Remove support for OPENSSL_SSL_TRACE_CRYPTO (eee2750b) · Commits · CYBER - Cyber Security / TS 103 523 MSP / ETS / ETS OpenSSL

ssl/s3_enc.c

+0 −35

Original line number	Diff line number	Diff line
		@@ -230,23 +230,6 @@ int ssl3_change_cipher_state(SSL *s, int which)
		if (!EVP_CipherInit_ex(dd, c, NULL, key, iv, (which & SSL3_CC_WRITE)))
		goto err2;

		#ifdef OPENSSL_SSL_TRACE_CRYPTO
		if (s->msg_callback) {

		int wh = which & SSL3_CC_WRITE ?
		TLS1_RT_CRYPTO_WRITE : TLS1_RT_CRYPTO_READ;
		s->msg_callback(2, s->version, wh \| TLS1_RT_CRYPTO_MAC,
		mac_secret, EVP_MD_size(m), s, s->msg_callback_arg);
		if (c->key_len)
		s->msg_callback(2, s->version, wh \| TLS1_RT_CRYPTO_KEY,
		key, c->key_len, s, s->msg_callback_arg);
		if (k) {
		s->msg_callback(2, s->version, wh \| TLS1_RT_CRYPTO_IV,
		iv, k, s, s->msg_callback_arg);
		}
		}
		#endif

		OPENSSL_cleanse(exp_key, sizeof(exp_key));
		OPENSSL_cleanse(exp_iv, sizeof(exp_iv));
		return (1);
		@@ -470,9 +453,6 @@ int ssl3_generate_master_secret(SSL s, unsigned char out, unsigned char *p,
		EVP_MD_CTX *ctx = EVP_MD_CTX_new();
		int i, ret = 1;
		unsigned int n;
		#ifdef OPENSSL_SSL_TRACE_CRYPTO
		unsigned char *tmpout = out;
		#endif
		size_t ret_secret_size = 0;

		if (ctx == NULL) {
		@@ -503,21 +483,6 @@ int ssl3_generate_master_secret(SSL s, unsigned char out, unsigned char *p,
		}
		EVP_MD_CTX_free(ctx);

		#ifdef OPENSSL_SSL_TRACE_CRYPTO
		if (ret && s->msg_callback) {
		s->msg_callback(2, s->version, TLS1_RT_CRYPTO_PREMASTER,
		p, len, s, s->msg_callback_arg);
		s->msg_callback(2, s->version, TLS1_RT_CRYPTO_CLIENT_RANDOM,
		s->s3->client_random, SSL3_RANDOM_SIZE,
		s, s->msg_callback_arg);
		s->msg_callback(2, s->version, TLS1_RT_CRYPTO_SERVER_RANDOM,
		s->s3->server_random, SSL3_RANDOM_SIZE,
		s, s->msg_callback_arg);
		s->msg_callback(2, s->version, TLS1_RT_CRYPTO_MASTER,
		tmpout, SSL3_MASTER_SECRET_SIZE,
		s, s->msg_callback_arg);
		}
		#endif
		OPENSSL_cleanse(buf, sizeof(buf));
		if (ret)
		*secret_size = ret_secret_size;

ssl/t1_enc.c

+0 −35

Original line number	Diff line number	Diff line
		@@ -315,25 +315,6 @@ int tls1_change_cipher_state(SSL *s, int which)
		SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE, ERR_R_INTERNAL_ERROR);
		goto err2;
		}
		#ifdef OPENSSL_SSL_TRACE_CRYPTO
		if (s->msg_callback) {
		int wh = which & SSL3_CC_WRITE ? TLS1_RT_CRYPTO_WRITE : 0;
		if (*mac_secret_size)
		s->msg_callback(2, s->version, wh \| TLS1_RT_CRYPTO_MAC,
		mac_secret, *mac_secret_size,
		s, s->msg_callback_arg);
		if (c->key_len)
		s->msg_callback(2, s->version, wh \| TLS1_RT_CRYPTO_KEY,
		key, c->key_len, s, s->msg_callback_arg);
		if (k) {
		if (EVP_CIPHER_mode(c) == EVP_CIPH_GCM_MODE)
		wh \|= TLS1_RT_CRYPTO_FIXED_IV;
		else
		wh \|= TLS1_RT_CRYPTO_IV;
		s->msg_callback(2, s->version, wh, iv, k, s, s->msg_callback_arg);
		}
		}
		#endif

		#ifdef SSL_DEBUG
		printf("which = %04X\nkey=", which);
		@@ -530,22 +511,6 @@ int tls1_generate_master_secret(SSL s, unsigned char out, unsigned char *p,
		SSL3_MASTER_SECRET_SIZE);
		#endif

		#ifdef OPENSSL_SSL_TRACE_CRYPTO
		if (s->msg_callback) {
		s->msg_callback(2, s->version, TLS1_RT_CRYPTO_PREMASTER,
		p, len, s, s->msg_callback_arg);
		s->msg_callback(2, s->version, TLS1_RT_CRYPTO_CLIENT_RANDOM,
		s->s3->client_random, SSL3_RANDOM_SIZE,
		s, s->msg_callback_arg);
		s->msg_callback(2, s->version, TLS1_RT_CRYPTO_SERVER_RANDOM,
		s->s3->server_random, SSL3_RANDOM_SIZE,
		s, s->msg_callback_arg);
		s->msg_callback(2, s->version, TLS1_RT_CRYPTO_MASTER,
		s->session->master_key,
		SSL3_MASTER_SECRET_SIZE, s, s->msg_callback_arg);
		}
		#endif

		*secret_size = SSL3_MASTER_SECRET_SIZE;
		return 1;
		}

ssl/t1_trce.c

+0 −21

Original line number	Diff line number	Diff line
		@@ -568,21 +568,6 @@ static ssl_trace_tbl ssl_psk_kex_modes_tbl[] = {
		{TLSEXT_KEX_MODE_KE_DHE, "psk_dhe_ke"}
		};

		static ssl_trace_tbl ssl_crypto_tbl[] = {
		{TLS1_RT_CRYPTO_PREMASTER, "Premaster Secret"},
		{TLS1_RT_CRYPTO_CLIENT_RANDOM, "Client Random"},
		{TLS1_RT_CRYPTO_SERVER_RANDOM, "Server Random"},
		{TLS1_RT_CRYPTO_MASTER, "Master Secret"},
		{TLS1_RT_CRYPTO_MAC \| TLS1_RT_CRYPTO_WRITE, "Write Mac Secret"},
		{TLS1_RT_CRYPTO_MAC \| TLS1_RT_CRYPTO_READ, "Read Mac Secret"},
		{TLS1_RT_CRYPTO_KEY \| TLS1_RT_CRYPTO_WRITE, "Write Key"},
		{TLS1_RT_CRYPTO_KEY \| TLS1_RT_CRYPTO_READ, "Read Key"},
		{TLS1_RT_CRYPTO_IV \| TLS1_RT_CRYPTO_WRITE, "Write IV"},
		{TLS1_RT_CRYPTO_IV \| TLS1_RT_CRYPTO_READ, "Read IV"},
		{TLS1_RT_CRYPTO_FIXED_IV \| TLS1_RT_CRYPTO_WRITE, "Write IV (fixed part)"},
		{TLS1_RT_CRYPTO_FIXED_IV \| TLS1_RT_CRYPTO_READ, "Read IV (fixed part)"}
		};

		static ssl_trace_tbl ssl_key_update_tbl[] = {
		{SSL_KEY_UPDATE_NOT_REQUESTED, "update_not_requested"},
		{SSL_KEY_UPDATE_REQUESTED, "update_requested"}
		@@ -1489,12 +1474,6 @@ void SSL_trace(int write_p, int version, int content_type,
		const unsigned char *msg = buf;
		BIO *bio = arg;

		if (write_p == 2) {
		BIO_puts(bio, "Session ");
		ssl_print_hex(bio, 0,
		ssl_trace_str(content_type, ssl_crypto_tbl), msg, msglen);
		return;
		}
		switch (content_type) {
		case SSL3_RT_HEADER:
		{

ssl/tls13_enc.c

+0 −14

Original line number	Diff line number	Diff line
		@@ -321,20 +321,6 @@ static int derive_secret_key_and_iv(SSL s, int sending, const EVP_MD md,
		goto err;
		}

		#ifdef OPENSSL_SSL_TRACE_CRYPTO
		if (s->msg_callback) {
		int wh = sending ? TLS1_RT_CRYPTO_WRITE : 0;

		if (ciph->key_len)
		s->msg_callback(2, s->version, wh \| TLS1_RT_CRYPTO_KEY,
		key, ciph->key_len, s, s->msg_callback_arg);

		wh \|= TLS1_RT_CRYPTO_IV;
		s->msg_callback(2, s->version, wh, iv, ivlen, s,
		s->msg_callback_arg);
		}
		#endif

		return 1;
		err:
		OPENSSL_cleanse(key, sizeof(key));