tls-crypto: Rename methods to calculate finished message
authorTobias Brunner <tobias@strongswan.org>
Tue, 25 Aug 2020 14:52:20 +0000 (16:52 +0200)
committerTobias Brunner <tobias@strongswan.org>
Fri, 12 Feb 2021 10:45:44 +0000 (11:45 +0100)
Instead of the version number use "legacy" for the one for earlier TLS
versions.

src/libtls/tls_crypto.c
src/libtls/tls_crypto.h
src/libtls/tls_peer.c
src/libtls/tls_server.c

index 2fed660..494a693 100644 (file)
@@ -1782,7 +1782,7 @@ METHOD(tls_crypto_t, verify_handshake, bool,
        return verify(this, key, reader, this->handshake);
 }
 
-METHOD(tls_crypto_t, calculate_finished, bool,
+METHOD(tls_crypto_t, calculate_finished_legacy, bool,
        private_tls_crypto_t *this, char *label, char out[12])
 {
        chunk_t seed;
@@ -1804,7 +1804,7 @@ METHOD(tls_crypto_t, calculate_finished, bool,
        return TRUE;
 }
 
-METHOD(tls_crypto_t, calculate_finished_tls13, bool,
+METHOD(tls_crypto_t, calculate_finished, bool,
        private_tls_crypto_t *this, bool is_server, chunk_t *out)
 {
        chunk_t finished_key, finished_hash;
@@ -2121,8 +2121,8 @@ tls_crypto_t *tls_crypto_create(tls_t *tls, tls_cache_t *cache)
                        .verify = _verify,
                        .sign_handshake = _sign_handshake,
                        .verify_handshake = _verify_handshake,
+                       .calculate_finished_legacy = _calculate_finished_legacy,
                        .calculate_finished = _calculate_finished,
-                       .calculate_finished_tls13 = _calculate_finished_tls13,
                        .derive_secrets = _derive_secrets,
                        .derive_handshake_keys = _derive_handshake_keys,
                        .derive_app_keys = _derive_app_keys,
index f980095..3f48cfe 100644 (file)
@@ -525,7 +525,8 @@ struct tls_crypto_t {
         * @param out                   buffer to write finished data to
         * @return                              TRUE if calculation successful
         */
-       bool (*calculate_finished)(tls_crypto_t *this, char *label, char out[12]);
+       bool (*calculate_finished_legacy)(tls_crypto_t *this, char *label,
+                                                                         char out[12]);
 
        /**
         * Calculate the data of a TLS finished message.
@@ -533,8 +534,8 @@ struct tls_crypto_t {
         * @param out                   buffer to write finished data to
         * @return                              TRUE if calculation successful
         */
-       bool (*calculate_finished_tls13)(tls_crypto_t *this, bool is_server,
-                                                                        chunk_t *out);
+       bool (*calculate_finished)(tls_crypto_t *this, bool is_server,
+                                                          chunk_t *out);
 
        /**
         * Derive the master secret, MAC and encryption keys.
index 96ce374..dfc15cc 100644 (file)
@@ -874,8 +874,8 @@ static status_t process_finished(private_tls_peer_t *this, bio_reader_t *reader)
                        this->alert->add(this->alert, TLS_FATAL, TLS_DECODE_ERROR);
                        return NEED_MORE;
                }
-               if (!this->crypto->calculate_finished(this->crypto, "server finished",
-                                                                                         buf))
+               if (!this->crypto->calculate_finished_legacy(this->crypto,
+                                                                                                        "server finished", buf))
                {
                        DBG1(DBG_TLS, "calculating server finished failed");
                        this->alert->add(this->alert, TLS_FATAL, TLS_INTERNAL_ERROR);
@@ -897,7 +897,7 @@ static status_t process_finished(private_tls_peer_t *this, bio_reader_t *reader)
                        this->alert->add(this->alert, TLS_FATAL, TLS_DECODE_ERROR);
                        return NEED_MORE;
                }
-               if (!this->crypto->calculate_finished_tls13(this->crypto, true,
+               if (!this->crypto->calculate_finished(this->crypto, true,
                        &verify_data))
                {
                        DBG1(DBG_TLS, "calculating server finished failed");
@@ -1469,7 +1469,8 @@ static status_t send_finished(private_tls_peer_t *this,
        {
                char buf[12];
 
-               if (!this->crypto->calculate_finished(this->crypto, "client finished", buf))
+               if (!this->crypto->calculate_finished_legacy(this->crypto,
+                                                                                                        "client finished", buf))
                {
                        DBG1(DBG_TLS, "calculating client finished data failed");
                        this->alert->add(this->alert, TLS_FATAL, TLS_INTERNAL_ERROR);
@@ -1480,8 +1481,7 @@ static status_t send_finished(private_tls_peer_t *this,
        }
        else
        {
-               if (!this->crypto->calculate_finished_tls13(this->crypto, false,
-                  &verify_data))
+               if (!this->crypto->calculate_finished(this->crypto, FALSE, &verify_data))
                {
                        DBG1(DBG_TLS, "calculating client finished data failed");
                        this->alert->add(this->alert, TLS_FATAL, TLS_INTERNAL_ERROR);
index 9714df0..3e97d37 100644 (file)
@@ -601,7 +601,8 @@ static status_t process_finished(private_tls_server_t *this,
                this->alert->add(this->alert, TLS_FATAL, TLS_DECODE_ERROR);
                return NEED_MORE;
        }
-       if (!this->crypto->calculate_finished(this->crypto, "client finished", buf))
+       if (!this->crypto->calculate_finished_legacy(this->crypto,
+                                                                                                "client finished", buf))
        {
                DBG1(DBG_TLS, "calculating client finished failed");
                this->alert->add(this->alert, TLS_FATAL, TLS_INTERNAL_ERROR);
@@ -974,7 +975,8 @@ static status_t send_finished(private_tls_server_t *this,
 {
        char buf[12];
 
-       if (!this->crypto->calculate_finished(this->crypto, "server finished", buf))
+       if (!this->crypto->calculate_finished_legacy(this->crypto,
+                                                                                                "server finished", buf))
        {
                DBG1(DBG_TLS, "calculating server finished data failed");
                this->alert->add(this->alert, TLS_FATAL, TLS_INTERNAL_ERROR);