From: Tobias Brunner <tobias@strongswan.org>
Date: Tue, 25 Aug 2020 14:52:20 +0000 (+0200)
Subject: tls-crypto: Rename methods to calculate finished message
X-Git-Tag: 5.9.2rc1~23^2~86
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=2e1c0a277656e55f2e273c80691baddea55912aa;p=thirdparty%2Fstrongswan.git

tls-crypto: Rename methods to calculate finished message

Instead of the version number use "legacy" for the one for earlier TLS
versions.
---

diff --git a/src/libtls/tls_crypto.c b/src/libtls/tls_crypto.c
index 2fed6604d1..494a6930a7 100644
--- a/src/libtls/tls_crypto.c
+++ b/src/libtls/tls_crypto.c
@@ -1782,7 +1782,7 @@ METHOD(tls_crypto_t, verify_handshake, bool,
 	return verify(this, key, reader, this->handshake);
 }
 
-METHOD(tls_crypto_t, calculate_finished, bool,
+METHOD(tls_crypto_t, calculate_finished_legacy, bool,
 	private_tls_crypto_t *this, char *label, char out[12])
 {
 	chunk_t seed;
@@ -1804,7 +1804,7 @@ METHOD(tls_crypto_t, calculate_finished, bool,
 	return TRUE;
 }
 
-METHOD(tls_crypto_t, calculate_finished_tls13, bool,
+METHOD(tls_crypto_t, calculate_finished, bool,
 	private_tls_crypto_t *this, bool is_server, chunk_t *out)
 {
 	chunk_t finished_key, finished_hash;
@@ -2121,8 +2121,8 @@ tls_crypto_t *tls_crypto_create(tls_t *tls, tls_cache_t *cache)
 			.verify = _verify,
 			.sign_handshake = _sign_handshake,
 			.verify_handshake = _verify_handshake,
+			.calculate_finished_legacy = _calculate_finished_legacy,
 			.calculate_finished = _calculate_finished,
-			.calculate_finished_tls13 = _calculate_finished_tls13,
 			.derive_secrets = _derive_secrets,
 			.derive_handshake_keys = _derive_handshake_keys,
 			.derive_app_keys = _derive_app_keys,
diff --git a/src/libtls/tls_crypto.h b/src/libtls/tls_crypto.h
index f980095ebf..3f48cfe132 100644
--- a/src/libtls/tls_crypto.h
+++ b/src/libtls/tls_crypto.h
@@ -525,7 +525,8 @@ struct tls_crypto_t {
 	 * @param out			buffer to write finished data to
 	 * @return				TRUE if calculation successful
 	 */
-	bool (*calculate_finished)(tls_crypto_t *this, char *label, char out[12]);
+	bool (*calculate_finished_legacy)(tls_crypto_t *this, char *label,
+									  char out[12]);
 
 	/**
 	 * Calculate the data of a TLS finished message.
@@ -533,8 +534,8 @@ struct tls_crypto_t {
 	 * @param out			buffer to write finished data to
 	 * @return				TRUE if calculation successful
 	 */
-	bool (*calculate_finished_tls13)(tls_crypto_t *this, bool is_server,
-									 chunk_t *out);
+	bool (*calculate_finished)(tls_crypto_t *this, bool is_server,
+							   chunk_t *out);
 
 	/**
 	 * Derive the master secret, MAC and encryption keys.
diff --git a/src/libtls/tls_peer.c b/src/libtls/tls_peer.c
index 96ce374472..dfc15cc05f 100644
--- a/src/libtls/tls_peer.c
+++ b/src/libtls/tls_peer.c
@@ -874,8 +874,8 @@ static status_t process_finished(private_tls_peer_t *this, bio_reader_t *reader)
 			this->alert->add(this->alert, TLS_FATAL, TLS_DECODE_ERROR);
 			return NEED_MORE;
 		}
-		if (!this->crypto->calculate_finished(this->crypto, "server finished",
-											  buf))
+		if (!this->crypto->calculate_finished_legacy(this->crypto,
+													 "server finished", buf))
 		{
 			DBG1(DBG_TLS, "calculating server finished failed");
 			this->alert->add(this->alert, TLS_FATAL, TLS_INTERNAL_ERROR);
@@ -897,7 +897,7 @@ static status_t process_finished(private_tls_peer_t *this, bio_reader_t *reader)
 			this->alert->add(this->alert, TLS_FATAL, TLS_DECODE_ERROR);
 			return NEED_MORE;
 		}
-		if (!this->crypto->calculate_finished_tls13(this->crypto, true,
+		if (!this->crypto->calculate_finished(this->crypto, true,
 			&verify_data))
 		{
 			DBG1(DBG_TLS, "calculating server finished failed");
@@ -1469,7 +1469,8 @@ static status_t send_finished(private_tls_peer_t *this,
 	{
 		char buf[12];
 
-		if (!this->crypto->calculate_finished(this->crypto, "client finished", buf))
+		if (!this->crypto->calculate_finished_legacy(this->crypto,
+													 "client finished", buf))
 		{
 			DBG1(DBG_TLS, "calculating client finished data failed");
 			this->alert->add(this->alert, TLS_FATAL, TLS_INTERNAL_ERROR);
@@ -1480,8 +1481,7 @@ static status_t send_finished(private_tls_peer_t *this,
 	}
 	else
 	{
-		if (!this->crypto->calculate_finished_tls13(this->crypto, false,
-		   &verify_data))
+		if (!this->crypto->calculate_finished(this->crypto, FALSE, &verify_data))
 		{
 			DBG1(DBG_TLS, "calculating client finished data failed");
 			this->alert->add(this->alert, TLS_FATAL, TLS_INTERNAL_ERROR);
diff --git a/src/libtls/tls_server.c b/src/libtls/tls_server.c
index 9714df0f6a..3e97d37996 100644
--- a/src/libtls/tls_server.c
+++ b/src/libtls/tls_server.c
@@ -601,7 +601,8 @@ static status_t process_finished(private_tls_server_t *this,
 		this->alert->add(this->alert, TLS_FATAL, TLS_DECODE_ERROR);
 		return NEED_MORE;
 	}
-	if (!this->crypto->calculate_finished(this->crypto, "client finished", buf))
+	if (!this->crypto->calculate_finished_legacy(this->crypto,
+												 "client finished", buf))
 	{
 		DBG1(DBG_TLS, "calculating client finished failed");
 		this->alert->add(this->alert, TLS_FATAL, TLS_INTERNAL_ERROR);
@@ -974,7 +975,8 @@ static status_t send_finished(private_tls_server_t *this,
 {
 	char buf[12];
 
-	if (!this->crypto->calculate_finished(this->crypto, "server finished", buf))
+	if (!this->crypto->calculate_finished_legacy(this->crypto,
+												 "server finished", buf))
 	{
 		DBG1(DBG_TLS, "calculating server finished data failed");
 		this->alert->add(this->alert, TLS_FATAL, TLS_INTERNAL_ERROR);