Rename algorithm2 to algorithm_prf.
It's purely the PRF function now, although it's still different from the
rest due to the _DEFAULT field being weird.
Change-Id: Iaea7a99cccdc8be4cd60f6c1503df5be2a63c4c5
Reviewed-on: https://boringssl-review.googlesource.com/5614
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index 4174594..04304cb 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -196,9 +196,7 @@
uint32_t algorithm_mac;
uint32_t algorithm_ssl;
uint32_t algo_strength;
-
- /* algorithm2 contains extra flags. See ssl/internal.h. */
- uint32_t algorithm2;
+ uint32_t algorithm_prf;
/* strength_bits is the strength of the cipher in bits. */
int strength_bits;
diff --git a/ssl/internal.h b/ssl/internal.h
index 5873570..7f2dd52 100644
--- a/ssl/internal.h
+++ b/ssl/internal.h
@@ -202,8 +202,7 @@
#define SSL_TLSV1 SSL_SSLV3
#define SSL_TLSV1_2 0x00000004L
-/* Bits for |algorithm2| (handshake digests and other extra flags). */
-
+/* Bits for |algorithm_prf| (handshake digest). */
#define SSL_HANDSHAKE_MAC_MD5 0x10
#define SSL_HANDSHAKE_MAC_SHA 0x20
#define SSL_HANDSHAKE_MAC_SHA256 0x40
@@ -1181,7 +1180,7 @@
* the wire version except at API boundaries. */
uint16_t ssl3_version_from_wire(SSL *s, uint16_t wire_version);
-uint32_t ssl_get_algorithm2(SSL *s);
+uint32_t ssl_get_algorithm_prf(SSL *s);
int tls1_process_sigalgs(SSL *s, const CBS *sigalgs);
/* tls1_choose_signing_digest returns a digest for use with |ssl|'s private key
diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c
index f2b6e9d..97555cd 100644
--- a/ssl/s3_enc.c
+++ b/ssl/s3_enc.c
@@ -298,9 +298,9 @@
return 0;
}
- /* Loop through bits of algorithm2 field and create MD_CTX-es */
+ /* Loop through bits of algorithm_prf field and create MD_CTX-es */
for (i = 0; ssl_get_handshake_digest(&mask, &md, i); i++) {
- if ((mask & ssl_get_algorithm2(s)) && md) {
+ if ((mask & ssl_get_algorithm_prf(s)) && md) {
s->s3->handshake_dgst[i] = EVP_MD_CTX_create();
if (s->s3->handshake_dgst[i] == NULL) {
OPENSSL_PUT_ERROR(SSL, ERR_LIB_EVP);
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index ce5aed6..2566a4d 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -659,9 +659,9 @@
/* If we are using default SHA1+MD5 algorithms switch to new SHA256 PRF and
* handshake macs if required. */
-uint32_t ssl_get_algorithm2(SSL *s) {
+uint32_t ssl_get_algorithm_prf(SSL *s) {
static const uint32_t kMask = SSL_HANDSHAKE_MAC_DEFAULT;
- uint32_t alg2 = s->s3->tmp.new_cipher->algorithm2;
+ uint32_t alg2 = s->s3->tmp.new_cipher->algorithm_prf;
if (s->enc_method->enc_flags & SSL_ENC_FLAG_SHA256_PRF &&
(alg2 & kMask) == kMask) {
return SSL_HANDSHAKE_MAC_SHA256;
diff --git a/ssl/ssl_cipher.c b/ssl/ssl_cipher.c
index cbdf7ca..29824aa 100644
--- a/ssl/ssl_cipher.c
+++ b/ssl/ssl_cipher.c
@@ -1456,7 +1456,7 @@
}
static const char *ssl_cipher_get_prf_name(const SSL_CIPHER *cipher) {
- if ((cipher->algorithm2 & SSL_HANDSHAKE_MAC_DEFAULT) ==
+ if ((cipher->algorithm_prf & SSL_HANDSHAKE_MAC_DEFAULT) ==
SSL_HANDSHAKE_MAC_DEFAULT) {
/* Before TLS 1.2, the PRF component is the hash used in the HMAC, which is
* only ever MD5 or SHA-1. */
@@ -1469,9 +1469,9 @@
assert(0);
return "UNKNOWN";
}
- } else if (cipher->algorithm2 & SSL_HANDSHAKE_MAC_SHA256) {
+ } else if (cipher->algorithm_prf & SSL_HANDSHAKE_MAC_SHA256) {
return "SHA256";
- } else if (cipher->algorithm2 & SSL_HANDSHAKE_MAC_SHA384) {
+ } else if (cipher->algorithm_prf & SSL_HANDSHAKE_MAC_SHA384) {
return "SHA384";
} else {
assert(0);
diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c
index 93eb717..0aa4d1a 100644
--- a/ssl/t1_enc.c
+++ b/ssl/t1_enc.c
@@ -245,7 +245,7 @@
/* Count number of digests and partition |secret| evenly. */
count = 0;
for (idx = 0; ssl_get_handshake_digest(&m, &md, idx); idx++) {
- if (m & ssl_get_algorithm2(s)) {
+ if (m & ssl_get_algorithm_prf(s)) {
count++;
}
}
@@ -260,7 +260,7 @@
S1 = secret;
memset(out, 0, out_len);
for (idx = 0; ssl_get_handshake_digest(&m, &md, idx); idx++) {
- if (m & ssl_get_algorithm2(s)) {
+ if (m & ssl_get_algorithm_prf(s)) {
/* If |count| is 2 and |secret_len| is odd, |secret| is partitioned into
* two halves with an overlapping byte. */
if (!tls1_P_hash(tmp, out_len, md, S1, len + (secret_len & 1),
@@ -521,7 +521,7 @@
unsigned int digest_len;
EVP_MD_CTX *hdgst = s->s3->handshake_dgst[i];
- if ((mask & ssl_get_algorithm2(s)) == 0) {
+ if ((mask & ssl_get_algorithm_prf(s)) == 0) {
continue;
}
