tls_transcript_hash.c
Go to the documentation of this file.
1 /**
2  * @file tls_transcript_hash.c
3  * @brief Transcript hash calculation
4  *
5  * @section License
6  *
7  * SPDX-License-Identifier: GPL-2.0-or-later
8  *
9  * Copyright (C) 2010-2024 Oryx Embedded SARL. All rights reserved.
10  *
11  * This file is part of CycloneSSL Open.
12  *
13  * This program is free software; you can redistribute it and/or
14  * modify it under the terms of the GNU General Public License
15  * as published by the Free Software Foundation; either version 2
16  * of the License, or (at your option) any later version.
17  *
18  * This program is distributed in the hope that it will be useful,
19  * but WITHOUT ANY WARRANTY; without even the implied warranty of
20  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21  * GNU General Public License for more details.
22  *
23  * You should have received a copy of the GNU General Public License
24  * along with this program; if not, write to the Free Software Foundation,
25  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
26  *
27  * @author Oryx Embedded SARL (www.oryx-embedded.com)
28  * @version 2.4.0
29  **/
30 
31 //Switch to the appropriate trace level
32 #define TRACE_LEVEL TLS_TRACE_LEVEL
33 
34 //Dependencies
35 #include "tls.h"
36 #include "tls_client.h"
37 #include "tls_key_material.h"
38 #include "tls_transcript_hash.h"
39 #include "tls13_key_material.h"
40 #include "debug.h"
41 
42 //Check TLS library configuration
43 #if (TLS_SUPPORT == ENABLED)
44 
45 
46 /**
47  * @brief Initialize handshake message hashing
48  * @param[in] context Pointer to the TLS context
49  * @return Error code
50  **/
51 
52 error_t tlsInitTranscriptHash(TlsContext *context)
53 {
54 #if (TLS_MAX_VERSION >= TLS_VERSION_1_0 && TLS_MIN_VERSION <= TLS_VERSION_1_1)
55  //MD5 context already instantiated?
56  if(context->transcriptMd5Context != NULL)
57  {
58  tlsFreeMem(context->transcriptMd5Context);
59  context->transcriptMd5Context = NULL;
60  }
61 #endif
62 
63 #if (TLS_MAX_VERSION >= TLS_VERSION_1_0 && TLS_MIN_VERSION <= TLS_VERSION_1_2)
64  //SHA-1 context already instantiated?
65  if(context->transcriptSha1Context != NULL)
66  {
67  tlsFreeMem(context->transcriptSha1Context);
68  context->transcriptSha1Context = NULL;
69  }
70 #endif
71 
72 #if (TLS_MAX_VERSION >= TLS_VERSION_1_2 && TLS_MIN_VERSION <= TLS_VERSION_1_3)
73  //Hash algorithm context already instantiated?
74  if(context->transcriptHashContext != NULL)
75  {
76  tlsFreeMem(context->transcriptHashContext);
77  context->transcriptHashContext = NULL;
78  }
79 #endif
80 
81 #if (TLS_MAX_VERSION >= TLS_VERSION_1_0 && TLS_MIN_VERSION <= TLS_VERSION_1_1)
82  //TLS 1.0 or TLS 1.1 currently selected?
83  if(context->version <= TLS_VERSION_1_1)
84  {
85  //Allocate MD5 context
86  context->transcriptMd5Context = tlsAllocMem(sizeof(Md5Context));
87  //Failed to allocate memory?
88  if(context->transcriptMd5Context == NULL)
89  return ERROR_OUT_OF_MEMORY;
90 
91  //Initialize MD5 context
92  md5Init(context->transcriptMd5Context);
93  }
94 #endif
95 
96 #if (TLS_MAX_VERSION >= TLS_VERSION_1_0 && TLS_MIN_VERSION <= TLS_VERSION_1_2)
97  //TLS 1.0, TLS 1.1 or TLS 1.2 currently selected?
98  if(context->version <= TLS_VERSION_1_2)
99  {
100  //Allocate SHA-1 context
101  context->transcriptSha1Context = tlsAllocMem(sizeof(Sha1Context));
102  //Failed to allocate memory?
103  if(context->transcriptSha1Context == NULL)
104  return ERROR_OUT_OF_MEMORY;
105 
106  //Initialize SHA-1 context
107  sha1Init(context->transcriptSha1Context);
108  }
109 #endif
110 
111 #if (TLS_MAX_VERSION >= TLS_VERSION_1_2 && TLS_MIN_VERSION <= TLS_VERSION_1_3)
112  //TLS 1.2 or 1.3 currently selected?
113  if(context->version >= TLS_VERSION_1_2)
114  {
115  const HashAlgo *hashAlgo;
116 
117  //Point to the hash algorithm to be used
118  hashAlgo = context->cipherSuite.prfHashAlgo;
119  //Make sure the hash algorithm is valid
120  if(hashAlgo == NULL)
121  return ERROR_FAILURE;
122 
123  //Allocate hash algorithm context
124  context->transcriptHashContext = tlsAllocMem(hashAlgo->contextSize);
125  //Failed to allocate memory?
126  if(context->transcriptHashContext == NULL)
127  return ERROR_OUT_OF_MEMORY;
128 
129  //Initialize the hash algorithm context
130  hashAlgo->init(context->transcriptHashContext);
131  }
132 #endif
133 
134 #if (TLS_CLIENT_SUPPORT == ENABLED)
135  //Client mode?
136  if(context->entity == TLS_CONNECTION_END_CLIENT)
137  {
138 #if (DTLS_SUPPORT == ENABLED)
139  //DTLS protocol?
140  if(context->transportProtocol == TLS_TRANSPORT_PROTOCOL_DATAGRAM)
141  {
142  size_t length;
143  DtlsRecord *record;
144 
145  //Point to the DTLS record that holds the ClientHello message
146  record = (DtlsRecord *) context->txBuffer;
147 
148  //Sanity check
149  if(context->txBufferLen > sizeof(DtlsRecord))
150  {
151  //Retrieve the length of the handshake message
152  length = context->txBufferLen - sizeof(DtlsRecord);
153 
154  //Update the hash value with the ClientHello message
155  tlsUpdateTranscriptHash(context, record->data, length);
156  }
157  }
158  else
159 #endif
160  //TLS protocol?
161  {
162  size_t length;
163  TlsRecord *record;
164 
165  //Point to the TLS record that holds the ClientHello message
166  record = (TlsRecord *) context->txBuffer;
167 
168  //Retrieve the length of the handshake message
169  length = ntohs(record->length);
170 
171  //Sanity check
172  if((length + sizeof(TlsRecord)) <= context->txBufferSize)
173  {
174  //Update the hash value with the ClientHello message
175  tlsUpdateTranscriptHash(context, record->data, length);
176  }
177  }
178  }
179 #endif
180 
181  //Successful initialization
182  return NO_ERROR;
183 }
184 
185 
186 /**
187  * @brief Update hash value with a handshake message
188  * @param[in] context Pointer to the TLS context
189  * @param[in] data Pointer to the handshake message being hashed
190  * @param[in] length Length of the message
191  **/
192 
193 void tlsUpdateTranscriptHash(TlsContext *context, const void *data,
194  size_t length)
195 {
196 #if (TLS_MAX_VERSION >= TLS_VERSION_1_0 && TLS_MIN_VERSION <= TLS_VERSION_1_1)
197  //TLS 1.0 or TLS 1.1 currently selected?
198  if(context->version <= TLS_VERSION_1_1)
199  {
200  //Valid MD5 context?
201  if(context->transcriptMd5Context != NULL)
202  {
203  //Update MD5 hash value with message contents
204  md5Update(context->transcriptMd5Context, data, length);
205  }
206  }
207 #endif
208 
209 #if (TLS_MAX_VERSION >= TLS_VERSION_1_0 && TLS_MIN_VERSION <= TLS_VERSION_1_2)
210  //TLS 1.0, TLS 1.1 or TLS 1.2 currently selected?
211  if(context->version <= TLS_VERSION_1_2)
212  {
213  //Valid SHA-1 context?
214  if(context->transcriptSha1Context != NULL)
215  {
216  //Update SHA-1 hash value with message contents
217  sha1Update(context->transcriptSha1Context, data, length);
218  }
219  }
220 #endif
221 
222 #if (TLS_MAX_VERSION >= TLS_VERSION_1_2 && TLS_MIN_VERSION <= TLS_VERSION_1_3)
223  //TLS 1.2 or TLS 1.3 currently selected?
224  if(context->version >= TLS_VERSION_1_2)
225  {
226  const HashAlgo *hashAlgo;
227 
228  //Point to the PRF hash algorithm to be used
229  hashAlgo = context->cipherSuite.prfHashAlgo;
230 
231  //Valid hash algorithm?
232  if(hashAlgo != NULL && context->transcriptHashContext != NULL)
233  {
234  //Update hash value with message contents
235  hashAlgo->update(context->transcriptHashContext, data, length);
236  }
237  }
238 #endif
239 }
240 
241 
242 /**
243  * @brief Finalize hash calculation from previous handshake messages
244  * @param[in] context Pointer to the TLS context
245  * @param[in] hash Hash function used to digest the handshake messages
246  * @param[in] hashContext Pointer to the hash context
247  * @param[in] label NULL-terminated string
248  * @param[out] output Buffer where to store the resulting hash value
249  * @return Error code
250  **/
251 
252 error_t tlsFinalizeTranscriptHash(TlsContext *context, const HashAlgo *hash,
253  const void *hashContext, const char_t *label, uint8_t *output)
254 {
255  error_t error;
256  HashContext *tempHashContext;
257 
258  //Make sure the hash context is valid
259  if(hash == NULL || hashContext == NULL)
260  return ERROR_INVALID_PARAMETER;
261 
262  //Allocate a temporary hash context
263  tempHashContext = tlsAllocMem(hash->contextSize);
264 
265  //Successful memory allocation?
266  if(tempHashContext != NULL)
267  {
268  //The original hash context must be preserved
269  osMemcpy(tempHashContext, hashContext, hash->contextSize);
270 
271  //Compute hash(handshakeMessages)
272  hash->final(tempHashContext, output);
273 
274  //Release previously allocated resources
275  tlsFreeMem(tempHashContext);
276 
277  //Successful processing
278  error = NO_ERROR;
279  }
280  else
281  {
282  //Failed to allocate memory
283  error = ERROR_OUT_OF_MEMORY;
284  }
285 
286  //Return status code
287  return error;
288 }
289 
290 
291 /**
292  * @brief Release transcript hash context
293  * @param[in] context Pointer to the TLS context
294  **/
295 
296 void tlsFreeTranscriptHash(TlsContext *context)
297 {
298 #if (TLS_MAX_VERSION >= TLS_VERSION_1_0 && TLS_MIN_VERSION <= TLS_VERSION_1_1)
299  //Release MD5 hash context
300  if(context->transcriptMd5Context != NULL)
301  {
302  osMemset(context->transcriptMd5Context, 0, sizeof(Md5Context));
303  tlsFreeMem(context->transcriptMd5Context);
304  context->transcriptMd5Context = NULL;
305  }
306 #endif
307 
308 #if (TLS_MAX_VERSION >= TLS_VERSION_1_0 && TLS_MIN_VERSION <= TLS_VERSION_1_2)
309  //Release SHA-1 hash context
310  if(context->transcriptSha1Context != NULL)
311  {
312  osMemset(context->transcriptSha1Context, 0, sizeof(Sha1Context));
313  tlsFreeMem(context->transcriptSha1Context);
314  context->transcriptSha1Context = NULL;
315  }
316 #endif
317 
318 #if (TLS_MAX_VERSION >= TLS_VERSION_1_2 && TLS_MIN_VERSION <= TLS_VERSION_1_3)
319  //Release transcript hash context
320  if(context->transcriptHashContext != NULL)
321  {
322  tlsFreeMem(context->transcriptHashContext);
323  context->transcriptHashContext = NULL;
324  }
325 #endif
326 }
327 
328 
329 /**
330  * @brief Compute verify data from previous handshake messages
331  * @param[in] context Pointer to the TLS context
332  * @param[in] entity Specifies whether the computation is performed at client
333  * or server side
334  * @param[out] verifyData Pointer to the buffer where to store the verify data
335  * @param[out] verifyDataLen Length of the verify data
336  * @return Error code
337  **/
338 
339 __weak_func error_t tlsComputeVerifyData(TlsContext *context,
340  TlsConnectionEnd entity, uint8_t *verifyData, size_t *verifyDataLen)
341 {
342  error_t error;
343 
344 #if (TLS_MAX_VERSION >= TLS_VERSION_1_0 && TLS_MIN_VERSION <= TLS_VERSION_1_1)
345  //TLS 1.0 or 1.1 currently selected?
346  if(context->version == TLS_VERSION_1_0 || context->version == TLS_VERSION_1_1)
347  {
348  const char_t *label;
349  uint8_t digest[MD5_DIGEST_SIZE + SHA1_DIGEST_SIZE];
350 
351  //Finalize MD5 hash computation
352  error = tlsFinalizeTranscriptHash(context, MD5_HASH_ALGO,
353  context->transcriptMd5Context, "", digest);
354 
355  //Check status code
356  if(!error)
357  {
358  //Finalize SHA-1 hash computation
359  error = tlsFinalizeTranscriptHash(context, SHA1_HASH_ALGO,
360  context->transcriptSha1Context, "", digest + MD5_DIGEST_SIZE);
361  }
362 
363  //Check status code
364  if(!error)
365  {
366  //Check whether the computation is performed at client or server side
367  if(entity == TLS_CONNECTION_END_CLIENT)
368  {
369  label = "client finished";
370  }
371  else
372  {
373  label = "server finished";
374  }
375 
376  //The verify data is always 12-byte long for TLS 1.0 and 1.1
377  error = tlsPrf(context->masterSecret, TLS_MASTER_SECRET_SIZE,
378  label, digest, sizeof(digest), verifyData, 12);
379  }
380  }
381  else
382 #endif
383 #if (TLS_MAX_VERSION >= TLS_VERSION_1_2 && TLS_MIN_VERSION <= TLS_VERSION_1_2)
384  //TLS 1.2 currently selected?
385  if(context->version == TLS_VERSION_1_2)
386  {
387  const char_t *label;
388  const HashAlgo *hashAlgo;
389  HashContext *hashContext;
390 
391  //Point to the hash algorithm to be used
392  hashAlgo = context->cipherSuite.prfHashAlgo;
393 
394  //Valid hash algorithm?
395  if(hashAlgo != NULL && context->transcriptHashContext != NULL)
396  {
397  //Allocate hash algorithm context
398  hashContext = tlsAllocMem(hashAlgo->contextSize);
399 
400  //Successful memory allocation?
401  if(hashContext != NULL)
402  {
403  //The original hash context must be preserved
404  osMemcpy(hashContext, context->transcriptHashContext,
405  hashAlgo->contextSize);
406 
407  //Finalize hash computation
408  hashAlgo->final(hashContext, NULL);
409 
410  //Check whether the computation is performed at client or server side
411  if(entity == TLS_CONNECTION_END_CLIENT)
412  {
413  label = "client finished";
414  }
415  else
416  {
417  label = "server finished";
418  }
419 
420  //Compute the verify data
421  error = tls12Prf(hashAlgo, context->masterSecret, TLS_MASTER_SECRET_SIZE,
422  label, hashContext->digest, hashAlgo->digestSize,
423  verifyData, context->cipherSuite.verifyDataLen);
424 
425  //Release previously allocated memory
426  tlsFreeMem(hashContext);
427  }
428  else
429  {
430  //Failed to allocate memory
431  error = ERROR_OUT_OF_MEMORY;
432  }
433  }
434  else
435  {
436  //Invalid hash algorithm
437  error = ERROR_FAILURE;
438  }
439  }
440  else
441 #endif
442 #if (TLS_MAX_VERSION >= TLS_VERSION_1_3 && TLS_MIN_VERSION <= TLS_VERSION_1_3)
443  //TLS 1.3 currently selected?
444  if(context->version == TLS_VERSION_1_3)
445  {
446  uint8_t *baseKey;
447  const HashAlgo *hashAlgo;
448  uint8_t digest[TLS_MAX_HKDF_DIGEST_SIZE];
449  uint8_t finishedKey[TLS_MAX_HKDF_DIGEST_SIZE];
450 
451  //The hash function used by HKDF is the cipher suite hash algorithm
452  hashAlgo = context->cipherSuite.prfHashAlgo;
453 
454  //Valid hash algorithm?
455  if(hashAlgo != NULL && context->transcriptHashContext != NULL)
456  {
457  //Check whether the computation is performed at client or server side
458  if(entity == TLS_CONNECTION_END_CLIENT)
459  {
460  baseKey = context->clientHsTrafficSecret;
461  }
462  else
463  {
464  baseKey = context->serverHsTrafficSecret;
465  }
466 
467  //The key used to compute the Finished message is computed from the
468  //base key using HKDF
469  error = tls13HkdfExpandLabel(context->transportProtocol, hashAlgo,
470  baseKey, hashAlgo->digestSize, "finished", NULL, 0, finishedKey,
471  hashAlgo->digestSize);
472 
473  //Check status code
474  if(!error)
475  {
476  //Compute the transcript hash
477  error = tlsFinalizeTranscriptHash(context, hashAlgo,
478  context->transcriptHashContext, "", digest);
479  }
480 
481  //Check status code
482  if(!error)
483  {
484  //Compute the verify data
485  error = hmacCompute(hashAlgo, finishedKey, hashAlgo->digestSize,
486  digest, hashAlgo->digestSize, verifyData);
487  }
488  }
489  else
490  {
491  //Invalid hash algorithm
492  error = ERROR_FAILURE;
493  }
494  }
495  else
496 #endif
497  //Invalid TLS version?
498  {
499  //Report an error
500  error = ERROR_INVALID_VERSION;
501  }
502 
503  //Check status code
504  if(!error)
505  {
506  //Save the length of the verify data
507  *verifyDataLen = context->cipherSuite.verifyDataLen;
508 
509  //Debug message
510  TRACE_DEBUG("Verify data:\r\n");
511  TRACE_DEBUG_ARRAY(" ", verifyData, *verifyDataLen);
512  }
513 
514  //Return status code
515  return error;
516 }
517 
518 #endif
sha1Update
void sha1Update(Sha1Context *context, const void *data, size_t length)
Update the SHA-1 context with a portion of the message being hashed.
Definition: apm32f4xx_crypto_hash.c:230
md5Update
void md5Update(Md5Context *context, const void *data, size_t length)
Update the MD5 context with a portion of the message being hashed.
Definition: apm32f4xx_crypto_hash.c:153
char_t
char char_t
Definition: compiler_port.h:48
ntohs
#define ntohs(value)
Definition: cpu_endian.h:421
debug.h
Debugging facilities.
TRACE_DEBUG_ARRAY
#define TRACE_DEBUG_ARRAY(p, a, n)
Definition: debug.h:108
TRACE_DEBUG
#define TRACE_DEBUG(...)
Definition: debug.h:107
DtlsRecord
DtlsRecord
Definition: dtls_misc.h:180
error_t
error_t
Error codes.
Definition: error.h:43
NO_ERROR
@ NO_ERROR
Success.
Definition: error.h:44
ERROR_OUT_OF_MEMORY
@ ERROR_OUT_OF_MEMORY
Definition: error.h:63
ERROR_FAILURE
@ ERROR_FAILURE
Generic error code.
Definition: error.h:45
ERROR_INVALID_PARAMETER
@ ERROR_INVALID_PARAMETER
Invalid parameter.
Definition: error.h:47
ERROR_INVALID_VERSION
@ ERROR_INVALID_VERSION
Definition: error.h:118
sha1Init
void sha1Init(Sha1Context *context)
Initialize SHA-1 message digest context.
Definition: esp32_c3_crypto_hash.c:186
data
uint8_t data[]
Definition: ethernet.h:222
hmacCompute
__weak_func error_t hmacCompute(const HashAlgo *hash, const void *key, size_t keyLen, const void *data, size_t dataLen, uint8_t *digest)
Compute HMAC using the specified hash function.
Definition: hmac.c:91
MD5_DIGEST_SIZE
#define MD5_DIGEST_SIZE
Definition: md5.h:45
MD5_HASH_ALGO
#define MD5_HASH_ALGO
Definition: md5.h:49
md5Init
void md5Init(Md5Context *context)
Initialize MD5 message digest context.
Definition: msp432e4_crypto_hash.c:189
osMemset
#define osMemset(p, value, length)
Definition: os_port.h:135
osMemcpy
#define osMemcpy(dest, src, length)
Definition: os_port.h:141
SHA1_HASH_ALGO
#define SHA1_HASH_ALGO
Definition: sha1.h:49
SHA1_DIGEST_SIZE
#define SHA1_DIGEST_SIZE
Definition: sha1.h:45
HashAlgo
Common interface for hash algorithms.
Definition: crypto.h:1014
HashAlgo::final
HashAlgoFinal final
Definition: crypto.h:1026
HashAlgo::contextSize
size_t contextSize
Definition: crypto.h:1018
HashAlgo::update
HashAlgoUpdate update
Definition: crypto.h:1025
HashAlgo::digestSize
size_t digestSize
Definition: crypto.h:1020
HashAlgo::init
HashAlgoInit init
Definition: crypto.h:1024
Md5Context
MD5 algorithm context.
Definition: md5.h:62
Sha1Context
SHA-1 algorithm context.
Definition: sha1.h:62
length
uint8_t length
Definition: tcp.h:368
tls13HkdfExpandLabel
error_t tls13HkdfExpandLabel(TlsTransportProtocol transportProtocol, const HashAlgo *hash, const uint8_t *secret, size_t secretLen, const char_t *label, const uint8_t *context, size_t contextLen, uint8_t *output, size_t outputLen)
HKDF-Expand-Label function.
Definition: tls13_key_material.c:62
tls13_key_material.h
TLS 1.3 key schedule.
tls.h
TLS (Transport Layer Security)
tlsAllocMem
#define tlsAllocMem(size)
Definition: tls.h:846
TLS_TRANSPORT_PROTOCOL_DATAGRAM
@ TLS_TRANSPORT_PROTOCOL_DATAGRAM
Definition: tls.h:942
tlsFreeMem
#define tlsFreeMem(p)
Definition: tls.h:851
TLS_MAX_HKDF_DIGEST_SIZE
#define TLS_MAX_HKDF_DIGEST_SIZE
Definition: tls.h:906
TLS_VERSION_1_1
#define TLS_VERSION_1_1
Definition: tls.h:95
TLS_VERSION_1_3
#define TLS_VERSION_1_3
Definition: tls.h:97
TlsContext
#define TlsContext
Definition: tls.h:36
TlsConnectionEnd
TlsConnectionEnd
TLS connection end.
Definition: tls.h:952
TLS_CONNECTION_END_CLIENT
@ TLS_CONNECTION_END_CLIENT
Definition: tls.h:953
TLS_VERSION_1_0
#define TLS_VERSION_1_0
Definition: tls.h:94
TLS_MASTER_SECRET_SIZE
#define TLS_MASTER_SECRET_SIZE
Definition: tls.h:794
TlsRecord
TlsRecord
Definition: tls.h:1725
TLS_VERSION_1_2
#define TLS_VERSION_1_2
Definition: tls.h:96
tls_client.h
Handshake message processing (TLS client)
tls12Prf
error_t tls12Prf(const HashAlgo *hash, const uint8_t *secret, size_t secretLen, const char_t *label, const uint8_t *seed, size_t seedLen, uint8_t *output, size_t outputLen)
Pseudorandom function (TLS 1.2)
Definition: tls_key_material.c:729
tlsPrf
error_t tlsPrf(const uint8_t *secret, size_t secretLen, const char_t *label, const uint8_t *seed, size_t seedLen, uint8_t *output, size_t outputLen)
Pseudorandom function (TLS 1.0 and 1.1)
Definition: tls_key_material.c:602
tls_key_material.h
Key material generation.
tlsFinalizeTranscriptHash
error_t tlsFinalizeTranscriptHash(TlsContext *context, const HashAlgo *hash, const void *hashContext, const char_t *label, uint8_t *output)
Finalize hash calculation from previous handshake messages.
Definition: tls_transcript_hash.c:252
tlsFreeTranscriptHash
void tlsFreeTranscriptHash(TlsContext *context)
Release transcript hash context.
Definition: tls_transcript_hash.c:296
tlsComputeVerifyData
__weak_func error_t tlsComputeVerifyData(TlsContext *context, TlsConnectionEnd entity, uint8_t *verifyData, size_t *verifyDataLen)
Compute verify data from previous handshake messages.
Definition: tls_transcript_hash.c:339
tlsUpdateTranscriptHash
void tlsUpdateTranscriptHash(TlsContext *context, const void *data, size_t length)
Update hash value with a handshake message.
Definition: tls_transcript_hash.c:193
tlsInitTranscriptHash
error_t tlsInitTranscriptHash(TlsContext *context)
Initialize handshake message hashing.
Definition: tls_transcript_hash.c:52
tls_transcript_hash.h
Transcript hash calculation.
HashContext
Generic hash algorithm context.
Definition: hash_algorithms.h:297
HashContext::digest
uint8_t digest[MAX_HASH_DIGEST_SIZE]
Definition: hash_algorithms.h:298