@@ -1990,7 +1990,8 @@ static int ext_pre_shared_key_add_clienthello(SSL_HANDSHAKE *hs, CBB *out) {
return CBB_flush(out);
}
int ssl_ext_pre_shared_key_parse_serverhello(SSL *ssl, uint8_t *out_alert,
int ssl_ext_pre_shared_key_parse_serverhello(SSL_HANDSHAKE *hs,
uint8_t *out_alert,
CBS *contents) {
uint16_t psk_id;
if (!CBS_get_u16(contents, &psk_id) ||
@@ -2010,11 +2011,12 @@ int ssl_ext_pre_shared_key_parse_serverhello(SSL *ssl, uint8_t *out_alert,
return 1;
}
int ssl_ext_pre_shared_key_parse_clienthello(SSL *ssl ,
int ssl_ext_pre_shared_key_parse_clienthello(SSL_HANDSHAKE *hs ,
SSL_SESSION **out_session,
CBS *out_binders,
uint8_t *out_alert,
CBS *contents) {
SSL *const ssl = hs->ssl;
/* We only process the first PSK identity since we don't support pure PSK. */
uint32_t obfuscated_ticket_age;
CBS identities, ticket, binders;
@@ -2081,8 +2083,8 @@ int ssl_ext_pre_shared_key_parse_clienthello(SSL *ssl,
return 1;
}
int ssl_ext_pre_shared_key_add_serverhello(SSL *ssl , CBB *out) {
if (!ssl->s3->session_reused) {
int ssl_ext_pre_shared_key_add_serverhello(SSL_HANDSHAKE *hs , CBB *out) {
if (!hs-> ssl->s3->session_reused) {
return 1;
}
@@ -2260,9 +2262,10 @@ static int ext_key_share_add_clienthello(SSL_HANDSHAKE *hs, CBB *out) {
return CBB_flush(out);
}
int ssl_ext_key_share_parse_serverhello(SSL *ssl , uint8_t **out_secret,
int ssl_ext_key_share_parse_serverhello(SSL_HANDSHAKE *hs , uint8_t **out_secret,
size_t *out_secret_len,
uint8_t *out_alert, CBS *contents) {
SSL *const ssl = hs->ssl;
CBS peer_key;
uint16_t group_id;
if (!CBS_get_u16(contents, &group_id) ||
@@ -2272,28 +2275,28 @@ int ssl_ext_key_share_parse_serverhello(SSL *ssl, uint8_t **out_secret,
return 0;
}
if (SSL_ECDH_CTX_get_id(&ssl->s3-> hs->ecdh_ctx) != group_id) {
if (SSL_ECDH_CTX_get_id(&hs->ecdh_ctx) != group_id) {
*out_alert = SSL_AD_ILLEGAL_PARAMETER;
OPENSSL_PUT_ERROR(SSL, SSL_R_WRONG_CURVE);
return 0;
}
if (!SSL_ECDH_CTX_finish(&ssl->s3->hs->ecdh_ctx, out_secret, out_secret_len,
out_alert, CBS_data(&peer_key),
CBS_len(&peer_key))) {
if (!SSL_ECDH_CTX_finish(&hs->ecdh_ctx, out_secret, out_secret_len, out_alert,
CBS_data(&peer_key), CBS_len(&peer_key))) {
*out_alert = SSL_AD_INTERNAL_ERROR;
return 0;
}
ssl->s3->new_session->key_exchange_info = group_id;
SSL_ECDH_CTX_cleanup(&ssl->s3-> hs->ecdh_ctx);
SSL_ECDH_CTX_cleanup(&hs->ecdh_ctx);
return 1;
}
int ssl_ext_key_share_parse_clienthello(SSL *ssl , int *out_found,
int ssl_ext_key_share_parse_clienthello(SSL_HANDSHAKE *hs , int *out_found,
uint8_t **out_secret,
size_t *out_secret_len,
uint8_t *out_alert, CBS *contents) {
SSL *const ssl = hs->ssl;
uint16_t group_id;
CBS key_shares;
if (!tls1_get_shared_group(ssl, &group_id)) {
@@ -2348,11 +2351,9 @@ int ssl_ext_key_share_parse_clienthello(SSL *ssl, int *out_found,
CBB public_key;
if (!CBB_init(&public_key, 32) ||
!SSL_ECDH_CTX_init(&group, group_id) ||
!SSL_ECDH_CTX_accept(&group, &public_key, &secret, &secret_len,
out_alert, CBS_data(&peer_key),
CBS_len(&peer_key)) ||
!CBB_finish(&public_key, &ssl->s3->hs->public_key,
&ssl->s3->hs->public_key_len)) {
!SSL_ECDH_CTX_accept(&group, &public_key, &secret, &secret_len, out_alert,
CBS_data(&peer_key), CBS_len(&peer_key)) ||
!CBB_finish(&public_key, &hs->public_key, &hs->public_key_len)) {
OPENSSL_free(secret);
SSL_ECDH_CTX_cleanup(&group);
CBB_cleanup(&public_key);
@@ -2368,7 +2369,8 @@ int ssl_ext_key_share_parse_clienthello(SSL *ssl, int *out_found,
return 1;
}
int ssl_ext_key_share_add_serverhello(SSL *ssl, CBB *out) {
int ssl_ext_key_share_add_serverhello(SSL_HANDSHAKE *hs, CBB *out) {
SSL *const ssl = hs->ssl;
uint16_t group_id;
CBB kse_bytes, public_key;
if (!tls1_get_shared_group(ssl, &group_id) ||
@@ -2376,15 +2378,14 @@ int ssl_ext_key_share_add_serverhello(SSL *ssl, CBB *out) {
!CBB_add_u16_length_prefixed(out, &kse_bytes) ||
!CBB_add_u16(&kse_bytes, group_id) ||
!CBB_add_u16_length_prefixed(&kse_bytes, &public_key) ||
!CBB_add_bytes(&public_key, ssl->s3->hs->public_key,
ssl->s3->hs->public_key_len) ||
!CBB_add_bytes(&public_key, hs->public_key, hs->public_key_len) ||
!CBB_flush(out)) {
return 0;
}
OPENSSL_free(ssl->s3-> hs->public_key);
ssl->s3-> hs->public_key = NULL;
ssl->s3-> hs->public_key_len = 0;
OPENSSL_free(hs->public_key);
hs->public_key = NULL;
hs->public_key_len = 0;
ssl->s3->new_session->key_exchange_info = group_id;
return 1;