* make sure that we are not getting application data when we are
* doing a handshake for the first time
*/
- if (SSL_in_init(s) && (type == SSL3_RT_APPLICATION_DATA) &&
- (sc->enc_read_ctx == NULL)) {
+ if (SSL_in_init(s) && (type == SSL3_RT_APPLICATION_DATA)
+ && (SSL_IS_FIRST_HANDSHAKE(sc))) {
SSLfatal(sc, SSL_AD_UNEXPECTED_MESSAGE,
SSL_R_APP_DATA_IN_HANDSHAKE);
return -1;
* doing a handshake for the first time
*/
if (SSL_in_init(ssl) && type == SSL3_RT_APPLICATION_DATA
- && s->enc_read_ctx == NULL) {
+ && SSL_IS_FIRST_HANDSHAKE(s)) {
SSLfatal(s, SSL_AD_UNEXPECTED_MESSAGE, SSL_R_APP_DATA_IN_HANDSHAKE);
return -1;
}
{
/* clear the current cipher */
ssl_clear_cipher_ctx(s);
- ssl_clear_hash_ctx(&s->read_hash);
- ssl_clear_hash_ctx(&s->write_hash);
}
int SSL_clear(SSL *s)
void ssl_clear_cipher_ctx(SSL_CONNECTION *s)
{
- if (s->enc_read_ctx != NULL) {
- EVP_CIPHER_CTX_free(s->enc_read_ctx);
- s->enc_read_ctx = NULL;
- }
- if (s->enc_write_ctx != NULL) {
- EVP_CIPHER_CTX_free(s->enc_write_ctx);
- s->enc_write_ctx = NULL;
- }
#ifndef OPENSSL_NO_COMP
COMP_CTX_free(s->expand);
s->expand = NULL;
return ctx->num_tickets;
}
-/*
- * Allocates new EVP_MD_CTX and sets pointer to it into given pointer
- * variable, freeing EVP_MD_CTX previously stored in that variable, if any.
- * If EVP_MD pointer is passed, initializes ctx with this |md|.
- * Returns the newly allocated ctx;
- */
-
-EVP_MD_CTX *ssl_replace_hash(EVP_MD_CTX **hash, const EVP_MD *md)
-{
- ssl_clear_hash_ctx(hash);
- *hash = EVP_MD_CTX_new();
- if (*hash == NULL || (md && EVP_DigestInit_ex(*hash, md, NULL) <= 0)) {
- EVP_MD_CTX_free(*hash);
- *hash = NULL;
- return NULL;
- }
- return *hash;
-}
-
-void ssl_clear_hash_ctx(EVP_MD_CTX **hash)
-{
-
- EVP_MD_CTX_free(*hash);
- *hash = NULL;
-}
-
/* Retrieve handshake hashes */
int ssl_handshake_hash(SSL_CONNECTION *s,
unsigned char *out, size_t outlen,
unsigned char server_app_traffic_secret[EVP_MAX_MD_SIZE];
unsigned char exporter_master_secret[EVP_MAX_MD_SIZE];
unsigned char early_exporter_master_secret[EVP_MAX_MD_SIZE];
- EVP_CIPHER_CTX *enc_read_ctx; /* cryptographic state */
+
unsigned char read_iv[EVP_MAX_IV_LENGTH]; /* TLSv1.3 static read IV */
- EVP_MD_CTX *read_hash; /* used for mac generation */
COMP_CTX *compress; /* compression */
COMP_CTX *expand; /* uncompress */
- EVP_CIPHER_CTX *enc_write_ctx; /* cryptographic state */
unsigned char write_iv[EVP_MAX_IV_LENGTH]; /* TLSv1.3 static write IV */
- EVP_MD_CTX *write_hash; /* used for mac generation */
+
/* session info */
/* client cert? */
/* This is used to hold the server certificate used */
int tls_choose_sigalg(SSL_CONNECTION *s, int fatalerrs);
-__owur EVP_MD_CTX *ssl_replace_hash(EVP_MD_CTX **hash, const EVP_MD *md);
-void ssl_clear_hash_ctx(EVP_MD_CTX **hash);
__owur long ssl_get_algorithm2(SSL_CONNECTION *s);
__owur int tls12_copy_sigalgs(SSL_CONNECTION *s, WPACKET *pkt,
const uint16_t *psig, size_t psiglen);
RAW_EXTENSION *extensions = NULL;
/*
- * If we were sending early_data then the enc_write_ctx is now invalid and
- * should not be used.
+ * If we were sending early_data then any alerts should not be sent using
+ * the old wrlmethod.
*/
- EVP_CIPHER_CTX_free(s->enc_write_ctx);
- s->enc_write_ctx = NULL;
+ if (s->early_data_state == SSL_EARLY_DATA_FINISHED_WRITING
+ && !ssl_set_new_record_layer(s,
+ TLS_ANY_VERSION,
+ OSSL_RECORD_DIRECTION_WRITE,
+ OSSL_RECORD_PROTECTION_LEVEL_NONE,
+ NULL, 0, NULL, 0, NULL, 0, NULL, 0,
+ NID_undef, NULL, NULL)) {
+ /* SSLfatal already called */
+ goto err;
+ }
+ /* We are definitely going to be using TLSv1.3 */
+ s->rlayer.wrlmethod->set_protocol_version(s->rlayer.wrl, TLS1_3_VERSION);
if (!tls_collect_extensions(s, extpkt, SSL_EXT_TLS1_3_HELLO_RETRY_REQUEST,
&extensions, NULL, 1)
projects / thirdparty / openssl.git / commitdiff
