From: jsing Date: Mon, 15 Jul 2024 14:45:15 +0000 (+0000) Subject: Mop up TLS1_PRF* defines. X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=2bfbbd8ba554a6c3c55fb2c15479e52af18654ae;p=openbsd Mop up TLS1_PRF* defines. These have not been used for a long time, however SSL_CIPHER was not opaque at the time, hence they had to stick around. Now that SSL_CIPHER is opaque we can simply mop them up. ok tb@ --- diff --git a/lib/libssl/s3_lib.c b/lib/libssl/s3_lib.c index 0eec6e97129..1c1906d9e78 100644 --- a/lib/libssl/s3_lib.c +++ b/lib/libssl/s3_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s3_lib.c,v 1.252 2024/05/10 05:08:05 tb Exp $ */ +/* $OpenBSD: s3_lib.c,v 1.253 2024/07/15 14:45:15 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -183,7 +183,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_MD5, .algorithm_ssl = SSL_SSLV3, .algo_strength = SSL_STRONG_NONE, - .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, + .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT, .strength_bits = 0, .alg_bits = 0, }, @@ -199,7 +199,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_SHA1, .algorithm_ssl = SSL_SSLV3, .algo_strength = SSL_STRONG_NONE, - .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, + .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT, .strength_bits = 0, .alg_bits = 0, }, @@ -215,7 +215,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_MD5, .algorithm_ssl = SSL_SSLV3, .algo_strength = SSL_LOW, - .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, + .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT, .strength_bits = 128, .alg_bits = 128, }, @@ -231,7 +231,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_SHA1, .algorithm_ssl = SSL_SSLV3, .algo_strength = SSL_LOW, - .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, + .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT, .strength_bits = 128, .alg_bits = 128, }, @@ -247,7 +247,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_SHA1, .algorithm_ssl = SSL_SSLV3, .algo_strength = SSL_MEDIUM, - .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, + .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT, .strength_bits = 112, .alg_bits = 168, }, @@ -267,7 +267,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_SHA1, .algorithm_ssl = SSL_SSLV3, .algo_strength = SSL_MEDIUM, - .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, + .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT, .strength_bits = 112, .alg_bits = 168, }, @@ -283,7 +283,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_MD5, .algorithm_ssl = SSL_SSLV3, .algo_strength = SSL_LOW, - .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, + .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT, .strength_bits = 128, .alg_bits = 128, }, @@ -299,7 +299,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_SHA1, .algorithm_ssl = SSL_SSLV3, .algo_strength = SSL_MEDIUM, - .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, + .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT, .strength_bits = 112, .alg_bits = 168, }, @@ -319,7 +319,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_SHA1, .algorithm_ssl = SSL_TLSV1, .algo_strength = SSL_HIGH, - .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, + .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT, .strength_bits = 128, .alg_bits = 128, }, @@ -335,7 +335,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_SHA1, .algorithm_ssl = SSL_TLSV1, .algo_strength = SSL_HIGH, - .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, + .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT, .strength_bits = 128, .alg_bits = 128, }, @@ -351,7 +351,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_SHA1, .algorithm_ssl = SSL_TLSV1, .algo_strength = SSL_HIGH, - .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, + .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT, .strength_bits = 128, .alg_bits = 128, }, @@ -367,7 +367,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_SHA1, .algorithm_ssl = SSL_TLSV1, .algo_strength = SSL_HIGH, - .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, + .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT, .strength_bits = 256, .alg_bits = 256, }, @@ -383,7 +383,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_SHA1, .algorithm_ssl = SSL_TLSV1, .algo_strength = SSL_HIGH, - .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, + .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT, .strength_bits = 256, .alg_bits = 256, }, @@ -399,7 +399,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_SHA1, .algorithm_ssl = SSL_TLSV1, .algo_strength = SSL_HIGH, - .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, + .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT, .strength_bits = 256, .alg_bits = 256, }, @@ -416,7 +416,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_SHA256, .algorithm_ssl = SSL_TLSV1_2, .algo_strength = SSL_STRONG_NONE, - .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, + .algorithm2 = SSL_HANDSHAKE_MAC_SHA256, .strength_bits = 0, .alg_bits = 0, }, @@ -432,7 +432,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_SHA256, .algorithm_ssl = SSL_TLSV1_2, .algo_strength = SSL_HIGH, - .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, + .algorithm2 = SSL_HANDSHAKE_MAC_SHA256, .strength_bits = 128, .alg_bits = 128, }, @@ -448,7 +448,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_SHA256, .algorithm_ssl = SSL_TLSV1_2, .algo_strength = SSL_HIGH, - .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, + .algorithm2 = SSL_HANDSHAKE_MAC_SHA256, .strength_bits = 256, .alg_bits = 256, }, @@ -467,7 +467,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_SHA1, .algorithm_ssl = SSL_TLSV1, .algo_strength = SSL_HIGH, - .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, + .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT, .strength_bits = 128, .alg_bits = 128, }, @@ -483,7 +483,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_SHA1, .algorithm_ssl = SSL_TLSV1, .algo_strength = SSL_HIGH, - .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, + .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT, .strength_bits = 128, .alg_bits = 128, }, @@ -499,7 +499,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_SHA1, .algorithm_ssl = SSL_TLSV1, .algo_strength = SSL_HIGH, - .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, + .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT, .strength_bits = 128, .alg_bits = 128, }, @@ -517,7 +517,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_SHA256, .algorithm_ssl = SSL_TLSV1_2, .algo_strength = SSL_HIGH, - .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, + .algorithm2 = SSL_HANDSHAKE_MAC_SHA256, .strength_bits = 128, .alg_bits = 128, }, @@ -533,7 +533,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_SHA256, .algorithm_ssl = SSL_TLSV1_2, .algo_strength = SSL_HIGH, - .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, + .algorithm2 = SSL_HANDSHAKE_MAC_SHA256, .strength_bits = 256, .alg_bits = 256, }, @@ -549,7 +549,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_SHA256, .algorithm_ssl = SSL_TLSV1_2, .algo_strength = SSL_HIGH, - .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, + .algorithm2 = SSL_HANDSHAKE_MAC_SHA256, .strength_bits = 128, .alg_bits = 128, }, @@ -565,7 +565,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_SHA256, .algorithm_ssl = SSL_TLSV1_2, .algo_strength = SSL_HIGH, - .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, + .algorithm2 = SSL_HANDSHAKE_MAC_SHA256, .strength_bits = 256, .alg_bits = 256, }, @@ -584,7 +584,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_SHA1, .algorithm_ssl = SSL_TLSV1, .algo_strength = SSL_HIGH, - .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, + .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT, .strength_bits = 256, .alg_bits = 256, }, @@ -600,7 +600,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_SHA1, .algorithm_ssl = SSL_TLSV1, .algo_strength = SSL_HIGH, - .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, + .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT, .strength_bits = 256, .alg_bits = 256, }, @@ -616,7 +616,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_SHA1, .algorithm_ssl = SSL_TLSV1, .algo_strength = SSL_HIGH, - .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, + .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT, .strength_bits = 256, .alg_bits = 256, }, @@ -637,7 +637,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_AEAD, .algorithm_ssl = SSL_TLSV1_2, .algo_strength = SSL_HIGH, - .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, + .algorithm2 = SSL_HANDSHAKE_MAC_SHA256, .strength_bits = 128, .alg_bits = 128, }, @@ -653,7 +653,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_AEAD, .algorithm_ssl = SSL_TLSV1_2, .algo_strength = SSL_HIGH, - .algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, + .algorithm2 = SSL_HANDSHAKE_MAC_SHA384, .strength_bits = 256, .alg_bits = 256, }, @@ -669,7 +669,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_AEAD, .algorithm_ssl = SSL_TLSV1_2, .algo_strength = SSL_HIGH, - .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, + .algorithm2 = SSL_HANDSHAKE_MAC_SHA256, .strength_bits = 128, .alg_bits = 128, }, @@ -685,7 +685,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_AEAD, .algorithm_ssl = SSL_TLSV1_2, .algo_strength = SSL_HIGH, - .algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, + .algorithm2 = SSL_HANDSHAKE_MAC_SHA384, .strength_bits = 256, .alg_bits = 256, }, @@ -701,7 +701,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_AEAD, .algorithm_ssl = SSL_TLSV1_2, .algo_strength = SSL_HIGH, - .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, + .algorithm2 = SSL_HANDSHAKE_MAC_SHA256, .strength_bits = 128, .alg_bits = 128, }, @@ -717,7 +717,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_AEAD, .algorithm_ssl = SSL_TLSV1_2, .algo_strength = SSL_HIGH, - .algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, + .algorithm2 = SSL_HANDSHAKE_MAC_SHA384, .strength_bits = 256, .alg_bits = 256, }, @@ -736,7 +736,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_SHA256, .algorithm_ssl = SSL_TLSV1_2, .algo_strength = SSL_HIGH, - .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, + .algorithm2 = SSL_HANDSHAKE_MAC_SHA256, .strength_bits = 128, .alg_bits = 128, }, @@ -752,7 +752,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_SHA256, .algorithm_ssl = SSL_TLSV1_2, .algo_strength = SSL_HIGH, - .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, + .algorithm2 = SSL_HANDSHAKE_MAC_SHA256, .strength_bits = 128, .alg_bits = 128, }, @@ -768,7 +768,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_SHA256, .algorithm_ssl = SSL_TLSV1_2, .algo_strength = SSL_HIGH, - .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, + .algorithm2 = SSL_HANDSHAKE_MAC_SHA256, .strength_bits = 128, .alg_bits = 128, }, @@ -784,7 +784,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_SHA256, .algorithm_ssl = SSL_TLSV1_2, .algo_strength = SSL_HIGH, - .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, + .algorithm2 = SSL_HANDSHAKE_MAC_SHA256, .strength_bits = 256, .alg_bits = 256, }, @@ -800,7 +800,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_SHA256, .algorithm_ssl = SSL_TLSV1_2, .algo_strength = SSL_HIGH, - .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, + .algorithm2 = SSL_HANDSHAKE_MAC_SHA256, .strength_bits = 256, .alg_bits = 256, }, @@ -816,7 +816,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_SHA256, .algorithm_ssl = SSL_TLSV1_2, .algo_strength = SSL_HIGH, - .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, + .algorithm2 = SSL_HANDSHAKE_MAC_SHA256, .strength_bits = 256, .alg_bits = 256, }, @@ -887,7 +887,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_SHA1, .algorithm_ssl = SSL_TLSV1, .algo_strength = SSL_STRONG_NONE, - .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, + .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT, .strength_bits = 0, .alg_bits = 0, }, @@ -903,7 +903,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_SHA1, .algorithm_ssl = SSL_TLSV1, .algo_strength = SSL_LOW, - .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, + .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT, .strength_bits = 128, .alg_bits = 128, }, @@ -919,7 +919,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_SHA1, .algorithm_ssl = SSL_TLSV1, .algo_strength = SSL_MEDIUM, - .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, + .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT, .strength_bits = 112, .alg_bits = 168, }, @@ -935,7 +935,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_SHA1, .algorithm_ssl = SSL_TLSV1, .algo_strength = SSL_HIGH, - .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, + .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT, .strength_bits = 128, .alg_bits = 128, }, @@ -951,7 +951,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_SHA1, .algorithm_ssl = SSL_TLSV1, .algo_strength = SSL_HIGH, - .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, + .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT, .strength_bits = 256, .alg_bits = 256, }, @@ -967,7 +967,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_SHA1, .algorithm_ssl = SSL_TLSV1, .algo_strength = SSL_STRONG_NONE, - .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, + .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT, .strength_bits = 0, .alg_bits = 0, }, @@ -983,7 +983,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_SHA1, .algorithm_ssl = SSL_TLSV1, .algo_strength = SSL_LOW, - .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, + .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT, .strength_bits = 128, .alg_bits = 128, }, @@ -999,7 +999,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_SHA1, .algorithm_ssl = SSL_TLSV1, .algo_strength = SSL_MEDIUM, - .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, + .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT, .strength_bits = 112, .alg_bits = 168, }, @@ -1015,7 +1015,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_SHA1, .algorithm_ssl = SSL_TLSV1, .algo_strength = SSL_HIGH, - .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, + .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT, .strength_bits = 128, .alg_bits = 128, }, @@ -1031,7 +1031,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_SHA1, .algorithm_ssl = SSL_TLSV1, .algo_strength = SSL_HIGH, - .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, + .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT, .strength_bits = 256, .alg_bits = 256, }, @@ -1047,7 +1047,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_SHA1, .algorithm_ssl = SSL_TLSV1, .algo_strength = SSL_STRONG_NONE, - .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, + .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT, .strength_bits = 0, .alg_bits = 0, }, @@ -1063,7 +1063,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_SHA1, .algorithm_ssl = SSL_TLSV1, .algo_strength = SSL_LOW, - .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, + .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT, .strength_bits = 128, .alg_bits = 128, }, @@ -1079,7 +1079,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_SHA1, .algorithm_ssl = SSL_TLSV1, .algo_strength = SSL_MEDIUM, - .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, + .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT, .strength_bits = 112, .alg_bits = 168, }, @@ -1095,7 +1095,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_SHA1, .algorithm_ssl = SSL_TLSV1, .algo_strength = SSL_HIGH, - .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, + .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT, .strength_bits = 128, .alg_bits = 128, }, @@ -1111,7 +1111,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_SHA1, .algorithm_ssl = SSL_TLSV1, .algo_strength = SSL_HIGH, - .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, + .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT, .strength_bits = 256, .alg_bits = 256, }, @@ -1130,7 +1130,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_SHA256, .algorithm_ssl = SSL_TLSV1_2, .algo_strength = SSL_HIGH, - .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, + .algorithm2 = SSL_HANDSHAKE_MAC_SHA256, .strength_bits = 128, .alg_bits = 128, }, @@ -1146,7 +1146,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_SHA384, .algorithm_ssl = SSL_TLSV1_2, .algo_strength = SSL_HIGH, - .algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, + .algorithm2 = SSL_HANDSHAKE_MAC_SHA384, .strength_bits = 256, .alg_bits = 256, }, @@ -1162,7 +1162,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_SHA256, .algorithm_ssl = SSL_TLSV1_2, .algo_strength = SSL_HIGH, - .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, + .algorithm2 = SSL_HANDSHAKE_MAC_SHA256, .strength_bits = 128, .alg_bits = 128, }, @@ -1178,7 +1178,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_SHA384, .algorithm_ssl = SSL_TLSV1_2, .algo_strength = SSL_HIGH, - .algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, + .algorithm2 = SSL_HANDSHAKE_MAC_SHA384, .strength_bits = 256, .alg_bits = 256, }, @@ -1196,7 +1196,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_AEAD, .algorithm_ssl = SSL_TLSV1_2, .algo_strength = SSL_HIGH, - .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, + .algorithm2 = SSL_HANDSHAKE_MAC_SHA256, .strength_bits = 128, .alg_bits = 128, }, @@ -1212,7 +1212,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_AEAD, .algorithm_ssl = SSL_TLSV1_2, .algo_strength = SSL_HIGH, - .algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, + .algorithm2 = SSL_HANDSHAKE_MAC_SHA384, .strength_bits = 256, .alg_bits = 256, }, @@ -1228,7 +1228,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_AEAD, .algorithm_ssl = SSL_TLSV1_2, .algo_strength = SSL_HIGH, - .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, + .algorithm2 = SSL_HANDSHAKE_MAC_SHA256, .strength_bits = 128, .alg_bits = 128, }, @@ -1244,7 +1244,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_AEAD, .algorithm_ssl = SSL_TLSV1_2, .algo_strength = SSL_HIGH, - .algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, + .algorithm2 = SSL_HANDSHAKE_MAC_SHA384, .strength_bits = 256, .alg_bits = 256, }, @@ -1260,7 +1260,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_AEAD, .algorithm_ssl = SSL_TLSV1_2, .algo_strength = SSL_HIGH, - .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, + .algorithm2 = SSL_HANDSHAKE_MAC_SHA256, .strength_bits = 256, .alg_bits = 256, }, @@ -1276,7 +1276,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_AEAD, .algorithm_ssl = SSL_TLSV1_2, .algo_strength = SSL_HIGH, - .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, + .algorithm2 = SSL_HANDSHAKE_MAC_SHA256, .strength_bits = 256, .alg_bits = 256, }, @@ -1292,7 +1292,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_AEAD, .algorithm_ssl = SSL_TLSV1_2, .algo_strength = SSL_HIGH, - .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, + .algorithm2 = SSL_HANDSHAKE_MAC_SHA256, .strength_bits = 256, .alg_bits = 256, }, diff --git a/lib/libssl/ssl_local.h b/lib/libssl/ssl_local.h index db102212a86..74c6ad33ee4 100644 --- a/lib/libssl/ssl_local.h +++ b/lib/libssl/ssl_local.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_local.h,v 1.17 2024/06/25 14:10:45 jsing Exp $ */ +/* $OpenBSD: ssl_local.h,v 1.18 2024/07/15 14:45:15 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -255,15 +255,6 @@ __BEGIN_HIDDEN_DECLS #define SSL3_CK_ID 0x03000000 #define SSL3_CK_VALUE_MASK 0x0000ffff -#define TLS1_PRF_DGST_MASK (0xff << TLS1_PRF_DGST_SHIFT) - -#define TLS1_PRF_DGST_SHIFT 10 -#define TLS1_PRF_MD5 (SSL_HANDSHAKE_MAC_MD5 << TLS1_PRF_DGST_SHIFT) -#define TLS1_PRF_SHA1 (SSL_HANDSHAKE_MAC_SHA << TLS1_PRF_DGST_SHIFT) -#define TLS1_PRF_SHA256 (SSL_HANDSHAKE_MAC_SHA256 << TLS1_PRF_DGST_SHIFT) -#define TLS1_PRF_SHA384 (SSL_HANDSHAKE_MAC_SHA384 << TLS1_PRF_DGST_SHIFT) -#define TLS1_PRF (TLS1_PRF_MD5 | TLS1_PRF_SHA1) - /* * Cipher strength information. */