diff options
| author | jsing <> | 2022-11-07 11:53:39 +0000 |
|---|---|---|
| committer | jsing <> | 2022-11-07 11:53:39 +0000 |
| commit | 7aa564fe60027590616687055794c45960ec44dd (patch) | |
| tree | d8d9624d4617b435a2211c44dab7a6c5ff98e41a /src/lib/libssl/tls13_lib.c | |
| parent | 8eb977233c50d27fe9ab4466a73db176445f36ad (diff) | |
| download | openbsd-7aa564fe60027590616687055794c45960ec44dd.tar.gz openbsd-7aa564fe60027590616687055794c45960ec44dd.tar.bz2 openbsd-7aa564fe60027590616687055794c45960ec44dd.zip | |
Move tls13_exporter() code.
It makes more sense to have tls13_exporter() in tls13_key_schedule.c,
rather than tls13_lib.c
ok tb@
Diffstat (limited to 'src/lib/libssl/tls13_lib.c')
| -rw-r--r-- | src/lib/libssl/tls13_lib.c | 72 |
1 files changed, 1 insertions, 71 deletions
diff --git a/src/lib/libssl/tls13_lib.c b/src/lib/libssl/tls13_lib.c index 54c98af15c..3bb6d3d3db 100644 --- a/src/lib/libssl/tls13_lib.c +++ b/src/lib/libssl/tls13_lib.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: tls13_lib.c,v 1.74 2022/10/20 15:26:25 tb Exp $ */ | 1 | /* $OpenBSD: tls13_lib.c,v 1.75 2022/11/07 11:53:39 jsing Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org> |
| 4 | * Copyright (c) 2019 Bob Beck <beck@openbsd.org> | 4 | * Copyright (c) 2019 Bob Beck <beck@openbsd.org> |
| @@ -699,73 +699,3 @@ tls13_clienthello_hash_validate(struct tls13_ctx *ctx) | |||
| 699 | 699 | ||
| 700 | return 1; | 700 | return 1; |
| 701 | } | 701 | } |
| 702 | |||
| 703 | int | ||
| 704 | tls13_exporter(struct tls13_ctx *ctx, const uint8_t *label, size_t label_len, | ||
| 705 | const uint8_t *context_value, size_t context_value_len, uint8_t *out, | ||
| 706 | size_t out_len) | ||
| 707 | { | ||
| 708 | struct tls13_secret context, export_out, export_secret; | ||
| 709 | struct tls13_secrets *secrets = ctx->hs->tls13.secrets; | ||
| 710 | EVP_MD_CTX *md_ctx = NULL; | ||
| 711 | unsigned int md_out_len; | ||
| 712 | int md_len; | ||
| 713 | int ret = 0; | ||
| 714 | |||
| 715 | /* | ||
| 716 | * RFC 8446 Section 7.5. | ||
| 717 | */ | ||
| 718 | |||
| 719 | memset(&context, 0, sizeof(context)); | ||
| 720 | memset(&export_secret, 0, sizeof(export_secret)); | ||
| 721 | |||
| 722 | export_out.data = out; | ||
| 723 | export_out.len = out_len; | ||
| 724 | |||
| 725 | if (!ctx->handshake_completed) | ||
| 726 | return 0; | ||
| 727 | |||
| 728 | md_len = EVP_MD_size(secrets->digest); | ||
| 729 | if (md_len <= 0 || md_len > EVP_MAX_MD_SIZE) | ||
| 730 | goto err; | ||
| 731 | |||
| 732 | if (!tls13_secret_init(&export_secret, md_len)) | ||
| 733 | goto err; | ||
| 734 | if (!tls13_secret_init(&context, md_len)) | ||
| 735 | goto err; | ||
| 736 | |||
| 737 | /* In TLSv1.3 no context is equivalent to an empty context. */ | ||
| 738 | if (context_value == NULL) { | ||
| 739 | context_value = ""; | ||
| 740 | context_value_len = 0; | ||
| 741 | } | ||
| 742 | |||
| 743 | if ((md_ctx = EVP_MD_CTX_new()) == NULL) | ||
| 744 | goto err; | ||
| 745 | if (!EVP_DigestInit_ex(md_ctx, secrets->digest, NULL)) | ||
| 746 | goto err; | ||
| 747 | if (!EVP_DigestUpdate(md_ctx, context_value, context_value_len)) | ||
| 748 | goto err; | ||
| 749 | if (!EVP_DigestFinal_ex(md_ctx, context.data, &md_out_len)) | ||
| 750 | goto err; | ||
| 751 | if (md_len != md_out_len) | ||
| 752 | goto err; | ||
| 753 | |||
| 754 | if (!tls13_derive_secret_with_label_length(&export_secret, | ||
| 755 | secrets->digest, &secrets->exporter_master, label, label_len, | ||
| 756 | &secrets->empty_hash)) | ||
| 757 | goto err; | ||
| 758 | |||
| 759 | if (!tls13_hkdf_expand_label(&export_out, secrets->digest, | ||
| 760 | &export_secret, "exporter", &context)) | ||
| 761 | goto err; | ||
| 762 | |||
| 763 | ret = 1; | ||
| 764 | |||
| 765 | err: | ||
| 766 | EVP_MD_CTX_free(md_ctx); | ||
| 767 | tls13_secret_cleanup(&context); | ||
| 768 | tls13_secret_cleanup(&export_secret); | ||
| 769 | |||
| 770 | return ret; | ||
| 771 | } | ||