/*
- * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
* Copyright 2005 Nokia. All rights reserved.
*
/* *INDENT-ON* */
/* Utility function for table lookup */
-static int ssl_cipher_info_find(const ssl_cipher_table * table,
+static int ssl_cipher_info_find(const ssl_cipher_table *table,
size_t table_cnt, uint32_t mask)
{
size_t i;
/*
* We ignore any errors from the fetches below. They are expected to fail
- * if theose algorithms are not available.
+ * if these algorithms are not available.
*/
ERR_set_mark();
sig = EVP_SIGNATURE_fetch(ctx->libctx, "DSA", ctx->propq);
comp->method = method;
comp->id = SSL_COMP_ZLIB_IDX;
comp->name = COMP_get_name(method);
- sk_SSL_COMP_push(ssl_comp_methods, comp);
+ if (!sk_SSL_COMP_push(ssl_comp_methods, comp))
+ OPENSSL_free(comp);
sk_SSL_COMP_sort(ssl_comp_methods);
}
}
const char *ver;
const char *kx, *au, *enc, *mac;
uint32_t alg_mkey, alg_auth, alg_enc, alg_mac;
- static const char *format = "%-30s %-7s Kx=%-8s Au=%-5s Enc=%-22s Mac=%-4s\n";
+ static const char *const format = "%-30s %-7s Kx=%-8s Au=%-5s Enc=%-22s Mac=%-4s\n";
if (buf == NULL) {
len = 128;
return ssl_cipher_table_auth[i].nid;
}
+int ssl_get_md_idx(int md_nid) {
+ int i;
+
+ for(i = 0; i < SSL_MD_NUM_IDX; i++) {
+ if (md_nid == ssl_cipher_table_mac[i].nid)
+ return i;
+ }
+ return -1;
+}
+
const EVP_MD *SSL_CIPHER_get_handshake_digest(const SSL_CIPHER *c)
{
int idx = c->algorithm2 & SSL_HANDSHAKE_MAC_MASK;
in = 1; /* padding length byte */
out = EVP_CIPHER_get_iv_length(e_ciph);
blk = EVP_CIPHER_get_block_size(e_ciph);
+ if (blk == 0)
+ return 0;
}
}
int ssl_cert_is_disabled(SSL_CTX *ctx, size_t idx)
{
- const SSL_CERT_LOOKUP *cl = ssl_cert_lookup_by_idx(idx);
+ const SSL_CERT_LOOKUP *cl;
+
+ /* A provider-loaded key type is always enabled */
+ if (idx >= SSL_PKEY_NUM)
+ return 0;
+ cl = ssl_cert_lookup_by_idx(idx, ctx);
if (cl == NULL || (cl->amask & ctx->disabled_auth_mask) != 0)
return 1;
return 0;