Pass a handshake message content CBS to TLSv1.3 receive handlers.

This avoids every receive handler from having to get the handshake message
content itself. Additionally, pull the trailing data check up so that each
receive handler does not have to implement it. This makes the code more
readable and reduces duplication.

ok beck@ tb@

1 files changed, 16 insertions, 6 deletions

diff --git a/lib/libssl/tls13_handshake.c b/lib/libssl/tls13_handshake.c
index ca36f879b44..d4d998248d9 100644
--- a/lib/libssl/tls13_handshake.c
+++ b/lib/libssl/tls13_handshake.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: tls13_handshake.c,v 1.39 2020/01/22 02:39:45 tb Exp $	*/
+/*	$OpenBSD: tls13_handshake.c,v 1.40 2020/01/22 13:10:51 jsing Exp $	*/
 /*
  * Copyright (c) 2018-2019 Theo Buehler <tb@openbsd.org>
  * Copyright (c) 2019 Joel Sing <jsing@openbsd.org>
@@ -32,7 +32,7 @@ struct tls13_handshake_action {
 
 	int (*send)(struct tls13_ctx *ctx);
 	int (*sent)(struct tls13_ctx *ctx);
-	int (*recv)(struct tls13_ctx *ctx);
+	int (*recv)(struct tls13_ctx *ctx, CBS *cbs);
 };
 
 enum tls13_message_type tls13_handshake_active_state(struct tls13_ctx *ctx);
@@ -389,11 +389,21 @@ tls13_handshake_recv_action(struct tls13_ctx *ctx,
 	     action->handshake_type != TLS13_MT_CERTIFICATE_REQUEST))
 		return tls13_send_alert(ctx->rl, SSL_AD_UNEXPECTED_MESSAGE);
 
-	/* XXX provide CBS and check all consumed. */
+	if (!tls13_handshake_msg_content(ctx->hs_msg, &cbs))
+		return TLS13_IO_FAILURE;
+
 	ret = TLS13_IO_FAILURE;
-	if (action->recv(ctx))
-		ret = TLS13_IO_SUCCESS;
-	else if (ctx->alert)
+	if (action->recv(ctx, &cbs)) {
+		if (CBS_len(&cbs) != 0) {
+			tls13_set_errorx(ctx, TLS13_ERR_TRAILING_DATA, 0,
+			    "trailing data in handshake message", NULL);
+			ctx->alert = SSL_AD_DECODE_ERROR;
+		} else {
+			ret = TLS13_IO_SUCCESS;
+		}
+	}
+
+	if (ctx->alert)
 		ret = tls13_send_alert(ctx->rl, ctx->alert);
 
 	tls13_handshake_msg_free(ctx->hs_msg);