diff options
| author | David Benjamin <davidben@chromium.org> | 2015-12-30 02:56:28 +0300 |
|---|---|---|
| committer | Adam Langley <alangley@gmail.com> | 2016-01-16 01:02:30 +0300 |
| commit | f8d807176a4d2f223d4c05a2dfde7a8b4813c4b1 (patch) | |
| tree | cfd633d266bc13493c9ea4eba5ed2b4e1c1ff2a5 /ssl | |
| parent | b35d68483c4c5df379f732754a4bec84ebe07730 (diff) | |
Remove a few unnecessary SSL3_ENC_METHOD hooks.
As things stand now, they don't actually do anything.
Change-Id: I9f8b4cbf38a0dffabfc5265805c52bb8d7a8fb0d
Reviewed-on: https://boringssl-review.googlesource.com/6837
Reviewed-by: Adam Langley <alangley@gmail.com>
Diffstat (limited to 'ssl')
| -rw-r--r-- | ssl/internal.h | 7 | ||||
| -rw-r--r-- | ssl/s3_clnt.c | 4 | ||||
| -rw-r--r-- | ssl/s3_lib.c | 2 | ||||
| -rw-r--r-- | ssl/s3_srvr.c | 2 | ||||
| -rw-r--r-- | ssl/ssl_lib.c | 12 | ||||
| -rw-r--r-- | ssl/t1_enc.c | 9 | ||||
| -rw-r--r-- | ssl/t1_lib.c | 6 |
7 files changed, 7 insertions, 35 deletions
diff --git a/ssl/internal.h b/ssl/internal.h index 58dca0f9..8a4f7085 100644 --- a/ssl/internal.h +++ b/ssl/internal.h @@ -854,7 +854,6 @@ struct ssl_protocol_method_st { struct ssl3_enc_method { int (*prf)(SSL *, uint8_t *, size_t, const uint8_t *, size_t, const char *, size_t, const uint8_t *, size_t, const uint8_t *, size_t); - int (*generate_master_secret)(SSL *, uint8_t *, const uint8_t *, size_t); int (*final_finish_mac)(SSL *, const char *, int, uint8_t *); int (*cert_verify_mac)(SSL *, int, uint8_t *); const char *client_finished_label; @@ -862,8 +861,6 @@ struct ssl3_enc_method { const char *server_finished_label; int server_finished_label_len; int (*alert_value)(int); - int (*export_keying_material)(SSL *, uint8_t *, size_t, const char *, size_t, - const uint8_t *, size_t, int use_context); /* Various flags indicating protocol version requirements */ unsigned int enc_flags; }; @@ -1179,10 +1176,6 @@ int tls1_final_finish_mac(SSL *ssl, const char *str, int slen, uint8_t *p); int tls1_cert_verify_mac(SSL *ssl, int md_nid, uint8_t *p); int tls1_generate_master_secret(SSL *ssl, uint8_t *out, const uint8_t *premaster, size_t premaster_len); -int tls1_export_keying_material(SSL *ssl, uint8_t *out, size_t out_len, - const char *label, size_t label_len, - const uint8_t *context, size_t context_len, - int use_context); int tls1_alert_code(int code); int ssl3_alert_code(int code); diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c index 569599da..2c1a32f3 100644 --- a/ssl/s3_clnt.c +++ b/ssl/s3_clnt.c @@ -1754,8 +1754,8 @@ int ssl3_send_client_key_exchange(SSL *ssl) { } ssl->state = SSL3_ST_CW_KEY_EXCH_B; - ssl->session->master_key_length = ssl->enc_method->generate_master_secret( - ssl, ssl->session->master_key, pms, pms_len); + ssl->session->master_key_length = + tls1_generate_master_secret(ssl, ssl->session->master_key, pms, pms_len); if (ssl->session->master_key_length == 0) { goto err; } diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index 6b132ed5..1e18e54b 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -165,13 +165,11 @@ const SSL3_ENC_METHOD SSLv3_enc_data = { ssl3_prf, - tls1_generate_master_secret, ssl3_final_finish_mac, ssl3_cert_verify_mac, SSL3_MD_CLIENT_FINISHED_CONST, 4, SSL3_MD_SERVER_FINISHED_CONST, 4, ssl3_alert_code, - tls1_export_keying_material, 0, }; diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c index c0b2d80d..eee7b0c3 100644 --- a/ssl/s3_srvr.c +++ b/ssl/s3_srvr.c @@ -1700,7 +1700,7 @@ int ssl3_get_client_key_exchange(SSL *ssl) { } /* Compute the master secret */ - ssl->session->master_key_length = ssl->enc_method->generate_master_secret( + ssl->session->master_key_length = tls1_generate_master_secret( ssl, ssl->session->master_key, premaster_secret, premaster_secret_len); if (ssl->session->master_key_length == 0) { goto err; diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 6b9e6ba9..3e2b156a 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -1636,18 +1636,6 @@ void SSL_get0_alpn_selected(const SSL *ssl, const uint8_t **out_data, } } -int SSL_export_keying_material(SSL *ssl, uint8_t *out, size_t out_len, - const char *label, size_t label_len, - const uint8_t *context, size_t context_len, - int use_context) { - if (ssl->version < TLS1_VERSION) { - return 0; - } - - return ssl->enc_method->export_keying_material( - ssl, out, out_len, label, label_len, context, context_len, use_context); -} - void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx, int (*cb)(X509_STORE_CTX *store_ctx, void *arg), diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c index 8c4b6d8c..92a84899 100644 --- a/ssl/t1_enc.c +++ b/ssl/t1_enc.c @@ -513,12 +513,11 @@ int tls1_generate_master_secret(SSL *ssl, uint8_t *out, return SSL3_MASTER_SECRET_SIZE; } -int tls1_export_keying_material(SSL *ssl, uint8_t *out, size_t out_len, - const char *label, size_t label_len, - const uint8_t *context, size_t context_len, - int use_context) { +int SSL_export_keying_material(SSL *ssl, uint8_t *out, size_t out_len, + const char *label, size_t label_len, + const uint8_t *context, size_t context_len, + int use_context) { if (!ssl->s3->have_version || ssl->version == SSL3_VERSION) { - OPENSSL_PUT_ERROR(SSL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 2d0a4fb1..d2fc8afa 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -132,37 +132,31 @@ static int ssl_check_serverhello_tlsext(SSL *ssl); const SSL3_ENC_METHOD TLSv1_enc_data = { tls1_prf, - tls1_generate_master_secret, tls1_final_finish_mac, tls1_cert_verify_mac, TLS_MD_CLIENT_FINISH_CONST,TLS_MD_CLIENT_FINISH_CONST_SIZE, TLS_MD_SERVER_FINISH_CONST,TLS_MD_SERVER_FINISH_CONST_SIZE, tls1_alert_code, - tls1_export_keying_material, 0, }; const SSL3_ENC_METHOD TLSv1_1_enc_data = { tls1_prf, - tls1_generate_master_secret, tls1_final_finish_mac, tls1_cert_verify_mac, TLS_MD_CLIENT_FINISH_CONST,TLS_MD_CLIENT_FINISH_CONST_SIZE, TLS_MD_SERVER_FINISH_CONST,TLS_MD_SERVER_FINISH_CONST_SIZE, tls1_alert_code, - tls1_export_keying_material, SSL_ENC_FLAG_EXPLICIT_IV, }; const SSL3_ENC_METHOD TLSv1_2_enc_data = { tls1_prf, - tls1_generate_master_secret, tls1_final_finish_mac, tls1_cert_verify_mac, TLS_MD_CLIENT_FINISH_CONST,TLS_MD_CLIENT_FINISH_CONST_SIZE, TLS_MD_SERVER_FINISH_CONST,TLS_MD_SERVER_FINISH_CONST_SIZE, tls1_alert_code, - tls1_export_keying_material, SSL_ENC_FLAG_EXPLICIT_IV|SSL_ENC_FLAG_SIGALGS|SSL_ENC_FLAG_SHA256_PRF, }; |