kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Hide SSL3_STATE.

Browse Source 
BUG=6

Change-Id: I463f5daa0bbf0f65269c52da25fa235ee2aa6ffb
Reviewed-on: https://boringssl-review.googlesource.com/11240
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: Adam Langley <agl@google.com>
This commit is contained in:
David Benjamin 2016-10-17 20:41:08 -04:00 committed by Adam Langley
parent 2c62fe9c58
commit e228bd299d
2 changed files with 201 additions and 201 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

201
include/openssl/ssl.h
View File

@ -4202,207 +4202,6 @@ struct ssl_st {
int tlsext_status_type;
};
typedef struct ssl3_record_st {
/* type is the record type. */
uint8_t type;
/* length is the number of unconsumed bytes in the record. */
uint16_t length;
/* data is a non-owning pointer to the first unconsumed byte of the record. */
uint8_t *data;
} SSL3_RECORD;
typedef struct ssl3_buffer_st {
/* buf is the memory allocated for this buffer. */
uint8_t *buf;
/* offset is the offset into |buf| which the buffer contents start at. */
uint16_t offset;
/* len is the length of the buffer contents from |buf| + |offset|. */
uint16_t len;
/* cap is how much memory beyond |buf| + |offset| is available. */
uint16_t cap;
} SSL3_BUFFER;
/* An ssl_shutdown_t describes the shutdown state of one end of the connection,
* whether it is alive or has been shutdown via close_notify or fatal alert. */
enum ssl_shutdown_t {
ssl_shutdown_none = 0,
ssl_shutdown_close_notify = 1,
ssl_shutdown_fatal_alert = 2,
};
typedef struct ssl3_state_st {
uint8_t read_sequence[8];
uint8_t write_sequence[8];
uint8_t server_random[SSL3_RANDOM_SIZE];
uint8_t client_random[SSL3_RANDOM_SIZE];
/* have_version is true if the connection's final version is known. Otherwise
* the version has not been negotiated yet. */
unsigned have_version:1;
/* v2_hello_done is true if the peer's V2ClientHello, if any, has been handled
* and future messages should use the record layer. */
unsigned v2_hello_done:1;
/* initial_handshake_complete is true if the initial handshake has
* completed. */
unsigned initial_handshake_complete:1;
/* read_buffer holds data from the transport to be processed. */
SSL3_BUFFER read_buffer;
/* write_buffer holds data to be written to the transport. */
SSL3_BUFFER write_buffer;
SSL3_RECORD rrec; /* each decoded record goes in here */
/* partial write - check the numbers match */
unsigned int wnum; /* number of bytes sent so far */
int wpend_tot; /* number bytes written */
int wpend_type;
int wpend_ret; /* number of bytes submitted */
const uint8_t *wpend_buf;
/* handshake_buffer, if non-NULL, contains the handshake transcript. */
BUF_MEM *handshake_buffer;
/* handshake_hash, if initialized with an |EVP_MD|, maintains the handshake
* hash. For TLS 1.1 and below, it is the SHA-1 half. */
EVP_MD_CTX handshake_hash;
/* handshake_md5, if initialized with an |EVP_MD|, maintains the MD5 half of
* the handshake hash for TLS 1.1 and below. */
EVP_MD_CTX handshake_md5;
/* recv_shutdown is the shutdown state for the receive half of the
* connection. */
enum ssl_shutdown_t recv_shutdown;
/* recv_shutdown is the shutdown state for the send half of the connection. */
enum ssl_shutdown_t send_shutdown;
int alert_dispatch;
uint8_t send_alert[2];
int total_renegotiations;
/* empty_record_count is the number of consecutive empty records received. */
uint8_t empty_record_count;
/* warning_alert_count is the number of consecutive warning alerts
* received. */
uint8_t warning_alert_count;
/* key_update_count is the number of consecutive KeyUpdates received. */
uint8_t key_update_count;
/* aead_read_ctx is the current read cipher state. */
SSL_AEAD_CTX *aead_read_ctx;
/* aead_write_ctx is the current write cipher state. */
SSL_AEAD_CTX *aead_write_ctx;
/* enc_method is the method table corresponding to the current protocol
* version. */
const SSL3_ENC_METHOD *enc_method;
/* pending_message is the current outgoing handshake message. */
uint8_t *pending_message;
uint32_t pending_message_len;
/* hs is the handshake state for the current handshake or NULL if there isn't
* one. */
SSL_HANDSHAKE *hs;
uint8_t write_traffic_secret[EVP_MAX_MD_SIZE];
uint8_t write_traffic_secret_len;
uint8_t read_traffic_secret[EVP_MAX_MD_SIZE];
uint8_t read_traffic_secret_len;
uint8_t exporter_secret[EVP_MAX_MD_SIZE];
uint8_t exporter_secret_len;
/* State pertaining to the pending handshake.
*
* TODO(davidben): Move everything not needed after the handshake completes to
* |hs| and remove this. */
struct {
int message_type;
/* used to hold the new cipher we are going to use */
const SSL_CIPHER *new_cipher;
/* used when SSL_ST_FLUSH_DATA is entered */
int next_state;
int reuse_message;
uint8_t *key_block;
uint8_t key_block_length;
uint8_t new_mac_secret_len;
uint8_t new_key_len;
uint8_t new_fixed_iv_len;
/* extended_master_secret indicates whether the extended master secret
* computation is used in this handshake. Note that this is different from
* whether it was used for the current session. If this is a resumption
* handshake then EMS might be negotiated in the client and server hello
* messages, but it doesn't matter if the session that's being resumed
* didn't use it to create the master secret initially. */
char extended_master_secret;
/* peer_signature_algorithm is the signature algorithm used to authenticate
* the peer, or zero if not applicable. */
uint16_t peer_signature_algorithm;
} tmp;
/* new_session is the new mutable session being established by the current
* handshake. It should not be cached. */
SSL_SESSION *new_session;
/* established_session is the session established by the connection. This
* session is only filled upon the completion of the handshake and is
* immutable. */
SSL_SESSION *established_session;
/* session_reused indicates whether a session was resumed. */
unsigned session_reused:1;
/* Connection binding to prevent renegotiation attacks */
uint8_t previous_client_finished[12];
uint8_t previous_client_finished_len;
uint8_t previous_server_finished[12];
uint8_t previous_server_finished_len;
int send_connection_binding;
/* Next protocol negotiation. For the client, this is the protocol that we
* sent in NextProtocol and is set when handling ServerHello extensions.
*
* For a server, this is the client's selected_protocol from NextProtocol and
* is set when handling the NextProtocol message, before the Finished
* message. */
uint8_t *next_proto_negotiated;
size_t next_proto_negotiated_len;
/* ALPN information
* (we are in the process of transitioning from NPN to ALPN.) */
/* In a server these point to the selected ALPN protocol after the
* ClientHello has been processed. In a client these contain the protocol
* that the server selected once the ServerHello has been processed. */
uint8_t *alpn_selected;
size_t alpn_selected_len;
/* In a client, this means that the server supported Channel ID and that a
* Channel ID was sent. In a server it means that we echoed support for
* Channel IDs and that tlsext_channel_id will be valid after the
* handshake. */
char tlsext_channel_id_valid;
/* For a server:
* If |tlsext_channel_id_valid| is true, then this contains the
* verified Channel ID from the client: a P256 point, (x,y), where
* each are big-endian values. */
uint8_t tlsext_channel_id[64];
} SSL3_STATE;
/* Nodejs compatibility section (hidden).
*

201
ssl/internal.h
View File

@ -1262,6 +1262,207 @@ struct ssl3_enc_method {
int (*final_finish_mac)(SSL *ssl, int from_server, uint8_t *out);
};
typedef struct ssl3_record_st {
/* type is the record type. */
uint8_t type;
/* length is the number of unconsumed bytes in the record. */
uint16_t length;
/* data is a non-owning pointer to the first unconsumed byte of the record. */
uint8_t *data;
} SSL3_RECORD;
typedef struct ssl3_buffer_st {
/* buf is the memory allocated for this buffer. */
uint8_t *buf;
/* offset is the offset into |buf| which the buffer contents start at. */
uint16_t offset;
/* len is the length of the buffer contents from |buf| + |offset|. */
uint16_t len;
/* cap is how much memory beyond |buf| + |offset| is available. */
uint16_t cap;
} SSL3_BUFFER;
/* An ssl_shutdown_t describes the shutdown state of one end of the connection,
* whether it is alive or has been shutdown via close_notify or fatal alert. */
enum ssl_shutdown_t {
ssl_shutdown_none = 0,
ssl_shutdown_close_notify = 1,
ssl_shutdown_fatal_alert = 2,
};
typedef struct ssl3_state_st {
uint8_t read_sequence[8];
uint8_t write_sequence[8];
uint8_t server_random[SSL3_RANDOM_SIZE];
uint8_t client_random[SSL3_RANDOM_SIZE];
/* have_version is true if the connection's final version is known. Otherwise
* the version has not been negotiated yet. */
unsigned have_version:1;
/* v2_hello_done is true if the peer's V2ClientHello, if any, has been handled
* and future messages should use the record layer. */
unsigned v2_hello_done:1;
/* initial_handshake_complete is true if the initial handshake has
* completed. */
unsigned initial_handshake_complete:1;
/* read_buffer holds data from the transport to be processed. */
SSL3_BUFFER read_buffer;
/* write_buffer holds data to be written to the transport. */
SSL3_BUFFER write_buffer;
SSL3_RECORD rrec; /* each decoded record goes in here */
/* partial write - check the numbers match */
unsigned int wnum; /* number of bytes sent so far */
int wpend_tot; /* number bytes written */
int wpend_type;
int wpend_ret; /* number of bytes submitted */
const uint8_t *wpend_buf;
/* handshake_buffer, if non-NULL, contains the handshake transcript. */
BUF_MEM *handshake_buffer;
/* handshake_hash, if initialized with an |EVP_MD|, maintains the handshake
* hash. For TLS 1.1 and below, it is the SHA-1 half. */
EVP_MD_CTX handshake_hash;
/* handshake_md5, if initialized with an |EVP_MD|, maintains the MD5 half of
* the handshake hash for TLS 1.1 and below. */
EVP_MD_CTX handshake_md5;
/* recv_shutdown is the shutdown state for the receive half of the
* connection. */
enum ssl_shutdown_t recv_shutdown;
/* recv_shutdown is the shutdown state for the send half of the connection. */
enum ssl_shutdown_t send_shutdown;
int alert_dispatch;
uint8_t send_alert[2];
int total_renegotiations;
/* empty_record_count is the number of consecutive empty records received. */
uint8_t empty_record_count;
/* warning_alert_count is the number of consecutive warning alerts
* received. */
uint8_t warning_alert_count;
/* key_update_count is the number of consecutive KeyUpdates received. */
uint8_t key_update_count;
/* aead_read_ctx is the current read cipher state. */
SSL_AEAD_CTX *aead_read_ctx;
/* aead_write_ctx is the current write cipher state. */
SSL_AEAD_CTX *aead_write_ctx;
/* enc_method is the method table corresponding to the current protocol
* version. */
const SSL3_ENC_METHOD *enc_method;
/* pending_message is the current outgoing handshake message. */
uint8_t *pending_message;
uint32_t pending_message_len;
/* hs is the handshake state for the current handshake or NULL if there isn't
* one. */
SSL_HANDSHAKE *hs;
uint8_t write_traffic_secret[EVP_MAX_MD_SIZE];
uint8_t write_traffic_secret_len;
uint8_t read_traffic_secret[EVP_MAX_MD_SIZE];
uint8_t read_traffic_secret_len;
uint8_t exporter_secret[EVP_MAX_MD_SIZE];
uint8_t exporter_secret_len;
/* State pertaining to the pending handshake.
*
* TODO(davidben): Move everything not needed after the handshake completes to
* |hs| and remove this. */
struct {
int message_type;
/* used to hold the new cipher we are going to use */
const SSL_CIPHER *new_cipher;
/* used when SSL_ST_FLUSH_DATA is entered */
int next_state;
int reuse_message;
uint8_t *key_block;
uint8_t key_block_length;
uint8_t new_mac_secret_len;
uint8_t new_key_len;
uint8_t new_fixed_iv_len;
/* extended_master_secret indicates whether the extended master secret
* computation is used in this handshake. Note that this is different from
* whether it was used for the current session. If this is a resumption
* handshake then EMS might be negotiated in the client and server hello
* messages, but it doesn't matter if the session that's being resumed
* didn't use it to create the master secret initially. */
char extended_master_secret;
/* peer_signature_algorithm is the signature algorithm used to authenticate
* the peer, or zero if not applicable. */
uint16_t peer_signature_algorithm;
} tmp;
/* new_session is the new mutable session being established by the current
* handshake. It should not be cached. */
SSL_SESSION *new_session;
/* established_session is the session established by the connection. This
* session is only filled upon the completion of the handshake and is
* immutable. */
SSL_SESSION *established_session;
/* session_reused indicates whether a session was resumed. */
unsigned session_reused:1;
/* Connection binding to prevent renegotiation attacks */
uint8_t previous_client_finished[12];
uint8_t previous_client_finished_len;
uint8_t previous_server_finished[12];
uint8_t previous_server_finished_len;
int send_connection_binding;
/* Next protocol negotiation. For the client, this is the protocol that we
* sent in NextProtocol and is set when handling ServerHello extensions.
*
* For a server, this is the client's selected_protocol from NextProtocol and
* is set when handling the NextProtocol message, before the Finished
* message. */
uint8_t *next_proto_negotiated;
size_t next_proto_negotiated_len;
/* ALPN information
* (we are in the process of transitioning from NPN to ALPN.) */
/* In a server these point to the selected ALPN protocol after the
* ClientHello has been processed. In a client these contain the protocol
* that the server selected once the ServerHello has been processed. */
uint8_t *alpn_selected;
size_t alpn_selected_len;
/* In a client, this means that the server supported Channel ID and that a
* Channel ID was sent. In a server it means that we echoed support for
* Channel IDs and that tlsext_channel_id will be valid after the
* handshake. */
char tlsext_channel_id_valid;
/* For a server:
* If |tlsext_channel_id_valid| is true, then this contains the
* verified Channel ID from the client: a P256 point, (x,y), where
* each are big-endian values. */
uint8_t tlsext_channel_id[64];
} SSL3_STATE;
/* lengths of messages */
#define DTLS1_COOKIE_LENGTH 256