From 6773972ff69742f7805139729dd327e266ad10c6 Mon Sep 17 00:00:00 2001 From: David Benjamin Date: Thu, 17 Nov 2016 17:03:59 +0900 Subject: [PATCH] Pass explicit hs parameters into t1_enc.c. Change-Id: I5ef0fe5cc3ae0d5029ae41db36e66d22d76f6158 Reviewed-on: https://boringssl-review.googlesource.com/12341 Reviewed-by: David Benjamin Commit-Queue: David Benjamin CQ-Verified: CQ bot account: commit-bot@chromium.org --- ssl/handshake_client.c | 4 ++-- ssl/handshake_server.c | 4 ++-- ssl/internal.h | 2 +- ssl/t1_enc.c | 18 ++++++++++-------- 4 files changed, 15 insertions(+), 13 deletions(-) diff --git a/ssl/handshake_client.c b/ssl/handshake_client.c index 76a08f57..2ee5408e 100644 --- a/ssl/handshake_client.c +++ b/ssl/handshake_client.c @@ -369,7 +369,7 @@ int ssl3_connect(SSL_HANDSHAKE *hs) { ssl->state = SSL3_ST_CW_NEXT_PROTO_A; - if (!tls1_change_cipher_state(ssl, SSL3_CHANGE_CIPHER_CLIENT_WRITE)) { + if (!tls1_change_cipher_state(hs, SSL3_CHANGE_CIPHER_CLIENT_WRITE)) { ret = -1; goto end; } @@ -460,7 +460,7 @@ int ssl3_connect(SSL_HANDSHAKE *hs) { goto end; } - if (!tls1_change_cipher_state(ssl, SSL3_CHANGE_CIPHER_CLIENT_READ)) { + if (!tls1_change_cipher_state(hs, SSL3_CHANGE_CIPHER_CLIENT_READ)) { ret = -1; goto end; } diff --git a/ssl/handshake_server.c b/ssl/handshake_server.c index 1cf668a7..0f0c8620 100644 --- a/ssl/handshake_server.c +++ b/ssl/handshake_server.c @@ -353,7 +353,7 @@ int ssl3_accept(SSL_HANDSHAKE *hs) { goto end; } - if (!tls1_change_cipher_state(ssl, SSL3_CHANGE_CIPHER_SERVER_READ)) { + if (!tls1_change_cipher_state(hs, SSL3_CHANGE_CIPHER_SERVER_READ)) { ret = -1; goto end; } @@ -429,7 +429,7 @@ int ssl3_accept(SSL_HANDSHAKE *hs) { } ssl->state = SSL3_ST_SW_FINISHED_A; - if (!tls1_change_cipher_state(ssl, SSL3_CHANGE_CIPHER_SERVER_WRITE)) { + if (!tls1_change_cipher_state(hs, SSL3_CHANGE_CIPHER_SERVER_WRITE)) { ret = -1; goto end; } diff --git a/ssl/internal.h b/ssl/internal.h index 534f2766..e307cb95 100644 --- a/ssl/internal.h +++ b/ssl/internal.h @@ -1842,7 +1842,7 @@ int ssl_is_wbio_buffered(const SSL *ssl); int ssl_init_wbio_buffer(SSL *ssl); void ssl_free_wbio_buffer(SSL *ssl); -int tls1_change_cipher_state(SSL *ssl, int which); +int tls1_change_cipher_state(SSL_HANDSHAKE *hs, int which); int tls1_handshake_digest(SSL *ssl, uint8_t *out, size_t out_len); int tls1_generate_master_secret(SSL *ssl, uint8_t *out, const uint8_t *premaster, size_t premaster_len); diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c index 4c7d3ee3..70907e18 100644 --- a/ssl/t1_enc.c +++ b/ssl/t1_enc.c @@ -258,8 +258,9 @@ static int tls1_prf(const SSL *ssl, uint8_t *out, size_t out_len, return 1; } -static int tls1_setup_key_block(SSL *ssl) { - if (ssl->s3->hs->key_block_len != 0) { +static int tls1_setup_key_block(SSL_HANDSHAKE *hs) { + SSL *const ssl = hs->ssl; + if (hs->key_block_len != 0) { return 1; } @@ -310,14 +311,15 @@ static int tls1_setup_key_block(SSL *ssl) { } assert(key_block_len < 256); - ssl->s3->hs->key_block_len = (uint8_t)key_block_len; - ssl->s3->hs->key_block = keyblock; + hs->key_block_len = (uint8_t)key_block_len; + hs->key_block = keyblock; return 1; } -int tls1_change_cipher_state(SSL *ssl, int which) { +int tls1_change_cipher_state(SSL_HANDSHAKE *hs, int which) { + SSL *const ssl = hs->ssl; /* Ensure the key block is set up. */ - if (!tls1_setup_key_block(ssl)) { + if (!tls1_setup_key_block(hs)) { return 0; } @@ -333,9 +335,9 @@ int tls1_change_cipher_state(SSL *ssl, int which) { size_t mac_secret_len = ssl->s3->tmp.new_mac_secret_len; size_t key_len = ssl->s3->tmp.new_key_len; size_t iv_len = ssl->s3->tmp.new_fixed_iv_len; - assert((mac_secret_len + key_len + iv_len) * 2 == ssl->s3->hs->key_block_len); + assert((mac_secret_len + key_len + iv_len) * 2 == hs->key_block_len); - const uint8_t *key_data = ssl->s3->hs->key_block; + const uint8_t *key_data = hs->key_block; const uint8_t *client_write_mac_secret = key_data; key_data += mac_secret_len; const uint8_t *server_write_mac_secret = key_data;