kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Use SHA256_CTX instead of EVP_MD_CTX when computing Channel ID.

Browse Source 
Change-Id: I0bd7fdd276e7461ef08b8055bf3d0387f756739f
Reviewed-on: https://boringssl-review.googlesource.com/11682
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
This commit is contained in:
Nick Harper 2016-10-20 14:07:13 -07:00 committed by CQ bot account: commit-bot@chromium.org
parent c984611d2d
commit 9559401473
1 changed files with 12 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
ssl/t1_lib.c
View File

@ -3350,44 +3350,33 @@ int tls1_channel_id_hash(SSL *ssl, uint8_t *out, size_t *out_len) {
return 1; return 1;
} }
int ret = 0; SHA256_CTX ctx;
EVP_MD_CTX ctx;
EVP_MD_CTX_init(&ctx);
if (!EVP_DigestInit_ex(&ctx, EVP_sha256(), NULL)) {
goto err;
}
SHA256_Init(&ctx);
static const char kClientIDMagic[] = "TLS Channel ID signature"; static const char kClientIDMagic[] = "TLS Channel ID signature";
EVP_DigestUpdate(&ctx, kClientIDMagic, sizeof(kClientIDMagic)); SHA256_Update(&ctx, kClientIDMagic, sizeof(kClientIDMagic));
if (ssl->session != NULL) { if (ssl->session != NULL) {
static const char kResumptionMagic[] = "Resumption"; static const char kResumptionMagic[] = "Resumption";
EVP_DigestUpdate(&ctx, kResumptionMagic, sizeof(kResumptionMagic)); SHA256_Update(&ctx, kResumptionMagic, sizeof(kResumptionMagic));
if (ssl->session->original_handshake_hash_len == 0) { if (ssl->session->original_handshake_hash_len == 0) {
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
goto err; return 0;
} }
EVP_DigestUpdate(&ctx, ssl->session->original_handshake_hash, SHA256_Update(&ctx, ssl->session->original_handshake_hash,
ssl->session->original_handshake_hash_len); ssl->session->original_handshake_hash_len);
} }
uint8_t handshake_hash[EVP_MAX_MD_SIZE]; uint8_t handshake_hash[EVP_MAX_MD_SIZE];
int handshake_hash_len = tls1_handshake_digest(ssl, handshake_hash, int handshake_hash_len = tls1_handshake_digest(ssl, handshake_hash,
sizeof(handshake_hash)); sizeof(handshake_hash));
if (handshake_hash_len < 0) { if (handshake_hash_len < 0) {
goto err; return 0;
} }
EVP_DigestUpdate(&ctx, handshake_hash, (size_t)handshake_hash_len); SHA256_Update(&ctx, handshake_hash, (size_t)handshake_hash_len);
unsigned len_u; SHA256_Final(out, &ctx);
EVP_DigestFinal_ex(&ctx, out, &len_u); *out_len = SHA256_DIGEST_LENGTH;
*out_len = len_u; return 1;
ret = 1;
err:
EVP_MD_CTX_cleanup(&ctx);
return ret;
} }
/* tls1_record_handshake_hashes_for_channel_id records the current handshake /* tls1_record_handshake_hashes_for_channel_id records the current handshake