diff options
| author | jsing <> | 2021-04-25 13:15:23 +0000 |
|---|---|---|
| committer | jsing <> | 2021-04-25 13:15:23 +0000 |
| commit | ebe128ca73ce7d178a186b93684c8bf8577f3b80 (patch) | |
| tree | 0d77df32f82a4eb3addc8531055c43c868f52f5e /src/lib/libssl/t1_enc.c | |
| parent | 6b7899114d6b9acd6fbc1fc2f5129bf1ca98ac1c (diff) | |
| download | openbsd-ebe128ca73ce7d178a186b93684c8bf8577f3b80.tar.gz openbsd-ebe128ca73ce7d178a186b93684c8bf8577f3b80.tar.bz2 openbsd-ebe128ca73ce7d178a186b93684c8bf8577f3b80.zip | |
Clean up derivation of finished/peer finished.
Make this process more readable by having specific client/server functions,
calling the correct one based on s->server. This allows to remove various
SSL_ST_ACCEPT/SSL_ST_CONNECT checks, along with duplicate code.
ok inoguchi@ tb@
Diffstat (limited to 'src/lib/libssl/t1_enc.c')
| -rw-r--r-- | src/lib/libssl/t1_enc.c | 27 |
1 files changed, 1 insertions, 26 deletions
diff --git a/src/lib/libssl/t1_enc.c b/src/lib/libssl/t1_enc.c index 6b3d40d8ec..3f93bcecf5 100644 --- a/src/lib/libssl/t1_enc.c +++ b/src/lib/libssl/t1_enc.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: t1_enc.c,v 1.138 2021/04/19 17:26:39 jsing Exp $ */ | 1 | /* $OpenBSD: t1_enc.c,v 1.139 2021/04/25 13:15:22 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -144,11 +144,6 @@ | |||
| 144 | #include <openssl/hmac.h> | 144 | #include <openssl/hmac.h> |
| 145 | #include <openssl/md5.h> | 145 | #include <openssl/md5.h> |
| 146 | 146 | ||
| 147 | int tls1_PRF(SSL *s, const unsigned char *secret, size_t secret_len, | ||
| 148 | const void *seed1, size_t seed1_len, const void *seed2, size_t seed2_len, | ||
| 149 | const void *seed3, size_t seed3_len, const void *seed4, size_t seed4_len, | ||
| 150 | const void *seed5, size_t seed5_len, unsigned char *out, size_t out_len); | ||
| 151 | |||
| 152 | void | 147 | void |
| 153 | tls1_cleanup_key_block(SSL *s) | 148 | tls1_cleanup_key_block(SSL *s) |
| 154 | { | 149 | { |
| @@ -471,26 +466,6 @@ tls1_setup_key_block(SSL *s) | |||
| 471 | } | 466 | } |
| 472 | 467 | ||
| 473 | int | 468 | int |
| 474 | tls1_final_finish_mac(SSL *s, const char *str, int str_len, unsigned char *out) | ||
| 475 | { | ||
| 476 | unsigned char buf[EVP_MAX_MD_SIZE]; | ||
| 477 | size_t hash_len; | ||
| 478 | |||
| 479 | if (str_len < 0) | ||
| 480 | return 0; | ||
| 481 | |||
| 482 | if (!tls1_transcript_hash_value(s, buf, sizeof(buf), &hash_len)) | ||
| 483 | return 0; | ||
| 484 | |||
| 485 | if (!tls1_PRF(s, s->session->master_key, s->session->master_key_length, | ||
| 486 | str, str_len, buf, hash_len, NULL, 0, NULL, 0, NULL, 0, | ||
| 487 | out, TLS1_FINISH_MAC_LENGTH)) | ||
| 488 | return 0; | ||
| 489 | |||
| 490 | return TLS1_FINISH_MAC_LENGTH; | ||
| 491 | } | ||
| 492 | |||
| 493 | int | ||
| 494 | tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p, | 469 | tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p, |
| 495 | int len) | 470 | int len) |
| 496 | { | 471 | { |