Bug 1377618 - Simplify handling of CertificateVerify, r=kaie

author: Martin Thomson <martin.thomson@gmail.com> 2017-09-11 16:42:38 +0200
committer: Martin Thomson <martin.thomson@gmail.com> 2017-09-11 16:42:38 +0200
commit: fa4ad4296cbacf6cf5fb7d27bf2a44e0ecbdf134 (patch)
tree: a66d510f1401796b3243e327d640caf544a99cfc
parent: 96ddf41932cd0736fd2c8df288281303ef131fc5 (diff)
download: nss-hg-fa4ad4296cbacf6cf5fb7d27bf2a44e0ecbdf134.tar.gz
2 files changed, 11 insertions, 12 deletions
diff --git a/lib/ssl/ssl3con.c b/lib/ssl/ssl3con.c
index 9a64646d2..186ce23f3 100644
--- a/lib/ssl/ssl3con.c
+++ b/lib/ssl/ssl3con.c
@@ -9774,13 +9774,12 @@ ssl3_HandleCertificateVerify(sslSocket *ss, SSL3Opaque *b, PRUint32 length,
 
         hashAlg = ssl_SignatureSchemeToHashType(sigScheme);
 
-        if (hashes->u.pointer_to_hash_input.data) {
-            rv = ssl3_ComputeHandshakeHash(hashes->u.pointer_to_hash_input.data,
-                                           hashes->u.pointer_to_hash_input.len,
-                                           hashAlg, &localHashes);
-        } else {
-            rv = SECFailure;
-        }
+        /* Read from the message buffer, but we need to use only up to the end
+         * of the previous handshake message. The length of the transcript up to
+         * that point is saved in |hashes->u.transcriptLen|. */
+        rv = ssl3_ComputeHandshakeHash(ss->ssl3.hs.messages.buf,
+                                       hashes->u.transcriptLen,
+                                       hashAlg, &localHashes);
 
         if (rv == SECSuccess) {
             hashesForVerify = &localHashes;
@@ -11680,15 +11679,15 @@ ssl3_HandleHandshakeMessage(sslSocket *ss, SSL3Opaque *b, PRUint32 length,
                  * additional handshake messages will have been added to the
                  * buffer, e.g. the certificate_verify message itself.)
                  *
-                 * Therefore, we use SSL3Hashes.u.pointer_to_hash_input
-                 * to signal the current state of the buffer.
+                 * Therefore, we use SSL3Hashes.u.transcriptLen to save how much
+                 * data there is and read directly from ss->ssl3.hs.messages
+                 * when calculating the hashes.
                  *
                  * ssl3_HandleCertificateVerify will detect
                  *     hashType == handshake_hash_record
                  * and use that information to calculate the hash.
                  */
-                hashes.u.pointer_to_hash_input.data = ss->ssl3.hs.messages.buf;
-                hashes.u.pointer_to_hash_input.len = ss->ssl3.hs.messages.len;
+                hashes.u.transcriptLen = ss->ssl3.hs.messages.len;
                 hashesPtr = &hashes;
             } else {
                 computeHashes = PR_TRUE;
diff --git a/lib/ssl/ssl3prot.h b/lib/ssl/ssl3prot.h
index 146cba4f4..35c7e547d 100644
--- a/lib/ssl/ssl3prot.h
+++ b/lib/ssl/ssl3prot.h
@@ -237,7 +237,7 @@ typedef struct {
     union {
         PRUint8 raw[64];
         SSL3HashesIndividually s;
-        SECItem pointer_to_hash_input;
+        unsigned int transcriptLen;
     } u;
 } SSL3Hashes;
author	Martin Thomson <martin.thomson@gmail.com>	2017-09-11 16:42:38 +0200
committer	Martin Thomson <martin.thomson@gmail.com>	2017-09-11 16:42:38 +0200
commit	fa4ad4296cbacf6cf5fb7d27bf2a44e0ecbdf134 (patch)
tree	a66d510f1401796b3243e327d640caf544a99cfc
parent	96ddf41932cd0736fd2c8df288281303ef131fc5 (diff)
download	nss-hg-fa4ad4296cbacf6cf5fb7d27bf2a44e0ecbdf134.tar.gz