From: Pascal Knecht Date: Wed, 16 Sep 2020 12:10:57 +0000 (+0200) Subject: tls-crypto: Rename parameter to be more consistent X-Git-Tag: 5.9.2rc1~23^2~51 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=328d7af6d2ed029f35e218df6085400792968fa4;p=thirdparty%2Fstrongswan.git tls-crypto: Rename parameter to be more consistent Also add missing parameter in documentation of calculate_finished method. --- diff --git a/src/libtls/tls_crypto.c b/src/libtls/tls_crypto.c index b9be2c04ac..eb5f3b96b6 100644 --- a/src/libtls/tls_crypto.c +++ b/src/libtls/tls_crypto.c @@ -1867,7 +1867,7 @@ METHOD(tls_crypto_t, calculate_finished_legacy, bool, } METHOD(tls_crypto_t, calculate_finished, bool, - private_tls_crypto_t *this, bool is_server, chunk_t *out) + private_tls_crypto_t *this, bool server, chunk_t *out) { chunk_t finished_key, finished_hash; @@ -1880,7 +1880,7 @@ METHOD(tls_crypto_t, calculate_finished, bool, DBG1(DBG_TLS, "creating hash of handshake failed"); return FALSE; } - if (!this->hkdf->derive_finished(this->hkdf, is_server, &finished_key)) + if (!this->hkdf->derive_finished(this->hkdf, server, &finished_key)) { DBG1(DBG_TLS, "generating finished key failed"); chunk_clear(&finished_hash); diff --git a/src/libtls/tls_crypto.h b/src/libtls/tls_crypto.h index 8324b2243e..354329b8ab 100644 --- a/src/libtls/tls_crypto.h +++ b/src/libtls/tls_crypto.h @@ -563,10 +563,11 @@ struct tls_crypto_t { /** * Calculate the data of a TLS finished message. * + * @param server Whether the server or client finish message is calculated * @param out buffer to write finished data to * @return TRUE if calculation successful */ - bool (*calculate_finished)(tls_crypto_t *this, bool is_server, + bool (*calculate_finished)(tls_crypto_t *this, bool server, chunk_t *out); /** diff --git a/src/libtls/tls_hkdf.c b/src/libtls/tls_hkdf.c index d31a41d79e..b03efa0bdd 100644 --- a/src/libtls/tls_hkdf.c +++ b/src/libtls/tls_hkdf.c @@ -476,12 +476,12 @@ METHOD(tls_hkdf_t, generate_secret, bool, * Derive keys/IVs from the current traffic secrets. */ static bool get_shared_label_keys(private_tls_hkdf_t *this, chunk_t label, - bool is_server, size_t length, chunk_t *key) + bool server, size_t length, chunk_t *key) { chunk_t result = chunk_empty, secret; - secret = is_server ? this->server_traffic_secret - : this->client_traffic_secret; + secret = server ? this->server_traffic_secret + : this->client_traffic_secret; if (!expand_label(this, secret, label, chunk_empty, length, &result)) { @@ -516,10 +516,10 @@ METHOD(tls_hkdf_t, derive_iv, bool, } METHOD(tls_hkdf_t, derive_finished, bool, - private_tls_hkdf_t *this, bool is_server, chunk_t *finished) + private_tls_hkdf_t *this, bool server, chunk_t *finished) { return get_shared_label_keys(this, chunk_from_str("finished"), - is_server, + server, this->hasher->get_hash_size(this->hasher), finished); } diff --git a/src/libtls/tls_hkdf.h b/src/libtls/tls_hkdf.h index 2b2bf3e034..2ce3d038a7 100644 --- a/src/libtls/tls_hkdf.h +++ b/src/libtls/tls_hkdf.h @@ -106,11 +106,11 @@ struct tls_hkdf_t { * section 4.4.4. Space for returned secret is allocated and must be freed * by the caller. * - * @param is_server TRUE if server, FALSE if client derives secret + * @param server Whether the client or server finish key is derived * @param finished key will be written into this chunk * @return TRUE if secrets derived successfully */ - bool (*derive_finished)(tls_hkdf_t *this, bool is_server, + bool (*derive_finished)(tls_hkdf_t *this, bool server, chunk_t *finished); /**