diff options
author | Matt Caswell <matt@openssl.org> | 2022-05-25 17:19:33 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2022-08-18 16:38:13 +0100 |
commit | 6366bdd9be281984d675865ed5467bcf523640c5 (patch) | |
tree | d4a927d73a93c8456751d426e6d0a38853b596db /ssl | |
parent | ed0e298fb8a3864b232e1d3801e849935a7a7f7e (diff) |
Remove the separation betweeen enc_read_ctx and enc_write_ctx
Similarly with read_hash and write_hash. In the new model we have a
separate record layer object for reading and writing. Therefore we don't
need to distinguish between reading and writing inside the record layer
object in the encryption and md ctxs.
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/record/methods/recmethod_local.h | 5 | ||||
-rw-r--r-- | ssl/record/methods/ssl3_meth.c | 38 | ||||
-rw-r--r-- | ssl/record/methods/tls13_meth.c | 11 | ||||
-rw-r--r-- | ssl/record/methods/tls1_meth.c | 63 | ||||
-rw-r--r-- | ssl/record/methods/tls_common.c | 20 |
5 files changed, 52 insertions, 85 deletions
diff --git a/ssl/record/methods/recmethod_local.h b/ssl/record/methods/recmethod_local.h index 9284783b36..2c677205a8 100644 --- a/ssl/record/methods/recmethod_local.h +++ b/ssl/record/methods/recmethod_local.h @@ -130,10 +130,11 @@ struct ossl_record_layer_st size_t empty_record_count; /* cryptographic state */ - EVP_CIPHER_CTX *enc_read_ctx; + EVP_CIPHER_CTX *enc_ctx; /* used for mac generation */ - EVP_MD_CTX *read_hash; + EVP_MD_CTX *md_ctx; + /* uncompress */ COMP_CTX *expand; diff --git a/ssl/record/methods/ssl3_meth.c b/ssl/record/methods/ssl3_meth.c index 7e8219a094..c841bacce7 100644 --- a/ssl/record/methods/ssl3_meth.c +++ b/ssl/record/methods/ssl3_meth.c @@ -34,14 +34,14 @@ static int ssl3_set_crypto_state(OSSL_RECORD_LAYER *rl, int level, return OSSL_RECORD_RETURN_FATAL; } - if ((rl->enc_read_ctx = EVP_CIPHER_CTX_new()) == NULL) { + if ((rl->enc_ctx = EVP_CIPHER_CTX_new()) == NULL) { ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR); return OSSL_RECORD_RETURN_FATAL; } - ciph_ctx = rl->enc_read_ctx; + ciph_ctx = rl->enc_ctx; - rl->read_hash = EVP_MD_CTX_new(); - if (rl->read_hash == NULL) { + rl->md_ctx = EVP_MD_CTX_new(); + if (rl->md_ctx == NULL) { ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR); return OSSL_RECORD_RETURN_FATAL; } @@ -100,19 +100,12 @@ static int ssl3_cipher(OSSL_RECORD_LAYER *rl, SSL3_RECORD *inrecs, size_t n_recs */ if (n_recs != 1) return 0; - if (sending) { - ds = s->enc_write_ctx; - if (s->enc_write_ctx == NULL) - enc = NULL; - else - enc = EVP_CIPHER_CTX_get0_cipher(s->enc_write_ctx); - } else { - ds = rl->enc_read_ctx; - if (rl->enc_read_ctx == NULL) - enc = NULL; - else - enc = EVP_CIPHER_CTX_get0_cipher(rl->enc_read_ctx); - } + + ds = rl->enc_ctx; + if (rl->enc_ctx == NULL) + enc = NULL; + else + enc = EVP_CIPHER_CTX_get0_cipher(rl->enc_ctx); provided = (EVP_CIPHER_get0_provider(enc) != NULL); @@ -222,13 +215,8 @@ static int ssl3_mac(OSSL_RECORD_LAYER *rl, SSL3_RECORD *rec, unsigned char *md, size_t npad; int t; - if (sending) { - mac_sec = &(ssl->s3.write_mac_secret[0]); - hash = ssl->write_hash; - } else { - mac_sec = &(rl->mac_secret[0]); - hash = rl->read_hash; - } + mac_sec = &(rl->mac_secret[0]); + hash = rl->md_ctx; t = EVP_MD_CTX_get_size(hash); if (t < 0) @@ -237,7 +225,7 @@ static int ssl3_mac(OSSL_RECORD_LAYER *rl, SSL3_RECORD *rec, unsigned char *md, npad = (48 / md_size) * md_size; if (!sending - && EVP_CIPHER_CTX_get_mode(rl->enc_read_ctx) == EVP_CIPH_CBC_MODE + && EVP_CIPHER_CTX_get_mode(rl->enc_ctx) == EVP_CIPH_CBC_MODE && ssl3_cbc_record_digest_supported(hash)) { #ifdef OPENSSL_NO_DEPRECATED_3_0 return 0; diff --git a/ssl/record/methods/tls13_meth.c b/ssl/record/methods/tls13_meth.c index d5a8af4f8d..35270e6414 100644 --- a/ssl/record/methods/tls13_meth.c +++ b/ssl/record/methods/tls13_meth.c @@ -35,7 +35,7 @@ static int tls13_set_crypto_state(OSSL_RECORD_LAYER *rl, int level, } memcpy(rl->iv, iv, ivlen); - ciph_ctx = rl->enc_read_ctx = EVP_CIPHER_CTX_new(); + ciph_ctx = rl->enc_ctx = EVP_CIPHER_CTX_new(); if (ciph_ctx == NULL) { ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR); return OSSL_RECORD_RETURN_FATAL; @@ -78,13 +78,8 @@ static int tls13_cipher(OSSL_RECORD_LAYER *rl, SSL3_RECORD *recs, size_t n_recs, return 0; } - if (sending) { - ctx = s->enc_write_ctx; - staticiv = s->write_iv; - } else { - ctx = rl->enc_read_ctx; - staticiv = rl->iv; - } + ctx = rl->enc_ctx; + staticiv = rl->iv; cipher = EVP_CIPHER_CTX_get0_cipher(ctx); if (cipher == NULL) { diff --git a/ssl/record/methods/tls1_meth.c b/ssl/record/methods/tls1_meth.c index 8d189bcb89..7b64793f87 100644 --- a/ssl/record/methods/tls1_meth.c +++ b/ssl/record/methods/tls1_meth.c @@ -34,15 +34,15 @@ static int tls1_set_crypto_state(OSSL_RECORD_LAYER *rl, int level, if (level != OSSL_RECORD_PROTECTION_LEVEL_APPLICATION) return OSSL_RECORD_RETURN_FATAL; - if ((rl->enc_read_ctx = EVP_CIPHER_CTX_new()) == NULL) { + if ((rl->enc_ctx = EVP_CIPHER_CTX_new()) == NULL) { RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); return OSSL_RECORD_RETURN_FATAL; } - ciph_ctx = rl->enc_read_ctx; + ciph_ctx = rl->enc_ctx; - rl->read_hash = EVP_MD_CTX_new(); - if (rl->read_hash == NULL) { + rl->md_ctx = EVP_MD_CTX_new(); + if (rl->md_ctx == NULL) { RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); return OSSL_RECORD_RETURN_FATAL; } @@ -75,7 +75,7 @@ static int tls1_set_crypto_state(OSSL_RECORD_LAYER *rl, int level, (int)mackeylen); } if (mac_key == NULL - || EVP_DigestSignInit_ex(rl->read_hash, NULL, EVP_MD_get0_name(md), + || EVP_DigestSignInit_ex(rl->md_ctx, NULL, EVP_MD_get0_name(md), rl->libctx, rl->propq, mac_key, NULL) <= 0) { EVP_PKEY_free(mac_key); @@ -160,23 +160,25 @@ static int tls1_cipher(OSSL_RECORD_LAYER *rl, SSL3_RECORD *recs, size_t n_recs, return 0; } - if (sending) { - int ivlen; - if (EVP_MD_CTX_get0_md(s->write_hash)) { - int n = EVP_MD_CTX_get_size(s->write_hash); - if (!ossl_assert(n >= 0)) { - RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); - return 0; - } - } - ds = s->enc_write_ctx; - if (!ossl_assert(s->enc_write_ctx)) { + if (EVP_MD_CTX_get0_md(rl->md_ctx)) { + int n = EVP_MD_CTX_get_size(rl->md_ctx); + if (!ossl_assert(n >= 0)) { RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); return 0; } + } + ds = rl->enc_ctx; + if (!ossl_assert(rl->enc_ctx)) { + RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); + return 0; + } + + enc = EVP_CIPHER_CTX_get0_cipher(rl->enc_ctx); + + if (sending) { + int ivlen; - enc = EVP_CIPHER_CTX_get0_cipher(s->enc_write_ctx); /* For TLSv1.1 and later explicit IV */ if (RLAYER_USE_EXPLICIT_IV(s) && EVP_CIPHER_get_mode(enc) == EVP_CIPH_CBC_MODE) @@ -192,30 +194,14 @@ static int tls1_cipher(OSSL_RECORD_LAYER *rl, SSL3_RECORD *recs, size_t n_recs, */ RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); return 0; - } else if (RAND_bytes_ex(sctx->libctx, recs[ctr].input, - ivlen, 0) <= 0) { + } else if (RAND_bytes_ex(rl->libctx, recs[ctr].input, + ivlen, 0) <= 0) { RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); return 0; } } } - } else { - if (EVP_MD_CTX_get0_md(rl->read_hash)) { - int n = EVP_MD_CTX_get_size(rl->read_hash); - if (!ossl_assert(n >= 0)) { - RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); - return 0; - } - } - ds = rl->enc_read_ctx; - if (!ossl_assert(rl->enc_read_ctx)) { - RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); - return 0; - } - - enc = EVP_CIPHER_CTX_get0_cipher(rl->enc_read_ctx); } - if ((s->session == NULL) || (enc == NULL)) { RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); return 0; @@ -474,10 +460,7 @@ static int tls1_mac(OSSL_RECORD_LAYER *rl, SSL3_RECORD *rec, unsigned char *md, int t; int ret = 0; - if (sending) - hash = ssl->write_hash; - else - hash = rl->read_hash; + hash = rl->md_ctx; t = EVP_MD_CTX_get_size(hash); if (!ossl_assert(t >= 0)) @@ -519,7 +502,7 @@ static int tls1_mac(OSSL_RECORD_LAYER *rl, SSL3_RECORD *rec, unsigned char *md, header[12] = (unsigned char)(rec->length & 0xff); if (!sending && !rl->use_etm - && EVP_CIPHER_CTX_get_mode(rl->enc_read_ctx) == EVP_CIPH_CBC_MODE + && EVP_CIPHER_CTX_get_mode(rl->enc_ctx) == EVP_CIPH_CBC_MODE && ssl3_cbc_record_digest_supported(mac_ctx)) { OSSL_PARAM tls_hmac_params[2], *p = tls_hmac_params; diff --git a/ssl/record/methods/tls_common.c b/ssl/record/methods/tls_common.c index a5a0b08af0..49ca086d81 100644 --- a/ssl/record/methods/tls_common.c +++ b/ssl/record/methods/tls_common.c @@ -616,8 +616,8 @@ static int tls_get_more_records(OSSL_RECORD_LAYER *rl, } while (num_recs < max_recs && thisrr->type == SSL3_RT_APPLICATION_DATA && RLAYER_USE_EXPLICIT_IV(rl) - && rl->enc_read_ctx != NULL - && (EVP_CIPHER_get_flags(EVP_CIPHER_CTX_get0_cipher(rl->enc_read_ctx)) + && rl->enc_ctx != NULL + && (EVP_CIPHER_get_flags(EVP_CIPHER_CTX_get0_cipher(rl->enc_ctx)) & EVP_CIPH_FLAG_PIPELINE) != 0 && tls_record_app_data_waiting(rl)); @@ -652,8 +652,8 @@ static int tls_get_more_records(OSSL_RECORD_LAYER *rl, return OSSL_RECORD_RETURN_SUCCESS; } - if (rl->read_hash != NULL) { - const EVP_MD *tmpmd = EVP_MD_CTX_get0_md(rl->read_hash); + if (rl->md_ctx != NULL) { + const EVP_MD *tmpmd = EVP_MD_CTX_get0_md(rl->md_ctx); if (tmpmd != NULL) { imac_size = EVP_MD_get_size(tmpmd); @@ -669,7 +669,7 @@ static int tls_get_more_records(OSSL_RECORD_LAYER *rl, * If in encrypt-then-mac mode calculate mac from encrypted record. All * the details below are public so no timing details can leak. */ - if (rl->use_etm && rl->read_hash) { + if (rl->use_etm && rl->md_ctx) { unsigned char *mac; for (j = 0; j < num_recs; j++) { @@ -754,10 +754,10 @@ static int tls_get_more_records(OSSL_RECORD_LAYER *rl, } OSSL_TRACE_END(TLS); /* r->length is now the compressed data plus mac */ - if (rl->enc_read_ctx != NULL + if (rl->enc_ctx != NULL && !rl->use_etm - && EVP_MD_CTX_get0_md(rl->read_hash) != NULL) { - /* rl->read_hash != NULL => mac_size != -1 */ + && EVP_MD_CTX_get0_md(rl->md_ctx) != NULL) { + /* rl->md_ctx != NULL => mac_size != -1 */ for (j = 0; j < num_recs; j++) { SSL_MAC_BUF *thismb = &macbufs[j]; @@ -1262,8 +1262,8 @@ static void tls_int_free(OSSL_RECORD_LAYER *rl) BIO_free(rl->next); SSL3_BUFFER_release(&rl->rbuf); - EVP_CIPHER_CTX_free(rl->enc_read_ctx); - EVP_MD_CTX_free(rl->read_hash); + EVP_CIPHER_CTX_free(rl->enc_ctx); + EVP_MD_CTX_free(rl->md_ctx); #ifndef OPENSSL_NO_COMP COMP_CTX_free(rl->expand); #endif |