grpc 1.9.1 → 1.10.0.pre1

data/third_party/boringssl/ssl/{ssl_stat.c → ssl_stat.cc}

@@ -88,236 +88,17 @@
 #include "internal.h"
 
 
-static int ssl_state(const SSL *ssl) {
+const char *SSL_state_string_long(const SSL *ssl) {
   if (ssl->s3->hs == NULL) {
-    assert(ssl->s3->initial_handshake_complete);
-    return SSL_ST_OK;
+    return "SSL negotiation finished successfully";
   }
 
-  return ssl->s3->hs->state;
-}
-
-const char *SSL_state_string_long(const SSL *ssl) {
-  switch (ssl_state(ssl)) {
-    case SSL_ST_ACCEPT:
-      return "before accept initialization";
-
-    case SSL_ST_CONNECT:
-      return "before connect initialization";
-
-    case SSL_ST_OK:
-      return "SSL negotiation finished successfully";
-
-    case SSL_ST_RENEGOTIATE:
-      return "SSL renegotiate ciphers";
-
-    /* SSLv3 additions */
-    case SSL3_ST_CW_CLNT_HELLO_A:
-      return "SSLv3 write client hello A";
-
-    case SSL3_ST_CR_SRVR_HELLO_A:
-      return "SSLv3 read server hello A";
-
-    case SSL3_ST_CR_CERT_A:
-      return "SSLv3 read server certificate A";
-
-    case SSL3_ST_CR_KEY_EXCH_A:
-      return "SSLv3 read server key exchange A";
-
-    case SSL3_ST_CR_CERT_REQ_A:
-      return "SSLv3 read server certificate request A";
-
-    case SSL3_ST_CR_SESSION_TICKET_A:
-      return "SSLv3 read server session ticket A";
-
-    case SSL3_ST_CR_SRVR_DONE_A:
-      return "SSLv3 read server done A";
-
-    case SSL3_ST_CW_CERT_A:
-      return "SSLv3 write client certificate A";
-
-    case SSL3_ST_CW_KEY_EXCH_A:
-      return "SSLv3 write client key exchange A";
-
-    case SSL3_ST_CW_CERT_VRFY_A:
-      return "SSLv3 write certificate verify A";
-
-    case SSL3_ST_CW_CERT_VRFY_B:
-      return "SSLv3 write certificate verify B";
-
-    case SSL3_ST_CW_CHANGE:
-    case SSL3_ST_SW_CHANGE:
-      return "SSLv3 write change cipher spec";
-
-    case SSL3_ST_CW_FINISHED_A:
-    case SSL3_ST_SW_FINISHED_A:
-      return "SSLv3 write finished A";
-
-    case SSL3_ST_CR_CHANGE:
-    case SSL3_ST_SR_CHANGE:
-      return "SSLv3 read change cipher spec";
-
-    case SSL3_ST_CR_FINISHED_A:
-    case SSL3_ST_SR_FINISHED_A:
-      return "SSLv3 read finished A";
-
-    case SSL3_ST_CW_FLUSH:
-    case SSL3_ST_SW_FLUSH:
-      return "SSLv3 flush data";
-
-    case SSL3_ST_SR_CLNT_HELLO_A:
-      return "SSLv3 read client hello A";
-
-    case SSL3_ST_SR_CLNT_HELLO_B:
-      return "SSLv3 read client hello B";
-
-    case SSL3_ST_SR_CLNT_HELLO_C:
-      return "SSLv3 read client hello C";
-
-    case SSL3_ST_SW_SRVR_HELLO_A:
-      return "SSLv3 write server hello A";
-
-    case SSL3_ST_SW_CERT_A:
-      return "SSLv3 write certificate A";
-
-    case SSL3_ST_SW_KEY_EXCH_A:
-      return "SSLv3 write key exchange A";
-
-    case SSL3_ST_SW_CERT_REQ_A:
-      return "SSLv3 write certificate request A";
-
-    case SSL3_ST_SW_SESSION_TICKET_A:
-      return "SSLv3 write session ticket A";
-
-    case SSL3_ST_SW_SRVR_DONE_A:
-      return "SSLv3 write server done A";
-
-    case SSL3_ST_SR_CERT_A:
-      return "SSLv3 read client certificate A";
-
-    case SSL3_ST_SR_KEY_EXCH_A:
-      return "SSLv3 read client key exchange A";
-
-    case SSL3_ST_SR_KEY_EXCH_B:
-      return "SSLv3 read client key exchange B";
-
-    case SSL3_ST_SR_CERT_VRFY_A:
-      return "SSLv3 read certificate verify A";
-
-    /* DTLS */
-    case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A:
-      return "DTLS1 read hello verify request A";
-
-    default:
-      return "unknown state";
-  }
+  return ssl->server ? ssl_server_handshake_state(ssl->s3->hs)
+                     : ssl_client_handshake_state(ssl->s3->hs);
 }
 
 const char *SSL_state_string(const SSL *ssl) {
-  switch (ssl_state(ssl)) {
-    case SSL_ST_ACCEPT:
-      return "AINIT ";
-
-    case SSL_ST_CONNECT:
-      return "CINIT ";
-
-    case SSL_ST_OK:
-      return "SSLOK ";
-
-    /* SSLv3 additions */
-    case SSL3_ST_SW_FLUSH:
-    case SSL3_ST_CW_FLUSH:
-      return "3FLUSH";
-
-    case SSL3_ST_CW_CLNT_HELLO_A:
-      return "3WCH_A";
-
-    case SSL3_ST_CR_SRVR_HELLO_A:
-      return "3RSH_A";
-
-    case SSL3_ST_CR_CERT_A:
-      return "3RSC_A";
-
-    case SSL3_ST_CR_KEY_EXCH_A:
-      return "3RSKEA";
-
-    case SSL3_ST_CR_CERT_REQ_A:
-      return "3RCR_A";
-
-    case SSL3_ST_CR_SRVR_DONE_A:
-      return "3RSD_A";
-
-    case SSL3_ST_CW_CERT_A:
-      return "3WCC_A";
-
-    case SSL3_ST_CW_KEY_EXCH_A:
-      return "3WCKEA";
-
-    case SSL3_ST_CW_CERT_VRFY_A:
-      return "3WCV_A";
-
-    case SSL3_ST_CW_CERT_VRFY_B:
-      return "3WCV_B";
-
-    case SSL3_ST_SW_CHANGE:
-    case SSL3_ST_CW_CHANGE:
-      return "3WCCS_";
-
-    case SSL3_ST_SW_FINISHED_A:
-    case SSL3_ST_CW_FINISHED_A:
-      return "3WFINA";
-
-    case SSL3_ST_CR_CHANGE:
-    case SSL3_ST_SR_CHANGE:
-      return "3RCCS_";
-
-    case SSL3_ST_SR_FINISHED_A:
-    case SSL3_ST_CR_FINISHED_A:
-      return "3RFINA";
-
-    case SSL3_ST_SR_CLNT_HELLO_A:
-      return "3RCH_A";
-
-    case SSL3_ST_SR_CLNT_HELLO_B:
-      return "3RCH_B";
-
-    case SSL3_ST_SR_CLNT_HELLO_C:
-      return "3RCH_C";
-
-    case SSL3_ST_SW_SRVR_HELLO_A:
-      return "3WSH_A";
-
-    case SSL3_ST_SW_CERT_A:
-      return "3WSC_A";
-
-    case SSL3_ST_SW_KEY_EXCH_A:
-      return "3WSKEA";
-
-    case SSL3_ST_SW_KEY_EXCH_B:
-      return "3WSKEB";
-
-    case SSL3_ST_SW_CERT_REQ_A:
-      return "3WCR_A";
-
-    case SSL3_ST_SW_SRVR_DONE_A:
-      return "3WSD_A";
-
-    case SSL3_ST_SR_CERT_A:
-      return "3RCC_A";
-
-    case SSL3_ST_SR_KEY_EXCH_A:
-      return "3RCKEA";
-
-    case SSL3_ST_SR_CERT_VRFY_A:
-      return "3RCV_A";
-
-    /* DTLS */
-    case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A:
-      return "DRCHVA";
-
-    default:
-      return "UNKWN ";
-  }
+  return "!!!!!!";
 }
 
 const char *SSL_alert_type_string_long(int value) {

data/third_party/boringssl/ssl/{ssl_transcript.c → ssl_transcript.cc}

@@ -150,136 +150,117 @@
 #include "internal.h"
 
 
-int SSL_TRANSCRIPT_init(SSL_TRANSCRIPT *transcript) {
-  SSL_TRANSCRIPT_cleanup(transcript);
-  transcript->buffer = BUF_MEM_new();
-  return transcript->buffer != NULL;
+namespace bssl {
+
+SSLTranscript::SSLTranscript() {}
+
+SSLTranscript::~SSLTranscript() {}
+
+bool SSLTranscript::Init() {
+  buffer_.reset(BUF_MEM_new());
+  if (!buffer_) {
+    return false;
+  }
+
+  hash_.Reset();
+  md5_.Reset();
+  return true;
 }
 
-/* init_digest_with_data calls |EVP_DigestInit_ex| on |ctx| with |md| and then
- * writes the data in |buf| to it. */
-static int init_digest_with_data(EVP_MD_CTX *ctx, const EVP_MD *md,
-                                 const BUF_MEM *buf) {
+// InitDigestWithData calls |EVP_DigestInit_ex| on |ctx| with |md| and then
+// writes the data in |buf| to it.
+static bool InitDigestWithData(EVP_MD_CTX *ctx, const EVP_MD *md,
+                               const BUF_MEM *buf) {
   if (!EVP_DigestInit_ex(ctx, md, NULL)) {
-    return 0;
+    return false;
   }
   EVP_DigestUpdate(ctx, buf->data, buf->length);
-  return 1;
+  return true;
 }
 
-int SSL_TRANSCRIPT_init_hash(SSL_TRANSCRIPT *transcript, uint16_t version,
-                             int algorithm_prf) {
-  const EVP_MD *md = ssl_get_handshake_digest(algorithm_prf, version);
+bool SSLTranscript::InitHash(uint16_t version, const SSL_CIPHER *cipher) {
+  const EVP_MD *md = ssl_get_handshake_digest(version, cipher);
 
-  /* To support SSL 3.0's Finished and CertificateVerify constructions,
-   * EVP_md5_sha1() is split into MD5 and SHA-1 halves. When SSL 3.0 is removed,
-   * we can simplify this. */
+  // To support SSL 3.0's Finished and CertificateVerify constructions,
+  // EVP_md5_sha1() is split into MD5 and SHA-1 halves. When SSL 3.0 is removed,
+  // we can simplify this.
   if (md == EVP_md5_sha1()) {
-    if (!init_digest_with_data(&transcript->md5, EVP_md5(),
-                               transcript->buffer)) {
-      return 0;
+    if (!InitDigestWithData(md5_.get(), EVP_md5(), buffer_.get())) {
+      return false;
     }
     md = EVP_sha1();
   }
 
-  if (!init_digest_with_data(&transcript->hash, md, transcript->buffer)) {
-    return 0;
-  }
-
-  return 1;
-}
-
-void SSL_TRANSCRIPT_cleanup(SSL_TRANSCRIPT *transcript) {
-  SSL_TRANSCRIPT_free_buffer(transcript);
-  EVP_MD_CTX_cleanup(&transcript->hash);
-  EVP_MD_CTX_cleanup(&transcript->md5);
+  return InitDigestWithData(hash_.get(), md, buffer_.get());
 }
 
-void SSL_TRANSCRIPT_free_buffer(SSL_TRANSCRIPT *transcript) {
-  BUF_MEM_free(transcript->buffer);
-  transcript->buffer = NULL;
+void SSLTranscript::FreeBuffer() {
+  buffer_.reset();
 }
 
-size_t SSL_TRANSCRIPT_digest_len(const SSL_TRANSCRIPT *transcript) {
-  return EVP_MD_size(SSL_TRANSCRIPT_md(transcript));
+size_t SSLTranscript::DigestLen() const {
+  return EVP_MD_size(Digest());
 }
 
-const EVP_MD *SSL_TRANSCRIPT_md(const SSL_TRANSCRIPT *transcript) {
-  if (EVP_MD_CTX_md(&transcript->md5) != NULL) {
+const EVP_MD *SSLTranscript::Digest() const {
+  if (EVP_MD_CTX_md(md5_.get()) != nullptr) {
     return EVP_md5_sha1();
   }
-  return EVP_MD_CTX_md(&transcript->hash);
+  return EVP_MD_CTX_md(hash_.get());
 }
 
-int SSL_TRANSCRIPT_update(SSL_TRANSCRIPT *transcript, const uint8_t *in,
-                          size_t in_len) {
-  /* Depending on the state of the handshake, either the handshake buffer may be
-   * active, the rolling hash, or both. */
-  if (transcript->buffer != NULL) {
-    size_t new_len = transcript->buffer->length + in_len;
+bool SSLTranscript::Update(const uint8_t *in, size_t in_len) {
+  // Depending on the state of the handshake, either the handshake buffer may be
+  // active, the rolling hash, or both.
+  if (buffer_) {
+    size_t new_len = buffer_->length + in_len;
     if (new_len < in_len) {
       OPENSSL_PUT_ERROR(SSL, ERR_R_OVERFLOW);
-      return 0;
+      return false;
     }
-    if (!BUF_MEM_grow(transcript->buffer, new_len)) {
-      return 0;
+    if (!BUF_MEM_grow(buffer_.get(), new_len)) {
+      return false;
     }
-    OPENSSL_memcpy(transcript->buffer->data + new_len - in_len, in, in_len);
+    OPENSSL_memcpy(buffer_->data + new_len - in_len, in, in_len);
   }
 
-  if (EVP_MD_CTX_md(&transcript->hash) != NULL) {
-    EVP_DigestUpdate(&transcript->hash, in, in_len);
+  if (EVP_MD_CTX_md(hash_.get()) != NULL) {
+    EVP_DigestUpdate(hash_.get(), in, in_len);
   }
-  if (EVP_MD_CTX_md(&transcript->md5) != NULL) {
-    EVP_DigestUpdate(&transcript->md5, in, in_len);
+  if (EVP_MD_CTX_md(md5_.get()) != NULL) {
+    EVP_DigestUpdate(md5_.get(), in, in_len);
   }
 
-  return 1;
+  return true;
 }
 
-int SSL_TRANSCRIPT_get_hash(const SSL_TRANSCRIPT *transcript, uint8_t *out,
-                            size_t *out_len) {
-  int ret = 0;
-  EVP_MD_CTX ctx;
-  EVP_MD_CTX_init(&ctx);
+bool SSLTranscript::GetHash(uint8_t *out, size_t *out_len) {
+  ScopedEVP_MD_CTX ctx;
   unsigned md5_len = 0;
-  if (EVP_MD_CTX_md(&transcript->md5) != NULL) {
-    if (!EVP_MD_CTX_copy_ex(&ctx, &transcript->md5) ||
-        !EVP_DigestFinal_ex(&ctx, out, &md5_len)) {
-      goto err;
+  if (EVP_MD_CTX_md(md5_.get()) != NULL) {
+    if (!EVP_MD_CTX_copy_ex(ctx.get(), md5_.get()) ||
+        !EVP_DigestFinal_ex(ctx.get(), out, &md5_len)) {
+      return false;
     }
   }
 
   unsigned len;
-  if (!EVP_MD_CTX_copy_ex(&ctx, &transcript->hash) ||
-      !EVP_DigestFinal_ex(&ctx, out + md5_len, &len)) {
-    goto err;
+  if (!EVP_MD_CTX_copy_ex(ctx.get(), hash_.get()) ||
+      !EVP_DigestFinal_ex(ctx.get(), out + md5_len, &len)) {
+    return false;
   }
 
   *out_len = md5_len + len;
-  ret = 1;
-
-err:
-  EVP_MD_CTX_cleanup(&ctx);
-  return ret;
+  return true;
 }
 
-static int ssl3_handshake_mac(SSL_TRANSCRIPT *transcript,
-                              const SSL_SESSION *session,
-                              const EVP_MD_CTX *ctx_template,
-                              const char *sender, size_t sender_len,
-                              uint8_t *p, size_t *out_len) {
-  unsigned int len;
-  size_t npad, n;
-  unsigned int i;
-  uint8_t md_buf[EVP_MAX_MD_SIZE];
-  EVP_MD_CTX ctx;
-
-  EVP_MD_CTX_init(&ctx);
-  if (!EVP_MD_CTX_copy_ex(&ctx, ctx_template)) {
-    EVP_MD_CTX_cleanup(&ctx);
+static bool SSL3HandshakeMAC(const SSL_SESSION *session,
+                             const EVP_MD_CTX *ctx_template, const char *sender,
+                             size_t sender_len, uint8_t *p, size_t *out_len) {
+  ScopedEVP_MD_CTX ctx;
+  if (!EVP_MD_CTX_copy_ex(ctx.get(), ctx_template)) {
     OPENSSL_PUT_ERROR(SSL, ERR_LIB_EVP);
-    return 0;
+    return false;
   }
 
   static const uint8_t kPad1[48] = {
@@ -296,89 +277,83 @@ static int ssl3_handshake_mac(SSL_TRANSCRIPT *transcript,
       0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
   };
 
-  n = EVP_MD_CTX_size(&ctx);
+  size_t n = EVP_MD_CTX_size(ctx.get());
 
-  npad = (48 / n) * n;
-  if (sender != NULL) {
-    EVP_DigestUpdate(&ctx, sender, sender_len);
-  }
-  EVP_DigestUpdate(&ctx, session->master_key, session->master_key_length);
-  EVP_DigestUpdate(&ctx, kPad1, npad);
-  EVP_DigestFinal_ex(&ctx, md_buf, &i);
+  size_t npad = (48 / n) * n;
+  EVP_DigestUpdate(ctx.get(), sender, sender_len);
+  EVP_DigestUpdate(ctx.get(), session->master_key, session->master_key_length);
+  EVP_DigestUpdate(ctx.get(), kPad1, npad);
+  unsigned md_buf_len;
+  uint8_t md_buf[EVP_MAX_MD_SIZE];
+  EVP_DigestFinal_ex(ctx.get(), md_buf, &md_buf_len);
 
-  if (!EVP_DigestInit_ex(&ctx, EVP_MD_CTX_md(&ctx), NULL)) {
-    EVP_MD_CTX_cleanup(&ctx);
+  if (!EVP_DigestInit_ex(ctx.get(), EVP_MD_CTX_md(ctx.get()), NULL)) {
     OPENSSL_PUT_ERROR(SSL, ERR_LIB_EVP);
-    return 0;
+    return false;
   }
-  EVP_DigestUpdate(&ctx, session->master_key, session->master_key_length);
-  EVP_DigestUpdate(&ctx, kPad2, npad);
-  EVP_DigestUpdate(&ctx, md_buf, i);
-  EVP_DigestFinal_ex(&ctx, p, &len);
-
-  EVP_MD_CTX_cleanup(&ctx);
+  EVP_DigestUpdate(ctx.get(), session->master_key, session->master_key_length);
+  EVP_DigestUpdate(ctx.get(), kPad2, npad);
+  EVP_DigestUpdate(ctx.get(), md_buf, md_buf_len);
+  unsigned len;
+  EVP_DigestFinal_ex(ctx.get(), p, &len);
 
   *out_len = len;
-  return 1;
+  return true;
 }
 
-int SSL_TRANSCRIPT_ssl3_cert_verify_hash(SSL_TRANSCRIPT *transcript,
-                                         uint8_t *out, size_t *out_len,
-                                         const SSL_SESSION *session,
-                                         int signature_algorithm) {
-  if (SSL_TRANSCRIPT_md(transcript) != EVP_md5_sha1()) {
+bool SSLTranscript::GetSSL3CertVerifyHash(uint8_t *out, size_t *out_len,
+                                          const SSL_SESSION *session,
+                                          uint16_t signature_algorithm) {
+  if (Digest() != EVP_md5_sha1()) {
     OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
-    return 0;
+    return false;
   }
 
   if (signature_algorithm == SSL_SIGN_RSA_PKCS1_MD5_SHA1) {
     size_t md5_len, len;
-    if (!ssl3_handshake_mac(transcript, session, &transcript->md5, NULL, 0, out,
-                            &md5_len) ||
-        !ssl3_handshake_mac(transcript, session, &transcript->hash, NULL, 0,
-                            out + md5_len, &len)) {
-      return 0;
+    if (!SSL3HandshakeMAC(session, md5_.get(), NULL, 0, out, &md5_len) ||
+        !SSL3HandshakeMAC(session, hash_.get(), NULL, 0, out + md5_len, &len)) {
+      return false;
     }
     *out_len = md5_len + len;
-    return 1;
+    return true;
   }
 
   if (signature_algorithm == SSL_SIGN_ECDSA_SHA1) {
-    return ssl3_handshake_mac(transcript, session, &transcript->hash, NULL, 0,
-                              out, out_len);
+    return SSL3HandshakeMAC(session, hash_.get(), NULL, 0, out, out_len);
   }
 
   OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
-  return 0;
+  return false;
 }
 
-int SSL_TRANSCRIPT_finish_mac(SSL_TRANSCRIPT *transcript, uint8_t *out,
-                              size_t *out_len, const SSL_SESSION *session,
-                              int from_server, uint16_t version) {
-  if (version == SSL3_VERSION) {
-    if (SSL_TRANSCRIPT_md(transcript) != EVP_md5_sha1()) {
+bool SSLTranscript::GetFinishedMAC(uint8_t *out, size_t *out_len,
+                                   const SSL_SESSION *session,
+                                   bool from_server) {
+  if (session->ssl_version == SSL3_VERSION) {
+    if (Digest() != EVP_md5_sha1()) {
       OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
-      return 0;
+      return false;
     }
 
     const char *sender = from_server ? SSL3_MD_SERVER_FINISHED_CONST
                                      : SSL3_MD_CLIENT_FINISHED_CONST;
     const size_t sender_len = 4;
     size_t md5_len, len;
-    if (!ssl3_handshake_mac(transcript, session, &transcript->md5, sender,
-                            sender_len, out, &md5_len) ||
-        !ssl3_handshake_mac(transcript, session, &transcript->hash, sender,
-                            sender_len, out + md5_len, &len)) {
-      return 0;
+    if (!SSL3HandshakeMAC(session, md5_.get(), sender, sender_len, out,
+                          &md5_len) ||
+        !SSL3HandshakeMAC(session, hash_.get(), sender, sender_len,
+                          out + md5_len, &len)) {
+      return false;
     }
 
     *out_len = md5_len + len;
-    return 1;
+    return true;
   }
 
-  /* At this point, the handshake should have released the handshake buffer on
-   * its own. */
-  assert(transcript->buffer == NULL);
+  // At this point, the handshake should have released the handshake buffer on
+  // its own.
+  assert(!buffer_);
 
   const char *label = TLS_MD_CLIENT_FINISH_CONST;
   size_t label_len = TLS_MD_SERVER_FINISH_CONST_SIZE;
@@ -389,17 +364,19 @@ int SSL_TRANSCRIPT_finish_mac(SSL_TRANSCRIPT *transcript, uint8_t *out,
 
   uint8_t digests[EVP_MAX_MD_SIZE];
   size_t digests_len;
-  if (!SSL_TRANSCRIPT_get_hash(transcript, digests, &digests_len)) {
-    return 0;
+  if (!GetHash(digests, &digests_len)) {
+    return false;
   }
 
   static const size_t kFinishedLen = 12;
-  if (!tls1_prf(SSL_TRANSCRIPT_md(transcript), out, kFinishedLen,
-                session->master_key, session->master_key_length, label,
-                label_len, digests, digests_len, NULL, 0)) {
-    return 0;
+  if (!tls1_prf(Digest(), out, kFinishedLen, session->master_key,
+                session->master_key_length, label, label_len, digests,
+                digests_len, NULL, 0)) {
+    return false;
   }
 
   *out_len = kFinishedLen;
-  return 1;
+  return true;
 }
+
+}  // namespace bssl