diff options
| author |   jsing <jsing@openbsd.org> | 2020-11-11 18:14:12 +0000 |
|---|---|---|
| committer | jsing <jsing@openbsd.org> | 2020-11-11 18:14:12 +0000 |
| commit | b16a1c426482534d93f74395e288470627af3e01 (patch) | |
| tree | 6ec5b2a0aab16914a5a7952ff8e25c8ecb8e04c3 /lib | |
| parent | remove reference to non-existent pidfile; (diff) | |
| download | wireguard-openbsd-b16a1c426482534d93f74395e288470627af3e01.tar.xz wireguard-openbsd-b16a1c426482534d93f74395e288470627af3e01.zip | |
Use size_t for key_block_len.
This allows us to remove a check and will make future changes simpler. Use
suitable names for tls1_generate_key_block() arguments while here.
ok inoguchi@ tb@
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/libssl/ssl_locl.h | 4 | ||||
| -rw-r--r-- | lib/libssl/t1_enc.c | 12 |
2 files changed, 7 insertions, 9 deletions
diff --git a/lib/libssl/ssl_locl.h b/lib/libssl/ssl_locl.h index 9c8310b83cf..46a1ad4884c 100644 --- a/lib/libssl/ssl_locl.h +++ b/lib/libssl/ssl_locl.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_locl.h,v 1.306 2020/10/14 16:57:33 jsing Exp $ */ +/* $OpenBSD: ssl_locl.h,v 1.307 2020/11/11 18:14:12 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -416,7 +416,7 @@ typedef struct ssl_handshake_st { const SSL_CIPHER *new_cipher; /* key_block is the record-layer key block for TLS 1.2 and earlier. */ - int key_block_len; + size_t key_block_len; unsigned char *key_block; /* Extensions seen in this handshake. */ diff --git a/lib/libssl/t1_enc.c b/lib/libssl/t1_enc.c index c5ff2c24354..d451ad531cd 100644 --- a/lib/libssl/t1_enc.c +++ b/lib/libssl/t1_enc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: t1_enc.c,v 1.126 2020/10/14 16:57:33 jsing Exp $ */ +/* $OpenBSD: t1_enc.c,v 1.127 2020/11/11 18:14:12 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -300,17 +300,14 @@ tls1_PRF(SSL *s, const unsigned char *secret, size_t secret_len, } static int -tls1_generate_key_block(SSL *s, unsigned char *km, int num) +tls1_generate_key_block(SSL *s, uint8_t *key_block, size_t key_block_len) { - if (num < 0) - return (0); - return tls1_PRF(s, s->session->master_key, s->session->master_key_length, TLS_MD_KEY_EXPANSION_CONST, TLS_MD_KEY_EXPANSION_CONST_SIZE, s->s3->server_random, SSL3_RANDOM_SIZE, s->s3->client_random, SSL3_RANDOM_SIZE, - NULL, 0, NULL, 0, km, num); + NULL, 0, NULL, 0, key_block, key_block_len); } /* @@ -590,7 +587,8 @@ tls1_setup_key_block(SSL *s) { unsigned char *key_block; int mac_type = NID_undef, mac_secret_size = 0; - int key_block_len, key_len, iv_len; + size_t key_block_len; + int key_len, iv_len; const EVP_CIPHER *cipher = NULL; const EVP_AEAD *aead = NULL; const EVP_MD *mac = NULL; |