Rename tls13_client_synthetic_handshake_message() and move to tls13_lib.c.

The server-side will need to use the same function. No functional change. ok inoguchi@ tb@
author: jsing <> 2020-04-28 20:30:41 +0000
committer: jsing <> 2020-04-28 20:30:41 +0000
commit: ceb4dab60b6d8724db6522bd50acb817a2ae5f69 (patch)
tree: 048ea72780d56f4f5548f1cffa09cf4ae89fc001
parent: 4a19347a39f2ec104b08860f36a51ec5f835e1f4 (diff)
download: openbsd-ceb4dab60b6d8724db6522bd50acb817a2ae5f69.tar.gz
openbsd-ceb4dab60b6d8724db6522bd50acb817a2ae5f69.tar.bz2
openbsd-ceb4dab60b6d8724db6522bd50acb817a2ae5f69.zip
3 files changed, 48 insertions, 47 deletions
diff --git a/src/lib/libssl/tls13_client.c b/src/lib/libssl/tls13_client.c
index 70a33b7131..5bd7681f19 100644
--- a/src/lib/libssl/tls13_client.c
+++ b/src/lib/libssl/tls13_client.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_client.c,v 1.52 2020/04/27 20:15:17 jsing Exp $ */
+/* $OpenBSD: tls13_client.c,v 1.53 2020/04/28 20:30:40 jsing Exp $ */
 /*
 * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
 *
@@ -424,49 +424,6 @@ tls13_server_hello_process(struct tls13_ctx *ctx, CBS *cbs)
 }
 static int
-tls13_client_synthetic_handshake_message(struct tls13_ctx *ctx)
-{
-        struct tls13_handshake_msg *hm = NULL;
-        unsigned char buf[EVP_MAX_MD_SIZE];
-        size_t hash_len;
-        CBB cbb;
-        CBS cbs;
-        SSL *s = ctx->ssl;
-        int ret = 0;
-        /*
-         * Replace ClientHello with synthetic handshake message - see
-         * RFC 8446 section 4.4.1.
-         */
-        if (!tls1_transcript_hash_init(s))
-                goto err;
-        if (!tls1_transcript_hash_value(s, buf, sizeof(buf), &hash_len))
-                goto err;
-        if ((hm = tls13_handshake_msg_new()) == NULL)
-                goto err;
-        if (!tls13_handshake_msg_start(hm, &cbb, TLS13_MT_MESSAGE_HASH))
-                goto err;
-        if (!CBB_add_bytes(&cbb, buf, hash_len))
-                goto err;
-        if (!tls13_handshake_msg_finish(hm))
-                goto err;
-        tls13_handshake_msg_data(hm, &cbs);
-        tls1_transcript_reset(ctx->ssl);
-        if (!tls1_transcript_record(ctx->ssl, CBS_data(&cbs), CBS_len(&cbs)))
-                goto err;
-        ret = 1;
- err:
-        tls13_handshake_msg_free(hm);
-        return ret;
-}
-static int
 tls13_client_engage_record_protection(struct tls13_ctx *ctx)
 {
        struct tls13_secrets *secrets;
@@ -559,7 +516,7 @@ tls13_server_hello_retry_request_recv(struct tls13_ctx *ctx, CBS *cbs)
        if (!ctx->hs->hrr)
                return 0;
-        if (!tls13_client_synthetic_handshake_message(ctx))
+        if (!tls13_synthetic_handshake_message(ctx))
                return 0;
        if (!tls13_handshake_msg_record(ctx))
                return 0;
diff --git a/src/lib/libssl/tls13_internal.h b/src/lib/libssl/tls13_internal.h
index ee82a44693..d711f1a58d 100644
--- a/src/lib/libssl/tls13_internal.h
+++ b/src/lib/libssl/tls13_internal.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_internal.h,v 1.65 2020/04/22 17:05:07 jsing Exp $ */
+/* $OpenBSD: tls13_internal.h,v 1.66 2020/04/28 20:30:40 jsing Exp $ */
 /*
 * Copyright (c) 2018 Bob Beck <beck@openbsd.org>
 * Copyright (c) 2018 Theo Buehler <tb@openbsd.org>
@@ -326,6 +326,7 @@ int tls13_server_finished_sent(struct tls13_ctx *ctx);
 void tls13_error_clear(struct tls13_error *error);
 int tls13_cert_add(CBB *cbb, X509 *cert);
+int tls13_synthetic_handshake_message(struct tls13_ctx *ctx);
 int tls13_error_set(struct tls13_error *error, int code, int subcode,
    const char *file, int line, const char *fmt, ...);
diff --git a/src/lib/libssl/tls13_lib.c b/src/lib/libssl/tls13_lib.c
index 044a0c5634..199f43ca16 100644
--- a/src/lib/libssl/tls13_lib.c
+++ b/src/lib/libssl/tls13_lib.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: tls13_lib.c,v 1.35 2020/04/21 16:55:17 jsing Exp $ */
+/*      $OpenBSD: tls13_lib.c,v 1.36 2020/04/28 20:30:41 jsing Exp $ */
 /*
 * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
 * Copyright (c) 2019 Bob Beck <beck@openbsd.org>
@@ -369,3 +369,46 @@ tls13_cert_add(CBB *cbb, X509 *cert)
        return 1;
 }
+int
+tls13_synthetic_handshake_message(struct tls13_ctx *ctx)
+{
+        struct tls13_handshake_msg *hm = NULL;
+        unsigned char buf[EVP_MAX_MD_SIZE];
+        size_t hash_len;
+        CBB cbb;
+        CBS cbs;
+        SSL *s = ctx->ssl;
+        int ret = 0;
+        /*
+         * Replace ClientHello with synthetic handshake message - see
+         * RFC 8446 section 4.4.1.
+         */
+        if (!tls1_transcript_hash_init(s))
+                goto err;
+        if (!tls1_transcript_hash_value(s, buf, sizeof(buf), &hash_len))
+                goto err;
+        if ((hm = tls13_handshake_msg_new()) == NULL)
+                goto err;
+        if (!tls13_handshake_msg_start(hm, &cbb, TLS13_MT_MESSAGE_HASH))
+                goto err;
+        if (!CBB_add_bytes(&cbb, buf, hash_len))
+                goto err;
+        if (!tls13_handshake_msg_finish(hm))
+                goto err;
+        tls13_handshake_msg_data(hm, &cbs);
+        tls1_transcript_reset(ctx->ssl);
+        if (!tls1_transcript_record(ctx->ssl, CBS_data(&cbs), CBS_len(&cbs)))
+                goto err;
+        ret = 1;
+ err:
+        tls13_handshake_msg_free(hm);
+        return ret;
+}
author	jsing <>	2020-04-28 20:30:41 +0000
committer	jsing <>	2020-04-28 20:30:41 +0000
commit	ceb4dab60b6d8724db6522bd50acb817a2ae5f69 (patch)
tree	048ea72780d56f4f5548f1cffa09cf4ae89fc001
parent	4a19347a39f2ec104b08860f36a51ec5f835e1f4 (diff)
download	openbsd-ceb4dab60b6d8724db6522bd50acb817a2ae5f69.tar.gz openbsd-ceb4dab60b6d8724db6522bd50acb817a2ae5f69.tar.bz2 openbsd-ceb4dab60b6d8724db6522bd50acb817a2ae5f69.zip