diff options
| author | Joel Sing <jsing@cvs.openbsd.org> | 2016-12-06 13:17:53 +0000 |
|---|---|---|
| committer | Joel Sing <jsing@cvs.openbsd.org> | 2016-12-06 13:17:53 +0000 |
| commit | 8ad427bc896da05a49f95213ce3ee7d4aca58696 (patch) | |
| tree | 710ad798f39d6b5cb8d4f276a04e83a47ebfbe48 /lib/libssl/s3_lib.c | |
| parent | 3d7c4962019ee9501d058420ebb2ec94b60d5d6e (diff) | |
Convert certificate handshake message generation to CBB, with some clean
up and restructure.
This also adds CBB based variants of the ssl3_handshake_msg_{start,finish}
functions - for the time being these use a CBB to build the messages, then
copy back into the init_buf.
ok doug@
Diffstat (limited to 'lib/libssl/s3_lib.c')
| -rw-r--r-- | lib/libssl/s3_lib.c | 73 |
1 files changed, 72 insertions, 1 deletions
diff --git a/lib/libssl/s3_lib.c b/lib/libssl/s3_lib.c index e66394a491b..db9292172d9 100644 --- a/lib/libssl/s3_lib.c +++ b/lib/libssl/s3_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s3_lib.c,v 1.112 2016/11/06 13:11:40 jsing Exp $ */ +/* $OpenBSD: s3_lib.c,v 1.113 2016/12/06 13:17:52 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -148,6 +148,7 @@ * OTHERWISE. */ +#include <limits.h> #include <stdio.h> #include <openssl/dh.h> @@ -1725,6 +1726,76 @@ ssl3_handshake_msg_finish(SSL *s, unsigned int len) } int +ssl3_handshake_msg_start_cbb(SSL *s, CBB *handshake, CBB *body, + uint8_t msg_type) +{ + int ret = 0; + + if (!CBB_init(handshake, SSL3_RT_MAX_PLAIN_LENGTH)) + goto err; + if (!CBB_add_u8(handshake, msg_type)) + goto err; + if (SSL_IS_DTLS(s)) { + unsigned char *data; + + if (!CBB_add_space(handshake, &data, DTLS1_HM_HEADER_LENGTH - + SSL3_HM_HEADER_LENGTH)) + goto err; + } + if (!CBB_add_u24_length_prefixed(handshake, body)) + goto err; + + ret = 1; + + err: + return (ret); +} + +int +ssl3_handshake_msg_finish_cbb(SSL *s, CBB *handshake) +{ + unsigned char *data = NULL; + size_t outlen; + int ret = 0; + + if (!CBB_finish(handshake, &data, &outlen)) + goto err; + + if (outlen > INT_MAX) + goto err; + + if (!BUF_MEM_grow_clean(s->init_buf, outlen)) + goto err; + + memcpy(s->init_buf->data, data, outlen); + + s->init_num = (int)outlen; + s->init_off = 0; + + if (SSL_IS_DTLS(s)) { + unsigned long len; + uint8_t msg_type; + CBS cbs; + + CBS_init(&cbs, data, outlen); + if (!CBS_get_u8(&cbs, &msg_type)) + goto err; + + len = outlen - ssl3_handshake_msg_hdr_len(s); + + dtls1_set_message_header(s, data, msg_type, len, 0, len); + dtls1_buffer_message(s, 0); + } + + ret = 1; + + err: + free(data); + + return (ret); +} + +int ssl3_handshake_write(SSL *s) { if (SSL_IS_DTLS(s)) |