16 static int tls13_set_crypto_state(OSSL_RECORD_LAYER *rl, int level,  in tls13_set_crypto_state()  argument
31     int enc = (rl->direction == OSSL_RECORD_DIRECTION_WRITE) ? 1 : 0;  in tls13_set_crypto_state()
33     rl->iv = OPENSSL_malloc(ivlen);  in tls13_set_crypto_state()
34     if (rl->iv == NULL)  in tls13_set_crypto_state()
37     rl->nonce = OPENSSL_malloc(ivlen);  in tls13_set_crypto_state()
38     if (rl->nonce == NULL)  in tls13_set_crypto_state()
41     memcpy(rl->iv, iv, ivlen);  in tls13_set_crypto_state()
45         mac = EVP_MAC_fetch(rl->libctx, "HMAC", rl->propq);  in tls13_set_crypto_state()
47             || (mac_ctx = rl->mac_ctx = EVP_MAC_CTX_new(mac)) == NULL) {  in tls13_set_crypto_state()
63     ciph_ctx = rl->enc_ctx = EVP_CIPHER_CTX_new();  in tls13_set_crypto_state()
85 static int tls13_cipher(OSSL_RECORD_LAYER *rl, TLS_RL_RECORD *recs,  in tls13_cipher()  argument
95     unsigned char *seq = rl->sequence;  in tls13_cipher()
105         RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);  in tls13_cipher()
109     enc_ctx = rl->enc_ctx; /* enc_ctx is ignored when rl->mac_ctx != NULL */  in tls13_cipher()
110     staticiv = rl->iv;  in tls13_cipher()
111     nonce = rl->nonce;  in tls13_cipher()
113     if (enc_ctx == NULL && rl->mac_ctx == NULL) {  in tls13_cipher()
114         RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);  in tls13_cipher()
131     if (rl->mac_ctx != NULL) {  in tls13_cipher()
132         nonce_len = EVP_MAC_CTX_get_mac_size(rl->mac_ctx);  in tls13_cipher()
138             RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);  in tls13_cipher()
149         if (rec->length < rl->taglen + 1)  in tls13_cipher()
151         rec->length -= rl->taglen;  in tls13_cipher()
157         RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);  in tls13_cipher()
165     if (!tls_increment_sequence_ctr(rl)) {  in tls13_cipher()
174             || !WPACKET_put_bytes_u16(&wpkt, rec->length + rl->taglen)  in tls13_cipher()
178         RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);  in tls13_cipher()
183     if (rl->mac_ctx != NULL) {  in tls13_cipher()
186         if ((mac_ctx = EVP_MAC_CTX_dup(rl->mac_ctx)) == NULL  in tls13_cipher()
190             || !EVP_MAC_final(mac_ctx, tag, &taglen, rl->taglen)) {  in tls13_cipher()
191             RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);  in tls13_cipher()
196             memcpy(rec->data + rec->length, tag, rl->taglen);  in tls13_cipher()
197             rec->length += rl->taglen;  in tls13_cipher()
199                                  rl->taglen) != 0) {  in tls13_cipher()
210         RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);  in tls13_cipher()
217                                             rl->taglen,  in tls13_cipher()
219         RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);  in tls13_cipher()
240         if (EVP_CIPHER_CTX_ctrl(enc_ctx, EVP_CTRL_AEAD_GET_TAG, rl->taglen,  in tls13_cipher()
242             RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);  in tls13_cipher()
245         rec->length += rl->taglen;  in tls13_cipher()
251 static int tls13_validate_record_header(OSSL_RECORD_LAYER *rl,  in tls13_validate_record_header()  argument
256                 || !rl->is_first_handshake)  in tls13_validate_record_header()
257             && (rec->type != SSL3_RT_ALERT || !rl->allow_plain_alerts)) {  in tls13_validate_record_header()
258         RLAYERfatal(rl, SSL_AD_UNEXPECTED_MESSAGE, SSL_R_BAD_RECORD_TYPE);  in tls13_validate_record_header()
263         RLAYERfatal(rl, SSL_AD_DECODE_ERROR, SSL_R_WRONG_VERSION_NUMBER);  in tls13_validate_record_header()
268         RLAYERfatal(rl, SSL_AD_RECORD_OVERFLOW,  in tls13_validate_record_header()
275 static int tls13_post_process_record(OSSL_RECORD_LAYER *rl, TLS_RL_RECORD *rec)  in tls13_post_process_record()  argument
283             RLAYERfatal(rl, SSL_AD_UNEXPECTED_MESSAGE,  in tls13_post_process_record()
297         RLAYERfatal(rl, SSL_AD_RECORD_OVERFLOW, SSL_R_DATA_LENGTH_TOO_LONG);  in tls13_post_process_record()
301     if (!tls13_common_post_process_record(rl, rec)) {  in tls13_post_process_record()
309 static uint8_t tls13_get_record_type(OSSL_RECORD_LAYER *rl,  in tls13_get_record_type()  argument
312     if (rl->allow_plain_alerts && template->type == SSL3_RT_ALERT)  in tls13_get_record_type()
323 static int tls13_add_record_padding(OSSL_RECORD_LAYER *rl,  in tls13_add_record_padding()  argument
331     if (rl->allow_plain_alerts && thistempl->type != SSL3_RT_ALERT)  in tls13_add_record_padding()
335         RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);  in tls13_add_record_padding()
342     if (rlen < rl->max_frag_len) {  in tls13_add_record_padding()
344         size_t max_padding = rl->max_frag_len - rlen;  in tls13_add_record_padding()
362         if (rl->padding != NULL) {  in tls13_add_record_padding()
363             padding = rl->padding(rl->cbarg, thistempl->type, rlen);  in tls13_add_record_padding()
364         } else if (rl->block_padding > 0 || rl->hs_padding > 0) {  in tls13_add_record_padding()
371             if (thistempl->type == SSL3_RT_HANDSHAKE && rl->hs_padding > 0)  in tls13_add_record_padding()
372                 bp = rl->hs_padding;  in tls13_add_record_padding()
373             else if (thistempl->type == SSL3_RT_ALERT && rl->hs_padding > 0)  in tls13_add_record_padding()
374                 bp = rl->hs_padding;  in tls13_add_record_padding()
376                      && rl->block_padding > 0)  in tls13_add_record_padding()
377                 bp = rl->block_padding;  in tls13_add_record_padding()
397                 RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR,  in tls13_add_record_padding()

Last Index update Mon Nov 18 00:02:33 UTC 2024

Dedicated to & Maintained by Room-11