From cfaab7d7eb356a4f8991d066e42de3a749552392 Mon Sep 17 00:00:00 2001 From: tb Date: Fri, 10 May 2024 05:08:05 +0000 Subject: [PATCH] Remove fixed nonce length information from algorithm2 This information has been part of tls12_key_block_generate() for a while now. It remained in this table because at that point SSL_CIPHER was still public. Nothing can access algorithm2 anymore from the outside, so this is dead weight. ok jsing --- lib/libssl/s3_lib.c | 58 ++++++++++-------------------------------- lib/libssl/ssl_local.h | 16 +----------- 2 files changed, 15 insertions(+), 59 deletions(-) diff --git a/lib/libssl/s3_lib.c b/lib/libssl/s3_lib.c index 6ebe2605dae..0eec6e97129 100644 --- a/lib/libssl/s3_lib.c +++ b/lib/libssl/s3_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s3_lib.c,v 1.251 2024/03/02 11:46:55 tb Exp $ */ +/* $OpenBSD: s3_lib.c,v 1.252 2024/05/10 05:08:05 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -168,13 +168,6 @@ #define SSL3_NUM_CIPHERS (sizeof(ssl3_ciphers) / sizeof(SSL_CIPHER)) -/* - * FIXED_NONCE_LEN is a macro that provides in the correct value to set the - * fixed nonce length in algorithms2. It is the inverse of the - * SSL_CIPHER_AEAD_FIXED_NONCE_LEN macro. - */ -#define FIXED_NONCE_LEN(x) (((x / 2) & 0xf) << 24) - /* list of available SSLv3 ciphers (sorted by id) */ const SSL_CIPHER ssl3_ciphers[] = { @@ -644,9 +637,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_AEAD, .algorithm_ssl = SSL_TLSV1_2, .algo_strength = SSL_HIGH, - .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256| - FIXED_NONCE_LEN(4)| - SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_IN_RECORD, + .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, .strength_bits = 128, .alg_bits = 128, }, @@ -662,9 +653,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_AEAD, .algorithm_ssl = SSL_TLSV1_2, .algo_strength = SSL_HIGH, - .algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384| - FIXED_NONCE_LEN(4)| - SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_IN_RECORD, + .algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, .strength_bits = 256, .alg_bits = 256, }, @@ -680,9 +669,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_AEAD, .algorithm_ssl = SSL_TLSV1_2, .algo_strength = SSL_HIGH, - .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256| - FIXED_NONCE_LEN(4)| - SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_IN_RECORD, + .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, .strength_bits = 128, .alg_bits = 128, }, @@ -698,9 +685,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_AEAD, .algorithm_ssl = SSL_TLSV1_2, .algo_strength = SSL_HIGH, - .algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384| - FIXED_NONCE_LEN(4)| - SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_IN_RECORD, + .algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, .strength_bits = 256, .alg_bits = 256, }, @@ -716,9 +701,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_AEAD, .algorithm_ssl = SSL_TLSV1_2, .algo_strength = SSL_HIGH, - .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256| - FIXED_NONCE_LEN(4)| - SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_IN_RECORD, + .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, .strength_bits = 128, .alg_bits = 128, }, @@ -734,9 +717,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_AEAD, .algorithm_ssl = SSL_TLSV1_2, .algo_strength = SSL_HIGH, - .algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384| - FIXED_NONCE_LEN(4)| - SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_IN_RECORD, + .algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, .strength_bits = 256, .alg_bits = 256, }, @@ -1215,9 +1196,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_AEAD, .algorithm_ssl = SSL_TLSV1_2, .algo_strength = SSL_HIGH, - .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256| - FIXED_NONCE_LEN(4)| - SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_IN_RECORD, + .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, .strength_bits = 128, .alg_bits = 128, }, @@ -1233,9 +1212,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_AEAD, .algorithm_ssl = SSL_TLSV1_2, .algo_strength = SSL_HIGH, - .algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384| - FIXED_NONCE_LEN(4)| - SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_IN_RECORD, + .algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, .strength_bits = 256, .alg_bits = 256, }, @@ -1251,9 +1228,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_AEAD, .algorithm_ssl = SSL_TLSV1_2, .algo_strength = SSL_HIGH, - .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256| - FIXED_NONCE_LEN(4)| - SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_IN_RECORD, + .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, .strength_bits = 128, .alg_bits = 128, }, @@ -1269,9 +1244,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_AEAD, .algorithm_ssl = SSL_TLSV1_2, .algo_strength = SSL_HIGH, - .algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384| - FIXED_NONCE_LEN(4)| - SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_IN_RECORD, + .algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, .strength_bits = 256, .alg_bits = 256, }, @@ -1287,8 +1260,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_AEAD, .algorithm_ssl = SSL_TLSV1_2, .algo_strength = SSL_HIGH, - .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256| - FIXED_NONCE_LEN(12), + .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, .strength_bits = 256, .alg_bits = 256, }, @@ -1304,8 +1276,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_AEAD, .algorithm_ssl = SSL_TLSV1_2, .algo_strength = SSL_HIGH, - .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256| - FIXED_NONCE_LEN(12), + .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, .strength_bits = 256, .alg_bits = 256, }, @@ -1321,8 +1292,7 @@ const SSL_CIPHER ssl3_ciphers[] = { .algorithm_mac = SSL_AEAD, .algorithm_ssl = SSL_TLSV1_2, .algo_strength = SSL_HIGH, - .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256| - FIXED_NONCE_LEN(12), + .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, .strength_bits = 256, .alg_bits = 256, }, diff --git a/lib/libssl/ssl_local.h b/lib/libssl/ssl_local.h index 2266d5e3ce8..551bdd5766c 100644 --- a/lib/libssl/ssl_local.h +++ b/lib/libssl/ssl_local.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_local.h,v 1.14 2024/03/26 03:44:11 beck Exp $ */ +/* $OpenBSD: ssl_local.h,v 1.15 2024/05/10 05:08:05 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -262,20 +262,6 @@ __BEGIN_HIDDEN_DECLS #define TLS1_PRF_SHA384 (SSL_HANDSHAKE_MAC_SHA384 << TLS1_PRF_DGST_SHIFT) #define TLS1_PRF (TLS1_PRF_MD5 | TLS1_PRF_SHA1) -/* - * SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_IN_RECORD is an algorithm2 flag that - * indicates that the variable part of the nonce is included as a prefix of - * the record (AES-GCM, for example, does this with an 8-byte variable nonce.) - */ -#define SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_IN_RECORD (1 << 22) - -/* - * SSL_CIPHER_AEAD_FIXED_NONCE_LEN returns the number of bytes of fixed nonce - * for an SSL_CIPHER with an algorithm_mac of SSL_AEAD. - */ -#define SSL_CIPHER_AEAD_FIXED_NONCE_LEN(ssl_cipher) \ - (((ssl_cipher->algorithm2 >> 24) & 0xf) * 2) - /* * Cipher strength information. */ -- 2.20.1