diff options
author | jsing <> | 2021-04-25 13:15:23 +0000 |
---|---|---|
committer | jsing <> | 2021-04-25 13:15:23 +0000 |
commit | ebe128ca73ce7d178a186b93684c8bf8577f3b80 (patch) | |
tree | 0d77df32f82a4eb3addc8531055c43c868f52f5e /src/lib/libssl/t1_enc.c | |
parent | 6b7899114d6b9acd6fbc1fc2f5129bf1ca98ac1c (diff) | |
download | openbsd-ebe128ca73ce7d178a186b93684c8bf8577f3b80.tar.gz openbsd-ebe128ca73ce7d178a186b93684c8bf8577f3b80.tar.bz2 openbsd-ebe128ca73ce7d178a186b93684c8bf8577f3b80.zip |
Clean up derivation of finished/peer finished.
Make this process more readable by having specific client/server functions,
calling the correct one based on s->server. This allows to remove various
SSL_ST_ACCEPT/SSL_ST_CONNECT checks, along with duplicate code.
ok inoguchi@ tb@
Diffstat (limited to 'src/lib/libssl/t1_enc.c')
-rw-r--r-- | src/lib/libssl/t1_enc.c | 27 |
1 files changed, 1 insertions, 26 deletions
diff --git a/src/lib/libssl/t1_enc.c b/src/lib/libssl/t1_enc.c index 6b3d40d8ec..3f93bcecf5 100644 --- a/src/lib/libssl/t1_enc.c +++ b/src/lib/libssl/t1_enc.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: t1_enc.c,v 1.138 2021/04/19 17:26:39 jsing Exp $ */ | 1 | /* $OpenBSD: t1_enc.c,v 1.139 2021/04/25 13:15:22 jsing Exp $ */ |
2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
3 | * All rights reserved. | 3 | * All rights reserved. |
4 | * | 4 | * |
@@ -144,11 +144,6 @@ | |||
144 | #include <openssl/hmac.h> | 144 | #include <openssl/hmac.h> |
145 | #include <openssl/md5.h> | 145 | #include <openssl/md5.h> |
146 | 146 | ||
147 | int tls1_PRF(SSL *s, const unsigned char *secret, size_t secret_len, | ||
148 | const void *seed1, size_t seed1_len, const void *seed2, size_t seed2_len, | ||
149 | const void *seed3, size_t seed3_len, const void *seed4, size_t seed4_len, | ||
150 | const void *seed5, size_t seed5_len, unsigned char *out, size_t out_len); | ||
151 | |||
152 | void | 147 | void |
153 | tls1_cleanup_key_block(SSL *s) | 148 | tls1_cleanup_key_block(SSL *s) |
154 | { | 149 | { |
@@ -471,26 +466,6 @@ tls1_setup_key_block(SSL *s) | |||
471 | } | 466 | } |
472 | 467 | ||
473 | int | 468 | int |
474 | tls1_final_finish_mac(SSL *s, const char *str, int str_len, unsigned char *out) | ||
475 | { | ||
476 | unsigned char buf[EVP_MAX_MD_SIZE]; | ||
477 | size_t hash_len; | ||
478 | |||
479 | if (str_len < 0) | ||
480 | return 0; | ||
481 | |||
482 | if (!tls1_transcript_hash_value(s, buf, sizeof(buf), &hash_len)) | ||
483 | return 0; | ||
484 | |||
485 | if (!tls1_PRF(s, s->session->master_key, s->session->master_key_length, | ||
486 | str, str_len, buf, hash_len, NULL, 0, NULL, 0, NULL, 0, | ||
487 | out, TLS1_FINISH_MAC_LENGTH)) | ||
488 | return 0; | ||
489 | |||
490 | return TLS1_FINISH_MAC_LENGTH; | ||
491 | } | ||
492 | |||
493 | int | ||
494 | tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p, | 469 | tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p, |
495 | int len) | 470 | int len) |
496 | { | 471 | { |