From 8ad427bc896da05a49f95213ce3ee7d4aca58696 Mon Sep 17 00:00:00 2001 From: Joel Sing Date: Tue, 6 Dec 2016 13:17:53 +0000 Subject: Convert certificate handshake message generation to CBB, with some clean up and restructure. This also adds CBB based variants of the ssl3_handshake_msg_{start,finish} functions - for the time being these use a CBB to build the messages, then copy back into the init_buf. ok doug@ --- lib/libssl/s3_lib.c | 73 ++++++++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 72 insertions(+), 1 deletion(-) (limited to 'lib/libssl/s3_lib.c') diff --git a/lib/libssl/s3_lib.c b/lib/libssl/s3_lib.c index e66394a491b..db9292172d9 100644 --- a/lib/libssl/s3_lib.c +++ b/lib/libssl/s3_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s3_lib.c,v 1.112 2016/11/06 13:11:40 jsing Exp $ */ +/* $OpenBSD: s3_lib.c,v 1.113 2016/12/06 13:17:52 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -148,6 +148,7 @@ * OTHERWISE. */ +#include #include #include @@ -1724,6 +1725,76 @@ ssl3_handshake_msg_finish(SSL *s, unsigned int len) } } +int +ssl3_handshake_msg_start_cbb(SSL *s, CBB *handshake, CBB *body, + uint8_t msg_type) +{ + int ret = 0; + + if (!CBB_init(handshake, SSL3_RT_MAX_PLAIN_LENGTH)) + goto err; + if (!CBB_add_u8(handshake, msg_type)) + goto err; + if (SSL_IS_DTLS(s)) { + unsigned char *data; + + if (!CBB_add_space(handshake, &data, DTLS1_HM_HEADER_LENGTH - + SSL3_HM_HEADER_LENGTH)) + goto err; + } + if (!CBB_add_u24_length_prefixed(handshake, body)) + goto err; + + ret = 1; + + err: + return (ret); +} + +int +ssl3_handshake_msg_finish_cbb(SSL *s, CBB *handshake) +{ + unsigned char *data = NULL; + size_t outlen; + int ret = 0; + + if (!CBB_finish(handshake, &data, &outlen)) + goto err; + + if (outlen > INT_MAX) + goto err; + + if (!BUF_MEM_grow_clean(s->init_buf, outlen)) + goto err; + + memcpy(s->init_buf->data, data, outlen); + + s->init_num = (int)outlen; + s->init_off = 0; + + if (SSL_IS_DTLS(s)) { + unsigned long len; + uint8_t msg_type; + CBS cbs; + + CBS_init(&cbs, data, outlen); + if (!CBS_get_u8(&cbs, &msg_type)) + goto err; + + len = outlen - ssl3_handshake_msg_hdr_len(s); + + dtls1_set_message_header(s, data, msg_type, len, 0, len); + dtls1_buffer_message(s, 0); + } + + ret = 1; + + err: + free(data); + + return (ret); +} + int ssl3_handshake_write(SSL *s) { -- cgit v1.2.3