Lines Matching +full:enable +full:- +full:ssl +full:- +full:trace
2 * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
22 #include <openssl/trace.h>
25 static int tls1_PRF(SSL *s, in tls1_PRF()
48 kdf = EVP_KDF_fetch(s->ctx->libctx, OSSL_KDF_NAME_TLS1_PRF, s->ctx->propq); in tls1_PRF()
86 static int tls1_generate_key_block(SSL *s, unsigned char *km, size_t num) in tls1_generate_key_block()
93 TLS_MD_KEY_EXPANSION_CONST_SIZE, s->s3.server_random, in tls1_generate_key_block()
94 SSL3_RANDOM_SIZE, s->s3.client_random, SSL3_RANDOM_SIZE, in tls1_generate_key_block()
95 NULL, 0, NULL, 0, s->session->master_key, in tls1_generate_key_block()
96 s->session->master_key_length, km, num, 1); in tls1_generate_key_block()
110 static int count_unprocessed_records(SSL *s) in count_unprocessed_records()
112 SSL3_BUFFER *rbuf = RECORD_LAYER_get_rbuf(&s->rlayer); in count_unprocessed_records()
116 if (!PACKET_buf_init(&pkt, rbuf->buf + rbuf->offset, rbuf->left)) in count_unprocessed_records()
117 return -1; in count_unprocessed_records()
122 return -1; in count_unprocessed_records()
126 return -1; in count_unprocessed_records()
137 int tls_provider_set_tls_params(SSL *s, EVP_CIPHER_CTX *ctx, in tls_provider_set_tls_params()
147 int imacsize = -1; in tls_provider_set_tls_params()
151 * We look at s->ext.use_etm instead of SSL_READ_ETM() or in tls_provider_set_tls_params()
155 && !s->ext.use_etm) in tls_provider_set_tls_params()
161 &s->version); in tls_provider_set_tls_params()
186 int tls1_change_cipher_state(SSL *s, int which) in tls1_change_cipher_state()
213 c = s->s3.tmp.new_sym_enc; in tls1_change_cipher_state()
214 m = s->s3.tmp.new_hash; in tls1_change_cipher_state()
215 mac_type = s->s3.tmp.new_mac_pkey_type; in tls1_change_cipher_state()
217 comp = s->s3.tmp.new_compression; in tls1_change_cipher_state()
221 if (s->ext.use_etm) in tls1_change_cipher_state()
222 s->s3.flags |= TLS1_FLAGS_ENCRYPT_THEN_MAC_READ; in tls1_change_cipher_state()
224 s->s3.flags &= ~TLS1_FLAGS_ENCRYPT_THEN_MAC_READ; in tls1_change_cipher_state()
226 if (s->s3.tmp.new_cipher->algorithm2 & TLS1_STREAM_MAC) in tls1_change_cipher_state()
227 s->mac_flags |= SSL_MAC_FLAG_READ_MAC_STREAM; in tls1_change_cipher_state()
229 s->mac_flags &= ~SSL_MAC_FLAG_READ_MAC_STREAM; in tls1_change_cipher_state()
231 if (s->s3.tmp.new_cipher->algorithm2 & TLS1_TLSTREE) in tls1_change_cipher_state()
232 s->mac_flags |= SSL_MAC_FLAG_READ_MAC_TLSTREE; in tls1_change_cipher_state()
234 s->mac_flags &= ~SSL_MAC_FLAG_READ_MAC_TLSTREE; in tls1_change_cipher_state()
236 if (s->enc_read_ctx != NULL) { in tls1_change_cipher_state()
238 } else if ((s->enc_read_ctx = EVP_CIPHER_CTX_new()) == NULL) { in tls1_change_cipher_state()
245 EVP_CIPHER_CTX_reset(s->enc_read_ctx); in tls1_change_cipher_state()
247 dd = s->enc_read_ctx; in tls1_change_cipher_state()
248 mac_ctx = ssl_replace_hash(&s->read_hash, NULL); in tls1_change_cipher_state()
254 COMP_CTX_free(s->expand); in tls1_change_cipher_state()
255 s->expand = NULL; in tls1_change_cipher_state()
257 s->expand = COMP_CTX_new(comp->method); in tls1_change_cipher_state()
258 if (s->expand == NULL) { in tls1_change_cipher_state()
269 RECORD_LAYER_reset_read_sequence(&s->rlayer); in tls1_change_cipher_state()
270 mac_secret = &(s->s3.read_mac_secret[0]); in tls1_change_cipher_state()
271 mac_secret_size = &(s->s3.read_mac_secret_size); in tls1_change_cipher_state()
273 s->statem.enc_write_state = ENC_WRITE_STATE_INVALID; in tls1_change_cipher_state()
274 if (s->ext.use_etm) in tls1_change_cipher_state()
275 s->s3.flags |= TLS1_FLAGS_ENCRYPT_THEN_MAC_WRITE; in tls1_change_cipher_state()
277 s->s3.flags &= ~TLS1_FLAGS_ENCRYPT_THEN_MAC_WRITE; in tls1_change_cipher_state()
279 if (s->s3.tmp.new_cipher->algorithm2 & TLS1_STREAM_MAC) in tls1_change_cipher_state()
280 s->mac_flags |= SSL_MAC_FLAG_WRITE_MAC_STREAM; in tls1_change_cipher_state()
282 s->mac_flags &= ~SSL_MAC_FLAG_WRITE_MAC_STREAM; in tls1_change_cipher_state()
284 if (s->s3.tmp.new_cipher->algorithm2 & TLS1_TLSTREE) in tls1_change_cipher_state()
285 s->mac_flags |= SSL_MAC_FLAG_WRITE_MAC_TLSTREE; in tls1_change_cipher_state()
287 s->mac_flags &= ~SSL_MAC_FLAG_WRITE_MAC_TLSTREE; in tls1_change_cipher_state()
288 if (s->enc_write_ctx != NULL && !SSL_IS_DTLS(s)) { in tls1_change_cipher_state()
290 } else if ((s->enc_write_ctx = EVP_CIPHER_CTX_new()) == NULL) { in tls1_change_cipher_state()
294 dd = s->enc_write_ctx; in tls1_change_cipher_state()
301 s->write_hash = mac_ctx; in tls1_change_cipher_state()
303 mac_ctx = ssl_replace_hash(&s->write_hash, NULL); in tls1_change_cipher_state()
310 COMP_CTX_free(s->compress); in tls1_change_cipher_state()
311 s->compress = NULL; in tls1_change_cipher_state()
313 s->compress = COMP_CTX_new(comp->method); in tls1_change_cipher_state()
314 if (s->compress == NULL) { in tls1_change_cipher_state()
325 RECORD_LAYER_reset_write_sequence(&s->rlayer); in tls1_change_cipher_state()
326 mac_secret = &(s->s3.write_mac_secret[0]); in tls1_change_cipher_state()
327 mac_secret_size = &(s->s3.write_mac_secret_size); in tls1_change_cipher_state()
333 p = s->s3.tmp.key_block; in tls1_change_cipher_state()
334 i = *mac_secret_size = s->s3.tmp.new_mac_secret_size; in tls1_change_cipher_state()
357 if (n > s->s3.tmp.key_block_length) { in tls1_change_cipher_state()
366 mac_key = EVP_PKEY_new_raw_private_key_ex(s->ctx->libctx, "HMAC", in tls1_change_cipher_state()
367 s->ctx->propq, mac_secret, in tls1_change_cipher_state()
380 s->ctx->libctx, s->ctx->propq, mac_key, in tls1_change_cipher_state()
403 if (s->s3.tmp. in tls1_change_cipher_state()
404 new_cipher->algorithm_enc & (SSL_AES128CCM8 | SSL_AES256CCM8)) in tls1_change_cipher_state()
412 || !EVP_CipherInit_ex(dd, NULL, NULL, key, NULL, -1)) { in tls1_change_cipher_state()
422 /* Needed for "composite" AEADs, such as RC4-HMAC-MD5 */ in tls1_change_cipher_state()
437 if (s->compress || (s->options & SSL_OP_ENABLE_KTLS) == 0) in tls1_change_cipher_state()
449 bio = s->wbio; in tls1_change_cipher_state()
451 bio = s->rbio; in tls1_change_cipher_state()
465 if ((BIO_get_ktls_send(s->wbio) && (which & SSL3_CC_WRITE)) || in tls1_change_cipher_state()
466 (BIO_get_ktls_recv(s->rbio) && (which & SSL3_CC_READ))) { in tls1_change_cipher_state()
472 rl_sequence = RECORD_LAYER_get_write_sequence(&s->rlayer); in tls1_change_cipher_state()
474 rl_sequence = RECORD_LAYER_get_read_sequence(&s->rlayer); in tls1_change_cipher_state()
488 for (bit = 7; bit >= 0; bit--) { /* increment */ in tls1_change_cipher_state()
493 count_unprocessed--; in tls1_change_cipher_state()
509 s->statem.enc_write_state = ENC_WRITE_STATE_VALID; in tls1_change_cipher_state()
523 int tls1_setup_key_block(SSL *s) in tls1_setup_key_block()
533 if (s->s3.tmp.key_block_length != 0) in tls1_setup_key_block()
536 if (!ssl_cipher_get_evp(s->ctx, s->session, &c, &hash, &mac_type, in tls1_setup_key_block()
537 &mac_secret_size, &comp, s->ext.use_etm)) { in tls1_setup_key_block()
543 ssl_evp_cipher_free(s->s3.tmp.new_sym_enc); in tls1_setup_key_block()
544 s->s3.tmp.new_sym_enc = c; in tls1_setup_key_block()
545 ssl_evp_md_free(s->s3.tmp.new_hash); in tls1_setup_key_block()
546 s->s3.tmp.new_hash = hash; in tls1_setup_key_block()
547 s->s3.tmp.new_mac_pkey_type = mac_type; in tls1_setup_key_block()
548 s->s3.tmp.new_mac_secret_size = mac_secret_size; in tls1_setup_key_block()
560 s->s3.tmp.key_block_length = num; in tls1_setup_key_block()
561 s->s3.tmp.key_block = p; in tls1_setup_key_block()
566 BIO_dump_indent(trc_out, s->s3.client_random, SSL3_RANDOM_SIZE, 4); in tls1_setup_key_block()
568 BIO_dump_indent(trc_out, s->s3.server_random, SSL3_RANDOM_SIZE, 4); in tls1_setup_key_block()
571 s->session->master_key, in tls1_setup_key_block()
572 s->session->master_key_length, 4); in tls1_setup_key_block()
585 if (!(s->options & SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS) in tls1_setup_key_block()
586 && s->method->version <= TLS1_VERSION) { in tls1_setup_key_block()
588 * enable vulnerability countermeasure for CBC ciphers with known-IV in tls1_setup_key_block()
589 * problem (http://www.openssl.org/~bodo/tls-cbc.txt) in tls1_setup_key_block()
591 s->s3.need_empty_fragments = 1; in tls1_setup_key_block()
593 if (s->session->cipher != NULL) { in tls1_setup_key_block()
594 if (s->session->cipher->algorithm_enc == SSL_eNULL) in tls1_setup_key_block()
595 s->s3.need_empty_fragments = 0; in tls1_setup_key_block()
597 if (s->session->cipher->algorithm_enc == SSL_RC4) in tls1_setup_key_block()
598 s->s3.need_empty_fragments = 0; in tls1_setup_key_block()
607 size_t tls1_final_finish_mac(SSL *s, const char *str, size_t slen, in tls1_final_finish_mac()
614 if (s->s3.tmp.new_cipher->algorithm_mkey & SSL_kGOST18) in tls1_final_finish_mac()
628 s->session->master_key, s->session->master_key_length, in tls1_final_finish_mac()
637 int tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p, in tls1_generate_master_secret()
640 if (s->session->flags & SSL_SESS_FLAG_EXTMS) { in tls1_generate_master_secret()
673 s->s3.client_random, SSL3_RANDOM_SIZE, in tls1_generate_master_secret()
675 s->s3.server_random, SSL3_RANDOM_SIZE, in tls1_generate_master_secret()
687 BIO_dump_indent(trc_out, s->s3.client_random, SSL3_RANDOM_SIZE, 4); in tls1_generate_master_secret()
689 BIO_dump_indent(trc_out, s->s3.server_random, SSL3_RANDOM_SIZE, 4); in tls1_generate_master_secret()
692 s->session->master_key, in tls1_generate_master_secret()
700 int tls1_export_keying_material(SSL *s, unsigned char *out, size_t olen, in tls1_export_keying_material()
725 memcpy(val + currentvalpos, s->s3.client_random, SSL3_RANDOM_SIZE); in tls1_export_keying_material()
727 memcpy(val + currentvalpos, s->s3.server_random, SSL3_RANDOM_SIZE); in tls1_export_keying_material()
767 s->session->master_key, s->session->master_key_length, in tls1_export_keying_material()
801 return -1; in tls1_alert_code()
855 return -1; in tls1_alert_code()