move s2n_libcrypto_supports_tls_prf to s2n_prf

goatgoose · May 24, 2023 · e12b4ac · e12b4ac
1 parent e9ae9ae
commit e12b4ac
Show file tree

Hide file tree

Showing 4 changed files with 14 additions and 16 deletions.
diff --git a/crypto/s2n_libcrypto.c b/crypto/s2n_libcrypto.c
@@ -191,8 +191,3 @@ unsigned long s2n_get_openssl_version(void)
 {
     return OPENSSL_VERSION_NUMBER;
 }
-
-bool s2n_libcrypto_supports_tls_prf()
-{
-    return S2N_LIBCRYPTO_SUPPORTS_TLS_PRF;
-}
diff --git a/crypto/s2n_openssl.h b/crypto/s2n_openssl.h
@@ -59,11 +59,3 @@
 bool s2n_libcrypto_is_awslc();
 bool s2n_libcrypto_is_boringssl();
 bool s2n_libcrypto_is_libressl();
-
-#if defined(OPENSSL_IS_BORINGSSL) || defined(OPENSSL_IS_AWSLC)
-    #define S2N_LIBCRYPTO_SUPPORTS_TLS_PRF 1
-#else
-    #define S2N_LIBCRYPTO_SUPPORTS_TLS_PRF 0
-#endif
-
-bool s2n_libcrypto_supports_tls_prf();
diff --git a/tls/s2n_prf.c b/tls/s2n_prf.c
@@ -464,6 +464,11 @@ S2N_RESULT s2n_prf_free(struct s2n_connection *conn)
     return S2N_RESULT_OK;
 }
 
+static bool s2n_libcrypto_supports_tls_prf()
+{
+    return S2N_LIBCRYPTO_SUPPORTS_TLS_PRF;
+}
+
 static S2N_RESULT s2n_custom_prf(struct s2n_connection *conn, struct s2n_blob *secret, struct s2n_blob *label, struct s2n_blob *seed_a,
         struct s2n_blob *seed_b, struct s2n_blob *seed_c, struct s2n_blob *out)
 {
@@ -518,10 +523,10 @@ static S2N_RESULT s2n_libcrypto_prf(struct s2n_connection *conn, struct s2n_blob
         RESULT_GUARD_POSIX(s2n_stuffer_init_written(&seed_b_stuffer, &seed_b_blob));
     }
 
+    /* The AWSLC/BoringSSL TLS PRF implementation only provides two seed arguments. If three seeds
+     * were provided, pass in the third seed by concatenating it with the second seed.
+     */
     if (seed_b != NULL && seed_c != NULL) {
-        /* The AWSLC/BoringSSL TLS PRF implementation only provides two seed arguments. If three
-         * seeds were provided, pass in the third seed by concatenating it with the second seed.
-         */
         RESULT_GUARD_POSIX(s2n_stuffer_growable_alloc(&seed_b_stuffer, seed_b->size + seed_c->size));
         RESULT_GUARD_POSIX(s2n_stuffer_write_bytes(&seed_b_stuffer, seed_b->data, seed_b->size));
         RESULT_GUARD_POSIX(s2n_stuffer_write_bytes(&seed_b_stuffer, seed_c->data, seed_c->size));

diff --git a/tls/s2n_prf.h b/tls/s2n_prf.h
@@ -25,6 +25,12 @@
 /* Enough to support TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, 2*SHA384_DIGEST_LEN + 2*AES256_KEY_SIZE */
 #define S2N_MAX_KEY_BLOCK_LEN 160
 
+#if defined(OPENSSL_IS_BORINGSSL) || defined(OPENSSL_IS_AWSLC)
+    #define S2N_LIBCRYPTO_SUPPORTS_TLS_PRF 1
+#else
+    #define S2N_LIBCRYPTO_SUPPORTS_TLS_PRF 0
+#endif
+
 union p_hash_state {
     struct s2n_hmac_state s2n_hmac;
     struct s2n_evp_hmac_state evp_hmac;