yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-27 04:24:14 +01:00
Code Issues Packages Projects Releases Wiki Activity

Reduce indentation in ssl_compute_master()

Browse Source 
Exit earlier when there's noting to do.

For a small diff, review with 'git show -w'.
This commit is contained in:
Manuel Pégourié-Gonnard 2019-05-03 09:16:16 +02:00
parent 7edd5876ce
commit dafe5227d4
1 changed files with 41 additions and 50 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

91
library/ssl_tls.c
View File

@ -1094,7 +1094,7 @@ static int ssl_set_handshake_prfs( mbedtls_ssl_handshake_params *handshake,
}
/*
* Compute master secret
* Compute master secret if needed
*/
static int ssl_compute_master( mbedtls_ssl_context *ssl )
{
@ -1103,65 +1103,46 @@ static int ssl_compute_master( mbedtls_ssl_context *ssl )
const mbedtls_ssl_ciphersuite_t *ciphersuite_info = handshake->ciphersuite_info;
mbedtls_ssl_session *session = ssl->session_negotiate;
/*
* SSLv3:
* master =
* MD5( premaster + SHA1( 'A' + premaster + randbytes ) ) +
* MD5( premaster + SHA1( 'BB' + premaster + randbytes ) ) +
* MD5( premaster + SHA1( 'CCC' + premaster + randbytes ) )
*
* TLSv1+:
* master = PRF( premaster, "master secret", randbytes )[0..47]
*/
if( handshake->resume == 0 )
if( handshake->resume != 0 )
{
MBEDTLS_SSL_DEBUG_BUF( 3, "premaster secret", handshake->premaster,
handshake->pmslen );
MBEDTLS_SSL_DEBUG_MSG( 3, ( "no premaster (session resumed)" ) );
return( 0 );
}
MBEDTLS_SSL_DEBUG_BUF( 3, "premaster secret", handshake->premaster,
handshake->pmslen );
#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
if( ssl->handshake->extended_ms == MBEDTLS_SSL_EXTENDED_MS_ENABLED )
{
unsigned char session_hash[48];
size_t hash_len;
if( ssl->handshake->extended_ms == MBEDTLS_SSL_EXTENDED_MS_ENABLED )
{
unsigned char session_hash[48];
size_t hash_len;
MBEDTLS_SSL_DEBUG_MSG( 3, ( "using extended master secret" ) );
MBEDTLS_SSL_DEBUG_MSG( 3, ( "using extended master secret" ) );
ssl->handshake->calc_verify( ssl, session_hash );
ssl->handshake->calc_verify( ssl, session_hash );
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 )
{
if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 )
{
#if defined(MBEDTLS_SHA512_C)
if( ciphersuite_info->mac == MBEDTLS_MD_SHA384 )
{
hash_len = 48;
}
else
#endif
hash_len = 32;
if( ciphersuite_info->mac == MBEDTLS_MD_SHA384 )
{
hash_len = 48;
}
else
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
hash_len = 36;
MBEDTLS_SSL_DEBUG_BUF( 3, "session hash", session_hash, hash_len );
ret = handshake->tls_prf( handshake->premaster, handshake->pmslen,
"extended master secret",
session_hash, hash_len,
session->master, 48 );
if( ret != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "prf", ret );
return( ret );
}
#endif
hash_len = 32;
}
else
#endif
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
hash_len = 36;
MBEDTLS_SSL_DEBUG_BUF( 3, "session hash", session_hash, hash_len );
ret = handshake->tls_prf( handshake->premaster, handshake->pmslen,
"master secret",
handshake->randbytes, 64,
"extended master secret",
session_hash, hash_len,
session->master, 48 );
if( ret != 0 )
{
@ -1169,11 +1150,21 @@ static int ssl_compute_master( mbedtls_ssl_context *ssl )
return( ret );
}
mbedtls_platform_zeroize( handshake->premaster,
sizeof(handshake->premaster) );
}
else
MBEDTLS_SSL_DEBUG_MSG( 3, ( "no premaster (session resumed)" ) );
#endif
ret = handshake->tls_prf( handshake->premaster, handshake->pmslen,
"master secret",
handshake->randbytes, 64,
session->master, 48 );
if( ret != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "prf", ret );
return( ret );
}
mbedtls_platform_zeroize( handshake->premaster,
sizeof(handshake->premaster) );
return( 0 );
}