This removes support code for a "stream_mac" mode only used by GOST. Also get rid of this /* I should fix this up TLS TLS TLS TLS TLS XXXXXXXX */ comment next to it. It's not actually related to GOST (dates to OpenSSL initial commit), but isn't especially helpful at this point. Change-Id: Ib13c6e27e16e0d1fb59ed0142ddf913b9abc20b7 Reviewed-on: https://boringssl-review.googlesource.com/1281 Reviewed-by: Adam Langley <agl@google.com>kris/onging/CECPQ3_patch15
@@ -214,7 +214,6 @@ extern "C" { | |||||
#define SSL_TXT_kECDH "kECDH" | #define SSL_TXT_kECDH "kECDH" | ||||
#define SSL_TXT_kEECDH "kEECDH" | #define SSL_TXT_kEECDH "kEECDH" | ||||
#define SSL_TXT_kPSK "kPSK" | #define SSL_TXT_kPSK "kPSK" | ||||
#define SSL_TXT_kGOST "kGOST" | |||||
#define SSL_TXT_kSRP "kSRP" | #define SSL_TXT_kSRP "kSRP" | ||||
#define SSL_TXT_aRSA "aRSA" | #define SSL_TXT_aRSA "aRSA" | ||||
@@ -223,9 +222,6 @@ extern "C" { | |||||
#define SSL_TXT_aECDH "aECDH" | #define SSL_TXT_aECDH "aECDH" | ||||
#define SSL_TXT_aECDSA "aECDSA" | #define SSL_TXT_aECDSA "aECDSA" | ||||
#define SSL_TXT_aPSK "aPSK" | #define SSL_TXT_aPSK "aPSK" | ||||
#define SSL_TXT_aGOST94 "aGOST94" | |||||
#define SSL_TXT_aGOST01 "aGOST01" | |||||
#define SSL_TXT_aGOST "aGOST" | |||||
#define SSL_TXT_DSS "DSS" | #define SSL_TXT_DSS "DSS" | ||||
#define SSL_TXT_DH "DH" | #define SSL_TXT_DH "DH" | ||||
@@ -257,8 +253,6 @@ extern "C" { | |||||
#define SSL_TXT_MD5 "MD5" | #define SSL_TXT_MD5 "MD5" | ||||
#define SSL_TXT_SHA1 "SHA1" | #define SSL_TXT_SHA1 "SHA1" | ||||
#define SSL_TXT_SHA "SHA" /* same as "SHA1" */ | #define SSL_TXT_SHA "SHA" /* same as "SHA1" */ | ||||
#define SSL_TXT_GOST94 "GOST94" | |||||
#define SSL_TXT_GOST89MAC "GOST89MAC" | |||||
#define SSL_TXT_SHA256 "SHA256" | #define SSL_TXT_SHA256 "SHA256" | ||||
#define SSL_TXT_SHA384 "SHA384" | #define SSL_TXT_SHA384 "SHA384" | ||||
@@ -1249,9 +1243,6 @@ const char *SSL_get_psk_identity(const SSL *s); | |||||
#define SSL_want_session(s) (SSL_want(s) == SSL_PENDING_SESSION) | #define SSL_want_session(s) (SSL_want(s) == SSL_PENDING_SESSION) | ||||
#define SSL_want_certificate(s) (SSL_want(s) == SSL_CERTIFICATE_SELECTION_PENDING) | #define SSL_want_certificate(s) (SSL_want(s) == SSL_CERTIFICATE_SELECTION_PENDING) | ||||
#define SSL_MAC_FLAG_READ_MAC_STREAM 1 | |||||
#define SSL_MAC_FLAG_WRITE_MAC_STREAM 2 | |||||
#ifndef OPENSSL_NO_SSL_INTERN | #ifndef OPENSSL_NO_SSL_INTERN | ||||
struct ssl_st | struct ssl_st | ||||
@@ -1342,7 +1333,6 @@ struct ssl_st | |||||
/* These are the ones being used, the ones in SSL_SESSION are | /* These are the ones being used, the ones in SSL_SESSION are | ||||
* the ones to be 'copied' into these ones */ | * the ones to be 'copied' into these ones */ | ||||
int mac_flags; | |||||
SSL_AEAD_CTX *aead_read_ctx; /* AEAD context. If non-NULL, then | SSL_AEAD_CTX *aead_read_ctx; /* AEAD context. If non-NULL, then | ||||
|enc_read_ctx| and |read_hash| are | |enc_read_ctx| and |read_hash| are | ||||
ignored. */ | ignored. */ | ||||
@@ -704,8 +704,6 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb) | |||||
#define TLS_CT_ECDSA_SIGN 64 | #define TLS_CT_ECDSA_SIGN 64 | ||||
#define TLS_CT_RSA_FIXED_ECDH 65 | #define TLS_CT_RSA_FIXED_ECDH 65 | ||||
#define TLS_CT_ECDSA_FIXED_ECDH 66 | #define TLS_CT_ECDSA_FIXED_ECDH 66 | ||||
#define TLS_CT_GOST94_SIGN 21 | |||||
#define TLS_CT_GOST01_SIGN 22 | |||||
#define TLS1_FINISH_MAC_LENGTH 12 | #define TLS1_FINISH_MAC_LENGTH 12 | ||||
@@ -512,14 +512,6 @@ int ssl_cert_type(X509 *x, EVP_PKEY *pkey) | |||||
ret = SSL_PKEY_ECC; | ret = SSL_PKEY_ECC; | ||||
} | } | ||||
#endif | #endif | ||||
else if (i == NID_id_GostR3410_94 || i == NID_id_GostR3410_94_cc) | |||||
{ | |||||
ret = SSL_PKEY_GOST94; | |||||
} | |||||
else if (i == NID_id_GostR3410_2001 || i == NID_id_GostR3410_2001_cc) | |||||
{ | |||||
ret = SSL_PKEY_GOST01; | |||||
} | |||||
else if (x && (i == EVP_PKEY_DH || i == EVP_PKEY_DHX)) | else if (x && (i == EVP_PKEY_DH || i == EVP_PKEY_DHX)) | ||||
{ | { | ||||
/* For DH two cases: DH certificate signed with RSA and | /* For DH two cases: DH certificate signed with RSA and | ||||
@@ -2496,11 +2496,6 @@ int ssl3_send_client_key_exchange(SSL *s) | |||||
EVP_PKEY_free(srvr_pub_pkey); | EVP_PKEY_free(srvr_pub_pkey); | ||||
} | } | ||||
#endif /* !OPENSSL_NO_ECDH */ | #endif /* !OPENSSL_NO_ECDH */ | ||||
else if (alg_k & SSL_kGOST) | |||||
{ | |||||
OPENSSL_PUT_ERROR(SSL, ssl3_send_client_key_exchange, SSL_R_GOST_NOT_SUPPORTED); | |||||
goto err; | |||||
} | |||||
else if (!(alg_k & SSL_kPSK) || ((alg_k & SSL_kPSK) && !(alg_a & SSL_aPSK))) | else if (!(alg_k & SSL_kPSK) || ((alg_k & SSL_kPSK) && !(alg_a & SSL_aPSK))) | ||||
{ | { | ||||
ssl3_send_alert(s, SSL3_AL_FATAL, | ssl3_send_alert(s, SSL3_AL_FATAL, | ||||
@@ -1269,65 +1269,6 @@ SSL_CIPHER ssl3_ciphers[]={ | |||||
256, | 256, | ||||
}, | }, | ||||
/* GOST Ciphersuites */ | |||||
{ | |||||
1, | |||||
"GOST94-GOST89-GOST89", | |||||
0x3000080, | |||||
SSL_kGOST, | |||||
SSL_aGOST94, | |||||
SSL_eGOST2814789CNT, | |||||
SSL_GOST89MAC, | |||||
SSL_TLSV1, | |||||
SSL_NOT_EXP|SSL_HIGH, | |||||
SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94|TLS1_STREAM_MAC, | |||||
256, | |||||
256 | |||||
}, | |||||
{ | |||||
1, | |||||
"GOST2001-GOST89-GOST89", | |||||
0x3000081, | |||||
SSL_kGOST, | |||||
SSL_aGOST01, | |||||
SSL_eGOST2814789CNT, | |||||
SSL_GOST89MAC, | |||||
SSL_TLSV1, | |||||
SSL_NOT_EXP|SSL_HIGH, | |||||
SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94|TLS1_STREAM_MAC, | |||||
256, | |||||
256 | |||||
}, | |||||
{ | |||||
1, | |||||
"GOST94-NULL-GOST94", | |||||
0x3000082, | |||||
SSL_kGOST, | |||||
SSL_aGOST94, | |||||
SSL_eNULL, | |||||
SSL_GOST94, | |||||
SSL_TLSV1, | |||||
SSL_NOT_EXP|SSL_STRONG_NONE, | |||||
SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94, | |||||
0, | |||||
0 | |||||
}, | |||||
{ | |||||
1, | |||||
"GOST2001-NULL-GOST94", | |||||
0x3000083, | |||||
SSL_kGOST, | |||||
SSL_aGOST01, | |||||
SSL_eNULL, | |||||
SSL_GOST94, | |||||
SSL_TLSV1, | |||||
SSL_NOT_EXP|SSL_STRONG_NONE, | |||||
SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94, | |||||
0, | |||||
0 | |||||
}, | |||||
#ifndef OPENSSL_NO_CAMELLIA | #ifndef OPENSSL_NO_CAMELLIA | ||||
/* Camellia ciphersuites from RFC4132 (256-bit portion) */ | /* Camellia ciphersuites from RFC4132 (256-bit portion) */ | ||||
@@ -2500,67 +2441,6 @@ SSL_CIPHER ssl3_ciphers[]={ | |||||
#endif /* OPENSSL_NO_ECDH */ | #endif /* OPENSSL_NO_ECDH */ | ||||
#ifdef TEMP_GOST_TLS | |||||
/* Cipher FF00 */ | |||||
{ | |||||
1, | |||||
"GOST-MD5", | |||||
0x0300ff00, | |||||
SSL_kRSA, | |||||
SSL_aRSA, | |||||
SSL_eGOST2814789CNT, | |||||
SSL_MD5, | |||||
SSL_TLSV1, | |||||
SSL_NOT_EXP|SSL_HIGH, | |||||
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, | |||||
256, | |||||
256, | |||||
}, | |||||
{ | |||||
1, | |||||
"GOST-GOST94", | |||||
0x0300ff01, | |||||
SSL_kRSA, | |||||
SSL_aRSA, | |||||
SSL_eGOST2814789CNT, | |||||
SSL_GOST94, | |||||
SSL_TLSV1, | |||||
SSL_NOT_EXP|SSL_HIGH, | |||||
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, | |||||
256, | |||||
256 | |||||
}, | |||||
{ | |||||
1, | |||||
"GOST-GOST89MAC", | |||||
0x0300ff02, | |||||
SSL_kRSA, | |||||
SSL_aRSA, | |||||
SSL_eGOST2814789CNT, | |||||
SSL_GOST89MAC, | |||||
SSL_TLSV1, | |||||
SSL_NOT_EXP|SSL_HIGH, | |||||
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, | |||||
256, | |||||
256 | |||||
}, | |||||
{ | |||||
1, | |||||
"GOST-GOST89STREAM", | |||||
0x0300ff03, | |||||
SSL_kRSA, | |||||
SSL_aRSA, | |||||
SSL_eGOST2814789CNT, | |||||
SSL_GOST89MAC, | |||||
SSL_TLSV1, | |||||
SSL_NOT_EXP|SSL_HIGH, | |||||
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF|TLS1_STREAM_MAC, | |||||
256, | |||||
256 | |||||
}, | |||||
#endif | |||||
{ | { | ||||
1, | 1, | ||||
TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305, | TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305, | ||||
@@ -2520,11 +2520,6 @@ int ssl3_get_client_key_exchange(SSL *s) | |||||
premaster_secret_len = ecdh_len; | premaster_secret_len = ecdh_len; | ||||
} | } | ||||
#endif | #endif | ||||
else if (alg_k & SSL_kGOST) | |||||
{ | |||||
OPENSSL_PUT_ERROR(SSL, ssl3_get_client_key_exchange, SSL_R_GOST_NOT_SUPPORTED); | |||||
goto err; | |||||
} | |||||
#ifndef OPENSSL_NO_PSK | #ifndef OPENSSL_NO_PSK | ||||
else if (alg_k & SSL_kPSK) | else if (alg_k & SSL_kPSK) | ||||
{ | { | ||||
@@ -157,16 +157,13 @@ | |||||
#define SSL_ENC_AES256_IDX 7 | #define SSL_ENC_AES256_IDX 7 | ||||
#define SSL_ENC_CAMELLIA128_IDX 8 | #define SSL_ENC_CAMELLIA128_IDX 8 | ||||
#define SSL_ENC_CAMELLIA256_IDX 9 | #define SSL_ENC_CAMELLIA256_IDX 9 | ||||
#define SSL_ENC_GOST89_IDX 10 | |||||
#define SSL_ENC_SEED_IDX 11 | |||||
#define SSL_ENC_AES128GCM_IDX 12 | |||||
#define SSL_ENC_AES256GCM_IDX 13 | |||||
#define SSL_ENC_NUM_IDX 14 | |||||
#define SSL_ENC_SEED_IDX 10 | |||||
#define SSL_ENC_AES128GCM_IDX 11 | |||||
#define SSL_ENC_AES256GCM_IDX 12 | |||||
#define SSL_ENC_NUM_IDX 13 | |||||
static const EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX]={ | |||||
NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL | |||||
}; | |||||
static const EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX]= { 0 }; | |||||
#define SSL_COMP_NULL_IDX 0 | #define SSL_COMP_NULL_IDX 0 | ||||
#define SSL_COMP_ZLIB_IDX 1 | #define SSL_COMP_ZLIB_IDX 1 | ||||
@@ -174,34 +171,22 @@ static const EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX]={ | |||||
#define SSL_MD_MD5_IDX 0 | #define SSL_MD_MD5_IDX 0 | ||||
#define SSL_MD_SHA1_IDX 1 | #define SSL_MD_SHA1_IDX 1 | ||||
#define SSL_MD_GOST94_IDX 2 | |||||
#define SSL_MD_GOST89MAC_IDX 3 | |||||
#define SSL_MD_SHA256_IDX 4 | |||||
#define SSL_MD_SHA384_IDX 5 | |||||
#define SSL_MD_SHA256_IDX 2 | |||||
#define SSL_MD_SHA384_IDX 3 | |||||
/*Constant SSL_MAX_DIGEST equal to size of digests array should be | /*Constant SSL_MAX_DIGEST equal to size of digests array should be | ||||
* defined in the | * defined in the | ||||
* ssl_locl.h */ | * ssl_locl.h */ | ||||
#define SSL_MD_NUM_IDX SSL_MAX_DIGEST | #define SSL_MD_NUM_IDX SSL_MAX_DIGEST | ||||
static const EVP_MD *ssl_digest_methods[SSL_MD_NUM_IDX]={ | |||||
NULL,NULL,NULL,NULL,NULL,NULL | |||||
}; | |||||
/* PKEY_TYPE for GOST89MAC is known in advance, but, because | |||||
* implementation is engine-provided, we'll fill it only if | |||||
* corresponding EVP_PKEY_METHOD is found | |||||
*/ | |||||
static const EVP_MD *ssl_digest_methods[SSL_MD_NUM_IDX] = { 0 }; | |||||
static int ssl_mac_pkey_id[SSL_MD_NUM_IDX]={ | static int ssl_mac_pkey_id[SSL_MD_NUM_IDX]={ | ||||
EVP_PKEY_HMAC,EVP_PKEY_HMAC,EVP_PKEY_HMAC,NID_undef, | |||||
EVP_PKEY_HMAC,EVP_PKEY_HMAC | |||||
EVP_PKEY_HMAC, EVP_PKEY_HMAC, EVP_PKEY_HMAC, EVP_PKEY_HMAC, | |||||
}; | }; | ||||
static int ssl_mac_secret_size[SSL_MD_NUM_IDX]={ | |||||
0,0,0,0,0,0 | |||||
}; | |||||
static int ssl_mac_secret_size[SSL_MD_NUM_IDX] = { 0 }; | |||||
static int ssl_handshake_digest_flag[SSL_MD_NUM_IDX]={ | static int ssl_handshake_digest_flag[SSL_MD_NUM_IDX]={ | ||||
SSL_HANDSHAKE_MAC_MD5,SSL_HANDSHAKE_MAC_SHA, | |||||
SSL_HANDSHAKE_MAC_GOST94, 0, SSL_HANDSHAKE_MAC_SHA256, | |||||
SSL_HANDSHAKE_MAC_SHA384 | |||||
SSL_HANDSHAKE_MAC_MD5, SSL_HANDSHAKE_MAC_SHA, | |||||
SSL_HANDSHAKE_MAC_SHA256, SSL_HANDSHAKE_MAC_SHA384, | |||||
}; | }; | ||||
#define CIPHER_ADD 1 | #define CIPHER_ADD 1 | ||||
@@ -248,7 +233,6 @@ static const SSL_CIPHER cipher_aliases[]={ | |||||
{0,SSL_TXT_kPSK,0, SSL_kPSK, 0,0,0,0,0,0,0,0}, | {0,SSL_TXT_kPSK,0, SSL_kPSK, 0,0,0,0,0,0,0,0}, | ||||
{0,SSL_TXT_kSRP,0, SSL_kSRP, 0,0,0,0,0,0,0,0}, | {0,SSL_TXT_kSRP,0, SSL_kSRP, 0,0,0,0,0,0,0,0}, | ||||
{0,SSL_TXT_kGOST,0, SSL_kGOST,0,0,0,0,0,0,0,0}, | |||||
/* server authentication aliases */ | /* server authentication aliases */ | ||||
{0,SSL_TXT_aRSA,0, 0,SSL_aRSA, 0,0,0,0,0,0,0}, | {0,SSL_TXT_aRSA,0, 0,SSL_aRSA, 0,0,0,0,0,0,0}, | ||||
@@ -260,9 +244,6 @@ static const SSL_CIPHER cipher_aliases[]={ | |||||
{0,SSL_TXT_aECDSA,0, 0,SSL_aECDSA,0,0,0,0,0,0,0}, | {0,SSL_TXT_aECDSA,0, 0,SSL_aECDSA,0,0,0,0,0,0,0}, | ||||
{0,SSL_TXT_ECDSA,0, 0,SSL_aECDSA, 0,0,0,0,0,0,0}, | {0,SSL_TXT_ECDSA,0, 0,SSL_aECDSA, 0,0,0,0,0,0,0}, | ||||
{0,SSL_TXT_aPSK,0, 0,SSL_aPSK, 0,0,0,0,0,0,0}, | {0,SSL_TXT_aPSK,0, 0,SSL_aPSK, 0,0,0,0,0,0,0}, | ||||
{0,SSL_TXT_aGOST94,0,0,SSL_aGOST94,0,0,0,0,0,0,0}, | |||||
{0,SSL_TXT_aGOST01,0,0,SSL_aGOST01,0,0,0,0,0,0,0}, | |||||
{0,SSL_TXT_aGOST,0,0,SSL_aGOST94|SSL_aGOST01,0,0,0,0,0,0,0}, | |||||
/* aliases combining key exchange and server authentication */ | /* aliases combining key exchange and server authentication */ | ||||
{0,SSL_TXT_EDH,0, SSL_kEDH,~SSL_aNULL,0,0,0,0,0,0,0}, | {0,SSL_TXT_EDH,0, SSL_kEDH,~SSL_aNULL,0,0,0,0,0,0,0}, | ||||
@@ -296,8 +277,6 @@ static const SSL_CIPHER cipher_aliases[]={ | |||||
{0,SSL_TXT_MD5,0, 0,0,0,SSL_MD5, 0,0,0,0,0}, | {0,SSL_TXT_MD5,0, 0,0,0,SSL_MD5, 0,0,0,0,0}, | ||||
{0,SSL_TXT_SHA1,0, 0,0,0,SSL_SHA1, 0,0,0,0,0}, | {0,SSL_TXT_SHA1,0, 0,0,0,SSL_SHA1, 0,0,0,0,0}, | ||||
{0,SSL_TXT_SHA,0, 0,0,0,SSL_SHA1, 0,0,0,0,0}, | {0,SSL_TXT_SHA,0, 0,0,0,SSL_SHA1, 0,0,0,0,0}, | ||||
{0,SSL_TXT_GOST94,0, 0,0,0,SSL_GOST94, 0,0,0,0,0}, | |||||
{0,SSL_TXT_GOST89MAC,0, 0,0,0,SSL_GOST89MAC, 0,0,0,0,0}, | |||||
{0,SSL_TXT_SHA256,0, 0,0,0,SSL_SHA256, 0,0,0,0,0}, | {0,SSL_TXT_SHA256,0, 0,0,0,SSL_SHA256, 0,0,0,0,0}, | ||||
{0,SSL_TXT_SHA384,0, 0,0,0,SSL_SHA384, 0,0,0,0,0}, | {0,SSL_TXT_SHA384,0, 0,0,0,SSL_SHA384, 0,0,0,0,0}, | ||||
@@ -431,9 +410,6 @@ int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc, | |||||
case SSL_CAMELLIA256: | case SSL_CAMELLIA256: | ||||
i=SSL_ENC_CAMELLIA256_IDX; | i=SSL_ENC_CAMELLIA256_IDX; | ||||
break; | break; | ||||
case SSL_eGOST2814789CNT: | |||||
i=SSL_ENC_GOST89_IDX; | |||||
break; | |||||
case SSL_SEED: | case SSL_SEED: | ||||
i=SSL_ENC_SEED_IDX; | i=SSL_ENC_SEED_IDX; | ||||
break; | break; | ||||
@@ -512,12 +488,6 @@ int ssl_cipher_get_mac(const SSL_SESSION *s, const EVP_MD **md, int *mac_pkey_ty | |||||
case SSL_SHA384: | case SSL_SHA384: | ||||
i=SSL_MD_SHA384_IDX; | i=SSL_MD_SHA384_IDX; | ||||
break; | break; | ||||
case SSL_GOST94: | |||||
i = SSL_MD_GOST94_IDX; | |||||
break; | |||||
case SSL_GOST89MAC: | |||||
i = SSL_MD_GOST89MAC_IDX; | |||||
break; | |||||
default: | default: | ||||
i= -1; | i= -1; | ||||
break; | break; | ||||
@@ -631,15 +601,12 @@ static void ssl_cipher_get_disabled(unsigned long *mkey, unsigned long *auth, un | |||||
*enc |= (ssl_cipher_methods[SSL_ENC_AES256GCM_IDX] == NULL) ? SSL_AES256GCM:0; | *enc |= (ssl_cipher_methods[SSL_ENC_AES256GCM_IDX] == NULL) ? SSL_AES256GCM:0; | ||||
*enc |= (ssl_cipher_methods[SSL_ENC_CAMELLIA128_IDX] == NULL) ? SSL_CAMELLIA128:0; | *enc |= (ssl_cipher_methods[SSL_ENC_CAMELLIA128_IDX] == NULL) ? SSL_CAMELLIA128:0; | ||||
*enc |= (ssl_cipher_methods[SSL_ENC_CAMELLIA256_IDX] == NULL) ? SSL_CAMELLIA256:0; | *enc |= (ssl_cipher_methods[SSL_ENC_CAMELLIA256_IDX] == NULL) ? SSL_CAMELLIA256:0; | ||||
*enc |= (ssl_cipher_methods[SSL_ENC_GOST89_IDX] == NULL) ? SSL_eGOST2814789CNT:0; | |||||
*enc |= (ssl_cipher_methods[SSL_ENC_SEED_IDX] == NULL) ? SSL_SEED:0; | *enc |= (ssl_cipher_methods[SSL_ENC_SEED_IDX] == NULL) ? SSL_SEED:0; | ||||
*mac |= (ssl_digest_methods[SSL_MD_MD5_IDX ] == NULL) ? SSL_MD5 :0; | *mac |= (ssl_digest_methods[SSL_MD_MD5_IDX ] == NULL) ? SSL_MD5 :0; | ||||
*mac |= (ssl_digest_methods[SSL_MD_SHA1_IDX] == NULL) ? SSL_SHA1:0; | *mac |= (ssl_digest_methods[SSL_MD_SHA1_IDX] == NULL) ? SSL_SHA1:0; | ||||
*mac |= (ssl_digest_methods[SSL_MD_SHA256_IDX] == NULL) ? SSL_SHA256:0; | *mac |= (ssl_digest_methods[SSL_MD_SHA256_IDX] == NULL) ? SSL_SHA256:0; | ||||
*mac |= (ssl_digest_methods[SSL_MD_SHA384_IDX] == NULL) ? SSL_SHA384:0; | *mac |= (ssl_digest_methods[SSL_MD_SHA384_IDX] == NULL) ? SSL_SHA384:0; | ||||
*mac |= (ssl_digest_methods[SSL_MD_GOST94_IDX] == NULL) ? SSL_GOST94:0; | |||||
*mac |= (ssl_digest_methods[SSL_MD_GOST89MAC_IDX] == NULL || ssl_mac_pkey_id[SSL_MD_GOST89MAC_IDX]==NID_undef)? SSL_GOST89MAC:0; | |||||
} | } | ||||
@@ -1847,10 +1814,6 @@ int ssl_cipher_get_cert_index(const SSL_CIPHER *c) | |||||
return SSL_PKEY_DSA_SIGN; | return SSL_PKEY_DSA_SIGN; | ||||
else if (alg_a & SSL_aRSA) | else if (alg_a & SSL_aRSA) | ||||
return SSL_PKEY_RSA_ENC; | return SSL_PKEY_RSA_ENC; | ||||
else if (alg_a & SSL_aGOST94) | |||||
return SSL_PKEY_GOST94; | |||||
else if (alg_a & SSL_aGOST01) | |||||
return SSL_PKEY_GOST01; | |||||
return -1; | return -1; | ||||
} | } | ||||
@@ -2281,17 +2281,6 @@ void ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher) | |||||
rsa_enc,rsa_enc_export,rsa_sign,dsa_sign,dh_rsa,dh_dsa); | rsa_enc,rsa_enc_export,rsa_sign,dsa_sign,dh_rsa,dh_dsa); | ||||
#endif | #endif | ||||
cpk = &(c->pkeys[SSL_PKEY_GOST01]); | |||||
if (cpk->x509 != NULL && cpk->privatekey !=NULL) { | |||||
mask_k |= SSL_kGOST; | |||||
mask_a |= SSL_aGOST01; | |||||
} | |||||
cpk = &(c->pkeys[SSL_PKEY_GOST94]); | |||||
if (cpk->x509 != NULL && cpk->privatekey !=NULL) { | |||||
mask_k |= SSL_kGOST; | |||||
mask_a |= SSL_aGOST94; | |||||
} | |||||
if (rsa_enc || (rsa_tmp && rsa_sign)) | if (rsa_enc || (rsa_tmp && rsa_sign)) | ||||
mask_k|=SSL_kRSA; | mask_k|=SSL_kRSA; | ||||
if (rsa_enc_export || (rsa_tmp_export && (rsa_sign || rsa_enc))) | if (rsa_enc_export || (rsa_tmp_export && (rsa_sign || rsa_enc))) | ||||
@@ -284,8 +284,7 @@ | |||||
#define SSL_kECDHe 0x00000020L /* ECDH cert, ECDSA CA cert */ | #define SSL_kECDHe 0x00000020L /* ECDH cert, ECDSA CA cert */ | ||||
#define SSL_kEECDH 0x00000040L /* ephemeral ECDH */ | #define SSL_kEECDH 0x00000040L /* ephemeral ECDH */ | ||||
#define SSL_kPSK 0x00000080L /* PSK */ | #define SSL_kPSK 0x00000080L /* PSK */ | ||||
#define SSL_kGOST 0x00000100L /* GOST key exchange */ | |||||
#define SSL_kSRP 0x00000200L /* SRP */ | |||||
#define SSL_kSRP 0x00000100L /* SRP */ | |||||
/* Bits for algorithm_auth (server authentication) */ | /* Bits for algorithm_auth (server authentication) */ | ||||
#define SSL_aRSA 0x00000001L /* RSA auth */ | #define SSL_aRSA 0x00000001L /* RSA auth */ | ||||
@@ -295,8 +294,6 @@ | |||||
#define SSL_aECDH 0x00000010L /* Fixed ECDH auth (kECDHe or kECDHr) */ | #define SSL_aECDH 0x00000010L /* Fixed ECDH auth (kECDHe or kECDHr) */ | ||||
#define SSL_aECDSA 0x00000020L /* ECDSA auth*/ | #define SSL_aECDSA 0x00000020L /* ECDSA auth*/ | ||||
#define SSL_aPSK 0x00000040L /* PSK auth */ | #define SSL_aPSK 0x00000040L /* PSK auth */ | ||||
#define SSL_aGOST94 0x00000080L /* GOST R 34.10-94 signature auth */ | |||||
#define SSL_aGOST01 0x00000100L /* GOST R 34.10-2001 signature auth */ | |||||
/* Bits for algorithm_enc (symmetric encryption) */ | /* Bits for algorithm_enc (symmetric encryption) */ | ||||
@@ -310,11 +307,10 @@ | |||||
#define SSL_AES256 0x00000080L | #define SSL_AES256 0x00000080L | ||||
#define SSL_CAMELLIA128 0x00000100L | #define SSL_CAMELLIA128 0x00000100L | ||||
#define SSL_CAMELLIA256 0x00000200L | #define SSL_CAMELLIA256 0x00000200L | ||||
#define SSL_eGOST2814789CNT 0x00000400L | |||||
#define SSL_SEED 0x00000800L | |||||
#define SSL_AES128GCM 0x00001000L | |||||
#define SSL_AES256GCM 0x00002000L | |||||
#define SSL_CHACHA20POLY1305 0x00004000L | |||||
#define SSL_SEED 0x00000400L | |||||
#define SSL_AES128GCM 0x00000800L | |||||
#define SSL_AES256GCM 0x00001000L | |||||
#define SSL_CHACHA20POLY1305 0x00002000L | |||||
#define SSL_AES (SSL_AES128|SSL_AES256|SSL_AES128GCM|SSL_AES256GCM) | #define SSL_AES (SSL_AES128|SSL_AES256|SSL_AES128GCM|SSL_AES256GCM) | ||||
#define SSL_CAMELLIA (SSL_CAMELLIA128|SSL_CAMELLIA256) | #define SSL_CAMELLIA (SSL_CAMELLIA128|SSL_CAMELLIA256) | ||||
@@ -324,12 +320,10 @@ | |||||
#define SSL_MD5 0x00000001L | #define SSL_MD5 0x00000001L | ||||
#define SSL_SHA1 0x00000002L | #define SSL_SHA1 0x00000002L | ||||
#define SSL_GOST94 0x00000004L | |||||
#define SSL_GOST89MAC 0x00000008L | |||||
#define SSL_SHA256 0x00000010L | |||||
#define SSL_SHA384 0x00000020L | |||||
#define SSL_SHA256 0x00000004L | |||||
#define SSL_SHA384 0x00000008L | |||||
/* Not a real MAC, just an indication it is part of cipher */ | /* Not a real MAC, just an indication it is part of cipher */ | ||||
#define SSL_AEAD 0x00000040L | |||||
#define SSL_AEAD 0x00000010L | |||||
/* Bits for algorithm_ssl (protocol version) */ | /* Bits for algorithm_ssl (protocol version) */ | ||||
#define SSL_SSLV2 0x00000001L | #define SSL_SSLV2 0x00000001L | ||||
@@ -342,14 +336,13 @@ | |||||
#define SSL_HANDSHAKE_MAC_MD5 0x10 | #define SSL_HANDSHAKE_MAC_MD5 0x10 | ||||
#define SSL_HANDSHAKE_MAC_SHA 0x20 | #define SSL_HANDSHAKE_MAC_SHA 0x20 | ||||
#define SSL_HANDSHAKE_MAC_GOST94 0x40 | |||||
#define SSL_HANDSHAKE_MAC_SHA256 0x80 | |||||
#define SSL_HANDSHAKE_MAC_SHA384 0x100 | |||||
#define SSL_HANDSHAKE_MAC_SHA256 0x40 | |||||
#define SSL_HANDSHAKE_MAC_SHA384 0x80 | |||||
#define SSL_HANDSHAKE_MAC_DEFAULT (SSL_HANDSHAKE_MAC_MD5 | SSL_HANDSHAKE_MAC_SHA) | #define SSL_HANDSHAKE_MAC_DEFAULT (SSL_HANDSHAKE_MAC_MD5 | SSL_HANDSHAKE_MAC_SHA) | ||||
/* When adding new digest in the ssl_ciph.c and increment SSM_MD_NUM_IDX | /* When adding new digest in the ssl_ciph.c and increment SSM_MD_NUM_IDX | ||||
* make sure to update this constant too */ | * make sure to update this constant too */ | ||||
#define SSL_MAX_DIGEST 6 | |||||
#define SSL_MAX_DIGEST 4 | |||||
#define TLS1_PRF_DGST_MASK (0xff << TLS1_PRF_DGST_SHIFT) | #define TLS1_PRF_DGST_MASK (0xff << TLS1_PRF_DGST_SHIFT) | ||||
@@ -358,13 +351,8 @@ | |||||
#define TLS1_PRF_SHA1 (SSL_HANDSHAKE_MAC_SHA << TLS1_PRF_DGST_SHIFT) | #define TLS1_PRF_SHA1 (SSL_HANDSHAKE_MAC_SHA << TLS1_PRF_DGST_SHIFT) | ||||
#define TLS1_PRF_SHA256 (SSL_HANDSHAKE_MAC_SHA256 << TLS1_PRF_DGST_SHIFT) | #define TLS1_PRF_SHA256 (SSL_HANDSHAKE_MAC_SHA256 << TLS1_PRF_DGST_SHIFT) | ||||
#define TLS1_PRF_SHA384 (SSL_HANDSHAKE_MAC_SHA384 << TLS1_PRF_DGST_SHIFT) | #define TLS1_PRF_SHA384 (SSL_HANDSHAKE_MAC_SHA384 << TLS1_PRF_DGST_SHIFT) | ||||
#define TLS1_PRF_GOST94 (SSL_HANDSHAKE_MAC_GOST94 << TLS1_PRF_DGST_SHIFT) | |||||
#define TLS1_PRF (TLS1_PRF_MD5 | TLS1_PRF_SHA1) | #define TLS1_PRF (TLS1_PRF_MD5 | TLS1_PRF_SHA1) | ||||
/* Stream MAC for GOST ciphersuites from cryptopro draft | |||||
* (currently this also goes into algorithm2) */ | |||||
#define TLS1_STREAM_MAC 0x04 | |||||
#define TLSEXT_CHANNEL_ID_SIZE 128 | #define TLSEXT_CHANNEL_ID_SIZE 128 | ||||
/* SSL_CIPHER_ALGORITHM2_AEAD is a flag in SSL_CIPHER.algorithm2 which | /* SSL_CIPHER_ALGORITHM2_AEAD is a flag in SSL_CIPHER.algorithm2 which | ||||
@@ -476,9 +464,7 @@ | |||||
#define SSL_PKEY_DH_RSA 3 | #define SSL_PKEY_DH_RSA 3 | ||||
#define SSL_PKEY_DH_DSA 4 | #define SSL_PKEY_DH_DSA 4 | ||||
#define SSL_PKEY_ECC 5 | #define SSL_PKEY_ECC 5 | ||||
#define SSL_PKEY_GOST94 6 | |||||
#define SSL_PKEY_GOST01 7 | |||||
#define SSL_PKEY_NUM 8 | |||||
#define SSL_PKEY_NUM 6 | |||||
/* SSL_kRSA <- RSA_ENC | (RSA_TMP & RSA_SIGN) | | /* SSL_kRSA <- RSA_ENC | (RSA_TMP & RSA_SIGN) | | ||||
* <- (EXPORT & (RSA_ENC | RSA_TMP) & RSA_SIGN) | * <- (EXPORT & (RSA_ENC | RSA_TMP) & RSA_SIGN) | ||||
@@ -423,11 +423,6 @@ static int tls1_change_cipher_state_cipher( | |||||
if (is_read) | if (is_read) | ||||
{ | { | ||||
if (s->s3->tmp.new_cipher->algorithm2 & TLS1_STREAM_MAC) | |||||
s->mac_flags |= SSL_MAC_FLAG_READ_MAC_STREAM; | |||||
else | |||||
s->mac_flags &= ~SSL_MAC_FLAG_READ_MAC_STREAM; | |||||
if (s->enc_read_ctx != NULL && !SSL_IS_DTLS(s)) | if (s->enc_read_ctx != NULL && !SSL_IS_DTLS(s)) | ||||
EVP_CIPHER_CTX_cleanup(s->enc_read_ctx); | EVP_CIPHER_CTX_cleanup(s->enc_read_ctx); | ||||
else if ((s->enc_read_ctx=EVP_CIPHER_CTX_new()) == NULL) | else if ((s->enc_read_ctx=EVP_CIPHER_CTX_new()) == NULL) | ||||
@@ -441,11 +436,6 @@ static int tls1_change_cipher_state_cipher( | |||||
} | } | ||||
else | else | ||||
{ | { | ||||
if (s->s3->tmp.new_cipher->algorithm2 & TLS1_STREAM_MAC) | |||||
s->mac_flags |= SSL_MAC_FLAG_WRITE_MAC_STREAM; | |||||
else | |||||
s->mac_flags &= ~SSL_MAC_FLAG_WRITE_MAC_STREAM; | |||||
/* When updating the write contexts for DTLS, we do not wish to | /* When updating the write contexts for DTLS, we do not wish to | ||||
* free the old ones because DTLS stores pointers to them in | * free the old ones because DTLS stores pointers to them in | ||||
* order to implement retransmission. */ | * order to implement retransmission. */ | ||||
@@ -1182,7 +1172,6 @@ int tls1_mac(SSL *ssl, unsigned char *md, int send) | |||||
int i; | int i; | ||||
EVP_MD_CTX hmac, *mac_ctx; | EVP_MD_CTX hmac, *mac_ctx; | ||||
unsigned char header[13]; | unsigned char header[13]; | ||||
int stream_mac = (send?(ssl->mac_flags & SSL_MAC_FLAG_WRITE_MAC_STREAM):(ssl->mac_flags&SSL_MAC_FLAG_READ_MAC_STREAM)); | |||||
int t; | int t; | ||||
if (send) | if (send) | ||||
@@ -1202,17 +1191,9 @@ int tls1_mac(SSL *ssl, unsigned char *md, int send) | |||||
assert(t >= 0); | assert(t >= 0); | ||||
md_size=t; | md_size=t; | ||||
/* I should fix this up TLS TLS TLS TLS TLS XXXXXXXX */ | |||||
if (stream_mac) | |||||
{ | |||||
mac_ctx = hash; | |||||
} | |||||
else | |||||
{ | |||||
if (!EVP_MD_CTX_copy(&hmac,hash)) | |||||
return -1; | |||||
mac_ctx = &hmac; | |||||
} | |||||
if (!EVP_MD_CTX_copy(&hmac,hash)) | |||||
return -1; | |||||
mac_ctx = &hmac; | |||||
if (SSL_IS_DTLS(ssl)) | if (SSL_IS_DTLS(ssl)) | ||||
{ | { | ||||
@@ -1261,18 +1242,7 @@ int tls1_mac(SSL *ssl, unsigned char *md, int send) | |||||
assert(t > 0); | assert(t > 0); | ||||
} | } | ||||
if (!stream_mac) | |||||
EVP_MD_CTX_cleanup(&hmac); | |||||
#ifdef TLS_DEBUG | |||||
printf("sec="); | |||||
{unsigned int z; for (z=0; z<md_size; z++) printf("%02X ",mac_sec[z]); printf("\n"); } | |||||
printf("seq="); | |||||
{int z; for (z=0; z<8; z++) printf("%02X ",seq[z]); printf("\n"); } | |||||
printf("buf="); | |||||
{int z; for (z=0; z<5; z++) printf("%02X ",buf[z]); printf("\n"); } | |||||
printf("rec="); | |||||
{unsigned int z; for (z=0; z<rec->length; z++) printf("%02X ",buf[z]); printf("\n"); } | |||||
#endif | |||||
EVP_MD_CTX_cleanup(&hmac); | |||||
if (!SSL_IS_DTLS(ssl)) | if (!SSL_IS_DTLS(ssl)) | ||||
{ | { | ||||
@@ -1283,9 +1253,6 @@ printf("rec="); | |||||
} | } | ||||
} | } | ||||
#ifdef TLS_DEBUG | |||||
{unsigned int z; for (z=0; z<md_size; z++) printf("%02X ",md[z]); printf("\n"); } | |||||
#endif | |||||
return(md_size); | return(md_size); | ||||
} | } | ||||