kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Another scoper conversion.

Browse Source 
Change-Id: I2cc4b76d6368e8962aa601255e1d92e00614c9ec
Reviewed-on: https://boringssl-review.googlesource.com/22465
Commit-Queue: Steven Valdez <svaldez@google.com>
Reviewed-by: Steven Valdez <svaldez@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
This commit is contained in:
David Benjamin 2017-10-27 01:12:34 -04:00 committed by CQ bot account: commit-bot@chromium.org
parent 2637f3c431
commit f1db1a398d
2 changed files with 17 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ssl/internal.h
View File

@ -2863,8 +2863,8 @@ int tls1_verify_channel_id(SSL_HANDSHAKE *hs, const SSLMessage &msg);
// tls1_write_channel_id generates a Channel ID message and puts the output in // tls1_write_channel_id generates a Channel ID message and puts the output in
// |cbb|. |ssl->tlsext_channel_id_private| must already be set before calling. // |cbb|. |ssl->tlsext_channel_id_private| must already be set before calling.
// This function returns one on success and zero on error. // This function returns true on success and false on error.
int tls1_write_channel_id(SSL_HANDSHAKE *hs, CBB *cbb); bool tls1_write_channel_id(SSL_HANDSHAKE *hs, CBB *cbb);
// tls1_channel_id_hash computes the hash to be signed by Channel ID and writes // tls1_channel_id_hash computes the hash to be signed by Channel ID and writes
// it to |out|, which must contain at least |EVP_MAX_MD_SIZE| bytes. It returns // it to |out|, which must contain at least |EVP_MAX_MD_SIZE| bytes. It returns

39
ssl/t1_lib.cc
View File

@ -3265,54 +3265,45 @@ int tls1_verify_channel_id(SSL_HANDSHAKE *hs, const SSLMessage &msg) {
return 1; return 1;
} }
int tls1_write_channel_id(SSL_HANDSHAKE *hs, CBB *cbb) { bool tls1_write_channel_id(SSL_HANDSHAKE *hs, CBB *cbb) {
SSL *const ssl = hs->ssl; SSL *const ssl = hs->ssl;
uint8_t digest[EVP_MAX_MD_SIZE]; uint8_t digest[EVP_MAX_MD_SIZE];
size_t digest_len; size_t digest_len;
if (!tls1_channel_id_hash(hs, digest, &digest_len)) { if (!tls1_channel_id_hash(hs, digest, &digest_len)) {
return 0; return false;
} }
EC_KEY *ec_key = EVP_PKEY_get0_EC_KEY(ssl->tlsext_channel_id_private); EC_KEY *ec_key = EVP_PKEY_get0_EC_KEY(ssl->tlsext_channel_id_private);
if (ec_key == NULL) { if (ec_key == nullptr) {
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
return 0; return false;
} }
int ret = 0; UniquePtr<BIGNUM> x(BN_new()), y(BN_new());
BIGNUM *x = BN_new(); if (!x || !y ||
BIGNUM *y = BN_new();
ECDSA_SIG *sig = NULL;
if (x == NULL || y == NULL ||
!EC_POINT_get_affine_coordinates_GFp(EC_KEY_get0_group(ec_key), !EC_POINT_get_affine_coordinates_GFp(EC_KEY_get0_group(ec_key),
EC_KEY_get0_public_key(ec_key), EC_KEY_get0_public_key(ec_key),
x, y, NULL)) { x.get(), y.get(), nullptr)) {
goto err; return false;
} }
sig = ECDSA_do_sign(digest, digest_len, ec_key); UniquePtr<ECDSA_SIG> sig(ECDSA_do_sign(digest, digest_len, ec_key));
if (sig == NULL) { if (!sig) {
goto err; return false;
} }
CBB child; CBB child;
if (!CBB_add_u16(cbb, TLSEXT_TYPE_channel_id) || if (!CBB_add_u16(cbb, TLSEXT_TYPE_channel_id) ||
!CBB_add_u16_length_prefixed(cbb, &child) || !CBB_add_u16_length_prefixed(cbb, &child) ||
!BN_bn2cbb_padded(&child, 32, x) || !BN_bn2cbb_padded(&child, 32, x.get()) ||
!BN_bn2cbb_padded(&child, 32, y) || !BN_bn2cbb_padded(&child, 32, y.get()) ||
!BN_bn2cbb_padded(&child, 32, sig->r) || !BN_bn2cbb_padded(&child, 32, sig->r) ||
!BN_bn2cbb_padded(&child, 32, sig->s) || !BN_bn2cbb_padded(&child, 32, sig->s) ||
!CBB_flush(cbb)) { !CBB_flush(cbb)) {
goto err; return false;
} }
ret = 1; return true;
err:
BN_free(x);
BN_free(y);
ECDSA_SIG_free(sig);
return ret;
} }
int tls1_channel_id_hash(SSL_HANDSHAKE *hs, uint8_t *out, size_t *out_len) { int tls1_channel_id_hash(SSL_HANDSHAKE *hs, uint8_t *out, size_t *out_len) {