diff options
Diffstat (limited to 'src/lib/libssl/tls13_handshake.c')
| -rw-r--r-- | src/lib/libssl/tls13_handshake.c | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/src/lib/libssl/tls13_handshake.c b/src/lib/libssl/tls13_handshake.c index 68d6a9d444..8d5b0e3516 100644 --- a/src/lib/libssl/tls13_handshake.c +++ b/src/lib/libssl/tls13_handshake.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: tls13_handshake.c,v 1.24 2019/02/07 15:54:18 jsing Exp $ */ | 1 | /* $OpenBSD: tls13_handshake.c,v 1.25 2019/02/10 13:04:29 jsing Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2018-2019 Theo Buehler <tb@openbsd.org> | 3 | * Copyright (c) 2018-2019 Theo Buehler <tb@openbsd.org> |
| 4 | * Copyright (c) 2019 Joel Sing <jsing@openbsd.org> | 4 | * Copyright (c) 2019 Joel Sing <jsing@openbsd.org> |
| @@ -33,6 +33,7 @@ struct tls13_handshake_action { | |||
| 33 | uint8_t handshake_type; | 33 | uint8_t handshake_type; |
| 34 | uint8_t sender; | 34 | uint8_t sender; |
| 35 | uint8_t handshake_complete; | 35 | uint8_t handshake_complete; |
| 36 | uint8_t preserve_transcript_hash; | ||
| 36 | 37 | ||
| 37 | int (*send)(struct tls13_ctx *ctx); | 38 | int (*send)(struct tls13_ctx *ctx); |
| 38 | int (*recv)(struct tls13_ctx *ctx); | 39 | int (*recv)(struct tls13_ctx *ctx); |
| @@ -133,6 +134,7 @@ struct tls13_handshake_action state_machine[] = { | |||
| 133 | .record_type = TLS13_HANDSHAKE, | 134 | .record_type = TLS13_HANDSHAKE, |
| 134 | .handshake_type = TLS13_MT_CERTIFICATE_VERIFY, | 135 | .handshake_type = TLS13_MT_CERTIFICATE_VERIFY, |
| 135 | .sender = TLS13_HS_SERVER, | 136 | .sender = TLS13_HS_SERVER, |
| 137 | .preserve_transcript_hash = 1, | ||
| 136 | .send = tls13_server_certificate_verify_send, | 138 | .send = tls13_server_certificate_verify_send, |
| 137 | .recv = tls13_server_certificate_verify_recv, | 139 | .recv = tls13_server_certificate_verify_recv, |
| 138 | }, | 140 | }, |
| @@ -140,6 +142,7 @@ struct tls13_handshake_action state_machine[] = { | |||
| 140 | .record_type = TLS13_HANDSHAKE, | 142 | .record_type = TLS13_HANDSHAKE, |
| 141 | .handshake_type = TLS13_MT_FINISHED, | 143 | .handshake_type = TLS13_MT_FINISHED, |
| 142 | .sender = TLS13_HS_SERVER, | 144 | .sender = TLS13_HS_SERVER, |
| 145 | .preserve_transcript_hash = 1, | ||
| 143 | .send = tls13_server_finished_send, | 146 | .send = tls13_server_finished_send, |
| 144 | .recv = tls13_server_finished_recv, | 147 | .recv = tls13_server_finished_recv, |
| 145 | }, | 148 | }, |
| @@ -361,6 +364,13 @@ tls13_handshake_recv_action(struct tls13_ctx *ctx, | |||
| 361 | if ((ret = tls13_handshake_msg_recv(ctx->hs_msg, ctx->rl)) <= 0) | 364 | if ((ret = tls13_handshake_msg_recv(ctx->hs_msg, ctx->rl)) <= 0) |
| 362 | return ret; | 365 | return ret; |
| 363 | 366 | ||
| 367 | if (action->preserve_transcript_hash) { | ||
| 368 | if (!tls1_transcript_hash_value(ctx->ssl, | ||
| 369 | ctx->hs->transcript_hash, sizeof(ctx->hs->transcript_hash), | ||
| 370 | &ctx->hs->transcript_hash_len)) | ||
| 371 | return TLS13_IO_FAILURE; | ||
| 372 | } | ||
| 373 | |||
| 364 | tls13_handshake_msg_data(ctx->hs_msg, &cbs); | 374 | tls13_handshake_msg_data(ctx->hs_msg, &cbs); |
| 365 | if (!tls1_transcript_record(ctx->ssl, CBS_data(&cbs), CBS_len(&cbs))) | 375 | if (!tls1_transcript_record(ctx->ssl, CBS_data(&cbs), CBS_len(&cbs))) |
| 366 | return TLS13_IO_FAILURE; | 376 | return TLS13_IO_FAILURE; |