diff options
| author | Matt Caswell <matt@openssl.org> | 2016-11-02 15:03:56 +0000 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2016-11-16 10:09:46 +0000 |
| commit | 0f1e51ea115beef8a5fdd80d5a6c13ee289f980a (patch) | |
| tree | 65060f458f52188507f0a9748ea8004bf5e50763 /ssl/s3_lib.c | |
| parent | c87386a2cd586368a61d86ede03319f910d050f4 (diff) | |
Start using the key_share data to derive the PMS
The previous commits put in place the logic to exchange key_share data. We
now need to do something with that information. In <= TLSv1.2 the equivalent
of the key_share extension is the ServerKeyExchange and ClientKeyExchange
messages. With key_share those two messages are no longer necessary.
The commit removes the SKE and CKE messages from the TLSv1.3 state machine.
TLSv1.3 is completely different to TLSv1.2 in the messages that it sends
and the transitions that are allowed. Therefore, rather than extend the
existing <=TLS1.2 state transition functions, we create a whole new set for
TLSv1.3. Intially these are still based on the TLSv1.2 ones, but over time
they will be amended.
The new TLSv1.3 transitions remove SKE and CKE completely. There's also some
cleanup for some stuff which is not relevant to TLSv1.3 and is easy to
remove, e.g. the DTLS support (we're not doing DTLSv1.3 yet) and NPN.
I also disable EXTMS for TLSv1.3. Using it was causing some added
complexity, so rather than fix it I removed it, since eventually it will not
be needed anyway.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Diffstat (limited to 'ssl/s3_lib.c')
| -rw-r--r-- | ssl/s3_lib.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index 2439167307..bcc0f9e5fd 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -4068,7 +4068,7 @@ EVP_PKEY *ssl_generate_pkey_curve(int id) #endif /* Derive premaster or master secret for ECDH/DH */ -int ssl_derive(SSL *s, EVP_PKEY *privkey, EVP_PKEY *pubkey) +int ssl_derive(SSL *s, EVP_PKEY *privkey, EVP_PKEY *pubkey, int genmaster) { int rv = 0; unsigned char *pms = NULL; @@ -4093,12 +4093,12 @@ int ssl_derive(SSL *s, EVP_PKEY *privkey, EVP_PKEY *pubkey) if (EVP_PKEY_derive(pctx, pms, &pmslen) <= 0) goto err; - if (s->server) { - /* For server generate master secret and discard premaster */ + if (genmaster) { + /* Generate master secret and discard premaster */ rv = ssl_generate_master_secret(s, pms, pmslen, 1); pms = NULL; } else { - /* For client just save premaster secret */ + /* Save premaster secret */ s->s3->tmp.pms = pms; s->s3->tmp.pmslen = pmslen; pms = NULL; |