Another batch of bools. Change-Id: I5a7688b6e635e7ee6fc16173f9919bff16c4d59d Reviewed-on: https://boringssl-review.googlesource.com/31604 Commit-Queue: Steven Valdez <svaldez@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> Reviewed-by: Steven Valdez <svaldez@google.com>
diff --git a/ssl/dtls_record.cc b/ssl/dtls_record.cc index 3950ae2..992fb52 100644 --- a/ssl/dtls_record.cc +++ b/ssl/dtls_record.cc
@@ -137,13 +137,13 @@ // dtls1_bitmap_should_discard returns one if |seq_num| has been seen in // |bitmap| or is stale. Otherwise it returns zero. -static int dtls1_bitmap_should_discard(DTLS1_BITMAP *bitmap, - const uint8_t seq_num[8]) { +static bool dtls1_bitmap_should_discard(DTLS1_BITMAP *bitmap, + const uint8_t seq_num[8]) { const unsigned kWindowSize = sizeof(bitmap->map) * 8; uint64_t seq_num_u = to_u64_be(seq_num); if (seq_num_u > bitmap->max_seq_num) { - return 0; + return false; } uint64_t idx = bitmap->max_seq_num - seq_num_u; return idx >= kWindowSize || (bitmap->map & (((uint64_t)1) << idx)); @@ -291,14 +291,14 @@ get_write_aead(ssl, use_epoch)->ExplicitNonceLen(); } -int dtls_seal_record(SSL *ssl, uint8_t *out, size_t *out_len, size_t max_out, - uint8_t type, const uint8_t *in, size_t in_len, - enum dtls1_use_epoch_t use_epoch) { +bool dtls_seal_record(SSL *ssl, uint8_t *out, size_t *out_len, size_t max_out, + uint8_t type, const uint8_t *in, size_t in_len, + enum dtls1_use_epoch_t use_epoch) { const size_t prefix = dtls_seal_prefix_len(ssl, use_epoch); if (buffers_alias(in, in_len, out, max_out) && (max_out < prefix || out + prefix != in)) { OPENSSL_PUT_ERROR(SSL, SSL_R_OUTPUT_ALIASES_INPUT); - return 0; + return false; } // Determine the parameters for the current epoch. @@ -314,7 +314,7 @@ if (max_out < DTLS1_RT_HEADER_LENGTH) { OPENSSL_PUT_ERROR(SSL, SSL_R_BUFFER_TOO_SMALL); - return 0; + return false; } out[0] = type; @@ -330,7 +330,7 @@ size_t ciphertext_len; if (!aead->CiphertextLen(&ciphertext_len, in_len, 0)) { OPENSSL_PUT_ERROR(SSL, SSL_R_RECORD_TOO_LARGE); - return 0; + return false; } out[11] = ciphertext_len >> 8; out[12] = ciphertext_len & 0xff; @@ -341,13 +341,13 @@ max_out - DTLS1_RT_HEADER_LENGTH, type, record_version, &out[3] /* seq */, header, in, in_len) || !ssl_record_sequence_update(&seq[2], 6)) { - return 0; + return false; } assert(ciphertext_len == len_copy); *out_len = DTLS1_RT_HEADER_LENGTH + ciphertext_len; ssl_do_msg_callback(ssl, 1 /* write */, SSL3_RT_HEADER, header); - return 1; + return true; } BSSL_NAMESPACE_END
diff --git a/ssl/internal.h b/ssl/internal.h index 98ce6e0..7ba23ef 100644 --- a/ssl/internal.h +++ b/ssl/internal.h
@@ -522,7 +522,7 @@ bool ssl_cipher_get_evp_aead(const EVP_AEAD **out_aead, size_t *out_mac_secret_len, size_t *out_fixed_iv_len, const SSL_CIPHER *cipher, - uint16_t version, int is_dtls); + uint16_t version, bool is_dtls); // ssl_get_handshake_digest returns the |EVP_MD| corresponding to |version| and // |cipher|. @@ -659,7 +659,7 @@ // resulting object, depending on |direction|. |version| is the normalized // protocol version, so DTLS 1.0 is represented as 0x0301, not 0xffef. static UniquePtr<SSLAEADContext> Create(enum evp_aead_direction_t direction, - uint16_t version, int is_dtls, + uint16_t version, bool is_dtls, const SSL_CIPHER *cipher, Span<const uint8_t> enc_key, Span<const uint8_t> mac_key, @@ -797,8 +797,8 @@ // Record layer. // ssl_record_sequence_update increments the sequence number in |seq|. It -// returns one on success and zero on wraparound. -int ssl_record_sequence_update(uint8_t *seq, size_t seq_len); +// returns true on success and false on wraparound. +bool ssl_record_sequence_update(uint8_t *seq, size_t seq_len); // ssl_record_prefix_len returns the length of the prefix before the ciphertext // of a record for |ssl|. @@ -863,9 +863,9 @@ size_t ssl_seal_align_prefix_len(const SSL *ssl); // tls_seal_record seals a new record of type |type| and body |in| and writes it -// to |out|. At most |max_out| bytes will be written. It returns one on success -// and zero on error. If enabled, |tls_seal_record| implements TLS 1.0 CBC 1/n-1 -// record splitting and may write two records concatenated. +// to |out|. At most |max_out| bytes will be written. It returns true on success +// and false on error. If enabled, |tls_seal_record| implements TLS 1.0 CBC +// 1/n-1 record splitting and may write two records concatenated. // // For a large record, the bulk of the ciphertext will begin // |ssl_seal_align_prefix_len| bytes into out. Aligning |out| appropriately may @@ -873,8 +873,8 @@ // bytes to |out|. // // |in| and |out| may not alias. -int tls_seal_record(SSL *ssl, uint8_t *out, size_t *out_len, size_t max_out, - uint8_t type, const uint8_t *in, size_t in_len); +bool tls_seal_record(SSL *ssl, uint8_t *out, size_t *out_len, size_t max_out, + uint8_t type, const uint8_t *in, size_t in_len); enum dtls1_use_epoch_t { dtls1_use_previous_epoch, @@ -893,9 +893,9 @@ // which epoch's cipher state to use. Unlike |tls_seal_record|, |in| and |out| // may alias but, if they do, |in| must be exactly |dtls_seal_prefix_len| bytes // ahead of |out|. -int dtls_seal_record(SSL *ssl, uint8_t *out, size_t *out_len, size_t max_out, - uint8_t type, const uint8_t *in, size_t in_len, - enum dtls1_use_epoch_t use_epoch); +bool dtls_seal_record(SSL *ssl, uint8_t *out, size_t *out_len, size_t max_out, + uint8_t type, const uint8_t *in, size_t in_len, + enum dtls1_use_epoch_t use_epoch); // ssl_process_alert processes |in| as an alert and updates |ssl|'s shutdown // state. It returns one of |ssl_open_record_discard|, |ssl_open_record_error|, @@ -907,9 +907,8 @@ // Private key operations. -// ssl_has_private_key returns one if |cfg| has a private key configured and -// zero otherwise. -int ssl_has_private_key(const SSL_CONFIG *cfg); +// ssl_has_private_key returns whether |cfg| has a private key configured. +bool ssl_has_private_key(const SSL_CONFIG *cfg); // ssl_private_key_* perform the corresponding operation on // |SSL_PRIVATE_KEY_METHOD|. If there is a custom private key configured, they @@ -990,14 +989,14 @@ }; // ssl_nid_to_group_id looks up the group corresponding to |nid|. On success, it -// sets |*out_group_id| to the group ID and returns one. Otherwise, it returns -// zero. -int ssl_nid_to_group_id(uint16_t *out_group_id, int nid); +// sets |*out_group_id| to the group ID and returns true. Otherwise, it returns +// false. +bool ssl_nid_to_group_id(uint16_t *out_group_id, int nid); -// ssl_name_to_group_id looks up the group corresponding to the |name| string -// of length |len|. On success, it sets |*out_group_id| to the group ID and -// returns one. Otherwise, it returns zero. -int ssl_name_to_group_id(uint16_t *out_group_id, const char *name, size_t len); +// ssl_name_to_group_id looks up the group corresponding to the |name| string of +// length |len|. On success, it sets |*out_group_id| to the group ID and returns +// true. Otherwise, it returns false. +bool ssl_name_to_group_id(uint16_t *out_group_id, const char *name, size_t len); // Handshake messages. @@ -1146,9 +1145,9 @@ // Certificate functions. -// ssl_has_certificate returns one if a certificate and private key are -// configured and zero otherwise. -int ssl_has_certificate(const SSL_CONFIG *cfg); +// ssl_has_certificate returns whether a certificate and private key are +// configured. +bool ssl_has_certificate(const SSL_CONFIG *cfg); // ssl_parse_cert_chain parses a certificate list from |cbs| in the format used // by a TLS Certificate message. On success, it advances |cbs| and returns @@ -1169,14 +1168,14 @@ // ssl_add_cert_chain adds |hs->ssl|'s certificate chain to |cbb| in the format // used by a TLS Certificate message. If there is no certificate chain, it emits -// an empty certificate list. It returns one on success and zero on error. -int ssl_add_cert_chain(SSL_HANDSHAKE *hs, CBB *cbb); +// an empty certificate list. It returns true on success and false on error. +bool ssl_add_cert_chain(SSL_HANDSHAKE *hs, CBB *cbb); // ssl_cert_check_digital_signature_key_usage parses the DER-encoded, X.509 -// certificate in |in| and returns one if doesn't specify a key usage or, if it -// does, if it includes digitalSignature. Otherwise it pushes to the error -// queue and returns zero. -int ssl_cert_check_digital_signature_key_usage(const CBS *in); +// certificate in |in| and returns true if doesn't specify a key usage or, if it +// does, if it includes digitalSignature. Otherwise it pushes to the error queue +// and returns false. +bool ssl_cert_check_digital_signature_key_usage(const CBS *in); // ssl_cert_parse_pubkey extracts the public key from the DER-encoded, X.509 // certificate in |in|. It returns an allocated |EVP_PKEY| or else returns @@ -1195,80 +1194,80 @@ bool ssl_has_client_CAs(const SSL_CONFIG *cfg); // ssl_add_client_CA_list adds the configured CA list to |cbb| in the format -// used by a TLS CertificateRequest message. It returns one on success and zero -// on error. -int ssl_add_client_CA_list(SSL_HANDSHAKE *hs, CBB *cbb); +// used by a TLS CertificateRequest message. It returns true on success and +// false on error. +bool ssl_add_client_CA_list(SSL_HANDSHAKE *hs, CBB *cbb); // ssl_check_leaf_certificate returns one if |pkey| and |leaf| are suitable as // a server's leaf certificate for |hs|. Otherwise, it returns zero and pushes // an error on the error queue. -int ssl_check_leaf_certificate(SSL_HANDSHAKE *hs, EVP_PKEY *pkey, +bool ssl_check_leaf_certificate(SSL_HANDSHAKE *hs, EVP_PKEY *pkey, const CRYPTO_BUFFER *leaf); // ssl_on_certificate_selected is called once the certificate has been selected. // It finalizes the certificate and initializes |hs->local_pubkey|. It returns -// one on success and zero on error. -int ssl_on_certificate_selected(SSL_HANDSHAKE *hs); +// true on success and false on error. +bool ssl_on_certificate_selected(SSL_HANDSHAKE *hs); // TLS 1.3 key derivation. // tls13_init_key_schedule initializes the handshake hash and key derivation // state, and incorporates the PSK. The cipher suite and PRF hash must have been -// selected at this point. It returns one on success and zero on error. -int tls13_init_key_schedule(SSL_HANDSHAKE *hs, const uint8_t *psk, - size_t psk_len); +// selected at this point. It returns true on success and false on error. +bool tls13_init_key_schedule(SSL_HANDSHAKE *hs, const uint8_t *psk, + size_t psk_len); // tls13_init_early_key_schedule initializes the handshake hash and key // derivation state from the resumption secret and incorporates the PSK to // derive the early secrets. It returns one on success and zero on error. -int tls13_init_early_key_schedule(SSL_HANDSHAKE *hs, const uint8_t *psk, - size_t psk_len); +bool tls13_init_early_key_schedule(SSL_HANDSHAKE *hs, const uint8_t *psk, + size_t psk_len); // tls13_advance_key_schedule incorporates |in| into the key schedule with -// HKDF-Extract. It returns one on success and zero on error. -int tls13_advance_key_schedule(SSL_HANDSHAKE *hs, const uint8_t *in, +// HKDF-Extract. It returns true on success and false on error. +bool tls13_advance_key_schedule(SSL_HANDSHAKE *hs, const uint8_t *in, size_t len); // tls13_set_traffic_key sets the read or write traffic keys to -// |traffic_secret|. It returns one on success and zero on error. -int tls13_set_traffic_key(SSL *ssl, enum evp_aead_direction_t direction, - const uint8_t *traffic_secret, - size_t traffic_secret_len); +// |traffic_secret|. It returns true on success and false on error. +bool tls13_set_traffic_key(SSL *ssl, enum evp_aead_direction_t direction, + const uint8_t *traffic_secret, + size_t traffic_secret_len); -// tls13_derive_early_secrets derives the early traffic secret. It returns one -// on success and zero on error. -int tls13_derive_early_secrets(SSL_HANDSHAKE *hs); +// tls13_derive_early_secrets derives the early traffic secret. It returns true +// on success and false on error. +bool tls13_derive_early_secrets(SSL_HANDSHAKE *hs); // tls13_derive_handshake_secrets derives the handshake traffic secret. It -// returns one on success and zero on error. -int tls13_derive_handshake_secrets(SSL_HANDSHAKE *hs); +// returns true on success and false on error. +bool tls13_derive_handshake_secrets(SSL_HANDSHAKE *hs); // tls13_rotate_traffic_key derives the next read or write traffic secret. It -// returns one on success and zero on error. -int tls13_rotate_traffic_key(SSL *ssl, enum evp_aead_direction_t direction); +// returns true on success and false on error. +bool tls13_rotate_traffic_key(SSL *ssl, enum evp_aead_direction_t direction); // tls13_derive_application_secrets derives the initial application data traffic // and exporter secrets based on the handshake transcripts and |master_secret|. -// It returns one on success and zero on error. -int tls13_derive_application_secrets(SSL_HANDSHAKE *hs); +// It returns true on success and false on error. +bool tls13_derive_application_secrets(SSL_HANDSHAKE *hs); // tls13_derive_resumption_secret derives the |resumption_secret|. -int tls13_derive_resumption_secret(SSL_HANDSHAKE *hs); +bool tls13_derive_resumption_secret(SSL_HANDSHAKE *hs); // tls13_export_keying_material provides an exporter interface to use the // |exporter_secret|. -int tls13_export_keying_material(SSL *ssl, Span<uint8_t> out, - Span<const uint8_t> secret, - Span<const char> label, - Span<const uint8_t> context); +bool tls13_export_keying_material(SSL *ssl, Span<uint8_t> out, + Span<const uint8_t> secret, + Span<const char> label, + Span<const uint8_t> context); // tls13_finished_mac calculates the MAC of the handshake transcript to verify // the integrity of the Finished message, and stores the result in |out| and -// length in |out_len|. |is_server| is 1 if this is for the Server Finished and -// 0 for the Client Finished. -int tls13_finished_mac(SSL_HANDSHAKE *hs, uint8_t *out, size_t *out_len, - int is_server); +// length in |out_len|. |is_server| is true if this is for the Server Finished +// and false for the Client Finished. +bool tls13_finished_mac(SSL_HANDSHAKE *hs, uint8_t *out, size_t *out_len, + bool is_server); // tls13_derive_session_psk calculates the PSK for this session based on the // resumption master secret and |nonce|. It returns true on success, and false @@ -1276,15 +1275,15 @@ bool tls13_derive_session_psk(SSL_SESSION *session, Span<const uint8_t> nonce); // tls13_write_psk_binder calculates the PSK binder value and replaces the last -// bytes of |msg| with the resulting value. It returns 1 on success, and 0 on -// failure. -int tls13_write_psk_binder(SSL_HANDSHAKE *hs, uint8_t *msg, size_t len); +// bytes of |msg| with the resulting value. It returns true on success, and +// false on failure. +bool tls13_write_psk_binder(SSL_HANDSHAKE *hs, uint8_t *msg, size_t len); -// tls13_verify_psk_binder verifies that the handshake transcript, truncated -// up to the binders has a valid signature using the value of |session|'s -// resumption secret. It returns 1 on success, and 0 on failure. -int tls13_verify_psk_binder(SSL_HANDSHAKE *hs, SSL_SESSION *session, - const SSLMessage &msg, CBS *binders); +// tls13_verify_psk_binder verifies that the handshake transcript, truncated up +// to the binders has a valid signature using the value of |session|'s +// resumption secret. It returns true on success, and false on failure. +bool tls13_verify_psk_binder(SSL_HANDSHAKE *hs, SSL_SESSION *session, + const SSLMessage &msg, CBS *binders); // Handshake functions. @@ -2476,14 +2475,14 @@ UniquePtr<CERT> ssl_cert_dup(CERT *cert); void ssl_cert_clear_certs(CERT *cert); -int ssl_set_cert(CERT *cert, UniquePtr<CRYPTO_BUFFER> buffer); -int ssl_is_key_type_supported(int key_type); -// ssl_compare_public_and_private_key returns one if |pubkey| is the public -// counterpart to |privkey|. Otherwise it returns zero and pushes a helpful +bool ssl_set_cert(CERT *cert, UniquePtr<CRYPTO_BUFFER> buffer); +bool ssl_is_key_type_supported(int key_type); +// ssl_compare_public_and_private_key returns true if |pubkey| is the public +// counterpart to |privkey|. Otherwise it returns false and pushes a helpful // message on the error queue. -int ssl_compare_public_and_private_key(const EVP_PKEY *pubkey, +bool ssl_compare_public_and_private_key(const EVP_PKEY *pubkey, const EVP_PKEY *privkey); -int ssl_cert_check_private_key(const CERT *cert, const EVP_PKEY *privkey); +bool ssl_cert_check_private_key(const CERT *cert, const EVP_PKEY *privkey); int ssl_get_new_session(SSL_HANDSHAKE *hs, int is_server); int ssl_encrypt_ticket(SSL_HANDSHAKE *hs, CBB *out, const SSL_SESSION *session); int ssl_ctx_rotate_ticket_encryption_key(SSL_CTX *ctx);
diff --git a/ssl/ssl_aead_ctx.cc b/ssl/ssl_aead_ctx.cc index 6a25780..335f6f4 100644 --- a/ssl/ssl_aead_ctx.cc +++ b/ssl/ssl_aead_ctx.cc
@@ -55,7 +55,7 @@ } UniquePtr<SSLAEADContext> SSLAEADContext::Create( - enum evp_aead_direction_t direction, uint16_t version, int is_dtls, + enum evp_aead_direction_t direction, uint16_t version, bool is_dtls, const SSL_CIPHER *cipher, Span<const uint8_t> enc_key, Span<const uint8_t> mac_key, Span<const uint8_t> fixed_iv) { const EVP_AEAD *aead;
diff --git a/ssl/ssl_cert.cc b/ssl/ssl_cert.cc index 3f3a1c5..37d6501 100644 --- a/ssl/ssl_cert.cc +++ b/ssl/ssl_cert.cc
@@ -289,10 +289,10 @@ return 1; } -int ssl_set_cert(CERT *cert, UniquePtr<CRYPTO_BUFFER> buffer) { +bool ssl_set_cert(CERT *cert, UniquePtr<CRYPTO_BUFFER> buffer) { switch (check_leaf_cert_and_privkey(buffer.get(), cert->privatekey.get())) { case leaf_cert_and_privkey_error: - return 0; + return false; case leaf_cert_and_privkey_mismatch: // don't fail for a cert/key mismatch, just free current private key // (when switching to a different cert & key, first this function should @@ -308,23 +308,23 @@ if (cert->chain != nullptr) { CRYPTO_BUFFER_free(sk_CRYPTO_BUFFER_value(cert->chain.get(), 0)); sk_CRYPTO_BUFFER_set(cert->chain.get(), 0, buffer.release()); - return 1; + return true; } cert->chain.reset(sk_CRYPTO_BUFFER_new_null()); if (cert->chain == nullptr) { - return 0; + return false; } if (!PushToStack(cert->chain.get(), std::move(buffer))) { cert->chain.reset(); - return 0; + return false; } - return 1; + return true; } -int ssl_has_certificate(const SSL_CONFIG *cfg) { +bool ssl_has_certificate(const SSL_CONFIG *cfg) { return cfg->cert->chain != nullptr && sk_CRYPTO_BUFFER_value(cfg->cert->chain.get(), 0) != nullptr && ssl_has_private_key(cfg); @@ -394,7 +394,7 @@ return true; } -int ssl_add_cert_chain(SSL_HANDSHAKE *hs, CBB *cbb) { +bool ssl_add_cert_chain(SSL_HANDSHAKE *hs, CBB *cbb) { if (!ssl_has_certificate(hs->config)) { return CBB_add_u24(cbb, 0); } @@ -402,7 +402,7 @@ CBB certs; if (!CBB_add_u24_length_prefixed(cbb, &certs)) { OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); - return 0; + return false; } STACK_OF(CRYPTO_BUFFER) *chain = hs->config->cert->chain.get(); @@ -414,7 +414,7 @@ CRYPTO_BUFFER_len(buffer)) || !CBB_flush(&certs)) { OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); - return 0; + return false; } } @@ -424,7 +424,7 @@ // ssl_cert_skip_to_spki parses a DER-encoded, X.509 certificate from |in| and // positions |*out_tbs_cert| to cover the TBSCertificate, starting at the // subjectPublicKeyInfo. -static int ssl_cert_skip_to_spki(const CBS *in, CBS *out_tbs_cert) { +static bool ssl_cert_skip_to_spki(const CBS *in, CBS *out_tbs_cert) { /* From RFC 5280, section 4.1 * Certificate ::= SEQUENCE { * tbsCertificate TBSCertificate, @@ -460,10 +460,10 @@ !CBS_get_asn1(out_tbs_cert, NULL, CBS_ASN1_SEQUENCE) || // subject !CBS_get_asn1(out_tbs_cert, NULL, CBS_ASN1_SEQUENCE)) { - return 0; + return false; } - return 1; + return true; } UniquePtr<EVP_PKEY> ssl_cert_parse_pubkey(const CBS *in) { @@ -476,47 +476,42 @@ return UniquePtr<EVP_PKEY>(EVP_parse_public_key(&tbs_cert)); } -int ssl_compare_public_and_private_key(const EVP_PKEY *pubkey, - const EVP_PKEY *privkey) { +bool ssl_compare_public_and_private_key(const EVP_PKEY *pubkey, + const EVP_PKEY *privkey) { if (EVP_PKEY_is_opaque(privkey)) { // We cannot check an opaque private key and have to trust that it // matches. - return 1; + return true; } - int ret = 0; - switch (EVP_PKEY_cmp(pubkey, privkey)) { case 1: - ret = 1; - break; + return true; case 0: OPENSSL_PUT_ERROR(X509, X509_R_KEY_VALUES_MISMATCH); - break; + return false; case -1: OPENSSL_PUT_ERROR(X509, X509_R_KEY_TYPE_MISMATCH); - break; + return false; case -2: OPENSSL_PUT_ERROR(X509, X509_R_UNKNOWN_KEY_TYPE); - break; - default: - assert(0); - break; + return false; } - return ret; + assert(0); + return false; } -int ssl_cert_check_private_key(const CERT *cert, const EVP_PKEY *privkey) { +bool ssl_cert_check_private_key(const CERT *cert, const EVP_PKEY *privkey) { if (privkey == nullptr) { OPENSSL_PUT_ERROR(SSL, SSL_R_NO_PRIVATE_KEY_ASSIGNED); - return 0; + return false; } if (cert->chain == nullptr || sk_CRYPTO_BUFFER_value(cert->chain.get(), 0) == nullptr) { OPENSSL_PUT_ERROR(SSL, SSL_R_NO_CERTIFICATE_ASSIGNED); - return 0; + return false; } CBS cert_cbs; @@ -525,13 +520,13 @@ UniquePtr<EVP_PKEY> pubkey = ssl_cert_parse_pubkey(&cert_cbs); if (!pubkey) { OPENSSL_PUT_ERROR(X509, X509_R_UNKNOWN_KEY_TYPE); - return 0; + return false; } return ssl_compare_public_and_private_key(pubkey.get(), privkey); } -int ssl_cert_check_digital_signature_key_usage(const CBS *in) { +bool ssl_cert_check_digital_signature_key_usage(const CBS *in) { CBS buf = *in; CBS tbs_cert, outer_extensions; @@ -551,17 +546,17 @@ &tbs_cert, &outer_extensions, &has_extensions, CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 3)) { OPENSSL_PUT_ERROR(SSL, SSL_R_CANNOT_PARSE_LEAF_CERT); - return 0; + return false; } if (!has_extensions) { - return 1; + return true; } CBS extensions; if (!CBS_get_asn1(&outer_extensions, &extensions, CBS_ASN1_SEQUENCE)) { OPENSSL_PUT_ERROR(SSL, SSL_R_CANNOT_PARSE_LEAF_CERT); - return 0; + return false; } while (CBS_len(&extensions) > 0) { @@ -573,7 +568,7 @@ !CBS_get_asn1(&extension, &contents, CBS_ASN1_OCTETSTRING) || CBS_len(&extension) != 0) { OPENSSL_PUT_ERROR(SSL, SSL_R_CANNOT_PARSE_LEAF_CERT); - return 0; + return false; } static const uint8_t kKeyUsageOID[3] = {0x55, 0x1d, 0x0f}; @@ -587,26 +582,26 @@ if (!CBS_get_asn1(&contents, &bit_string, CBS_ASN1_BITSTRING) || CBS_len(&contents) != 0) { OPENSSL_PUT_ERROR(SSL, SSL_R_CANNOT_PARSE_LEAF_CERT); - return 0; + return false; } // This is the KeyUsage extension. See // https://tools.ietf.org/html/rfc5280#section-4.2.1.3 if (!CBS_is_valid_asn1_bitstring(&bit_string)) { OPENSSL_PUT_ERROR(SSL, SSL_R_CANNOT_PARSE_LEAF_CERT); - return 0; + return false; } if (!CBS_asn1_bitstring_has_bit(&bit_string, 0)) { OPENSSL_PUT_ERROR(SSL, SSL_R_ECC_CERT_NOT_FOR_SIGNING); - return 0; + return false; } - return 1; + return true; } // No KeyUsage extension found. - return 1; + return true; } UniquePtr<STACK_OF(CRYPTO_BUFFER)> ssl_parse_client_CA_list(SSL *ssl, @@ -666,10 +661,10 @@ return sk_CRYPTO_BUFFER_num(names) > 0; } -int ssl_add_client_CA_list(SSL_HANDSHAKE *hs, CBB *cbb) { +bool ssl_add_client_CA_list(SSL_HANDSHAKE *hs, CBB *cbb) { CBB child, name_cbb; if (!CBB_add_u16_length_prefixed(cbb, &child)) { - return 0; + return false; } const STACK_OF(CRYPTO_BUFFER) *names = hs->config->client_CA.get(); @@ -684,21 +679,21 @@ if (!CBB_add_u16_length_prefixed(&child, &name_cbb) || !CBB_add_bytes(&name_cbb, CRYPTO_BUFFER_data(name), CRYPTO_BUFFER_len(name))) { - return 0; + return false; } } return CBB_flush(cbb); } -int ssl_check_leaf_certificate(SSL_HANDSHAKE *hs, EVP_PKEY *pkey, - const CRYPTO_BUFFER *leaf) { +bool ssl_check_leaf_certificate(SSL_HANDSHAKE *hs, EVP_PKEY *pkey, + const CRYPTO_BUFFER *leaf) { assert(ssl_protocol_version(hs->ssl) < TLS1_3_VERSION); // Check the certificate's type matches the cipher. if (!(hs->new_cipher->algorithm_auth & ssl_cipher_auth_mask_for_key(pkey))) { OPENSSL_PUT_ERROR(SSL, SSL_R_WRONG_CERTIFICATE_TYPE); - return 0; + return false; } // Check key usages for all key types but RSA. This is needed to distinguish @@ -711,7 +706,7 @@ CBS leaf_cbs; CBS_init(&leaf_cbs, CRYPTO_BUFFER_data(leaf), CRYPTO_BUFFER_len(leaf)); if (!ssl_cert_check_digital_signature_key_usage(&leaf_cbs)) { - return 0; + return false; } } @@ -724,22 +719,22 @@ !tls1_check_group_id(hs, group_id) || EC_KEY_get_conv_form(ec_key) != POINT_CONVERSION_UNCOMPRESSED) { OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_ECC_CERT); - return 0; + return false; } } - return 1; + return true; } -int ssl_on_certificate_selected(SSL_HANDSHAKE *hs) { +bool ssl_on_certificate_selected(SSL_HANDSHAKE *hs) { SSL *const ssl = hs->ssl; if (!ssl_has_certificate(hs->config)) { // Nothing to do. - return 1; + return true; } if (!ssl->ctx->x509_method->ssl_auto_chain_if_needed(hs)) { - return 0; + return false; } CBS leaf;
diff --git a/ssl/ssl_cipher.cc b/ssl/ssl_cipher.cc index 1e5320c..0ed91d6 100644 --- a/ssl/ssl_cipher.cc +++ b/ssl/ssl_cipher.cc
@@ -559,13 +559,13 @@ bool ssl_cipher_get_evp_aead(const EVP_AEAD **out_aead, size_t *out_mac_secret_len, size_t *out_fixed_iv_len, const SSL_CIPHER *cipher, - uint16_t version, int is_dtls) { + uint16_t version, bool is_dtls) { *out_aead = NULL; *out_mac_secret_len = 0; *out_fixed_iv_len = 0; - const int is_tls12 = version == TLS1_2_VERSION && !is_dtls; - const int is_tls13 = version == TLS1_3_VERSION && !is_dtls; + const bool is_tls12 = version == TLS1_2_VERSION && !is_dtls; + const bool is_tls13 = version == TLS1_3_VERSION && !is_dtls; if (cipher->algorithm_mac == SSL_AEAD) { if (cipher->algorithm_enc == SSL_AES128GCM) { @@ -649,7 +649,7 @@ } } -static bool is_cipher_list_separator(char c, int is_strict) { +static bool is_cipher_list_separator(char c, bool is_strict) { if (c == ':') { return true; }
diff --git a/ssl/ssl_key_share.cc b/ssl/ssl_key_share.cc index 866da67..8466eab 100644 --- a/ssl/ssl_key_share.cc +++ b/ssl/ssl_key_share.cc
@@ -266,30 +266,30 @@ Finish(out_secret, out_alert, peer_key); } -int ssl_nid_to_group_id(uint16_t *out_group_id, int nid) { +bool ssl_nid_to_group_id(uint16_t *out_group_id, int nid) { for (const auto &group : kNamedGroups) { if (group.nid == nid) { *out_group_id = group.group_id; - return 1; + return true; } } - return 0; + return false; } -int ssl_name_to_group_id(uint16_t *out_group_id, const char *name, size_t len) { +bool ssl_name_to_group_id(uint16_t *out_group_id, const char *name, size_t len) { for (const auto &group : kNamedGroups) { if (len == strlen(group.name) && !strncmp(group.name, name, len)) { *out_group_id = group.group_id; - return 1; + return true; } if (len == strlen(group.alias) && !strncmp(group.alias, name, len)) { *out_group_id = group.group_id; - return 1; + return true; } } - return 0; + return false; } BSSL_NAMESPACE_END
diff --git a/ssl/ssl_privkey.cc b/ssl/ssl_privkey.cc index b2f8177..e716c9a 100644 --- a/ssl/ssl_privkey.cc +++ b/ssl/ssl_privkey.cc
@@ -71,26 +71,26 @@ BSSL_NAMESPACE_BEGIN -int ssl_is_key_type_supported(int key_type) { +bool ssl_is_key_type_supported(int key_type) { return key_type == EVP_PKEY_RSA || key_type == EVP_PKEY_EC || key_type == EVP_PKEY_ED25519; } -static int ssl_set_pkey(CERT *cert, EVP_PKEY *pkey) { +static bool ssl_set_pkey(CERT *cert, EVP_PKEY *pkey) { if (!ssl_is_key_type_supported(pkey->type)) { OPENSSL_PUT_ERROR(SSL, SSL_R_UNKNOWN_CERTIFICATE_TYPE); - return 0; + return false; } if (cert->chain != nullptr && sk_CRYPTO_BUFFER_value(cert->chain.get(), 0) != nullptr && // Sanity-check that the private key and the certificate match. !ssl_cert_check_private_key(cert, pkey)) { - return 0; + return false; } cert->privatekey = UpRef(pkey); - return 1; + return true; } typedef struct { @@ -98,29 +98,30 @@ int pkey_type; int curve; const EVP_MD *(*digest_func)(void); - char is_rsa_pss; + bool is_rsa_pss; } SSL_SIGNATURE_ALGORITHM; static const SSL_SIGNATURE_ALGORITHM kSignatureAlgorithms[] = { - {SSL_SIGN_RSA_PKCS1_MD5_SHA1, EVP_PKEY_RSA, NID_undef, &EVP_md5_sha1, 0}, - {SSL_SIGN_RSA_PKCS1_SHA1, EVP_PKEY_RSA, NID_undef, &EVP_sha1, 0}, - {SSL_SIGN_RSA_PKCS1_SHA256, EVP_PKEY_RSA, NID_undef, &EVP_sha256, 0}, - {SSL_SIGN_RSA_PKCS1_SHA384, EVP_PKEY_RSA, NID_undef, &EVP_sha384, 0}, - {SSL_SIGN_RSA_PKCS1_SHA512, EVP_PKEY_RSA, NID_undef, &EVP_sha512, 0}, + {SSL_SIGN_RSA_PKCS1_MD5_SHA1, EVP_PKEY_RSA, NID_undef, &EVP_md5_sha1, + false}, + {SSL_SIGN_RSA_PKCS1_SHA1, EVP_PKEY_RSA, NID_undef, &EVP_sha1, false}, + {SSL_SIGN_RSA_PKCS1_SHA256, EVP_PKEY_RSA, NID_undef, &EVP_sha256, false}, + {SSL_SIGN_RSA_PKCS1_SHA384, EVP_PKEY_RSA, NID_undef, &EVP_sha384, false}, + {SSL_SIGN_RSA_PKCS1_SHA512, EVP_PKEY_RSA, NID_undef, &EVP_sha512, false}, - {SSL_SIGN_RSA_PSS_RSAE_SHA256, EVP_PKEY_RSA, NID_undef, &EVP_sha256, 1}, - {SSL_SIGN_RSA_PSS_RSAE_SHA384, EVP_PKEY_RSA, NID_undef, &EVP_sha384, 1}, - {SSL_SIGN_RSA_PSS_RSAE_SHA512, EVP_PKEY_RSA, NID_undef, &EVP_sha512, 1}, + {SSL_SIGN_RSA_PSS_RSAE_SHA256, EVP_PKEY_RSA, NID_undef, &EVP_sha256, true}, + {SSL_SIGN_RSA_PSS_RSAE_SHA384, EVP_PKEY_RSA, NID_undef, &EVP_sha384, true}, + {SSL_SIGN_RSA_PSS_RSAE_SHA512, EVP_PKEY_RSA, NID_undef, &EVP_sha512, true}, - {SSL_SIGN_ECDSA_SHA1, EVP_PKEY_EC, NID_undef, &EVP_sha1, 0}, + {SSL_SIGN_ECDSA_SHA1, EVP_PKEY_EC, NID_undef, &EVP_sha1, false}, {SSL_SIGN_ECDSA_SECP256R1_SHA256, EVP_PKEY_EC, NID_X9_62_prime256v1, - &EVP_sha256, 0}, + &EVP_sha256, false}, {SSL_SIGN_ECDSA_SECP384R1_SHA384, EVP_PKEY_EC, NID_secp384r1, &EVP_sha384, - 0}, + false}, {SSL_SIGN_ECDSA_SECP521R1_SHA512, EVP_PKEY_EC, NID_secp521r1, &EVP_sha512, - 0}, + false}, - {SSL_SIGN_ED25519, EVP_PKEY_ED25519, NID_undef, NULL, 0}, + {SSL_SIGN_ED25519, EVP_PKEY_ED25519, NID_undef, nullptr, false}, }; static const SSL_SIGNATURE_ALGORITHM *get_signature_algorithm(uint16_t sigalg) { @@ -132,22 +133,22 @@ return NULL; } -int ssl_has_private_key(const SSL_CONFIG *cfg) { +bool ssl_has_private_key(const SSL_CONFIG *cfg) { return cfg->cert->privatekey != nullptr || cfg->cert->key_method != nullptr; } -static int pkey_supports_algorithm(const SSL *ssl, EVP_PKEY *pkey, - uint16_t sigalg) { +static bool pkey_supports_algorithm(const SSL *ssl, EVP_PKEY *pkey, + uint16_t sigalg) { const SSL_SIGNATURE_ALGORITHM *alg = get_signature_algorithm(sigalg); if (alg == NULL || EVP_PKEY_id(pkey) != alg->pkey_type) { - return 0; + return false; } if (ssl_protocol_version(ssl) >= TLS1_3_VERSION) { // RSA keys may only be used with RSA-PSS. if (alg->pkey_type == EVP_PKEY_RSA && !alg->is_rsa_pss) { - return 0; + return false; } // EC keys have a curve requirement. @@ -155,18 +156,18 @@ (alg->curve == NID_undef || EC_GROUP_get_curve_name( EC_KEY_get0_group(EVP_PKEY_get0_EC_KEY(pkey))) != alg->curve)) { - return 0; + return false; } } - return 1; + return true; } -static int setup_ctx(SSL *ssl, EVP_MD_CTX *ctx, EVP_PKEY *pkey, uint16_t sigalg, - int is_verify) { +static bool setup_ctx(SSL *ssl, EVP_MD_CTX *ctx, EVP_PKEY *pkey, + uint16_t sigalg, bool is_verify) { if (!pkey_supports_algorithm(ssl, pkey, sigalg)) { OPENSSL_PUT_ERROR(SSL, SSL_R_WRONG_SIGNATURE_TYPE); - return 0; + return false; } const SSL_SIGNATURE_ALGORITHM *alg = get_signature_algorithm(sigalg); @@ -174,20 +175,20 @@ EVP_PKEY_CTX *pctx; if (is_verify) { if (!EVP_DigestVerifyInit(ctx, &pctx, digest, NULL, pkey)) { - return 0; + return false; } } else if (!EVP_DigestSignInit(ctx, &pctx, digest, NULL, pkey)) { - return 0; + return false; } if (alg->is_rsa_pss) { if (!EVP_PKEY_CTX_set_rsa_padding(pctx, RSA_PKCS1_PSS_PADDING) || !EVP_PKEY_CTX_set_rsa_pss_saltlen(pctx, -1 /* salt len = hash len */)) { - return 0; + return false; } } - return 1; + return true; } enum ssl_private_key_result_t ssl_private_key_sign( @@ -212,7 +213,7 @@ *out_len = max_out; ScopedEVP_MD_CTX ctx; if (!setup_ctx(ssl, ctx.get(), hs->config->cert->privatekey.get(), sigalg, - 0 /* sign */) || + false /* sign */) || !EVP_DigestSign(ctx.get(), out, out_len, in.data(), in.size())) { return ssl_private_key_failure; } @@ -223,7 +224,7 @@ uint16_t sigalg, EVP_PKEY *pkey, Span<const uint8_t> in) { ScopedEVP_MD_CTX ctx; - return setup_ctx(ssl, ctx.get(), pkey, sigalg, 1 /* verify */) && + return setup_ctx(ssl, ctx.get(), pkey, sigalg, true /* verify */) && EVP_DigestVerify(ctx.get(), signature.data(), signature.size(), in.data(), in.size()); }
diff --git a/ssl/tls13_enc.cc b/ssl/tls13_enc.cc index e451838..5e1f19a 100644 --- a/ssl/tls13_enc.cc +++ b/ssl/tls13_enc.cc
@@ -32,10 +32,10 @@ BSSL_NAMESPACE_BEGIN -static int init_key_schedule(SSL_HANDSHAKE *hs, uint16_t version, +static bool init_key_schedule(SSL_HANDSHAKE *hs, uint16_t version, const SSL_CIPHER *cipher) { if (!hs->transcript.InitHash(version, cipher)) { - return 0; + return false; } hs->hash_len = hs->transcript.DigestLen(); @@ -43,13 +43,13 @@ // Initialize the secret to the zero key. OPENSSL_memset(hs->secret, 0, hs->hash_len); - return 1; + return true; } -int tls13_init_key_schedule(SSL_HANDSHAKE *hs, const uint8_t *psk, - size_t psk_len) { +bool tls13_init_key_schedule(SSL_HANDSHAKE *hs, const uint8_t *psk, + size_t psk_len) { if (!init_key_schedule(hs, ssl_protocol_version(hs->ssl), hs->new_cipher)) { - return 0; + return false; } hs->transcript.FreeBuffer(); @@ -57,8 +57,8 @@ psk_len, hs->secret, hs->hash_len); } -int tls13_init_early_key_schedule(SSL_HANDSHAKE *hs, const uint8_t *psk, - size_t psk_len) { +bool tls13_init_early_key_schedule(SSL_HANDSHAKE *hs, const uint8_t *psk, + size_t psk_len) { SSL *const ssl = hs->ssl; return init_key_schedule(hs, ssl_session_protocol_version(ssl->session.get()), ssl->session->cipher) && @@ -66,10 +66,11 @@ psk_len, hs->secret, hs->hash_len); } -static int hkdf_expand_label(uint8_t *out, const EVP_MD *digest, - const uint8_t *secret, size_t secret_len, - const char *label, size_t label_len, - const uint8_t *hash, size_t hash_len, size_t len) { +static bool hkdf_expand_label(uint8_t *out, const EVP_MD *digest, + const uint8_t *secret, size_t secret_len, + const char *label, size_t label_len, + const uint8_t *hash, size_t hash_len, + size_t len) { static const char kTLS13LabelVersion[] = "tls13 "; ScopedCBB cbb; @@ -85,7 +86,7 @@ !CBB_add_u8_length_prefixed(cbb.get(), &child) || !CBB_add_bytes(&child, hash, hash_len) || !CBBFinishArray(cbb.get(), &hkdf_label)) { - return 0; + return false; } return HKDF_expand(out, len, digest, secret, secret_len, hkdf_label.data(), @@ -94,20 +95,20 @@ static const char kTLS13LabelDerived[] = "derived"; -int tls13_advance_key_schedule(SSL_HANDSHAKE *hs, const uint8_t *in, - size_t len) { +bool tls13_advance_key_schedule(SSL_HANDSHAKE *hs, const uint8_t *in, + size_t len) { uint8_t derive_context[EVP_MAX_MD_SIZE]; unsigned derive_context_len; if (!EVP_Digest(nullptr, 0, derive_context, &derive_context_len, hs->transcript.Digest(), nullptr)) { - return 0; + return false; } if (!hkdf_expand_label(hs->secret, hs->transcript.Digest(), hs->secret, hs->hash_len, kTLS13LabelDerived, strlen(kTLS13LabelDerived), derive_context, derive_context_len, hs->hash_len)) { - return 0; + return false; } return HKDF_extract(hs->secret, &hs->hash_len, hs->transcript.Digest(), in, @@ -116,13 +117,13 @@ // derive_secret derives a secret of length |len| and writes the result in |out| // with the given label and the current base secret and most recently-saved -// handshake context. It returns one on success and zero on error. -static int derive_secret(SSL_HANDSHAKE *hs, uint8_t *out, size_t len, - const char *label, size_t label_len) { +// handshake context. It returns true on success and false on error. +static bool derive_secret(SSL_HANDSHAKE *hs, uint8_t *out, size_t len, + const char *label, size_t label_len) { uint8_t context_hash[EVP_MAX_MD_SIZE]; size_t context_hash_len; if (!hs->transcript.GetHash(context_hash, &context_hash_len)) { - return 0; + return false; } return hkdf_expand_label(out, hs->transcript.Digest(), hs->secret, @@ -130,15 +131,15 @@ context_hash_len, len); } -int tls13_set_traffic_key(SSL *ssl, enum evp_aead_direction_t direction, - const uint8_t *traffic_secret, - size_t traffic_secret_len) { +bool tls13_set_traffic_key(SSL *ssl, enum evp_aead_direction_t direction, + const uint8_t *traffic_secret, + size_t traffic_secret_len) { const SSL_SESSION *session = SSL_get_session(ssl); uint16_t version = ssl_session_protocol_version(session); if (traffic_secret_len > 0xff) { OPENSSL_PUT_ERROR(SSL, ERR_R_OVERFLOW); - return 0; + return false; } // Look up cipher suite properties. @@ -146,7 +147,7 @@ size_t discard; if (!ssl_cipher_get_evp_aead(&aead, &discard, &discard, session->cipher, version, SSL_is_dtls(ssl))) { - return 0; + return false; } const EVP_MD *digest = ssl_session_get_digest(session); @@ -156,7 +157,7 @@ uint8_t key[EVP_AEAD_MAX_KEY_LENGTH]; if (!hkdf_expand_label(key, digest, traffic_secret, traffic_secret_len, "key", 3, NULL, 0, key_len)) { - return 0; + return false; } // Derive the IV. @@ -164,7 +165,7 @@ uint8_t iv[EVP_AEAD_MAX_NONCE_LENGTH]; if (!hkdf_expand_label(iv, digest, traffic_secret, traffic_secret_len, "iv", 2, NULL, 0, iv_len)) { - return 0; + return false; } UniquePtr<SSLAEADContext> traffic_aead = @@ -172,16 +173,16 @@ session->cipher, MakeConstSpan(key, key_len), Span<const uint8_t>(), MakeConstSpan(iv, iv_len)); if (!traffic_aead) { - return 0; + return false; } if (direction == evp_aead_open) { if (!ssl->method->set_read_state(ssl, std::move(traffic_aead))) { - return 0; + return false; } } else { if (!ssl->method->set_write_state(ssl, std::move(traffic_aead))) { - return 0; + return false; } } @@ -196,7 +197,7 @@ ssl->s3->write_traffic_secret_len = traffic_secret_len; } - return 1; + return true; } @@ -209,7 +210,7 @@ static const char kTLS13LabelClientApplicationTraffic[] = "c ap traffic"; static const char kTLS13LabelServerApplicationTraffic[] = "s ap traffic"; -int tls13_derive_early_secrets(SSL_HANDSHAKE *hs) { +bool tls13_derive_early_secrets(SSL_HANDSHAKE *hs) { SSL *const ssl = hs->ssl; if (!derive_secret(hs, hs->early_traffic_secret, hs->hash_len, kTLS13LabelClientEarlyTraffic, @@ -219,13 +220,13 @@ !derive_secret(hs, ssl->s3->early_exporter_secret, hs->hash_len, kTLS13LabelEarlyExporter, strlen(kTLS13LabelEarlyExporter))) { - return 0; + return false; } ssl->s3->early_exporter_secret_len = hs->hash_len; - return 1; + return true; } -int tls13_derive_handshake_secrets(SSL_HANDSHAKE *hs) { +bool tls13_derive_handshake_secrets(SSL_HANDSHAKE *hs) { SSL *const ssl = hs->ssl; return derive_secret(hs, hs->client_handshake_secret, hs->hash_len, kTLS13LabelClientHandshakeTraffic, @@ -239,7 +240,7 @@ hs->server_handshake_secret, hs->hash_len); } -int tls13_derive_application_secrets(SSL_HANDSHAKE *hs) { +bool tls13_derive_application_secrets(SSL_HANDSHAKE *hs) { SSL *const ssl = hs->ssl; ssl->s3->exporter_secret_len = hs->hash_len; return derive_secret(hs, hs->client_traffic_secret_0, hs->hash_len, @@ -260,7 +261,7 @@ static const char kTLS13LabelApplicationTraffic[] = "traffic upd"; -int tls13_rotate_traffic_key(SSL *ssl, enum evp_aead_direction_t direction) { +bool tls13_rotate_traffic_key(SSL *ssl, enum evp_aead_direction_t direction) { uint8_t *secret; size_t secret_len; if (direction == evp_aead_open) { @@ -275,7 +276,7 @@ if (!hkdf_expand_label( secret, digest, secret, secret_len, kTLS13LabelApplicationTraffic, strlen(kTLS13LabelApplicationTraffic), NULL, 0, secret_len)) { - return 0; + return false; } return tls13_set_traffic_key(ssl, direction, secret, secret_len); @@ -283,10 +284,10 @@ static const char kTLS13LabelResumption[] = "res master"; -int tls13_derive_resumption_secret(SSL_HANDSHAKE *hs) { +bool tls13_derive_resumption_secret(SSL_HANDSHAKE *hs) { if (hs->hash_len > SSL_MAX_MASTER_KEY_LENGTH) { OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); - return 0; + return false; } hs->new_session->master_key_length = hs->hash_len; return derive_secret(hs, hs->new_session->master_key, @@ -298,23 +299,23 @@ // tls13_verify_data sets |out| to be the HMAC of |context| using a derived // Finished key for both Finished messages and the PSK binder. -static int tls13_verify_data(const EVP_MD *digest, uint16_t version, - uint8_t *out, size_t *out_len, - const uint8_t *secret, size_t hash_len, - uint8_t *context, size_t context_len) { +static bool tls13_verify_data(const EVP_MD *digest, uint16_t version, + uint8_t *out, size_t *out_len, + const uint8_t *secret, size_t hash_len, + uint8_t *context, size_t context_len) { uint8_t key[EVP_MAX_MD_SIZE]; unsigned len; if (!hkdf_expand_label(key, digest, secret, hash_len, kTLS13LabelFinished, strlen(kTLS13LabelFinished), NULL, 0, hash_len) || HMAC(digest, key, hash_len, context, context_len, out, &len) == NULL) { - return 0; + return false; } *out_len = len; - return 1; + return true; } -int tls13_finished_mac(SSL_HANDSHAKE *hs, uint8_t *out, size_t *out_len, - int is_server) { +bool tls13_finished_mac(SSL_HANDSHAKE *hs, uint8_t *out, size_t *out_len, + bool is_server) { const uint8_t *traffic_secret; if (is_server) { traffic_secret = hs->server_handshake_secret; @@ -345,14 +346,14 @@ static const char kTLS13LabelExportKeying[] = "exporter"; -int tls13_export_keying_material(SSL *ssl, Span<uint8_t> out, - Span<const uint8_t> secret, - Span<const char> label, - Span<const uint8_t> context) { +bool tls13_export_keying_material(SSL *ssl, Span<uint8_t> out, + Span<const uint8_t> secret, + Span<const char> label, + Span<const uint8_t> context) { if (secret.empty()) { assert(0); OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); - return 0; + return false; } const EVP_MD *digest = ssl_session_get_digest(SSL_get_session(ssl)); @@ -378,21 +379,21 @@ static const char kTLS13LabelPSKBinder[] = "res binder"; -static int tls13_psk_binder(uint8_t *out, uint16_t version, - const EVP_MD *digest, uint8_t *psk, size_t psk_len, - uint8_t *context, size_t context_len, - size_t hash_len) { +static bool tls13_psk_binder(uint8_t *out, uint16_t version, + const EVP_MD *digest, uint8_t *psk, size_t psk_len, + uint8_t *context, size_t context_len, + size_t hash_len) { uint8_t binder_context[EVP_MAX_MD_SIZE]; unsigned binder_context_len; if (!EVP_Digest(NULL, 0, binder_context, &binder_context_len, digest, NULL)) { - return 0; + return false; } uint8_t early_secret[EVP_MAX_MD_SIZE] = {0}; size_t early_secret_len; if (!HKDF_extract(early_secret, &early_secret_len, digest, psk, hash_len, NULL, 0)) { - return 0; + return false; } uint8_t binder_key[EVP_MAX_MD_SIZE] = {0}; @@ -402,20 +403,20 @@ binder_context, binder_context_len, hash_len) || !tls13_verify_data(digest, version, out, &len, binder_key, hash_len, context, context_len)) { - return 0; + return false; } - return 1; + return true; } -int tls13_write_psk_binder(SSL_HANDSHAKE *hs, uint8_t *msg, size_t len) { +bool tls13_write_psk_binder(SSL_HANDSHAKE *hs, uint8_t *msg, size_t len) { SSL *const ssl = hs->ssl; const EVP_MD *digest = ssl_session_get_digest(ssl->session.get()); size_t hash_len = EVP_MD_size(digest); if (len < hash_len + 3) { OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); - return 0; + return false; } ScopedEVP_MD_CTX ctx; @@ -427,7 +428,7 @@ hs->transcript.buffer().size()) || !EVP_DigestUpdate(ctx.get(), msg, len - hash_len - 3) || !EVP_DigestFinal_ex(ctx.get(), context, &context_len)) { - return 0; + return false; } uint8_t verify_data[EVP_MAX_MD_SIZE] = {0}; @@ -435,21 +436,21 @@ ssl->session->master_key, ssl->session->master_key_length, context, context_len, hash_len)) { - return 0; + return false; } OPENSSL_memcpy(msg + len - hash_len, verify_data, hash_len); - return 1; + return true; } -int tls13_verify_psk_binder(SSL_HANDSHAKE *hs, SSL_SESSION *session, - const SSLMessage &msg, CBS *binders) { +bool tls13_verify_psk_binder(SSL_HANDSHAKE *hs, SSL_SESSION *session, + const SSLMessage &msg, CBS *binders) { size_t hash_len = hs->transcript.DigestLen(); // The message must be large enough to exclude the binders. if (CBS_len(&msg.raw) < CBS_len(binders) + 2) { OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); - return 0; + return false; } // Hash a ClientHello prefix up to the binders. This includes the header. For @@ -459,7 +460,7 @@ unsigned context_len; if (!EVP_Digest(CBS_data(&msg.raw), CBS_len(&msg.raw) - CBS_len(binders) - 2, context, &context_len, hs->transcript.Digest(), NULL)) { - return 0; + return false; } uint8_t verify_data[EVP_MAX_MD_SIZE] = {0}; @@ -470,21 +471,21 @@ // We only consider the first PSK, so compare against the first binder. !CBS_get_u8_length_prefixed(binders, &binder)) { OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); - return 0; + return false; } - int binder_ok = + bool binder_ok = CBS_len(&binder) == hash_len && CRYPTO_memcmp(CBS_data(&binder), verify_data, hash_len) == 0; #if defined(BORINGSSL_UNSAFE_FUZZER_MODE) - binder_ok = 1; + binder_ok = true; #endif if (!binder_ok) { OPENSSL_PUT_ERROR(SSL, SSL_R_DIGEST_CHECK_FAILED); - return 0; + return false; } - return 1; + return true; } BSSL_NAMESPACE_END
diff --git a/ssl/tls13_server.cc b/ssl/tls13_server.cc index b1940d8..0d82d68 100644 --- a/ssl/tls13_server.cc +++ b/ssl/tls13_server.cc
@@ -716,7 +716,7 @@ size_t finished_len; if (!tls13_finished_mac(hs, hs->expected_client_finished, &finished_len, - 0 /* client */)) { + false /* client */)) { return ssl_hs_error; }
diff --git a/ssl/tls_record.cc b/ssl/tls_record.cc index 452b0cf..c1f9e7f 100644 --- a/ssl/tls_record.cc +++ b/ssl/tls_record.cc
@@ -140,26 +140,26 @@ // ssl_needs_record_splitting returns one if |ssl|'s current outgoing cipher // state needs record-splitting and zero otherwise. -static int ssl_needs_record_splitting(const SSL *ssl) { +static bool ssl_needs_record_splitting(const SSL *ssl) { #if !defined(BORINGSSL_UNSAFE_FUZZER_MODE) return !ssl->s3->aead_write_ctx->is_null_cipher() && ssl->s3->aead_write_ctx->ProtocolVersion() < TLS1_1_VERSION && (ssl->mode & SSL_MODE_CBC_RECORD_SPLITTING) != 0 && SSL_CIPHER_is_block_cipher(ssl->s3->aead_write_ctx->cipher()); #else - return 0; + return false; #endif } -int ssl_record_sequence_update(uint8_t *seq, size_t seq_len) { +bool ssl_record_sequence_update(uint8_t *seq, size_t seq_len) { for (size_t i = seq_len - 1; i < seq_len; i--) { ++seq[i]; if (seq[i] != 0) { - return 1; + return true; } } OPENSSL_PUT_ERROR(SSL, ERR_R_OVERFLOW); - return 0; + return false; } size_t ssl_record_prefix_len(const SSL *ssl) { @@ -373,9 +373,9 @@ return ssl_open_record_success; } -static int do_seal_record(SSL *ssl, uint8_t *out_prefix, uint8_t *out, - uint8_t *out_suffix, uint8_t type, const uint8_t *in, - const size_t in_len) { +static bool do_seal_record(SSL *ssl, uint8_t *out_prefix, uint8_t *out, + uint8_t *out_suffix, uint8_t type, const uint8_t *in, + const size_t in_len) { SSLAEADContext *aead = ssl->s3->aead_write_ctx.get(); uint8_t *extra_in = NULL; size_t extra_in_len = 0; @@ -390,7 +390,7 @@ if (!aead->SuffixLen(&suffix_len, in_len, extra_in_len) || !aead->CiphertextLen(&ciphertext_len, in_len, extra_in_len)) { OPENSSL_PUT_ERROR(SSL, SSL_R_RECORD_TOO_LARGE); - return 0; + return false; } assert(in == out || !buffers_alias(in, in_len, out, in_len)); @@ -415,11 +415,11 @@ out_prefix[0], record_version, ssl->s3->write_sequence, header, in, in_len, extra_in, extra_in_len) || !ssl_record_sequence_update(ssl->s3->write_sequence, 8)) { - return 0; + return false; } ssl_do_msg_callback(ssl, 1 /* write */, SSL3_RT_HEADER, header); - return 1; + return true; } static size_t tls_seal_scatter_prefix_len(const SSL *ssl, uint8_t type, @@ -464,7 +464,7 @@ // returns one on success and zero on error. If enabled, // |tls_seal_scatter_record| implements TLS 1.0 CBC 1/n-1 record splitting and // may write two records concatenated. -static int tls_seal_scatter_record(SSL *ssl, uint8_t *out_prefix, uint8_t *out, +static bool tls_seal_scatter_record(SSL *ssl, uint8_t *out_prefix, uint8_t *out, uint8_t *out_suffix, uint8_t type, const uint8_t *in, size_t in_len) { if (type == SSL3_RT_APPLICATION_DATA && in_len > 1 && @@ -478,13 +478,13 @@ if (!do_seal_record(ssl, out_prefix, split_body, split_suffix, type, in, 1)) { - return 0; + return false; } size_t split_record_suffix_len; if (!ssl->s3->aead_write_ctx->SuffixLen(&split_record_suffix_len, 1, 0)) { assert(false); - return 0; + return false; } const size_t split_record_len = prefix_len + 1 + split_record_suffix_len; assert(SSL3_RT_HEADER_LENGTH + ssl_cipher_get_record_split_len( @@ -496,24 +496,25 @@ uint8_t tmp_prefix[SSL3_RT_HEADER_LENGTH]; if (!do_seal_record(ssl, tmp_prefix, out + 1, out_suffix, type, in + 1, in_len - 1)) { - return 0; + return false; } assert(tls_seal_scatter_prefix_len(ssl, type, in_len) == split_record_len + SSL3_RT_HEADER_LENGTH - 1); OPENSSL_memcpy(out_prefix + split_record_len, tmp_prefix, SSL3_RT_HEADER_LENGTH - 1); OPENSSL_memcpy(out, tmp_prefix + SSL3_RT_HEADER_LENGTH - 1, 1); - return 1; + return true; } return do_seal_record(ssl, out_prefix, out, out_suffix, type, in, in_len); } -int tls_seal_record(SSL *ssl, uint8_t *out, size_t *out_len, size_t max_out_len, - uint8_t type, const uint8_t *in, size_t in_len) { +bool tls_seal_record(SSL *ssl, uint8_t *out, size_t *out_len, + size_t max_out_len, uint8_t type, const uint8_t *in, + size_t in_len) { if (buffers_alias(in, in_len, out, max_out_len)) { OPENSSL_PUT_ERROR(SSL, SSL_R_OUTPUT_ALIASES_INPUT); - return 0; + return false; } const size_t prefix_len = tls_seal_scatter_prefix_len(ssl, type, in_len); @@ -524,22 +525,22 @@ if (in_len + prefix_len < in_len || prefix_len + in_len + suffix_len < prefix_len + in_len) { OPENSSL_PUT_ERROR(SSL, SSL_R_RECORD_TOO_LARGE); - return 0; + return false; } if (max_out_len < in_len + prefix_len + suffix_len) { OPENSSL_PUT_ERROR(SSL, SSL_R_BUFFER_TOO_SMALL); - return 0; + return false; } uint8_t *prefix = out; uint8_t *body = out + prefix_len; uint8_t *suffix = body + in_len; if (!tls_seal_scatter_record(ssl, prefix, body, suffix, type, in, in_len)) { - return 0; + return false; } *out_len = prefix_len + in_len + suffix_len; - return 1; + return true; } enum ssl_open_record_t ssl_process_alert(SSL *ssl, uint8_t *out_alert,