OLD | NEW |
1 /* ssl/t1_lib.c */ | 1 /* ssl/t1_lib.c */ |
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
3 * All rights reserved. | 3 * All rights reserved. |
4 * | 4 * |
5 * This package is an SSL implementation written | 5 * This package is an SSL implementation written |
6 * by Eric Young (eay@cryptsoft.com). | 6 * by Eric Young (eay@cryptsoft.com). |
7 * The implementation was written so as to conform with Netscapes SSL. | 7 * The implementation was written so as to conform with Netscapes SSL. |
8 * | 8 * |
9 * This library is free for commercial and non-commercial use as long as | 9 * This library is free for commercial and non-commercial use as long as |
10 * the following conditions are aheared to. The following conditions | 10 * the following conditions are aheared to. The following conditions |
(...skipping 2656 matching lines...) Loading... |
2667 unsigned temp_digest_len; | 2667 unsigned temp_digest_len; |
2668 int i; | 2668 int i; |
2669 static const char kClientIDMagic[] = "TLS Channel ID signature"; | 2669 static const char kClientIDMagic[] = "TLS Channel ID signature"; |
2670 | 2670 |
2671 if (s->s3->handshake_buffer) | 2671 if (s->s3->handshake_buffer) |
2672 if (!ssl3_digest_cached_records(s)) | 2672 if (!ssl3_digest_cached_records(s)) |
2673 return 0; | 2673 return 0; |
2674 | 2674 |
2675 EVP_DigestUpdate(md, kClientIDMagic, sizeof(kClientIDMagic)); | 2675 EVP_DigestUpdate(md, kClientIDMagic, sizeof(kClientIDMagic)); |
2676 | 2676 |
| 2677 if (s->hit) |
| 2678 { |
| 2679 static const char kResumptionMagic[] = "Resumption"; |
| 2680 EVP_DigestUpdate(md, kResumptionMagic, |
| 2681 sizeof(kResumptionMagic)); |
| 2682 if (s->session->original_handshake_hash_len == 0) |
| 2683 return 0; |
| 2684 EVP_DigestUpdate(md, s->session->original_handshake_hash, |
| 2685 s->session->original_handshake_hash_len); |
| 2686 } |
| 2687 |
2677 EVP_MD_CTX_init(&ctx); | 2688 EVP_MD_CTX_init(&ctx); |
2678 for (i = 0; i < SSL_MAX_DIGEST; i++) | 2689 for (i = 0; i < SSL_MAX_DIGEST; i++) |
2679 { | 2690 { |
2680 if (s->s3->handshake_dgst[i] == NULL) | 2691 if (s->s3->handshake_dgst[i] == NULL) |
2681 continue; | 2692 continue; |
2682 EVP_MD_CTX_copy_ex(&ctx, s->s3->handshake_dgst[i]); | 2693 EVP_MD_CTX_copy_ex(&ctx, s->s3->handshake_dgst[i]); |
2683 EVP_DigestFinal_ex(&ctx, temp_digest, &temp_digest_len); | 2694 EVP_DigestFinal_ex(&ctx, temp_digest, &temp_digest_len); |
2684 EVP_DigestUpdate(md, temp_digest, temp_digest_len); | 2695 EVP_DigestUpdate(md, temp_digest, temp_digest_len); |
2685 } | 2696 } |
2686 EVP_MD_CTX_cleanup(&ctx); | 2697 EVP_MD_CTX_cleanup(&ctx); |
2687 | 2698 |
2688 return 1; | 2699 return 1; |
2689 } | 2700 } |
2690 #endif | 2701 #endif |
| 2702 |
| 2703 /* tls1_record_handshake_hashes_for_channel_id records the current handshake |
| 2704 * hashes in |s->session| so that Channel ID resumptions can sign that data. */ |
| 2705 int tls1_record_handshake_hashes_for_channel_id(SSL *s) |
| 2706 { |
| 2707 int digest_len; |
| 2708 /* This function should never be called for a resumed session because |
| 2709 * the handshake hashes that we wish to record are for the original, |
| 2710 * full handshake. */ |
| 2711 if (s->hit) |
| 2712 return -1; |
| 2713 /* It only makes sense to call this function if Channel IDs have been |
| 2714 * negotiated. */ |
| 2715 if (!s->s3->tlsext_channel_id_valid) |
| 2716 return -1; |
| 2717 |
| 2718 digest_len = tls1_handshake_digest( |
| 2719 s, s->session->original_handshake_hash, |
| 2720 sizeof(s->session->original_handshake_hash)); |
| 2721 if (digest_len < 0) |
| 2722 return -1; |
| 2723 |
| 2724 s->session->original_handshake_hash_len = digest_len; |
| 2725 |
| 2726 return 1; |
| 2727 } |
OLD | NEW |