From 8bde43431c87335110f11df4575bd6936f41bd09 Mon Sep 17 00:00:00 2001
From: jsing <jsing@openbsd.org>
Date: Mon, 7 Nov 2022 11:53:39 +0000
Subject: [PATCH] Move tls13_exporter() code.

It makes more sense to have tls13_exporter() in tls13_key_schedule.c,
rather than tls13_lib.c

ok tb@
---
 lib/libssl/tls13_key_schedule.c | 73 ++++++++++++++++++++++++++++++++-
 lib/libssl/tls13_lib.c          | 72 +-------------------------------
 2 files changed, 73 insertions(+), 72 deletions(-)

diff --git a/lib/libssl/tls13_key_schedule.c b/lib/libssl/tls13_key_schedule.c
index 2c23be8d3ed..abc35c4e836 100644
--- a/lib/libssl/tls13_key_schedule.c
+++ b/lib/libssl/tls13_key_schedule.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_key_schedule.c,v 1.16 2022/10/14 06:56:33 tb Exp $ */
+/* $OpenBSD: tls13_key_schedule.c,v 1.17 2022/11/07 11:53:39 jsing Exp $ */
 /*
  * Copyright (c) 2018, Bob Beck <beck@openbsd.org>
  *
@@ -21,6 +21,7 @@
 #include <openssl/hkdf.h>
 
 #include "bytestring.h"
+#include "ssl_locl.h"
 #include "tls13_internal.h"
 
 int
@@ -385,3 +386,73 @@ tls13_update_server_traffic_secret(struct tls13_secrets *secrets)
 	    secrets->digest, &secrets->server_application_traffic,
 	    "traffic upd", &context);
 }
+
+int
+tls13_exporter(struct tls13_ctx *ctx, const uint8_t *label, size_t label_len,
+    const uint8_t *context_value, size_t context_value_len, uint8_t *out,
+    size_t out_len)
+{
+	struct tls13_secret context, export_out, export_secret;
+	struct tls13_secrets *secrets = ctx->hs->tls13.secrets;
+	EVP_MD_CTX *md_ctx = NULL;
+	unsigned int md_out_len;
+	int md_len;
+	int ret = 0;
+
+	/*
+	 * RFC 8446 Section 7.5.
+	 */
+
+	memset(&context, 0, sizeof(context));
+	memset(&export_secret, 0, sizeof(export_secret));
+
+	export_out.data = out;
+	export_out.len = out_len;
+
+	if (!ctx->handshake_completed)
+		return 0;
+
+	md_len = EVP_MD_size(secrets->digest);
+	if (md_len <= 0 || md_len > EVP_MAX_MD_SIZE)
+		goto err;
+
+	if (!tls13_secret_init(&export_secret, md_len))
+		goto err;
+	if (!tls13_secret_init(&context, md_len))
+		goto err;
+
+	/* In TLSv1.3 no context is equivalent to an empty context. */
+	if (context_value == NULL) {
+		context_value = "";
+		context_value_len = 0;
+	}
+
+	if ((md_ctx = EVP_MD_CTX_new()) == NULL)
+		goto err;
+	if (!EVP_DigestInit_ex(md_ctx, secrets->digest, NULL))
+		goto err;
+	if (!EVP_DigestUpdate(md_ctx, context_value, context_value_len))
+		goto err;
+	if (!EVP_DigestFinal_ex(md_ctx, context.data, &md_out_len))
+		goto err;
+	if (md_len != md_out_len)
+		goto err;
+
+	if (!tls13_derive_secret_with_label_length(&export_secret,
+	    secrets->digest, &secrets->exporter_master, label, label_len,
+	    &secrets->empty_hash))
+		goto err;
+
+	if (!tls13_hkdf_expand_label(&export_out, secrets->digest,
+	    &export_secret, "exporter", &context))
+		goto err;
+
+	ret = 1;
+
+ err:
+	EVP_MD_CTX_free(md_ctx);
+	tls13_secret_cleanup(&context);
+	tls13_secret_cleanup(&export_secret);
+
+	return ret;
+}
diff --git a/lib/libssl/tls13_lib.c b/lib/libssl/tls13_lib.c
index 54c98af15cc..3bb6d3d3db2 100644
--- a/lib/libssl/tls13_lib.c
+++ b/lib/libssl/tls13_lib.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: tls13_lib.c,v 1.74 2022/10/20 15:26:25 tb Exp $ */
+/*	$OpenBSD: tls13_lib.c,v 1.75 2022/11/07 11:53:39 jsing Exp $ */
 /*
  * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
  * Copyright (c) 2019 Bob Beck <beck@openbsd.org>
@@ -699,73 +699,3 @@ tls13_clienthello_hash_validate(struct tls13_ctx *ctx)
 
 	return 1;
 }
-
-int
-tls13_exporter(struct tls13_ctx *ctx, const uint8_t *label, size_t label_len,
-    const uint8_t *context_value, size_t context_value_len, uint8_t *out,
-    size_t out_len)
-{
-	struct tls13_secret context, export_out, export_secret;
-	struct tls13_secrets *secrets = ctx->hs->tls13.secrets;
-	EVP_MD_CTX *md_ctx = NULL;
-	unsigned int md_out_len;
-	int md_len;
-	int ret = 0;
-
-	/*
-	 * RFC 8446 Section 7.5.
-	 */
-
-	memset(&context, 0, sizeof(context));
-	memset(&export_secret, 0, sizeof(export_secret));
-
-	export_out.data = out;
-	export_out.len = out_len;
-
-	if (!ctx->handshake_completed)
-		return 0;
-
-	md_len = EVP_MD_size(secrets->digest);
-	if (md_len <= 0 || md_len > EVP_MAX_MD_SIZE)
-		goto err;
-
-	if (!tls13_secret_init(&export_secret, md_len))
-		goto err;
-	if (!tls13_secret_init(&context, md_len))
-		goto err;
-
-	/* In TLSv1.3 no context is equivalent to an empty context. */
-	if (context_value == NULL) {
-		context_value = "";
-		context_value_len = 0;
-	}
-
-	if ((md_ctx = EVP_MD_CTX_new()) == NULL)
-		goto err;
-	if (!EVP_DigestInit_ex(md_ctx, secrets->digest, NULL))
-		goto err;
-	if (!EVP_DigestUpdate(md_ctx, context_value, context_value_len))
-		goto err;
-	if (!EVP_DigestFinal_ex(md_ctx, context.data, &md_out_len))
-		goto err;
-	if (md_len != md_out_len)
-		goto err;
-
-	if (!tls13_derive_secret_with_label_length(&export_secret,
-	    secrets->digest, &secrets->exporter_master, label, label_len,
-	    &secrets->empty_hash))
-		goto err;
-
-	if (!tls13_hkdf_expand_label(&export_out, secrets->digest,
-	    &export_secret, "exporter", &context))
-		goto err;
-
-	ret = 1;
-
- err:
-	EVP_MD_CTX_free(md_ctx);
-	tls13_secret_cleanup(&context);
-	tls13_secret_cleanup(&export_secret);
-
-	return ret;
-}
-- 
2.20.1