summaryrefslogtreecommitdiff
path: root/lib/libssl
diff options
context:
space:
mode:
authorJoel Sing <jsing@cvs.openbsd.org>2015-09-11 17:17:45 +0000
committerJoel Sing <jsing@cvs.openbsd.org>2015-09-11 17:17:45 +0000
commit7b06263d3697e91b4a1124a5eb4da636fbd24c81 (patch)
tree534e62981a10856de38ace73f7dc2c95c5eb0bfb /lib/libssl
parent5060cdd2d8dfa91c19dfa37d90b99a3f0948b9dd (diff)
Nuke ssl3_cbc_remove_padding().
ok "flensing knife"
Diffstat (limited to 'lib/libssl')
-rw-r--r--lib/libssl/src/ssl/s3_cbc.c32
-rw-r--r--lib/libssl/src/ssl/ssl_locl.h4
2 files changed, 2 insertions, 34 deletions
diff --git a/lib/libssl/src/ssl/s3_cbc.c b/lib/libssl/src/ssl/s3_cbc.c
index 57485caacf1..824ccf983b8 100644
--- a/lib/libssl/src/ssl/s3_cbc.c
+++ b/lib/libssl/src/ssl/s3_cbc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_cbc.c,v 1.10 2015/07/17 07:04:40 doug Exp $ */
+/* $OpenBSD: s3_cbc.c,v 1.11 2015/09/11 17:17:44 jsing Exp $ */
/* ====================================================================
* Copyright (c) 2012 The OpenSSL Project. All rights reserved.
*
@@ -101,36 +101,6 @@ constant_time_eq_8(unsigned a, unsigned b)
return DUPLICATE_MSB_TO_ALL_8(c);
}
-/* ssl3_cbc_remove_padding removes padding from the decrypted, SSLv3, CBC
- * record in |rec| by updating |rec->length| in constant time.
- *
- * block_size: the block size of the cipher used to encrypt the record.
- * returns:
- * 0: (in non-constant time) if the record is publicly invalid.
- * 1: if the padding was valid
- * -1: otherwise. */
-int
-ssl3_cbc_remove_padding(const SSL* s, SSL3_RECORD *rec, unsigned block_size,
- unsigned mac_size)
-{
- unsigned padding_length, good;
- const unsigned overhead = 1 /* padding length byte */ + mac_size;
-
- /* These lengths are all public so we can test them in non-constant
- * time. */
- if (overhead > rec->length)
- return 0;
-
- padding_length = rec->data[rec->length - 1];
- good = constant_time_ge(rec->length, padding_length + overhead);
- /* SSLv3 requires that the padding is minimal. */
- good &= constant_time_ge(block_size, padding_length + 1);
- padding_length = good & (padding_length + 1);
- rec->length -= padding_length;
- rec->type |= padding_length << 8; /* kludge: pass padding length */
- return (int)((good & 1) | (~good & -1));
-}
-
/* tls1_cbc_remove_padding removes the CBC padding from the decrypted, TLS, CBC
* record in |rec| in constant time and returns 1 if the padding is valid and
* -1 otherwise. It also removes any explicit IV from the start of the record
diff --git a/lib/libssl/src/ssl/ssl_locl.h b/lib/libssl/src/ssl/ssl_locl.h
index 88af440f21d..a1302104e67 100644
--- a/lib/libssl/src/ssl/ssl_locl.h
+++ b/lib/libssl/src/ssl/ssl_locl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_locl.h,v 1.113 2015/09/11 17:11:53 jsing Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.114 2015/09/11 17:17:44 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -844,8 +844,6 @@ int ssl_parse_serverhello_use_srtp_ext(SSL *s, const unsigned char *d,
/* s3_cbc.c */
void ssl3_cbc_copy_mac(unsigned char *out, const SSL3_RECORD *rec,
unsigned md_size, unsigned orig_len);
-int ssl3_cbc_remove_padding(const SSL *s, SSL3_RECORD *rec,
- unsigned block_size, unsigned mac_size);
int tls1_cbc_remove_padding(const SSL *s, SSL3_RECORD *rec,
unsigned block_size, unsigned mac_size);
char ssl3_cbc_record_digest_supported(const EVP_MD_CTX *ctx);