1 files changed, 44 insertions, 1 deletions
diff --git a/src/lib/libssl/tls13_lib.c b/src/lib/libssl/tls13_lib.c
index 044a0c5634..199f43ca16 100644
--- a/src/lib/libssl/tls13_lib.c
+++ b/src/lib/libssl/tls13_lib.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: tls13_lib.c,v 1.35 2020/04/21 16:55:17 jsing Exp $ */
+/*      $OpenBSD: tls13_lib.c,v 1.36 2020/04/28 20:30:41 jsing Exp $ */
 /*
 * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
 * Copyright (c) 2019 Bob Beck <beck@openbsd.org>
@@ -369,3 +369,46 @@ tls13_cert_add(CBB *cbb, X509 *cert)
        return 1;
 }
+int
+tls13_synthetic_handshake_message(struct tls13_ctx *ctx)
+{
+        struct tls13_handshake_msg *hm = NULL;
+        unsigned char buf[EVP_MAX_MD_SIZE];
+        size_t hash_len;
+        CBB cbb;
+        CBS cbs;
+        SSL *s = ctx->ssl;
+        int ret = 0;
+        /*
+         * Replace ClientHello with synthetic handshake message - see
+         * RFC 8446 section 4.4.1.
+         */
+        if (!tls1_transcript_hash_init(s))
+                goto err;
+        if (!tls1_transcript_hash_value(s, buf, sizeof(buf), &hash_len))
+                goto err;
+        if ((hm = tls13_handshake_msg_new()) == NULL)
+                goto err;
+        if (!tls13_handshake_msg_start(hm, &cbb, TLS13_MT_MESSAGE_HASH))
+                goto err;
+        if (!CBB_add_bytes(&cbb, buf, hash_len))
+                goto err;
+        if (!tls13_handshake_msg_finish(hm))
+                goto err;
+        tls13_handshake_msg_data(hm, &cbs);
+        tls1_transcript_reset(ctx->ssl);
+        if (!tls1_transcript_record(ctx->ssl, CBS_data(&cbs), CBS_len(&cbs)))
+                goto err;
+        ret = 1;
+ err:
+        tls13_handshake_msg_free(hm);
+        return ret;
+}

diff --git a/src/lib/libssl/tls13_lib.c b/src/lib/libssl/tls13_lib.c index 044a0c5634..199f43ca16 100644 --- a/src/lib/libssl/tls13_lib.c +++ b/src/lib/libssl/tls13_lib.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: tls13_lib.c,v 1.35 2020/04/21 16:55:17 jsing Exp $ */	1	/* $OpenBSD: tls13_lib.c,v 1.36 2020/04/28 20:30:41 jsing Exp $ */
2	/*	2	/*
3	* Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>	3	* Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
4	* Copyright (c) 2019 Bob Beck <beck@openbsd.org>	4	* Copyright (c) 2019 Bob Beck <beck@openbsd.org>
@@ -369,3 +369,46 @@ tls13_cert_add(CBB cbb, X509 cert)
369		369
370	return 1;	370	return 1;
371	}	371	}
		372
		373	int
		374	tls13_synthetic_handshake_message(struct tls13_ctx *ctx)
		375	{
		376	struct tls13_handshake_msg *hm = NULL;
		377	unsigned char buf[EVP_MAX_MD_SIZE];
		378	size_t hash_len;
		379	CBB cbb;
		380	CBS cbs;
		381	SSL *s = ctx->ssl;
		382	int ret = 0;
		383
		384	/*
		385	* Replace ClientHello with synthetic handshake message - see
		386	* RFC 8446 section 4.4.1.
		387	*/
		388	if (!tls1_transcript_hash_init(s))
		389	goto err;
		390	if (!tls1_transcript_hash_value(s, buf, sizeof(buf), &hash_len))
		391	goto err;
		392
		393	if ((hm = tls13_handshake_msg_new()) == NULL)
		394	goto err;
		395	if (!tls13_handshake_msg_start(hm, &cbb, TLS13_MT_MESSAGE_HASH))
		396	goto err;
		397	if (!CBB_add_bytes(&cbb, buf, hash_len))
		398	goto err;
		399	if (!tls13_handshake_msg_finish(hm))
		400	goto err;
		401
		402	tls13_handshake_msg_data(hm, &cbs);
		403
		404	tls1_transcript_reset(ctx->ssl);
		405	if (!tls1_transcript_record(ctx->ssl, CBS_data(&cbs), CBS_len(&cbs)))
		406	goto err;
		407
		408	ret = 1;
		409
		410	err:
		411	tls13_handshake_msg_free(hm);
		412
		413	return ret;
		414	}