summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/lib/libssl/ssl_locl.h6
-rw-r--r--src/lib/libssl/tls13_handshake.c12
2 files changed, 16 insertions, 2 deletions
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h
index a26b91976e..65429a3925 100644
--- a/src/lib/libssl/ssl_locl.h
+++ b/src/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_locl.h,v 1.234 2019/02/09 15:26:15 jsing Exp $ */ 1/* $OpenBSD: ssl_locl.h,v 1.235 2019/02/10 13:04:29 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -451,6 +451,10 @@ typedef struct ssl_handshake_tls13_st {
451 451
452 uint8_t *cookie; 452 uint8_t *cookie;
453 size_t cookie_len; 453 size_t cookie_len;
454
455 /* Preserved transcript hash. */
456 uint8_t transcript_hash[EVP_MAX_MD_SIZE];
457 size_t transcript_hash_len;
454} SSL_HANDSHAKE_TLS13; 458} SSL_HANDSHAKE_TLS13;
455 459
456typedef struct ssl_ctx_internal_st { 460typedef struct ssl_ctx_internal_st {
diff --git a/src/lib/libssl/tls13_handshake.c b/src/lib/libssl/tls13_handshake.c
index 68d6a9d444..8d5b0e3516 100644
--- a/src/lib/libssl/tls13_handshake.c
+++ b/src/lib/libssl/tls13_handshake.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: tls13_handshake.c,v 1.24 2019/02/07 15:54:18 jsing Exp $ */ 1/* $OpenBSD: tls13_handshake.c,v 1.25 2019/02/10 13:04:29 jsing Exp $ */
2/* 2/*
3 * Copyright (c) 2018-2019 Theo Buehler <tb@openbsd.org> 3 * Copyright (c) 2018-2019 Theo Buehler <tb@openbsd.org>
4 * Copyright (c) 2019 Joel Sing <jsing@openbsd.org> 4 * Copyright (c) 2019 Joel Sing <jsing@openbsd.org>
@@ -33,6 +33,7 @@ struct tls13_handshake_action {
33 uint8_t handshake_type; 33 uint8_t handshake_type;
34 uint8_t sender; 34 uint8_t sender;
35 uint8_t handshake_complete; 35 uint8_t handshake_complete;
36 uint8_t preserve_transcript_hash;
36 37
37 int (*send)(struct tls13_ctx *ctx); 38 int (*send)(struct tls13_ctx *ctx);
38 int (*recv)(struct tls13_ctx *ctx); 39 int (*recv)(struct tls13_ctx *ctx);
@@ -133,6 +134,7 @@ struct tls13_handshake_action state_machine[] = {
133 .record_type = TLS13_HANDSHAKE, 134 .record_type = TLS13_HANDSHAKE,
134 .handshake_type = TLS13_MT_CERTIFICATE_VERIFY, 135 .handshake_type = TLS13_MT_CERTIFICATE_VERIFY,
135 .sender = TLS13_HS_SERVER, 136 .sender = TLS13_HS_SERVER,
137 .preserve_transcript_hash = 1,
136 .send = tls13_server_certificate_verify_send, 138 .send = tls13_server_certificate_verify_send,
137 .recv = tls13_server_certificate_verify_recv, 139 .recv = tls13_server_certificate_verify_recv,
138 }, 140 },
@@ -140,6 +142,7 @@ struct tls13_handshake_action state_machine[] = {
140 .record_type = TLS13_HANDSHAKE, 142 .record_type = TLS13_HANDSHAKE,
141 .handshake_type = TLS13_MT_FINISHED, 143 .handshake_type = TLS13_MT_FINISHED,
142 .sender = TLS13_HS_SERVER, 144 .sender = TLS13_HS_SERVER,
145 .preserve_transcript_hash = 1,
143 .send = tls13_server_finished_send, 146 .send = tls13_server_finished_send,
144 .recv = tls13_server_finished_recv, 147 .recv = tls13_server_finished_recv,
145 }, 148 },
@@ -361,6 +364,13 @@ tls13_handshake_recv_action(struct tls13_ctx *ctx,
361 if ((ret = tls13_handshake_msg_recv(ctx->hs_msg, ctx->rl)) <= 0) 364 if ((ret = tls13_handshake_msg_recv(ctx->hs_msg, ctx->rl)) <= 0)
362 return ret; 365 return ret;
363 366
367 if (action->preserve_transcript_hash) {
368 if (!tls1_transcript_hash_value(ctx->ssl,
369 ctx->hs->transcript_hash, sizeof(ctx->hs->transcript_hash),
370 &ctx->hs->transcript_hash_len))
371 return TLS13_IO_FAILURE;
372 }
373
364 tls13_handshake_msg_data(ctx->hs_msg, &cbs); 374 tls13_handshake_msg_data(ctx->hs_msg, &cbs);
365 if (!tls1_transcript_record(ctx->ssl, CBS_data(&cbs), CBS_len(&cbs))) 375 if (!tls1_transcript_record(ctx->ssl, CBS_data(&cbs), CBS_len(&cbs)))
366 return TLS13_IO_FAILURE; 376 return TLS13_IO_FAILURE;
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-22 06:29:54 +0000