_a;

/* Let's see which ciphers we can support */

cert = s->cert;

@@ -3030,8 +3030,6 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,

ssl_set_cert_masks(cert, c);

mask_k = cert->mask_k;

mask_a = cert->mask_a;

- emask_k = cert->export_mask_k;

- emask_a = cert->export_mask_a;

alg_k = c->algorithm_mkey;

alg_a = c->algorithm_auth;

@@ -3042,11 +3040,7 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,

continue;

#endif /* OPENSSL_NO_PSK */

- if (SSL_C_IS_EXPORT(c)) {

- ok = (alg_k & emask_k) && (alg_a & emask_a);

- } else {

- ok = (alg_k & mask_k) && (alg_a & mask_a);

- }

+ ok = (alg_k & mask_k) && (alg_a & mask_a);

if (

diff --git a/lib/libssl/src/ssl/s3_srvr.c b/lib/libssl/src/ssl/s3_srvr.c
index a3387040a93..f24d0f9cf85 100644
--- a/lib/libssl/src/ssl/s3_srvr.c
+++ b/lib/libssl/src/ssl/s3_srvr.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: s3_srvr.c,v 1.67 2014/06/30 14:13:27 tedu Exp $ */

+/* $OpenBSD: s3_srvr.c,v 1.68 2014/07/09 11:25:42 jsing Exp $ */

@@ -435,11 +435,7 @@ ssl3_accept(SSL *s)

|| ((alg_k & SSL_kRSA)

&& (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey ==

NULL

- || (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher)

- && EVP_PKEY_size(

- s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) * 8

- > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher

- ))))) {

+ ))) {

ret = ssl3_send_server_key_exchange(s);

if (ret <= 0)

goto end;

@@ -1296,8 +1292,6 @@ ssl3_get_client_hello(SSL *s)

c = sk_SSL_CIPHER_value(sk, i);

if (c->algorithm_enc & SSL_eNULL)

nc = c;

- if (SSL_C_IS_EXPORT(c))

- ec = c;

}

if (nc != NULL)

s->s3->tmp.new_cipher = nc;

@@ -1508,9 +1502,7 @@ ssl3_send_server_key_exchange(SSL *s)

if (type & SSL_kRSA) {

rsa = cert->rsa_tmp;

if ((rsa == NULL) && (s->cert->rsa_tmp_cb != NULL)) {

- rsa = s->cert->rsa_tmp_cb(s,

- SSL_C_IS_EXPORT(s->s3->tmp.new_cipher),

- SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher));

+ rsa = s->cert->rsa_tmp_cb(s, 0, 0);

if (rsa == NULL) {

al = SSL_AD_HANDSHAKE_FAILURE;

SSLerr(

@@ -1534,9 +1526,7 @@ ssl3_send_server_key_exchange(SSL *s)

if (type & SSL_kEDH) {

dhp = cert->dh_tmp;

if ((dhp == NULL) && (s->cert->dh_tmp_cb != NULL))

- dhp = s->cert->dh_tmp_cb(s,

- SSL_C_IS_EXPORT(s->s3->tmp.new_cipher),

- SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher));

+ dhp = s->cert->dh_tmp_cb(s, 0, 0);

if (dhp == NULL) {

al = SSL_AD_HANDSHAKE_FAILURE;

SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,

@@ -1584,12 +1574,8 @@ ssl3_send_server_key_exchange(SSL *s)

const EC_GROUP *group;

ecdhp = cert->ecdh_tmp;

- if ((ecdhp == NULL) && (s->cert->ecdh_tmp_cb != NULL)) {

- ecdhp = s->cert->ecdh_tmp_cb(

- s, SSL_C_IS_EXPORT(s->s3->tmp.new_cipher),

- SSL_C_EXPORT_PKEYLENGTH(

- s->s3->tmp.new_cipher));

- }

+ if (ecdhp == NULL && s->cert->ecdh_tmp_cb != NULL)

+ ecdhp = s->cert->ecdh_tmp_cb(s, 0, 0);

if (ecdhp == NULL) {

al = SSL_AD_HANDSHAKE_FAILURE;

SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,

@@ -1634,13 +1620,6 @@ ssl3_send_server_key_exchange(SSL *s)

goto err;

}

- if (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) &&

- (EC_GROUP_get_degree(group) > 163)) {

- SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,

- SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER);

- goto err;

- }

* XXX: For now, we only support ephemeral ECDH

* keys over named (not generic) curves. For

diff --git a/lib/libssl/src/ssl/ssl.h b/lib/libssl/src/ssl/ssl.h
index 3e09bd35219..b1eeb85c649 100644
--- a/lib/libssl/src/ssl/ssl.h
+++ b/lib/libssl/src/ssl/ssl.h

@@ -1,4 +1,4 @@

-/* $OpenBSD: ssl.h,v 1.56 2014/06/13 13:28:53 jsing Exp $ */

+/* $OpenBSD: ssl.h,v 1.57 2014/07/09 11:25:42 jsing Exp $ */

@@ -222,12 +222,9 @@ extern "C" {

/* These are used to specify which ciphers to use and not to use */

-#define SSL_TXT_EXP40 "EXPORT40"

-#define SSL_TXT_EXP56 "EXPORT56"

#define SSL_TXT_LOW "LOW"

#define SSL_TXT_MEDIUM "MEDIUM"

#define SSL_TXT_HIGH "HIGH"

-#define SSL_TXT_FIPS "FIPS"

#define SSL_TXT_kFZA "kFZA" /* unused! */

#define SSL_TXT_aFZA "aFZA" /* unused! */

diff --git a/lib/libssl/src/ssl/ssl_cert.c b/lib/libssl/src/ssl/ssl_cert.c
index 0864fe8d997..5b5ffac06f4 100644
--- a/lib/libssl/src/ssl/ssl_cert.c
+++ b/lib/libssl/src/ssl/ssl_cert.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: ssl_cert.c,v 1.39 2014/06/21 09:10:30 logan Exp $ */

+/* $OpenBSD: ssl_cert.c,v 1.40 2014/07/09 11:25:42 jsing Exp $ */

@@ -202,8 +202,6 @@ ssl_cert_dup(CERT *cert)

ret->valid = cert->valid;

ret->mask_k = cert->mask_k;

ret->mask_a = cert->mask_a;

- ret->export_mask_k = cert->export_mask_k;

- ret->export_mask_a = cert->export_mask_a;

if (cert->rsa_tmp != NULL) {

RSA_up_ref(cert->rsa_tmp);

diff --git a/lib/libssl/src/ssl/ssl_ciph.c b/lib/libssl/src/ssl/ssl_ciph.c
index 31964ebe145..8fc05bc7479 100644
--- a/lib/libssl/src/ssl/ssl_ciph.c
+++ b/lib/libssl/src/ssl/ssl_ciph.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: ssl_ciph.c,v 1.56 2014/07/08 21:50:40 jsing Exp $ */

+/* $OpenBSD: ssl_ciph.c,v 1.57 2014/07/09 11:25:42 jsing Exp $ */

@@ -526,26 +526,8 @@ static const SSL_CIPHER cipher_aliases[] = {

.algorithm_ssl = SSL_TLSV1_2,

- /* export flag */

- {

- .name = SSL_TXT_EXP,

- .algo_strength = SSL_EXPORT,

- },

- {

- .name = SSL_TXT_EXPORT,

- .algo_strength = SSL_EXPORT,

- },

/* strength classes */

{

- .name = SSL_TXT_EXP40,

- .algo_strength = SSL_EXP40,

- },

- {

- .name = SSL_TXT_EXP56,

- .algo_strength = SSL_EXP56,

- },

- {

.name = SSL_TXT_LOW,

.algo_strength = SSL_LOW,

@@ -1214,8 +1196,6 @@ ssl_cipher_apply_rule(unsigned long cipher_id, unsigned long alg_mkey,

continue;

if (alg_ssl && !(alg_ssl & cp->algorithm_ssl))

continue;

- if ((algo_strength & SSL_EXP_MASK) && !(algo_strength & SSL_EXP_MASK & cp->algo_strength))

- continue;

if ((algo_strength & SSL_STRONG_MASK) && !(algo_strength & SSL_STRONG_MASK & cp->algo_strength))

continue;

}

@@ -1469,21 +1449,6 @@ ssl_cipher_process_rulestr(const char *rule_str, CIPHER_ORDER **head_p,

alg_mac = ca_list[j]->algorithm_mac;

}

- if (ca_list[j]->algo_strength & SSL_EXP_MASK) {

- if (algo_strength & SSL_EXP_MASK) {

- algo_strength &=

- (ca_list[j]->algo_strength &

- SSL_EXP_MASK) | ~SSL_EXP_MASK;

- if (!(algo_strength & SSL_EXP_MASK)) {

- found = 0;

- break;

- }

- } else

- algo_strength |=

- ca_list[j]->algo_strength &

- SSL_EXP_MASK;

- }

if (ca_list[j]->algo_strength & SSL_STRONG_MASK) {

if (algo_strength & SSL_STRONG_MASK) {

algo_strength &=

@@ -1739,11 +1704,11 @@ ssl_create_cipher_list(const SSL_METHOD *ssl_method,

char *

SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)

{

- int is_export, pkl, kl, l;

- const char *ver, *exp_str;

+ int l;

+ const char *ver;

const char *kx, *au, *enc, *mac;

unsigned long alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl, alg2;

- static const char *format="%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s\n";

+ static const char *format="%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s\n";

alg_mkey = cipher->algorithm_mkey;

alg_auth = cipher->algorithm_auth;

@@ -1753,11 +1718,6 @@ SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)

alg2 = cipher->algorithm2;

- is_export = SSL_C_IS_EXPORT(cipher);

- pkl = SSL_C_EXPORT_PKEYLENGTH(cipher);

- kl = SSL_C_EXPORT_KEYLENGTH(cipher);

- exp_str = is_export?" export":"";

if (alg_ssl & SSL_SSLV2)

ver="SSLv2";

else if (alg_ssl & SSL_SSLV3)

@@ -1769,7 +1729,7 @@ SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)

switch (alg_mkey) {

case SSL_kRSA:

- kx = is_export?(pkl == 512 ? "RSA(512)" : "RSA(1024)"):"RSA";

+ kx = "RSA";

break;

case SSL_kDHr:

kx="DH/RSA";

@@ -1781,7 +1741,7 @@ SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)

kx="KRB5";

break;

case SSL_kEDH:

- kx = is_export?(pkl == 512 ? "DH(512)" : "DH(1024)"):"DH";

+ kx = "DH";

break;

case SSL_kECDHr:

kx="ECDH/RSA";

@@ -1834,17 +1794,16 @@ SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)

switch (alg_enc) {

case SSL_DES:

- enc = (is_export && kl == 5)?"DES(40)":"DES(56)";

+ enc = "DES(56)";

break;

case SSL_3DES:

enc="3DES(168)";

break;

case SSL_RC4:

- enc = is_export?(kl == 5 ? "RC4(40)" : "RC4(56)")

- :((alg2&SSL2_CF_8_BYTE_ENC)?"RC4(64)":"RC4(128)");

+ enc = alg2 & SSL2_CF_8_BYTE_ENC ? "RC4(64)" : "RC4(128)";

break;

case SSL_RC2:

- enc = is_export?(kl == 5 ? "RC2(40)" : "RC2(56)"):"RC2(128)";

+ enc = "RC2(128)";

break;

case SSL_IDEA:

enc="IDEA(128)";

@@ -1903,11 +1862,10 @@ SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)

}

if (buf == NULL)

- l = asprintf(&buf, format, cipher->name, ver, kx, au, enc,

- mac, exp_str);

+ l = asprintf(&buf, format, cipher->name, ver, kx, au, enc, mac);

else {

l = snprintf(buf, len, format, cipher->name, ver, kx, au, enc,

- mac, exp_str);

+ mac);

if (l >= len)

l = -1;

}

diff --git a/lib/libssl/src/ssl/ssl_lib.c b/lib/libssl/src/ssl/ssl_lib.c
index f867daab0ec..51772eb6181 100644
--- a/lib/libssl/src/ssl/ssl_lib.c
+++ b/lib/libssl/src/ssl/ssl_lib.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: ssl_lib.c,v 1.69 2014/06/19 21:29:51 tedu Exp $ */

+/* $OpenBSD: ssl_lib.c,v 1.70 2014/07/09 11:25:42 jsing Exp $ */

@@ -1956,9 +1956,7 @@ ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)

{

CERT_PKEY *cpk;

int rsa_enc, rsa_tmp, rsa_sign, dh_tmp, dh_rsa, dh_dsa, dsa_sign;

- int rsa_enc_export, dh_rsa_export, dh_dsa_export;

- int rsa_tmp_export, dh_tmp_export, kl;

- unsigned long mask_k, mask_a, emask_k, emask_a;

+ unsigned long mask_k, mask_a;

int have_ecc_cert, ecdh_ok, ecdsa_ok, ecc_pkey_size;

int have_ecdh_tmp;

X509 *x = NULL;

@@ -1968,39 +1966,25 @@ ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)

if (c == NULL)

return;

- kl = SSL_C_EXPORT_PKEYLENGTH(cipher);

rsa_tmp = (c->rsa_tmp != NULL || c->rsa_tmp_cb != NULL);

- rsa_tmp_export = (c->rsa_tmp_cb != NULL ||

- (rsa_tmp && RSA_size(c->rsa_tmp)*8 <= kl));

dh_tmp = (c->dh_tmp != NULL || c->dh_tmp_cb != NULL);

- dh_tmp_export = (c->dh_tmp_cb != NULL ||

- (dh_tmp && DH_size(c->dh_tmp)*8 <= kl));

have_ecdh_tmp = (c->ecdh_tmp != NULL || c->ecdh_tmp_cb != NULL);

cpk = &(c->pkeys[SSL_PKEY_RSA_ENC]);

rsa_enc = (cpk->x509 != NULL && cpk->privatekey != NULL);

- rsa_enc_export = (rsa_enc && EVP_PKEY_size(cpk->privatekey)*8 <= kl);

cpk = &(c->pkeys[SSL_PKEY_RSA_SIGN]);

rsa_sign = (cpk->x509 != NULL && cpk->privatekey != NULL);

cpk = &(c->pkeys[SSL_PKEY_DSA_SIGN]);

dsa_sign = (cpk->x509 != NULL && cpk->privatekey != NULL);

cpk = &(c->pkeys[SSL_PKEY_DH_RSA]);

dh_rsa = (cpk->x509 != NULL && cpk->privatekey != NULL);

- dh_rsa_export = (dh_rsa && EVP_PKEY_size(cpk->privatekey)*8 <= kl);

cpk = &(c->pkeys[SSL_PKEY_DH_DSA]);

/* FIX THIS EAY EAY EAY */

dh_dsa = (cpk->x509 != NULL && cpk->privatekey != NULL);

- dh_dsa_export = (dh_dsa && EVP_PKEY_size(cpk->privatekey)*8 <= kl);

cpk = &(c->pkeys[SSL_PKEY_ECC]);

have_ecc_cert = (cpk->x509 != NULL && cpk->privatekey != NULL);

mask_k = 0;

mask_a = 0;

- emask_k = 0;

- emask_a = 0;

cpk = &(c->pkeys[SSL_PKEY_GOST01]);

if (cpk->x509 != NULL && cpk->privatekey !=NULL) {

@@ -2015,38 +1999,23 @@ ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)

if (rsa_enc || (rsa_tmp && rsa_sign))

mask_k|=SSL_kRSA;

- if (rsa_enc_export || (rsa_tmp_export && (rsa_sign || rsa_enc)))

- emask_k|=SSL_kRSA;

- if (dh_tmp_export)

- emask_k|=SSL_kEDH;

if (dh_tmp)

mask_k|=SSL_kEDH;

if (dh_rsa)

mask_k|=SSL_kDHr;

- if (dh_rsa_export)

- emask_k|=SSL_kDHr;

if (dh_dsa)

mask_k|=SSL_kDHd;

- if (dh_dsa_export)

- emask_k|=SSL_kDHd;

- if (rsa_enc || rsa_sign) {

+ if (rsa_enc || rsa_sign)

mask_a|=SSL_aRSA;

- emask_a|=SSL_aRSA;

- }

- if (dsa_sign) {

+ if (dsa_sign)

mask_a|=SSL_aDSS;

- emask_a|=SSL_aDSS;

- }

mask_a|=SSL_aNULL;

- emask_a|=SSL_aNULL;

* An ECC certificate may be usable for ECDH and/or

@@ -2069,47 +2038,30 @@ ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)

OBJ_find_sigid_algs(signature_nid, &md_nid, &pk_nid);

}

if (ecdh_ok) {

if (pk_nid == NID_rsaEncryption || pk_nid == NID_rsa) {

mask_k|=SSL_kECDHr;

mask_a|=SSL_aECDH;

- if (ecc_pkey_size <= 163) {

- emask_k|=SSL_kECDHr;

- emask_a|=SSL_aECDH;

- }

}

if (pk_nid == NID_X9_62_id_ecPublicKey) {

mask_k|=SSL_kECDHe;

mask_a|=SSL_aECDH;

- if (ecc_pkey_size <= 163) {

- emask_k|=SSL_kECDHe;

- emask_a|=SSL_aECDH;

- }

}

- if (ecdsa_ok) {

+ if (ecdsa_ok)

mask_a|=SSL_aECDSA;

- emask_a|=SSL_aECDSA;

- }

}

if (have_ecdh_tmp) {

mask_k|=SSL_kEECDH;

- emask_k|=SSL_kEECDH;

}

#ifndef OPENSSL_NO_PSK

mask_k |= SSL_kPSK;

mask_a |= SSL_aPSK;

- emask_k |= SSL_kPSK;

- emask_a |= SSL_aPSK;

#endif

c->mask_k = mask_k;

c->mask_a = mask_a;

- c->export_mask_k = emask_k;

- c->export_mask_a = emask_a;

c->valid = 1;

}

@@ -2122,25 +2074,12 @@ int

ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s)

{

unsigned long alg_k, alg_a;

- EVP_PKEY *pkey = NULL;

- int keysize = 0;

int signature_nid = 0, md_nid = 0, pk_nid = 0;

const SSL_CIPHER *cs = s->s3->tmp.new_cipher;

alg_k = cs->algorithm_mkey;

alg_a = cs->algorithm_auth;

- if (SSL_C_IS_EXPORT(cs)) {

- /* ECDH key length in export ciphers must be <= 163 bits */

- pkey = X509_get_pubkey(x);

- if (pkey == NULL)

- return (0);

- keysize = EVP_PKEY_bits(pkey);

- EVP_PKEY_free(pkey);

- if (keysize > 163)

- return (0);

- }

/* This call populates the ex_flags field correctly */

X509_check_purpose(x, -1, 0);

if ((x->sig_alg) && (x->sig_alg->algorithm)) {

diff --git a/lib/libssl/src/ssl/ssl_locl.h b/lib/libssl/src/ssl/ssl_locl.h
index 228bf5b2be6..2b3d1b8e444 100644
--- a/lib/libssl/src/ssl/ssl_locl.h
+++ b/lib/libssl/src/ssl/ssl_locl.h

@@ -1,4 +1,4 @@

-/* $OpenBSD: ssl_locl.h,v 1.55 2014/07/08 21:50:40 jsing Exp $ */

+/* $OpenBSD: ssl_locl.h,v 1.56 2014/07/09 11:25:42 jsing Exp $ */

@@ -368,63 +368,14 @@

(((ssl_cipher->algorithm2 >> 24) & 0xf) * 2)

- * Export and cipher strength information. For each cipher we have to decide

- * whether it is exportable or not. This information is likely to change

- * over time, since the export control rules are no static technical issue.

- *

- * Independent of the export flag the cipher strength is sorted into classes.

- * SSL_EXP40 was denoting the 40bit US export limit of past times, which now

- * is at 56bit (SSL_EXP56). If the exportable cipher class is going to change

- * again (eg. to 64bit) the use of "SSL_EXP*" becomes blurred even more,

- * since SSL_EXP64 could be similar to SSL_LOW.

- * For this reason SSL_MICRO and SSL_MINI macros are included to widen the

- * namespace of SSL_LOW-SSL_HIGH to lower values. As development of speed

- * and ciphers goes, another extension to SSL_SUPER and/or SSL_ULTRA would

- * be possible.

+ * Cipher strength information.

-#define SSL_EXP_MASK 0x00000003L

#define SSL_STRONG_MASK 0x000001fcL

-#define SSL_EXPORT 0x00000002L

#define SSL_STRONG_NONE 0x00000004L

-#define SSL_EXP40 0x00000008L

-#define SSL_MICRO (SSL_EXP40)

-#define SSL_EXP56 0x00000010L

-#define SSL_MINI (SSL_EXP56)

#define SSL_LOW 0x00000020L

#define SSL_MEDIUM 0x00000040L

#define SSL_HIGH 0x00000080L

-/* we have used 000001ff - 23 bits left to go */

-/*

- * Macros to check the export status and cipher strength for export ciphers.

- * Even though the macros for EXPORT and EXPORT40/56 have similar names,

- * their meaning is different:

- * *_EXPORT macros check the 'exportable' status.

- * *_EXPORT40/56 macros are used to check whether a certain cipher strength

- * is given.

- * Since the SSL_IS_EXPORT* and SSL_EXPORT* macros depend on the correct

- * algorithm structure element to be passed (algorithms, algo_strength) and no

- * typechecking can be done as they are all of type unsigned long, their

- * direct usage is discouraged.

- * Use the SSL_C_* macros instead.

- */

-#define SSL_IS_EXPORT(a) ((a)&SSL_EXPORT)

-#define SSL_IS_EXPORT56(a) ((a)&SSL_EXP56)

-#define SSL_IS_EXPORT40(a) ((a)&SSL_EXP40)

-#define SSL_C_IS_EXPORT(c) SSL_IS_EXPORT((c)->algo_strength)

-#define SSL_C_IS_EXPORT56(c) SSL_IS_EXPORT56((c)->algo_strength)

-#define SSL_C_IS_EXPORT40(c) SSL_IS_EXPORT40((c)->algo_strength)

-#define SSL_EXPORT_KEYLENGTH(a,s) (SSL_IS_EXPORT40(s) ? 5 : \

- (a) == SSL_DES ? 8 : 7)

-#define SSL_EXPORT_PKEYLENGTH(a) (SSL_IS_EXPORT40(a) ? 512 : 1024)

-#define SSL_C_EXPORT_KEYLENGTH(c) SSL_EXPORT_KEYLENGTH((c)->algorithm_enc, \

- (c)->algo_strength)

-#define SSL_C_EXPORT_PKEYLENGTH(c) SSL_EXPORT_PKEYLENGTH((c)->algo_strength)

/* Check if an SSL structure is using DTLS. */

#define SSL_IS_DTLS(s) (s->method->ssl3_enc->enc_flags & SSL_ENC_FLAG_DTLS)

@@ -490,8 +441,6 @@ typedef struct cert_st {

int valid;

unsigned long mask_k;

unsigned long mask_a;

- unsigned long export_mask_k;

- unsigned long export_mask_a;

RSA *rsa_tmp;

RSA *(*rsa_tmp_cb)(SSL *ssl, int is_export, int keysize);

DH *dh_tmp;

diff --git a/lib/libssl/src/ssl/t1_enc.c b/lib/libssl/src/ssl/t1_enc.c
index 46238dc6c3b..26d98522d0a 100644
--- a/lib/libssl/src/ssl/t1_enc.c
+++ b/lib/libssl/src/ssl/t1_enc.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: t1_enc.c,v 1.64 2014/07/08 16:05:52 beck Exp $ */

+/* $OpenBSD: t1_enc.c,v 1.65 2014/07/09 11:25:42 jsing Exp $ */

@@ -375,21 +375,12 @@ tls1_change_cipher_state_cipher(SSL *s, char is_read, char use_client_keys,

const unsigned char *key, unsigned int key_len, const unsigned char *iv,

unsigned int iv_len)

{

- static const unsigned char empty[] = "";

- unsigned char export_tmp1[EVP_MAX_KEY_LENGTH];

- unsigned char export_tmp2[EVP_MAX_KEY_LENGTH];

- unsigned char export_iv1[EVP_MAX_IV_LENGTH * 2];

- unsigned char export_iv2[EVP_MAX_IV_LENGTH * 2];

- unsigned char *exp_label;

- int exp_label_len;

EVP_CIPHER_CTX *cipher_ctx;

const EVP_CIPHER *cipher;

EVP_MD_CTX *mac_ctx;

const EVP_MD *mac;

int mac_type;

- int is_export;

- is_export = SSL_C_IS_EXPORT(s->s3->tmp.new_cipher);

cipher = s->s3->tmp.new_sym_enc;

mac = s->s3->tmp.new_hash;

mac_type = s->s3->tmp.new_mac_pkey_type;

@@ -438,41 +429,6 @@ tls1_change_cipher_state_cipher(SSL *s, char is_read, char use_client_keys,

s->write_hash = mac_ctx;

}

- if (is_export) {

- /*

- * Both the read and write key/iv are set to the same value

- * since only the correct one will be used :-).

- */

- if (use_client_keys) {

- exp_label = TLS_MD_CLIENT_WRITE_KEY_CONST;

- exp_label_len = TLS_MD_CLIENT_WRITE_KEY_CONST_SIZE;

- } else {

- exp_label = TLS_MD_SERVER_WRITE_KEY_CONST;

- exp_label_len = TLS_MD_SERVER_WRITE_KEY_CONST_SIZE;

- }

- if (!tls1_PRF(ssl_get_algorithm2(s), exp_label, exp_label_len,

- s->s3->client_random, SSL3_RANDOM_SIZE,

- s->s3->server_random, SSL3_RANDOM_SIZE,

- NULL, 0, NULL, 0, key, key_len, export_tmp1, export_tmp2,

- EVP_CIPHER_key_length(cipher)))

- goto err2;

- key = export_tmp1;

- if (iv_len > 0) {

- if (!tls1_PRF(ssl_get_algorithm2(s),

- TLS_MD_IV_BLOCK_CONST, TLS_MD_IV_BLOCK_CONST_SIZE,

- s->s3->client_random, SSL3_RANDOM_SIZE,

- s->s3->server_random, SSL3_RANDOM_SIZE,

- NULL, 0, NULL, 0, empty, 0,

- export_iv1, export_iv2, iv_len * 2))

- goto err2;

- if (use_client_keys)

- iv = export_iv1;

- else

- iv = &(export_iv1[iv_len]);

- }

if (EVP_CIPHER_mode(cipher) == EVP_CIPH_GCM_MODE) {

EVP_CipherInit_ex(cipher_ctx, cipher, NULL, key, NULL,

!is_read);

@@ -494,18 +450,10 @@ tls1_change_cipher_state_cipher(SSL *s, char is_read, char use_client_keys,

mac_secret_size, (unsigned char *)mac_secret);

}

- if (is_export) {

- OPENSSL_cleanse(export_tmp1, sizeof(export_tmp1));

- OPENSSL_cleanse(export_tmp2, sizeof(export_tmp2));

- OPENSSL_cleanse(export_iv1, sizeof(export_iv1));

- OPENSSL_cleanse(export_iv2, sizeof(export_iv2));

- }

return (1);

err:

SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE_CIPHER, ERR_R_MALLOC_FAILURE);

-err2:

return (0);

}

@@ -521,13 +469,11 @@ tls1_change_cipher_state(SSL *s, int which)

const EVP_CIPHER *cipher;

const EVP_AEAD *aead;

char is_read, use_client_keys;

- int is_export;

#ifndef OPENSSL_NO_COMP

const SSL_COMP *comp;

#endif

- is_export = SSL_C_IS_EXPORT(s->s3->tmp.new_cipher);

cipher = s->s3->tmp.new_sym_enc;

aead = s->s3->tmp.new_aead;

@@ -598,10 +544,6 @@ tls1_change_cipher_state(SSL *s, int which)

key_len = EVP_CIPHER_key_length(cipher);

iv_len = EVP_CIPHER_iv_length(cipher);

- if (is_export &&

- key_len > SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher))

- key_len = SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher);

/* If GCM mode only part of IV comes from PRF. */

if (EVP_CIPHER_mode(cipher) == EVP_CIPH_GCM_MODE)

iv_len = EVP_GCM_TLS_FIXED_IV_LEN;

@@ -700,10 +642,6 @@ tls1_setup_key_block(SSL *s)

key_len = EVP_CIPHER_key_length(cipher);

iv_len = EVP_CIPHER_iv_length(cipher);

- if (SSL_C_IS_EXPORT(s->session->cipher) &&

- key_len > SSL_C_EXPORT_KEYLENGTH(s->session->cipher))

- key_len = SSL_C_EXPORT_KEYLENGTH(s->session->cipher);

/* If GCM mode only part of IV comes from PRF. */

if (EVP_CIPHER_mode(cipher) == EVP_CIPH_GCM_MODE)

iv_len = EVP_GCM_TLS_FIXED_IV_LEN;