summaryrefslogtreecommitdiff
path: root/src/lib/libssl/t1_enc.c
diff options
context:
space:
mode:
authorjsing <>2021-04-25 13:15:23 +0000
committerjsing <>2021-04-25 13:15:23 +0000
commitebe128ca73ce7d178a186b93684c8bf8577f3b80 (patch)
tree0d77df32f82a4eb3addc8531055c43c868f52f5e /src/lib/libssl/t1_enc.c
parent6b7899114d6b9acd6fbc1fc2f5129bf1ca98ac1c (diff)
downloadopenbsd-ebe128ca73ce7d178a186b93684c8bf8577f3b80.tar.gz
openbsd-ebe128ca73ce7d178a186b93684c8bf8577f3b80.tar.bz2
openbsd-ebe128ca73ce7d178a186b93684c8bf8577f3b80.zip
Clean up derivation of finished/peer finished.
Make this process more readable by having specific client/server functions, calling the correct one based on s->server. This allows to remove various SSL_ST_ACCEPT/SSL_ST_CONNECT checks, along with duplicate code. ok inoguchi@ tb@
Diffstat (limited to 'src/lib/libssl/t1_enc.c')
-rw-r--r--src/lib/libssl/t1_enc.c27
1 files changed, 1 insertions, 26 deletions
diff --git a/src/lib/libssl/t1_enc.c b/src/lib/libssl/t1_enc.c
index 6b3d40d8ec..3f93bcecf5 100644
--- a/src/lib/libssl/t1_enc.c
+++ b/src/lib/libssl/t1_enc.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: t1_enc.c,v 1.138 2021/04/19 17:26:39 jsing Exp $ */ 1/* $OpenBSD: t1_enc.c,v 1.139 2021/04/25 13:15:22 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -144,11 +144,6 @@
144#include <openssl/hmac.h> 144#include <openssl/hmac.h>
145#include <openssl/md5.h> 145#include <openssl/md5.h>
146 146
147int tls1_PRF(SSL *s, const unsigned char *secret, size_t secret_len,
148 const void *seed1, size_t seed1_len, const void *seed2, size_t seed2_len,
149 const void *seed3, size_t seed3_len, const void *seed4, size_t seed4_len,
150 const void *seed5, size_t seed5_len, unsigned char *out, size_t out_len);
151
152void 147void
153tls1_cleanup_key_block(SSL *s) 148tls1_cleanup_key_block(SSL *s)
154{ 149{
@@ -471,26 +466,6 @@ tls1_setup_key_block(SSL *s)
471} 466}
472 467
473int 468int
474tls1_final_finish_mac(SSL *s, const char *str, int str_len, unsigned char *out)
475{
476 unsigned char buf[EVP_MAX_MD_SIZE];
477 size_t hash_len;
478
479 if (str_len < 0)
480 return 0;
481
482 if (!tls1_transcript_hash_value(s, buf, sizeof(buf), &hash_len))
483 return 0;
484
485 if (!tls1_PRF(s, s->session->master_key, s->session->master_key_length,
486 str, str_len, buf, hash_len, NULL, 0, NULL, 0, NULL, 0,
487 out, TLS1_FINISH_MAC_LENGTH))
488 return 0;
489
490 return TLS1_FINISH_MAC_LENGTH;
491}
492
493int
494tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p, 469tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p,
495 int len) 470 int len)
496{ 471{