OLD | NEW |
1 /* ssl/t1_lib.c */ | 1 /* ssl/t1_lib.c */ |
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
3 * All rights reserved. | 3 * All rights reserved. |
4 * | 4 * |
5 * This package is an SSL implementation written | 5 * This package is an SSL implementation written |
6 * by Eric Young (eay@cryptsoft.com). | 6 * by Eric Young (eay@cryptsoft.com). |
7 * The implementation was written so as to conform with Netscapes SSL. | 7 * The implementation was written so as to conform with Netscapes SSL. |
8 * | 8 * |
9 * This library is free for commercial and non-commercial use as long as | 9 * This library is free for commercial and non-commercial use as long as |
10 * the following conditions are aheared to. The following conditions | 10 * the following conditions are aheared to. The following conditions |
(...skipping 2656 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2667 unsigned temp_digest_len; | 2667 unsigned temp_digest_len; |
2668 int i; | 2668 int i; |
2669 static const char kClientIDMagic[] = "TLS Channel ID signature"; | 2669 static const char kClientIDMagic[] = "TLS Channel ID signature"; |
2670 | 2670 |
2671 if (s->s3->handshake_buffer) | 2671 if (s->s3->handshake_buffer) |
2672 if (!ssl3_digest_cached_records(s)) | 2672 if (!ssl3_digest_cached_records(s)) |
2673 return 0; | 2673 return 0; |
2674 | 2674 |
2675 EVP_DigestUpdate(md, kClientIDMagic, sizeof(kClientIDMagic)); | 2675 EVP_DigestUpdate(md, kClientIDMagic, sizeof(kClientIDMagic)); |
2676 | 2676 |
2677 if (s->hit) | |
2678 { | |
2679 static const char kResumptionMagic[] = "Resumption"; | |
2680 EVP_DigestUpdate(md, kResumptionMagic, | |
2681 sizeof(kResumptionMagic)); | |
2682 if (s->session->original_handshake_hash_len == 0) | |
2683 return 0; | |
2684 EVP_DigestUpdate(md, s->session->original_handshake_hash, | |
2685 s->session->original_handshake_hash_len); | |
2686 } | |
2687 | |
2688 EVP_MD_CTX_init(&ctx); | 2677 EVP_MD_CTX_init(&ctx); |
2689 for (i = 0; i < SSL_MAX_DIGEST; i++) | 2678 for (i = 0; i < SSL_MAX_DIGEST; i++) |
2690 { | 2679 { |
2691 if (s->s3->handshake_dgst[i] == NULL) | 2680 if (s->s3->handshake_dgst[i] == NULL) |
2692 continue; | 2681 continue; |
2693 EVP_MD_CTX_copy_ex(&ctx, s->s3->handshake_dgst[i]); | 2682 EVP_MD_CTX_copy_ex(&ctx, s->s3->handshake_dgst[i]); |
2694 EVP_DigestFinal_ex(&ctx, temp_digest, &temp_digest_len); | 2683 EVP_DigestFinal_ex(&ctx, temp_digest, &temp_digest_len); |
2695 EVP_DigestUpdate(md, temp_digest, temp_digest_len); | 2684 EVP_DigestUpdate(md, temp_digest, temp_digest_len); |
2696 } | 2685 } |
2697 EVP_MD_CTX_cleanup(&ctx); | 2686 EVP_MD_CTX_cleanup(&ctx); |
2698 | 2687 |
2699 return 1; | 2688 return 1; |
2700 } | 2689 } |
2701 #endif | 2690 #endif |
2702 | |
2703 /* tls1_record_handshake_hashes_for_channel_id records the current handshake | |
2704 * hashes in |s->session| so that Channel ID resumptions can sign that data. */ | |
2705 int tls1_record_handshake_hashes_for_channel_id(SSL *s) | |
2706 { | |
2707 int digest_len; | |
2708 /* This function should never be called for a resumed session because | |
2709 * the handshake hashes that we wish to record are for the original, | |
2710 * full handshake. */ | |
2711 if (s->hit) | |
2712 return -1; | |
2713 /* It only makes sense to call this function if Channel IDs have been | |
2714 * negotiated. */ | |
2715 if (!s->s3->tlsext_channel_id_valid) | |
2716 return -1; | |
2717 | |
2718 digest_len = tls1_handshake_digest( | |
2719 s, s->session->original_handshake_hash, | |
2720 sizeof(s->session->original_handshake_hash)); | |
2721 if (digest_len < 0) | |
2722 return -1; | |
2723 | |
2724 s->session->original_handshake_hash_len = digest_len; | |
2725 | |
2726 return 1; | |
2727 } | |
OLD | NEW |