From: jsing Date: Sun, 7 Feb 2021 15:26:32 +0000 (+0000) Subject: Absorb ssl3_get_algorithm2() into ssl_get_handshake_evp_md(). X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=605ba3c6f07d2e102b534645d46bcc9a8e041b52;p=openbsd Absorb ssl3_get_algorithm2() into ssl_get_handshake_evp_md(). The mess that is ssl_get_algorithm2() only exists to upgrade the handshake MAC of a pre-TLSv1.2 cipher suite to SHA256 when used with TLSv1.2. We can readily do this in ssl_get_handshake_evp_md(), which is far more readable. ok tb@ --- diff --git a/lib/libssl/s3_lib.c b/lib/libssl/s3_lib.c index 3df2ef76db0..75f71c4c7d3 100644 --- a/lib/libssl/s3_lib.c +++ b/lib/libssl/s3_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s3_lib.c,v 1.203 2021/02/07 15:12:52 jsing Exp $ */ +/* $OpenBSD: s3_lib.c,v 1.204 2021/02/07 15:26:32 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -2722,17 +2722,3 @@ ssl3_renegotiate_check(SSL *s) } return (ret); } -/* - * If we are using default SHA1+MD5 algorithms switch to new SHA256 PRF - * and handshake macs if required. - */ -long -ssl_get_algorithm2(SSL *s) -{ - long alg2 = S3I(s)->hs.new_cipher->algorithm2; - - if (SSL_USE_SHA256_PRF(s) && - alg2 == (SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF)) - return SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256; - return alg2; -} diff --git a/lib/libssl/ssl_ciph.c b/lib/libssl/ssl_ciph.c index fd576cee7b1..1ffd90dc163 100644 --- a/lib/libssl/ssl_ciph.c +++ b/lib/libssl/ssl_ciph.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_ciph.c,v 1.119 2020/09/13 16:49:05 jsing Exp $ */ +/* $OpenBSD: ssl_ciph.c,v 1.120 2021/02/07 15:26:32 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -559,9 +559,21 @@ ssl_cipher_get_evp_aead(const SSL_SESSION *ss, const EVP_AEAD **aead) int ssl_get_handshake_evp_md(SSL *s, const EVP_MD **md) { + unsigned long handshake_mac; + *md = NULL; - switch (ssl_get_algorithm2(s) & SSL_HANDSHAKE_MAC_MASK) { + if (S3I(s)->hs.new_cipher == NULL) + return 0; + + handshake_mac = S3I(s)->hs.new_cipher->algorithm2 & + SSL_HANDSHAKE_MAC_MASK; + + /* For TLSv1.2 we upgrade the default MD5+SHA1 MAC to SHA256. */ + if (SSL_USE_SHA256_PRF(s) && handshake_mac == SSL_HANDSHAKE_MAC_DEFAULT) + handshake_mac = SSL_HANDSHAKE_MAC_SHA256; + + switch (handshake_mac) { case SSL_HANDSHAKE_MAC_DEFAULT: *md = EVP_md5_sha1(); return 1; diff --git a/lib/libssl/ssl_clnt.c b/lib/libssl/ssl_clnt.c index 25164ea012a..0c7bdbc7762 100644 --- a/lib/libssl/ssl_clnt.c +++ b/lib/libssl/ssl_clnt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_clnt.c,v 1.77 2021/02/07 15:04:10 jsing Exp $ */ +/* $OpenBSD: ssl_clnt.c,v 1.78 2021/02/07 15:26:32 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -2238,7 +2238,8 @@ ssl3_send_client_kex_gost(SSL *s, SESS_CERT *sess_cert, CBB *cbb) goto err; } - if (ssl_get_algorithm2(s) & SSL_HANDSHAKE_MAC_GOST94) + /* XXX check handshake hash instead. */ + if (S3I(s)->hs.new_cipher->algorithm2 & SSL_HANDSHAKE_MAC_GOST94) nid = NID_id_GostR3411_94; else nid = NID_id_tc26_gost3411_2012_256; diff --git a/lib/libssl/ssl_locl.h b/lib/libssl/ssl_locl.h index b56a99bb798..edb8223fe27 100644 --- a/lib/libssl/ssl_locl.h +++ b/lib/libssl/ssl_locl.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_locl.h,v 1.319 2021/02/07 15:04:10 jsing Exp $ */ +/* $OpenBSD: ssl_locl.h,v 1.320 2021/02/07 15:26:32 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -1383,8 +1383,6 @@ int ssl_check_serverhello_tlsext(SSL *s); int tls1_process_ticket(SSL *s, CBS *ext_block, int *alert, SSL_SESSION **ret); -long ssl_get_algorithm2(SSL *s); - int tls1_check_ec_server_key(SSL *s); /* s3_cbc.c */