Provide a reference from the TLSv1.3 context to the handshake state.

This allows ctx->hs to be used throughout the TLSv1.3 code, rather than S3I(ctx->ssl)->hs_tls13. ok inoguchi@ tb@
author: jsing <> 2019-02-09 15:20:05 +0000
committer: jsing <> 2019-02-09 15:20:05 +0000
commit: 420e1203852fc99e786ceb80cff5559b6be38fbf (patch)
tree: b270ca4e8a5c9f3f80b183036bb1fd42b2ed9a70 /src/lib
parent: 7a09aa52502e5c4598eda224db8dd8e132773449 (diff)
download: openbsd-420e1203852fc99e786ceb80cff5559b6be38fbf.tar.gz
openbsd-420e1203852fc99e786ceb80cff5559b6be38fbf.tar.bz2
openbsd-420e1203852fc99e786ceb80cff5559b6be38fbf.zip
2 files changed, 25 insertions, 19 deletions
diff --git a/src/lib/libssl/tls13_client.c b/src/lib/libssl/tls13_client.c
index 0f0c673f2c..df9b91b202 100644
--- a/src/lib/libssl/tls13_client.c
+++ b/src/lib/libssl/tls13_client.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_client.c,v 1.3 2019/02/07 15:54:18 jsing Exp $ */
+/* $OpenBSD: tls13_client.c,v 1.4 2019/02/09 15:20:05 jsing Exp $ */
 /*
 * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
 *
@@ -35,14 +35,16 @@ tls13_connect(struct tls13_ctx *ctx)
 }
 static int
-tls13_client_init(SSL *s)
+tls13_client_init(struct tls13_ctx *ctx)
 {
-        if (!ssl_supported_version_range(s, &S3I(s)->hs_tls13.min_version,
+        SSL *s = ctx->ssl;
-            &S3I(s)->hs_tls13.max_version)) {
+        if (!ssl_supported_version_range(s, &ctx->hs->min_version,
+            &ctx->hs->max_version)) {
                SSLerror(s, SSL_R_NO_PROTOCOLS_AVAILABLE);
                return 0;
        }
-        s->client_version = s->version = S3I(s)->hs_tls13.max_version;
+        s->client_version = s->version = ctx->hs->max_version;
        if (!ssl_get_new_session(s, 0)) /* XXX */
                return 0;
@@ -68,8 +70,9 @@ tls13_legacy_connect(SSL *ssl)
                }
                ssl->internal->tls13 = ctx;
                ctx->ssl = ssl;
+                ctx->hs = &S3I(ssl)->hs_tls13;
-                if (!tls13_client_init(ssl)) {
+                if (!tls13_client_init(ctx)) {
                        if (ERR_peek_error() == 0)
                                SSLerror(ssl, ERR_R_INTERNAL_ERROR); /* XXX */
                        return -1;
@@ -183,19 +186,19 @@ tls13_server_hello_process(struct tls13_ctx *ctx, CBS *cbs)
         * within range and not TLS 1.3 or greater (which must use the
         * supported version extension.
         */
-        if (S3I(s)->hs_tls13.server_version != 0) {
+        if (ctx->hs->server_version != 0) {
                if (legacy_version != TLS1_2_VERSION) {
                        /* XXX - alert. */
                        goto err;
                }
        } else {
-                if (legacy_version < S3I(s)->hs_tls13.min_version ||
+                if (legacy_version < ctx->hs->min_version ||
-                    legacy_version > S3I(s)->hs_tls13.max_version ||
+                    legacy_version > ctx->hs->max_version ||
                    legacy_version > TLS1_2_VERSION) {
                        /* XXX - alert. */
                        goto err;
                }
-                S3I(s)->hs_tls13.server_version = legacy_version;
+                ctx->hs->server_version = legacy_version;
        }
        /* XXX - session_id must match. */
@@ -210,7 +213,7 @@ tls13_server_hello_process(struct tls13_ctx *ctx, CBS *cbs)
                /* XXX - alert. */
                goto err;
        }
-        if (S3I(s)->hs_tls13.server_version == TLS1_3_VERSION &&
+        if (ctx->hs->server_version == TLS1_3_VERSION &&
            cipher->algorithm_ssl != SSL_TLSV1_3) {
                /* XXX - alert. */
                goto err;
@@ -253,7 +256,7 @@ tls13_server_hello_recv(struct tls13_ctx *ctx)
        if (!tls13_server_hello_process(ctx, &cbs))
                goto err;
-        if (S3I(s)->hs_tls13.server_version < TLS1_3_VERSION) {
+        if (ctx->hs->server_version < TLS1_3_VERSION) {
                /* XXX - switch back to legacy client. */
                goto err;
        }
@@ -262,18 +265,18 @@ tls13_server_hello_recv(struct tls13_ctx *ctx)
                return 1;
        /* XXX - handle other key share types. */
-        if (S3I(s)->hs_tls13.x25519_peer_public == NULL) {
+        if (ctx->hs->x25519_peer_public == NULL) {
                /* XXX - alert. */
                goto err;
        }
        if ((shared_key = malloc(X25519_KEY_LENGTH)) == NULL)
                goto err;
-        if (!X25519(shared_key, S3I(s)->hs_tls13.x25519_private,
+        if (!X25519(shared_key, ctx->hs->x25519_private,
-            S3I(s)->hs_tls13.x25519_peer_public))
+            ctx->hs->x25519_peer_public))
                goto err;
        s->session->cipher = S3I(s)->hs.new_cipher;
-        s->session->ssl_version = S3I(s)->hs_tls13.server_version;
+        s->session->ssl_version = ctx->hs->server_version;
        if ((ctx->aead = tls13_cipher_aead(S3I(s)->hs.new_cipher)) == NULL)
                goto err;
@@ -298,8 +301,8 @@ tls13_server_hello_recv(struct tls13_ctx *ctx)
                goto err;
        /* Handshake secrets. */
-        if (!tls13_derive_handshake_secrets(S3I(s)->hs_tls13.secrets,
+        if (!tls13_derive_handshake_secrets(ctx->hs->secrets, shared_key,
-            shared_key, X25519_KEY_LENGTH, &context))
+            X25519_KEY_LENGTH, &context))
                goto err;
        tls13_record_layer_set_aead(ctx->rl, ctx->aead);
diff --git a/src/lib/libssl/tls13_internal.h b/src/lib/libssl/tls13_internal.h
index 4b23e74ae1..0637b34ff7 100644
--- a/src/lib/libssl/tls13_internal.h
+++ b/src/lib/libssl/tls13_internal.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_internal.h,v 1.16 2019/02/04 16:18:15 jsing Exp $ */
+/* $OpenBSD: tls13_internal.h,v 1.17 2019/02/09 15:20:05 jsing Exp $ */
 /*
 * Copyright (c) 2018 Bob Beck <beck@openbsd.org>
 * Copyright (c) 2018 Theo Buehler <tb@openbsd.org>
@@ -147,8 +147,11 @@ struct tls13_handshake_stage {
        uint8_t message_number;
 };
+typedef struct ssl_handshake_tls13_st SSL_HANDSHAKE_TLS13;
 struct tls13_ctx {
        SSL *ssl;
+        SSL_HANDSHAKE_TLS13 *hs;
        uint8_t mode;
        struct tls13_handshake_stage handshake_stage;
author	jsing <>	2019-02-09 15:20:05 +0000
committer	jsing <>	2019-02-09 15:20:05 +0000
commit	420e1203852fc99e786ceb80cff5559b6be38fbf (patch)
tree	b270ca4e8a5c9f3f80b183036bb1fd42b2ed9a70 /src/lib
parent	7a09aa52502e5c4598eda224db8dd8e132773449 (diff)
download	openbsd-420e1203852fc99e786ceb80cff5559b6be38fbf.tar.gz openbsd-420e1203852fc99e786ceb80cff5559b6be38fbf.tar.bz2 openbsd-420e1203852fc99e786ceb80cff5559b6be38fbf.zip

diff --git a/src/lib/libssl/tls13_client.c b/src/lib/libssl/tls13_client.c index 0f0c673f2c..df9b91b202 100644 --- a/src/lib/libssl/tls13_client.c +++ b/src/lib/libssl/tls13_client.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: tls13_client.c,v 1.3 2019/02/07 15:54:18 jsing Exp $ */	1	/* $OpenBSD: tls13_client.c,v 1.4 2019/02/09 15:20:05 jsing Exp $ */
2	/*	2	/*
3	* Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>	3	* Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
4	*	4	*
@@ -35,14 +35,16 @@ tls13_connect(struct tls13_ctx *ctx)
35	}	35	}
36		36
37	static int	37	static int
38	tls13_client_init(SSL *s)	38	tls13_client_init(struct tls13_ctx *ctx)
39	{	39	{
40	if (!ssl_supported_version_range(s, &S3I(s)->hs_tls13.min_version,	40	SSL *s = ctx->ssl;
41	&S3I(s)->hs_tls13.max_version)) {	41
		42	if (!ssl_supported_version_range(s, &ctx->hs->min_version,
		43	&ctx->hs->max_version)) {
42	SSLerror(s, SSL_R_NO_PROTOCOLS_AVAILABLE);	44	SSLerror(s, SSL_R_NO_PROTOCOLS_AVAILABLE);
43	return 0;	45	return 0;
44	}	46	}
45	s->client_version = s->version = S3I(s)->hs_tls13.max_version;	47	s->client_version = s->version = ctx->hs->max_version;
46		48
47	if (!ssl_get_new_session(s, 0)) /* XXX */	49	if (!ssl_get_new_session(s, 0)) /* XXX */
48	return 0;	50	return 0;
@@ -68,8 +70,9 @@ tls13_legacy_connect(SSL *ssl)
68	}	70	}
69	ssl->internal->tls13 = ctx;	71	ssl->internal->tls13 = ctx;
70	ctx->ssl = ssl;	72	ctx->ssl = ssl;
		73	ctx->hs = &S3I(ssl)->hs_tls13;
71		74
72	if (!tls13_client_init(ssl)) {	75	if (!tls13_client_init(ctx)) {
73	if (ERR_peek_error() == 0)	76	if (ERR_peek_error() == 0)
74	SSLerror(ssl, ERR_R_INTERNAL_ERROR); /* XXX */	77	SSLerror(ssl, ERR_R_INTERNAL_ERROR); /* XXX */
75	return -1;	78	return -1;
@@ -183,19 +186,19 @@ tls13_server_hello_process(struct tls13_ctx ctx, CBS cbs)
183	* within range and not TLS 1.3 or greater (which must use the	186	* within range and not TLS 1.3 or greater (which must use the
184	* supported version extension.	187	* supported version extension.
185	*/	188	*/
186	if (S3I(s)->hs_tls13.server_version != 0) {	189	if (ctx->hs->server_version != 0) {
187	if (legacy_version != TLS1_2_VERSION) {	190	if (legacy_version != TLS1_2_VERSION) {
188	/* XXX - alert. */	191	/* XXX - alert. */
189	goto err;	192	goto err;
190	}	193	}
191	} else {	194	} else {
192	if (legacy_version < S3I(s)->hs_tls13.min_version \|\|	195	if (legacy_version < ctx->hs->min_version \|\|
193	legacy_version > S3I(s)->hs_tls13.max_version \|\|	196	legacy_version > ctx->hs->max_version \|\|
194	legacy_version > TLS1_2_VERSION) {	197	legacy_version > TLS1_2_VERSION) {
195	/* XXX - alert. */	198	/* XXX - alert. */
196	goto err;	199	goto err;
197	}	200	}
198	S3I(s)->hs_tls13.server_version = legacy_version;	201	ctx->hs->server_version = legacy_version;
199	}	202	}
200		203
201	/* XXX - session_id must match. */	204	/* XXX - session_id must match. */
@@ -210,7 +213,7 @@ tls13_server_hello_process(struct tls13_ctx ctx, CBS cbs)
210	/* XXX - alert. */	213	/* XXX - alert. */
211	goto err;	214	goto err;
212	}	215	}
213	if (S3I(s)->hs_tls13.server_version == TLS1_3_VERSION &&	216	if (ctx->hs->server_version == TLS1_3_VERSION &&
214	cipher->algorithm_ssl != SSL_TLSV1_3) {	217	cipher->algorithm_ssl != SSL_TLSV1_3) {
215	/* XXX - alert. */	218	/* XXX - alert. */
216	goto err;	219	goto err;
@@ -253,7 +256,7 @@ tls13_server_hello_recv(struct tls13_ctx *ctx)
253	if (!tls13_server_hello_process(ctx, &cbs))	256	if (!tls13_server_hello_process(ctx, &cbs))
254	goto err;	257	goto err;
255		258
256	if (S3I(s)->hs_tls13.server_version < TLS1_3_VERSION) {	259	if (ctx->hs->server_version < TLS1_3_VERSION) {
257	/* XXX - switch back to legacy client. */	260	/* XXX - switch back to legacy client. */
258	goto err;	261	goto err;
259	}	262	}
@@ -262,18 +265,18 @@ tls13_server_hello_recv(struct tls13_ctx *ctx)
262	return 1;	265	return 1;
263		266
264	/* XXX - handle other key share types. */	267	/* XXX - handle other key share types. */
265	if (S3I(s)->hs_tls13.x25519_peer_public == NULL) {	268	if (ctx->hs->x25519_peer_public == NULL) {
266	/* XXX - alert. */	269	/* XXX - alert. */
267	goto err;	270	goto err;
268	}	271	}
269	if ((shared_key = malloc(X25519_KEY_LENGTH)) == NULL)	272	if ((shared_key = malloc(X25519_KEY_LENGTH)) == NULL)
270	goto err;	273	goto err;
271	if (!X25519(shared_key, S3I(s)->hs_tls13.x25519_private,	274	if (!X25519(shared_key, ctx->hs->x25519_private,
272	S3I(s)->hs_tls13.x25519_peer_public))	275	ctx->hs->x25519_peer_public))
273	goto err;	276	goto err;
274		277
275	s->session->cipher = S3I(s)->hs.new_cipher;	278	s->session->cipher = S3I(s)->hs.new_cipher;
276	s->session->ssl_version = S3I(s)->hs_tls13.server_version;	279	s->session->ssl_version = ctx->hs->server_version;
277		280
278	if ((ctx->aead = tls13_cipher_aead(S3I(s)->hs.new_cipher)) == NULL)	281	if ((ctx->aead = tls13_cipher_aead(S3I(s)->hs.new_cipher)) == NULL)
279	goto err;	282	goto err;
@@ -298,8 +301,8 @@ tls13_server_hello_recv(struct tls13_ctx *ctx)
298	goto err;	301	goto err;
299		302
300	/* Handshake secrets. */	303	/* Handshake secrets. */
301	if (!tls13_derive_handshake_secrets(S3I(s)->hs_tls13.secrets,	304	if (!tls13_derive_handshake_secrets(ctx->hs->secrets, shared_key,
302	shared_key, X25519_KEY_LENGTH, &context))	305	X25519_KEY_LENGTH, &context))
303	goto err;	306	goto err;
304		307
305	tls13_record_layer_set_aead(ctx->rl, ctx->aead);	308	tls13_record_layer_set_aead(ctx->rl, ctx->aead);


diff --git a/src/lib/libssl/tls13_internal.h b/src/lib/libssl/tls13_internal.h index 4b23e74ae1..0637b34ff7 100644 --- a/src/lib/libssl/tls13_internal.h +++ b/src/lib/libssl/tls13_internal.h
@@ -1,4 +1,4 @@
1	/* $OpenBSD: tls13_internal.h,v 1.16 2019/02/04 16:18:15 jsing Exp $ */	1	/* $OpenBSD: tls13_internal.h,v 1.17 2019/02/09 15:20:05 jsing Exp $ */
2	/*	2	/*
3	* Copyright (c) 2018 Bob Beck <beck@openbsd.org>	3	* Copyright (c) 2018 Bob Beck <beck@openbsd.org>
4	* Copyright (c) 2018 Theo Buehler <tb@openbsd.org>	4	* Copyright (c) 2018 Theo Buehler <tb@openbsd.org>
@@ -147,8 +147,11 @@ struct tls13_handshake_stage {
147	uint8_t message_number;	147	uint8_t message_number;
148	};	148	};
149		149
		150	typedef struct ssl_handshake_tls13_st SSL_HANDSHAKE_TLS13;
		151
150	struct tls13_ctx {	152	struct tls13_ctx {
151	SSL *ssl;	153	SSL *ssl;
		154	SSL_HANDSHAKE_TLS13 *hs;
152	uint8_t mode;	155	uint8_t mode;
153	struct tls13_handshake_stage handshake_stage;	156	struct tls13_handshake_stage handshake_stage;
154		157