Preserve the transcript hash at specific stages of the TLSv1.3 handshake.

There are various points where we need the hash of all messages prior to the current message. Support this by having the handshake code preserve the transcript hash prior to recording the current message, which avoids the need to sprinkle this throughout multiple handlers. ok inoguchi@ tb@
author: jsing <> 2019-02-10 13:04:29 +0000
committer: jsing <> 2019-02-10 13:04:29 +0000
commit: 6d4aaf1f9ff309085dbf415f1fe769f3165381f6 (patch)
tree: ef8327c4dc4c5c054c766173772e66fa6e75b623 /src/lib/libssl/ssl_locl.h
parent: b3b102c1f413c950892ae663eb251b656a781b0e (diff)
download: openbsd-6d4aaf1f9ff309085dbf415f1fe769f3165381f6.tar.gz
openbsd-6d4aaf1f9ff309085dbf415f1fe769f3165381f6.tar.bz2
openbsd-6d4aaf1f9ff309085dbf415f1fe769f3165381f6.zip
1 files changed, 5 insertions, 1 deletions
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h
index a26b91976e..65429a3925 100644
--- a/src/lib/libssl/ssl_locl.h
+++ b/src/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_locl.h,v 1.234 2019/02/09 15:26:15 jsing Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.235 2019/02/10 13:04:29 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -451,6 +451,10 @@ typedef struct ssl_handshake_tls13_st {
        uint8_t *cookie;
        size_t cookie_len;
+        /* Preserved transcript hash. */
+        uint8_t transcript_hash[EVP_MAX_MD_SIZE];
+        size_t transcript_hash_len;
 } SSL_HANDSHAKE_TLS13;
 typedef struct ssl_ctx_internal_st {
author	jsing <>	2019-02-10 13:04:29 +0000
committer	jsing <>	2019-02-10 13:04:29 +0000
commit	6d4aaf1f9ff309085dbf415f1fe769f3165381f6 (patch)
tree	ef8327c4dc4c5c054c766173772e66fa6e75b623 /src/lib/libssl/ssl_locl.h
parent	b3b102c1f413c950892ae663eb251b656a781b0e (diff)
download	openbsd-6d4aaf1f9ff309085dbf415f1fe769f3165381f6.tar.gz openbsd-6d4aaf1f9ff309085dbf415f1fe769f3165381f6.tar.bz2 openbsd-6d4aaf1f9ff309085dbf415f1fe769f3165381f6.zip