summaryrefslogtreecommitdiff
path: root/src/lib/libssl/t1_enc.c
diff options
context:
space:
mode:
authorjsing <>2014-06-21 14:06:36 +0000
committerjsing <>2014-06-21 14:06:36 +0000
commitb81c33f9ad3326037ca21055c274584d3a9c9233 (patch)
treecad0881a7de8ac23f110c921d16323144b83c7c7 /src/lib/libssl/t1_enc.c
parent13487d6ff5ba78e217edd743efcdd9a1be05aa21 (diff)
downloadopenbsd-b81c33f9ad3326037ca21055c274584d3a9c9233.tar.gz
openbsd-b81c33f9ad3326037ca21055c274584d3a9c9233.tar.bz2
openbsd-b81c33f9ad3326037ca21055c274584d3a9c9233.zip
More KNF and clean up.
Diffstat (limited to '')
-rw-r--r--src/lib/libssl/t1_enc.c22
1 files changed, 9 insertions, 13 deletions
diff --git a/src/lib/libssl/t1_enc.c b/src/lib/libssl/t1_enc.c
index c8fed159e7..6901ff54da 100644
--- a/src/lib/libssl/t1_enc.c
+++ b/src/lib/libssl/t1_enc.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: t1_enc.c,v 1.60 2014/06/15 15:29:25 jsing Exp $ */ 1/* $OpenBSD: t1_enc.c,v 1.61 2014/06/21 14:06:36 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -248,10 +248,10 @@ tls1_PRF(long digest_mask, const void *seed1, int seed1_len, const void *seed2,
248 /* Count number of digests and partition sec evenly */ 248 /* Count number of digests and partition sec evenly */
249 count = 0; 249 count = 0;
250 for (idx = 0; ssl_get_handshake_digest(idx, &m, &md); idx++) { 250 for (idx = 0; ssl_get_handshake_digest(idx, &m, &md); idx++) {
251 if ((m << TLS1_PRF_DGST_SHIFT) 251 if ((m << TLS1_PRF_DGST_SHIFT) & digest_mask)
252 & digest_mask) count++; 252 count++;
253 } 253 }
254 len = slen/count; 254 len = slen / count;
255 if (count == 1) 255 if (count == 1)
256 slen = 0; 256 slen = 0;
257 S1 = sec; 257 S1 = sec;
@@ -262,7 +262,6 @@ tls1_PRF(long digest_mask, const void *seed1, int seed1_len, const void *seed2,
262 SSLerr(SSL_F_TLS1_PRF, 262 SSLerr(SSL_F_TLS1_PRF,
263 SSL_R_UNSUPPORTED_DIGEST_TYPE); 263 SSL_R_UNSUPPORTED_DIGEST_TYPE);
264 goto err; 264 goto err;
265
266 } 265 }
267 if (!tls1_P_hash(md , S1, len + (slen&1), seed1, 266 if (!tls1_P_hash(md , S1, len + (slen&1), seed1,
268 seed1_len, seed2, seed2_len, seed3, seed3_len, 267 seed1_len, seed2, seed2_len, seed3, seed3_len,
@@ -446,8 +445,7 @@ tls1_change_cipher_state_cipher(SSL *s, char is_read, char use_client_keys,
446 exp_label = TLS_MD_SERVER_WRITE_KEY_CONST; 445 exp_label = TLS_MD_SERVER_WRITE_KEY_CONST;
447 exp_label_len = TLS_MD_SERVER_WRITE_KEY_CONST_SIZE; 446 exp_label_len = TLS_MD_SERVER_WRITE_KEY_CONST_SIZE;
448 } 447 }
449 if (!tls1_PRF(ssl_get_algorithm2(s), 448 if (!tls1_PRF(ssl_get_algorithm2(s), exp_label, exp_label_len,
450 exp_label, exp_label_len,
451 s->s3->client_random, SSL3_RANDOM_SIZE, 449 s->s3->client_random, SSL3_RANDOM_SIZE,
452 s->s3->server_random, SSL3_RANDOM_SIZE, 450 s->s3->server_random, SSL3_RANDOM_SIZE,
453 NULL, 0, NULL, 0, key, key_len, export_tmp1, export_tmp2, 451 NULL, 0, NULL, 0, key, key_len, export_tmp1, export_tmp2,
@@ -990,7 +988,6 @@ tls1_enc(SSL *s, int send)
990 rec->length += i; 988 rec->length += i;
991 } 989 }
992 990
993
994 if (!send) { 991 if (!send) {
995 if (l == 0 || l % bs != 0) 992 if (l == 0 || l % bs != 0)
996 return 0; 993 return 0;
@@ -1006,7 +1003,6 @@ tls1_enc(SSL *s, int send)
1006 rec->length -= EVP_GCM_TLS_EXPLICIT_IV_LEN; 1003 rec->length -= EVP_GCM_TLS_EXPLICIT_IV_LEN;
1007 } 1004 }
1008 1005
1009
1010 ret = 1; 1006 ret = 1;
1011 if (EVP_MD_CTX_md(s->read_hash) != NULL) 1007 if (EVP_MD_CTX_md(s->read_hash) != NULL)
1012 mac_size = EVP_MD_CTX_size(s->read_hash); 1008 mac_size = EVP_MD_CTX_size(s->read_hash);
@@ -1062,7 +1058,6 @@ tls1_final_finish_mac(SSL *s, const char *str, int slen, unsigned char *out)
1062 int err = 0; 1058 int err = 0;
1063 const EVP_MD *md; 1059 const EVP_MD *md;
1064 1060
1065
1066 q = buf; 1061 q = buf;
1067 1062
1068 if (s->s3->handshake_buffer) 1063 if (s->s3->handshake_buffer)
@@ -1072,7 +1067,7 @@ tls1_final_finish_mac(SSL *s, const char *str, int slen, unsigned char *out)
1072 EVP_MD_CTX_init(&ctx); 1067 EVP_MD_CTX_init(&ctx);
1073 1068
1074 for (idx = 0; ssl_get_handshake_digest(idx, &mask, &md); idx++) { 1069 for (idx = 0; ssl_get_handshake_digest(idx, &mask, &md); idx++) {
1075 if (mask & ssl_get_algorithm2(s)) { 1070 if (ssl_get_algorithm2(s) & mask) {
1076 int hashsize = EVP_MD_size(md); 1071 int hashsize = EVP_MD_size(md);
1077 EVP_MD_CTX *hdgst = s->s3->handshake_dgst[idx]; 1072 EVP_MD_CTX *hdgst = s->s3->handshake_dgst[idx];
1078 if (!hdgst || hashsize < 0 || 1073 if (!hdgst || hashsize < 0 ||
@@ -1215,7 +1210,6 @@ tls1_export_keying_material(SSL *s, unsigned char *out, size_t olen,
1215 size_t vallen, currentvalpos; 1210 size_t vallen, currentvalpos;
1216 int rv; 1211 int rv;
1217 1212
1218
1219 buff = malloc(olen); 1213 buff = malloc(olen);
1220 if (buff == NULL) 1214 if (buff == NULL)
1221 goto err2; 1215 goto err2;
@@ -1276,7 +1270,8 @@ tls1_export_keying_material(SSL *s, unsigned char *out, size_t olen,
1276 1270
1277 goto ret; 1271 goto ret;
1278err1: 1272err1:
1279 SSLerr(SSL_F_TLS1_EXPORT_KEYING_MATERIAL, SSL_R_TLS_ILLEGAL_EXPORTER_LABEL); 1273 SSLerr(SSL_F_TLS1_EXPORT_KEYING_MATERIAL,
1274 SSL_R_TLS_ILLEGAL_EXPORTER_LABEL);
1280 rv = 0; 1275 rv = 0;
1281 goto ret; 1276 goto ret;
1282err2: 1277err2:
@@ -1285,6 +1280,7 @@ err2:
1285ret: 1280ret:
1286 free(buff); 1281 free(buff);
1287 free(val); 1282 free(val);
1283
1288 return (rv); 1284 return (rv);
1289} 1285}
1290 1286
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-11-01 19:37:25 +0000