From c2fb759f3bce1ef3c799e67f3e9838d3c7a639e8 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Thu, 15 Aug 2019 16:31:23 +0100
Subject: [PATCH] Remove TLS calc_finished function pointer from SSL handshake
 params

---
 include/mbedtls/ssl_internal.h |  1 -
 library/ssl_tls.c              | 63 +++++++++++++++++++++++++++++-----
 2 files changed, 55 insertions(+), 9 deletions(-)

diff --git a/include/mbedtls/ssl_internal.h b/include/mbedtls/ssl_internal.h
index 54d3bc732..481a76296 100644
--- a/include/mbedtls/ssl_internal.h
+++ b/include/mbedtls/ssl_internal.h
@@ -501,7 +501,6 @@ struct mbedtls_ssl_handshake_params
 
     void (*update_checksum)(mbedtls_ssl_context *, const unsigned char *, size_t);
     void (*calc_verify)(const mbedtls_ssl_context *, unsigned char *, size_t *);
-    void (*calc_finished)(mbedtls_ssl_context *, unsigned char *, int);
 
 #if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE)
     mbedtls_ssl_ciphersuite_handle_t ciphersuite_info;
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 8bcad1b55..beac684f0 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -912,6 +912,47 @@ static inline int ssl_prf( int minor_ver,
     return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
 }
 
+MBEDTLS_ALWAYS_INLINE
+static inline int ssl_calc_finished( int minor_ver,
+                                     mbedtls_md_type_t hash,
+                                     mbedtls_ssl_context *ssl,
+                                     unsigned char *buf,
+                                     int from )
+{
+#if !defined(MBEDTLS_SSL_PROTO_TLS1_2) || !defined(MBEDTLS_SHA512_C)
+    (void) hash;
+#endif
+
+#if defined(MBEDTLS_SSL_PROTO_SSL3)
+    if( minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 )
+        ssl_calc_finished_ssl( ssl, buf, from );
+    else
+#endif
+#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1)
+    if( minor_ver < MBEDTLS_SSL_MINOR_VERSION_3 )
+        ssl_calc_finished_tls( ssl, buf, from );
+    else
+#endif
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+#if defined(MBEDTLS_SHA512_C)
+    if( minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 &&
+        hash == MBEDTLS_MD_SHA384 )
+    {
+        ssl_calc_finished_tls_sha384( ssl, buf, from );
+    }
+    else
+#endif
+#if defined(MBEDTLS_SHA256_C)
+    if( minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 )
+        ssl_calc_finished_tls_sha256( ssl, buf, from );
+    else
+#endif
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+
+    return( 0 );
+}
+
 /*
  * Populate a transform structure with session keys and all the other
  * necessary information.
@@ -1349,7 +1390,6 @@ static int ssl_set_handshake_prfs( mbedtls_ssl_handshake_params *handshake,
     if( minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 )
     {
         handshake->calc_verify = ssl_calc_verify_ssl;
-        handshake->calc_finished = ssl_calc_finished_ssl;
     }
     else
 #endif
@@ -1357,7 +1397,6 @@ static int ssl_set_handshake_prfs( mbedtls_ssl_handshake_params *handshake,
     if( minor_ver < MBEDTLS_SSL_MINOR_VERSION_3 )
     {
         handshake->calc_verify = ssl_calc_verify_tls;
-        handshake->calc_finished = ssl_calc_finished_tls;
     }
     else
 #endif
@@ -1367,7 +1406,6 @@ static int ssl_set_handshake_prfs( mbedtls_ssl_handshake_params *handshake,
         hash == MBEDTLS_MD_SHA384 )
     {
         handshake->calc_verify = ssl_calc_verify_tls_sha384;
-        handshake->calc_finished = ssl_calc_finished_tls_sha384;
     }
     else
 #endif
@@ -1375,7 +1413,6 @@ static int ssl_set_handshake_prfs( mbedtls_ssl_handshake_params *handshake,
     if( minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 )
     {
         handshake->calc_verify = ssl_calc_verify_tls_sha256;
-        handshake->calc_finished = ssl_calc_finished_tls_sha256;
     }
     else
 #endif
@@ -7784,8 +7821,13 @@ int mbedtls_ssl_write_finished( mbedtls_ssl_context *ssl )
 
     ssl_update_out_pointers( ssl, ssl->transform_negotiate );
 
-    ssl->handshake->calc_finished( ssl, ssl->out_msg + 4,
-                                   mbedtls_ssl_conf_get_endpoint( ssl->conf ) );
+    ssl_calc_finished( mbedtls_ssl_get_minor_ver( ssl ),
+                       mbedtls_ssl_suite_get_mac(
+                           mbedtls_ssl_ciphersuite_from_id(
+                               mbedtls_ssl_session_get_ciphersuite(
+                                   ssl->session_negotiate ) ) ),
+                       ssl, ssl->out_msg + 4,
+                       mbedtls_ssl_conf_get_endpoint( ssl->conf ) );
 
     /*
      * RFC 5246 7.4.9 (Page 63) says 12 is the default length and ciphersuites
@@ -7921,8 +7963,13 @@ int mbedtls_ssl_parse_finished( mbedtls_ssl_context *ssl )
 
     MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse finished" ) );
 
-    ssl->handshake->calc_finished( ssl, buf,
-                             mbedtls_ssl_conf_get_endpoint( ssl->conf ) ^ 1 );
+    ssl_calc_finished( mbedtls_ssl_get_minor_ver( ssl ),
+                       mbedtls_ssl_suite_get_mac(
+                           mbedtls_ssl_ciphersuite_from_id(
+                               mbedtls_ssl_session_get_ciphersuite(
+                                   ssl->session_negotiate ) ) ),
+                       ssl, buf,
+                       mbedtls_ssl_conf_get_endpoint( ssl->conf ) ^ 1 );
 
     if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 )
     {