mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-27 06:44:20 +01:00
Reduce indentation in ssl_compute_master()
Exit earlier when there's noting to do. For a small diff, review with 'git show -w'.
This commit is contained in:
parent
7edd5876ce
commit
dafe5227d4
@ -1094,7 +1094,7 @@ static int ssl_set_handshake_prfs( mbedtls_ssl_handshake_params *handshake,
|
|||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Compute master secret
|
* Compute master secret if needed
|
||||||
*/
|
*/
|
||||||
static int ssl_compute_master( mbedtls_ssl_context *ssl )
|
static int ssl_compute_master( mbedtls_ssl_context *ssl )
|
||||||
{
|
{
|
||||||
@ -1103,65 +1103,46 @@ static int ssl_compute_master( mbedtls_ssl_context *ssl )
|
|||||||
const mbedtls_ssl_ciphersuite_t *ciphersuite_info = handshake->ciphersuite_info;
|
const mbedtls_ssl_ciphersuite_t *ciphersuite_info = handshake->ciphersuite_info;
|
||||||
mbedtls_ssl_session *session = ssl->session_negotiate;
|
mbedtls_ssl_session *session = ssl->session_negotiate;
|
||||||
|
|
||||||
/*
|
if( handshake->resume != 0 )
|
||||||
* SSLv3:
|
|
||||||
* master =
|
|
||||||
* MD5( premaster + SHA1( 'A' + premaster + randbytes ) ) +
|
|
||||||
* MD5( premaster + SHA1( 'BB' + premaster + randbytes ) ) +
|
|
||||||
* MD5( premaster + SHA1( 'CCC' + premaster + randbytes ) )
|
|
||||||
*
|
|
||||||
* TLSv1+:
|
|
||||||
* master = PRF( premaster, "master secret", randbytes )[0..47]
|
|
||||||
*/
|
|
||||||
if( handshake->resume == 0 )
|
|
||||||
{
|
{
|
||||||
MBEDTLS_SSL_DEBUG_BUF( 3, "premaster secret", handshake->premaster,
|
MBEDTLS_SSL_DEBUG_MSG( 3, ( "no premaster (session resumed)" ) );
|
||||||
handshake->pmslen );
|
return( 0 );
|
||||||
|
}
|
||||||
|
|
||||||
|
MBEDTLS_SSL_DEBUG_BUF( 3, "premaster secret", handshake->premaster,
|
||||||
|
handshake->pmslen );
|
||||||
|
|
||||||
#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
|
#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
|
||||||
if( ssl->handshake->extended_ms == MBEDTLS_SSL_EXTENDED_MS_ENABLED )
|
if( ssl->handshake->extended_ms == MBEDTLS_SSL_EXTENDED_MS_ENABLED )
|
||||||
{
|
{
|
||||||
unsigned char session_hash[48];
|
unsigned char session_hash[48];
|
||||||
size_t hash_len;
|
size_t hash_len;
|
||||||
|
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 3, ( "using extended master secret" ) );
|
MBEDTLS_SSL_DEBUG_MSG( 3, ( "using extended master secret" ) );
|
||||||
|
|
||||||
ssl->handshake->calc_verify( ssl, session_hash );
|
ssl->handshake->calc_verify( ssl, session_hash );
|
||||||
|
|
||||||
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
|
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
|
||||||
if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 )
|
if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 )
|
||||||
{
|
{
|
||||||
#if defined(MBEDTLS_SHA512_C)
|
#if defined(MBEDTLS_SHA512_C)
|
||||||
if( ciphersuite_info->mac == MBEDTLS_MD_SHA384 )
|
if( ciphersuite_info->mac == MBEDTLS_MD_SHA384 )
|
||||||
{
|
{
|
||||||
hash_len = 48;
|
hash_len = 48;
|
||||||
}
|
|
||||||
else
|
|
||||||
#endif
|
|
||||||
hash_len = 32;
|
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
|
#endif
|
||||||
hash_len = 36;
|
hash_len = 32;
|
||||||
|
|
||||||
MBEDTLS_SSL_DEBUG_BUF( 3, "session hash", session_hash, hash_len );
|
|
||||||
|
|
||||||
ret = handshake->tls_prf( handshake->premaster, handshake->pmslen,
|
|
||||||
"extended master secret",
|
|
||||||
session_hash, hash_len,
|
|
||||||
session->master, 48 );
|
|
||||||
if( ret != 0 )
|
|
||||||
{
|
|
||||||
MBEDTLS_SSL_DEBUG_RET( 1, "prf", ret );
|
|
||||||
return( ret );
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
#endif
|
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
|
||||||
|
hash_len = 36;
|
||||||
|
|
||||||
|
MBEDTLS_SSL_DEBUG_BUF( 3, "session hash", session_hash, hash_len );
|
||||||
|
|
||||||
ret = handshake->tls_prf( handshake->premaster, handshake->pmslen,
|
ret = handshake->tls_prf( handshake->premaster, handshake->pmslen,
|
||||||
"master secret",
|
"extended master secret",
|
||||||
handshake->randbytes, 64,
|
session_hash, hash_len,
|
||||||
session->master, 48 );
|
session->master, 48 );
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
{
|
{
|
||||||
@ -1169,11 +1150,21 @@ static int ssl_compute_master( mbedtls_ssl_context *ssl )
|
|||||||
return( ret );
|
return( ret );
|
||||||
}
|
}
|
||||||
|
|
||||||
mbedtls_platform_zeroize( handshake->premaster,
|
|
||||||
sizeof(handshake->premaster) );
|
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 3, ( "no premaster (session resumed)" ) );
|
#endif
|
||||||
|
ret = handshake->tls_prf( handshake->premaster, handshake->pmslen,
|
||||||
|
"master secret",
|
||||||
|
handshake->randbytes, 64,
|
||||||
|
session->master, 48 );
|
||||||
|
if( ret != 0 )
|
||||||
|
{
|
||||||
|
MBEDTLS_SSL_DEBUG_RET( 1, "prf", ret );
|
||||||
|
return( ret );
|
||||||
|
}
|
||||||
|
|
||||||
|
mbedtls_platform_zeroize( handshake->premaster,
|
||||||
|
sizeof(handshake->premaster) );
|
||||||
|
|
||||||
return( 0 );
|
return( 0 );
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user