int tls1_final_finish_mac(SSL *s, const char *str, int slen, uint8_t *out) {
uint8_t buf[2 * EVP_MAX_MD_SIZE];
int err = 0;
int digests_len;
/* At this point, the handshake should have released the handshake buffer on
* its own. */
assert(s->s3->handshake_buffer == NULL);
digests_len = tls1_handshake_digest(s, buf, sizeof(buf));
if (digests_len < 0) {
err = 1;
digests_len = 0;
}
if (!s->enc_method->prf(s, out, 12, s->session->master_key,
s->session->master_key_length, str, slen, buf,
digests_len, NULL, 0)) {
err = 1;
}
if (err) {
return 0;
} else {
return 12;
}
}
int tls1_generate_master_secret(SSL *s, uint8_t *out, const uint8_t *premaster,
size_t premaster_len) {
if (s->s3->tmp.extended_master_secret) {
uint8_t digests[2 * EVP_MAX_MD_SIZE];
int digests_len = tls1_handshake_digest(s, digests, sizeof(digests));
if (digests_len == -1) {
return 0;
}
if (!s->enc_method->prf(s, out, SSL3_MASTER_SECRET_SIZE, premaster,
premaster_len, TLS_MD_EXTENDED_MASTER_SECRET_CONST,
TLS_MD_EXTENDED_MASTER_SECRET_CONST_SIZE, digests,
digests_len, NULL, 0)) {
return 0;
}
} else {
if (!s->enc_method->prf(s, out, SSL3_MASTER_SECRET_SIZE, premaster,
premaster_len, TLS_MD_MASTER_SECRET_CONST,
TLS_MD_MASTER_SECRET_CONST_SIZE,
s->s3->client_random, SSL3_RANDOM_SIZE,
s->s3->server_random, SSL3_RANDOM_SIZE)) {
return 0;
}
}
return SSL3_MASTER_SECRET_SIZE;
}
static int tls1_final_finish_mac(SSL *ssl, int from_server, uint8_t *out) {
/* At this point, the handshake should have released the handshake buffer on
* its own. */
assert(ssl->s3->handshake_buffer == NULL);
const char *label = TLS_MD_CLIENT_FINISH_CONST;
size_t label_len = TLS_MD_SERVER_FINISH_CONST_SIZE;
if (from_server) {
label = TLS_MD_SERVER_FINISH_CONST;
label_len = TLS_MD_SERVER_FINISH_CONST_SIZE;
}
uint8_t buf[EVP_MAX_MD_SIZE];
int digests_len = tls1_handshake_digest(ssl, buf, sizeof(buf));
if (digests_len < 0) {
return 0;
}
static const size_t kFinishedLen = 12;
if (!ssl->s3->enc_method->prf(ssl, out, kFinishedLen,
ssl->session->master_key,
ssl->session->master_key_length, label,
label_len, buf, digests_len, NULL, 0)) {
return 0;
}
return (int)kFinishedLen;
}