diff options
author | jsing <> | 2021-04-25 13:15:23 +0000 |
---|---|---|
committer | jsing <> | 2021-04-25 13:15:23 +0000 |
commit | ebe128ca73ce7d178a186b93684c8bf8577f3b80 (patch) | |
tree | 0d77df32f82a4eb3addc8531055c43c868f52f5e /src/lib/libssl/tls12_lib.c | |
parent | 6b7899114d6b9acd6fbc1fc2f5129bf1ca98ac1c (diff) | |
download | openbsd-ebe128ca73ce7d178a186b93684c8bf8577f3b80.tar.gz openbsd-ebe128ca73ce7d178a186b93684c8bf8577f3b80.tar.bz2 openbsd-ebe128ca73ce7d178a186b93684c8bf8577f3b80.zip |
Clean up derivation of finished/peer finished.
Make this process more readable by having specific client/server functions,
calling the correct one based on s->server. This allows to remove various
SSL_ST_ACCEPT/SSL_ST_CONNECT checks, along with duplicate code.
ok inoguchi@ tb@
Diffstat (limited to 'src/lib/libssl/tls12_lib.c')
-rw-r--r-- | src/lib/libssl/tls12_lib.c | 92 |
1 files changed, 92 insertions, 0 deletions
diff --git a/src/lib/libssl/tls12_lib.c b/src/lib/libssl/tls12_lib.c new file mode 100644 index 0000000000..520f41678d --- /dev/null +++ b/src/lib/libssl/tls12_lib.c | |||
@@ -0,0 +1,92 @@ | |||
1 | /* $OpenBSD: tls12_lib.c,v 1.1 2021/04/25 13:15:23 jsing Exp $ */ | ||
2 | /* | ||
3 | * Copyright (c) 2021 Joel Sing <jsing@openbsd.org> | ||
4 | * | ||
5 | * Permission to use, copy, modify, and distribute this software for any | ||
6 | * purpose with or without fee is hereby granted, provided that the above | ||
7 | * copyright notice and this permission notice appear in all copies. | ||
8 | * | ||
9 | * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES | ||
10 | * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF | ||
11 | * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR | ||
12 | * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES | ||
13 | * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | ||
14 | * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | ||
15 | * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | ||
16 | */ | ||
17 | |||
18 | #include "ssl_locl.h" | ||
19 | |||
20 | static int | ||
21 | tls12_finished_verify_data(SSL *s, const char *finished_label, | ||
22 | size_t finished_label_len, uint8_t *verify_data, size_t verify_data_len, | ||
23 | size_t *out_len) | ||
24 | { | ||
25 | uint8_t transcript_hash[EVP_MAX_MD_SIZE]; | ||
26 | size_t transcript_hash_len; | ||
27 | |||
28 | *out_len = 0; | ||
29 | |||
30 | if (verify_data_len < TLS1_FINISH_MAC_LENGTH) | ||
31 | return 0; | ||
32 | |||
33 | if (!tls1_transcript_hash_value(s, transcript_hash, | ||
34 | sizeof(transcript_hash), &transcript_hash_len)) | ||
35 | return 0; | ||
36 | |||
37 | if (!tls1_PRF(s, s->session->master_key, s->session->master_key_length, | ||
38 | finished_label, finished_label_len, transcript_hash, | ||
39 | transcript_hash_len, NULL, 0, NULL, 0, NULL, 0, verify_data, | ||
40 | TLS1_FINISH_MAC_LENGTH)) | ||
41 | return 0; | ||
42 | |||
43 | *out_len = TLS1_FINISH_MAC_LENGTH; | ||
44 | |||
45 | return 1; | ||
46 | } | ||
47 | |||
48 | static int | ||
49 | tls12_client_finished_verify_data(SSL *s, uint8_t *verify_data, | ||
50 | size_t verify_data_len, size_t *out_len) | ||
51 | { | ||
52 | return tls12_finished_verify_data(s, TLS_MD_CLIENT_FINISH_CONST, | ||
53 | TLS_MD_CLIENT_FINISH_CONST_SIZE, verify_data, verify_data_len, | ||
54 | out_len); | ||
55 | } | ||
56 | |||
57 | static int | ||
58 | tls12_server_finished_verify_data(SSL *s, uint8_t *verify_data, | ||
59 | size_t verify_data_len, size_t *out_len) | ||
60 | { | ||
61 | return tls12_finished_verify_data(s, TLS_MD_SERVER_FINISH_CONST, | ||
62 | TLS_MD_SERVER_FINISH_CONST_SIZE, verify_data, verify_data_len, | ||
63 | out_len); | ||
64 | } | ||
65 | |||
66 | int | ||
67 | tls12_derive_finished(SSL *s) | ||
68 | { | ||
69 | if (!s->server) { | ||
70 | return tls12_client_finished_verify_data(s, | ||
71 | S3I(s)->hs.finished, sizeof(S3I(s)->hs.finished), | ||
72 | &S3I(s)->hs.finished_len); | ||
73 | } else { | ||
74 | return tls12_server_finished_verify_data(s, | ||
75 | S3I(s)->hs.finished, sizeof(S3I(s)->hs.finished), | ||
76 | &S3I(s)->hs.finished_len); | ||
77 | } | ||
78 | } | ||
79 | |||
80 | int | ||
81 | tls12_derive_peer_finished(SSL *s) | ||
82 | { | ||
83 | if (s->server) { | ||
84 | return tls12_client_finished_verify_data(s, | ||
85 | S3I(s)->hs.peer_finished, sizeof(S3I(s)->hs.peer_finished), | ||
86 | &S3I(s)->hs.peer_finished_len); | ||
87 | } else { | ||
88 | return tls12_server_finished_verify_data(s, | ||
89 | S3I(s)->hs.peer_finished, sizeof(S3I(s)->hs.peer_finished), | ||
90 | &S3I(s)->hs.peer_finished_len); | ||
91 | } | ||
92 | } | ||