Switch t1_lib, tls_record, and tls13_both to C++.
This leaves just the TLS 1.3 handshake code.
Bug: 132
Change-Id: I2bd87b0ecd0ae7d6ea1302bc62c67aec5ca1dccb
Reviewed-on: https://boringssl-review.googlesource.com/17767
Reviewed-by: Steven Valdez <svaldez@google.com>
diff --git a/ssl/CMakeLists.txt b/ssl/CMakeLists.txt
index eb0aa32..5d76fdf 100644
--- a/ssl/CMakeLists.txt
+++ b/ssl/CMakeLists.txt
@@ -31,12 +31,12 @@
ssl_versions.cc
ssl_x509.cc
t1_enc.cc
- t1_lib.c
+ t1_lib.cc
tls_method.cc
- tls_record.c
- tls13_both.c
+ tls_record.cc
+ tls13_both.cc
tls13_client.c
- tls13_enc.c
+ tls13_enc.cc
tls13_server.c
)
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.cc
similarity index 96%
rename from ssl/t1_lib.c
rename to ssl/t1_lib.cc
index 8e858c4..fb0c8dd 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.cc
@@ -168,7 +168,8 @@
return 1;
}
- extension_types = OPENSSL_malloc(sizeof(uint16_t) * num_extensions);
+ extension_types =
+ (uint16_t *)OPENSSL_malloc(sizeof(uint16_t) * num_extensions);
if (extension_types == NULL) {
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
goto done;
@@ -362,9 +363,7 @@
int tls1_set_curves(uint16_t **out_group_ids, size_t *out_group_ids_len,
const int *curves, size_t ncurves) {
- uint16_t *group_ids;
-
- group_ids = OPENSSL_malloc(ncurves * sizeof(uint16_t));
+ uint16_t *group_ids = (uint16_t *)OPENSSL_malloc(ncurves * sizeof(uint16_t));
if (group_ids == NULL) {
return 0;
}
@@ -400,8 +399,8 @@
goto err;
}
- uint16_t *new_group_ids = OPENSSL_realloc(group_ids,
- (ncurves + 1) * sizeof(uint16_t));
+ uint16_t *new_group_ids = (uint16_t *)OPENSSL_realloc(
+ group_ids, (ncurves + 1) * sizeof(uint16_t));
if (new_group_ids == NULL) {
goto err;
}
@@ -1233,7 +1232,8 @@
}
OPENSSL_free(ssl->s3->next_proto_negotiated);
- ssl->s3->next_proto_negotiated = BUF_memdup(selected, selected_len);
+ ssl->s3->next_proto_negotiated =
+ (uint8_t *)BUF_memdup(selected, selected_len);
if (ssl->s3->next_proto_negotiated == NULL) {
*out_alert = SSL_AD_INTERNAL_ERROR;
return 0;
@@ -1522,7 +1522,7 @@
CBS_len(&protocol_name_list),
ssl->ctx->alpn_select_cb_arg) == SSL_TLSEXT_ERR_OK) {
OPENSSL_free(ssl->s3->alpn_selected);
- ssl->s3->alpn_selected = BUF_memdup(selected, selected_len);
+ ssl->s3->alpn_selected = (uint8_t *)BUF_memdup(selected, selected_len);
if (ssl->s3->alpn_selected == NULL) {
*out_alert = SSL_AD_INTERNAL_ERROR;
return 0;
@@ -2197,7 +2197,8 @@
/* Save the contents of the extension to repeat it in the second
* ClientHello. */
hs->key_share_bytes_len = CBB_len(&kse_bytes);
- hs->key_share_bytes = BUF_memdup(CBB_data(&kse_bytes), CBB_len(&kse_bytes));
+ hs->key_share_bytes =
+ (uint8_t *)BUF_memdup(CBB_data(&kse_bytes), CBB_len(&kse_bytes));
if (hs->key_share_bytes == NULL) {
return 0;
}
@@ -2451,7 +2452,7 @@
}
hs->peer_supported_group_list =
- OPENSSL_malloc(CBS_len(&supported_group_list));
+ (uint16_t *)OPENSSL_malloc(CBS_len(&supported_group_list));
if (hs->peer_supported_group_list == NULL) {
*out_alert = SSL_AD_INTERNAL_ERROR;
return 0;
@@ -2674,7 +2675,8 @@
CBB extensions;
if (!CBB_add_u16_length_prefixed(out, &extensions)) {
- goto err;
+ OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
+ return 0;
}
hs->extensions.sent = 0;
@@ -2692,7 +2694,8 @@
grease_ext1 = ssl_get_grease_value(ssl, ssl_grease_extension1);
if (!CBB_add_u16(&extensions, grease_ext1) ||
!CBB_add_u16(&extensions, 0 /* zero length */)) {
- goto err;
+ OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
+ return 0;
}
}
@@ -2701,7 +2704,7 @@
if (!kExtensions[i].add_clienthello(hs, &extensions)) {
OPENSSL_PUT_ERROR(SSL, SSL_R_ERROR_ADDING_EXTENSION);
ERR_add_error_dataf("extension %u", (unsigned)kExtensions[i].value);
- goto err;
+ return 0;
}
if (CBB_len(&extensions) != len_before) {
@@ -2710,7 +2713,8 @@
}
if (!custom_ext_add_clienthello(hs, &extensions)) {
- goto err;
+ OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
+ return 0;
}
if (ssl->ctx->grease_enabled) {
@@ -2727,7 +2731,8 @@
if (!CBB_add_u16(&extensions, grease_ext2) ||
!CBB_add_u16(&extensions, 1 /* one byte length */) ||
!CBB_add_u8(&extensions, 0 /* single zero byte as contents */)) {
- goto err;
+ OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
+ return 0;
}
}
@@ -2754,7 +2759,8 @@
if (!CBB_add_u16(&extensions, TLSEXT_TYPE_padding) ||
!CBB_add_u16(&extensions, padding_len) ||
!CBB_add_space(&extensions, &padding_bytes, padding_len)) {
- goto err;
+ OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
+ return 0;
}
OPENSSL_memset(padding_bytes, 0, padding_len);
@@ -2763,7 +2769,8 @@
/* The PSK extension must be last, including after the padding. */
if (!ext_pre_shared_key_add_clienthello(hs, &extensions)) {
- goto err;
+ OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
+ return 0;
}
/* Discard empty extensions blocks. */
@@ -2772,10 +2779,6 @@
}
return CBB_flush(out);
-
-err:
- OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
- return 0;
}
int ssl_add_serverhello_tlsext(SSL_HANDSHAKE *hs, CBB *out) {
@@ -3040,33 +3043,28 @@
ssl_decrypt_ticket_with_cipher_ctx(SSL *ssl, uint8_t **out, size_t *out_len,
int *out_renew_ticket, const uint8_t *ticket,
size_t ticket_len) {
- enum ssl_ticket_aead_result_t ret = ssl_ticket_aead_ignore_ticket;
const SSL_CTX *const ssl_ctx = ssl->session_ctx;
- uint8_t *plaintext = NULL;
- HMAC_CTX hmac_ctx;
- HMAC_CTX_init(&hmac_ctx);
- EVP_CIPHER_CTX cipher_ctx;
- EVP_CIPHER_CTX_init(&cipher_ctx);
+ bssl::ScopedHMAC_CTX hmac_ctx;
+ bssl::ScopedEVP_CIPHER_CTX cipher_ctx;
/* Ensure there is room for the key name and the largest IV
* |tlsext_ticket_key_cb| may try to consume. The real limit may be lower, but
* the maximum IV length should be well under the minimum size for the
* session material and HMAC. */
if (ticket_len < SSL_TICKET_KEY_NAME_LEN + EVP_MAX_IV_LENGTH) {
- goto out;
+ return ssl_ticket_aead_ignore_ticket;
}
const uint8_t *iv = ticket + SSL_TICKET_KEY_NAME_LEN;
if (ssl_ctx->tlsext_ticket_key_cb != NULL) {
int cb_ret = ssl_ctx->tlsext_ticket_key_cb(
- ssl, (uint8_t *)ticket /* name */, (uint8_t *)iv, &cipher_ctx,
- &hmac_ctx, 0 /* decrypt */);
+ ssl, (uint8_t *)ticket /* name */, (uint8_t *)iv, cipher_ctx.get(),
+ hmac_ctx.get(), 0 /* decrypt */);
if (cb_ret < 0) {
- ret = ssl_ticket_aead_error;
- goto out;
+ return ssl_ticket_aead_error;
} else if (cb_ret == 0) {
- goto out;
+ return ssl_ticket_aead_ignore_ticket;
} else if (cb_ret == 2) {
*out_renew_ticket = 1;
}
@@ -3074,80 +3072,71 @@
/* Check the key name matches. */
if (OPENSSL_memcmp(ticket, ssl_ctx->tlsext_tick_key_name,
SSL_TICKET_KEY_NAME_LEN) != 0) {
- goto out;
+ return ssl_ticket_aead_ignore_ticket;
}
- if (!HMAC_Init_ex(&hmac_ctx, ssl_ctx->tlsext_tick_hmac_key,
+ if (!HMAC_Init_ex(hmac_ctx.get(), ssl_ctx->tlsext_tick_hmac_key,
sizeof(ssl_ctx->tlsext_tick_hmac_key), tlsext_tick_md(),
NULL) ||
- !EVP_DecryptInit_ex(&cipher_ctx, EVP_aes_128_cbc(), NULL,
+ !EVP_DecryptInit_ex(cipher_ctx.get(), EVP_aes_128_cbc(), NULL,
ssl_ctx->tlsext_tick_aes_key, iv)) {
- ret = ssl_ticket_aead_error;
- goto out;
+ return ssl_ticket_aead_error;
}
}
- size_t iv_len = EVP_CIPHER_CTX_iv_length(&cipher_ctx);
+ size_t iv_len = EVP_CIPHER_CTX_iv_length(cipher_ctx.get());
/* Check the MAC at the end of the ticket. */
uint8_t mac[EVP_MAX_MD_SIZE];
- size_t mac_len = HMAC_size(&hmac_ctx);
+ size_t mac_len = HMAC_size(hmac_ctx.get());
if (ticket_len < SSL_TICKET_KEY_NAME_LEN + iv_len + 1 + mac_len) {
/* The ticket must be large enough for key name, IV, data, and MAC. */
- goto out;
+ return ssl_ticket_aead_ignore_ticket;
}
- HMAC_Update(&hmac_ctx, ticket, ticket_len - mac_len);
- HMAC_Final(&hmac_ctx, mac, NULL);
+ HMAC_Update(hmac_ctx.get(), ticket, ticket_len - mac_len);
+ HMAC_Final(hmac_ctx.get(), mac, NULL);
int mac_ok =
CRYPTO_memcmp(mac, ticket + (ticket_len - mac_len), mac_len) == 0;
#if defined(BORINGSSL_UNSAFE_FUZZER_MODE)
mac_ok = 1;
#endif
if (!mac_ok) {
- goto out;
+ return ssl_ticket_aead_ignore_ticket;
}
/* Decrypt the session data. */
const uint8_t *ciphertext = ticket + SSL_TICKET_KEY_NAME_LEN + iv_len;
size_t ciphertext_len = ticket_len - SSL_TICKET_KEY_NAME_LEN - iv_len -
mac_len;
- plaintext = OPENSSL_malloc(ciphertext_len);
- if (plaintext == NULL) {
- ret = ssl_ticket_aead_error;
- goto out;
+ bssl::UniquePtr<uint8_t> plaintext((uint8_t *)OPENSSL_malloc(ciphertext_len));
+ if (!plaintext) {
+ return ssl_ticket_aead_error;
}
size_t plaintext_len;
#if defined(BORINGSSL_UNSAFE_FUZZER_MODE)
- OPENSSL_memcpy(plaintext, ciphertext, ciphertext_len);
+ OPENSSL_memcpy(plaintext.get(), ciphertext, ciphertext_len);
plaintext_len = ciphertext_len;
#else
if (ciphertext_len >= INT_MAX) {
- goto out;
+ return ssl_ticket_aead_ignore_ticket;
}
int len1, len2;
- if (!EVP_DecryptUpdate(&cipher_ctx, plaintext, &len1, ciphertext,
+ if (!EVP_DecryptUpdate(cipher_ctx.get(), plaintext.get(), &len1, ciphertext,
(int)ciphertext_len) ||
- !EVP_DecryptFinal_ex(&cipher_ctx, plaintext + len1, &len2)) {
+ !EVP_DecryptFinal_ex(cipher_ctx.get(), plaintext.get() + len1, &len2)) {
ERR_clear_error();
- goto out;
+ return ssl_ticket_aead_ignore_ticket;
}
plaintext_len = (size_t)(len1) + len2;
#endif
- *out = plaintext;
- plaintext = NULL;
+ *out = plaintext.release();
*out_len = plaintext_len;
- ret = ssl_ticket_aead_success;
-
-out:
- OPENSSL_free(plaintext);
- HMAC_CTX_cleanup(&hmac_ctx);
- EVP_CIPHER_CTX_cleanup(&cipher_ctx);
- return ret;
+ return ssl_ticket_aead_success;
}
static enum ssl_ticket_aead_result_t ssl_decrypt_ticket_with_method(
SSL *ssl, uint8_t **out, size_t *out_len, int *out_renew_ticket,
const uint8_t *ticket, size_t ticket_len) {
- uint8_t *plaintext = OPENSSL_malloc(ticket_len);
+ uint8_t *plaintext = (uint8_t *)OPENSSL_malloc(ticket_len);
if (plaintext == NULL) {
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
return ssl_ticket_aead_error;
@@ -3238,7 +3227,7 @@
/* This multiplication doesn't overflow because sizeof(uint16_t) is two
* and we just divided |num_sigalgs| by two. */
- hs->peer_sigalgs = OPENSSL_malloc(num_sigalgs * sizeof(uint16_t));
+ hs->peer_sigalgs = (uint16_t *)OPENSSL_malloc(num_sigalgs * sizeof(uint16_t));
if (hs->peer_sigalgs == NULL) {
return 0;
}
@@ -3324,7 +3313,6 @@
int tls1_verify_channel_id(SSL_HANDSHAKE *hs) {
SSL *const ssl = hs->ssl;
- int ret = 0;
uint16_t extension_type;
CBS extension, channel_id;
@@ -3341,52 +3329,44 @@
return 0;
}
- EC_GROUP *p256 = EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1);
+ bssl::UniquePtr<EC_GROUP> p256(
+ EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1));
if (!p256) {
OPENSSL_PUT_ERROR(SSL, SSL_R_NO_P256_SUPPORT);
return 0;
}
- EC_KEY *key = NULL;
- EC_POINT *point = NULL;
- BIGNUM x, y;
- ECDSA_SIG sig;
- BN_init(&x);
- BN_init(&y);
- sig.r = BN_new();
- sig.s = BN_new();
- if (sig.r == NULL || sig.s == NULL) {
- goto err;
+ bssl::UniquePtr<ECDSA_SIG> sig(ECDSA_SIG_new());
+ bssl::UniquePtr<BIGNUM> x(BN_new()), y(BN_new());
+ if (!sig || !x || !y) {
+ return 0;
}
const uint8_t *p = CBS_data(&extension);
- if (BN_bin2bn(p + 0, 32, &x) == NULL ||
- BN_bin2bn(p + 32, 32, &y) == NULL ||
- BN_bin2bn(p + 64, 32, sig.r) == NULL ||
- BN_bin2bn(p + 96, 32, sig.s) == NULL) {
- goto err;
+ if (BN_bin2bn(p + 0, 32, x.get()) == NULL ||
+ BN_bin2bn(p + 32, 32, y.get()) == NULL ||
+ BN_bin2bn(p + 64, 32, sig->r) == NULL ||
+ BN_bin2bn(p + 96, 32, sig->s) == NULL) {
+ return 0;
}
- point = EC_POINT_new(p256);
- if (point == NULL ||
- !EC_POINT_set_affine_coordinates_GFp(p256, point, &x, &y, NULL)) {
- goto err;
- }
-
- key = EC_KEY_new();
- if (key == NULL ||
- !EC_KEY_set_group(key, p256) ||
- !EC_KEY_set_public_key(key, point)) {
- goto err;
+ bssl::UniquePtr<EC_KEY> key(EC_KEY_new());
+ bssl::UniquePtr<EC_POINT> point(EC_POINT_new(p256.get()));
+ if (!key || !point ||
+ !EC_POINT_set_affine_coordinates_GFp(p256.get(), point.get(), x.get(),
+ y.get(), nullptr) ||
+ !EC_KEY_set_group(key.get(), p256.get()) ||
+ !EC_KEY_set_public_key(key.get(), point.get())) {
+ return 0;
}
uint8_t digest[EVP_MAX_MD_SIZE];
size_t digest_len;
if (!tls1_channel_id_hash(hs, digest, &digest_len)) {
- goto err;
+ return 0;
}
- int sig_ok = ECDSA_do_verify(digest, digest_len, &sig, key);
+ int sig_ok = ECDSA_do_verify(digest, digest_len, sig.get(), key.get());
#if defined(BORINGSSL_UNSAFE_FUZZER_MODE)
sig_ok = 1;
#endif
@@ -3394,21 +3374,11 @@
OPENSSL_PUT_ERROR(SSL, SSL_R_CHANNEL_ID_SIGNATURE_INVALID);
ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECRYPT_ERROR);
ssl->s3->tlsext_channel_id_valid = 0;
- goto err;
+ return 0;
}
OPENSSL_memcpy(ssl->s3->tlsext_channel_id, p, 64);
- ret = 1;
-
-err:
- BN_free(&x);
- BN_free(&y);
- BN_free(sig.r);
- BN_free(sig.s);
- EC_KEY_free(key);
- EC_POINT_free(point);
- EC_GROUP_free(p256);
- return ret;
+ return 1;
}
int tls1_write_channel_id(SSL_HANDSHAKE *hs, CBB *cbb) {
diff --git a/ssl/tls13_both.c b/ssl/tls13_both.cc
similarity index 95%
rename from ssl/tls13_both.c
rename to ssl/tls13_both.cc
index de2401e..763dc0e 100644
--- a/ssl/tls13_both.c
+++ b/ssl/tls13_both.cc
@@ -373,12 +373,9 @@
int tls13_process_certificate_verify(SSL_HANDSHAKE *hs) {
SSL *const ssl = hs->ssl;
- int ret = 0;
- uint8_t *msg = NULL;
- size_t msg_len;
-
if (hs->peer_pubkey == NULL) {
- goto err;
+ OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
+ return 0;
}
CBS cbs, signature;
@@ -389,22 +386,25 @@
CBS_len(&cbs) != 0) {
OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
- goto err;
+ return 0;
}
uint8_t alert = SSL_AD_DECODE_ERROR;
if (!tls12_check_peer_sigalg(ssl, &alert, signature_algorithm)) {
ssl3_send_alert(ssl, SSL3_AL_FATAL, alert);
- goto err;
+ return 0;
}
hs->new_session->peer_signature_algorithm = signature_algorithm;
+ uint8_t *msg = NULL;
+ size_t msg_len;
if (!tls13_get_cert_verify_signature_input(
hs, &msg, &msg_len,
ssl->server ? ssl_cert_verify_client : ssl_cert_verify_server)) {
ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
- goto err;
+ return 0;
}
+ bssl::UniquePtr<uint8_t> free_msg(msg);
int sig_ok =
ssl_public_key_verify(ssl, CBS_data(&signature), CBS_len(&signature),
@@ -416,14 +416,10 @@
if (!sig_ok) {
OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_SIGNATURE);
ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECRYPT_ERROR);
- goto err;
+ return 0;
}
- ret = 1;
-
-err:
- OPENSSL_free(msg);
- return ret;
+ return 1;
}
int tls13_process_finished(SSL_HANDSHAKE *hs, int use_saved_value) {
@@ -460,21 +456,18 @@
int tls13_add_certificate(SSL_HANDSHAKE *hs) {
SSL *const ssl = hs->ssl;
- CBB cbb, body, certificate_list;
- if (!ssl->method->init_message(ssl, &cbb, &body, SSL3_MT_CERTIFICATE) ||
+ bssl::ScopedCBB cbb;
+ CBB body, certificate_list;
+ if (!ssl->method->init_message(ssl, cbb.get(), &body, SSL3_MT_CERTIFICATE) ||
/* The request context is always empty in the handshake. */
!CBB_add_u8(&body, 0) ||
!CBB_add_u24_length_prefixed(&body, &certificate_list)) {
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
- goto err;
+ return 0;
}
if (!ssl_has_certificate(ssl)) {
- if (!ssl_add_message_cbb(ssl, &cbb)) {
- goto err;
- }
-
- return 1;
+ return ssl_add_message_cbb(ssl, cbb.get());
}
CERT *cert = ssl->cert;
@@ -485,7 +478,7 @@
CRYPTO_BUFFER_len(leaf_buf)) ||
!CBB_add_u16_length_prefixed(&certificate_list, &extensions)) {
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
- goto err;
+ return 0;
}
if (hs->scts_requested && ssl->cert->signed_cert_timestamp_list != NULL) {
@@ -498,7 +491,7 @@
CRYPTO_BUFFER_len(ssl->cert->signed_cert_timestamp_list)) ||
!CBB_flush(&extensions)) {
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
- goto err;
+ return 0;
}
}
@@ -514,7 +507,7 @@
CRYPTO_BUFFER_len(ssl->cert->ocsp_response)) ||
!CBB_flush(&extensions)) {
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
- goto err;
+ return 0;
}
}
@@ -526,38 +519,27 @@
CRYPTO_BUFFER_len(cert_buf)) ||
!CBB_add_u16(&certificate_list, 0 /* no extensions */)) {
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
- goto err;
+ return 0;
}
}
- if (!ssl_add_message_cbb(ssl, &cbb)) {
- goto err;
- }
-
- return 1;
-
-err:
- CBB_cleanup(&cbb);
- return 0;
+ return ssl_add_message_cbb(ssl, cbb.get());
}
enum ssl_private_key_result_t tls13_add_certificate_verify(SSL_HANDSHAKE *hs) {
SSL *const ssl = hs->ssl;
- enum ssl_private_key_result_t ret = ssl_private_key_failure;
- uint8_t *msg = NULL;
- size_t msg_len;
- CBB cbb, body;
- CBB_zero(&cbb);
-
uint16_t signature_algorithm;
if (!tls1_choose_signature_algorithm(hs, &signature_algorithm)) {
- goto err;
+ return ssl_private_key_failure;
}
- if (!ssl->method->init_message(ssl, &cbb, &body,
+
+ bssl::ScopedCBB cbb;
+ CBB body;
+ if (!ssl->method->init_message(ssl, cbb.get(), &body,
SSL3_MT_CERTIFICATE_VERIFY) ||
!CBB_add_u16(&body, signature_algorithm)) {
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
- goto err;
+ return ssl_private_key_failure;
}
/* Sign the digest. */
@@ -568,34 +550,31 @@
if (!CBB_add_u16_length_prefixed(&body, &child) ||
!CBB_reserve(&child, &sig, max_sig_len)) {
ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
- goto err;
+ return ssl_private_key_failure;
}
+ uint8_t *msg = NULL;
+ size_t msg_len;
if (!tls13_get_cert_verify_signature_input(
hs, &msg, &msg_len,
ssl->server ? ssl_cert_verify_server : ssl_cert_verify_client)) {
ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
- goto err;
+ return ssl_private_key_failure;
}
+ bssl::UniquePtr<uint8_t> free_msg(msg);
enum ssl_private_key_result_t sign_result = ssl_private_key_sign(
hs, sig, &sig_len, max_sig_len, signature_algorithm, msg, msg_len);
if (sign_result != ssl_private_key_success) {
- ret = sign_result;
- goto err;
+ return sign_result;
}
if (!CBB_did_write(&child, sig_len) ||
- !ssl_add_message_cbb(ssl, &cbb)) {
- goto err;
+ !ssl_add_message_cbb(ssl, cbb.get())) {
+ return ssl_private_key_failure;
}
- ret = ssl_private_key_success;
-
-err:
- CBB_cleanup(&cbb);
- OPENSSL_free(msg);
- return ret;
+ return ssl_private_key_success;
}
int tls13_add_finished(SSL_HANDSHAKE *hs) {
diff --git a/ssl/tls13_enc.c b/ssl/tls13_enc.cc
similarity index 100%
rename from ssl/tls13_enc.c
rename to ssl/tls13_enc.cc
diff --git a/ssl/tls_record.c b/ssl/tls_record.cc
similarity index 100%
rename from ssl/tls_record.c
rename to ssl/tls_record.cc
