summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorJoel Sing <jsing@cvs.openbsd.org>2019-02-09 15:26:16 +0000
committerJoel Sing <jsing@cvs.openbsd.org>2019-02-09 15:26:16 +0000
commita5d39962238a0507ff44de648cb1ffbf95e5e1ca (patch)
tree6b73c0b86d2bf39b74981f478891f4861e4792eb /lib
parent0349a391b9770d165b316852144531a0e541d9f3 (diff)
Rename tls1_handshake_hash*() to tls1_transcript_hash*().
While handshake hash is correct (in as far as it is a hash of handshake messages), using tls1_transcript_hash*() aligns them with the naming of the tls1_transcript*() functions. Additionally, the TLSv1.3 specification uses Transcript-Hash and "transcript hash", which this matches. ok inoguchi@ tb@
Diffstat (limited to 'lib')
-rw-r--r--lib/libssl/s3_lib.c6
-rw-r--r--lib/libssl/ssl_clnt.c8
-rw-r--r--lib/libssl/ssl_locl.h10
-rw-r--r--lib/libssl/ssl_srvr.c6
-rw-r--r--lib/libssl/t1_enc.c4
-rw-r--r--lib/libssl/t1_hash.c18
-rw-r--r--lib/libssl/tls13_client.c6
7 files changed, 29 insertions, 29 deletions
diff --git a/lib/libssl/s3_lib.c b/lib/libssl/s3_lib.c
index b7d87268abc..de928bd70e1 100644
--- a/lib/libssl/s3_lib.c
+++ b/lib/libssl/s3_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_lib.c,v 1.183 2019/01/24 15:50:47 beck Exp $ */
+/* $OpenBSD: s3_lib.c,v 1.184 2019/02/09 15:26:15 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -1574,7 +1574,7 @@ ssl3_free(SSL *s)
sk_X509_NAME_pop_free(S3I(s)->tmp.ca_names, X509_NAME_free);
tls1_transcript_free(s);
- tls1_handshake_hash_free(s);
+ tls1_transcript_hash_free(s);
free(S3I(s)->alpn_selected);
@@ -1622,7 +1622,7 @@ ssl3_clear(SSL *s)
wlen = S3I(s)->wbuf.len;
tls1_transcript_free(s);
- tls1_handshake_hash_free(s);
+ tls1_transcript_hash_free(s);
free(S3I(s)->alpn_selected);
S3I(s)->alpn_selected = NULL;
diff --git a/lib/libssl/ssl_clnt.c b/lib/libssl/ssl_clnt.c
index e9e900b6432..abdcc9791a5 100644
--- a/lib/libssl/ssl_clnt.c
+++ b/lib/libssl/ssl_clnt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_clnt.c,v 1.55 2019/01/23 18:39:28 beck Exp $ */
+/* $OpenBSD: ssl_clnt.c,v 1.56 2019/02/09 15:26:15 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -979,7 +979,7 @@ ssl3_get_server_hello(SSL *s)
}
S3I(s)->hs.new_cipher = cipher;
- if (!tls1_handshake_hash_init(s))
+ if (!tls1_transcript_hash_init(s))
goto err;
/*
@@ -2446,7 +2446,7 @@ ssl3_send_client_verify_rsa(SSL *s, CBB *cert_verify)
unsigned int signature_len = 0;
int ret = 0;
- if (!tls1_handshake_hash_value(s, data, sizeof(data), NULL))
+ if (!tls1_transcript_hash_value(s, data, sizeof(data), NULL))
goto err;
pkey = s->cert->key->privatekey;
@@ -2481,7 +2481,7 @@ ssl3_send_client_verify_ec(SSL *s, CBB *cert_verify)
unsigned int signature_len = 0;
int ret = 0;
- if (!tls1_handshake_hash_value(s, data, sizeof(data), NULL))
+ if (!tls1_transcript_hash_value(s, data, sizeof(data), NULL))
goto err;
pkey = s->cert->key->privatekey;
diff --git a/lib/libssl/ssl_locl.h b/lib/libssl/ssl_locl.h
index 90aca266258..a26b91976e4 100644
--- a/lib/libssl/ssl_locl.h
+++ b/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_locl.h,v 1.233 2019/01/24 02:56:41 beck Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.234 2019/02/09 15:26:15 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -1262,11 +1262,11 @@ int dtls1_enc(SSL *s, int snd);
int ssl_init_wbio_buffer(SSL *s, int push);
void ssl_free_wbio_buffer(SSL *s);
-int tls1_handshake_hash_init(SSL *s);
-int tls1_handshake_hash_update(SSL *s, const unsigned char *buf, size_t len);
-int tls1_handshake_hash_value(SSL *s, const unsigned char *out, size_t len,
+int tls1_transcript_hash_init(SSL *s);
+int tls1_transcript_hash_update(SSL *s, const unsigned char *buf, size_t len);
+int tls1_transcript_hash_value(SSL *s, const unsigned char *out, size_t len,
size_t *outlen);
-void tls1_handshake_hash_free(SSL *s);
+void tls1_transcript_hash_free(SSL *s);
int tls1_transcript_init(SSL *s);
void tls1_transcript_free(SSL *s);
diff --git a/lib/libssl/ssl_srvr.c b/lib/libssl/ssl_srvr.c
index afc7c94de89..6872fa3523a 100644
--- a/lib/libssl/ssl_srvr.c
+++ b/lib/libssl/ssl_srvr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_srvr.c,v 1.63 2019/01/18 00:54:42 jsing Exp $ */
+/* $OpenBSD: ssl_srvr.c,v 1.64 2019/02/09 15:26:15 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -575,7 +575,7 @@ ssl3_accept(SSL *s)
* We need to get hashes here so if there is
* a client cert, it can be verified.
*/
- if (!tls1_handshake_hash_value(s,
+ if (!tls1_transcript_hash_value(s,
S3I(s)->tmp.cert_verify_md,
sizeof(S3I(s)->tmp.cert_verify_md),
NULL)) {
@@ -1104,7 +1104,7 @@ ssl3_get_client_hello(SSL *s)
S3I(s)->hs.new_cipher = s->session->cipher;
}
- if (!tls1_handshake_hash_init(s))
+ if (!tls1_transcript_hash_init(s))
goto err;
alg_k = S3I(s)->hs.new_cipher->algorithm_mkey;
diff --git a/lib/libssl/t1_enc.c b/lib/libssl/t1_enc.c
index 33158e160ea..79a5bdd2b37 100644
--- a/lib/libssl/t1_enc.c
+++ b/lib/libssl/t1_enc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: t1_enc.c,v 1.116 2018/11/08 22:28:52 jsing Exp $ */
+/* $OpenBSD: t1_enc.c,v 1.117 2019/02/09 15:26:15 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -919,7 +919,7 @@ tls1_final_finish_mac(SSL *s, const char *str, int str_len, unsigned char *out)
if (str_len < 0)
return 0;
- if (!tls1_handshake_hash_value(s, buf, sizeof(buf), &hash_len))
+ if (!tls1_transcript_hash_value(s, buf, sizeof(buf), &hash_len))
return 0;
if (!tls1_PRF(s, s->session->master_key, s->session->master_key_length,
diff --git a/lib/libssl/t1_hash.c b/lib/libssl/t1_hash.c
index 50e0ad3ca06..12d66d4def9 100644
--- a/lib/libssl/t1_hash.c
+++ b/lib/libssl/t1_hash.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: t1_hash.c,v 1.5 2018/11/21 15:13:29 jsing Exp $ */
+/* $OpenBSD: t1_hash.c,v 1.6 2019/02/09 15:26:15 jsing Exp $ */
/*
* Copyright (c) 2017 Joel Sing <jsing@openbsd.org>
*
@@ -20,13 +20,13 @@
#include <openssl/ssl.h>
int
-tls1_handshake_hash_init(SSL *s)
+tls1_transcript_hash_init(SSL *s)
{
const unsigned char *data;
const EVP_MD *md;
size_t len;
- tls1_handshake_hash_free(s);
+ tls1_transcript_hash_free(s);
if (!ssl_get_handshake_evp_md(s, &md)) {
SSLerrorx(ERR_R_INTERNAL_ERROR);
@@ -46,7 +46,7 @@ tls1_handshake_hash_init(SSL *s)
SSLerror(s, SSL_R_BAD_HANDSHAKE_LENGTH);
goto err;
}
- if (!tls1_handshake_hash_update(s, data, len)) {
+ if (!tls1_transcript_hash_update(s, data, len)) {
SSLerror(s, ERR_R_EVP_LIB);
goto err;
}
@@ -54,13 +54,13 @@ tls1_handshake_hash_init(SSL *s)
return 1;
err:
- tls1_handshake_hash_free(s);
+ tls1_transcript_hash_free(s);
return 0;
}
int
-tls1_handshake_hash_update(SSL *s, const unsigned char *buf, size_t len)
+tls1_transcript_hash_update(SSL *s, const unsigned char *buf, size_t len)
{
if (S3I(s)->handshake_hash == NULL)
return 1;
@@ -69,7 +69,7 @@ tls1_handshake_hash_update(SSL *s, const unsigned char *buf, size_t len)
}
int
-tls1_handshake_hash_value(SSL *s, const unsigned char *out, size_t len,
+tls1_transcript_hash_value(SSL *s, const unsigned char *out, size_t len,
size_t *outlen)
{
EVP_MD_CTX *mdctx = NULL;
@@ -103,7 +103,7 @@ tls1_handshake_hash_value(SSL *s, const unsigned char *out, size_t len,
}
void
-tls1_handshake_hash_free(SSL *s)
+tls1_transcript_hash_free(SSL *s)
{
EVP_MD_CTX_free(S3I(s)->handshake_hash);
S3I(s)->handshake_hash = NULL;
@@ -191,7 +191,7 @@ tls1_transcript_freeze(SSL *s)
int
tls1_transcript_record(SSL *s, const unsigned char *buf, size_t len)
{
- if (!tls1_handshake_hash_update(s, buf, len))
+ if (!tls1_transcript_hash_update(s, buf, len))
return 0;
if (!tls1_transcript_append(s, buf, len))
diff --git a/lib/libssl/tls13_client.c b/lib/libssl/tls13_client.c
index df9b91b2029..6578438c786 100644
--- a/lib/libssl/tls13_client.c
+++ b/lib/libssl/tls13_client.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_client.c,v 1.4 2019/02/09 15:20:05 jsing Exp $ */
+/* $OpenBSD: tls13_client.c,v 1.5 2019/02/09 15:26:15 jsing Exp $ */
/*
* Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
*
@@ -288,9 +288,9 @@ tls13_server_hello_recv(struct tls13_ctx *ctx)
S3I(ctx->ssl)->hs_tls13.secrets = secrets;
/* XXX - pass in hash. */
- if (!tls1_handshake_hash_init(s))
+ if (!tls1_transcript_hash_init(s))
goto err;
- if (!tls1_handshake_hash_value(s, buf, sizeof(buf), &hash_len))
+ if (!tls1_transcript_hash_value(s, buf, sizeof(buf), &hash_len))
goto err;
context.data = buf;
context.len = hash_len;