From ce479dfa8834d99cf53bfcea2e6036301c921acb Mon Sep 17 00:00:00 2001
From: jsing <>
Date: Tue, 5 Jan 2021 17:32:39 +0000
Subject: Use consistent names in tls13_{client,server}_finished_{recv,send}().

In tls13_{client,server}_finished_recv() we use verify_data_len, which
makes more sense than hmac_len. Use the same name in
tls13_{client,server}_finished_send(), keeping things consistent between
functions.

ok tb@
---
 src/lib/libssl/tls13_client.c | 12 ++++++------
 src/lib/libssl/tls13_server.c | 12 ++++++------
 2 files changed, 12 insertions(+), 12 deletions(-)

(limited to 'src/lib')

diff --git a/src/lib/libssl/tls13_client.c b/src/lib/libssl/tls13_client.c
index f804f27293..25d78d1332 100644
--- a/src/lib/libssl/tls13_client.c
+++ b/src/lib/libssl/tls13_client.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_client.c,v 1.68 2020/12/14 15:26:36 tb Exp $ */
+/* $OpenBSD: tls13_client.c,v 1.69 2021/01/05 17:32:39 jsing Exp $ */
 /*
  * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
  *
@@ -1039,7 +1039,7 @@ tls13_client_finished_send(struct tls13_ctx *ctx, CBB *cbb)
 	size_t transcript_hash_len;
 	uint8_t key[EVP_MAX_MD_SIZE];
 	uint8_t *verify_data;
-	size_t hmac_len;
+	size_t verify_data_len;
 	unsigned int hlen;
 	HMAC_CTX *hmac_ctx = NULL;
 	CBS cbs;
@@ -1066,15 +1066,15 @@ tls13_client_finished_send(struct tls13_ctx *ctx, CBB *cbb)
 	if (!HMAC_Update(hmac_ctx, transcript_hash, transcript_hash_len))
 		goto err;
 
-	hmac_len = HMAC_size(hmac_ctx);
-	if (!CBB_add_space(cbb, &verify_data, hmac_len))
+	verify_data_len = HMAC_size(hmac_ctx);
+	if (!CBB_add_space(cbb, &verify_data, verify_data_len))
 		goto err;
 	if (!HMAC_Final(hmac_ctx, verify_data, &hlen))
 		goto err;
-	if (hlen != hmac_len)
+	if (hlen != verify_data_len)
 		goto err;
 
-	CBS_init(&cbs, verify_data, hmac_len);
+	CBS_init(&cbs, verify_data, verify_data_len);
 	if (!CBS_write_bytes(&cbs, S3I(s)->tmp.finish_md,
 	    sizeof(S3I(s)->tmp.finish_md), &S3I(s)->tmp.finish_md_len))
 		goto err;
diff --git a/src/lib/libssl/tls13_server.c b/src/lib/libssl/tls13_server.c
index 549383e331..9e5664b79a 100644
--- a/src/lib/libssl/tls13_server.c
+++ b/src/lib/libssl/tls13_server.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_server.c,v 1.65 2021/01/05 17:14:46 jsing Exp $ */
+/* $OpenBSD: tls13_server.c,v 1.66 2021/01/05 17:32:39 jsing Exp $ */
 /*
  * Copyright (c) 2019, 2020 Joel Sing <jsing@openbsd.org>
  * Copyright (c) 2020 Bob Beck <beck@openbsd.org>
@@ -775,7 +775,7 @@ tls13_server_finished_send(struct tls13_ctx *ctx, CBB *cbb)
 	size_t transcript_hash_len;
 	uint8_t key[EVP_MAX_MD_SIZE];
 	uint8_t *verify_data;
-	size_t hmac_len;
+	size_t verify_data_len;
 	unsigned int hlen;
 	HMAC_CTX *hmac_ctx = NULL;
 	CBS cbs;
@@ -802,15 +802,15 @@ tls13_server_finished_send(struct tls13_ctx *ctx, CBB *cbb)
 	if (!HMAC_Update(hmac_ctx, transcript_hash, transcript_hash_len))
 		goto err;
 
-	hmac_len = HMAC_size(hmac_ctx);
-	if (!CBB_add_space(cbb, &verify_data, hmac_len))
+	verify_data_len = HMAC_size(hmac_ctx);
+	if (!CBB_add_space(cbb, &verify_data, verify_data_len))
 		goto err;
 	if (!HMAC_Final(hmac_ctx, verify_data, &hlen))
 		goto err;
-	if (hlen != hmac_len)
+	if (hlen != verify_data_len)
 		goto err;
 
-	CBS_init(&cbs, verify_data, hmac_len);
+	CBS_init(&cbs, verify_data, verify_data_len);
 	if (!CBS_write_bytes(&cbs, S3I(s)->tmp.finish_md,
 	    sizeof(S3I(s)->tmp.finish_md), &S3I(s)->tmp.finish_md_len))
 		goto err;
-- 
cgit v1.2.3-55-g6feb