char *a;
int n, i, i2, l, o, min_l = 11, strict = 0, end = 6, btz = 5, md;
struct tm tmp;
-
+#if defined(CHARSET_EBCDIC)
+ const char upper_z = 0x5A, num_zero = 0x30, period = 0x2E, minus = 0x2D, plus = 0x2B;
+#else
+ const char upper_z = 'Z', num_zero = '0', period = '.', minus = '-', plus = '+';
+#endif
/*
* ASN1_STRING_FLAG_X509_TIME is used to enforce RFC 5280
* time string format, in which:
if (l < min_l)
goto err;
for (i = 0; i < end; i++) {
- if (!strict && (i == btz) && ((a[o] == 'Z') || (a[o] == '+') || (a[o] == '-'))) {
+ if (!strict && (i == btz) && ((a[o] == upper_z) || (a[o] == plus) || (a[o] == minus))) {
i++;
break;
}
- if (!ossl_isdigit(a[o]))
+ if (!ascii_isdigit(a[o]))
goto err;
- n = a[o] - '0';
+ n = a[o] - num_zero;
/* incomplete 2-digital number */
if (++o == l)
goto err;
- if (!ossl_isdigit(a[o]))
+ if (!ascii_isdigit(a[o]))
goto err;
- n = (n * 10) + a[o] - '0';
+ n = (n * 10) + a[o] - num_zero;
/* no more bytes to read, but we haven't seen time-zone yet */
if (++o == l)
goto err;
* Optional fractional seconds: decimal point followed by one or more
* digits.
*/
- if (d->type == V_ASN1_GENERALIZEDTIME && a[o] == '.') {
+ if (d->type == V_ASN1_GENERALIZEDTIME && a[o] == period) {
if (strict)
/* RFC 5280 forbids fractional seconds */
goto err;
if (++o == l)
goto err;
i = o;
- while ((o < l) && ossl_isdigit(a[o]))
+ while ((o < l) && ascii_isdigit(a[o]))
o++;
/* Must have at least one digit after decimal point */
if (i == o)
* 'o' can point to '\0' is either the subsequent if or the first
* else if is true.
*/
- if (a[o] == 'Z') {
+ if (a[o] == upper_z) {
o++;
- } else if (!strict && ((a[o] == '+') || (a[o] == '-'))) {
- int offsign = a[o] == '-' ? 1 : -1;
+ } else if (!strict && ((a[o] == plus) || (a[o] == minus))) {
+ int offsign = a[o] == minus ? 1 : -1;
int offset = 0;
o++;
if (o + 4 != l)
goto err;
for (i = end; i < end + 2; i++) {
- if (!ossl_isdigit(a[o]))
+ if (!ascii_isdigit(a[o]))
goto err;
- n = a[o] - '0';
+ n = a[o] - num_zero;
o++;
- if (!ossl_isdigit(a[o]))
+ if (!ascii_isdigit(a[o]))
goto err;
- n = (n * 10) + a[o] - '0';
+ n = (n * 10) + a[o] - num_zero;
i2 = (d->type == V_ASN1_UTCTIME) ? i + 1 : i;
if ((n < min[i2]) || (n > max[i2]))
goto err;
ts->tm_mday, ts->tm_hour, ts->tm_min,
ts->tm_sec);
-#ifdef CHARSET_EBCDIC_not
+#ifdef CHARSET_EBCDIC
ebcdic2ascii(tmps->data, tmps->data, tmps->length);
#endif
return tmps;
char *v;
int gmt = 0, l;
struct tm stm;
+ const char upper_z = 0x5A, period = 0x2E;
if (!asn1_time_to_tm(&stm, tm)) {
/* asn1_time_to_tm will check the time type */
l = tm->length;
v = (char *)tm->data;
- if (v[l - 1] == 'Z')
+ if (v[l - 1] == upper_z)
gmt = 1;
if (tm->type == V_ASN1_GENERALIZEDTIME) {
* Try to parse fractional seconds. '14' is the place of
* 'fraction point' in a GeneralizedTime string.
*/
- if (tm->length > 15 && v[14] == '.') {
+ if (tm->length > 15 && v[14] == period) {
f = &v[14];
f_len = 1;
- while (14 + f_len < l && ossl_isdigit(f[f_len]))
+ while (14 + f_len < l && ascii_isdigit(f[f_len]))
++f_len;
}
{
return ossl_islower(c) ? c ^ case_change : c;
}
+
+int ascii_isdigit(const char inchar) {
+ if (inchar > 0x2F && inchar < 0x3A)
+ return 1;
+ return 0;
+}
int ossl_tolower(int c);
int ossl_toupper(int c);
+int ascii_isdigit(const char inchar);
+
# define ossl_isalnum(c) (ossl_ctype_check((c), CTYPE_MASK_alnum))
# define ossl_isalpha(c) (ossl_ctype_check((c), CTYPE_MASK_alpha))
# ifdef CHARSET_EBCDIC
# define DRBG_MAX_LENGTH INT32_MAX
/* The default nonce */
+#ifdef CHARSET_EBCDIC
+# define DRBG_DEFAULT_PERS_STRING { 0x4f, 0x70, 0x65, 0x6e, 0x53, 0x53, \
+ 0x4c, 0x20, 0x4e, 0x49, 0x53, 0x54, 0x20, 0x53, 0x50, 0x20, 0x38, 0x30, \
+ 0x30, 0x2d, 0x39, 0x30, 0x41, 0x20, 0x44, 0x52, 0x42, 0x47, 0x00};
+#else
# define DRBG_DEFAULT_PERS_STRING "OpenSSL NIST SP 800-90A DRBG"
+#endif
/*
* Maximum allocation size for RANDOM_POOL buffers
static const size_t generalizedtime_length = sizeof("YYYYMMDDHHMMSSZ") - 1;
ASN1_TIME *asn1_cmp_time = NULL;
int i, day, sec, ret = 0;
-
+#ifdef CHARSET_EBCDIC
+ const char upper_z = 0x5A;
+#else
+ const char upper_z = 'Z';
+#endif
/*
* Note that ASN.1 allows much more slack in the time format than RFC5280.
* In RFC5280, the representation is fixed:
* Digit and date ranges will be verified in the conversion methods.
*/
for (i = 0; i < ctm->length - 1; i++) {
- if (!ossl_isdigit(ctm->data[i]))
+ if (!ascii_isdigit(ctm->data[i]))
return 0;
}
- if (ctm->data[ctm->length - 1] != 'Z')
+ if (ctm->data[ctm->length - 1] != upper_z)
return 0;
/*
unsigned char hash[EVP_MAX_MD_SIZE], binderkey[EVP_MAX_MD_SIZE];
unsigned char finishedkey[EVP_MAX_MD_SIZE], tmpbinder[EVP_MAX_MD_SIZE];
unsigned char *early_secret;
+#ifdef CHARSET_EBCDIC
+ static const unsigned char resumption_label[] = { 0x72, 0x65, 0x64, 0x20, 0x62, 0x69, 0x6E, 0x64, 0x65, 0x72, 0x00 };
+ static const unsigned char external_label[] = { 0x65, 0x78, 0x74, 0x20, 0x62, 0x69, 0x6E, 0x64, 0x65, 0x72, 0x00 };
+#else
static const unsigned char resumption_label[] = "res binder";
static const unsigned char external_label[] = "ext binder";
+#endif
const unsigned char *label;
size_t bindersize, labelsize, hashsize;
int hashsizei = EVP_MD_size(md);
static int get_cert_verify_tbs_data(SSL *s, unsigned char *tls13tbs,
void **hdata, size_t *hdatalen)
{
+#ifdef CHARSET_EBCDIC
+ static const char *servercontext = { 0x54, 0x4c, 0x53, 0x20, 0x31, 0x2e,
+ 0x33, 0x2c, 0x20, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x20, 0x43, 0x65,
+ 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x56, 0x65, 0x72,
+ 0x69, 0x66, 0x79, 0x00 };
+ static const char *clientcontext = { 0x54, 0x4c, 0x53, 0x20, 0x31, 0x2e,
+ 0x33, 0x2c, 0x20, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x20, 0x43, 0x65,
+ 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x56, 0x65, 0x72,
+ 0x69, 0x66, 0x79, 0x00 };
+#else
static const char *servercontext = "TLS 1.3, server CertificateVerify";
static const char *clientcontext = "TLS 1.3, client CertificateVerify";
-
+#endif
if (SSL_IS_TLS13(s)) {
size_t hashlen;
const unsigned char *data, size_t datalen,
unsigned char *out, size_t outlen, int fatal)
{
+#ifdef CHARSET_EBCDIC
+ static const unsigned char label_prefix[] = { 0x74, 0x6C, 0x73, 0x31, 0x33, 0x20, 0x00 };
+#else
static const unsigned char label_prefix[] = "tls13 ";
+#endif
EVP_KDF_CTX *kctx = EVP_KDF_CTX_new_id(EVP_PKEY_HKDF);
int ret;
size_t hkdflabellen;
int tls13_derive_key(SSL *s, const EVP_MD *md, const unsigned char *secret,
unsigned char *key, size_t keylen)
{
- static const unsigned char keylabel[] = "key";
+#ifdef CHARSET_EBCDIC
+ static const unsigned char keylabel[] ={ 0x6B, 0x65, 0x79, 0x00 };
+#else
+ static const unsigned char keylabel[] = "key";
+#endif
return tls13_hkdf_expand(s, md, secret, keylabel, sizeof(keylabel) - 1,
NULL, 0, key, keylen, 1);
int tls13_derive_iv(SSL *s, const EVP_MD *md, const unsigned char *secret,
unsigned char *iv, size_t ivlen)
{
- static const unsigned char ivlabel[] = "iv";
+#ifdef CHARSET_EBCDIC
+ static const unsigned char ivlabel[] = { 0x69, 0x76, 0x00 };
+#else
+ static const unsigned char ivlabel[] = "iv";
+#endif
return tls13_hkdf_expand(s, md, secret, ivlabel, sizeof(ivlabel) - 1,
NULL, 0, iv, ivlen, 1);
const unsigned char *secret,
unsigned char *fin, size_t finlen)
{
- static const unsigned char finishedlabel[] = "finished";
+#ifdef CHARSET_EBCDIC
+ static const unsigned char finishedlabel[] = { 0x66, 0x69, 0x6E, 0x69, 0x73, 0x68, 0x65, 0x64, 0x00 };
+#else
+ static const unsigned char finishedlabel[] = "finished";
+#endif
return tls13_hkdf_expand(s, md, secret, finishedlabel,
sizeof(finishedlabel) - 1, NULL, 0, fin, finlen, 1);
int mdleni;
int ret;
EVP_KDF_CTX *kctx = EVP_KDF_CTX_new_id(EVP_PKEY_HKDF);
+#ifdef CHARSET_EBCDIC
+ static const char derived_secret_label[] = { 0x64, 0x65, 0x72, 0x69, 0x76, 0x65, 0x64, 0x00 };
+#else
static const char derived_secret_label[] = "derived";
+#endif
unsigned char preextractsec[EVP_MAX_MD_SIZE];
if (kctx == NULL) {
int tls13_change_cipher_state(SSL *s, int which)
{
+#ifdef CHARSET_EBCDIC
+ static const unsigned char client_early_traffic[] = {0x63, 0x20, 0x65, 0x20, /*traffic*/0x74, 0x72, 0x61, 0x66, 0x66, 0x69, 0x63, 0x00};
+ static const unsigned char client_handshake_traffic[] = {0x63, 0x20, 0x68, 0x73, 0x20, /*traffic*/0x74, 0x72, 0x61, 0x66, 0x66, 0x69, 0x63, 0x00};
+ static const unsigned char client_application_traffic[] = {0x63, 0x20, 0x61, 0x70, 0x20, /*traffic*/0x74, 0x72, 0x61, 0x66, 0x66, 0x69, 0x63, 0x00};
+ static const unsigned char server_handshake_traffic[] = {0x73, 0x20, 0x68, 0x73, 0x20, /*traffic*/0x74, 0x72, 0x61, 0x66, 0x66, 0x69, 0x63, 0x00};
+ static const unsigned char server_application_traffic[] = {0x73, 0x20, 0x61, 0x70, 0x20, /*traffic*/0x74, 0x72, 0x61, 0x66, 0x66, 0x69, 0x63, 0x00};
+ static const unsigned char exporter_master_secret[] = {0x65, 0x78, 0x70, 0x20, /* master*/ 0x6D, 0x61, 0x73, 0x74, 0x65, 0x72, 0x00};
+ static const unsigned char resumption_master_secret[] = {0x72, 0x65, 0x73, 0x20, /* master*/ 0x6D, 0x61, 0x73, 0x74, 0x65, 0x72, 0x00};
+ static const unsigned char early_exporter_master_secret[] = {0x65, 0x20, 0x65, 0x78, 0x70, 0x20, /* master*/ 0x6D, 0x61, 0x73, 0x74, 0x65, 0x72, 0x00};
+#else
static const unsigned char client_early_traffic[] = "c e traffic";
static const unsigned char client_handshake_traffic[] = "c hs traffic";
static const unsigned char client_application_traffic[] = "c ap traffic";
static const unsigned char exporter_master_secret[] = "exp master";
static const unsigned char resumption_master_secret[] = "res master";
static const unsigned char early_exporter_master_secret[] = "e exp master";
+#endif
unsigned char *iv;
unsigned char secret[EVP_MAX_MD_SIZE];
unsigned char hashval[EVP_MAX_MD_SIZE];
int tls13_update_key(SSL *s, int sending)
{
- static const unsigned char application_traffic[] = "traffic upd";
+#ifdef CHARSET_EBCDIC
+ static const unsigned char application_traffic[] = { 0x74, 0x72 ,0x61 ,0x66 ,0x66 ,0x69 ,0x63 ,0x20 ,0x75 ,0x70 ,0x64, 0x00};
+#else
+ static const unsigned char application_traffic[] = "traffic upd";
+#endif
const EVP_MD *md = ssl_handshake_md(s);
size_t hashlen = EVP_MD_size(md);
unsigned char *insecret, *iv;
size_t contextlen, int use_context)
{
unsigned char exportsecret[EVP_MAX_MD_SIZE];
+#ifdef CHARSET_EBCDIC
+ static const unsigned char exporterlabel[] = {0x65, 0x78, 0x70, 0x6F, 0x72, 0x74, 0x65, 0x72, 0x00};
+#else
static const unsigned char exporterlabel[] = "exporter";
+#endif
unsigned char hash[EVP_MAX_MD_SIZE], data[EVP_MAX_MD_SIZE];
const EVP_MD *md = ssl_handshake_md(s);
EVP_MD_CTX *ctx = EVP_MD_CTX_new();
const unsigned char *context,
size_t contextlen)
{
- static const unsigned char exporterlabel[] = "exporter";
+#ifdef CHARSET_EBCDIC
+ static const unsigned char exporterlabel[] = {0x65, 0x78, 0x70, 0x6F, 0x72, 0x74, 0x65, 0x72, 0x00};
+#else
+ static const unsigned char exporterlabel[] = "exporter";
+#endif
unsigned char exportsecret[EVP_MAX_MD_SIZE];
unsigned char hash[EVP_MAX_MD_SIZE], data[EVP_MAX_MD_SIZE];
const EVP_MD *md;
projects / oweals / openssl.git / commitdiff