X-Git-Url: https://www.bearssl.org/gitweb//home/git/?p=BearSSL;a=blobdiff_plain;f=src%2Fssl%2Fssl_hs_common.t0;h=aa67ee8f818264c103c0a11ff58dceed165cccb3;hp=bbd37ac8a4ac7cea27c0b18bd279282c54223d15;hb=042986b989521f0ae1e2fe3819c72f2fabcb70a6;hpb=b42bd5972f935ffc32019acac6f8a07ae08ae9c2

diff --git a/src/ssl/ssl_hs_common.t0 b/src/ssl/ssl_hs_common.t0
index bbd37ac..aa67ee8 100644
--- a/src/ssl/ssl_hs_common.t0
+++ b/src/ssl/ssl_hs_common.t0
@@ -157,6 +157,8 @@ addr-eng: pad
 addr-eng: action
 addr-eng: alert
 addr-eng: close_received
+addr-eng: protocol_names_num
+addr-eng: selected_protocol
 
 \ Similar to 'addr-eng:', for fields in the 'session' substructure.
 : addr-session-field:
@@ -467,7 +469,7 @@ cc: read-chunk-native ( addr len -- addr len ) {
 			\ no_renegotiation has value 100, and we treat it
 			\ as a fatal alert.
 			dup 100 = if 256 + fail then
-			0= ret
+			0=
 		endof
 		\ Fatal alert implies context termination.
 		drop 256 + fail
@@ -1060,13 +1062,22 @@ cc: compute-Finished-inner ( from_client prf_id -- ) {
 	read16 open-elt
 	begin dup while
 		read8 { hash } read8 { sign }
-		\ We keep the value if the signature is either 1 (RSA)
-		\ or 3 (ECDSA), and the hash is one of the SHA-* functions
-		\ (2 to 6, from SHA-1 to SHA-512); we reject MD5.
-		hash 2 >= hash 6 <= and
-		sign 1 = sign 3 = or
-		and if
-			hashes 1 sign 1- 2 << hash + << or >hashes
+
+		\ If hash is 0x08 then this is a "new algorithm" identifier,
+		\ and we set the corresponding bit if it is in the 0..15
+		\ range. Otherwise, we keep the value only if the signature
+		\ is either 1 (RSA) or 3 (ECDSA), and the hash is one of the
+		\ SHA-* functions (2 to 6). Note that we reject MD5.
+		hash 8 = if
+			sign 15 <= if
+				1 sign 16 + << hashes or >hashes
+			then
+		else
+			hash 2 >= hash 6 <= and
+			sign 1 = sign 3 = or
+			and if
+				hashes 1 sign 1- 2 << hash + << or >hashes
+			then
 		then
 	repeat
 	close-elt
@@ -1235,3 +1246,33 @@ cc: get-key-type-usages ( -- key-type-usages ) {
 
 	\ Return key type and usages.
 	get-key-type-usages ;
+
+\ =======================================================================
+
+\ Copy a specific protocol name from the list to the pad. The byte
+\ length is returned.
+cc: copy-protocol-name ( idx -- len ) {
+	size_t idx = T0_POP();
+	size_t len = strlen(ENG->protocol_names[idx]);
+	memcpy(ENG->pad, ENG->protocol_names[idx], len);
+	T0_PUSH(len);
+}
+
+\ Compare name in pad with the configured list of protocol names.
+\ If a match is found, then the index is returned; otherwise, -1
+\ is returned.
+cc: test-protocol-name ( len -- n ) {
+	size_t len = T0_POP();
+	size_t u;
+
+	for (u = 0; u < ENG->protocol_names_num; u ++) {
+		const char *name;
+
+		name = ENG->protocol_names[u];
+		if (len == strlen(name) && memcmp(ENG->pad, name, len) == 0) {
+			T0_PUSH(u);
+			T0_RET();
+		}
+	}
+	T0_PUSHi(-1);
+}