Consolidate TLSv1.3 constants.

Move all of the TLSv1.3 constants to the top of tls13_lib.c. Also mark
these all as const so that they end up in .rodata rather than .data.

ok tb@

3 files changed, 47 insertions, 40 deletions

diff --git a/src/lib/libssl/tls13_client.c b/src/lib/libssl/tls13_client.c
index 5cd588875e..0da08f62c3 100644
--- a/src/lib/libssl/tls13_client.c
+++ b/src/lib/libssl/tls13_client.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_client.c,v 1.49 2020/04/17 17:16:53 jsing Exp $ */
+/* $OpenBSD: tls13_client.c,v 1.50 2020/04/21 16:55:17 jsing Exp $ */
 /*
  * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
  *
@@ -251,16 +251,6 @@ tls13_client_hello_sent(struct tls13_ctx *ctx)
         return 1;
 }
 
-/*
- * HelloRetryRequest hash - RFC 8446 section 4.1.3.
- */
-static const uint8_t tls13_hello_retry_request_hash[] = {
-        0xcf, 0x21, 0xad, 0x74, 0xe5, 0x9a, 0x61, 0x11,
-        0xbe, 0x1d, 0x8c, 0x02, 0x1e, 0x65, 0xb8, 0x91,
-        0xc2, 0xa2, 0x11, 0x16, 0x7a, 0xbb, 0x8c, 0x5e,
-        0x07, 0x9e, 0x09, 0xe2, 0xc8, 0xa8, 0x33, 0x9c,
-};
-
 static int
 tls13_server_hello_is_legacy(CBS *cbs)
 {
diff --git a/src/lib/libssl/tls13_internal.h b/src/lib/libssl/tls13_internal.h
index 6f5f5197d0..c5b893bc16 100644
--- a/src/lib/libssl/tls13_internal.h
+++ b/src/lib/libssl/tls13_internal.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_internal.h,v 1.63 2020/04/18 14:07:56 jsing Exp $ */
+/* $OpenBSD: tls13_internal.h,v 1.64 2020/04/21 16:55:17 jsing Exp $ */
 /*
  * Copyright (c) 2018 Bob Beck <beck@openbsd.org>
  * Copyright (c) 2018 Theo Buehler <tb@openbsd.org>
@@ -339,11 +339,12 @@ int tls13_error_setx(struct tls13_error *error, int code, int subcode,
         tls13_error_setx(&(ctx)->error, (code), (subcode), __FILE__, __LINE__, \
             (fmt), __VA_ARGS__)
 
-extern uint8_t tls13_downgrade_12[8];
-extern uint8_t tls13_downgrade_11[8];
-extern uint8_t tls13_cert_verify_pad[64];
-extern uint8_t tls13_cert_client_verify_context[];
-extern uint8_t tls13_cert_server_verify_context[];
+extern const uint8_t tls13_downgrade_12[8];
+extern const uint8_t tls13_downgrade_11[8];
+extern const uint8_t tls13_hello_retry_request_hash[32];
+extern const uint8_t tls13_cert_verify_pad[64];
+extern const uint8_t tls13_cert_client_verify_context[];
+extern const uint8_t tls13_cert_server_verify_context[];
 
 __END_HIDDEN_DECLS
 
diff --git a/src/lib/libssl/tls13_lib.c b/src/lib/libssl/tls13_lib.c
index bdf547c8d9..044a0c5634 100644
--- a/src/lib/libssl/tls13_lib.c
+++ b/src/lib/libssl/tls13_lib.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: tls13_lib.c,v 1.34 2020/02/15 14:40:38 jsing Exp $ */
+/*      $OpenBSD: tls13_lib.c,v 1.35 2020/04/21 16:55:17 jsing Exp $ */
 /*
  * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
  * Copyright (c) 2019 Bob Beck <beck@openbsd.org>
@@ -24,12 +24,45 @@
 #include "tls13_internal.h"
 
 /*
- * RFC 8446 section 4.1.3, magic values which must be set by the
- * server in server random if it is willing to downgrade but supports
- * tls v1.3
+ * Downgrade sentinels - RFC 8446 section 4.1.3, magic values which must be set
+ * by the server in server random if it is willing to downgrade but supports
+ * TLSv1.3
  */
-uint8_t tls13_downgrade_12[8] = {0x44, 0x4f, 0x57, 0x4e, 0x47, 0x52, 0x44, 0x01};
-uint8_t tls13_downgrade_11[8] = {0x44, 0x4f, 0x57, 0x4e, 0x47, 0x52, 0x44, 0x00};
+const uint8_t tls13_downgrade_12[8] = {
+        0x44, 0x4f, 0x57, 0x4e, 0x47, 0x52, 0x44, 0x01,
+};
+const uint8_t tls13_downgrade_11[8] = {
+        0x44, 0x4f, 0x57, 0x4e, 0x47, 0x52, 0x44, 0x00,
+};
+
+/*
+ * HelloRetryRequest hash - RFC 8446 section 4.1.3.
+ */
+const uint8_t tls13_hello_retry_request_hash[32] = {
+        0xcf, 0x21, 0xad, 0x74, 0xe5, 0x9a, 0x61, 0x11,
+        0xbe, 0x1d, 0x8c, 0x02, 0x1e, 0x65, 0xb8, 0x91,
+        0xc2, 0xa2, 0x11, 0x16, 0x7a, 0xbb, 0x8c, 0x5e,
+        0x07, 0x9e, 0x09, 0xe2, 0xc8, 0xa8, 0x33, 0x9c,
+};
+
+/*
+ * Certificate Verify padding - RFC 8446 section 4.4.3.
+ */
+const uint8_t tls13_cert_verify_pad[64] = {
+        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
+        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
+        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
+        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
+        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
+        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
+        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
+        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
+};
+
+const uint8_t tls13_cert_client_verify_context[] =
+    "TLS 1.3, client CertificateVerify";
+const uint8_t tls13_cert_server_verify_context[] =
+    "TLS 1.3, server CertificateVerify";
 
 const EVP_AEAD *
 tls13_cipher_aead(const SSL_CIPHER *cipher)
@@ -311,23 +344,6 @@ tls13_ctx_free(struct tls13_ctx *ctx)
         freezero(ctx, sizeof(struct tls13_ctx));
 }
 
-/*
- * Certificate Verify padding - RFC 8446 section 4.4.3.
- */
-uint8_t tls13_cert_verify_pad[64] = {
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-};
-
-uint8_t tls13_cert_client_verify_context[] = "TLS 1.3, client CertificateVerify";
-uint8_t tls13_cert_server_verify_context[] = "TLS 1.3, server CertificateVerify";
-
 int
 tls13_cert_add(CBB *cbb, X509 *cert)
 {