wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-30 18:57:27 +02:00
Code Issues Packages Projects Releases Wiki Activity

clean up some post-rebase issues

Browse Source
This commit is contained in:
John Bland
2024-01-02 20:12:13 -05:00
parent b62f582fcc
commit 36c89cc5ad
1 changed files with 19 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

39
src/tls13.c
View File

@ -4743,7 +4743,7 @@ static int EchCheckAcceptance(WOLFSSL* ssl, byte* label, word16 labelSz,
int digestType;
int digestSize;
HS_Hashes* tmpHashes;
HS_Hashes* acceptHashes;
HS_Hashes* acceptHashes = NULL;
byte zeros[WC_MAX_DIGEST_SIZE];
byte transcriptEchConf[WC_MAX_DIGEST_SIZE];
byte expandLabelPrk[WC_MAX_DIGEST_SIZE];
@ -4752,11 +4752,12 @@ static int EchCheckAcceptance(WOLFSSL* ssl, byte* label, word16 labelSz,
XMEMSET(transcriptEchConf, 0, sizeof(transcriptEchConf));
XMEMSET(expandLabelPrk, 0, sizeof(expandLabelPrk));
XMEMSET(acceptConfirmation, 0, sizeof(acceptConfirmation));
/* store so we can restore regardless of the outcome */
tmpHashes = ssl->hsHashes;
/* copy ech hashes to accept */
ret = InitHandshakeHashesAndCopy(ssl, ssl->hsHashesEch, &acceptHashes);
if (ret == 0) {
/* swap hsHashes to acceptHashes */
tmpHashes = ssl->hsHashes;
ssl->hsHashes = acceptHashes;
/* hash up to the last 8 bytes */
ret = HashRaw(ssl, input, acceptOffset);
@ -4824,11 +4825,9 @@ static int EchCheckAcceptance(WOLFSSL* ssl, byte* label, word16 labelSz,
/* tls expand with the confirmation label */
if (ret == 0) {
PRIVATE_KEY_UNLOCK();
ret = Tls13HKDFExpandKeyLabel(ssl,
acceptConfirmation, ECH_ACCEPT_CONFIRMATION_SZ,
expandLabelPrk, digestSize,
tls13ProtocolLabel, TLS13_PROTOCOL_LABEL_SZ,
echAcceptConfirmationLabel, ECH_ACCEPT_CONFIRMATION_LABEL_SZ,
ret = Tls13HKDFExpandKeyLabel(ssl, acceptConfirmation,
ECH_ACCEPT_CONFIRMATION_SZ, expandLabelPrk, digestSize,
tls13ProtocolLabel, TLS13_PROTOCOL_LABEL_SZ, label, labelSz,
transcriptEchConf, digestSize, digestType, WOLFSSL_SERVER_END);
PRIVATE_KEY_LOCK();
}
@ -4876,18 +4875,19 @@ static int EchWriteAcceptance(WOLFSSL* ssl, byte* label, word16 labelSz,
int digestType;
int digestSize;
HS_Hashes* tmpHashes;
HS_Hashes* acceptHashes;
HS_Hashes* acceptHashes = NULL;
byte zeros[WC_MAX_DIGEST_SIZE];
byte transcriptEchConf[WC_MAX_DIGEST_SIZE];
byte expandLabelPrk[WC_MAX_DIGEST_SIZE];
XMEMSET(zeros, 0, sizeof(zeros));
XMEMSET(transcriptEchConf, 0, sizeof(transcriptEchConf));
XMEMSET(expandLabelPrk, 0, sizeof(expandLabelPrk));
/* store so we can restore regardless of the outcome */
tmpHashes = ssl->hsHashes;
/* copy ech hashes to accept */
ret = InitHandshakeHashesAndCopy(ssl, ssl->hsHashesEch, &acceptHashes);
if (ret == 0) {
/* swap hsHashes to acceptHashes */
tmpHashes = ssl->hsHashes;
ssl->hsHashes = acceptHashes;
/* hash up to the acceptOffset */
ret = HashRaw(ssl, output, acceptOffset);
@ -4954,20 +4954,19 @@ static int EchWriteAcceptance(WOLFSSL* ssl, byte* label, word16 labelSz,
/* tls expand with the confirmation label */
if (ret == 0) {
PRIVATE_KEY_UNLOCK();
ret = Tls13HKDFExpandKeyLabel(ssl,
output + serverRandomOffset + RAN_LEN - ECH_ACCEPT_CONFIRMATION_SZ,
ECH_ACCEPT_CONFIRMATION_SZ,
expandLabelPrk, digestSize,
tls13ProtocolLabel, TLS13_PROTOCOL_LABEL_SZ,
echAcceptConfirmationLabel, ECH_ACCEPT_CONFIRMATION_LABEL_SZ,
ret = Tls13HKDFExpandKeyLabel(ssl, output + acceptOffset,
ECH_ACCEPT_CONFIRMATION_SZ, expandLabelPrk, digestSize,
tls13ProtocolLabel, TLS13_PROTOCOL_LABEL_SZ, label, labelSz,
transcriptEchConf, digestSize, digestType, WOLFSSL_SERVER_END);
PRIVATE_KEY_LOCK();
}
/* free hsHashesEch if this is the last ech involved message */
if (msgType != hello_retry_request) {
FreeHandshakeHashes(ssl);
ssl->hsHashesEch = NULL;
ssl->options.echAccepted = 1;
if (ret == 0) {
/* free hsHashesEch if this is the last ech involved message */
if (msgType != hello_retry_request) {
FreeHandshakeHashes(ssl);
ssl->hsHashesEch = NULL;
ssl->options.echAccepted = 1;
}
}
ssl->hsHashes = tmpHashes;
return ret;