artulab
projects / openbsd / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: f6c0f5a) | patch
Rewrite TLSv1.2 key block handling.
authorjsing <jsing@openbsd.org>
Wed, 5 May 2021 10:05:27 +0000 (10:05 +0000)
committerjsing <jsing@openbsd.org>
Wed, 5 May 2021 10:05:27 +0000 (10:05 +0000)
commitd7351ddfc56d8f8db39b9cfe7f04be7eee6b033a
tree97b8ab37110adc36c03534d55540daf6aa19f58ctree | snapshot
parentf6c0f5aaad1386f1cdbd844456849941f7ac2f1dcommit | diff
Rewrite TLSv1.2 key block handling.

For TLSv1.2 a single key block is generated, then partitioned into
individual secrets for use as IVs and keys. The previous implementation
splits this across two functions tls1_setup_key_block() and
tls1_change_cipher_state(), which means that the IV and key sizes have to
be known in multiple places.

This implementation generates and partitions the key block in a single
step, meaning that the secrets are then simply handed out when requested.

ok inoguchi@ tb@
lib/libssl/Makefile diff | blob | history
lib/libssl/ssl_locl.h diff | blob | history
lib/libssl/t1_enc.c diff | blob | history
lib/libssl/tls12_key_schedule.c [new file with mode: 0644] blob
lib/libssl/tls12_record_layer.c diff | blob | history
OpenBSD src
by Ahmet Artu Yildirim