kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Update ssl3_get_channel_id for the simpler ECDSA_do_verify.

Browse Source 
The return values are now 1/0, not 1/0/-1.

Change-Id: If65bb08a229c7944cb439ec779df461904d0ec19
Reviewed-on: https://boringssl-review.googlesource.com/1607
Reviewed-by: Adam Langley <agl@google.com>
This commit is contained in:
David Benjamin 2014-08-24 02:22:29 -04:00 committed by Adam Langley
parent d30a990850
commit 3a66e2838c
1 changed files with 3 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
ssl/s3_srvr.c
View File

@ -2978,17 +2978,12 @@ int ssl3_get_channel_id(SSL *s)
/* We stored the handshake hash in |tlsext_channel_id| the first time
* that we were called. */
switch (ECDSA_do_verify(s->s3->tlsext_channel_id, SHA256_DIGEST_LENGTH, &sig, key)) {
case 1:
break;
case 0:
if (!ECDSA_do_verify(s->s3->tlsext_channel_id, SHA256_DIGEST_LENGTH, &sig, key))
{
OPENSSL_PUT_ERROR(SSL, ssl3_get_channel_id, SSL_R_CHANNEL_ID_SIGNATURE_INVALID);
s->s3->tlsext_channel_id_valid = 0;
goto err;
default:
s->s3->tlsext_channel_id_valid = 0;
goto err;
}
}
memcpy(s->s3->tlsext_channel_id, p, 64);
ret = 1;