19 static int tls1_set_crypto_state(OSSL_RECORD_LAYER *rl, int level,  in tls1_set_crypto_state()  argument
31     int enc = (rl->direction == OSSL_RECORD_DIRECTION_WRITE) ? 1 : 0;  in tls1_set_crypto_state()
36     if ((rl->enc_ctx = EVP_CIPHER_CTX_new()) == NULL) {  in tls1_set_crypto_state()
37         RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_EVP_LIB);  in tls1_set_crypto_state()
41     ciph_ctx = rl->enc_ctx;  in tls1_set_crypto_state()
43     rl->md_ctx = EVP_MD_CTX_new();  in tls1_set_crypto_state()
44     if (rl->md_ctx == NULL) {  in tls1_set_crypto_state()
45         RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);  in tls1_set_crypto_state()
50         rl->compctx = COMP_CTX_new(comp);  in tls1_set_crypto_state()
51         if (rl->compctx == NULL) {  in tls1_set_crypto_state()
64             mac_key = EVP_PKEY_new_raw_private_key_ex(rl->libctx, "HMAC",  in tls1_set_crypto_state()
65                                                       rl->propq, mackey,  in tls1_set_crypto_state()
77             || EVP_DigestSignInit_ex(rl->md_ctx, NULL, EVP_MD_get0_name(md),  in tls1_set_crypto_state()
78                                      rl->libctx, rl->propq, mac_key,  in tls1_set_crypto_state()
126             && !ossl_set_tls_provider_parameters(rl, ciph_ctx, ciph, md)) {  in tls1_set_crypto_state()
132     if (RLAYER_USE_EXPLICIT_IV(rl)) {  in tls1_set_crypto_state()
139                 RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, SSL_R_LIBRARY_BUG);  in tls1_set_crypto_state()
150         rl->eivlen = (size_t)eivlen;  in tls1_set_crypto_state()
167 static int tls1_cipher(OSSL_RECORD_LAYER *rl, TLS_RL_RECORD *recs,  in tls1_cipher()  argument
181         RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);  in tls1_cipher()
185     if (EVP_MD_CTX_get0_md(rl->md_ctx)) {  in tls1_cipher()
186         int n = EVP_MD_CTX_get_size(rl->md_ctx);  in tls1_cipher()
189             RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);  in tls1_cipher()
193     ds = rl->enc_ctx;  in tls1_cipher()
194     if (!ossl_assert(rl->enc_ctx != NULL)) {  in tls1_cipher()
195         RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);  in tls1_cipher()
199     enc = EVP_CIPHER_CTX_get0_cipher(rl->enc_ctx);  in tls1_cipher()
205         if (RLAYER_USE_EXPLICIT_IV(rl)  in tls1_cipher()
213                     RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);  in tls1_cipher()
215                 } else if (RAND_bytes_ex(rl->libctx, recs[ctr].input,  in tls1_cipher()
217                     RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);  in tls1_cipher()
224         RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);  in tls1_cipher()
233         RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, SSL_R_BAD_CIPHER);  in tls1_cipher()
244             RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, SSL_R_PIPELINE_FAILURE);  in tls1_cipher()
255             seq = rl->sequence;  in tls1_cipher()
257             if (rl->isdtls) {  in tls1_cipher()
260                 s2n(rl->epoch, p);  in tls1_cipher()
265                 if (!tls_increment_sequence_ctr(rl)) {  in tls1_cipher()
272             buf[ctr][9] = (unsigned char)(rl->version >> 8);  in tls1_cipher()
273             buf[ctr][10] = (unsigned char)(rl->version);  in tls1_cipher()
279                 RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);  in tls1_cipher()
297                 RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);  in tls1_cipher()
322             RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, SSL_R_PIPELINE_FAILURE);  in tls1_cipher()
333             RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, SSL_R_PIPELINE_FAILURE);  in tls1_cipher()
338     if (!rl->isdtls && rl->tlstree) {  in tls1_cipher()
346         if (sending && !rl->use_etm)  in tls1_cipher()
350                                 rl->sequence) <= 0) {  in tls1_cipher()
352             RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);  in tls1_cipher()
362             RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);  in tls1_cipher()
383             } else if (bs != 1 && RLAYER_USE_EXPLICIT_IV(rl)) {  in tls1_cipher()
403                     RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR,  in tls1_cipher()
433                 } else if (bs != 1 && RLAYER_USE_EXPLICIT_IV(rl)) {  in tls1_cipher()
456                                         rl->libctx))  in tls1_cipher()
464 static int tls1_mac(OSSL_RECORD_LAYER *rl, TLS_RL_RECORD *rec, unsigned char *md,  in tls1_mac()  argument
467     unsigned char *seq = rl->sequence;  in tls1_mac()
475     hash = rl->md_ctx;  in tls1_mac()
482     if (rl->stream_mac) {  in tls1_mac()
492     if (!rl->isdtls  in tls1_mac()
493             && rl->tlstree  in tls1_mac()
497     if (rl->isdtls) {  in tls1_mac()
500         s2n(rl->epoch, p);  in tls1_mac()
509     header[9] = (unsigned char)(rl->version >> 8);  in tls1_mac()
510     header[10] = (unsigned char)(rl->version);  in tls1_mac()
514     if (!sending && !rl->use_etm  in tls1_mac()
515         && EVP_CIPHER_CTX_get_mode(rl->enc_ctx) == EVP_CIPH_CBC_MODE  in tls1_mac()
540     if (!rl->isdtls && !tls_increment_sequence_ctr(rl)) {  in tls1_mac()
578 int tls1_allocate_write_buffers(OSSL_RECORD_LAYER *rl,  in tls1_allocate_write_buffers()  argument
583     *prefix = rl->need_empty_fragments  in tls1_allocate_write_buffers()
590     if (!tls_setup_write_buffer(rl, numtempl + *prefix,  in tls1_allocate_write_buffers()
600 int tls1_initialise_write_packets(OSSL_RECORD_LAYER *rl,  in tls1_initialise_write_packets()  argument
613     prefix = rl->need_empty_fragments  in tls1_initialise_write_packets()
637             RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);  in tls1_initialise_write_packets()
642             RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);  in tls1_initialise_write_packets()
647     return tls_initialise_write_packets_default(rl, templates, numtempl,  in tls1_initialise_write_packets()

Last Index update Mon Nov 18 00:02:33 UTC 2024

Dedicated to & Maintained by Room-11