tls13_meth.c: refactor

siemens · Mar 7, 2024 · 5039043 · 5039043
1 parent beb7bf9
commit 5039043
Showing 1 changed file with 24 additions and 26 deletions.
diff --git a/ssl/record/methods/tls13_meth.c b/ssl/record/methods/tls13_meth.c
@@ -29,8 +29,6 @@ static int tls13_set_crypto_state(OSSL_RECORD_LAYER *rl, int level,
     OSSL_PARAM params[2], *p = params;
     int mode;
     int enc = (rl->direction == OSSL_RECORD_DIRECTION_WRITE) ? 1 : 0;
-    int only_mac = EVP_CIPHER_is_a(ciph, "NULL") && mactype == NID_hmac
-                   && md != NULL;
 
     rl->iv = OPENSSL_zalloc(ivlen);
     if (rl->iv == NULL)
@@ -47,14 +45,10 @@ static int tls13_set_crypto_state(OSSL_RECORD_LAYER *rl, int level,
     }
     memcpy(rl->iv, iv, ivlen);
 
-    ciph_ctx = rl->enc_ctx = EVP_CIPHER_CTX_new();
-    if (ciph_ctx == NULL) {
-        ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR);
-        return OSSL_RECORD_RETURN_FATAL;
-    }
-
     /* Integrity only */
-    if (only_mac) {
+    if (EVP_CIPHER_is_a(ciph, "NULL")
+        && mactype == NID_hmac
+        && md != NULL) {
         mac = EVP_MAC_fetch(rl->libctx, "HMAC", rl->propq);
         if (mac == NULL
             || (mac_ctx = rl->mac_ctx = EVP_MAC_CTX_new(mac)) == NULL) {
@@ -73,6 +67,11 @@ static int tls13_set_crypto_state(OSSL_RECORD_LAYER *rl, int level,
         goto end;
     }
 
+    ciph_ctx = rl->enc_ctx = EVP_CIPHER_CTX_new();
+    if (ciph_ctx == NULL) {
+        ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR);
+        return OSSL_RECORD_RETURN_FATAL;
+    }
     mode = EVP_CIPHER_get_mode(ciph);
 
     if (EVP_CipherInit_ex(ciph_ctx, ciph, NULL, NULL, NULL, enc) <= 0
@@ -85,7 +84,6 @@ static int tls13_set_crypto_state(OSSL_RECORD_LAYER *rl, int level,
         ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR);
         return OSSL_RECORD_RETURN_FATAL;
     }
-
  end:
     return OSSL_RECORD_RETURN_SUCCESS;
 }
@@ -106,7 +104,7 @@ static int tls13_cipher(OSSL_RECORD_LAYER *rl, TLS_RL_RECORD *recs,
     WPACKET wpkt;
     const EVP_CIPHER *cipher;
     EVP_MAC_CTX *mac_ctx = NULL;
-    int mode, ret = 0, only_mac = 0; /* set for MAC only, no encryption */
+    int mode, ret = 0;
 
     if (n_recs != 1) {
         /* Should not happen */
@@ -118,34 +116,25 @@ static int tls13_cipher(OSSL_RECORD_LAYER *rl, TLS_RL_RECORD *recs,
     staticiv = rl->iv;
     nonce = rl->nonce;
 
-    cipher = EVP_CIPHER_CTX_get0_cipher(ctx);
-    if (cipher == NULL) {
+    if (ctx == NULL && rl->mac_ctx == NULL) {
         RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
         return 0;
     }
-    mode = EVP_CIPHER_get_mode(cipher);
-    only_mac = EVP_CIPHER_is_a(cipher, "NULL") && rl->mac_ctx != NULL;
 
     /*
      * If we're sending an alert and ctx != NULL then we must be forcing
      * plaintext alerts. If we're reading and ctx != NULL then we allow
      * plaintext alerts at certain points in the handshake. If we've got this
      * far then we have already validated that a plaintext alert is ok here.
      */
-    if (ctx == NULL || rec->type == SSL3_RT_ALERT) {
+    if (rec->type == SSL3_RT_ALERT) {
         memmove(rec->data, rec->input, rec->length);
         rec->input = rec->data;
         return 1;
     }
 
-    if (only_mac) {
-        if ((mac_ctx = EVP_MAC_CTX_dup(rl->mac_ctx)) == NULL)
-        {
-            RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
-            return 0;
-        }
-        ivlen = EVP_MAC_CTX_get_mac_size(mac_ctx);
-    }
+    if (rl->mac_ctx != NULL)
+        ivlen = EVP_MAC_CTX_get_mac_size(rl->mac_ctx);
     else
         ivlen = EVP_CIPHER_CTX_get_iv_length(ctx);
 
@@ -188,14 +177,16 @@ static int tls13_cipher(OSSL_RECORD_LAYER *rl, TLS_RL_RECORD *recs,
         goto end;
     }
 
-    if (only_mac) {
-        if (!EVP_MAC_update(mac_ctx, nonce, ivlen)
+    if (rl->mac_ctx != NULL) {
+        if ((mac_ctx = EVP_MAC_CTX_dup(rl->mac_ctx)) == NULL
+            || !EVP_MAC_update(mac_ctx, nonce, ivlen)
             || !EVP_MAC_update(mac_ctx, recheader, sizeof(recheader))
             || !EVP_MAC_update(mac_ctx, rec->input, rec->length)
             || !EVP_MAC_final(mac_ctx, tag, &taglen, rl->taglen)) {
             RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
             goto end;
         }
+
         if (sending) {
             memcpy(rec->data + rec->length, tag, rl->taglen);
             rec->length += rl->taglen;
@@ -206,6 +197,13 @@ static int tls13_cipher(OSSL_RECORD_LAYER *rl, TLS_RL_RECORD *recs,
         goto end;
     }
 
+    cipher = EVP_CIPHER_CTX_get0_cipher(ctx);
+    if (cipher == NULL) {
+        RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
+        return 0;
+    }
+    mode = EVP_CIPHER_get_mode(cipher);
+
     if (EVP_CipherInit_ex(ctx, NULL, NULL, NULL, nonce, sending) <= 0
             || (!sending && EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
                                                 rl->taglen,