Remove authz extension (RFC5878)
Found no users of the functions which control the feature. (Also I don't
particularly want to port all of that to CBS...)
Change-Id: I55da42c44d57252bd47bdcb30431be5e6e90dc56
Reviewed-on: https://boringssl-review.googlesource.com/1061
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/ssl/s23_clnt.c b/ssl/s23_clnt.c
index 6e5b1a5..092b5f4 100644
--- a/ssl/s23_clnt.c
+++ b/ssl/s23_clnt.c
@@ -341,8 +341,6 @@
ssl2_compat = 0;
if (s->tlsext_status_type != -1)
ssl2_compat = 0;
- if (s->ctx->tlsext_authz_server_audit_proof_cb != NULL)
- ssl2_compat = 0;
}
#endif
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index 3e52210..e763d7c 100644
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -296,26 +296,11 @@
}
else
{
-#ifndef OPENSSL_NO_TLSEXT
- /* The server hello indicated that
- * an audit proof would follow. */
- if (s->s3->tlsext_authz_server_promised)
- s->state=SSL3_ST_CR_SUPPLEMENTAL_DATA_A;
- else
-#endif
- s->state=SSL3_ST_CR_CERT_A;
+ s->state=SSL3_ST_CR_CERT_A;
}
s->init_num=0;
break;
-#ifndef OPENSSL_NO_TLSEXT
- case SSL3_ST_CR_SUPPLEMENTAL_DATA_A:
- case SSL3_ST_CR_SUPPLEMENTAL_DATA_B:
- ret = tls1_get_server_supplemental_data(s);
- if (ret <= 0) goto end;
- s->state=SSL3_ST_CR_CERT_A;
- s->init_num = 0;
- break;
-#endif
+
case SSL3_ST_CR_CERT_A:
case SSL3_ST_CR_CERT_B:
#ifndef OPENSSL_NO_TLSEXT
@@ -1325,21 +1310,6 @@
s->session->verify_result = s->verify_result;
x=NULL;
-#ifndef OPENSSL_NO_TLSEXT
- /* Check the audit proof. */
- if (s->ctx->tlsext_authz_server_audit_proof_cb)
- {
- ret = s->ctx->tlsext_authz_server_audit_proof_cb(s,
- s->ctx->tlsext_authz_server_audit_proof_cb_arg);
- if (ret <= 0)
- {
- al = SSL_AD_BAD_CERTIFICATE;
- OPENSSL_PUT_ERROR(SSL, ssl3_get_server_certificate, SSL_R_INVALID_AUDIT_PROOF);
- goto f_err;
- }
- }
-
-#endif
ret=1;
if (0)
{
@@ -3390,106 +3360,3 @@
i = s->ctx->client_cert_cb(s,px509,ppkey);
return i;
}
-
-#ifndef OPENSSL_NO_TLSEXT
-int tls1_get_server_supplemental_data(SSL *s)
- {
- int al;
- int ok;
- unsigned long supp_data_len, authz_data_len;
- long n;
- unsigned short supp_data_type, authz_data_type, proof_len;
- const unsigned char *p;
- unsigned char *new_proof;
-
- n=s->method->ssl_get_message(s,
- SSL3_ST_CR_SUPPLEMENTAL_DATA_A,
- SSL3_ST_CR_SUPPLEMENTAL_DATA_B,
- SSL3_MT_SUPPLEMENTAL_DATA,
- /* use default limit */
- TLSEXT_MAXLEN_supplemental_data,
- &ok);
-
- if (!ok) return((int)n);
-
- p = (unsigned char *)s->init_msg;
-
- /* The message cannot be empty */
- if (n < 3)
- {
- al = SSL_AD_DECODE_ERROR;
- OPENSSL_PUT_ERROR(SSL, ssl3_send_client_key_exchange, SSL_R_LENGTH_MISMATCH);
- goto f_err;
- }
- /* Length of supplemental data */
- n2l3(p,supp_data_len);
- n -= 3;
- /* We must have at least one supplemental data entry
- * with type (1 byte) and length (2 bytes). */
- if (supp_data_len != (unsigned long) n || n < 4)
- {
- al = SSL_AD_DECODE_ERROR;
- OPENSSL_PUT_ERROR(SSL, ssl3_send_client_key_exchange, SSL_R_LENGTH_MISMATCH);
- goto f_err;
- }
- /* Supplemental data type: must be authz_data */
- n2s(p,supp_data_type);
- n -= 2;
- if (supp_data_type != TLSEXT_SUPPLEMENTALDATATYPE_authz_data)
- {
- al = SSL_AD_UNEXPECTED_MESSAGE;
- OPENSSL_PUT_ERROR(SSL, ssl3_send_client_key_exchange, SSL_R_UNKNOWN_SUPPLEMENTAL_DATA_TYPE);
- goto f_err;
- }
- /* Authz data length */
- n2s(p, authz_data_len);
- n -= 2;
- if (authz_data_len != (unsigned long) n || n < 1)
- {
- al = SSL_AD_DECODE_ERROR;
- OPENSSL_PUT_ERROR(SSL, ssl3_send_client_key_exchange, SSL_R_LENGTH_MISMATCH);
- goto f_err;
- }
- /* Authz data type: must be audit_proof */
- authz_data_type = *(p++);
- n -= 1;
- if (authz_data_type != TLSEXT_AUTHZDATAFORMAT_audit_proof)
- {
- al=SSL_AD_UNEXPECTED_MESSAGE;
- OPENSSL_PUT_ERROR(SSL, ssl3_send_client_key_exchange, SSL_R_UNKNOWN_AUTHZ_DATA_TYPE);
- goto f_err;
- }
- /* We have a proof: read its length */
- if (n < 2)
- {
- al = SSL_AD_DECODE_ERROR;
- OPENSSL_PUT_ERROR(SSL, ssl3_send_client_key_exchange, SSL_R_LENGTH_MISMATCH);
- goto f_err;
- }
- n2s(p, proof_len);
- n -= 2;
- if (proof_len != (unsigned long) n)
- {
- al = SSL_AD_DECODE_ERROR;
- OPENSSL_PUT_ERROR(SSL, ssl3_send_client_key_exchange, SSL_R_LENGTH_MISMATCH);
- goto f_err;
- }
- /* Store the proof */
- new_proof = OPENSSL_realloc(s->session->audit_proof,
- proof_len);
- if (new_proof == NULL)
- {
- OPENSSL_PUT_ERROR(SSL, ssl3_send_client_key_exchange, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- s->session->audit_proof_length = proof_len;
- s->session->audit_proof = new_proof;
- memcpy(s->session->audit_proof, p, proof_len);
-
- /* Got the proof, but can't verify it yet. */
- return 1;
-f_err:
- ssl3_send_alert(s,SSL3_AL_FATAL,al);
- return -1;
- }
-#endif
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index a674e72..125a608 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -2722,10 +2722,6 @@
OPENSSL_free(s->s3->alpn_selected);
#endif
-#ifndef OPENSSL_NO_TLSEXT
- if (s->s3->tlsext_authz_client_types != NULL)
- OPENSSL_free(s->s3->tlsext_authz_client_types);
-#endif
OPENSSL_cleanse(s->s3,sizeof *s->s3);
OPENSSL_free(s->s3);
s->s3=NULL;
@@ -2756,11 +2752,6 @@
}
#endif
#ifndef OPENSSL_NO_TLSEXT
- if (s->s3->tlsext_authz_client_types != NULL)
- {
- OPENSSL_free(s->s3->tlsext_authz_client_types);
- s->s3->tlsext_authz_client_types = NULL;
- }
#ifndef OPENSSL_NO_EC
s->s3->is_probably_safari = 0;
#endif /* !OPENSSL_NO_EC */
@@ -3494,10 +3485,6 @@
case SSL_CTRL_SET_CHAIN_CERT_STORE:
return ssl_cert_set_cert_store(ctx->cert, parg, 1, larg);
- case SSL_CTRL_SET_TLSEXT_AUTHZ_SERVER_AUDIT_PROOF_CB_ARG:
- ctx->tlsext_authz_server_audit_proof_cb_arg = parg;
- break;
-
#endif /* !OPENSSL_NO_TLSEXT */
/* A Thawte special :-) */
@@ -3616,11 +3603,6 @@
HMAC_CTX *, int))fp;
break;
- case SSL_CTRL_SET_TLSEXT_AUTHZ_SERVER_AUDIT_PROOF_CB:
- ctx->tlsext_authz_server_audit_proof_cb =
- (int (*)(SSL *, void *))fp;
- break;
-
#endif
default:
return(0);
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index 95ed74d..cd04145 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -346,34 +346,13 @@
}
#else
if (s->hit)
- s->state=SSL3_ST_SW_CHANGE_A;
+ s->state=SSL3_ST_SW_CHANGE_A;
#endif
else
-#ifndef OPENSSL_NO_TLSEXT
- s->state = SSL3_ST_SW_SUPPLEMENTAL_DATA_A;
-#else
- s->state = SSL3_ST_SW_CERT_A;
-#endif
+ s->state = SSL3_ST_SW_CERT_A;
s->init_num = 0;
break;
-#ifndef OPENSSL_NO_TLSEXT
- case SSL3_ST_SW_SUPPLEMENTAL_DATA_A:
- case SSL3_ST_SW_SUPPLEMENTAL_DATA_B:
- /* We promised to send an audit proof in the hello. */
- if (s->s3->tlsext_authz_promised_to_client)
- {
- ret = tls1_send_server_supplemental_data(s);
- if (ret <= 0) goto end;
- }
- else
- skip = 1;
-
- s->state = SSL3_ST_SW_CERT_A;
- s->init_num = 0;
- break;
-#endif
-
case SSL3_ST_SW_CERT_A:
case SSL3_ST_SW_CERT_B:
/* Check if it is anon DH or anon ECDH, */
@@ -3463,98 +3442,4 @@
return ret;
}
-int tls1_send_server_supplemental_data(SSL *s)
- {
- size_t length = 0;
- const unsigned char *authz, *orig_authz;
- unsigned char *p;
- size_t authz_length, i;
-
- if (s->state != SSL3_ST_SW_SUPPLEMENTAL_DATA_A)
- return ssl3_do_write(s, SSL3_RT_HANDSHAKE);
-
- orig_authz = authz = ssl_get_authz_data(s, &authz_length);
- if (authz == NULL)
- {
- /* This should never occur. */
- return 0;
- }
-
- /* First we walk over the authz data to see how long the handshake
- * message will be. */
- for (i = 0; i < authz_length; i++)
- {
- unsigned short len;
- unsigned char type;
-
- type = *(authz++);
- n2s(authz, len);
- /* n2s increments authz by 2*/
- i += 2;
-
- if (memchr(s->s3->tlsext_authz_client_types,
- type,
- s->s3->tlsext_authz_client_types_len) != NULL)
- length += 1 /* authz type */ + 2 /* length */ + len;
-
- authz += len;
- i += len;
- }
-
- length += 1 /* handshake type */ +
- 3 /* handshake length */ +
- 3 /* supplemental data length */ +
- 2 /* supplemental entry type */ +
- 2 /* supplemental entry length */;
-
- if (!BUF_MEM_grow_clean(s->init_buf, length))
- {
- OPENSSL_PUT_ERROR(SSL, tls1_send_server_supplemental_data, ERR_R_BUF_LIB);
- return 0;
- }
-
- p = (unsigned char *)s->init_buf->data;
- *(p++) = SSL3_MT_SUPPLEMENTAL_DATA;
- /* Handshake length */
- l2n3(length - 4, p);
- /* Length of supplemental data */
- l2n3(length - 7, p);
- /* Supplemental data type */
- s2n(TLSEXT_SUPPLEMENTALDATATYPE_authz_data, p);
- /* Its length */
- s2n(length - 11, p);
-
- authz = orig_authz;
-
- /* Walk over the authz again and append the selected elements. */
- for (i = 0; i < authz_length; i++)
- {
- unsigned short len;
- unsigned char type;
-
- type = *(authz++);
- n2s(authz, len);
- /* n2s increments authz by 2 */
- i += 2;
-
- if (memchr(s->s3->tlsext_authz_client_types,
- type,
- s->s3->tlsext_authz_client_types_len) != NULL)
- {
- *(p++) = type;
- s2n(len, p);
- memcpy(p, authz, len);
- p += len;
- }
-
- authz += len;
- i += len;
- }
-
- s->state = SSL3_ST_SW_SUPPLEMENTAL_DATA_B;
- s->init_num = length;
- s->init_off = 0;
-
- return ssl3_do_write(s, SSL3_RT_HANDSHAKE);
- }
#endif
diff --git a/ssl/ssl.h b/ssl/ssl.h
index 2afa462..a83cf1a 100644
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -528,13 +528,6 @@
#endif
char peer_sha256_valid; /* Non-zero if peer_sha256 is valid */
unsigned char peer_sha256[SHA256_DIGEST_LENGTH]; /* SHA256 of peer certificate */
-#ifndef OPENSSL_NO_TLSEXT
- /* Used by client: the proof for this session.
- * We store it outside the sess_cert structure, since the proof
- * is received before the certificate. */
- unsigned char *audit_proof;
- size_t audit_proof_length;
-#endif
/* original_handshake_hash contains the handshake hash (either
* SHA-1+MD5 or SHA-2, depending on TLS version) for the original, full
@@ -1136,9 +1129,7 @@
size_t tlsext_ellipticcurvelist_length;
unsigned char *tlsext_ellipticcurvelist;
# endif /* OPENSSL_NO_EC */
- int (*tlsext_authz_server_audit_proof_cb)(SSL *s, void *arg);
- void *tlsext_authz_server_audit_proof_cb_arg;
-#endif
+#endif /* OPENSSL_NO_TLSEXT */
/* If true, a client will advertise the Channel ID extension and a
* server will echo it. */
@@ -1799,9 +1790,6 @@
#define SSL_CTRL_SET_TLS_EXT_SRP_USERNAME 79
#define SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH 80
#define SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD 81
-/* Callback for verifying audit proofs (client only) */
-#define SSL_CTRL_SET_TLSEXT_AUTHZ_SERVER_AUDIT_PROOF_CB 95
-#define SSL_CTRL_SET_TLSEXT_AUTHZ_SERVER_AUDIT_PROOF_CB_ARG 96
#endif /* OPENSSL_NO_TLSEXT */
#define DTLS_CTRL_GET_TIMEOUT 73
@@ -2085,20 +2073,6 @@
int SSL_use_certificate(SSL *ssl, X509 *x);
int SSL_use_certificate_ASN1(SSL *ssl, const unsigned char *d, int len);
-#ifndef OPENSSL_NO_TLSEXT
-/* Set authz data for the current active cert. */
-int SSL_CTX_use_authz(SSL_CTX *ctx, unsigned char *authz, size_t authz_length);
-int SSL_use_authz(SSL *ssl, unsigned char *authz, size_t authz_length);
-/* Get the authz of type 'type' associated with the current active cert. */
-const unsigned char *SSL_CTX_get_authz_data(SSL_CTX *ctx, unsigned char type,
- size_t *data_length);
-#ifndef OPENSSL_NO_STDIO
-int SSL_CTX_use_authz_file(SSL_CTX *ctx, const char *file);
-int SSL_use_authz_file(SSL *ssl, const char *file);
-#endif
-
-#endif
-
#ifndef OPENSSL_NO_STDIO
int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type);
int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type);
@@ -2142,10 +2116,6 @@
#ifndef OPENSSL_NO_BIO
int SSL_SESSION_print(BIO *fp,const SSL_SESSION *ses);
#endif
-#ifndef OPENSSL_NO_TLSEXT
-unsigned char *SSL_SESSION_get_tlsext_authz_server_audit_proof(SSL_SESSION *s,
- size_t *proof_length);
-#endif
void SSL_SESSION_free(SSL_SESSION *ses);
int i2d_SSL_SESSION(SSL_SESSION *in,unsigned char **pp);
int SSL_set_session(SSL *to, SSL_SESSION *session);
diff --git a/ssl/ssl3.h b/ssl/ssl3.h
index 9fc8b18..165a1cc 100644
--- a/ssl/ssl3.h
+++ b/ssl/ssl3.h
@@ -541,20 +541,6 @@
#endif
#ifndef OPENSSL_NO_TLSEXT
- /* tlsext_authz_client_types contains an array of supported authz
- * types, as advertised by the client. The array is sorted and
- * does not contain any duplicates. */
- unsigned char *tlsext_authz_client_types;
- size_t tlsext_authz_client_types_len;
- /* tlsext_authz_promised_to_client is true iff we're a server and we
- * echoed the client's supplemental data extension and therefore must
- * send a supplemental data handshake message. */
- char tlsext_authz_promised_to_client;
- /* tlsext_authz_server_promised is true iff we're a client and the
- * server echoed our server_authz extension and therefore must send us
- * a supplemental data handshake message. */
- char tlsext_authz_server_promised;
-
#ifndef OPENSSL_NO_EC
/* This is set to true if we believe that this is a version of Safari
* running on OS X 10.6 or newer. We wish to know this because Safari
@@ -613,8 +599,6 @@
#define SSL3_ST_CR_CERT_REQ_B (0x151|SSL_ST_CONNECT)
#define SSL3_ST_CR_SRVR_DONE_A (0x160|SSL_ST_CONNECT)
#define SSL3_ST_CR_SRVR_DONE_B (0x161|SSL_ST_CONNECT)
-#define SSL3_ST_CR_SUPPLEMENTAL_DATA_A (0x210|SSL_ST_CONNECT)
-#define SSL3_ST_CR_SUPPLEMENTAL_DATA_B (0x211|SSL_ST_CONNECT)
/* write to server */
#define SSL3_ST_CW_CERT_A (0x170|SSL_ST_CONNECT)
#define SSL3_ST_CW_CERT_B (0x171|SSL_ST_CONNECT)
diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c
index a11d7a3..e13e1ef 100644
--- a/ssl/ssl_cert.c
+++ b/ssl/ssl_cert.c
@@ -324,24 +324,6 @@
}
}
rpk->valid_flags = 0;
-#ifndef OPENSSL_NO_TLSEXT
- if (cert->pkeys[i].authz != NULL)
- {
- /* Just copy everything. */
- ret->pkeys[i].authz_length =
- cert->pkeys[i].authz_length;
- ret->pkeys[i].authz =
- OPENSSL_malloc(ret->pkeys[i].authz_length);
- if (ret->pkeys[i].authz == NULL)
- {
- OPENSSL_PUT_ERROR(SSL, ssl_cert_dup, ERR_R_MALLOC_FAILURE);
- return NULL;
- }
- memcpy(ret->pkeys[i].authz,
- cert->pkeys[i].authz,
- cert->pkeys[i].authz_length);
- }
-#endif
}
ret->references=1;
@@ -456,13 +438,6 @@
sk_X509_pop_free(cpk->chain, X509_free);
cpk->chain = NULL;
}
-#ifndef OPENSSL_NO_TLSEXT
- if (cpk->authz)
- {
- OPENSSL_free(cpk->authz);
- cpk->authz = NULL;
- }
-#endif
/* Clear all flags apart from explicit sign */
cpk->valid_flags &= CERT_PKEY_EXPLICIT_SIGN;
}
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 09efe85..8ee09b9 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -2644,27 +2644,6 @@
return c->pkeys[idx].privatekey;
}
-#ifndef OPENSSL_NO_TLSEXT
-unsigned char *ssl_get_authz_data(SSL *s, size_t *authz_length)
- {
- CERT *c;
- int i;
-
- c = s->cert;
- i = ssl_get_server_cert_index(s);
-
- if (i == -1)
- return NULL;
-
- *authz_length = 0;
- if (c->pkeys[i].authz == NULL)
- return(NULL);
- *authz_length = c->pkeys[i].authz_length;
-
- return c->pkeys[i].authz;
- }
-#endif
-
void ssl_update_cache(SSL *s,int mode)
{
int i;
diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
index 17dc08b..8b99244 100644
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -516,15 +516,6 @@
const EVP_MD *digest;
/* Chain for this certificate */
STACK_OF(X509) *chain;
-#ifndef OPENSSL_NO_TLSEXT
- /* authz/authz_length contain authz data for this certificate. The data
- * is in wire format, specifically it's a series of records like:
- * uint8_t authz_type; // (RFC 5878, AuthzDataFormat)
- * uint16_t length;
- * uint8_t data[length]; */
- unsigned char *authz;
- size_t authz_length;
-#endif
/* Set if CERT_PKEY can be used with current SSL session: e.g.
* appropriate curve, signature algorithms etc. If zero it can't be
* used at all.
@@ -1026,9 +1017,6 @@
int ssl_undefined_void_function(void);
int ssl_undefined_const_function(const SSL *s);
CERT_PKEY *ssl_get_server_send_pkey(const SSL *s);
-#ifndef OPENSSL_NO_TLSEXT
-unsigned char *ssl_get_authz_data(SSL *s, size_t *authz_length);
-#endif
EVP_PKEY *ssl_get_sign_pkey(SSL *s,const SSL_CIPHER *c, const EVP_MD **pmd);
int ssl_cert_type(X509 *x,EVP_PKEY *pkey);
void ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher);
@@ -1289,11 +1277,6 @@
int ssl_prepare_clienthello_tlsext(SSL *s);
int ssl_prepare_serverhello_tlsext(SSL *s);
-/* server only */
-int tls1_send_server_supplemental_data(SSL *s);
-/* client only */
-int tls1_get_server_supplemental_data(SSL *s);
-
#ifdef OPENSSL_NO_SHA256
#define tlsext_tick_md EVP_sha1
#else
diff --git a/ssl/ssl_rsa.c b/ssl/ssl_rsa.c
index 4a6ed62..1b5b1d1 100644
--- a/ssl/ssl_rsa.c
+++ b/ssl/ssl_rsa.c
@@ -68,10 +68,6 @@
static int ssl_set_cert(CERT *c, X509 *x509);
static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey);
-#ifndef OPENSSL_NO_TLSEXT
-static int ssl_set_authz(CERT *c, unsigned char *authz,
- size_t authz_length);
-#endif
int SSL_use_certificate(SSL *ssl, X509 *x)
{
if (x == NULL)
@@ -803,228 +799,4 @@
if (in != NULL) BIO_free(in);
return(ret);
}
-#endif
-
-#ifndef OPENSSL_NO_TLSEXT
-/* authz_validate returns true iff authz is well formed, i.e. that it meets the
- * wire format as documented in the CERT_PKEY structure and that there are no
- * duplicate entries. */
-static char authz_validate(const unsigned char *authz, size_t length)
- {
- unsigned char types_seen_bitmap[32];
-
- if (!authz)
- return 1;
-
- memset(types_seen_bitmap, 0, sizeof(types_seen_bitmap));
-
- for (;;)
- {
- unsigned char type, byte, bit;
- unsigned short len;
-
- if (!length)
- return 1;
-
- type = *(authz++);
- length--;
-
- byte = type / 8;
- bit = type & 7;
- if (types_seen_bitmap[byte] & (1 << bit))
- return 0;
- types_seen_bitmap[byte] |= (1 << bit);
-
- if (length < 2)
- return 0;
- len = ((unsigned short) authz[0]) << 8 |
- ((unsigned short) authz[1]);
- authz += 2;
- length -= 2;
-
- if (length < len)
- return 0;
-
- authz += len;
- length -= len;
- }
- }
-
-static const unsigned char *authz_find_data(const unsigned char *authz,
- size_t authz_length,
- unsigned char data_type,
- size_t *data_length)
- {
- if (authz == NULL) return NULL;
- if (!authz_validate(authz, authz_length))
- {
- OPENSSL_PUT_ERROR(SSL, authz_find_data, SSL_R_INVALID_AUTHZ_DATA);
- return NULL;
- }
-
- for (;;)
- {
- unsigned char type;
- unsigned short len;
- if (!authz_length)
- return NULL;
-
- type = *(authz++);
- authz_length--;
-
- /* We've validated the authz data, so we don't have to
- * check again that we have enough bytes left. */
- len = ((unsigned short) authz[0]) << 8 |
- ((unsigned short) authz[1]);
- authz += 2;
- authz_length -= 2;
- if (type == data_type)
- {
- *data_length = len;
- return authz;
- }
- authz += len;
- authz_length -= len;
- }
- /* No match */
- return NULL;
- }
-
-static int ssl_set_authz(CERT *c, unsigned char *authz, size_t authz_length)
- {
- CERT_PKEY *current_key = c->key;
- if (current_key == NULL)
- return 0;
- if (!authz_validate(authz, authz_length))
- {
- OPENSSL_PUT_ERROR(SSL, ssl_set_authz, SSL_R_INVALID_AUTHZ_DATA);
- return(0);
- }
- current_key->authz = OPENSSL_realloc(current_key->authz, authz_length);
- if (current_key->authz == NULL)
- {
- OPENSSL_PUT_ERROR(SSL, ssl_set_authz, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- current_key->authz_length = authz_length;
- memcpy(current_key->authz, authz, authz_length);
- return 1;
- }
-
-int SSL_CTX_use_authz(SSL_CTX *ctx, unsigned char *authz,
- size_t authz_length)
- {
- if (authz == NULL)
- {
- OPENSSL_PUT_ERROR(SSL, SSL_CTX_use_authz, ERR_R_PASSED_NULL_PARAMETER);
- return 0;
- }
- if (!ssl_cert_inst(&ctx->cert))
- {
- OPENSSL_PUT_ERROR(SSL, SSL_CTX_use_authz, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- return ssl_set_authz(ctx->cert, authz, authz_length);
- }
-
-int SSL_use_authz(SSL *ssl, unsigned char *authz, size_t authz_length)
- {
- if (authz == NULL)
- {
- OPENSSL_PUT_ERROR(SSL, SSL_use_authz, ERR_R_PASSED_NULL_PARAMETER);
- return 0;
- }
- if (!ssl_cert_inst(&ssl->cert))
- {
- OPENSSL_PUT_ERROR(SSL, SSL_use_authz, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- return ssl_set_authz(ssl->cert, authz, authz_length);
- }
-
-const unsigned char *SSL_CTX_get_authz_data(SSL_CTX *ctx, unsigned char type,
- size_t *data_length)
- {
- CERT_PKEY *current_key;
-
- if (ctx->cert == NULL)
- return NULL;
- current_key = ctx->cert->key;
- if (current_key->authz == NULL)
- return NULL;
- return authz_find_data(current_key->authz,
- current_key->authz_length, type, data_length);
- }
-
-#ifndef OPENSSL_NO_STDIO
-/* read_authz returns a newly allocated buffer with authz data */
-static unsigned char *read_authz(const char *file, size_t *authz_length)
- {
- BIO *authz_in = NULL;
- unsigned char *authz = NULL;
- /* Allow authzs up to 64KB. */
- static const size_t authz_limit = 65536;
- size_t read_length;
- unsigned char *ret = NULL;
-
- authz_in = BIO_new(BIO_s_file());
- if (authz_in == NULL)
- {
- OPENSSL_PUT_ERROR(SSL, read_authz, ERR_R_BUF_LIB);
- goto end;
- }
-
- if (BIO_read_filename(authz_in,file) <= 0)
- {
- OPENSSL_PUT_ERROR(SSL, read_authz, ERR_R_SYS_LIB);
- goto end;
- }
-
- authz = OPENSSL_malloc(authz_limit);
- read_length = BIO_read(authz_in, authz, authz_limit);
- if (read_length == authz_limit || read_length <= 0)
- {
- OPENSSL_PUT_ERROR(SSL, read_authz, SSL_R_AUTHZ_DATA_TOO_LARGE);
- OPENSSL_free(authz);
- goto end;
- }
- *authz_length = read_length;
- ret = authz;
-end:
- if (authz_in != NULL) BIO_free(authz_in);
- return ret;
- }
-
-int SSL_CTX_use_authz_file(SSL_CTX *ctx, const char *file)
- {
- unsigned char *authz = NULL;
- size_t authz_length = 0;
- int ret;
-
- authz = read_authz(file, &authz_length);
- if (authz == NULL)
- return 0;
-
- ret = SSL_CTX_use_authz(ctx, authz, authz_length);
- /* SSL_CTX_use_authz makes a local copy of the authz. */
- OPENSSL_free(authz);
- return ret;
- }
-
-int SSL_use_authz_file(SSL *ssl, const char *file)
- {
- unsigned char *authz = NULL;
- size_t authz_length = 0;
- int ret;
-
- authz = read_authz(file, &authz_length);
- if (authz == NULL)
- return 0;
-
- ret = SSL_use_authz(ssl, authz, authz_length);
- /* SSL_use_authz makes a local copy of the authz. */
- OPENSSL_free(authz);
- return ret;
- }
#endif /* OPENSSL_NO_STDIO */
-#endif /* OPENSSL_NO_TLSEXT */
diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c
index 2fd57dc..0153ba7 100644
--- a/ssl/ssl_sess.c
+++ b/ssl/ssl_sess.c
@@ -761,8 +761,6 @@
ss->tlsext_ellipticcurvelist_length = 0;
if (ss->tlsext_ellipticcurvelist != NULL) OPENSSL_free(ss->tlsext_ellipticcurvelist);
#endif /* OPENSSL_NO_EC */
- if (ss->audit_proof != NULL) OPENSSL_free(ss->audit_proof);
- ss->audit_proof_length = 0;
#endif
#ifndef OPENSSL_NO_PSK
if (ss->psk_identity_hint != NULL)
@@ -869,15 +867,6 @@
return 1;
}
-#ifndef OPENSSL_NO_TLSEXT
-unsigned char *SSL_SESSION_get_tlsext_authz_server_audit_proof(SSL_SESSION *s, size_t *proof_length)
- {
- if (s->audit_proof != NULL)
- *proof_length = s->audit_proof_length;
- return s->audit_proof;
- }
-#endif
-
long SSL_CTX_set_timeout(SSL_CTX *s, long t)
{
long l;
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index fabb97b..43f2c3f 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -1229,19 +1229,6 @@
c->valid = 1;
}
-/* byte_compare is a compare function for qsort(3) that compares bytes. */
-static int byte_compare(const void *in_a, const void *in_b)
- {
- unsigned char a = *((const unsigned char*) in_a);
- unsigned char b = *((const unsigned char*) in_b);
-
- if (a > b)
- return 1;
- else if (a < b)
- return -1;
- return 0;
-}
-
/* header_len is the length of the ClientHello header written so far, used to
* compute padding. It does not include the record header. Pass 0 if no padding
* is to be done. */
@@ -1498,26 +1485,6 @@
ret += el;
}
- /* Add TLS extension Server_Authz_DataFormats to the ClientHello */
- /* 2 bytes for extension type */
- /* 2 bytes for extension length */
- /* 1 byte for the list length */
- /* 1 byte for the list (we only support audit proofs) */
- if (s->ctx->tlsext_authz_server_audit_proof_cb != NULL)
- {
- const unsigned short ext_len = 2;
- const unsigned char list_len = 1;
-
- if (limit < ret + 6)
- return NULL;
-
- s2n(TLSEXT_TYPE_server_authz, ret);
- /* Extension length: 2 bytes */
- s2n(ext_len, ret);
- *(ret++) = list_len;
- *(ret++) = TLSEXT_AUTHZDATAFORMAT_audit_proof;
- }
-
#ifndef OPENSSL_NO_EC
if (using_ecc)
{
@@ -1743,79 +1710,6 @@
}
#endif
- /* If the client supports authz then see whether we have any to offer
- * to it. */
- if (s->s3->tlsext_authz_client_types_len)
- {
- size_t authz_length;
- /* By now we already know the new cipher, so we can look ahead
- * to see whether the cert we are going to send
- * has any authz data attached to it. */
- const unsigned char* authz = ssl_get_authz_data(s, &authz_length);
- const unsigned char* const orig_authz = authz;
- size_t i;
- unsigned authz_count = 0;
-
- /* The authz data contains a number of the following structures:
- * uint8_t authz_type
- * uint16_t length
- * uint8_t data[length]
- *
- * First we walk over it to find the number of authz elements. */
- for (i = 0; i < authz_length; i++)
- {
- unsigned short length;
- unsigned char type;
-
- type = *(authz++);
- if (memchr(s->s3->tlsext_authz_client_types,
- type,
- s->s3->tlsext_authz_client_types_len) != NULL)
- authz_count++;
-
- n2s(authz, length);
- /* n2s increments authz by 2 */
- i += 2;
- authz += length;
- i += length;
- }
-
- if (authz_count)
- {
- /* Add TLS extension server_authz to the ServerHello message
- * 2 bytes for extension type
- * 2 bytes for extension length
- * 1 byte for the list length
- * n bytes for the list */
- const unsigned short ext_len = 1 + authz_count;
-
- if ((long)(limit - ret - 4 - ext_len) < 0) return NULL;
- s2n(TLSEXT_TYPE_server_authz, ret);
- s2n(ext_len, ret);
- *(ret++) = authz_count;
- s->s3->tlsext_authz_promised_to_client = 1;
- }
-
- authz = orig_authz;
- for (i = 0; i < authz_length; i++)
- {
- unsigned short length;
- unsigned char type;
-
- authz_count++;
- type = *(authz++);
- if (memchr(s->s3->tlsext_authz_client_types,
- type,
- s->s3->tlsext_authz_client_types_len) != NULL)
- *(ret++) = type;
- n2s(authz, length);
- /* n2s increments authz by 2 */
- i += 2;
- authz += length;
- i += length;
- }
- }
-
if (s->s3->alpn_selected)
{
const uint8_t *selected = s->s3->alpn_selected;
@@ -2466,65 +2360,6 @@
return 0;
}
- else if (type == TLSEXT_TYPE_server_authz)
- {
- unsigned char *sdata = data;
- unsigned char server_authz_dataformatlist_length;
-
- if (size == 0)
- {
- *al = TLS1_AD_DECODE_ERROR;
- return 0;
- }
-
- server_authz_dataformatlist_length = *(sdata++);
-
- if (server_authz_dataformatlist_length != size - 1)
- {
- *al = TLS1_AD_DECODE_ERROR;
- return 0;
- }
-
- /* Successful session resumption uses the same authz
- * information as the original session so we ignore this
- * in the case of a session resumption. */
- if (!s->hit)
- {
- if (s->s3->tlsext_authz_client_types != NULL)
- OPENSSL_free(s->s3->tlsext_authz_client_types);
- s->s3->tlsext_authz_client_types =
- OPENSSL_malloc(server_authz_dataformatlist_length);
- if (!s->s3->tlsext_authz_client_types)
- {
- *al = TLS1_AD_INTERNAL_ERROR;
- return 0;
- }
-
- s->s3->tlsext_authz_client_types_len =
- server_authz_dataformatlist_length;
- memcpy(s->s3->tlsext_authz_client_types,
- sdata,
- server_authz_dataformatlist_length);
-
- /* Sort the types in order to check for duplicates. */
- qsort(s->s3->tlsext_authz_client_types,
- server_authz_dataformatlist_length,
- 1 /* element size */,
- byte_compare);
-
- for (i = 0; i < server_authz_dataformatlist_length; i++)
- {
- if (i > 0 &&
- s->s3->tlsext_authz_client_types[i] ==
- s->s3->tlsext_authz_client_types[i-1])
- {
- *al = TLS1_AD_DECODE_ERROR;
- return 0;
- }
- }
- }
- }
-
data+=size;
}
@@ -2805,40 +2640,6 @@
if (!ssl_parse_serverhello_use_srtp_ext(s, &extension, out_alert))
return 0;
}
-
- else if (type == TLSEXT_TYPE_server_authz)
- {
- /* We only support audit proofs. It's an error to send
- * an authz hello extension if the client
- * didn't request a proof. */
- CBS authz_data_formats;
- uint8_t authz_data_format;
-
- if (!s->ctx->tlsext_authz_server_audit_proof_cb)
- {
- *out_alert = SSL_AD_UNSUPPORTED_EXTENSION;
- return 0;
- }
-
- if (!CBS_get_u8_length_prefixed(&extension, &authz_data_formats) ||
- CBS_len(&extension) != 0)
- {
- *out_alert = SSL_AD_DECODE_ERROR;
- return 0;
- }
-
- /* We only support audit proofs, so a legal ServerHello
- * authz list contains exactly one entry. */
- if (!CBS_get_u8(&authz_data_formats, &authz_data_format) ||
- CBS_len(&authz_data_formats) != 0 ||
- authz_data_format != TLSEXT_AUTHZDATAFORMAT_audit_proof)
- {
- *out_alert = SSL_AD_UNSUPPORTED_EXTENSION;
- return 0;
- }
-
- s->s3->tlsext_authz_server_promised = 1;
- }
}
if (!s->hit && tlsext_servername == 1)
diff --git a/ssl/tls1.h b/ssl/tls1.h
index 8cdcf91..c26a05a 100644
--- a/ssl/tls1.h
+++ b/ssl/tls1.h
@@ -301,14 +301,6 @@
#define TLSEXT_MAXLEN_host_name 255
-/* From RFC 5878 */
-#define TLSEXT_SUPPLEMENTALDATATYPE_authz_data 16386
-/* This is not IANA assigned. See
- * https://www.iana.org/assignments/tls-parameters/tls-parameters.xml#authorization-data-rules */
-#define TLSEXT_AUTHZDATAFORMAT_audit_proof 182
-
-#define TLSEXT_MAXLEN_supplemental_data 1024*16 /* Let's limit to 16k */
-
const char *SSL_get_servername(const SSL *s, const int type);
int SSL_get_servername_type(const SSL *s);
/* SSL_export_keying_material exports a value derived from the master secret,
@@ -387,13 +379,6 @@
#define SSL_CTX_set_tlsext_ticket_key_cb(ssl, cb) \
SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
-/* Used by clients to process audit proofs. */
-#define SSL_CTX_set_tlsext_authz_server_audit_proof_cb(ctx, cb) \
-SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TLSEXT_AUTHZ_SERVER_AUDIT_PROOF_CB,(void (*)(void))cb)
-
-#define SSL_CTX_set_tlsext_authz_server_audit_proof_cb_arg(ctx, arg) \
-SSL_CTX_ctrl(ctx, SSL_CTRL_SET_TLSEXT_AUTHZ_SERVER_AUDIT_PROOF_CB_ARG, 0, arg);
-
#endif /* OPENSSL_NO_TLSEXT */
/* PSK ciphersuites from 4279 */
