Rename algorithm2 to algorithm_prf.

It's purely the PRF function now, although it's still different from the rest due to the _DEFAULT field being weird. Change-Id: Iaea7a99cccdc8be4cd60f6c1503df5be2a63c4c5 Reviewed-on: https://boringssl-review.googlesource.com/5614 Reviewed-by: Adam Langley <agl@google.com>
2015-08-04 09:24:14 -04:00 · 2015-08-04 09:24:14 -04:00 · 5055c76709
commit 5055c76709
parent b2a985bfb8
6 changed files with 13 additions and 16 deletions
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@ -196,9 +196,7 @@ typedef struct ssl_cipher_st {
  uint32_t algorithm_mac;
  uint32_t algorithm_ssl;
  uint32_t algo_strength;
-
-  /* algorithm2 contains extra flags. See ssl/internal.h. */
-  uint32_t algorithm2;
+  uint32_t algorithm_prf;

  /* strength_bits is the strength of the cipher in bits. */
  int strength_bits;
--- a/ssl/internal.h
+++ b/ssl/internal.h
@ -202,8 +202,7 @@
 #define SSL_TLSV1 SSL_SSLV3
 #define SSL_TLSV1_2 0x00000004L

-/* Bits for |algorithm2| (handshake digests and other extra flags). */
-
+/* Bits for |algorithm_prf| (handshake digest). */
 #define SSL_HANDSHAKE_MAC_MD5 0x10
 #define SSL_HANDSHAKE_MAC_SHA 0x20
 #define SSL_HANDSHAKE_MAC_SHA256 0x40
@ -1181,7 +1180,7 @@ int ssl3_is_version_enabled(SSL *s, uint16_t version);
 * the wire version except at API boundaries. */
 uint16_t ssl3_version_from_wire(SSL *s, uint16_t wire_version);

-uint32_t ssl_get_algorithm2(SSL *s);
+uint32_t ssl_get_algorithm_prf(SSL *s);
 int tls1_process_sigalgs(SSL *s, const CBS *sigalgs);

 /* tls1_choose_signing_digest returns a digest for use with |ssl|'s private key
--- a/ssl/s3_enc.c
+++ b/ssl/s3_enc.c
@ -298,9 +298,9 @@ int ssl3_digest_cached_records(
    return 0;
  }

-  /* Loop through bits of algorithm2 field and create MD_CTX-es */
+  /* Loop through bits of algorithm_prf field and create MD_CTX-es */
  for (i = 0; ssl_get_handshake_digest(&mask, &md, i); i++) {
-    if ((mask & ssl_get_algorithm2(s)) && md) {
+    if ((mask & ssl_get_algorithm_prf(s)) && md) {
      s->s3->handshake_dgst[i] = EVP_MD_CTX_create();
      if (s->s3->handshake_dgst[i] == NULL) {
        OPENSSL_PUT_ERROR(SSL, ERR_LIB_EVP);
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@ -659,9 +659,9 @@ static int ssl3_set_req_cert_type(CERT *c, const uint8_t *p, size_t len) {

 /* If we are using default SHA1+MD5 algorithms switch to new SHA256 PRF and
 * handshake macs if required. */
-uint32_t ssl_get_algorithm2(SSL *s) {
+uint32_t ssl_get_algorithm_prf(SSL *s) {
  static const uint32_t kMask = SSL_HANDSHAKE_MAC_DEFAULT;
-  uint32_t alg2 = s->s3->tmp.new_cipher->algorithm2;
+  uint32_t alg2 = s->s3->tmp.new_cipher->algorithm_prf;
  if (s->enc_method->enc_flags & SSL_ENC_FLAG_SHA256_PRF &&
      (alg2 & kMask) == kMask) {
    return SSL_HANDSHAKE_MAC_SHA256;
--- a/ssl/ssl_cipher.c
+++ b/ssl/ssl_cipher.c
@ -1456,7 +1456,7 @@ static const char *ssl_cipher_get_enc_name(const SSL_CIPHER *cipher) {
 }

 static const char *ssl_cipher_get_prf_name(const SSL_CIPHER *cipher) {
-  if ((cipher->algorithm2 & SSL_HANDSHAKE_MAC_DEFAULT) ==
+  if ((cipher->algorithm_prf & SSL_HANDSHAKE_MAC_DEFAULT) ==
      SSL_HANDSHAKE_MAC_DEFAULT) {
    /* Before TLS 1.2, the PRF component is the hash used in the HMAC, which is
     * only ever MD5 or SHA-1. */
@ -1469,9 +1469,9 @@ static const char *ssl_cipher_get_prf_name(const SSL_CIPHER *cipher) {
        assert(0);
        return "UNKNOWN";
    }
-  } else if (cipher->algorithm2 & SSL_HANDSHAKE_MAC_SHA256) {
+  } else if (cipher->algorithm_prf & SSL_HANDSHAKE_MAC_SHA256) {
    return "SHA256";
-  } else if (cipher->algorithm2 & SSL_HANDSHAKE_MAC_SHA384) {
+  } else if (cipher->algorithm_prf & SSL_HANDSHAKE_MAC_SHA384) {
    return "SHA384";
  } else {
    assert(0);
--- a/ssl/t1_enc.c
+++ b/ssl/t1_enc.c
@ -245,7 +245,7 @@ int tls1_prf(SSL *s, uint8_t *out, size_t out_len, const uint8_t *secret,
  /* Count number of digests and partition |secret| evenly. */
  count = 0;
  for (idx = 0; ssl_get_handshake_digest(&m, &md, idx); idx++) {
-    if (m & ssl_get_algorithm2(s)) {
+    if (m & ssl_get_algorithm_prf(s)) {
      count++;
    }
  }
@ -260,7 +260,7 @@ int tls1_prf(SSL *s, uint8_t *out, size_t out_len, const uint8_t *secret,
  S1 = secret;
  memset(out, 0, out_len);
  for (idx = 0; ssl_get_handshake_digest(&m, &md, idx); idx++) {
-    if (m & ssl_get_algorithm2(s)) {
+    if (m & ssl_get_algorithm_prf(s)) {
      /* If |count| is 2 and |secret_len| is odd, |secret| is partitioned into
       * two halves with an overlapping byte. */
      if (!tls1_P_hash(tmp, out_len, md, S1, len + (secret_len & 1),
@ -521,7 +521,7 @@ int tls1_handshake_digest(SSL *s, uint8_t *out, size_t out_len) {
    unsigned int digest_len;
    EVP_MD_CTX *hdgst = s->s3->handshake_dgst[i];

-    if ((mask & ssl_get_algorithm2(s)) == 0) {
+    if ((mask & ssl_get_algorithm_prf(s)) == 0) {
      continue;
    }