diff options
| author | Joel Sing <jsing@cvs.openbsd.org> | 2020-09-15 16:07:18 +0000 |
|---|---|---|
| committer | Joel Sing <jsing@cvs.openbsd.org> | 2020-09-15 16:07:18 +0000 |
| commit | 9a896c7e639ba088cd77710952d520db3b70521e (patch) | |
| tree | 155a58a2f733236c36797deb9cb2c27b93c34e5b | |
| parent | 34ce00054951f853d3ff7d03d82d961fa0cf40fd (diff) | |
Split the tls12_record_layer_write_mac() function.
Split the existing tls12_record_layer_write_mac() function so that we can
soon reuse part of it for the read side.
No functional change.
ok tb@
| -rw-r--r-- | lib/libssl/tls12_record_layer.c | 29 |
1 files changed, 19 insertions, 10 deletions
diff --git a/lib/libssl/tls12_record_layer.c b/lib/libssl/tls12_record_layer.c index d1686cb5bde..1984e177bdc 100644 --- a/lib/libssl/tls12_record_layer.c +++ b/lib/libssl/tls12_record_layer.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls12_record_layer.c,v 1.2 2020/09/15 15:11:58 jsing Exp $ */ +/* $OpenBSD: tls12_record_layer.c,v 1.3 2020/09/15 16:07:17 jsing Exp $ */ /* * Copyright (c) 2020 Joel Sing <jsing@openbsd.org> * @@ -227,9 +227,10 @@ tls12_record_layer_pseudo_header(struct tls12_record_layer *rl, } static int -tls12_record_layer_write_mac(struct tls12_record_layer *rl, CBB *cbb, - uint8_t content_type, const uint8_t *content, size_t content_len, - size_t *out_len) +tls12_record_layer_mac(struct tls12_record_layer *rl, CBB *cbb, + EVP_MD_CTX *hash_ctx, int stream_mac, uint16_t epoch, uint8_t *seq_num, + size_t seq_num_len, uint8_t content_type, const uint8_t *content, + size_t content_len, size_t *out_len) { EVP_MD_CTX *mac_ctx = NULL; uint8_t *header = NULL; @@ -240,12 +241,11 @@ tls12_record_layer_write_mac(struct tls12_record_layer *rl, CBB *cbb, if ((mac_ctx = EVP_MD_CTX_new()) == NULL) goto err; - if (!EVP_MD_CTX_copy(mac_ctx, rl->write_hash_ctx)) + if (!EVP_MD_CTX_copy(mac_ctx, hash_ctx)) goto err; if (!tls12_record_layer_pseudo_header(rl, content_type, content_len, - rl->write_epoch, rl->write_seq_num, SSL3_SEQUENCE_SIZE, - &header, &header_len)) + epoch, seq_num, seq_num_len, &header, &header_len)) goto err; if (EVP_DigestSignUpdate(mac_ctx, header, header_len) <= 0) @@ -259,13 +259,12 @@ tls12_record_layer_write_mac(struct tls12_record_layer *rl, CBB *cbb, if (EVP_DigestSignFinal(mac_ctx, mac, &mac_len) <= 0) goto err; - if (rl->write_stream_mac) { - if (!EVP_MD_CTX_copy(rl->write_hash_ctx, mac_ctx)) + if (stream_mac) { + if (!EVP_MD_CTX_copy(hash_ctx, mac_ctx)) goto err; } *out_len = mac_len; - ret = 1; err: @@ -276,6 +275,16 @@ tls12_record_layer_write_mac(struct tls12_record_layer *rl, CBB *cbb, } static int +tls12_record_layer_write_mac(struct tls12_record_layer *rl, CBB *cbb, + uint8_t content_type, const uint8_t *content, size_t content_len, + size_t *out_len) +{ + return tls12_record_layer_mac(rl, cbb, rl->write_hash_ctx, + rl->write_stream_mac, rl->write_epoch, rl->write_seq_num, + SSL3_SEQUENCE_SIZE, content_type, content, content_len, out_len); +} + +static int tls12_record_layer_seal_record_plaintext(struct tls12_record_layer *rl, uint8_t content_type, const uint8_t *content, size_t content_len, CBB *out) { |