Move server side TLS to new state machine

Implement all of the necessary changes for moving TLS server side processing into the new state machine code. Reviewed-by: N Tim Hudson <tjh@openssl.org> Reviewed-by: N Richard Levitte <levitte@openssl.org>

Move server side TLS to new state machine
Implement all of the necessary changes for moving TLS server side processing into the new state machine code. Reviewed-by: N Tim Hudson <tjh@openssl.org> Reviewed-by: N Richard Levitte <levitte@openssl.org>
94836de2 · Matt Caswell · e27f234a · 94836de2 · 94836de2 · 94836de2
展开全部隐藏空白更改
内联并排

Showing with 721 addition and 27 deletion

include/openssl/ssl.h include/openssl/ssl.h +1 -0

ssl/s3_srvr.c ssl/s3_srvr.c +93 -0

ssl/ssl_err.c ssl/ssl_err.c +2 -0

ssl/statem.c ssl/statem.c +625 -27

未找到文件。
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -2118,6 +2118,7 @@ void ERR_load_SSL_strings(void);
 # define SSL_F_TLS_GET_MESSAGE_BODY                       351
 # define SSL_F_TLS_GET_MESSAGE_HEADER                     350
 # define SSL_F_TLS_POST_PROCESS_CLIENT_HELLO              378
+# define SSL_F_TLS_POST_PROCESS_CLIENT_KEY_EXCHANGE       384
 # define SSL_F_TLS_PREPARE_CLIENT_CERTIFICATE             360
 # define SSL_F_TLS_PROCESS_CERTIFICATE_REQUEST            361
 # define SSL_F_TLS_PROCESS_CERT_STATUS                    362

--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -193,6 +193,7 @@ static int ssl_check_srp_ext_ClientHello(SSL *s, int *al)
 }
 #endif
+#if 0
 int ssl3_accept(SSL *s)
 {
    BUF_MEM *buf;
@@ -811,6 +812,7 @@ int ssl3_accept(SSL *s)
        cb(s, SSL_CB_ACCEPT_EXIT, ret);
    return (ret);
 }
+#endif
 int ssl3_send_hello_request(SSL *s)
 {
@@ -2871,6 +2873,97 @@ enum MSG_PROCESS_RETURN tls_process_client_key_exchange(SSL *s, long n)
    return MSG_PROCESS_ERROR;
 }
+enum WORK_STATE tls_post_process_client_key_exchange(SSL *s,
+                                                      enum WORK_STATE wst)
+{
+#ifndef OPENSSL_NO_SCTP
+    if (SSL_IS_DTLS(s)) {
+        unsigned char sctpauthkey[64];
+        char labelbuffer[sizeof(DTLS1_SCTP_AUTH_LABEL)];
+        /*
+         * Add new shared key for SCTP-Auth, will be ignored if no SCTP
+         * used.
+         */
+        snprintf((char *)labelbuffer, sizeof(DTLS1_SCTP_AUTH_LABEL),
+                 DTLS1_SCTP_AUTH_LABEL);
+        if (SSL_export_keying_material(s, sctpauthkey,
+                                   sizeof(sctpauthkey), labelbuffer,
+                                   sizeof(labelbuffer), NULL, 0, 0) <= 0) {
+            statem_set_error(s);
+            return WORK_ERROR;;
+        }
+        BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY,
+                 sizeof(sctpauthkey), sctpauthkey);
+    }
+#endif
+    if (s->no_cert_verify) {
+        /* No certificate verify so we no longer need the handshake_buffer */
+        BIO_free(s->s3->handshake_buffer);
+        return WORK_FINISHED_CONTINUE;
+    } else if (SSL_USE_SIGALGS(s)) {
+        if (!s->session->peer) {
+            /* No peer certificate so we no longer need the handshake_buffer */
+            BIO_free(s->s3->handshake_buffer);
+            return WORK_FINISHED_CONTINUE;
+        }
+        if (!s->s3->handshake_buffer) {
+            SSLerr(SSL_F_TLS_POST_PROCESS_CLIENT_KEY_EXCHANGE,
+                   ERR_R_INTERNAL_ERROR);
+            statem_set_error(s);
+            return WORK_ERROR;
+        }
+        /*
+         * For sigalgs freeze the handshake buffer. If we support
+         * extms we've done this already so this is a no-op
+         */
+        if (!ssl3_digest_cached_records(s, 1)) {
+            statem_set_error(s);
+            return WORK_ERROR;
+        }
+    } else {
+        int offset = 0;
+        int dgst_num;
+        /*
+         * We need to get hashes here so if there is a client cert,
+         * it can be verified FIXME - digest processing for
+         * CertificateVerify should be generalized. But it is next
+         * step
+         */
+        if (!ssl3_digest_cached_records(s, 0)) {
+            statem_set_error(s);
+            return WORK_ERROR;
+        }
+        for (dgst_num = 0; dgst_num < SSL_MAX_DIGEST; dgst_num++) {
+            if (s->s3->handshake_dgst[dgst_num]) {
+                int dgst_size;
+                s->method->ssl3_enc->cert_verify_mac(s,
+                                                     EVP_MD_CTX_type
+                                                     (s->
+                                                      s3->handshake_dgst
+                                                      [dgst_num]),
+                                                     &(s->s3->
+                                                       tmp.cert_verify_md
+                                                       [offset]));
+                dgst_size =
+                    EVP_MD_CTX_size(s->s3->handshake_dgst[dgst_num]);
+                if (dgst_size < 0) {
+                    statem_set_error(s);
+                return WORK_ERROR;
+                }
+                offset += dgst_size;
+            }
+        }
+    }
+    return WORK_FINISHED_CONTINUE;
+}
 int ssl3_get_cert_verify(SSL *s)
 {
    int ok, ret = 1;

--- a/ssl/ssl_err.c
+++ b/ssl/ssl_err.c
@@ -361,6 +361,8 @@ static ERR_STRING_DATA SSL_str_functs[] = {
    {ERR_FUNC(SSL_F_TLS_GET_MESSAGE_HEADER), "tls_get_message_header"},
    {ERR_FUNC(SSL_F_TLS_POST_PROCESS_CLIENT_HELLO),
     "tls_post_process_client_hello"},
+    {ERR_FUNC(SSL_F_TLS_POST_PROCESS_CLIENT_KEY_EXCHANGE),
+     "tls_post_process_client_key_exchange"},
    {ERR_FUNC(SSL_F_TLS_PREPARE_CLIENT_CERTIFICATE),
     "tls_prepare_client_certificate"},
    {ERR_FUNC(SSL_F_TLS_PROCESS_CERTIFICATE_REQUEST),

--- a/ssl/statem.c
+++ b/ssl/statem.c