Move finished and peer finished to the handshake struct.

This moves the finish_md and peer_finish_md from the 'tmp' struct to the
handshake struct, renaming to finished and peer_finished in the process.
This also allows the remaining S3I(s) references to be removed from the
TLSv1.3 client and server.

ok inoguchi@ tb@

7 files changed, 44 insertions, 44 deletions

diff --git a/src/lib/libssl/ssl_both.c b/src/lib/libssl/ssl_both.c
index 789ab01213..4851231a8f 100644
--- a/src/lib/libssl/ssl_both.c
+++ b/src/lib/libssl/ssl_both.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_both.c,v 1.26 2021/03/27 17:56:28 tb Exp $ */
+/* $OpenBSD: ssl_both.c,v 1.27 2021/03/29 16:46:09 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -176,25 +176,25 @@ ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen)
                 OPENSSL_assert(md_len <= EVP_MAX_MD_SIZE);
 
                 if (tls1_final_finish_mac(s, sender, slen,
-                    S3I(s)->tmp.finish_md) != md_len)
+                    S3I(s)->hs.finished) != md_len)
                         return (0);
-                S3I(s)->tmp.finish_md_len = md_len;
+                S3I(s)->hs.finished_len = md_len;
 
                 /* Copy finished so we can use it for renegotiation checks. */
                 if (!s->server) {
                         memcpy(S3I(s)->previous_client_finished,
-                            S3I(s)->tmp.finish_md, md_len);
+                            S3I(s)->hs.finished, md_len);
                         S3I(s)->previous_client_finished_len = md_len;
                 } else {
                         memcpy(S3I(s)->previous_server_finished,
-                            S3I(s)->tmp.finish_md, md_len);
+                            S3I(s)->hs.finished, md_len);
                         S3I(s)->previous_server_finished_len = md_len;
                 }
 
                 if (!ssl3_handshake_msg_start(s, &cbb, &finished,
                     SSL3_MT_FINISHED))
                         goto err;
-                if (!CBB_add_bytes(&finished, S3I(s)->tmp.finish_md, md_len))
+                if (!CBB_add_bytes(&finished, S3I(s)->hs.finished, md_len))
                         goto err;
                 if (!ssl3_handshake_msg_finish(s, &cbb))
                         goto err;
@@ -235,9 +235,9 @@ ssl3_take_mac(SSL *s)
                 slen = TLS_MD_CLIENT_FINISH_CONST_SIZE;
         }
 
-        S3I(s)->tmp.peer_finish_md_len =
+        S3I(s)->hs.peer_finished_len =
             tls1_final_finish_mac(s, sender, slen,
-                S3I(s)->tmp.peer_finish_md);
+                S3I(s)->hs.peer_finished);
 }
 
 int
@@ -270,14 +270,14 @@ ssl3_get_finished(SSL *s, int a, int b)
 
         CBS_init(&cbs, s->internal->init_msg, n);
 
-        if (S3I(s)->tmp.peer_finish_md_len != md_len ||
+        if (S3I(s)->hs.peer_finished_len != md_len ||
             CBS_len(&cbs) != md_len) {
                 al = SSL_AD_DECODE_ERROR;
                 SSLerror(s, SSL_R_BAD_DIGEST_LENGTH);
                 goto fatal_err;
         }
 
-        if (!CBS_mem_equal(&cbs, S3I(s)->tmp.peer_finish_md, CBS_len(&cbs))) {
+        if (!CBS_mem_equal(&cbs, S3I(s)->hs.peer_finished, CBS_len(&cbs))) {
                 al = SSL_AD_DECRYPT_ERROR;
                 SSLerror(s, SSL_R_DIGEST_CHECK_FAILED);
                 goto fatal_err;
@@ -287,11 +287,11 @@ ssl3_get_finished(SSL *s, int a, int b)
         OPENSSL_assert(md_len <= EVP_MAX_MD_SIZE);
         if (s->server) {
                 memcpy(S3I(s)->previous_client_finished,
-                    S3I(s)->tmp.peer_finish_md, md_len);
+                    S3I(s)->hs.peer_finished, md_len);
                 S3I(s)->previous_client_finished_len = md_len;
         } else {
                 memcpy(S3I(s)->previous_server_finished,
-                    S3I(s)->tmp.peer_finish_md, md_len);
+                    S3I(s)->hs.peer_finished, md_len);
                 S3I(s)->previous_server_finished_len = md_len;
         }
 
diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c
index c77fdd77e9..892922d761 100644
--- a/src/lib/libssl/ssl_lib.c
+++ b/src/lib/libssl/ssl_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_lib.c,v 1.253 2021/03/27 17:56:28 tb Exp $ */
+/* $OpenBSD: ssl_lib.c,v 1.254 2021/03/29 16:46:09 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -723,10 +723,10 @@ SSL_get_finished(const SSL *s, void *buf, size_t count)
 {
         size_t  ret;
 
-        ret = S3I(s)->tmp.finish_md_len;
+        ret = S3I(s)->hs.finished_len;
         if (count > ret)
                 count = ret;
-        memcpy(buf, S3I(s)->tmp.finish_md, count);
+        memcpy(buf, S3I(s)->hs.finished, count);
         return (ret);
 }
 
@@ -736,10 +736,10 @@ SSL_get_peer_finished(const SSL *s, void *buf, size_t count)
 {
         size_t  ret;
 
-        ret = S3I(s)->tmp.peer_finish_md_len;
+        ret = S3I(s)->hs.peer_finished_len;
         if (count > ret)
                 count = ret;
-        memcpy(buf, S3I(s)->tmp.peer_finish_md, count);
+        memcpy(buf, S3I(s)->hs.peer_finished, count);
         return (ret);
 }
 
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h
index 4b2f98f84d..3339c57390 100644
--- a/src/lib/libssl/ssl_locl.h
+++ b/src/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_locl.h,v 1.332 2021/03/29 16:19:15 jsing Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.333 2021/03/29 16:46:09 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -492,6 +492,15 @@ typedef struct ssl_handshake_st {
         uint8_t *sigalgs;
         size_t sigalgs_len;
 
+        /*
+         * Copies of the verify data sent in our finished message and the
+         * verify data received in the finished message sent by our peer.
+         */
+        uint8_t finished[EVP_MAX_MD_SIZE];
+        size_t finished_len;
+        uint8_t peer_finished[EVP_MAX_MD_SIZE];
+        size_t peer_finished_len;
+
         SSL_HANDSHAKE_TLS12 tls12;
         SSL_HANDSHAKE_TLS13 tls13;
 } SSL_HANDSHAKE;
@@ -918,11 +927,6 @@ typedef struct ssl3_state_internal_st {
         struct  {
                 unsigned char cert_verify_md[EVP_MAX_MD_SIZE];
 
-                unsigned char finish_md[EVP_MAX_MD_SIZE];
-                size_t finish_md_len;
-                unsigned char peer_finish_md[EVP_MAX_MD_SIZE];
-                size_t peer_finish_md_len;
-
                 unsigned long message_size;
                 int message_type;
 
diff --git a/src/lib/libssl/ssl_pkt.c b/src/lib/libssl/ssl_pkt.c
index a93acdfa7f..a760f90a3a 100644
--- a/src/lib/libssl/ssl_pkt.c
+++ b/src/lib/libssl/ssl_pkt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_pkt.c,v 1.39 2021/03/24 18:44:00 jsing Exp $ */
+/* $OpenBSD: ssl_pkt.c,v 1.40 2021/03/29 16:46:09 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -1190,12 +1190,12 @@ ssl3_do_change_cipher_spec(SSL *s)
         }
 
         i = tls1_final_finish_mac(s, sender, slen,
-            S3I(s)->tmp.peer_finish_md);
+            S3I(s)->hs.peer_finished);
         if (i == 0) {
                 SSLerror(s, ERR_R_INTERNAL_ERROR);
                 return 0;
         }
-        S3I(s)->tmp.peer_finish_md_len = i;
+        S3I(s)->hs.peer_finished_len = i;
 
         return (1);
 }
diff --git a/src/lib/libssl/ssl_tlsext.c b/src/lib/libssl/ssl_tlsext.c
index 5ffab919a2..797eb84001 100644
--- a/src/lib/libssl/ssl_tlsext.c
+++ b/src/lib/libssl/ssl_tlsext.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_tlsext.c,v 1.88 2021/03/21 18:36:34 jsing Exp $ */
+/* $OpenBSD: ssl_tlsext.c,v 1.89 2021/03/29 16:46:09 jsing Exp $ */
 /*
  * Copyright (c) 2016, 2017, 2019 Joel Sing <jsing@openbsd.org>
  * Copyright (c) 2017 Doug Hogan <doug@openbsd.org>
@@ -36,7 +36,7 @@ tlsext_alpn_client_needs(SSL *s, uint16_t msg_type)
 {
         /* ALPN protos have been specified and this is the initial handshake */
         return s->internal->alpn_client_proto_list != NULL &&
-            S3I(s)->tmp.finish_md_len == 0;
+            S3I(s)->hs.finished_len == 0;
 }
 
 int
diff --git a/src/lib/libssl/tls13_client.c b/src/lib/libssl/tls13_client.c
index 78bf15ec59..e0febee926 100644
--- a/src/lib/libssl/tls13_client.c
+++ b/src/lib/libssl/tls13_client.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_client.c,v 1.76 2021/03/24 18:44:00 jsing Exp $ */
+/* $OpenBSD: tls13_client.c,v 1.77 2021/03/29 16:46:09 jsing Exp $ */
 /*
  * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
  *
@@ -746,7 +746,6 @@ tls13_server_finished_recv(struct tls13_ctx *ctx, CBS *cbs)
         uint8_t key[EVP_MAX_MD_SIZE];
         HMAC_CTX *hmac_ctx = NULL;
         unsigned int hlen;
-        SSL *s = ctx->ssl;
         int ret = 0;
 
         /*
@@ -781,9 +780,9 @@ tls13_server_finished_recv(struct tls13_ctx *ctx, CBS *cbs)
                 goto err;
         }
 
-        if (!CBS_write_bytes(cbs, S3I(s)->tmp.peer_finish_md,
-            sizeof(S3I(s)->tmp.peer_finish_md),
-            &S3I(s)->tmp.peer_finish_md_len))
+        if (!CBS_write_bytes(cbs, ctx->hs->peer_finished,
+            sizeof(ctx->hs->peer_finished),
+            &ctx->hs->peer_finished_len))
                 goto err;
 
         if (!CBS_skip(cbs, verify_data_len))
@@ -1032,7 +1031,6 @@ tls13_client_finished_send(struct tls13_ctx *ctx, CBB *cbb)
         unsigned int hlen;
         HMAC_CTX *hmac_ctx = NULL;
         CBS cbs;
-        SSL *s = ctx->ssl;
         int ret = 0;
 
         if (!tls13_secret_init(&finished_key, EVP_MD_size(ctx->hash)))
@@ -1064,8 +1062,8 @@ tls13_client_finished_send(struct tls13_ctx *ctx, CBB *cbb)
                 goto err;
 
         CBS_init(&cbs, verify_data, verify_data_len);
-        if (!CBS_write_bytes(&cbs, S3I(s)->tmp.finish_md,
-            sizeof(S3I(s)->tmp.finish_md), &S3I(s)->tmp.finish_md_len))
+        if (!CBS_write_bytes(&cbs, ctx->hs->finished,
+            sizeof(ctx->hs->finished), &ctx->hs->finished_len))
                 goto err;
 
         ret = 1;
diff --git a/src/lib/libssl/tls13_server.c b/src/lib/libssl/tls13_server.c
index bac9623a15..4fed1a43d0 100644
--- a/src/lib/libssl/tls13_server.c
+++ b/src/lib/libssl/tls13_server.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_server.c,v 1.73 2021/03/24 18:44:00 jsing Exp $ */
+/* $OpenBSD: tls13_server.c,v 1.74 2021/03/29 16:46:09 jsing Exp $ */
 /*
  * Copyright (c) 2019, 2020 Joel Sing <jsing@openbsd.org>
  * Copyright (c) 2020 Bob Beck <beck@openbsd.org>
@@ -783,7 +783,6 @@ tls13_server_finished_send(struct tls13_ctx *ctx, CBB *cbb)
         unsigned int hlen;
         HMAC_CTX *hmac_ctx = NULL;
         CBS cbs;
-        SSL *s = ctx->ssl;
         int ret = 0;
 
         if (!tls13_secret_init(&finished_key, EVP_MD_size(ctx->hash)))
@@ -815,8 +814,8 @@ tls13_server_finished_send(struct tls13_ctx *ctx, CBB *cbb)
                 goto err;
 
         CBS_init(&cbs, verify_data, verify_data_len);
-        if (!CBS_write_bytes(&cbs, S3I(s)->tmp.finish_md,
-            sizeof(S3I(s)->tmp.finish_md), &S3I(s)->tmp.finish_md_len))
+        if (!CBS_write_bytes(&cbs, ctx->hs->finished,
+            sizeof(ctx->hs->finished), &ctx->hs->finished_len))
                 goto err;
 
         ret = 1;
@@ -1050,7 +1049,6 @@ tls13_client_finished_recv(struct tls13_ctx *ctx, CBS *cbs)
         uint8_t key[EVP_MAX_MD_SIZE];
         HMAC_CTX *hmac_ctx = NULL;
         unsigned int hlen;
-        SSL *s = ctx->ssl;
         int ret = 0;
 
         /*
@@ -1085,9 +1083,9 @@ tls13_client_finished_recv(struct tls13_ctx *ctx, CBS *cbs)
                 goto err;
         }
 
-        if (!CBS_write_bytes(cbs, S3I(s)->tmp.peer_finish_md,
-            sizeof(S3I(s)->tmp.peer_finish_md),
-            &S3I(s)->tmp.peer_finish_md_len))
+        if (!CBS_write_bytes(cbs, ctx->hs->peer_finished,
+            sizeof(ctx->hs->peer_finished),
+            &ctx->hs->peer_finished_len))
                 goto err;
 
         if (!CBS_skip(cbs, verify_data_len))