Prefix ext_key_share methods.
Change-Id: Id6a7443246479c62cbe0024e2131a2013959e21e Reviewed-on: https://boringssl-review.googlesource.com/9078 Reviewed-by: David Benjamin <davidben@google.com> Commit-Queue: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
This commit is contained in:
parent
7b689f6b9e
commit
7259f2fd08
@ -926,14 +926,14 @@ enum ssl_private_key_result_t tls13_prepare_certificate_verify(
|
||||
SSL *ssl, int is_first_run);
|
||||
int tls13_prepare_finished(SSL *ssl);
|
||||
|
||||
int ext_key_share_parse_serverhello(SSL *ssl, uint8_t **out_secret,
|
||||
size_t *out_secret_len, uint8_t *out_alert,
|
||||
CBS *contents);
|
||||
int ext_key_share_parse_clienthello(SSL *ssl,
|
||||
int *out_found, uint8_t **out_secret,
|
||||
size_t *out_secret_len, uint8_t *out_alert,
|
||||
CBS *contents);
|
||||
int ext_key_share_add_serverhello(SSL *ssl, CBB *out);
|
||||
int ssl_ext_key_share_parse_serverhello(SSL *ssl, uint8_t **out_secret,
|
||||
size_t *out_secret_len,
|
||||
uint8_t *out_alert, CBS *contents);
|
||||
int ssl_ext_key_share_parse_clienthello(SSL *ssl, int *out_found,
|
||||
uint8_t **out_secret,
|
||||
size_t *out_secret_len,
|
||||
uint8_t *out_alert, CBS *contents);
|
||||
int ssl_ext_key_share_add_serverhello(SSL *ssl, CBB *out);
|
||||
|
||||
int ssl_add_client_hello_body(SSL *ssl, CBB *body);
|
||||
|
||||
|
14
ssl/t1_lib.c
14
ssl/t1_lib.c
@ -2031,9 +2031,9 @@ static int ext_key_share_add_clienthello(SSL *ssl, CBB *out) {
|
||||
return CBB_flush(out);
|
||||
}
|
||||
|
||||
int ext_key_share_parse_serverhello(SSL *ssl, uint8_t **out_secret,
|
||||
size_t *out_secret_len, uint8_t *out_alert,
|
||||
CBS *contents) {
|
||||
int ssl_ext_key_share_parse_serverhello(SSL *ssl, uint8_t **out_secret,
|
||||
size_t *out_secret_len,
|
||||
uint8_t *out_alert, CBS *contents) {
|
||||
CBS peer_key;
|
||||
uint16_t group;
|
||||
if (!CBS_get_u16(contents, &group) ||
|
||||
@ -2067,10 +2067,10 @@ int ext_key_share_parse_serverhello(SSL *ssl, uint8_t **out_secret,
|
||||
return 1;
|
||||
}
|
||||
|
||||
int ext_key_share_parse_clienthello(SSL *ssl, int *out_found,
|
||||
int ssl_ext_key_share_parse_clienthello(SSL *ssl, int *out_found,
|
||||
uint8_t **out_secret,
|
||||
size_t *out_secret_len, uint8_t *out_alert,
|
||||
CBS *contents) {
|
||||
size_t *out_secret_len,
|
||||
uint8_t *out_alert, CBS *contents) {
|
||||
uint16_t group_id;
|
||||
CBS key_shares;
|
||||
if (!tls1_get_shared_group(ssl, &group_id) ||
|
||||
@ -2114,7 +2114,7 @@ int ext_key_share_parse_clienthello(SSL *ssl, int *out_found,
|
||||
return 1;
|
||||
}
|
||||
|
||||
int ext_key_share_add_serverhello(SSL *ssl, CBB *out) {
|
||||
int ssl_ext_key_share_add_serverhello(SSL *ssl, CBB *out) {
|
||||
if (ssl->s3->tmp.new_cipher->algorithm_mkey != SSL_kECDHE) {
|
||||
return 1;
|
||||
}
|
||||
|
@ -238,7 +238,7 @@ static enum ssl_hs_wait_t do_process_server_hello(SSL *ssl, SSL_HANDSHAKE *hs) {
|
||||
uint8_t *dhe_secret;
|
||||
size_t dhe_secret_len;
|
||||
uint8_t alert = SSL_AD_DECODE_ERROR;
|
||||
if (!ext_key_share_parse_serverhello(ssl, &dhe_secret, &dhe_secret_len,
|
||||
if (!ssl_ext_key_share_parse_serverhello(ssl, &dhe_secret, &dhe_secret_len,
|
||||
&alert, &key_share)) {
|
||||
ssl3_send_alert(ssl, SSL3_AL_FATAL, alert);
|
||||
return ssl_hs_error;
|
||||
|
@ -84,8 +84,9 @@ static int resolve_ecdhe_secret(SSL *ssl, int *out_need_retry,
|
||||
uint8_t *dhe_secret;
|
||||
size_t dhe_secret_len;
|
||||
uint8_t alert;
|
||||
if (!ext_key_share_parse_clienthello(ssl, &found_key_share, &dhe_secret,
|
||||
&dhe_secret_len, &alert, &key_share)) {
|
||||
if (!ssl_ext_key_share_parse_clienthello(ssl, &found_key_share, &dhe_secret,
|
||||
&dhe_secret_len, &alert,
|
||||
&key_share)) {
|
||||
ssl3_send_alert(ssl, SSL3_AL_FATAL, alert);
|
||||
return 0;
|
||||
}
|
||||
@ -311,7 +312,7 @@ static enum ssl_hs_wait_t do_send_server_hello(SSL *ssl, SSL_HANDSHAKE *hs) {
|
||||
!CBB_add_bytes(&body, ssl->s3->server_random, SSL3_RANDOM_SIZE) ||
|
||||
!CBB_add_u16(&body, ssl_cipher_get_value(ssl->s3->tmp.new_cipher)) ||
|
||||
!CBB_add_u16_length_prefixed(&body, &extensions) ||
|
||||
!ext_key_share_add_serverhello(ssl, &extensions) ||
|
||||
!ssl_ext_key_share_add_serverhello(ssl, &extensions) ||
|
||||
!ssl->method->finish_message(ssl, &cbb)) {
|
||||
CBB_cleanup(&cbb);
|
||||
return ssl_hs_error;
|
||||
|
Loading…
Reference in New Issue
Block a user