kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Pass explicit hs parameters into t1_enc.c.

Browse Source 
Change-Id: I5ef0fe5cc3ae0d5029ae41db36e66d22d76f6158
Reviewed-on: https://boringssl-review.googlesource.com/12341
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
This commit is contained in:
David Benjamin 2016-11-17 17:03:59 +09:00
parent 2bd1917866
commit 6773972ff6
4 changed files with 15 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ssl/handshake_client.c
View File

@ -369,7 +369,7 @@ int ssl3_connect(SSL_HANDSHAKE *hs) {
ssl->state = SSL3_ST_CW_NEXT_PROTO_A;
if (!tls1_change_cipher_state(ssl, SSL3_CHANGE_CIPHER_CLIENT_WRITE)) {
if (!tls1_change_cipher_state(hs, SSL3_CHANGE_CIPHER_CLIENT_WRITE)) {
ret = -1;
goto end;
}
@ -460,7 +460,7 @@ int ssl3_connect(SSL_HANDSHAKE *hs) {
goto end;
}
if (!tls1_change_cipher_state(ssl, SSL3_CHANGE_CIPHER_CLIENT_READ)) {
if (!tls1_change_cipher_state(hs, SSL3_CHANGE_CIPHER_CLIENT_READ)) {
ret = -1;
goto end;
}

4
ssl/handshake_server.c
View File

@ -353,7 +353,7 @@ int ssl3_accept(SSL_HANDSHAKE *hs) {
goto end;
}
if (!tls1_change_cipher_state(ssl, SSL3_CHANGE_CIPHER_SERVER_READ)) {
if (!tls1_change_cipher_state(hs, SSL3_CHANGE_CIPHER_SERVER_READ)) {
ret = -1;
goto end;
}
@ -429,7 +429,7 @@ int ssl3_accept(SSL_HANDSHAKE *hs) {
}
ssl->state = SSL3_ST_SW_FINISHED_A;
if (!tls1_change_cipher_state(ssl, SSL3_CHANGE_CIPHER_SERVER_WRITE)) {
if (!tls1_change_cipher_state(hs, SSL3_CHANGE_CIPHER_SERVER_WRITE)) {
ret = -1;
goto end;
}

2
ssl/internal.h
View File

@ -1842,7 +1842,7 @@ int ssl_is_wbio_buffered(const SSL *ssl);
int ssl_init_wbio_buffer(SSL *ssl);
void ssl_free_wbio_buffer(SSL *ssl);
int tls1_change_cipher_state(SSL *ssl, int which);
int tls1_change_cipher_state(SSL_HANDSHAKE *hs, int which);
int tls1_handshake_digest(SSL *ssl, uint8_t *out, size_t out_len);
int tls1_generate_master_secret(SSL *ssl, uint8_t *out, const uint8_t *premaster,
size_t premaster_len);

18
ssl/t1_enc.c
View File

@ -258,8 +258,9 @@ static int tls1_prf(const SSL *ssl, uint8_t *out, size_t out_len,
return 1;
}
static int tls1_setup_key_block(SSL *ssl) {
if (ssl->s3->hs->key_block_len != 0) {
static int tls1_setup_key_block(SSL_HANDSHAKE *hs) {
SSL *const ssl = hs->ssl;
if (hs->key_block_len != 0) {
return 1;
}
@ -310,14 +311,15 @@ static int tls1_setup_key_block(SSL *ssl) {
}
assert(key_block_len < 256);
ssl->s3->hs->key_block_len = (uint8_t)key_block_len;
ssl->s3->hs->key_block = keyblock;
hs->key_block_len = (uint8_t)key_block_len;
hs->key_block = keyblock;
return 1;
}
int tls1_change_cipher_state(SSL *ssl, int which) {
int tls1_change_cipher_state(SSL_HANDSHAKE *hs, int which) {
SSL *const ssl = hs->ssl;
/* Ensure the key block is set up. */
if (!tls1_setup_key_block(ssl)) {
if (!tls1_setup_key_block(hs)) {
return 0;
}
@ -333,9 +335,9 @@ int tls1_change_cipher_state(SSL *ssl, int which) {
size_t mac_secret_len = ssl->s3->tmp.new_mac_secret_len;
size_t key_len = ssl->s3->tmp.new_key_len;
size_t iv_len = ssl->s3->tmp.new_fixed_iv_len;
assert((mac_secret_len + key_len + iv_len) * 2 == ssl->s3->hs->key_block_len);
assert((mac_secret_len + key_len + iv_len) * 2 == hs->key_block_len);
const uint8_t *key_data = ssl->s3->hs->key_block;
const uint8_t *key_data = hs->key_block;
const uint8_t *client_write_mac_secret = key_data;
key_data += mac_secret_len;
const uint8_t *server_write_mac_secret = key_data;