diff options
| -rw-r--r-- | CHANGES | 5 | ||||
| -rw-r--r-- | crypto/objects/obj_dat.h | 224 | ||||
| -rw-r--r-- | crypto/objects/obj_mac.h | 8 | ||||
| -rw-r--r-- | crypto/objects/obj_mac.num | 2 | ||||
| -rw-r--r-- | crypto/objects/objects.txt | 3 | ||||
| -rw-r--r-- | ssl/d1_both.c | 2 | ||||
| -rw-r--r-- | ssl/d1_clnt.c | 6 | ||||
| -rw-r--r-- | ssl/d1_srvr.c | 4 | ||||
| -rw-r--r-- | ssl/s3_both.c | 13 | ||||
| -rw-r--r-- | ssl/s3_clnt.c | 7 | ||||
| -rw-r--r-- | ssl/s3_enc.c | 106 | ||||
| -rw-r--r-- | ssl/s3_lib.c | 247 | ||||
| -rw-r--r-- | ssl/s3_pkt.c | 2 | ||||
| -rw-r--r-- | ssl/s3_srvr.c | 11 | ||||
| -rw-r--r-- | ssl/ssl.h | 7 | ||||
| -rw-r--r-- | ssl/ssl3.h | 8 | ||||
| -rw-r--r-- | ssl/ssl_ciph.c | 67 | ||||
| -rw-r--r-- | ssl/ssl_err.c | 6 | ||||
| -rw-r--r-- | ssl/ssl_lib.c | 4 | ||||
| -rw-r--r-- | ssl/ssl_locl.h | 41 | ||||
| -rw-r--r-- | ssl/t1_enc.c | 99 | ||||
| -rw-r--r-- | ssl/tls1.h | 1 | ||||
| -rwxr-xr-x | util/ssleay.num | 26 |
23 files changed, 553 insertions, 346 deletions
@@ -4,6 +4,11 @@ Changes between 0.9.8f and 0.9.9 [xx XXX xxxx] + *) Update ssl code to support digests other than SHA1+MD5 for handshake + MAC. + + [Victor B. Wagner <vitus@cryptocom.ru>] + *) Add RFC4507 support to OpenSSL. This includes the corrections in RFC4507bis. The encrypted ticket format is an encrypted encoded SSL_SESSION structure, that way new session features are automatically diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h index 872d79ba4f..66b9c87e12 100644 --- a/crypto/objects/obj_dat.h +++ b/crypto/objects/obj_dat.h @@ -62,7 +62,7 @@ * [including the GNU Public Licence.] */ -#define NUM_NID 842 +#define NUM_NID 844 #define NUM_SN 838 #define NUM_LN 838 #define NUM_OBJ 792 @@ -807,59 +807,59 @@ static unsigned char lvalues[5598]={ 0x2A,0x85,0x03,0x02,0x02,0x13, /* [5195] OBJ_id_GostR3410_2001 */ 0x2A,0x85,0x03,0x02,0x02,0x14, /* [5201] OBJ_id_GostR3410_94 */ 0x2A,0x85,0x03,0x02,0x02,0x15, /* [5207] OBJ_id_Gost28147_89 */ -0x2A,0x85,0x03,0x02,0x02,0x16, /* [5213] OBJ_id_Gost28147_89_MAC */ -0x2A,0x85,0x03,0x02,0x02,0x17, /* [5219] OBJ_id_GostR3411_94_prf */ -0x2A,0x85,0x03,0x02,0x02,0x62, /* [5225] OBJ_id_GostR3410_2001DH */ -0x2A,0x85,0x03,0x02,0x02,0x63, /* [5231] OBJ_id_GostR3410_94DH */ -0x2A,0x85,0x03,0x02,0x02,0x0E,0x01, /* [5237] OBJ_id_Gost28147_89_CryptoPro_KeyMeshing */ -0x2A,0x85,0x03,0x02,0x02,0x0E,0x00, /* [5244] OBJ_id_Gost28147_89_None_KeyMeshing */ -0x2A,0x85,0x03,0x02,0x02,0x1E,0x00, /* [5251] OBJ_id_GostR3411_94_TestParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x1E,0x01, /* [5258] OBJ_id_GostR3411_94_CryptoProParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x1F,0x00, /* [5265] OBJ_id_Gost28147_89_TestParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x1F,0x01, /* [5272] OBJ_id_Gost28147_89_CryptoPro_A_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x1F,0x02, /* [5279] OBJ_id_Gost28147_89_CryptoPro_B_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x1F,0x03, /* [5286] OBJ_id_Gost28147_89_CryptoPro_C_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x1F,0x04, /* [5293] OBJ_id_Gost28147_89_CryptoPro_D_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x1F,0x05, /* [5300] OBJ_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x1F,0x06, /* [5307] OBJ_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x1F,0x07, /* [5314] OBJ_id_Gost28147_89_CryptoPro_RIC_1_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x20,0x00, /* [5321] OBJ_id_GostR3410_94_TestParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x20,0x02, /* [5328] OBJ_id_GostR3410_94_CryptoPro_A_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x20,0x03, /* [5335] OBJ_id_GostR3410_94_CryptoPro_B_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x20,0x04, /* [5342] OBJ_id_GostR3410_94_CryptoPro_C_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x20,0x05, /* [5349] OBJ_id_GostR3410_94_CryptoPro_D_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x21,0x01, /* [5356] OBJ_id_GostR3410_94_CryptoPro_XchA_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x21,0x02, /* [5363] OBJ_id_GostR3410_94_CryptoPro_XchB_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x21,0x03, /* [5370] OBJ_id_GostR3410_94_CryptoPro_XchC_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x23,0x00, /* [5377] OBJ_id_GostR3410_2001_TestParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x23,0x01, /* [5384] OBJ_id_GostR3410_2001_CryptoPro_A_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x23,0x02, /* [5391] OBJ_id_GostR3410_2001_CryptoPro_B_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x23,0x03, /* [5398] OBJ_id_GostR3410_2001_CryptoPro_C_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x24,0x00, /* [5405] OBJ_id_GostR3410_2001_CryptoPro_XchA_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x24,0x01, /* [5412] OBJ_id_GostR3410_2001_CryptoPro_XchB_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x14,0x01, /* [5419] OBJ_id_GostR3410_94_a */ -0x2A,0x85,0x03,0x02,0x02,0x14,0x02, /* [5426] OBJ_id_GostR3410_94_aBis */ -0x2A,0x85,0x03,0x02,0x02,0x14,0x03, /* [5433] OBJ_id_GostR3410_94_b */ -0x2A,0x85,0x03,0x02,0x02,0x14,0x04, /* [5440] OBJ_id_GostR3410_94_bBis */ -0x2A,0x85,0x03,0x02,0x09,0x01,0x06,0x01, /* [5447] OBJ_id_Gost28147_89_cc */ -0x2A,0x85,0x03,0x02,0x09,0x01,0x05,0x03, /* [5455] OBJ_id_GostR3410_94_cc */ -0x2A,0x85,0x03,0x02,0x09,0x01,0x05,0x04, /* [5463] OBJ_id_GostR3410_2001_cc */ -0x2A,0x85,0x03,0x02,0x09,0x01,0x03,0x03, /* [5471] OBJ_id_GostR3411_94_with_GostR3410_94_cc */ -0x2A,0x85,0x03,0x02,0x09,0x01,0x03,0x04, /* [5479] OBJ_id_GostR3411_94_with_GostR3410_2001_cc */ -0x2A,0x85,0x03,0x02,0x09,0x01,0x08,0x01, /* [5487] OBJ_id_GostR3410_2001_ParamSet_cc */ -0x2A,0x86,0x48,0xCE,0x3D,0x04,0x02, /* [5495] OBJ_ecdsa_with_Recommended */ -0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03, /* [5502] OBJ_ecdsa_with_Specified */ -0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x01, /* [5509] OBJ_ecdsa_with_SHA224 */ -0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x02, /* [5517] OBJ_ecdsa_with_SHA256 */ -0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x03, /* [5525] OBJ_ecdsa_with_SHA384 */ -0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x04, /* [5533] OBJ_ecdsa_with_SHA512 */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x03,0x01,/* [5541] OBJ_dsa_with_SHA224 */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x03,0x02,/* [5550] OBJ_dsa_with_SHA256 */ -0x2A,0x83,0x1A,0x8C,0x9A,0x44, /* [5559] OBJ_kisa */ -0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x03, /* [5565] OBJ_seed_ecb */ -0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x04, /* [5573] OBJ_seed_cbc */ -0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x05, /* [5581] OBJ_seed_cfb128 */ -0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x06, /* [5589] OBJ_seed_ofb128 */ +0x2A,0x85,0x03,0x02,0x02,0x17, /* [5213] OBJ_id_GostR3411_94_prf */ +0x2A,0x85,0x03,0x02,0x02,0x62, /* [5219] OBJ_id_GostR3410_2001DH */ +0x2A,0x85,0x03,0x02,0x02,0x63, /* [5225] OBJ_id_GostR3410_94DH */ +0x2A,0x85,0x03,0x02,0x02,0x0E,0x01, /* [5231] OBJ_id_Gost28147_89_CryptoPro_KeyMeshing */ +0x2A,0x85,0x03,0x02,0x02,0x0E,0x00, /* [5238] OBJ_id_Gost28147_89_None_KeyMeshing */ +0x2A,0x85,0x03,0x02,0x02,0x1E,0x00, /* [5245] OBJ_id_GostR3411_94_TestParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x1E,0x01, /* [5252] OBJ_id_GostR3411_94_CryptoProParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x1F,0x00, /* [5259] OBJ_id_Gost28147_89_TestParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x1F,0x01, /* [5266] OBJ_id_Gost28147_89_CryptoPro_A_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x1F,0x02, /* [5273] OBJ_id_Gost28147_89_CryptoPro_B_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x1F,0x03, /* [5280] OBJ_id_Gost28147_89_CryptoPro_C_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x1F,0x04, /* [5287] OBJ_id_Gost28147_89_CryptoPro_D_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x1F,0x05, /* [5294] OBJ_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x1F,0x06, /* [5301] OBJ_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x1F,0x07, /* [5308] OBJ_id_Gost28147_89_CryptoPro_RIC_1_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x20,0x00, /* [5315] OBJ_id_GostR3410_94_TestParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x20,0x02, /* [5322] OBJ_id_GostR3410_94_CryptoPro_A_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x20,0x03, /* [5329] OBJ_id_GostR3410_94_CryptoPro_B_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x20,0x04, /* [5336] OBJ_id_GostR3410_94_CryptoPro_C_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x20,0x05, /* [5343] OBJ_id_GostR3410_94_CryptoPro_D_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x21,0x01, /* [5350] OBJ_id_GostR3410_94_CryptoPro_XchA_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x21,0x02, /* [5357] OBJ_id_GostR3410_94_CryptoPro_XchB_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x21,0x03, /* [5364] OBJ_id_GostR3410_94_CryptoPro_XchC_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x23,0x00, /* [5371] OBJ_id_GostR3410_2001_TestParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x23,0x01, /* [5378] OBJ_id_GostR3410_2001_CryptoPro_A_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x23,0x02, /* [5385] OBJ_id_GostR3410_2001_CryptoPro_B_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x23,0x03, /* [5392] OBJ_id_GostR3410_2001_CryptoPro_C_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x24,0x00, /* [5399] OBJ_id_GostR3410_2001_CryptoPro_XchA_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x24,0x01, /* [5406] OBJ_id_GostR3410_2001_CryptoPro_XchB_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x14,0x01, /* [5413] OBJ_id_GostR3410_94_a */ +0x2A,0x85,0x03,0x02,0x02,0x14,0x02, /* [5420] OBJ_id_GostR3410_94_aBis */ +0x2A,0x85,0x03,0x02,0x02,0x14,0x03, /* [5427] OBJ_id_GostR3410_94_b */ +0x2A,0x85,0x03,0x02,0x02,0x14,0x04, /* [5434] OBJ_id_GostR3410_94_bBis */ +0x2A,0x85,0x03,0x02,0x09,0x01,0x06,0x01, /* [5441] OBJ_id_Gost28147_89_cc */ +0x2A,0x85,0x03,0x02,0x09,0x01,0x05,0x03, /* [5449] OBJ_id_GostR3410_94_cc */ +0x2A,0x85,0x03,0x02,0x09,0x01,0x05,0x04, /* [5457] OBJ_id_GostR3410_2001_cc */ +0x2A,0x85,0x03,0x02,0x09,0x01,0x03,0x03, /* [5465] OBJ_id_GostR3411_94_with_GostR3410_94_cc */ +0x2A,0x85,0x03,0x02,0x09,0x01,0x03,0x04, /* [5473] OBJ_id_GostR3411_94_with_GostR3410_2001_cc */ +0x2A,0x85,0x03,0x02,0x09,0x01,0x08,0x01, /* [5481] OBJ_id_GostR3410_2001_ParamSet_cc */ +0x2A,0x86,0x48,0xCE,0x3D,0x04,0x02, /* [5489] OBJ_ecdsa_with_Recommended */ +0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03, /* [5496] OBJ_ecdsa_with_Specified */ +0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x01, /* [5503] OBJ_ecdsa_with_SHA224 */ +0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x02, /* [5511] OBJ_ecdsa_with_SHA256 */ +0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x03, /* [5519] OBJ_ecdsa_with_SHA384 */ +0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x04, /* [5527] OBJ_ecdsa_with_SHA512 */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x03,0x01,/* [5535] OBJ_dsa_with_SHA224 */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x03,0x02,/* [5544] OBJ_dsa_with_SHA256 */ +0x2A,0x83,0x1A,0x8C,0x9A,0x44, /* [5553] OBJ_kisa */ +0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x03, /* [5559] OBJ_seed_ecb */ +0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x04, /* [5567] OBJ_seed_cbc */ +0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x05, /* [5575] OBJ_seed_cfb128 */ +0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x06, /* [5583] OBJ_seed_ofb128 */ +0x2A,0x85,0x03,0x02,0x02,0x16, /* [5591] OBJ_id_Gost28147_89_MAC */ }; static ASN1_OBJECT nid_objs[NUM_NID]={ @@ -2089,137 +2089,139 @@ static ASN1_OBJECT nid_objs[NUM_NID]={ &(lvalues[5195]),0}, {"gost94","GOST R 34.10-94",NID_id_GostR3410_94,6,&(lvalues[5201]),0}, {"gost89","GOST 28147-89",NID_id_Gost28147_89,6,&(lvalues[5207]),0}, -{"id-Gost28147-89-MAC","GOST 28147-89 MAC",NID_id_Gost28147_89_MAC,6, - &(lvalues[5213]),0}, +{NULL,NULL,NID_undef,0,NULL,0}, {"prf-gostr3411-94","GOST R 34.11-94 PRF",NID_id_GostR3411_94_prf,6, - &(lvalues[5219]),0}, + &(lvalues[5213]),0}, {"id-GostR3410-2001DH","GOST R 34.10-2001 DH",NID_id_GostR3410_2001DH, - 6,&(lvalues[5225]),0}, + 6,&(lvalues[5219]),0}, {"id-GostR3410-94DH","GOST R 34.10-94 DH",NID_id_GostR3410_94DH,6, - &(lvalues[5231]),0}, + &(lvalues[5225]),0}, {"id-Gost28147-89-CryptoPro-KeyMeshing", "id-Gost28147-89-CryptoPro-KeyMeshing", - NID_id_Gost28147_89_CryptoPro_KeyMeshing,7,&(lvalues[5237]),0}, + NID_id_Gost28147_89_CryptoPro_KeyMeshing,7,&(lvalues[5231]),0}, {"id-Gost28147-89-None-KeyMeshing","id-Gost28147-89-None-KeyMeshing", - NID_id_Gost28147_89_None_KeyMeshing,7,&(lvalues[5244]),0}, + NID_id_Gost28147_89_None_KeyMeshing,7,&(lvalues[5238]),0}, {"id-GostR3411-94-TestParamSet","id-GostR3411-94-TestParamSet", - NID_id_GostR3411_94_TestParamSet,7,&(lvalues[5251]),0}, + NID_id_GostR3411_94_TestParamSet,7,&(lvalues[5245]),0}, {"id-GostR3411-94-CryptoProParamSet", "id-GostR3411-94-CryptoProParamSet", - NID_id_GostR3411_94_CryptoProParamSet,7,&(lvalues[5258]),0}, + NID_id_GostR3411_94_CryptoProParamSet,7,&(lvalues[5252]),0}, {"id-Gost28147-89-TestParamSet","id-Gost28147-89-TestParamSet", - NID_id_Gost28147_89_TestParamSet,7,&(lvalues[5265]),0}, + NID_id_Gost28147_89_TestParamSet,7,&(lvalues[5259]),0}, {"id-Gost28147-89-CryptoPro-A-ParamSet", "id-Gost28147-89-CryptoPro-A-ParamSet", - NID_id_Gost28147_89_CryptoPro_A_ParamSet,7,&(lvalues[5272]),0}, + NID_id_Gost28147_89_CryptoPro_A_ParamSet,7,&(lvalues[5266]),0}, {"id-Gost28147-89-CryptoPro-B-ParamSet", "id-Gost28147-89-CryptoPro-B-ParamSet", - NID_id_Gost28147_89_CryptoPro_B_ParamSet,7,&(lvalues[5279]),0}, + NID_id_Gost28147_89_CryptoPro_B_ParamSet,7,&(lvalues[5273]),0}, {"id-Gost28147-89-CryptoPro-C-ParamSet", "id-Gost28147-89-CryptoPro-C-ParamSet", - NID_id_Gost28147_89_CryptoPro_C_ParamSet,7,&(lvalues[5286]),0}, + NID_id_Gost28147_89_CryptoPro_C_ParamSet,7,&(lvalues[5280]),0}, {"id-Gost28147-89-CryptoPro-D-ParamSet", "id-Gost28147-89-CryptoPro-D-ParamSet", - NID_id_Gost28147_89_CryptoPro_D_ParamSet,7,&(lvalues[5293]),0}, + NID_id_Gost28147_89_CryptoPro_D_ParamSet,7,&(lvalues[5287]),0}, {"id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet", "id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet", - NID_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet,7,&(lvalues[5300]), + NID_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet,7,&(lvalues[5294]), 0}, {"id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet", "id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet", - NID_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet,7,&(lvalues[5307]), + NID_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet,7,&(lvalues[5301]), 0}, {"id-Gost28147-89-CryptoPro-RIC-1-ParamSet", "id-Gost28147-89-CryptoPro-RIC-1-ParamSet", - NID_id_Gost28147_89_CryptoPro_RIC_1_ParamSet,7,&(lvalues[5314]),0}, + NID_id_Gost28147_89_CryptoPro_RIC_1_ParamSet,7,&(lvalues[5308]),0}, {"id-GostR3410-94-TestParamSet","id-GostR3410-94-TestParamSet", - NID_id_GostR3410_94_TestParamSet,7,&(lvalues[5321]),0}, + NID_id_GostR3410_94_TestParamSet,7,&(lvalues[5315]),0}, {"id-GostR3410-94-CryptoPro-A-ParamSet", "id-GostR3410-94-CryptoPro-A-ParamSet", - NID_id_GostR3410_94_CryptoPro_A_ParamSet,7,&(lvalues[5328]),0}, + NID_id_GostR3410_94_CryptoPro_A_ParamSet,7,&(lvalues[5322]),0}, {"id-GostR3410-94-CryptoPro-B-ParamSet", "id-GostR3410-94-CryptoPro-B-ParamSet", - NID_id_GostR3410_94_CryptoPro_B_ParamSet,7,&(lvalues[5335]),0}, + NID_id_GostR3410_94_CryptoPro_B_ParamSet,7,&(lvalues[5329]),0}, {"id-GostR3410-94-CryptoPro-C-ParamSet", "id-GostR3410-94-CryptoPro-C-ParamSet", - NID_id_GostR3410_94_CryptoPro_C_ParamSet,7,&(lvalues[5342]),0}, + NID_id_GostR3410_94_CryptoPro_C_ParamSet,7,&(lvalues[5336]),0}, {"id-GostR3410-94-CryptoPro-D-ParamSet", "id-GostR3410-94-CryptoPro-D-ParamSet", - NID_id_GostR3410_94_CryptoPro_D_ParamSet,7,&(lvalues[5349]),0}, + NID_id_GostR3410_94_CryptoPro_D_ParamSet,7,&(lvalues[5343]),0}, {"id-GostR3410-94-CryptoPro-XchA-ParamSet", "id-GostR3410-94-CryptoPro-XchA-ParamSet", - NID_id_GostR3410_94_CryptoPro_XchA_ParamSet,7,&(lvalues[5356]),0}, + NID_id_GostR3410_94_CryptoPro_XchA_ParamSet,7,&(lvalues[5350]),0}, {"id-GostR3410-94-CryptoPro-XchB-ParamSet", "id-GostR3410-94-CryptoPro-XchB-ParamSet", - NID_id_GostR3410_94_CryptoPro_XchB_ParamSet,7,&(lvalues[5363]),0}, + NID_id_GostR3410_94_CryptoPro_XchB_ParamSet,7,&(lvalues[5357]),0}, {"id-GostR3410-94-CryptoPro-XchC-ParamSet", "id-GostR3410-94-CryptoPro-XchC-ParamSet", - NID_id_GostR3410_94_CryptoPro_XchC_ParamSet,7,&(lvalues[5370]),0}, + NID_id_GostR3410_94_CryptoPro_XchC_ParamSet,7,&(lvalues[5364]),0}, {"id-GostR3410-2001-TestParamSet","id-GostR3410-2001-TestParamSet", - NID_id_GostR3410_2001_TestParamSet,7,&(lvalues[5377]),0}, + NID_id_GostR3410_2001_TestParamSet,7,&(lvalues[5371]),0}, {"id-GostR3410-2001-CryptoPro-A-ParamSet", "id-GostR3410-2001-CryptoPro-A-ParamSet", - NID_id_GostR3410_2001_CryptoPro_A_ParamSet,7,&(lvalues[5384]),0}, + NID_id_GostR3410_2001_CryptoPro_A_ParamSet,7,&(lvalues[5378]),0}, {"id-GostR3410-2001-CryptoPro-B-ParamSet", "id-GostR3410-2001-CryptoPro-B-ParamSet", - NID_id_GostR3410_2001_CryptoPro_B_ParamSet,7,&(lvalues[5391]),0}, + NID_id_GostR3410_2001_CryptoPro_B_ParamSet,7,&(lvalues[5385]),0}, {"id-GostR3410-2001-CryptoPro-C-ParamSet", "id-GostR3410-2001-CryptoPro-C-ParamSet", - NID_id_GostR3410_2001_CryptoPro_C_ParamSet,7,&(lvalues[5398]),0}, + NID_id_GostR3410_2001_CryptoPro_C_ParamSet,7,&(lvalues[5392]),0}, {"id-GostR3410-2001-CryptoPro-XchA-ParamSet", "id-GostR3410-2001-CryptoPro-XchA-ParamSet", - NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet,7,&(lvalues[5405]),0}, + NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet,7,&(lvalues[5399]),0}, {"id-GostR3410-2001-CryptoPro-XchB-ParamSet", "id-GostR3410-2001-CryptoPro-XchB-ParamSet", - NID_id_GostR3410_2001_CryptoPro_XchB_ParamSet,7,&(lvalues[5412]),0}, + NID_id_GostR3410_2001_CryptoPro_XchB_ParamSet,7,&(lvalues[5406]),0}, {"id-GostR3410-94-a","id-GostR3410-94-a",NID_id_GostR3410_94_a,7, - &(lvalues[5419]),0}, + &(lvalues[5413]),0}, {"id-GostR3410-94-aBis","id-GostR3410-94-aBis", - NID_id_GostR3410_94_aBis,7,&(lvalues[5426]),0}, + NID_id_GostR3410_94_aBis,7,&(lvalues[5420]),0}, {"id-GostR3410-94-b","id-GostR3410-94-b",NID_id_GostR3410_94_b,7, - &(lvalues[5433]),0}, + &(lvalues[5427]),0}, {"id-GostR3410-94-bBis","id-GostR3410-94-bBis", - NID_id_GostR3410_94_bBis,7,&(lvalues[5440]),0}, + NID_id_GostR3410_94_bBis,7,&(lvalues[5434]),0}, {"id-Gost28147-89-cc","GOST 28147-89 Cryptocom ParamSet", - NID_id_Gost28147_89_cc,8,&(lvalues[5447]),0}, + NID_id_Gost28147_89_cc,8,&(lvalues[5441]),0}, {"gost94cc","GOST 34.10-94 Cryptocom",NID_id_GostR3410_94_cc,8, - &(lvalues[5455]),0}, + &(lvalues[5449]),0}, {"gost2001cc","GOST 34.10-2001 Cryptocom",NID_id_GostR3410_2001_cc,8, - &(lvalues[5463]),0}, + &(lvalues[5457]),0}, {"id-GostR3411-94-with-GostR3410-94-cc", "GOST R 34.11-94 with GOST R 34.10-94 Cryptocom", - NID_id_GostR3411_94_with_GostR3410_94_cc,8,&(lvalues[5471]),0}, + NID_id_GostR3411_94_with_GostR3410_94_cc,8,&(lvalues[5465]),0}, {"id-GostR3411-94-with-GostR3410-2001-cc", "GOST R 34.11-94 with GOST R 34.10-2001 Cryptocom", - NID_id_GostR3411_94_with_GostR3410_2001_cc,8,&(lvalues[5479]),0}, + NID_id_GostR3411_94_with_GostR3410_2001_cc,8,&(lvalues[5473]),0}, {"id-GostR3410-2001-ParamSet-cc", "GOST R 3410-2001 Parameter Set Cryptocom", - NID_id_GostR3410_2001_ParamSet_cc,8,&(lvalues[5487]),0}, + NID_id_GostR3410_2001_ParamSet_cc,8,&(lvalues[5481]),0}, {"ecdsa-with-Recommended","ecdsa-with-Recommended", - NID_ecdsa_with_Recommended,7,&(lvalues[5495]),0}, + NID_ecdsa_with_Recommended,7,&(lvalues[5489]),0}, {"ecdsa-with-Specified","ecdsa-with-Specified", - NID_ecdsa_with_Specified,7,&(lvalues[5502]),0}, + NID_ecdsa_with_Specified,7,&(lvalues[5496]),0}, {"ecdsa-with-SHA224","ecdsa-with-SHA224",NID_ecdsa_with_SHA224,8, - &(lvalues[5509]),0}, + &(lvalues[5503]),0}, {"ecdsa-with-SHA256","ecdsa-with-SHA256",NID_ecdsa_with_SHA256,8, - &(lvalues[5517]),0}, + &(lvalues[5511]),0}, {"ecdsa-with-SHA384","ecdsa-with-SHA384",NID_ecdsa_with_SHA384,8, - &(lvalues[5525]),0}, + &(lvalues[5519]),0}, {"ecdsa-with-SHA512","ecdsa-with-SHA512",NID_ecdsa_with_SHA512,8, - &(lvalues[5533]),0}, + &(lvalues[5527]),0}, {"dsa_with_SHA224","dsa_with_SHA224",NID_dsa_with_SHA224,9, - &(lvalues[5541]),0}, + &(lvalues[5535]),0}, {"dsa_with_SHA256","dsa_with_SHA256",NID_dsa_with_SHA256,9, - &(lvalues[5550]),0}, + &(lvalues[5544]),0}, {"gost89-cnt","gost89-cnt",NID_gost89_cnt,0,NULL,0}, {"HMAC","hmac",NID_hmac,0,NULL,0}, -{"KISA","kisa",NID_kisa,6,&(lvalues[5559]),0}, -{"SEED-ECB","seed-ecb",NID_seed_ecb,8,&(lvalues[5565]),0}, -{"SEED-CBC","seed-cbc",NID_seed_cbc,8,&(lvalues[5573]),0}, -{"SEED-CFB","seed-cfb",NID_seed_cfb128,8,&(lvalues[5581]),0}, -{"SEED-OFB","seed-ofb",NID_seed_ofb128,8,&(lvalues[5589]),0}, +{"KISA","kisa",NID_kisa,6,&(lvalues[5553]),0}, +{"SEED-ECB","seed-ecb",NID_seed_ecb,8,&(lvalues[5559]),0}, +{"SEED-CBC","seed-cbc",NID_seed_cbc,8,&(lvalues[5567]),0}, +{"SEED-CFB","seed-cfb",NID_seed_cfb128,8,&(lvalues[5575]),0}, +{"SEED-OFB","seed-ofb",NID_seed_ofb128,8,&(lvalues[5583]),0}, +{NULL,NULL,NID_undef,0,NULL,0}, +{"gost-mac","GOST 28147-89 MAC",NID_id_Gost28147_89_MAC,6, + &(lvalues[5591]),0}, }; static ASN1_OBJECT *sn_objs[NUM_SN]={ @@ -2498,6 +2500,7 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[490]),/* "friendlyCountryName" */ &(nid_objs[156]),/* "friendlyName" */ &(nid_objs[509]),/* "generationQualifier" */ +&(nid_objs[843]),/* "gost-mac" */ &(nid_objs[784]),/* "gost2001" */ &(nid_objs[823]),/* "gost2001cc" */ &(nid_objs[786]),/* "gost89" */ @@ -2526,7 +2529,6 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[801]),/* "id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet" */ &(nid_objs[800]),/* "id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet" */ &(nid_objs[802]),/* "id-Gost28147-89-CryptoPro-RIC-1-ParamSet" */ -&(nid_objs[787]),/* "id-Gost28147-89-MAC" */ &(nid_objs[792]),/* "id-Gost28147-89-None-KeyMeshing" */ &(nid_objs[795]),/* "id-Gost28147-89-TestParamSet" */ &(nid_objs[821]),/* "id-Gost28147-89-cc" */ @@ -3082,7 +3084,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[172]),/* "Extension Request" */ &(nid_objs[786]),/* "GOST 28147-89" */ &(nid_objs[821]),/* "GOST 28147-89 Cryptocom ParamSet" */ -&(nid_objs[787]),/* "GOST 28147-89 MAC" */ +&(nid_objs[843]),/* "GOST 28147-89 MAC" */ &(nid_objs[823]),/* "GOST 34.10-2001 Cryptocom" */ &(nid_objs[822]),/* "GOST 34.10-94 Cryptocom" */ &(nid_objs[784]),/* "GOST R 34.10-2001" */ @@ -4186,7 +4188,7 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ &(nid_objs[784]),/* OBJ_id_GostR3410_2001 1 2 643 2 2 19 */ &(nid_objs[785]),/* OBJ_id_GostR3410_94 1 2 643 2 2 20 */ &(nid_objs[786]),/* OBJ_id_Gost28147_89 1 2 643 2 2 21 */ -&(nid_objs[787]),/* OBJ_id_Gost28147_89_MAC 1 2 643 2 2 22 */ +&(nid_objs[843]),/* OBJ_id_Gost28147_89_MAC 1 2 643 2 2 22 */ &(nid_objs[788]),/* OBJ_id_GostR3411_94_prf 1 2 643 2 2 23 */ &(nid_objs[789]),/* OBJ_id_GostR3410_2001DH 1 2 643 2 2 98 */ &(nid_objs[790]),/* OBJ_id_GostR3410_94DH 1 2 643 2 2 99 */ diff --git a/crypto/objects/obj_mac.h b/crypto/objects/obj_mac.h index 68e3ecfdb7..ff25f9ce97 100644 --- a/crypto/objects/obj_mac.h +++ b/crypto/objects/obj_mac.h @@ -3422,10 +3422,10 @@ #define SN_gost89_cnt "gost89-cnt" #define NID_gost89_cnt 835 -#define SN_id_Gost28147_89_MAC "id-Gost28147-89-MAC" -#define LN_id_Gost28147_89_MAC "GOST 28147-89 MAC" -#define NID_id_Gost28147_89_MAC 787 -#define OBJ_id_Gost28147_89_MAC OBJ_cryptopro,22L +#define SN_id_Gost28147_89_MAC "gost-mac" +#define LN_id_Gost28147_89_MAC "GOST 28147-89 MAC" +#define NID_id_Gost28147_89_MAC 843 +#define OBJ_id_Gost28147_89_MAC OBJ_cryptopro,22L #define SN_id_GostR3411_94_prf "prf-gostr3411-94" #define LN_id_GostR3411_94_prf "GOST R 34.11-94 PRF" diff --git a/crypto/objects/obj_mac.num b/crypto/objects/obj_mac.num index 5386af062e..856a7b7c5f 100644 --- a/crypto/objects/obj_mac.num +++ b/crypto/objects/obj_mac.num @@ -839,3 +839,5 @@ seed_ecb 838 seed_cbc 839 seed_cfb128 840 seed_ofb128 841 +id_Gost28147_89_MAC 842 +id_Gost28147_89_MAC 843 diff --git a/crypto/objects/objects.txt b/crypto/objects/objects.txt index 628ec2886e..4c1cb56441 100644 --- a/crypto/objects/objects.txt +++ b/crypto/objects/objects.txt @@ -1092,7 +1092,8 @@ cryptopro 20 : gost94 : GOST R 34.10-94 !Cname id-Gost28147-89 cryptopro 21 : gost89 : GOST 28147-89 : gost89-cnt -cryptopro 22 : id-Gost28147-89-MAC : GOST 28147-89 MAC +!Cname id-Gost28147-89-MAC +cryptopro 22 : gost-mac : GOST 28147-89 MAC !Cname id-GostR3411-94-prf cryptopro 23 : prf-gostr3411-94 : GOST R 34.11-94 PRF cryptopro 98 : id-GostR3410-2001DH : GOST R 34.10-2001 DH diff --git a/ssl/d1_both.c b/ssl/d1_both.c index ffac2c2415..8d1f92ce93 100644 --- a/ssl/d1_both.c +++ b/ssl/d1_both.c @@ -768,8 +768,6 @@ int dtls1_send_finished(SSL *s, int a, int b, const char *sender, int slen) p= &(d[DTLS1_HM_HEADER_LENGTH]); i=s->method->ssl3_enc->final_finish_mac(s, - &(s->s3->finish_dgst1), - &(s->s3->finish_dgst2), sender,slen,s->s3->tmp.finish_md); s->s3->tmp.finish_md_len = i; memcpy(p, s->s3->tmp.finish_md, i); diff --git a/ssl/d1_clnt.c b/ssl/d1_clnt.c index 486bd32b03..1826226ebe 100644 --- a/ssl/d1_clnt.c +++ b/ssl/d1_clnt.c @@ -998,14 +998,16 @@ int dtls1_send_client_verify(SSL *s) p= &(d[DTLS1_HM_HEADER_LENGTH]); pkey=s->cert->key->privatekey; - s->method->ssl3_enc->cert_verify_mac(s,&(s->s3->finish_dgst2), + s->method->ssl3_enc->cert_verify_mac(s, + NID_sha1, &(data[MD5_DIGEST_LENGTH])); #ifndef OPENSSL_NO_RSA if (pkey->type == EVP_PKEY_RSA) { s->method->ssl3_enc->cert_verify_mac(s, - &(s->s3->finish_dgst1),&(data[0])); + NID_md5, + &(data[0])); if (RSA_sign(NID_md5_sha1, data, MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH, &(p[2]), &u, pkey->pkey.rsa) <= 0 ) diff --git a/ssl/d1_srvr.c b/ssl/d1_srvr.c index 0fc40078f4..1b2ccb8552 100644 --- a/ssl/d1_srvr.c +++ b/ssl/d1_srvr.c @@ -446,10 +446,10 @@ int dtls1_accept(SSL *s) /* We need to get hashes here so if there is * a client cert, it can be verified */ s->method->ssl3_enc->cert_verify_mac(s, - &(s->s3->finish_dgst1), + NID_md5, &(s->s3->tmp.cert_verify_md[0])); s->method->ssl3_enc->cert_verify_mac(s, - &(s->s3->finish_dgst2), + NID_sha1, &(s->s3->tmp.cert_verify_md[MD5_DIGEST_LENGTH])); break; diff --git a/ssl/s3_both.c b/ssl/s3_both.c index aaf1c2f625..1a45e677a4 100644 --- a/ssl/s3_both.c +++ b/ssl/s3_both.c @@ -160,8 +160,6 @@ int ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen) p= &(d[4]); i=s->method->ssl3_enc->final_finish_mac(s, - &(s->s3->finish_dgst1), - &(s->s3->finish_dgst2), sender,slen,s->s3->tmp.finish_md); s->s3->tmp.finish_md_len = i; memcpy(p, s->s3->tmp.finish_md, i); @@ -518,9 +516,16 @@ int ssl_cert_type(X509 *x, EVP_PKEY *pkey) else if (i == EVP_PKEY_EC) { ret = SSL_PKEY_ECC; - } + } #endif - + else if (i == NID_id_GostR3410_94 || i == NID_id_GostR3410_94_cc) + { + ret = SSL_PKEY_GOST94; + } + else if (i == NID_id_GostR3410_2001 || i == NID_id_GostR3410_2001_cc) + { + ret = SSL_PKEY_GOST01; + } err: if(!pkey) EVP_PKEY_free(pk); return(ret); diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c index 0b8d89d1ac..2d1b1a5c69 100644 --- a/ssl/s3_clnt.c +++ b/ssl/s3_clnt.c @@ -824,6 +824,7 @@ int ssl3_get_server_hello(SSL *s) } } s->s3->tmp.new_cipher=c; + ssl3_digest_cached_records(s); /* lets get the compression algorithm */ /* COMPRESSION */ @@ -2415,14 +2416,16 @@ int ssl3_send_client_verify(SSL *s) p= &(d[4]); pkey=s->cert->key->privatekey; - s->method->ssl3_enc->cert_verify_mac(s,&(s->s3->finish_dgst2), + s->method->ssl3_enc->cert_verify_mac(s, + NID_sha1, &(data[MD5_DIGEST_LENGTH])); #ifndef OPENSSL_NO_RSA if (pkey->type == EVP_PKEY_RSA) { s->method->ssl3_enc->cert_verify_mac(s, - &(s->s3->finish_dgst1),&(data[0])); + NID_md5, + &(data[0])); if (RSA_sign(NID_md5_sha1, data, MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH, &(p[2]), &u, pkey->pkey.rsa) <= 0 ) diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c index 010069bf28..7049be2c66 100644 --- a/ssl/s3_enc.c +++ b/ssl/s3_enc.c @@ -155,10 +155,8 @@ static unsigned char ssl3_pad_2[48]={ 0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c, 0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c, 0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c }; - -static int ssl3_handshake_mac(SSL *s, EVP_MD_CTX *in_ctx, +static int ssl3_handshake_mac(SSL *s, int md_nid, const char *sender, int len, unsigned char *p); - static int ssl3_generate_key_block(SSL *s, unsigned char *km, int num) { EVP_MD_CTX m5; @@ -545,46 +543,116 @@ int ssl3_enc(SSL *s, int send) void ssl3_init_finished_mac(SSL *s) { - EVP_DigestInit_ex(&(s->s3->finish_dgst1),s->ctx->md5, NULL); - EVP_DigestInit_ex(&(s->s3->finish_dgst2),s->ctx->sha1, NULL); + if (s->s3->handshake_buffer) BIO_free(s->s3->handshake_buffer); + if (s->s3->handshake_dgst) ssl3_free_digest_list(s); + s->s3->handshake_buffer=BIO_new(BIO_s_mem()); + BIO_set_close(s->s3->handshake_buffer,BIO_CLOSE); } +void ssl3_free_digest_list(SSL *s) + { + int i; + if (!s->s3->handshake_dgst) return; + for (i=0;i<SSL_MAX_DIGEST;i++) + { + if (s->s3->handshake_dgst[i]) + EVP_MD_CTX_destroy(s->s3->handshake_dgst[i]); + } + OPENSSL_free(s->s3->handshake_dgst); + s->s3->handshake_dgst=NULL; + } + + + void ssl3_finish_mac(SSL *s, const unsigned char *buf, int len) { - EVP_DigestUpdate(&(s->s3->finish_dgst1),buf,len); - EVP_DigestUpdate(&(s->s3->finish_dgst2),buf,len); + if (s->s3->handshake_buffer) + { + BIO_write (s->s3->handshake_buffer,(void *)buf,len); + } + else + { + int i; + for (i=0;i< SSL_MAX_DIGEST;i++) + { + if (s->s3->handshake_dgst[i]!= NULL) + EVP_DigestUpdate(s->s3->handshake_dgst[i],buf,len); + } + } } +void ssl3_digest_cached_records(SSL *s) + { + int i; + long mask; + const EVP_MD *md; + long hdatalen; + void *hdata; + /* Allocate handshake_dgst array */ + ssl3_free_digest_list(s); + s->s3->handshake_dgst = OPENSSL_malloc(SSL_MAX_DIGEST * sizeof(EVP_MD_CTX *)); + memset(s->s3->handshake_dgst,0,SSL_MAX_DIGEST *sizeof(EVP_MD_CTX *)); + hdatalen = BIO_get_mem_data(s->s3->handshake_buffer,&hdata); + /* Loop through bitso of algorithm2 field and create MD_CTX-es */ + for (i=0;ssl_get_handshake_digest(i,&mask,&md); i++) + { + if ((mask & s->s3->tmp.new_cipher->algorithm2) && md) + { + s->s3->handshake_dgst[i]=EVP_MD_CTX_create(); + EVP_DigestInit_ex(s->s3->handshake_dgst[i],md,NULL); + EVP_DigestUpdate(s->s3->handshake_dgst[i],hdata,hdatalen); + } + else + { + s->s3->handshake_dgst[i]=NULL; + } + } + /* Free handshake_buffer BIO */ + BIO_free(s->s3->handshake_buffer); + s->s3->handshake_buffer = NULL; -int ssl3_cert_verify_mac(SSL *s, EVP_MD_CTX *ctx, unsigned char *p) + } +int ssl3_cert_verify_mac(SSL *s, int md_nid, unsigned char *p) { - return(ssl3_handshake_mac(s,ctx,NULL,0,p)); + return(ssl3_handshake_mac(s,md_nid,NULL,0,p)); } - -int ssl3_final_finish_mac(SSL *s, EVP_MD_CTX *ctx1, EVP_MD_CTX *ctx2, +int ssl3_final_finish_mac(SSL *s, const char *sender, int len, unsigned char *p) { int ret; - - ret=ssl3_handshake_mac(s,ctx1,sender,len,p); + ret=ssl3_handshake_mac(s,NID_md5,sender,len,p); p+=ret; - ret+=ssl3_handshake_mac(s,ctx2,sender,len,p); + ret+=ssl3_handshake_mac(s,NID_sha1,sender,len,p); return(ret); } - -static int ssl3_handshake_mac(SSL *s, EVP_MD_CTX *in_ctx, +static int ssl3_handshake_mac(SSL *s, int md_nid, const char *sender, int len, unsigned char *p) { unsigned int ret; int npad,n; unsigned int i; unsigned char md_buf[EVP_MAX_MD_SIZE]; - EVP_MD_CTX ctx; + EVP_MD_CTX ctx,*d=NULL; + if (s->s3->handshake_buffer) + ssl3_digest_cached_records(s); + /* Search for djgest of specified type in the handshake_dgst + * array*/ + for (i=0;i<SSL_MAX_DIGEST;i++) + { + if (s->s3->handshake_dgst[i]&&EVP_MD_CTX_type(s->s3->handshake_dgst[i])==md_nid) + { + d=s->s3->handshake_dgst[i]; + break; + } + } + if (!d) { + SSLerr(SSL_F_SSL3_HANDSHAKE_MAC,SSL_R_NO_REQUIRED_DIGEST); + return 0; + } EVP_MD_CTX_init(&ctx); - EVP_MD_CTX_copy_ex(&ctx,in_ctx); + EVP_MD_CTX_copy_ex(&ctx,d); n=EVP_MD_CTX_size(&ctx); npad=(48/n)*n; - if (sender != NULL) EVP_DigestUpdate(&ctx,sender,len); EVP_DigestUpdate(&ctx,s->session->master_key, diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index 7a4ddd8548..b2d1fefc31 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -181,7 +181,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_MD5, SSL_SSLV3, SSL_NOT_EXP|SSL_STRONG_NONE, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 0, 0, }, @@ -197,7 +197,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_SSLV3, SSL_NOT_EXP|SSL_STRONG_NONE, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 0, 0, }, @@ -213,7 +213,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_MD5, SSL_SSLV3, SSL_EXPORT|SSL_EXP40, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 40, 128, }, @@ -229,7 +229,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_MD5, SSL_SSLV3, SSL_NOT_EXP|SSL_MEDIUM, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 128, 128, }, @@ -245,7 +245,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_SSLV3, SSL_NOT_EXP|SSL_MEDIUM, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 128, 128, }, @@ -261,7 +261,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_MD5, SSL_SSLV3, SSL_EXPORT|SSL_EXP40, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 40, 128, }, @@ -278,7 +278,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_SSLV3, SSL_NOT_EXP|SSL_MEDIUM, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 128, 128, }, @@ -295,7 +295,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_SSLV3, SSL_EXPORT|SSL_EXP40, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 40, 56, }, @@ -311,7 +311,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_SSLV3, SSL_NOT_EXP|SSL_LOW, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 56, 56, }, @@ -327,7 +327,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_SSLV3, SSL_NOT_EXP|SSL_HIGH, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 168, 168, }, @@ -344,7 +344,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_SSLV3, SSL_EXPORT|SSL_EXP40, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 40, 56, }, @@ -360,7 +360,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_SSLV3, SSL_NOT_EXP|SSL_LOW, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 56, 56, }, @@ -376,7 +376,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_SSLV3, SSL_NOT_EXP|SSL_HIGH, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 168, 168, }, @@ -392,7 +392,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_SSLV3, SSL_EXPORT|SSL_EXP40, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 40, 56, }, @@ -408,7 +408,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_SSLV3, SSL_NOT_EXP|SSL_LOW, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 56, 56, }, @@ -424,7 +424,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_SSLV3, SSL_NOT_EXP|SSL_HIGH, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 168, 168, }, @@ -441,7 +441,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_SSLV3, SSL_EXPORT|SSL_EXP40, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 40, 56, }, @@ -457,7 +457,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_SSLV3, SSL_NOT_EXP|SSL_LOW, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 56, 56, }, @@ -473,7 +473,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_SSLV3, SSL_NOT_EXP|SSL_HIGH, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 168, 168, }, @@ -489,7 +489,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_SSLV3, SSL_EXPORT|SSL_EXP40, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 40, 56, }, @@ -505,7 +505,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_SSLV3, SSL_NOT_EXP|SSL_LOW, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 56, 56, }, @@ -521,7 +521,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_SSLV3, SSL_NOT_EXP|SSL_HIGH, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 168, 168, }, @@ -537,7 +537,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_MD5, SSL_SSLV3, SSL_EXPORT|SSL_EXP40, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 40, 128, }, @@ -553,7 +553,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_MD5, SSL_SSLV3, SSL_NOT_EXP|SSL_MEDIUM, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 128, 128, }, @@ -569,7 +569,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_SSLV3, SSL_EXPORT|SSL_EXP40, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 40, 128, }, @@ -585,7 +585,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_SSLV3, SSL_NOT_EXP|SSL_LOW, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 56, 56, }, @@ -601,7 +601,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_SSLV3, SSL_NOT_EXP|SSL_HIGH, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 168, 168, }, @@ -619,7 +619,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_SSLV3, SSL_NOT_EXP|SSL_STRONG_NONE, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 0, 0, }, @@ -635,7 +635,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_SSLV3, SSL_NOT_EXP|SSL_STRONG_NONE, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 0, 0, }, @@ -651,7 +651,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_SSLV3, SSL_NOT_EXP|SSL_MEDIUM, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 128, 128, }, @@ -670,7 +670,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_SSLV3, SSL_NOT_EXP|SSL_LOW, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 56, 56, }, @@ -686,7 +686,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_SSLV3, SSL_NOT_EXP|SSL_HIGH, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 168, 168, }, @@ -702,7 +702,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_SSLV3, SSL_NOT_EXP|SSL_MEDIUM, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 128, 128, }, @@ -718,7 +718,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_SSLV3, SSL_NOT_EXP|SSL_MEDIUM, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 128, 128, }, @@ -734,7 +734,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_MD5, SSL_SSLV3, SSL_NOT_EXP|SSL_LOW, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 56, 56, }, @@ -750,7 +750,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_MD5, SSL_SSLV3, SSL_NOT_EXP|SSL_HIGH, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 168, 168, }, @@ -766,7 +766,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_MD5, SSL_SSLV3, SSL_NOT_EXP|SSL_MEDIUM, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 128, 128, }, @@ -782,7 +782,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_MD5, SSL_SSLV3, SSL_NOT_EXP|SSL_MEDIUM, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 128, 128, }, @@ -798,7 +798,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_SSLV3, SSL_EXPORT|SSL_EXP40, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 40, 56, }, @@ -814,7 +814,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_SSLV3, SSL_EXPORT|SSL_EXP40, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 40, 128, }, @@ -830,7 +830,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_SSLV3, SSL_EXPORT|SSL_EXP40, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 40, 128, }, @@ -846,7 +846,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_MD5, SSL_SSLV3, SSL_EXPORT|SSL_EXP40, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 40, 56, }, @@ -862,7 +862,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_MD5, SSL_SSLV3, SSL_EXPORT|SSL_EXP40, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 40, 128, }, @@ -878,7 +878,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_MD5, SSL_SSLV3, SSL_EXPORT|SSL_EXP40, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 40, 128, }, @@ -896,7 +896,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 128, 128, }, @@ -911,7 +911,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 128, 128, }, @@ -926,7 +926,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 128, 128, }, @@ -941,7 +941,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 128, 128, }, @@ -956,7 +956,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 128, 128, }, @@ -971,7 +971,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 128, 128, }, @@ -987,7 +987,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 256, 256, }, @@ -1002,7 +1002,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 256, 256, }, @@ -1018,7 +1018,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 256, 256, }, @@ -1034,7 +1034,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 256, 256, }, @@ -1050,7 +1050,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 256, 256, }, @@ -1066,7 +1066,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 256, 256, }, @@ -1085,7 +1085,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 128, 128, }, @@ -1101,7 +1101,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 128, 128, }, @@ -1117,7 +1117,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 128, 128, }, @@ -1133,7 +1133,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 128, 128, }, @@ -1149,7 +1149,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 128, 128, }, @@ -1165,7 +1165,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 128, 128, }, @@ -1185,7 +1185,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_MD5, SSL_TLSV1, SSL_EXPORT|SSL_EXP56, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 56, 128, }, @@ -1201,7 +1201,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_MD5, SSL_TLSV1, SSL_EXPORT|SSL_EXP56, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 56, 128, }, @@ -1218,7 +1218,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_TLSV1, SSL_EXPORT|SSL_EXP56, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 56, 56, }, @@ -1234,7 +1234,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_TLSV1, SSL_EXPORT|SSL_EXP56, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 56, 56, }, @@ -1250,7 +1250,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_TLSV1, SSL_EXPORT|SSL_EXP56, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 56, 128, }, @@ -1266,7 +1266,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_TLSV1, SSL_EXPORT|SSL_EXP56, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 56, 128, }, @@ -1282,7 +1282,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_TLSV1, SSL_NOT_EXP|SSL_MEDIUM, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 128, 128, }, @@ -1302,7 +1302,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 256, 256, }, @@ -1317,7 +1317,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 256, 256, }, @@ -1333,7 +1333,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 256, 256, }, @@ -1349,7 +1349,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 256, 256, }, @@ -1365,7 +1365,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 256, 256, }, @@ -1381,7 +1381,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 256, 256, }, @@ -1399,7 +1399,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_TLSV1, SSL_NOT_EXP|SSL_MEDIUM, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 128, 128, }, @@ -1415,7 +1415,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 168, 168, }, @@ -1431,7 +1431,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 128, 128, }, @@ -1447,7 +1447,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 256, 256, }, @@ -1467,7 +1467,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_TLSV1, SSL_NOT_EXP|SSL_MEDIUM, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 128, 128, }, @@ -1483,7 +1483,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_TLSV1, SSL_NOT_EXP|SSL_MEDIUM, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 128, 128, }, @@ -1499,7 +1499,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_TLSV1, SSL_NOT_EXP|SSL_MEDIUM, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 128, 128, }, @@ -1515,7 +1515,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_TLSV1, SSL_NOT_EXP|SSL_MEDIUM, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 128, 128, }, @@ -1531,7 +1531,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_TLSV1, SSL_NOT_EXP|SSL_MEDIUM, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 128, 128, }, @@ -1547,7 +1547,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_TLSV1, SSL_NOT_EXP|SSL_MEDIUM, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 128, 128, }, @@ -1566,7 +1566,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_TLSV1, SSL_NOT_EXP|SSL_STRONG_NONE, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 0, 0, }, @@ -1582,7 +1582,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_TLSV1, SSL_NOT_EXP|SSL_MEDIUM, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 128, 128, }, @@ -1598,7 +1598,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 168, 168, }, @@ -1614,7 +1614,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 128, 128, }, @@ -1630,7 +1630,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 256, 256, }, @@ -1646,7 +1646,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_TLSV1, SSL_NOT_EXP|SSL_STRONG_NONE, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 0, 0, }, @@ -1662,7 +1662,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_TLSV1, SSL_NOT_EXP|SSL_MEDIUM, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 128, 128, }, @@ -1678,7 +1678,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 168, 168, }, @@ -1694,7 +1694,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 128, 128, }, @@ -1710,7 +1710,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 256, 256, }, @@ -1726,7 +1726,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_TLSV1, SSL_NOT_EXP|SSL_STRONG_NONE, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 0, 0, }, @@ -1742,7 +1742,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_TLSV1, SSL_NOT_EXP|SSL_MEDIUM, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 128, 128, }, @@ -1758,7 +1758,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 168, 168, }, @@ -1774,7 +1774,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 128, 128, }, @@ -1790,7 +1790,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 256, 256, }, @@ -1806,7 +1806,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_TLSV1, SSL_NOT_EXP|SSL_STRONG_NONE, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 0, 0, }, @@ -1822,7 +1822,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_TLSV1, SSL_NOT_EXP|SSL_MEDIUM, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 128, 128, }, @@ -1838,7 +1838,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 168, 168, }, @@ -1854,7 +1854,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 128, 128, }, @@ -1870,7 +1870,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 256, 256, }, @@ -1886,7 +1886,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_TLSV1, SSL_NOT_EXP|SSL_STRONG_NONE, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 0, 0, }, @@ -1902,7 +1902,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_TLSV1, SSL_NOT_EXP|SSL_MEDIUM, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 128, 128, }, @@ -1918,7 +1918,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 168, 168, }, @@ -1934,7 +1934,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 128, 128, }, @@ -1950,7 +1950,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SHA1, SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 256, 256, }, @@ -1968,7 +1968,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_MD5, SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 256, 256, }, @@ -1982,7 +1982,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_GOST94, SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 256, 256 }, @@ -1996,7 +1996,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_GOST89MAC, SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH, - 0, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 256, 256 }, @@ -2010,7 +2010,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_GOST89MAC, SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH, - TLS1_STREAM_MAC, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF|TLS1_STREAM_MAC, 256, 256 }, @@ -2067,8 +2067,6 @@ int ssl3_new(SSL *s) if ((s3=OPENSSL_malloc(sizeof *s3)) == NULL) goto err; memset(s3,0,sizeof *s3); - EVP_MD_CTX_init(&s3->finish_dgst1); - EVP_MD_CTX_init(&s3->finish_dgst2); memset(s3->rrec.seq_num,0,sizeof(s3->rrec.seq_num)); memset(s3->wrec.seq_num,0,sizeof(s3->wrec.seq_num)); @@ -2103,9 +2101,10 @@ void ssl3_free(SSL *s) if (s->s3->tmp.ca_names != NULL) sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free); - EVP_MD_CTX_cleanup(&s->s3->finish_dgst1); - EVP_MD_CTX_cleanup(&s->s3->finish_dgst2); - + if (s->s3->handshake_buffer) { + BIO_free(s->s3->handshake_buffer); + } + if (s->s3->handshake_dgst) ssl3_free_digest_list(s); OPENSSL_cleanse(s->s3,sizeof *s->s3); OPENSSL_free(s->s3); s->s3=NULL; @@ -2138,10 +2137,12 @@ void ssl3_clear(SSL *s) wp = s->s3->wbuf.buf; rlen = s->s3->rbuf.len; wlen = s->s3->wbuf.len; - - EVP_MD_CTX_cleanup(&s->s3->finish_dgst1); - EVP_MD_CTX_cleanup(&s->s3->finish_dgst2); - + if (s->s3->handshake_buffer) { + BIO_free(s->s3->handshake_buffer); + } + if (s->s3->handshake_dgst) { + ssl3_free_digest_list(s); + } memset(s->s3,0,sizeof *s->s3); s->s3->rbuf.buf = rp; s->s3->wbuf.buf = wp; diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c index 58f2845d6e..06b4412918 100644 --- a/ssl/s3_pkt.c +++ b/ssl/s3_pkt.c @@ -1307,8 +1307,6 @@ int ssl3_do_change_cipher_spec(SSL *s) } s->s3->tmp.peer_finish_md_len = s->method->ssl3_enc->final_finish_mac(s, - &(s->s3->finish_dgst1), - &(s->s3->finish_dgst2), sender,slen,s->s3->tmp.peer_finish_md); return(1); diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c index 17ee4da35e..697ab725bd 100644 --- a/ssl/s3_srvr.c +++ b/ssl/s3_srvr.c @@ -502,12 +502,15 @@ int ssl3_accept(SSL *s) /* We need to get hashes here so if there is * a client cert, it can be verified + * FIXME - digest processing for CertificateVerify + * should be generalized. But it is next step */ + s->method->ssl3_enc->cert_verify_mac(s, - &(s->s3->finish_dgst1), + NID_md5, &(s->s3->tmp.cert_verify_md[0])); s->method->ssl3_enc->cert_verify_mac(s, - &(s->s3->finish_dgst2), + NID_sha1, &(s->s3->tmp.cert_verify_md[MD5_DIGEST_LENGTH])); } break; @@ -1026,6 +1029,7 @@ int ssl3_get_client_hello(SSL *s) goto f_err; } s->s3->tmp.new_cipher=c; + ssl3_digest_cached_records(s); } else { @@ -1056,6 +1060,9 @@ int ssl3_get_client_hello(SSL *s) else #endif s->s3->tmp.new_cipher=s->session->cipher; + /* Clear cached handshake records */ + BIO_free(s->s3->handshake_buffer); + s->s3->handshake_buffer = NULL; } /* we now have the following setup. @@ -1868,7 +1868,10 @@ void ERR_load_SSL_strings(void); #define SSL_F_TLS1_PREPARE_SERVERHELLO_TLSEXT 276 #define SSL_F_TLS1_SETUP_KEY_BLOCK 211 #define SSL_F_WRITE_PENDING 212 - +#define SSL_F_TLS1_FINAL_FINISH_MAC 283 +#define SSL_F_TLS1_PRF 284 +#define SSL_F_SSL3_HANDSHAKE_MAC 285 +#define SSL_F_TLS1_CERT_VERIFY_MAC 286 /* Reason codes. */ #define SSL_R_APP_DATA_IN_HANDSHAKE 100 #define SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT 272 @@ -2123,6 +2126,8 @@ void ERR_load_SSL_strings(void); #define SSL_R_WRONG_VERSION_NUMBER 267 #define SSL_R_X509_LIB 268 #define SSL_R_X509_VERIFICATION_SETUP_PROBLEMS 269 +#define SSL_R_UNSUPPORTED_DIGEST_TYPE 270 +#define SSL_R_NO_REQUIRED_DIGEST 324 #ifdef __cplusplus } diff --git a/ssl/ssl3.h b/ssl/ssl3.h index 71ba3068b1..0543cb287e 100644 --- a/ssl/ssl3.h +++ b/ssl/ssl3.h @@ -419,9 +419,11 @@ typedef struct ssl3_state_st const unsigned char *wpend_buf; /* used during startup, digest all incoming/outgoing packets */ - EVP_MD_CTX finish_dgst1; - EVP_MD_CTX finish_dgst2; - + BIO *handshake_buffer; + /* When set of handshake digests is determined, buffer is hashed + * and freed and MD_CTX-es for all required digests are stored in + * this array */ + EVP_MD_CTX **handshake_dgst; /* this is set whenerver we see a change_cipher_spec message * come in when we are not looking for one */ int change_cipher_spec; diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c index d2e648bf30..e5730251ae 100644 --- a/ssl/ssl_ciph.c +++ b/ssl/ssl_ciph.c @@ -175,7 +175,10 @@ static STACK_OF(SSL_COMP) *ssl_comp_methods=NULL; #define SSL_MD_SHA1_IDX 1 #define SSL_MD_GOST94_IDX 2 #define SSL_MD_GOST89MAC_IDX 3 -#define SSL_MD_NUM_IDX 4 +/*Constant SSL_MAX_DIGEST equal to size of digests array should be + * defined in the + * ssl_locl.h */ +#define SSL_MD_NUM_IDX SSL_MAX_DIGEST static const EVP_MD *ssl_digest_methods[SSL_MD_NUM_IDX]={ NULL,NULL,NULL,NULL }; @@ -191,6 +194,11 @@ static int ssl_mac_secret_size[SSL_MD_NUM_IDX]={ 0,0,0,0 }; +static int ssl_handshake_digest_flag[SSL_MD_NUM_IDX]={ + SSL_HANDSHAKE_MAC_MD5,SSL_HANDSHAKE_MAC_SHA, + SSL_HANDSHAKE_MAC_GOST94,0 + }; + #define CIPHER_ADD 1 #define CIPHER_KILL 2 #define CIPHER_DEL 3 @@ -299,6 +307,22 @@ static const SSL_CIPHER cipher_aliases[]={ {0,SSL_TXT_MEDIUM,0, 0,0,0,0,0,SSL_MEDIUM,0,0,0}, {0,SSL_TXT_HIGH,0, 0,0,0,0,0,SSL_HIGH, 0,0,0}, }; +/* Search for public key algorithm with given name and + * return its pkey_id if it is available. Otherwise return 0 + */ +static int get_optional_pkey_id(const char *pkey_name) + { + const EVP_PKEY_ASN1_METHOD *ameth; + ENGINE *tmpeng = NULL; + int pkey_id=0; + ameth = EVP_PKEY_asn1_find_str(&tmpeng,pkey_name,-1); + if (ameth) + { + EVP_PKEY_asn1_get0_info(&pkey_id, NULL,NULL,NULL,NULL,ameth); + } + if (tmpeng) ENGINE_finish(tmpeng); + return pkey_id; + } void ssl_load_ciphers(void) { @@ -346,19 +370,10 @@ void ssl_load_ciphers(void) } ssl_digest_methods[SSL_MD_GOST89MAC_IDX]= EVP_get_digestbyname(SN_id_Gost28147_89_MAC); - { - const EVP_PKEY_ASN1_METHOD *ameth; - ENGINE *tmpeng = NULL; - int pkey_id; - ameth = EVP_PKEY_asn1_find_str(&tmpeng,"gost-mac",-1); - if (ameth) - { - EVP_PKEY_asn1_get0_info(&pkey_id, NULL,NULL,NULL,NULL,ameth); - ssl_mac_pkey_id[SSL_MD_GOST89MAC_IDX]= pkey_id; + ssl_mac_pkey_id[SSL_MD_GOST89MAC_IDX] = get_optional_pkey_id("gost-mac"); + if (ssl_mac_pkey_id[SSL_MD_GOST89MAC_IDX]) { ssl_mac_secret_size[SSL_MD_GOST89MAC_IDX]=32; - } - if (tmpeng) ENGINE_finish(tmpeng); - } + } } #ifndef OPENSSL_NO_COMP @@ -534,6 +549,18 @@ int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc, return(0); } +int ssl_get_handshake_digest(int idx, long *mask, const EVP_MD **md) +{ + if (idx <0||idx>=SSL_MD_NUM_IDX) + { + return 0; + } + if (ssl_handshake_digest_flag[idx]==0) return 0; + *mask = ssl_handshake_digest_flag[idx]; + *md = ssl_digest_methods[idx]; + return 1; +} + #define ITEM_SEP(a) \ (((a) == ':') || ((a) == ' ') || ((a) == ';') || ((a) == ',')) @@ -605,9 +632,23 @@ static void ssl_cipher_get_disabled(unsigned long *mkey, unsigned long *auth, un *mkey |= SSL_kPSK; *auth |= SSL_aPSK; #endif + /* Check for presence of GOST 34.10 algorithms, and if they + * do not present, disable appropriate auth and key exchange */ + if (!get_optional_pkey_id("gost94")) { + *auth |= SSL_aGOST94; + } + if (!get_optional_pkey_id("gost2001")) { + *auth |= SSL_aGOST01; + } + /* Disable GOST key exchange if no GOST signature algs are available * */ + if ((*auth & (SSL_aGOST94|SSL_aGOST01)) == (SSL_aGOST94|SSL_aGOST01)) { + *mkey |= SSL_kGOST; + } #ifdef SSL_FORBID_ENULL *enc |= SSL_eNULL; #endif + + *enc |= (ssl_cipher_methods[SSL_ENC_DES_IDX ] == NULL) ? SSL_DES :0; *enc |= (ssl_cipher_methods[SSL_ENC_3DES_IDX] == NULL) ? SSL_3DES:0; diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c index 6520cda329..8d66d75442 100644 --- a/ssl/ssl_err.c +++ b/ssl/ssl_err.c @@ -255,6 +255,10 @@ static ERR_STRING_DATA SSL_str_functs[]= {ERR_FUNC(SSL_F_TLS1_PREPARE_SERVERHELLO_TLSEXT), "TLS1_PREPARE_SERVERHELLO_TLSEXT"}, {ERR_FUNC(SSL_F_TLS1_SETUP_KEY_BLOCK), "TLS1_SETUP_KEY_BLOCK"}, {ERR_FUNC(SSL_F_WRITE_PENDING), "WRITE_PENDING"}, +{ERR_FUNC(SSL_F_TLS1_FINAL_FINISH_MAC),"tls1_final_finish_mac"}, +{ERR_FUNC(SSL_F_TLS1_PRF),"tls1_prf"}, +{ERR_FUNC(SSL_F_SSL3_HANDSHAKE_MAC),"ssl3_handshake_mac"}, +{ERR_FUNC(SSL_F_TLS1_CERT_VERIFY_MAC),"tls1_cert_verify_mac"}, {0,NULL} }; @@ -513,6 +517,8 @@ static ERR_STRING_DATA SSL_str_reasons[]= {ERR_REASON(SSL_R_WRONG_VERSION_NUMBER) ,"wrong version number"}, {ERR_REASON(SSL_R_X509_LIB) ,"x509 lib"}, {ERR_REASON(SSL_R_X509_VERIFICATION_SETUP_PROBLEMS),"x509 verification setup problems"}, +{ERR_REASON(SSL_R_UNSUPPORTED_DIGEST_TYPE),"unsupported digest type"}, +{ERR_REASON(SSL_R_NO_REQUIRED_DIGEST),"digest requred for handshake isn't computed"}, {0,NULL} }; diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 12b8f3bfb6..01c29db0f1 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -165,9 +165,9 @@ SSL3_ENC_METHOD ssl3_undef_enc_method={ ssl_undefined_function, (int (*)(SSL *, unsigned char *, unsigned char *, int))ssl_undefined_function, (int (*)(SSL*, int))ssl_undefined_function, - (int (*)(SSL *, EVP_MD_CTX *, EVP_MD_CTX *, const char*, int, unsigned char *))ssl_undefined_function, + (int (*)(SSL *, const char*, int, unsigned char *))ssl_undefined_function, 0, /* finish_mac_length */ - (int (*)(SSL *, EVP_MD_CTX *, unsigned char *))ssl_undefined_function, + (int (*)(SSL *, const EVP_MD *, unsigned char *))ssl_undefined_function, NULL, /* client_finished_label */ 0, /* client_finished_label_len */ NULL, /* server_finished_label */ diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h index 5bed3974ce..2f8f0f837d 100644 --- a/ssl/ssl_locl.h +++ b/ssl/ssl_locl.h @@ -286,7 +286,7 @@ #define SSL_kECDHe 0x00000040L /* ECDH cert, ECDSA CA cert */ #define SSL_kEECDH 0x00000080L /* ephemeral ECDH */ #define SSL_kPSK 0x00000100L /* PSK */ - +#define SSL_kGOST 0x00000200L /* GOST key exchange */ /* Bits for algorithm_auth (server authentication) */ #define SSL_aRSA 0x00000001L /* RSA auth */ @@ -297,6 +297,8 @@ #define SSL_aKRB5 0x00000020L /* KRB5 auth */ #define SSL_aECDSA 0x00000040L /* ECDSA auth*/ #define SSL_aPSK 0x00000080L /* PSK auth */ +#define SSL_aGOST94 0x00000100L /* GOST R 34.10-94 signature auth */ +#define SSL_aGOST01 0x00000200L /* GOST R 34.10-2001 signature auth */ /* Bits for algorithm_enc (symmetric encryption) */ @@ -328,7 +330,24 @@ #define SSL_SSLV3 0x00000002L #define SSL_TLSV1 SSL_SSLV3 /* for now */ +/* Bits for algorithm2 (handshake digests) */ + +#define SSL_HANDSHAKE_MAC_MD5 0x10 +#define SSL_HANDSHAKE_MAC_SHA 0x20 +#define SSL_HANDSHAKE_MAC_GOST94 0x40 +#define SSL_HANDSHAKE_MAC_DEFAULT (SSL_HANDSHAKE_MAC_MD5 | SSL_HANDSHAKE_MAC_SHA) + + +/* When adding new digest in the ssl_ciph.c and increment SSM_MD_NUM_IDX + * make sure to update this constant too */ +#define SSL_MAX_DIGEST 4 + +#define TLS1_PRF_DGST_SHIFT 8 +#define TLS1_PRF_MD5 (SSL_HANDSHAKE_MAC_MD5 << TLS1_PRF_DGST_SHIFT) +#define TLS1_PRF_SHA1 (SSL_HANDSHAKE_MAC_SHA << TLS1_PRF_DGST_SHIFT) +#define TLS1_PRF_GOST94 (SSL_HANDSHAKE_MAC_GOST94 << TLS1_PRF_DGST_SHIFT) +#define TLS1_PRF (TLS1_PRF_MD5 | TLS1_PRF_SHA1) /* * Export and cipher strength information. For each cipher we have to decide * whether it is exportable or not. This information is likely to change @@ -398,7 +417,9 @@ #define SSL_PKEY_DH_RSA 3 #define SSL_PKEY_DH_DSA 4 #define SSL_PKEY_ECC 5 -#define SSL_PKEY_NUM 6 +#define SSL_PKEY_GOST94 6 +#define SSL_PKEY_GOST01 7 +#define SSL_PKEY_NUM 8 /* SSL_kRSA <- RSA_ENC | (RSA_TMP & RSA_SIGN) | * <- (EXPORT & (RSA_ENC | RSA_TMP) & RSA_SIGN) @@ -516,9 +537,9 @@ typedef struct ssl3_enc_method int (*setup_key_block)(SSL *); int (*generate_master_secret)(SSL *, unsigned char *, unsigned char *, int); int (*change_cipher_state)(SSL *, int); - int (*final_finish_mac)(SSL *, EVP_MD_CTX *, EVP_MD_CTX *, const char *, int, unsigned char *); + int (*final_finish_mac)(SSL *, const char *, int, unsigned char *); int finish_mac_length; - int (*cert_verify_mac)(SSL *, EVP_MD_CTX *, unsigned char *); + int (*cert_verify_mac)(SSL *, int, unsigned char *); const char *client_finished_label; int client_finished_label_len; const char *server_finished_label; @@ -755,6 +776,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *meth, void ssl_update_cache(SSL *s, int mode); int ssl_cipher_get_evp(const SSL_SESSION *s,const EVP_CIPHER **enc, const EVP_MD **md,int *mac_pkey_type,int *mac_secret_size, SSL_COMP **comp); +int ssl_get_handshake_digest(int i,long *mask,const EVP_MD **md); int ssl_verify_cert_chain(SSL *s,STACK_OF(X509) *sk); int ssl_undefined_function(SSL *s); int ssl_undefined_void_function(void); @@ -820,16 +842,17 @@ int ssl3_renegotiate_check(SSL *ssl); int ssl3_dispatch_alert(SSL *s); int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek); int ssl3_write_bytes(SSL *s, int type, const void *buf, int len); -int ssl3_final_finish_mac(SSL *s, EVP_MD_CTX *ctx1, EVP_MD_CTX *ctx2, - const char *sender, int slen,unsigned char *p); -int ssl3_cert_verify_mac(SSL *s, EVP_MD_CTX *in, unsigned char *p); +int ssl3_final_finish_mac(SSL *s, const char *sender, int slen,unsigned char *p); +int ssl3_cert_verify_mac(SSL *s, int md_nid, unsigned char *p); void ssl3_finish_mac(SSL *s, const unsigned char *buf, int len); int ssl3_enc(SSL *s, int send_data); int ssl3_mac(SSL *ssl, unsigned char *md, int send_data); +void ssl3_free_digest_list(SSL *s); unsigned long ssl3_output_cert_chain(SSL *s, X509 *x); SSL_CIPHER *ssl3_choose_cipher(SSL *ssl,STACK_OF(SSL_CIPHER) *clnt, STACK_OF(SSL_CIPHER) *srvr); int ssl3_setup_buffers(SSL *s); +void ssl3_digest_cached_records(SSL *s); int ssl3_new(SSL *s); void ssl3_free(SSL *s); int ssl3_accept(SSL *s); @@ -957,9 +980,9 @@ void ssl_free_wbio_buffer(SSL *s); int tls1_change_cipher_state(SSL *s, int which); int tls1_setup_key_block(SSL *s); int tls1_enc(SSL *s, int snd); -int tls1_final_finish_mac(SSL *s, EVP_MD_CTX *in1_ctx, EVP_MD_CTX *in2_ctx, +int tls1_final_finish_mac(SSL *s, const char *str, int slen, unsigned char *p); -int tls1_cert_verify_mac(SSL *s, EVP_MD_CTX *in, unsigned char *p); +int tls1_cert_verify_mac(SSL *s, int md_nid, unsigned char *p); int tls1_mac(SSL *ssl, unsigned char *md, int snd); int tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p, int len); diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c index 7a4e2ce076..80cfe44a02 100644 --- a/ssl/t1_enc.c +++ b/ssl/t1_enc.c @@ -190,27 +190,41 @@ static void tls1_P_hash(const EVP_MD *md, const unsigned char *sec, OPENSSL_cleanse(A1,sizeof(A1)); } -static void tls1_PRF(const EVP_MD *md5, const EVP_MD *sha1, +static void tls1_PRF(long digest_mask, unsigned char *label, int label_len, const unsigned char *sec, int slen, unsigned char *out1, unsigned char *out2, int olen) { - int len,i; - const unsigned char *S1,*S2; - - len=slen/2; + int len,i,idx,count; + const unsigned char *S1; + long m; + const EVP_MD *md; + + /* Count number of digests and divide sec evenly */ + count=0; + for (idx=0;ssl_get_handshake_digest(idx,&m,&md);idx++) { + if ((m<<TLS1_PRF_DGST_SHIFT) & digest_mask) count++; + } + len=slen/count; S1=sec; - S2= &(sec[len]); - len+=(slen&1); /* add for odd, make longer */ - - - tls1_P_hash(md5 ,S1,len,label,label_len,out1,olen); - tls1_P_hash(sha1,S2,len,label,label_len,out2,olen); - - for (i=0; i<olen; i++) - out1[i]^=out2[i]; + memset(out1,0,olen); + for (idx=0;ssl_get_handshake_digest(idx,&m,&md);idx++) { + if ((m<<TLS1_PRF_DGST_SHIFT) & digest_mask) { + if (!md) { + SSLerr(SSL_F_TLS1_PRF, + SSL_R_UNSUPPORTED_DIGEST_TYPE); + return; + } + tls1_P_hash(md ,S1,len+(slen&1),label,label_len,out2,olen); + S1+=len; + for (i=0; i<olen; i++) + { + out1[i]^=out2[i]; + } + } } +} static void tls1_generate_key_block(SSL *s, unsigned char *km, unsigned char *tmp, int num) { @@ -227,7 +241,7 @@ static void tls1_generate_key_block(SSL *s, unsigned char *km, memcpy(p,s->s3->client_random,SSL3_RANDOM_SIZE); p+=SSL3_RANDOM_SIZE; - tls1_PRF(s->ctx->md5,s->ctx->sha1,buf,(int)(p-buf), + tls1_PRF(s->s3->tmp.new_cipher->algorithm2,buf,(int)(p-buf), s->session->master_key,s->session->master_key_length, km,tmp,num); #ifdef KSSL_DEBUG @@ -436,7 +450,7 @@ printf("which = %04X\nmac key=",which); p+=SSL3_RANDOM_SIZE; memcpy(p,s->s3->server_random,SSL3_RANDOM_SIZE); p+=SSL3_RANDOM_SIZE; - tls1_PRF(s->ctx->md5,s->ctx->sha1,buf,(int)(p-buf),key,j, + tls1_PRF(s->s3->tmp.new_cipher->algorithm2,buf,(int)(p-buf),key,j, tmp1,tmp2,EVP_CIPHER_key_length(c)); key=tmp1; @@ -450,7 +464,7 @@ printf("which = %04X\nmac key=",which); p+=SSL3_RANDOM_SIZE; memcpy(p,s->s3->server_random,SSL3_RANDOM_SIZE); p+=SSL3_RANDOM_SIZE; - tls1_PRF(s->ctx->md5,s->ctx->sha1,buf,p-buf,empty,0, + tls1_PRF(s->s3->tmp.new_cipher->algorithm2,buf,p-buf,empty,0, iv1,iv2,k*2); if (client_write) iv=iv1; @@ -720,40 +734,63 @@ int tls1_enc(SSL *s, int send) } return(1); } - -int tls1_cert_verify_mac(SSL *s, EVP_MD_CTX *in_ctx, unsigned char *out) +int tls1_cert_verify_mac(SSL *s, int md_nid, unsigned char *out) { unsigned int ret; - EVP_MD_CTX ctx; + EVP_MD_CTX ctx, *d=NULL; + int i; + + if (s->s3->handshake_buffer) + ssl3_digest_cached_records(s); + for (i=0;i<SSL_MAX_DIGEST;i++) + { + if (s->s3->handshake_dgst[i]&&EVP_MD_CTX_type(s->s3->handshake_dgst[i])==md_nid) + { + d=s->s3->handshake_dgst[i]; + break; + } + } + if (!d) { + SSLerr(SSL_F_TLS1_CERT_VERIFY_MAC,SSL_R_NO_REQUIRED_DIGEST); + return 0; + } EVP_MD_CTX_init(&ctx); - EVP_MD_CTX_copy_ex(&ctx,in_ctx); + EVP_MD_CTX_copy_ex(&ctx,d); EVP_DigestFinal_ex(&ctx,out,&ret); EVP_MD_CTX_cleanup(&ctx); return((int)ret); } -int tls1_final_finish_mac(SSL *s, EVP_MD_CTX *in1_ctx, EVP_MD_CTX *in2_ctx, +int tls1_final_finish_mac(SSL *s, const char *str, int slen, unsigned char *out) { unsigned int i; EVP_MD_CTX ctx; unsigned char buf[TLS_MD_MAX_CONST_SIZE+MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH]; unsigned char *q,buf2[12]; + int idx; + long mask; + const EVP_MD *md; q=buf; memcpy(q,str,slen); q+=slen; EVP_MD_CTX_init(&ctx); - EVP_MD_CTX_copy_ex(&ctx,in1_ctx); - EVP_DigestFinal_ex(&ctx,q,&i); - q+=i; - EVP_MD_CTX_copy_ex(&ctx,in2_ctx); - EVP_DigestFinal_ex(&ctx,q,&i); - q+=i; - - tls1_PRF(s->ctx->md5,s->ctx->sha1,buf,(int)(q-buf), + + if (s->s3->handshake_buffer) + ssl3_digest_cached_records(s); + + for (idx=0;ssl_get_handshake_digest(idx,&mask,&md);idx++) { + if (mask & s->s3->tmp.new_cipher->algorithm2) { + EVP_MD_CTX_copy_ex(&ctx,s->s3->handshake_dgst[idx]); + EVP_DigestFinal_ex(&ctx,q,&i); + q+=i; + } + } + + tls1_PRF(s->s3->tmp.new_cipher->algorithm2,buf,(int)(q-buf), s->session->master_key,s->session->master_key_length, out,buf2,sizeof buf2); EVP_MD_CTX_cleanup(&ctx); @@ -853,7 +890,7 @@ int tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p, s->s3->client_random,SSL3_RANDOM_SIZE); memcpy(&(buf[SSL3_RANDOM_SIZE+TLS_MD_MASTER_SECRET_CONST_SIZE]), s->s3->server_random,SSL3_RANDOM_SIZE); - tls1_PRF(s->ctx->md5,s->ctx->sha1, + tls1_PRF(s->s3->tmp.new_cipher->algorithm2, buf,TLS_MD_MASTER_SECRET_CONST_SIZE+SSL3_RANDOM_SIZE*2,p,len, s->session->master_key,buff,sizeof buff); #ifdef KSSL_DEBUG diff --git a/ssl/tls1.h b/ssl/tls1.h index bf802d9e14..f55ab3d352 100644 --- a/ssl/tls1.h +++ b/ssl/tls1.h @@ -420,6 +420,7 @@ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG,0, (void *)arg) /* Stream MAC for GOST ciphersuites from cryptopro draft */ #define TLS1_STREAM_MAC 0x04 + #define TLS_CT_RSA_SIGN 1 #define TLS_CT_DSS_SIGN 2 #define TLS_CT_RSA_FIXED_DH 3 diff --git a/util/ssleay.num b/util/ssleay.num index 8f7548bbd3..3c0bf88270 100755 --- a/util/ssleay.num +++ b/util/ssleay.num @@ -239,17 +239,17 @@ SSL_CTX_sess_get_new_cb 287 EXIST::FUNCTION: SSL_CTX_get_client_cert_cb 288 EXIST::FUNCTION: SSL_CTX_sess_get_remove_cb 289 EXIST::FUNCTION: SSL_set_SSL_CTX 290 EXIST::FUNCTION: -SSL_get_servername 291 EXIST::FUNCTION:TLSEXT -SSL_get_servername_type 292 EXIST::FUNCTION:TLSEXT -SSL_CTX_use_psk_identity_hint 293 EXIST::FUNCTION:PSK -SSL_CTX_set_psk_client_callback 294 EXIST::FUNCTION:PSK -PEM_write_bio_SSL_SESSION 295 EXIST::FUNCTION: -SSL_get_psk_identity_hint 296 EXIST::FUNCTION:PSK -SSL_set_psk_server_callback 297 EXIST::FUNCTION:PSK -SSL_use_psk_identity_hint 298 EXIST::FUNCTION:PSK -SSL_set_psk_client_callback 299 EXIST::FUNCTION:PSK -PEM_read_SSL_SESSION 300 EXIST:!WIN16:FUNCTION: -PEM_read_bio_SSL_SESSION 301 EXIST::FUNCTION: -SSL_CTX_set_psk_server_callback 302 EXIST::FUNCTION:PSK -SSL_get_psk_identity 303 EXIST::FUNCTION:PSK +SSL_CTX_use_psk_identity_hint 291 EXIST::FUNCTION:PSK +SSL_CTX_set_psk_client_callback 292 EXIST::FUNCTION:PSK +SSL_get_psk_identity_hint 293 EXIST::FUNCTION:PSK +SSL_set_psk_server_callback 294 EXIST::FUNCTION:PSK +SSL_use_psk_identity_hint 295 EXIST::FUNCTION:PSK +SSL_set_psk_client_callback 296 EXIST::FUNCTION:PSK +SSL_get_servername 297 EXIST::FUNCTION:TLSEXT +SSL_get_servername_type 298 EXIST::FUNCTION:TLSEXT +SSL_CTX_set_psk_server_callback 299 EXIST::FUNCTION:PSK +SSL_get_psk_identity 300 EXIST::FUNCTION:PSK +PEM_write_bio_SSL_SESSION 301 EXIST::FUNCTION: +PEM_read_SSL_SESSION 302 EXIST:!WIN16:FUNCTION: +PEM_read_bio_SSL_SESSION 303 EXIST::FUNCTION: PEM_write_SSL_SESSION 304 EXIST:!WIN16:FUNCTION: |