Lines Matching refs:ssl
4 * This package is an SSL implementation written
6 * The implementation was written so as to conform with Netscapes SSL.
11 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
113 #include <openssl/ssl.h>
133 SSL_HANDSHAKE *ssl_handshake_new(SSL *ssl) {
136 OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
140 hs->ssl = ssl;
178 hs->ssl->ctx->x509_method->hs_flush_cached_ca_names(hs);
192 int ssl_check_message_type(SSL *ssl, int type) {
193 if (ssl->s3->tmp.message_type != type) {
194 ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
195 OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_MESSAGE);
197 ssl->s3->tmp.message_type, type);
204 static int add_record_to_flight(SSL *ssl, uint8_t type, const uint8_t *in,
207 assert(ssl->s3->pending_flight_offset == 0);
209 if (ssl->s3->pending_flight == NULL) {
210 ssl->s3->pending_flight = BUF_MEM_new();
211 if (ssl->s3->pending_flight == NULL) {
216 size_t max_out = in_len + SSL_max_seal_overhead(ssl);
217 size_t new_cap = ssl->s3->pending_flight->length + max_out;
219 OPENSSL_PUT_ERROR(SSL, ERR_R_OVERFLOW);
224 if (!BUF_MEM_reserve(ssl->s3->pending_flight, new_cap) ||
225 !tls_seal_record(ssl, (uint8_t *)ssl->s3->pending_flight->data +
226 ssl->s3->pending_flight->length,
231 ssl->s3->pending_flight->length += len;
235 int ssl3_init_message(SSL *ssl, CBB *cbb, CBB *body, uint8_t type) {
240 OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
248 int ssl3_finish_message(SSL *ssl, CBB *cbb, uint8_t **out_msg,
251 OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
258 int ssl3_add_message(SSL *ssl, uint8_t *msg, size_t len) {
265 if (todo > ssl->max_send_fragment) {
266 todo = ssl->max_send_fragment;
270 if (ssl->server &&
271 ssl->s3->have_version &&
272 ssl->version == TLS1_3_RECORD_TYPE_EXPERIMENT_VERSION &&
273 ssl->s3->aead_write_ctx == NULL) {
277 if (!add_record_to_flight(ssl, type, msg + added, todo)) {
283 ssl_do_msg_callback(ssl, 1 /* write */, SSL3_RT_HANDSHAKE, msg, len);
286 if (ssl->s3->hs != NULL &&
287 !SSL_TRANSCRIPT_update(&ssl->s3->hs->transcript, msg, len)) {
297 int ssl3_add_change_cipher_spec(SSL *ssl) {
300 if (!add_record_to_flight(ssl, SSL3_RT_CHANGE_CIPHER_SPEC, kChangeCipherSpec,
305 ssl_do_msg_callback(ssl, 1 /* write */, SSL3_RT_CHANGE_CIPHER_SPEC,
310 int ssl3_add_alert(SSL *ssl, uint8_t level, uint8_t desc) {
312 if (!add_record_to_flight(ssl, SSL3_RT_ALERT, alert, sizeof(alert))) {
316 ssl_do_msg_callback(ssl, 1 /* write */, SSL3_RT_ALERT, alert, sizeof(alert));
317 ssl_do_info_callback(ssl, SSL_CB_WRITE_ALERT, ((int)level << 8) | desc);
321 int ssl_add_message_cbb(SSL *ssl, CBB *cbb) {
324 if (!ssl->method->finish_message(ssl, cbb, &msg, &len) ||
325 !ssl->method->add_message(ssl, msg, len)) {
332 int ssl3_flush_flight(SSL *ssl) {
333 if (ssl->s3->pending_flight == NULL) {
337 if (ssl->s3->pending_flight->length > 0xffffffff ||
338 ssl->s3->pending_flight->length > INT_MAX) {
339 OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
345 if (ssl_write_buffer_is_pending(ssl)) {
346 int ret = ssl_write_buffer_flush(ssl);
348 ssl->rwstate = SSL_WRITING;
354 while (ssl->s3->pending_flight_offset < ssl->s3->pending_flight->length) {
356 ssl->wbio,
357 ssl->s3->pending_flight->data + ssl->s3->pending_flight_offset,
358 ssl->s3->pending_flight->length - ssl->s3->pending_flight_offset);
360 ssl->rwstate = SSL_WRITING;
364 ssl->s3->pending_flight_offset += ret;
367 if (BIO_flush(ssl->wbio) <= 0) {
368 ssl->rwstate = SSL_WRITING;
372 BUF_MEM_free(ssl->s3->pending_flight);
373 ssl->s3->pending_flight = NULL;
374 ssl->s3->pending_flight_offset = 0;
379 SSL *const ssl = hs->ssl;
380 const SSL_SESSION *session = SSL_get_session(ssl);
385 session, ssl->server,
386 ssl3_protocol_version(ssl))) {
391 if (!ssl_log_secret(ssl, "CLIENT_RANDOM",
398 if (ssl->version != SSL3_VERSION) {
399 if (finished_len > sizeof(ssl->s3->previous_client_finished) ||
400 finished_len > sizeof(ssl->s3->previous_server_finished)) {
401 OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
405 if (ssl->server) {
406 OPENSSL_memcpy(ssl->s3->previous_server_finished, finished, finished_len);
407 ssl->s3->previous_server_finished_len = finished_len;
409 OPENSSL_memcpy(ssl->s3->previous_client_finished, finished, finished_len);
410 ssl->s3->previous_client_finished_len = finished_len;
415 if (!ssl->method->init_message(ssl, &cbb, &body, SSL3_MT_FINISHED) ||
417 !ssl_add_message_cbb(ssl, &cbb)) {
418 OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
427 SSL *const ssl = hs->ssl;
428 int ret = ssl->method->ssl_get_message(ssl);
433 if (!ssl_check_message_type(ssl, SSL3_MT_FINISHED)) {
441 SSL_get_session(ssl), !ssl->server,
442 ssl3_protocol_version(ssl)) ||
447 int finished_ok = ssl->init_num == finished_len &&
448 CRYPTO_memcmp(ssl->init_msg, finished, finished_len) == 0;
453 ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECRYPT_ERROR);
454 OPENSSL_PUT_ERROR(SSL, SSL_R_DIGEST_CHECK_FAILED);
459 if (ssl->version != SSL3_VERSION) {
460 if (finished_len > sizeof(ssl->s3->previous_client_finished) ||
461 finished_len > sizeof(ssl->s3->previous_server_finished)) {
462 OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
466 ssl->server) {
467 OPENSSL_memcpy(ssl->s3->previous_client_finished, finished, finished_len);
468 ssl->s3->previous_client_finished_len = finished_len;
470 OPENSSL_memcpy(ssl->s3->previous_server_finished, finished, finished_len);
471 ssl->s3->previous_server_finished_len = finished_len;
478 int ssl3_output_cert_chain(SSL *ssl) {
480 if (!ssl->method->init_message(ssl, &cbb, &body, SSL3_MT_CERTIFICATE) ||
481 !ssl_add_cert_chain(ssl, &body) ||
482 !ssl_add_message_cbb(ssl, &cbb)) {
483 OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
491 size_t ssl_max_handshake_message_len(const SSL *ssl) {
496 if (SSL_in_init(ssl)) {
497 if ((!ssl->server || (ssl->verify_mode & SSL_VERIFY_PEER)) &&
498 kMaxMessageLen < ssl->max_cert_list) {
499 return ssl->max_cert_list;
504 if (ssl3_protocol_version(ssl) < TLS1_3_VERSION) {
510 if (ssl->server) {
521 static int extend_handshake_buffer(SSL *ssl, size_t length) {
522 if (!BUF_MEM_reserve(ssl->init_buf, length)) {
525 while (ssl->init_buf->length < length) {
527 ssl, (uint8_t *)ssl->init_buf->data + ssl->init_buf->length,
528 length - ssl->init_buf->length);
532 ssl->init_buf->length += (size_t)ret;
537 static int read_v2_client_hello(SSL *ssl) {
541 int ret = ssl_read_buffer_extend_to(ssl, SSL3_RT_HEADER_LENGTH);
545 const uint8_t *p = ssl_read_buffer(ssl);
554 OPENSSL_PUT_ERROR(SSL, SSL_R_HTTP_REQUEST);
558 OPENSSL_PUT_ERROR(SSL, SSL_R_HTTPS_PROXY_REQUEST);
571 OPENSSL_PUT_ERROR(SSL, SSL_R_RECORD_TOO_LARGE);
578 OPENSSL_PUT_ERROR(SSL, SSL_R_RECORD_LENGTH_MISMATCH);
583 ret = ssl_read_buffer_extend_to(ssl, 2 + msg_length);
589 CBS_init(&v2_client_hello, ssl_read_buffer(ssl) + 2, msg_length);
594 if (!SSL_TRANSCRIPT_update(&ssl->s3->hs->transcript,
600 ssl_do_msg_callback(ssl, 0 /* read */, 0 /* V2ClientHello */,
615 OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
641 if (!BUF_MEM_reserve(ssl->init_buf, max_v3_client_hello) ||
642 !CBB_init_fixed(&client_hello, (uint8_t *)ssl->init_buf->data,
643 ssl->init_buf->max) ||
652 OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
661 OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
671 OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
678 !CBB_finish(&client_hello, NULL, &ssl->init_buf->length)) {
680 OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
685 ssl_read_buffer_consume(ssl, 2 + msg_length);
686 ssl_read_buffer_discard(ssl);
688 ssl->s3->is_v2_hello = 1;
692 int ssl3_get_message(SSL *ssl) {
694 if (ssl->init_buf == NULL) {
695 ssl->init_buf = BUF_MEM_new();
696 if (ssl->init_buf == NULL) {
701 if (ssl->server && !ssl->s3->v2_hello_done) {
703 int ret = read_v2_client_hello(ssl);
707 ssl->s3->v2_hello_done = 1;
710 if (ssl->s3->tmp.reuse_message) {
712 assert(ssl->init_msg != NULL);
713 ssl->s3->tmp.reuse_message = 0;
715 ssl3_release_current_message(ssl, 0 /* don't free buffer */);
719 int ret = extend_handshake_buffer(ssl, SSL3_HM_HEADER_LENGTH);
726 const uint8_t *p = (uint8_t *)ssl->init_buf->data;
728 if (msg_len > ssl_max_handshake_message_len(ssl)) {
729 ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_ILLEGAL_PARAMETER);
730 OPENSSL_PUT_ERROR(SSL, SSL_R_EXCESSIVE_MESSAGE_SIZE);
735 ret = extend_handshake_buffer(ssl, SSL3_HM_HEADER_LENGTH + msg_len);
741 ssl_do_msg_callback(ssl, 0 /* read */, SSL3_RT_HANDSHAKE, ssl->init_buf->data,
742 ssl->init_buf->length);
744 ssl->s3->tmp.message_type = ((const uint8_t *)ssl->init_buf->data)[0];
745 ssl->init_msg = (uint8_t*)ssl->init_buf->data + SSL3_HM_HEADER_LENGTH;
746 ssl->init_num = ssl->init_buf->length - SSL3_HM_HEADER_LENGTH;
750 void ssl3_get_current_message(const SSL *ssl, CBS *out) {
751 CBS_init(out, (uint8_t *)ssl->init_buf->data, ssl->init_buf->length);
756 if (hs->ssl->s3->is_v2_hello) {
761 hs->ssl->method->get_current_message(hs->ssl, &cbs);
765 void ssl3_release_current_message(SSL *ssl, int free_buffer) {
766 if (ssl->init_msg != NULL) {
768 assert(SSL3_HM_HEADER_LENGTH + ssl->init_num == ssl->init_buf->length);
771 ssl->init_msg = NULL;
772 ssl->init_num = 0;
773 ssl->init_buf->length = 0;
774 ssl->s3->is_v2_hello = 0;
778 BUF_MEM_free(ssl->init_buf);
779 ssl->init_buf = NULL;
798 OPENSSL_PUT_ERROR(SSL, SSL_R_PARSE_TLSEXT);
815 OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_EXTENSION);
822 OPENSSL_PUT_ERROR(SSL, SSL_R_DUPLICATE_EXTENSION);
