[openssl-commits] [openssl] master update
Matt Caswell
matt at openssl.org
Fri Mar 30 18:32:31 UTC 2018
The branch master has been updated
via 803cc8c7d4fce5ba8a4b843e0d778983d5b75c9e (commit)
via 7b4d3ffaf6d7dc68cc492b04e3870b0b3ee08a6f (commit)
via 83cf3423f011c154d161e4545fa02bc569430011 (commit)
from 6714cb1462c4980330e4cc4f65d7c10bc36b369d (commit)
- Log -----------------------------------------------------------------
commit 803cc8c7d4fce5ba8a4b843e0d778983d5b75c9e
Author: Matt Caswell <matt at openssl.org>
Date: Fri Mar 30 14:35:52 2018 +0100
Revert commit 4a56d9a2
We have been unable to trace the contributor of that code to gain their
agreement for the licence change so the code has to be removed.
This commit reverts that contribution. The contribution had no functional
impact so the original way of doing things is still valid. However the
surrounding code has changed significantly so that the exact code as it
was orignally cannot be used. This commit uses the original code as a basis,
but rewrites it to use the PACKET API.
Reviewed-by: Richard Levitte <levitte at openssl.org>
Reviewed-by: Rich Salz <rsalz at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5808)
commit 7b4d3ffaf6d7dc68cc492b04e3870b0b3ee08a6f
Author: Matt Caswell <matt at openssl.org>
Date: Fri Mar 30 14:33:55 2018 +0100
GOST MAC algorithms don't support EVP_PKEY_new_raw_private_key()
We should use the old EVP_PKEY_new_mac_key() instead.
Reviewed-by: Richard Levitte <levitte at openssl.org>
Reviewed-by: Rich Salz <rsalz at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5808)
commit 83cf3423f011c154d161e4545fa02bc569430011
Author: Matt Caswell <matt at openssl.org>
Date: Fri Mar 30 14:33:21 2018 +0100
Update trace code to know about GOST ciphersuites
Reviewed-by: Richard Levitte <levitte at openssl.org>
Reviewed-by: Rich Salz <rsalz at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5808)
-----------------------------------------------------------------------
Summary of changes:
ssl/statem/statem_srvr.c | 46 ++++++++++++++++++++++++++++++++--------------
ssl/t1_enc.c | 2 +-
ssl/t1_trce.c | 4 ++++
3 files changed, 37 insertions(+), 15 deletions(-)
diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c
index c0c406d..876b6a7 100644
--- a/ssl/statem/statem_srvr.c
+++ b/ssl/statem/statem_srvr.c
@@ -3233,11 +3233,9 @@ static int tls_process_cke_gost(SSL *s, PACKET *pkt)
const unsigned char *start;
size_t outlen = 32, inlen;
unsigned long alg_a;
- int Ttag, Tclass;
- long Tlen;
- size_t sess_key_len;
- const unsigned char *data;
+ unsigned int asn1id, asn1len;
int ret = 0;
+ PACKET encdata;
/* Get our certificate private key */
alg_a = s->s3->tmp.new_cipher->algorithm_auth;
@@ -3279,22 +3277,42 @@ static int tls_process_cke_gost(SSL *s, PACKET *pkt)
ERR_clear_error();
}
/* Decrypt session key */
- sess_key_len = PACKET_remaining(pkt);
- if (!PACKET_get_bytes(pkt, &data, sess_key_len)) {
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PROCESS_CKE_GOST,
- ERR_R_INTERNAL_ERROR);
+ if (!PACKET_get_1(pkt, &asn1id)
+ || asn1id != (V_ASN1_SEQUENCE | V_ASN1_CONSTRUCTED)
+ || !PACKET_peek_1(pkt, &asn1len)) {
+ SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_TLS_PROCESS_CKE_GOST,
+ SSL_R_DECRYPTION_FAILED);
goto err;
}
- /* TODO(size_t): Convert this function */
- if (ASN1_get_object((const unsigned char **)&data, &Tlen, &Ttag,
- &Tclass, (long)sess_key_len) != V_ASN1_CONSTRUCTED
- || Ttag != V_ASN1_SEQUENCE || Tclass != V_ASN1_UNIVERSAL) {
+ if (asn1len == 0x81) {
+ /*
+ * Long form length. Should only be one byte of length. Anything else
+ * isn't supported.
+ * We did a successful peek before so this shouldn't fail
+ */
+ if (!PACKET_forward(pkt, 1)) {
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PROCESS_CKE_GOST,
+ SSL_R_DECRYPTION_FAILED);
+ goto err;
+ }
+ } else if (asn1len >= 0x80) {
+ /*
+ * Indefinite length, or more than one long form length bytes. We don't
+ * support it
+ */
+ SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_TLS_PROCESS_CKE_GOST,
+ SSL_R_DECRYPTION_FAILED);
+ goto err;
+ } /* else short form length */
+
+ if (!PACKET_as_length_prefixed_1(pkt, &encdata)) {
SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_TLS_PROCESS_CKE_GOST,
SSL_R_DECRYPTION_FAILED);
goto err;
}
- start = data;
- inlen = Tlen;
+ inlen = PACKET_remaining(&encdata);
+ start = PACKET_data(&encdata);
+
if (EVP_PKEY_decrypt(pkey_ctx, premaster_secret, &outlen, start,
inlen) <= 0) {
SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_TLS_PROCESS_CKE_GOST,
diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c
index 2b0706e..23d3efb 100644
--- a/ssl/t1_enc.c
+++ b/ssl/t1_enc.c
@@ -257,7 +257,7 @@ int tls1_change_cipher_state(SSL *s, int which)
if (!(EVP_CIPHER_flags(c) & EVP_CIPH_FLAG_AEAD_CIPHER)) {
/* TODO(size_t): Convert this function */
- mac_key = EVP_PKEY_new_raw_private_key(mac_type, NULL, mac_secret,
+ mac_key = EVP_PKEY_new_mac_key(mac_type, NULL, mac_secret,
(int)*mac_secret_size);
if (mac_key == NULL
|| EVP_DigestSignInit(mac_ctx, NULL, m, NULL, mac_key) <= 0) {
diff --git a/ssl/t1_trce.c b/ssl/t1_trce.c
index f888d24..d3f67f5 100644
--- a/ssl/t1_trce.c
+++ b/ssl/t1_trce.c
@@ -184,6 +184,8 @@ static const ssl_trace_tbl ssl_ciphers_tbl[] = {
{0x006B, "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256"},
{0x006C, "TLS_DH_anon_WITH_AES_128_CBC_SHA256"},
{0x006D, "TLS_DH_anon_WITH_AES_256_CBC_SHA256"},
+ {0x0081, "TLS_GOSTR341001_WITH_28147_CNT_IMIT"},
+ {0x0083, "TLS_GOSTR341001_WITH_NULL_GOSTR3411"},
{0x0084, "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA"},
{0x0085, "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA"},
{0x0086, "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA"},
@@ -441,6 +443,8 @@ static const ssl_trace_tbl ssl_ciphers_tbl[] = {
{0x1305, "TLS_AES_128_CCM_8_SHA256"},
{0xFEFE, "SSL_RSA_FIPS_WITH_DES_CBC_SHA"},
{0xFEFF, "SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA"},
+ {0xFF85, "GOST2012-GOST8912-GOST8912"},
+ {0xFF87, "GOST2012-NULL-GOST12"},
};
/* Compression methods */
More information about the openssl-commits
mailing list