Coverage Report

Created: 2026-04-22 06:14

next uncovered line (L), next uncovered region (R), next uncovered branch (B)
/src/openssl/ssl/tls_depr.c
Line
Count
Source
1
/*
2
 * Copyright 2020-2025 The OpenSSL Project Authors. All Rights Reserved.
3
 *
4
 * Licensed under the Apache License 2.0 (the "License").  You may not use
5
 * this file except in compliance with the License.  You can obtain a copy
6
 * in the file LICENSE in the source distribution or at
7
 * https://www.openssl.org/source/license.html
8
 */
9
10
/* We need to use some HMAC deprecated APIs */
11
#define OPENSSL_SUPPRESS_DEPRECATED
12
13
#include "ssl_local.h"
14
#include "internal/ssl_unwrap.h"
15
16
/*
17
 * The HMAC APIs below are only used to support the deprecated public API
18
 * macro SSL_CTX_set_tlsext_ticket_key_cb(). The application supplied callback
19
 * takes an HMAC_CTX in its argument list. The preferred alternative is
20
 * SSL_CTX_set_tlsext_ticket_key_evp_cb(). Once
21
 * SSL_CTX_set_tlsext_ticket_key_cb() is removed, then all of this code can also
22
 * be removed.
23
 */
24
#ifndef OPENSSL_NO_DEPRECATED_3_0
25
SSL_HMAC *ssl_hmac_old_construct(SSL_HMAC *ret)
26
0
{
27
0
    ret->old_ctx = HMAC_CTX_new();
28
0
    return ret->old_ctx != NULL ? ret : NULL;
29
0
}
30
31
void ssl_hmac_old_destruct(SSL_HMAC *ctx)
32
0
{
33
0
    HMAC_CTX_free(ctx->old_ctx);
34
0
}
35
36
int ssl_hmac_old_init(SSL_HMAC *ctx, void *key, size_t len, char *md)
37
0
{
38
0
    return HMAC_Init_ex(ctx->old_ctx, key, (int)len, EVP_get_digestbyname(md), NULL);
39
0
}
40
41
int ssl_hmac_old_update(SSL_HMAC *ctx, const unsigned char *data, size_t len)
42
0
{
43
0
    return HMAC_Update(ctx->old_ctx, data, len);
44
0
}
45
46
int ssl_hmac_old_final(SSL_HMAC *ctx, unsigned char *md, size_t *len)
47
0
{
48
0
    unsigned int l;
49
50
0
    if (HMAC_Final(ctx->old_ctx, md, &l) > 0) {
51
0
        if (len != NULL)
52
0
            *len = l;
53
0
        return 1;
54
0
    }
55
56
0
    return 0;
57
0
}
58
59
size_t ssl_hmac_old_size(const SSL_HMAC *ctx)
60
0
{
61
0
    return HMAC_size(ctx->old_ctx);
62
0
}
63
64
HMAC_CTX *ssl_hmac_get0_HMAC_CTX(SSL_HMAC *ctx)
65
0
{
66
0
    return ctx->old_ctx;
67
0
}
68
69
/* Some deprecated public APIs pass DH objects */
70
EVP_PKEY *ssl_dh_to_pkey(DH *dh)
71
0
{
72
0
#ifndef OPENSSL_NO_DH
73
0
    EVP_PKEY *ret;
74
75
0
    if (dh == NULL)
76
0
        return NULL;
77
0
    ret = EVP_PKEY_new();
78
0
    if (EVP_PKEY_set1_DH(ret, dh) <= 0) {
79
0
        EVP_PKEY_free(ret);
80
0
        return NULL;
81
0
    }
82
0
    return ret;
83
#else
84
    return NULL;
85
#endif
86
0
}
87
88
/* Some deprecated public APIs pass EC_KEY objects */
89
int ssl_set_tmp_ecdh_groups(uint16_t **pext, size_t *pextlen,
90
    uint16_t **ksext, size_t *ksextlen,
91
    size_t **tplext, size_t *tplextlen,
92
    void *key)
93
0
{
94
0
#ifndef OPENSSL_NO_EC
95
0
    const EC_GROUP *group = EC_KEY_get0_group((const EC_KEY *)key);
96
0
    int nid;
97
98
0
    if (group == NULL) {
99
0
        ERR_raise(ERR_LIB_SSL, SSL_R_MISSING_PARAMETERS);
100
0
        return 0;
101
0
    }
102
0
    nid = EC_GROUP_get_curve_name(group);
103
0
    if (nid == NID_undef)
104
0
        return 0;
105
0
    return tls1_set_groups(pext, pextlen,
106
0
        ksext, ksextlen,
107
0
        tplext, tplextlen,
108
0
        &nid, 1);
109
#else
110
    return 0;
111
#endif
112
0
}
113
114
/*
115
 * Set the callback for generating temporary DH keys.
116
 * ctx: the SSL context.
117
 * dh: the callback
118
 */
119
#if !defined(OPENSSL_NO_DH)
120
void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,
121
    DH *(*dh)(SSL *ssl, int is_export,
122
        int keylength))
123
0
{
124
0
    SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TMP_DH_CB, (void (*)(void))dh);
125
0
}
126
127
void SSL_set_tmp_dh_callback(SSL *ssl, DH *(*dh)(SSL *ssl, int is_export, int keylength))
128
0
{
129
0
    SSL_callback_ctrl(ssl, SSL_CTRL_SET_TMP_DH_CB, (void (*)(void))dh);
130
0
}
131
#endif
132
#endif /* OPENSSL_NO_DEPRECATED */