diff options
| author | jsing <> | 2020-09-15 16:07:17 +0000 |
|---|---|---|
| committer | jsing <> | 2020-09-15 16:07:17 +0000 |
| commit | cf3950166424b55bed453434d50727a6cf7485d1 (patch) | |
| tree | bba11920f935d0acc17359fab37aa2769a81514d /src | |
| parent | 042f3af67a1ee71c0530474205bf82a6674bea83 (diff) | |
| download | openbsd-cf3950166424b55bed453434d50727a6cf7485d1.tar.gz openbsd-cf3950166424b55bed453434d50727a6cf7485d1.tar.bz2 openbsd-cf3950166424b55bed453434d50727a6cf7485d1.zip | |
Split the tls12_record_layer_write_mac() function.
Split the existing tls12_record_layer_write_mac() function so that we can
soon reuse part of it for the read side.
No functional change.
ok tb@
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/libssl/tls12_record_layer.c | 29 |
1 files changed, 19 insertions, 10 deletions
diff --git a/src/lib/libssl/tls12_record_layer.c b/src/lib/libssl/tls12_record_layer.c index d1686cb5bd..1984e177bd 100644 --- a/src/lib/libssl/tls12_record_layer.c +++ b/src/lib/libssl/tls12_record_layer.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: tls12_record_layer.c,v 1.2 2020/09/15 15:11:58 jsing Exp $ */ | 1 | /* $OpenBSD: tls12_record_layer.c,v 1.3 2020/09/15 16:07:17 jsing Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2020 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2020 Joel Sing <jsing@openbsd.org> |
| 4 | * | 4 | * |
| @@ -227,9 +227,10 @@ tls12_record_layer_pseudo_header(struct tls12_record_layer *rl, | |||
| 227 | } | 227 | } |
| 228 | 228 | ||
| 229 | static int | 229 | static int |
| 230 | tls12_record_layer_write_mac(struct tls12_record_layer *rl, CBB *cbb, | 230 | tls12_record_layer_mac(struct tls12_record_layer *rl, CBB *cbb, |
| 231 | uint8_t content_type, const uint8_t *content, size_t content_len, | 231 | EVP_MD_CTX *hash_ctx, int stream_mac, uint16_t epoch, uint8_t *seq_num, |
| 232 | size_t *out_len) | 232 | size_t seq_num_len, uint8_t content_type, const uint8_t *content, |
| 233 | size_t content_len, size_t *out_len) | ||
| 233 | { | 234 | { |
| 234 | EVP_MD_CTX *mac_ctx = NULL; | 235 | EVP_MD_CTX *mac_ctx = NULL; |
| 235 | uint8_t *header = NULL; | 236 | uint8_t *header = NULL; |
| @@ -240,12 +241,11 @@ tls12_record_layer_write_mac(struct tls12_record_layer *rl, CBB *cbb, | |||
| 240 | 241 | ||
| 241 | if ((mac_ctx = EVP_MD_CTX_new()) == NULL) | 242 | if ((mac_ctx = EVP_MD_CTX_new()) == NULL) |
| 242 | goto err; | 243 | goto err; |
| 243 | if (!EVP_MD_CTX_copy(mac_ctx, rl->write_hash_ctx)) | 244 | if (!EVP_MD_CTX_copy(mac_ctx, hash_ctx)) |
| 244 | goto err; | 245 | goto err; |
| 245 | 246 | ||
| 246 | if (!tls12_record_layer_pseudo_header(rl, content_type, content_len, | 247 | if (!tls12_record_layer_pseudo_header(rl, content_type, content_len, |
| 247 | rl->write_epoch, rl->write_seq_num, SSL3_SEQUENCE_SIZE, | 248 | epoch, seq_num, seq_num_len, &header, &header_len)) |
| 248 | &header, &header_len)) | ||
| 249 | goto err; | 249 | goto err; |
| 250 | 250 | ||
| 251 | if (EVP_DigestSignUpdate(mac_ctx, header, header_len) <= 0) | 251 | if (EVP_DigestSignUpdate(mac_ctx, header, header_len) <= 0) |
| @@ -259,13 +259,12 @@ tls12_record_layer_write_mac(struct tls12_record_layer *rl, CBB *cbb, | |||
| 259 | if (EVP_DigestSignFinal(mac_ctx, mac, &mac_len) <= 0) | 259 | if (EVP_DigestSignFinal(mac_ctx, mac, &mac_len) <= 0) |
| 260 | goto err; | 260 | goto err; |
| 261 | 261 | ||
| 262 | if (rl->write_stream_mac) { | 262 | if (stream_mac) { |
| 263 | if (!EVP_MD_CTX_copy(rl->write_hash_ctx, mac_ctx)) | 263 | if (!EVP_MD_CTX_copy(hash_ctx, mac_ctx)) |
| 264 | goto err; | 264 | goto err; |
| 265 | } | 265 | } |
| 266 | 266 | ||
| 267 | *out_len = mac_len; | 267 | *out_len = mac_len; |
| 268 | |||
| 269 | ret = 1; | 268 | ret = 1; |
| 270 | 269 | ||
| 271 | err: | 270 | err: |
| @@ -276,6 +275,16 @@ tls12_record_layer_write_mac(struct tls12_record_layer *rl, CBB *cbb, | |||
| 276 | } | 275 | } |
| 277 | 276 | ||
| 278 | static int | 277 | static int |
| 278 | tls12_record_layer_write_mac(struct tls12_record_layer *rl, CBB *cbb, | ||
| 279 | uint8_t content_type, const uint8_t *content, size_t content_len, | ||
| 280 | size_t *out_len) | ||
| 281 | { | ||
| 282 | return tls12_record_layer_mac(rl, cbb, rl->write_hash_ctx, | ||
| 283 | rl->write_stream_mac, rl->write_epoch, rl->write_seq_num, | ||
| 284 | SSL3_SEQUENCE_SIZE, content_type, content, content_len, out_len); | ||
| 285 | } | ||
| 286 | |||
| 287 | static int | ||
| 279 | tls12_record_layer_seal_record_plaintext(struct tls12_record_layer *rl, | 288 | tls12_record_layer_seal_record_plaintext(struct tls12_record_layer *rl, |
| 280 | uint8_t content_type, const uint8_t *content, size_t content_len, CBB *out) | 289 | uint8_t content_type, const uint8_t *content, size_t content_len, CBB *out) |
| 281 | { | 290 | { |