Gitiles
Code Review Sign In
gerrit.openfyde.cn / boringssl.googlesource.com / boringssl / f71036e4e3eab25272719120234884bf11ab7a12^! / . / ssl / internal.h
commitf71036e4e3eab25272719120234884bf11ab7a12[log] [tgz]
authorDavid Benjamin <davidben@google.com>Sat Jan 21 14:49:39 2017 -0500
committerCQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>Fri Jan 27 23:23:57 2017 +0000
treeaa4702de0d89f9b227d4682e3333dadc8515c469
parent1a444daca6da74ad748c681dd3aa5a5d283b1e43 [diff] [blame]
Remove ssl_hash_message_t from ssl_get_message.

Move to explicit hashing everywhere, matching TLS 1.2 with TLS 1.3. The
ssl_get_message calls between all the handshake states are now all
uniform so, when we're ready, we can rewire the TLS 1.2 state machine to
look like the TLS 1.3 one. (ssl_get_message calls become an
ssl_hs_read_message transition, reuse_message becomes an ssl_hs_ok
transition.)

This avoids some nuisance in processing the ServerHello at the 1.2 / 1.3
transition.

The downside of explicit hashing is we may forget to hash something, but
this will fail to interop with our tests and anyone else, so we should
be able to catch it.

BUG=128

Change-Id: I01393943b14dfaa98eec2a78f62c3a41c29b3a0e
Reviewed-on: https://boringssl-review.googlesource.com/13266
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

diff --git a/ssl/internal.h b/ssl/internal.h
index a4c00ab..a408b0f 100644
--- a/ssl/internal.h
+++ b/ssl/internal.h

@@ -1224,11 +1224,6 @@
 /* From RFC4492, used in encoding the curve type in ECParameters */
 #define NAMED_CURVE_TYPE 3
 
-enum ssl_hash_message_t {
-  ssl_dont_hash_message,
-  ssl_hash_message,
-};
-
 typedef struct cert_st {
   EVP_PKEY *privatekey;
 
@@ -1307,7 +1302,7 @@
   /* ssl_get_message reads the next handshake message. On success, it returns
    * one and sets |ssl->s3->tmp.message_type|, |ssl->init_msg|, and
    * |ssl->init_num|. Otherwise, it returns <= 0. */
-  int (*ssl_get_message)(SSL *ssl, enum ssl_hash_message_t hash_message);
+  int (*ssl_get_message)(SSL *ssl);
   /* get_current_message sets |*out| to the current handshake message. This
    * includes the protocol-specific message header. */
   void (*get_current_message)(const SSL *ssl, CBS *out);
@@ -1768,7 +1763,7 @@
 
 int ssl3_get_finished(SSL_HANDSHAKE *hs);
 int ssl3_send_alert(SSL *ssl, int level, int desc);
-int ssl3_get_message(SSL *ssl, enum ssl_hash_message_t hash_message);
+int ssl3_get_message(SSL *ssl);
 void ssl3_get_current_message(const SSL *ssl, CBS *out);
 void ssl3_release_current_message(SSL *ssl, int free_buffer);
 
@@ -1854,7 +1849,7 @@
 int dtls1_connect(SSL *ssl);
 void dtls1_free(SSL *ssl);
 
-int dtls1_get_message(SSL *ssl, enum ssl_hash_message_t hash_message);
+int dtls1_get_message(SSL *ssl);
 void dtls1_get_current_message(const SSL *ssl, CBS *out);
 void dtls1_release_current_message(SSL *ssl, int free_buffer);
 int dtls1_dispatch_alert(SSL *ssl);