summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--lib/libssl/s3_pkt.c5
-rw-r--r--lib/libssl/ssl.h12
-rw-r--r--lib/libssl/ssl_lib.c13
-rw-r--r--lib/libssl/ssl_locl.h23
4 files changed, 49 insertions, 4 deletions
diff --git a/lib/libssl/s3_pkt.c b/lib/libssl/s3_pkt.c
index 8235e0775a6..f5d8bedbea1 100644
--- a/lib/libssl/s3_pkt.c
+++ b/lib/libssl/s3_pkt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_pkt.c,v 1.46 2014/06/12 15:49:31 deraadt Exp $ */
+/* $OpenBSD: s3_pkt.c,v 1.47 2014/06/13 10:52:24 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -753,6 +753,9 @@ do_ssl3_write(SSL *s, int type, const unsigned char *buf,
eivlen = EVP_GCM_TLS_EXPLICIT_IV_LEN;
else
eivlen = 0;
+ } else if (s->aead_write_ctx != NULL &&
+ s->aead_write_ctx->variable_nonce_in_record) {
+ eivlen = s->aead_write_ctx->variable_nonce_len;
} else
eivlen = 0;
diff --git a/lib/libssl/ssl.h b/lib/libssl/ssl.h
index cd71f7bcfe2..826d7c1696e 100644
--- a/lib/libssl/ssl.h
+++ b/lib/libssl/ssl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl.h,v 1.53 2014/06/13 04:29:13 miod Exp $ */
+/* $OpenBSD: ssl.h,v 1.54 2014/06/13 10:52:24 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -654,6 +654,8 @@ void SSL_set_msg_callback(SSL *ssl, void (*cb)(int write_p, int version,
#define SSL_CTX_set_msg_callback_arg(ctx, arg) SSL_CTX_ctrl((ctx), SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, (arg))
#define SSL_set_msg_callback_arg(ssl, arg) SSL_ctrl((ssl), SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, (arg))
+struct ssl_aead_ctx_st;
+typedef struct ssl_aead_ctx_st SSL_AEAD_CTX;
#define SSL_MAX_CERT_LIST_DEFAULT 1024*100 /* 100k max cert list :-) */
@@ -1093,6 +1095,10 @@ struct ssl_st {
* the ones to be 'copied' into these ones */
int mac_flags;
+ SSL_AEAD_CTX *aead_read_ctx; /* AEAD context. If non-NULL, then
+ enc_read_ctx and read_hash are
+ ignored. */
+
EVP_CIPHER_CTX *enc_read_ctx; /* cryptographic state */
EVP_MD_CTX *read_hash; /* used for mac generation */
#ifndef OPENSSL_NO_COMP
@@ -1101,6 +1107,10 @@ struct ssl_st {
char *expand;
#endif
+ SSL_AEAD_CTX *aead_write_ctx; /* AEAD context. If non-NULL, then
+ enc_write_ctx and write_hash are
+ ignored. */
+
EVP_CIPHER_CTX *enc_write_ctx; /* cryptographic state */
EVP_MD_CTX *write_hash; /* used for mac generation */
#ifndef OPENSSL_NO_COMP
diff --git a/lib/libssl/ssl_lib.c b/lib/libssl/ssl_lib.c
index 05abdb3944d..297c80124d8 100644
--- a/lib/libssl/ssl_lib.c
+++ b/lib/libssl/ssl_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_lib.c,v 1.66 2014/06/13 04:29:13 miod Exp $ */
+/* $OpenBSD: ssl_lib.c,v 1.67 2014/06/13 10:52:24 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -2660,6 +2660,17 @@ ssl_clear_cipher_ctx(SSL *s)
EVP_CIPHER_CTX_free(s->enc_write_ctx);
s->enc_write_ctx = NULL;
+ if (s->aead_read_ctx != NULL) {
+ EVP_AEAD_CTX_cleanup(&s->aead_read_ctx->ctx);
+ free(s->aead_read_ctx);
+ s->aead_read_ctx = NULL;
+ }
+ if (s->aead_write_ctx != NULL) {
+ EVP_AEAD_CTX_cleanup(&s->aead_write_ctx->ctx);
+ free(s->aead_write_ctx);
+ s->aead_write_ctx = NULL;
+ }
+
#ifndef OPENSSL_NO_COMP
COMP_CTX_free(s->expand);
s->expand = NULL;
diff --git a/lib/libssl/ssl_locl.h b/lib/libssl/ssl_locl.h
index 18b329048e8..ea5f8c3d4e5 100644
--- a/lib/libssl/ssl_locl.h
+++ b/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_locl.h,v 1.49 2014/06/12 15:49:31 deraadt Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.50 2014/06/13 10:52:24 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -578,6 +578,27 @@ typedef struct ssl3_enc_method {
/* Allow TLS 1.2 ciphersuites: applies to DTLS 1.2 as well as TLS 1.2. */
#define SSL_ENC_FLAG_TLS1_2_CIPHERS (1 << 4)
+/*
+ * ssl_aead_ctx_st contains information about an AEAD that is being used to
+ * encrypt an SSL connection.
+ */
+struct ssl_aead_ctx_st {
+ EVP_AEAD_CTX ctx;
+ /*
+ * fixed_nonce contains any bytes of the nonce that are fixed for all
+ * records.
+ */
+ unsigned char fixed_nonce[8];
+ unsigned char fixed_nonce_len;
+ unsigned char variable_nonce_len;
+ unsigned char tag_len;
+ /*
+ * variable_nonce_in_record is non-zero if the variable nonce
+ * for a record is included as a prefix before the ciphertext.
+ */
+ char variable_nonce_in_record;
+};
+
#ifndef OPENSSL_NO_COMP
/* Used for holding the relevant compression methods loaded into SSL_CTX */
typedef struct ssl3_comp_st {