in tls/s2n_handshake_transcript.c [42:89]
int s2n_conn_update_handshake_hashes(struct s2n_connection *conn, struct s2n_blob *data)
{
POSIX_ENSURE_REF(conn);
POSIX_ENSURE_REF(data);
struct s2n_handshake_hashes *hashes = conn->handshake.hashes;
POSIX_ENSURE_REF(hashes);
/* MD5 and SHA1 are not permitted in FIPS mode, but an exception is made in
* order to continue to support TLS1.0 and TLS1.1. NIST SP 800-52r1 approves
* their continued use for the signature check in the CertificateVerify message
* and the PRF when negotiating TLS1.0 or TLS1.1 (see footnotes 15 and 20,
* and section 3.3.2)
*/
if (s2n_handshake_is_hash_required(&conn->handshake, S2N_HASH_MD5)) {
POSIX_GUARD(s2n_hash_update(&hashes->md5, data->data, data->size));
}
if (s2n_handshake_is_hash_required(&conn->handshake, S2N_HASH_SHA1)) {
POSIX_GUARD(s2n_hash_update(&hashes->sha1, data->data, data->size));
}
const uint8_t md5_sha1_required =
(s2n_handshake_is_hash_required(&conn->handshake, S2N_HASH_MD5)
&& s2n_handshake_is_hash_required(&conn->handshake, S2N_HASH_SHA1));
if (md5_sha1_required) {
POSIX_GUARD(s2n_hash_update(&hashes->md5_sha1, data->data, data->size));
}
if (s2n_handshake_is_hash_required(&conn->handshake, S2N_HASH_SHA224)) {
POSIX_GUARD(s2n_hash_update(&hashes->sha224, data->data, data->size));
}
if (s2n_handshake_is_hash_required(&conn->handshake, S2N_HASH_SHA256)) {
POSIX_GUARD(s2n_hash_update(&hashes->sha256, data->data, data->size));
}
if (s2n_handshake_is_hash_required(&conn->handshake, S2N_HASH_SHA384)) {
POSIX_GUARD(s2n_hash_update(&hashes->sha384, data->data, data->size));
}
if (s2n_handshake_is_hash_required(&conn->handshake, S2N_HASH_SHA512)) {
POSIX_GUARD(s2n_hash_update(&hashes->sha512, data->data, data->size));
}
return S2N_SUCCESS;
}