make arrays temporary, freed at end of handshake unless user calls KeepArrays for get_keys or psk hints
This commit is contained in:
toddouska
parent
8c32a5a2ed
commit
66bbb44f44
@ -218,7 +218,8 @@ enum {
|
||||
DYNAMIC_TYPE_ALTNAME = 29,
|
||||
DYNAMIC_TYPE_SUITES = 30,
|
||||
DYNAMIC_TYPE_CIPHER = 31,
|
||||
DYNAMIC_TYPE_RNG = 32
|
||||
DYNAMIC_TYPE_RNG = 32,
|
||||
DYNAMIC_TYPE_ARRAYS = 33
|
||||
};
|
||||
|
||||
/* stack protection */
|
||||
|
||||
@ -1145,6 +1145,8 @@ typedef struct Options {
|
||||
byte quietShutdown; /* don't send close notify */
|
||||
byte certOnly; /* stop once we get cert */
|
||||
byte groupMessages; /* group handshake messages */
|
||||
byte saveArrays; /* save array Memory for user get keys
|
||||
or psk */
|
||||
#ifndef NO_PSK
|
||||
byte havePSK; /* psk key set by user */
|
||||
psk_client_callback client_psk_cb;
|
||||
@ -1239,7 +1241,7 @@ struct CYASSL {
|
||||
Hashes certHashes; /* for cert verify */
|
||||
Buffers buffers;
|
||||
Options options;
|
||||
Arrays arrays;
|
||||
Arrays* arrays;
|
||||
CYASSL_SESSION session;
|
||||
VerifyCallback verifyCallback; /* cert verification callback */
|
||||
RsaKey peerRsaKey;
|
||||
@ -1454,6 +1456,8 @@ CYASSL_LOCAL void ShrinkOutputBuffer(CYASSL* ssl);
|
||||
CYASSL_LOCAL Signer* GetCA(void* cm, byte* hash);
|
||||
CYASSL_LOCAL void BuildTlsFinished(CYASSL* ssl, Hashes* hashes,
|
||||
const byte* sender);
|
||||
CYASSL_LOCAL void FreeArrays(CYASSL* ssl, int keep);
|
||||
|
||||
#ifndef NO_TLS
|
||||
CYASSL_LOCAL int MakeTlsMasterSecret(CYASSL*);
|
||||
CYASSL_LOCAL void TLS_hmac(CYASSL* ssl, byte* digest, const byte* buffer,
|
||||
|
||||
@ -719,6 +719,7 @@ CYASSL_API int CyaSSL_CTX_SetTmpEC_DHE_Sz(CYASSL_CTX*, unsigned short);
|
||||
#endif
|
||||
|
||||
/* keyblock size in bytes or -1 */
|
||||
/* need to call CyaSSL_KeepArrays before handshake to save keys */
|
||||
CYASSL_API int CyaSSL_get_keyblock_size(CYASSL*);
|
||||
CYASSL_API int CyaSSL_get_keys(CYASSL*,unsigned char** ms, unsigned int* msLen,
|
||||
unsigned char** sr, unsigned int* srLen,
|
||||
@ -817,6 +818,13 @@ CYASSL_API int CyaSSL_CTX_DisableCRL(CYASSL_CTX* ctx);
|
||||
CYASSL_API int CyaSSL_CTX_LoadCRL(CYASSL_CTX*, const char*, int, int);
|
||||
CYASSL_API int CyaSSL_CTX_SetCRL_Cb(CYASSL_CTX*, CbMissingCRL);
|
||||
|
||||
/* end of handshake frees temporary arrays, if user needs for get_keys or
|
||||
psk hints, call KeepArrays before handshake and then FreeArrays when done
|
||||
if don't want to wait for object free */
|
||||
CYASSL_API void CyaSSL_KeepArrays(CYASSL*);
|
||||
CYASSL_API void CyaSSL_FreeArrays(CYASSL*);
|
||||
|
||||
|
||||
#define CYASSL_CRL_MONITOR 0x01 /* monitor this dir flag */
|
||||
#define CYASSL_CRL_START_MON 0x02 /* start monitoring flag */
|
||||
|
||||
|
||||
267
src/internal.c
267
src/internal.c
@ -980,7 +980,6 @@ int InitSSL(CYASSL* ssl, CYASSL_CTX* ctx)
|
||||
ssl->keys.dtls_epoch = 0;
|
||||
ssl->keys.dtls_peer_epoch = 0;
|
||||
ssl->keys.dtls_expected_peer_epoch = 0;
|
||||
ssl->arrays.cookieSz = 0;
|
||||
#endif
|
||||
ssl->keys.encryptionOn = 0; /* initially off */
|
||||
ssl->keys.decryptedCur = 0; /* initially off */
|
||||
@ -1003,6 +1002,7 @@ int InitSSL(CYASSL* ssl, CYASSL_CTX* ctx)
|
||||
ssl->options.quietShutdown = ctx->quietShutdown;
|
||||
ssl->options.certOnly = 0;
|
||||
ssl->options.groupMessages = ctx->groupMessages;
|
||||
ssl->options.saveArrays = 0;
|
||||
|
||||
/* ctx still owns certificate, certChain, key, dh, and cm */
|
||||
ssl->buffers.certificate = ctx->certificate;
|
||||
@ -1044,17 +1044,8 @@ int InitSSL(CYASSL* ssl, CYASSL_CTX* ctx)
|
||||
ssl->toInfoOn = 0;
|
||||
#endif
|
||||
|
||||
#ifndef NO_PSK
|
||||
ssl->arrays.client_identity[0] = 0;
|
||||
if (ctx->server_hint[0]) { /* set in CTX */
|
||||
XSTRNCPY(ssl->arrays.server_hint, ctx->server_hint, MAX_PSK_ID_LEN);
|
||||
ssl->arrays.server_hint[MAX_PSK_ID_LEN - 1] = '\0';
|
||||
}
|
||||
else
|
||||
ssl->arrays.server_hint[0] = 0;
|
||||
#endif /* NO_PSK */
|
||||
|
||||
ssl->rng = NULL;
|
||||
ssl->rng = NULL;
|
||||
ssl->arrays = NULL;
|
||||
InitCiphers(ssl);
|
||||
/* all done with init, now can return errors, call other stuff */
|
||||
|
||||
@ -1066,6 +1057,27 @@ int InitSSL(CYASSL* ssl, CYASSL_CTX* ctx)
|
||||
ctx->refCount++;
|
||||
UnLockMutex(&ctx->countMutex);
|
||||
|
||||
ssl->arrays = (Arrays*)XMALLOC(sizeof(Arrays), ssl->heap,
|
||||
DYNAMIC_TYPE_ARRAYS);
|
||||
if (ssl->arrays == NULL) {
|
||||
CYASSL_MSG("Arrays Memory error");
|
||||
return MEMORY_E;
|
||||
}
|
||||
|
||||
#ifndef NO_PSK
|
||||
ssl->arrays->client_identity[0] = 0;
|
||||
if (ctx->server_hint[0]) { /* set in CTX */
|
||||
XSTRNCPY(ssl->arrays->server_hint, ctx->server_hint, MAX_PSK_ID_LEN);
|
||||
ssl->arrays->server_hint[MAX_PSK_ID_LEN - 1] = '\0';
|
||||
}
|
||||
else
|
||||
ssl->arrays->server_hint[0] = 0;
|
||||
#endif /* NO_PSK */
|
||||
|
||||
#ifdef CYASSL_DTLS
|
||||
ssl->arrays->cookieSz = 0;
|
||||
#endif
|
||||
|
||||
ssl->rng = (RNG*)XMALLOC(sizeof(RNG), ssl->heap, DYNAMIC_TYPE_RNG);
|
||||
if (ssl->rng == NULL) {
|
||||
CYASSL_MSG("RNG Memory error");
|
||||
@ -1104,10 +1116,23 @@ int InitSSL(CYASSL* ssl, CYASSL_CTX* ctx)
|
||||
}
|
||||
|
||||
|
||||
/* free use of temporary arrays */
|
||||
void FreeArrays(CYASSL* ssl, int keep)
|
||||
{
|
||||
if (ssl->arrays && keep) {
|
||||
/* keeps session id for user retrieval */
|
||||
XMEMCPY(ssl->session.sessionID, ssl->arrays->sessionID, ID_LEN);
|
||||
}
|
||||
XFREE(ssl->arrays, ssl->heap, DYNAMIC_TYPE_ARRAYS);
|
||||
ssl->arrays = NULL;
|
||||
}
|
||||
|
||||
|
||||
/* In case holding SSL object in array and don't want to free actual ssl */
|
||||
void SSL_ResourceFree(CYASSL* ssl)
|
||||
{
|
||||
FreeCiphers(ssl);
|
||||
FreeArrays(ssl, 0);
|
||||
XFREE(ssl->rng, ssl->heap, DYNAMIC_TYPE_RNG);
|
||||
XFREE(ssl->suites, ssl->heap, DYNAMIC_TYPE_SUITES);
|
||||
XFREE(ssl->buffers.serverDH_Priv.buffer, ssl->heap, DYNAMIC_TYPE_DH);
|
||||
@ -1170,6 +1195,10 @@ void FreeHandshakeResources(CYASSL* ssl)
|
||||
XFREE(ssl->rng, ssl->heap, DYNAMIC_TYPE_RNG);
|
||||
ssl->rng = NULL;
|
||||
}
|
||||
|
||||
/* arrays */
|
||||
if (ssl->options.saveArrays)
|
||||
FreeArrays(ssl, 1);
|
||||
}
|
||||
|
||||
|
||||
@ -1747,12 +1776,12 @@ static void BuildMD5(CYASSL* ssl, Hashes* hashes, const byte* sender)
|
||||
|
||||
/* make md5 inner */
|
||||
Md5Update(&ssl->hashMd5, sender, SIZEOF_SENDER);
|
||||
Md5Update(&ssl->hashMd5, ssl->arrays.masterSecret, SECRET_LEN);
|
||||
Md5Update(&ssl->hashMd5, ssl->arrays->masterSecret, SECRET_LEN);
|
||||
Md5Update(&ssl->hashMd5, PAD1, PAD_MD5);
|
||||
Md5Final(&ssl->hashMd5, md5_result);
|
||||
|
||||
/* make md5 outer */
|
||||
Md5Update(&ssl->hashMd5, ssl->arrays.masterSecret, SECRET_LEN);
|
||||
Md5Update(&ssl->hashMd5, ssl->arrays->masterSecret, SECRET_LEN);
|
||||
Md5Update(&ssl->hashMd5, PAD2, PAD_MD5);
|
||||
Md5Update(&ssl->hashMd5, md5_result, MD5_DIGEST_SIZE);
|
||||
|
||||
@ -1767,12 +1796,12 @@ static void BuildSHA(CYASSL* ssl, Hashes* hashes, const byte* sender)
|
||||
|
||||
/* make sha inner */
|
||||
ShaUpdate(&ssl->hashSha, sender, SIZEOF_SENDER);
|
||||
ShaUpdate(&ssl->hashSha, ssl->arrays.masterSecret, SECRET_LEN);
|
||||
ShaUpdate(&ssl->hashSha, ssl->arrays->masterSecret, SECRET_LEN);
|
||||
ShaUpdate(&ssl->hashSha, PAD1, PAD_SHA);
|
||||
ShaFinal(&ssl->hashSha, sha_result);
|
||||
|
||||
/* make sha outer */
|
||||
ShaUpdate(&ssl->hashSha, ssl->arrays.masterSecret, SECRET_LEN);
|
||||
ShaUpdate(&ssl->hashSha, ssl->arrays->masterSecret, SECRET_LEN);
|
||||
ShaUpdate(&ssl->hashSha, PAD2, PAD_SHA);
|
||||
ShaUpdate(&ssl->hashSha, sha_result, SHA_DIGEST_SIZE);
|
||||
|
||||
@ -3197,12 +3226,12 @@ static void BuildMD5_CertVerify(CYASSL* ssl, byte* digest)
|
||||
byte md5_result[MD5_DIGEST_SIZE];
|
||||
|
||||
/* make md5 inner */
|
||||
Md5Update(&ssl->hashMd5, ssl->arrays.masterSecret, SECRET_LEN);
|
||||
Md5Update(&ssl->hashMd5, ssl->arrays->masterSecret, SECRET_LEN);
|
||||
Md5Update(&ssl->hashMd5, PAD1, PAD_MD5);
|
||||
Md5Final(&ssl->hashMd5, md5_result);
|
||||
|
||||
/* make md5 outer */
|
||||
Md5Update(&ssl->hashMd5, ssl->arrays.masterSecret, SECRET_LEN);
|
||||
Md5Update(&ssl->hashMd5, ssl->arrays->masterSecret, SECRET_LEN);
|
||||
Md5Update(&ssl->hashMd5, PAD2, PAD_MD5);
|
||||
Md5Update(&ssl->hashMd5, md5_result, MD5_DIGEST_SIZE);
|
||||
|
||||
@ -3215,12 +3244,12 @@ static void BuildSHA_CertVerify(CYASSL* ssl, byte* digest)
|
||||
byte sha_result[SHA_DIGEST_SIZE];
|
||||
|
||||
/* make sha inner */
|
||||
ShaUpdate(&ssl->hashSha, ssl->arrays.masterSecret, SECRET_LEN);
|
||||
ShaUpdate(&ssl->hashSha, ssl->arrays->masterSecret, SECRET_LEN);
|
||||
ShaUpdate(&ssl->hashSha, PAD1, PAD_SHA);
|
||||
ShaFinal(&ssl->hashSha, sha_result);
|
||||
|
||||
/* make sha outer */
|
||||
ShaUpdate(&ssl->hashSha, ssl->arrays.masterSecret, SECRET_LEN);
|
||||
ShaUpdate(&ssl->hashSha, ssl->arrays->masterSecret, SECRET_LEN);
|
||||
ShaUpdate(&ssl->hashSha, PAD2, PAD_SHA);
|
||||
ShaUpdate(&ssl->hashSha, sha_result, SHA_DIGEST_SIZE);
|
||||
|
||||
@ -4701,7 +4730,7 @@ int SetCipherList(Suites* s, const char* list)
|
||||
#ifdef CYASSL_DTLS
|
||||
if (ssl->options.dtls) {
|
||||
length += ENUM_LEN; /* cookie */
|
||||
if (ssl->arrays.cookieSz != 0) length += ssl->arrays.cookieSz;
|
||||
if (ssl->arrays->cookieSz != 0) length += ssl->arrays->cookieSz;
|
||||
sendSz = length + DTLS_HANDSHAKE_HEADER_SZ + DTLS_RECORD_HEADER_SZ;
|
||||
idx += DTLS_HANDSHAKE_EXTRA + DTLS_RECORD_EXTRA;
|
||||
}
|
||||
@ -4727,11 +4756,11 @@ int SetCipherList(Suites* s, const char* list)
|
||||
RNG_GenerateBlock(ssl->rng, output + idx, RAN_LEN);
|
||||
|
||||
/* store random */
|
||||
XMEMCPY(ssl->arrays.clientRandom, output + idx, RAN_LEN);
|
||||
XMEMCPY(ssl->arrays->clientRandom, output + idx, RAN_LEN);
|
||||
} else {
|
||||
#ifdef CYASSL_DTLS
|
||||
/* send same random on hello again */
|
||||
XMEMCPY(output + idx, ssl->arrays.clientRandom, RAN_LEN);
|
||||
XMEMCPY(output + idx, ssl->arrays->clientRandom, RAN_LEN);
|
||||
#endif
|
||||
}
|
||||
idx += RAN_LEN;
|
||||
@ -4746,11 +4775,11 @@ int SetCipherList(Suites* s, const char* list)
|
||||
/* then DTLS cookie */
|
||||
#ifdef CYASSL_DTLS
|
||||
if (ssl->options.dtls) {
|
||||
byte cookieSz = ssl->arrays.cookieSz;
|
||||
byte cookieSz = ssl->arrays->cookieSz;
|
||||
|
||||
output[idx++] = cookieSz;
|
||||
if (cookieSz) {
|
||||
XMEMCPY(&output[idx], ssl->arrays.cookie, cookieSz);
|
||||
XMEMCPY(&output[idx], ssl->arrays->cookie, cookieSz);
|
||||
idx += cookieSz;
|
||||
}
|
||||
}
|
||||
@ -4826,8 +4855,8 @@ int SetCipherList(Suites* s, const char* list)
|
||||
if (cookieSz) {
|
||||
#ifdef CYASSL_DTLS
|
||||
if (cookieSz < MAX_COOKIE_LEN) {
|
||||
XMEMCPY(ssl->arrays.cookie, input + *inOutIdx, cookieSz);
|
||||
ssl->arrays.cookieSz = cookieSz;
|
||||
XMEMCPY(ssl->arrays->cookie, input + *inOutIdx, cookieSz);
|
||||
ssl->arrays->cookieSz = cookieSz;
|
||||
}
|
||||
#endif
|
||||
*inOutIdx += cookieSz;
|
||||
@ -4881,11 +4910,11 @@ int SetCipherList(Suites* s, const char* list)
|
||||
ssl->version.minor = TLSv1_1_MINOR;
|
||||
}
|
||||
}
|
||||
XMEMCPY(ssl->arrays.serverRandom, input + i, RAN_LEN);
|
||||
XMEMCPY(ssl->arrays->serverRandom, input + i, RAN_LEN);
|
||||
i += RAN_LEN;
|
||||
b = input[i++];
|
||||
if (b) {
|
||||
XMEMCPY(ssl->arrays.sessionID, input + i, min(b, ID_LEN));
|
||||
XMEMCPY(ssl->arrays->sessionID, input + i, min(b, ID_LEN));
|
||||
i += b;
|
||||
ssl->options.haveSessionId = 1;
|
||||
}
|
||||
@ -4907,12 +4936,12 @@ int SetCipherList(Suites* s, const char* list)
|
||||
*inOutIdx = i;
|
||||
|
||||
if (ssl->options.resuming) {
|
||||
if (ssl->options.haveSessionId && XMEMCMP(ssl->arrays.sessionID,
|
||||
if (ssl->options.haveSessionId && XMEMCMP(ssl->arrays->sessionID,
|
||||
ssl->session.sessionID, ID_LEN) == 0) {
|
||||
if (SetCipherSpecs(ssl) == 0) {
|
||||
int ret;
|
||||
XMEMCPY(ssl->arrays.masterSecret, ssl->session.masterSecret,
|
||||
SECRET_LEN);
|
||||
XMEMCPY(ssl->arrays->masterSecret,
|
||||
ssl->session.masterSecret, SECRET_LEN);
|
||||
if (ssl->options.tls)
|
||||
ret = DeriveTlsKeys(ssl);
|
||||
else
|
||||
@ -5007,12 +5036,12 @@ int SetCipherList(Suites* s, const char* list)
|
||||
word16 pskLen = 0;
|
||||
ato16(&input[*inOutIdx], &pskLen);
|
||||
*inOutIdx += LENGTH_SZ;
|
||||
XMEMCPY(ssl->arrays.server_hint, &input[*inOutIdx],
|
||||
XMEMCPY(ssl->arrays->server_hint, &input[*inOutIdx],
|
||||
min(pskLen, MAX_PSK_ID_LEN));
|
||||
if (pskLen < MAX_PSK_ID_LEN)
|
||||
ssl->arrays.server_hint[pskLen] = 0;
|
||||
ssl->arrays->server_hint[pskLen] = 0;
|
||||
else
|
||||
ssl->arrays.server_hint[MAX_PSK_ID_LEN - 1] = 0;
|
||||
ssl->arrays->server_hint[MAX_PSK_ID_LEN - 1] = 0;
|
||||
*inOutIdx += pskLen;
|
||||
|
||||
return 0;
|
||||
@ -5122,15 +5151,15 @@ int SetCipherList(Suites* s, const char* list)
|
||||
|
||||
/* md5 */
|
||||
InitMd5(&md5);
|
||||
Md5Update(&md5, ssl->arrays.clientRandom, RAN_LEN);
|
||||
Md5Update(&md5, ssl->arrays.serverRandom, RAN_LEN);
|
||||
Md5Update(&md5, ssl->arrays->clientRandom, RAN_LEN);
|
||||
Md5Update(&md5, ssl->arrays->serverRandom, RAN_LEN);
|
||||
Md5Update(&md5, messageVerify, verifySz);
|
||||
Md5Final(&md5, hash);
|
||||
|
||||
/* sha */
|
||||
InitSha(&sha);
|
||||
ShaUpdate(&sha, ssl->arrays.clientRandom, RAN_LEN);
|
||||
ShaUpdate(&sha, ssl->arrays.serverRandom, RAN_LEN);
|
||||
ShaUpdate(&sha, ssl->arrays->clientRandom, RAN_LEN);
|
||||
ShaUpdate(&sha, ssl->arrays->serverRandom, RAN_LEN);
|
||||
ShaUpdate(&sha, messageVerify, verifySz);
|
||||
ShaFinal(&sha, &hash[MD5_DIGEST_SIZE]);
|
||||
|
||||
@ -5203,16 +5232,16 @@ int SetCipherList(Suites* s, const char* list)
|
||||
int ret = 0;
|
||||
|
||||
if (ssl->specs.kea == rsa_kea) {
|
||||
RNG_GenerateBlock(ssl->rng, ssl->arrays.preMasterSecret,
|
||||
RNG_GenerateBlock(ssl->rng, ssl->arrays->preMasterSecret,
|
||||
SECRET_LEN);
|
||||
ssl->arrays.preMasterSecret[0] = ssl->chVersion.major;
|
||||
ssl->arrays.preMasterSecret[1] = ssl->chVersion.minor;
|
||||
ssl->arrays.preMasterSz = SECRET_LEN;
|
||||
ssl->arrays->preMasterSecret[0] = ssl->chVersion.major;
|
||||
ssl->arrays->preMasterSecret[1] = ssl->chVersion.minor;
|
||||
ssl->arrays->preMasterSz = SECRET_LEN;
|
||||
|
||||
if (ssl->peerRsaKeyPresent == 0)
|
||||
return NO_PEER_KEY;
|
||||
|
||||
ret = RsaPublicEncrypt(ssl->arrays.preMasterSecret, SECRET_LEN,
|
||||
ret = RsaPublicEncrypt(ssl->arrays->preMasterSecret, SECRET_LEN,
|
||||
encSecret, sizeof(encSecret), &ssl->peerRsaKey,
|
||||
ssl->rng);
|
||||
if (ret > 0) {
|
||||
@ -5240,35 +5269,35 @@ int SetCipherList(Suites* s, const char* list)
|
||||
ret = DhGenerateKeyPair(&key, ssl->rng, priv, &privSz,
|
||||
encSecret, &encSz);
|
||||
if (ret == 0)
|
||||
ret = DhAgree(&key, ssl->arrays.preMasterSecret,
|
||||
&ssl->arrays.preMasterSz, priv, privSz,
|
||||
ret = DhAgree(&key, ssl->arrays->preMasterSecret,
|
||||
&ssl->arrays->preMasterSz, priv, privSz,
|
||||
serverPub.buffer, serverPub.length);
|
||||
FreeDhKey(&key);
|
||||
#endif /* OPENSSL_EXTRA */
|
||||
#ifndef NO_PSK
|
||||
} else if (ssl->specs.kea == psk_kea) {
|
||||
byte* pms = ssl->arrays.preMasterSecret;
|
||||
byte* pms = ssl->arrays->preMasterSecret;
|
||||
|
||||
ssl->arrays.psk_keySz = ssl->options.client_psk_cb(ssl,
|
||||
ssl->arrays.server_hint, ssl->arrays.client_identity,
|
||||
MAX_PSK_ID_LEN, ssl->arrays.psk_key, MAX_PSK_KEY_LEN);
|
||||
if (ssl->arrays.psk_keySz == 0 ||
|
||||
ssl->arrays.psk_keySz > MAX_PSK_KEY_LEN)
|
||||
ssl->arrays->psk_keySz = ssl->options.client_psk_cb(ssl,
|
||||
ssl->arrays->server_hint, ssl->arrays->client_identity,
|
||||
MAX_PSK_ID_LEN, ssl->arrays->psk_key, MAX_PSK_KEY_LEN);
|
||||
if (ssl->arrays->psk_keySz == 0 ||
|
||||
ssl->arrays->psk_keySz > MAX_PSK_KEY_LEN)
|
||||
return PSK_KEY_ERROR;
|
||||
encSz = (word32)XSTRLEN(ssl->arrays.client_identity);
|
||||
encSz = (word32)XSTRLEN(ssl->arrays->client_identity);
|
||||
if (encSz > MAX_PSK_ID_LEN) return CLIENT_ID_ERROR;
|
||||
XMEMCPY(encSecret, ssl->arrays.client_identity, encSz);
|
||||
XMEMCPY(encSecret, ssl->arrays->client_identity, encSz);
|
||||
|
||||
/* make psk pre master secret */
|
||||
/* length of key + length 0s + length of key + key */
|
||||
c16toa((word16)ssl->arrays.psk_keySz, pms);
|
||||
c16toa((word16)ssl->arrays->psk_keySz, pms);
|
||||
pms += 2;
|
||||
XMEMSET(pms, 0, ssl->arrays.psk_keySz);
|
||||
pms += ssl->arrays.psk_keySz;
|
||||
c16toa((word16)ssl->arrays.psk_keySz, pms);
|
||||
XMEMSET(pms, 0, ssl->arrays->psk_keySz);
|
||||
pms += ssl->arrays->psk_keySz;
|
||||
c16toa((word16)ssl->arrays->psk_keySz, pms);
|
||||
pms += 2;
|
||||
XMEMCPY(pms, ssl->arrays.psk_key, ssl->arrays.psk_keySz);
|
||||
ssl->arrays.preMasterSz = ssl->arrays.psk_keySz * 2 + 4;
|
||||
XMEMCPY(pms, ssl->arrays->psk_key, ssl->arrays->psk_keySz);
|
||||
ssl->arrays->preMasterSz = ssl->arrays->psk_keySz * 2 + 4;
|
||||
#endif /* NO_PSK */
|
||||
#ifdef HAVE_NTRU
|
||||
} else if (ssl->specs.kea == ntru_kea) {
|
||||
@ -5279,9 +5308,9 @@ int SetCipherList(Suites* s, const char* list)
|
||||
'C', 'y', 'a', 'S', 'S', 'L', ' ', 'N', 'T', 'R', 'U'
|
||||
};
|
||||
|
||||
RNG_GenerateBlock(ssl->rng, ssl->arrays.preMasterSecret,
|
||||
RNG_GenerateBlock(ssl->rng, ssl->arrays->preMasterSecret,
|
||||
SECRET_LEN);
|
||||
ssl->arrays.preMasterSz = SECRET_LEN;
|
||||
ssl->arrays->preMasterSz = SECRET_LEN;
|
||||
|
||||
if (ssl->peerNtruKeyPresent == 0)
|
||||
return NO_PEER_KEY;
|
||||
@ -5292,8 +5321,8 @@ int SetCipherList(Suites* s, const char* list)
|
||||
return NTRU_DRBG_ERROR;
|
||||
|
||||
rc = crypto_ntru_encrypt(drbg, ssl->peerNtruKeyLen,ssl->peerNtruKey,
|
||||
ssl->arrays.preMasterSz,
|
||||
ssl->arrays.preMasterSecret,
|
||||
ssl->arrays->preMasterSz,
|
||||
ssl->arrays->preMasterSecret,
|
||||
&cipherLen, encSecret);
|
||||
crypto_drbg_uninstantiate(drbg);
|
||||
if (rc != NTRU_OK)
|
||||
@ -5333,14 +5362,14 @@ int SetCipherList(Suites* s, const char* list)
|
||||
if (ret != 0)
|
||||
ret = ECC_EXPORT_ERROR;
|
||||
else {
|
||||
size = sizeof(ssl->arrays.preMasterSecret);
|
||||
size = sizeof(ssl->arrays->preMasterSecret);
|
||||
ret = ecc_shared_secret(&myKey, peerKey,
|
||||
ssl->arrays.preMasterSecret, &size);
|
||||
ssl->arrays->preMasterSecret, &size);
|
||||
if (ret != 0)
|
||||
ret = ECC_SHARED_ERROR;
|
||||
}
|
||||
|
||||
ssl->arrays.preMasterSz = size;
|
||||
ssl->arrays->preMasterSz = size;
|
||||
ecc_free(&myKey);
|
||||
#endif /* HAVE_ECC */
|
||||
} else
|
||||
@ -5593,8 +5622,8 @@ int SetCipherList(Suites* s, const char* list)
|
||||
|
||||
/* then random */
|
||||
if (!ssl->options.resuming)
|
||||
RNG_GenerateBlock(ssl->rng, ssl->arrays.serverRandom, RAN_LEN);
|
||||
XMEMCPY(output + idx, ssl->arrays.serverRandom, RAN_LEN);
|
||||
RNG_GenerateBlock(ssl->rng, ssl->arrays->serverRandom, RAN_LEN);
|
||||
XMEMCPY(output + idx, ssl->arrays->serverRandom, RAN_LEN);
|
||||
idx += RAN_LEN;
|
||||
|
||||
#ifdef SHOW_SECRETS
|
||||
@ -5602,15 +5631,15 @@ int SetCipherList(Suites* s, const char* list)
|
||||
int j;
|
||||
printf("server random: ");
|
||||
for (j = 0; j < RAN_LEN; j++)
|
||||
printf("%02x", ssl->arrays.serverRandom[j]);
|
||||
printf("%02x", ssl->arrays->serverRandom[j]);
|
||||
printf("\n");
|
||||
}
|
||||
#endif
|
||||
/* then session id */
|
||||
output[idx++] = ID_LEN;
|
||||
if (!ssl->options.resuming)
|
||||
RNG_GenerateBlock(ssl->rng, ssl->arrays.sessionID, ID_LEN);
|
||||
XMEMCPY(output + idx, ssl->arrays.sessionID, ID_LEN);
|
||||
RNG_GenerateBlock(ssl->rng, ssl->arrays->sessionID, ID_LEN);
|
||||
XMEMCPY(output + idx, ssl->arrays->sessionID, ID_LEN);
|
||||
idx += ID_LEN;
|
||||
|
||||
/* then cipher suite */
|
||||
@ -5685,10 +5714,10 @@ int SetCipherList(Suites* s, const char* list)
|
||||
byte *output;
|
||||
word32 length, idx = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ;
|
||||
int sendSz;
|
||||
if (ssl->arrays.server_hint[0] == 0) return 0; /* don't send */
|
||||
if (ssl->arrays->server_hint[0] == 0) return 0; /* don't send */
|
||||
|
||||
/* include size part */
|
||||
length = (word32)XSTRLEN(ssl->arrays.server_hint);
|
||||
length = (word32)XSTRLEN(ssl->arrays->server_hint);
|
||||
if (length > MAX_PSK_ID_LEN) return SERVER_HINT_ERROR;
|
||||
length += HINT_LEN_SZ;
|
||||
sendSz = length + HANDSHAKE_HEADER_SZ + RECORD_HEADER_SZ;
|
||||
@ -5712,7 +5741,7 @@ int SetCipherList(Suites* s, const char* list)
|
||||
/* key data */
|
||||
c16toa((word16)(length - HINT_LEN_SZ), output + idx);
|
||||
idx += HINT_LEN_SZ;
|
||||
XMEMCPY(output + idx, ssl->arrays.server_hint, length -HINT_LEN_SZ);
|
||||
XMEMCPY(output + idx, ssl->arrays->server_hint,length -HINT_LEN_SZ);
|
||||
|
||||
HashOutput(ssl, output, sendSz, 0);
|
||||
|
||||
@ -5846,15 +5875,15 @@ int SetCipherList(Suites* s, const char* list)
|
||||
|
||||
/* md5 */
|
||||
InitMd5(&md5);
|
||||
Md5Update(&md5, ssl->arrays.clientRandom, RAN_LEN);
|
||||
Md5Update(&md5, ssl->arrays.serverRandom, RAN_LEN);
|
||||
Md5Update(&md5, ssl->arrays->clientRandom, RAN_LEN);
|
||||
Md5Update(&md5, ssl->arrays->serverRandom, RAN_LEN);
|
||||
Md5Update(&md5, output + preSigIdx, preSigSz);
|
||||
Md5Final(&md5, hash);
|
||||
|
||||
/* sha */
|
||||
InitSha(&sha);
|
||||
ShaUpdate(&sha, ssl->arrays.clientRandom, RAN_LEN);
|
||||
ShaUpdate(&sha, ssl->arrays.serverRandom, RAN_LEN);
|
||||
ShaUpdate(&sha, ssl->arrays->clientRandom, RAN_LEN);
|
||||
ShaUpdate(&sha, ssl->arrays->serverRandom, RAN_LEN);
|
||||
ShaUpdate(&sha, output + preSigIdx, preSigSz);
|
||||
ShaFinal(&sha, &hash[MD5_DIGEST_SIZE]);
|
||||
|
||||
@ -6048,15 +6077,15 @@ int SetCipherList(Suites* s, const char* list)
|
||||
|
||||
/* md5 */
|
||||
InitMd5(&md5);
|
||||
Md5Update(&md5, ssl->arrays.clientRandom, RAN_LEN);
|
||||
Md5Update(&md5, ssl->arrays.serverRandom, RAN_LEN);
|
||||
Md5Update(&md5, ssl->arrays->clientRandom, RAN_LEN);
|
||||
Md5Update(&md5, ssl->arrays->serverRandom, RAN_LEN);
|
||||
Md5Update(&md5, output + preSigIdx, preSigSz);
|
||||
Md5Final(&md5, hash);
|
||||
|
||||
/* sha */
|
||||
InitSha(&sha);
|
||||
ShaUpdate(&sha, ssl->arrays.clientRandom, RAN_LEN);
|
||||
ShaUpdate(&sha, ssl->arrays.serverRandom, RAN_LEN);
|
||||
ShaUpdate(&sha, ssl->arrays->clientRandom, RAN_LEN);
|
||||
ShaUpdate(&sha, ssl->arrays->serverRandom, RAN_LEN);
|
||||
ShaUpdate(&sha, output + preSigIdx, preSigSz);
|
||||
ShaFinal(&sha, &hash[MD5_DIGEST_SIZE]);
|
||||
|
||||
@ -6628,15 +6657,15 @@ int SetCipherList(Suites* s, const char* list)
|
||||
|
||||
/* session id */
|
||||
if (sessionSz) {
|
||||
XMEMCPY(ssl->arrays.sessionID, input + idx, sessionSz);
|
||||
XMEMCPY(ssl->arrays->sessionID, input + idx, sessionSz);
|
||||
idx += sessionSz;
|
||||
ssl->options.resuming = 1;
|
||||
}
|
||||
|
||||
/* random */
|
||||
if (randomSz < RAN_LEN)
|
||||
XMEMSET(ssl->arrays.clientRandom, 0, RAN_LEN - randomSz);
|
||||
XMEMCPY(&ssl->arrays.clientRandom[RAN_LEN - randomSz], input + idx,
|
||||
XMEMSET(ssl->arrays->clientRandom, 0, RAN_LEN - randomSz);
|
||||
XMEMCPY(&ssl->arrays->clientRandom[RAN_LEN - randomSz], input + idx,
|
||||
randomSz);
|
||||
idx += randomSz;
|
||||
|
||||
@ -6650,7 +6679,7 @@ int SetCipherList(Suites* s, const char* list)
|
||||
/* DoClientHello uses same resume code */
|
||||
while (ssl->options.resuming) { /* let's try */
|
||||
int ret;
|
||||
CYASSL_SESSION* session = GetSession(ssl, ssl->arrays.masterSecret);
|
||||
CYASSL_SESSION* session = GetSession(ssl,ssl->arrays->masterSecret);
|
||||
if (!session) {
|
||||
ssl->options.resuming = 0;
|
||||
break; /* session lookup failed */
|
||||
@ -6660,7 +6689,7 @@ int SetCipherList(Suites* s, const char* list)
|
||||
return UNSUPPORTED_SUITE;
|
||||
}
|
||||
|
||||
RNG_GenerateBlock(ssl->rng, ssl->arrays.serverRandom, RAN_LEN);
|
||||
RNG_GenerateBlock(ssl->rng, ssl->arrays->serverRandom, RAN_LEN);
|
||||
if (ssl->options.tls)
|
||||
ret = DeriveTlsKeys(ssl);
|
||||
else
|
||||
@ -6725,7 +6754,7 @@ int SetCipherList(Suites* s, const char* list)
|
||||
ssl->options.haveStaticECC, ssl->options.side);
|
||||
}
|
||||
/* random */
|
||||
XMEMCPY(ssl->arrays.clientRandom, input + i, RAN_LEN);
|
||||
XMEMCPY(ssl->arrays->clientRandom, input + i, RAN_LEN);
|
||||
i += RAN_LEN;
|
||||
|
||||
#ifdef SHOW_SECRETS
|
||||
@ -6733,7 +6762,7 @@ int SetCipherList(Suites* s, const char* list)
|
||||
int j;
|
||||
printf("client random: ");
|
||||
for (j = 0; j < RAN_LEN; j++)
|
||||
printf("%02x", ssl->arrays.clientRandom[j]);
|
||||
printf("%02x", ssl->arrays->clientRandom[j]);
|
||||
printf("\n");
|
||||
}
|
||||
#endif
|
||||
@ -6742,7 +6771,7 @@ int SetCipherList(Suites* s, const char* list)
|
||||
if (b) {
|
||||
if (i + ID_LEN > totalSz)
|
||||
return INCOMPLETE_DATA;
|
||||
XMEMCPY(ssl->arrays.sessionID, input + i, ID_LEN);
|
||||
XMEMCPY(ssl->arrays->sessionID, input + i, ID_LEN);
|
||||
i += b;
|
||||
ssl->options.resuming= 1; /* client wants to resume */
|
||||
CYASSL_MSG("Client wants to resume session");
|
||||
@ -6811,7 +6840,7 @@ int SetCipherList(Suites* s, const char* list)
|
||||
/* ProcessOld uses same resume code */
|
||||
while (ssl->options.resuming) { /* let's try */
|
||||
int ret;
|
||||
CYASSL_SESSION* session = GetSession(ssl, ssl->arrays.masterSecret);
|
||||
CYASSL_SESSION* session = GetSession(ssl,ssl->arrays->masterSecret);
|
||||
if (!session) {
|
||||
ssl->options.resuming = 0;
|
||||
CYASSL_MSG("Session lookup for resume failed");
|
||||
@ -6822,7 +6851,7 @@ int SetCipherList(Suites* s, const char* list)
|
||||
return UNSUPPORTED_SUITE;
|
||||
}
|
||||
|
||||
RNG_GenerateBlock(ssl->rng, ssl->arrays.serverRandom, RAN_LEN);
|
||||
RNG_GenerateBlock(ssl->rng, ssl->arrays->serverRandom, RAN_LEN);
|
||||
if (ssl->options.tls)
|
||||
ret = DeriveTlsKeys(ssl);
|
||||
else
|
||||
@ -7028,7 +7057,7 @@ int SetCipherList(Suites* s, const char* list)
|
||||
|
||||
if (ret == 0) {
|
||||
length = RsaEncryptSize(&key);
|
||||
ssl->arrays.preMasterSz = SECRET_LEN;
|
||||
ssl->arrays->preMasterSz = SECRET_LEN;
|
||||
|
||||
if (ssl->options.tls)
|
||||
(*inOutIdx) += 2;
|
||||
@ -7037,10 +7066,10 @@ int SetCipherList(Suites* s, const char* list)
|
||||
|
||||
if (RsaPrivateDecryptInline(tmp, length, &out, &key) ==
|
||||
SECRET_LEN) {
|
||||
XMEMCPY(ssl->arrays.preMasterSecret, out, SECRET_LEN);
|
||||
if (ssl->arrays.preMasterSecret[0] != ssl->chVersion.major
|
||||
XMEMCPY(ssl->arrays->preMasterSecret, out, SECRET_LEN);
|
||||
if (ssl->arrays->preMasterSecret[0] != ssl->chVersion.major
|
||||
||
|
||||
ssl->arrays.preMasterSecret[1] != ssl->chVersion.minor)
|
||||
ssl->arrays->preMasterSecret[1] != ssl->chVersion.minor)
|
||||
|
||||
ret = PMS_VERSION_ERROR;
|
||||
else
|
||||
@ -7053,33 +7082,33 @@ int SetCipherList(Suites* s, const char* list)
|
||||
FreeRsaKey(&key);
|
||||
#ifndef NO_PSK
|
||||
} else if (ssl->specs.kea == psk_kea) {
|
||||
byte* pms = ssl->arrays.preMasterSecret;
|
||||
byte* pms = ssl->arrays->preMasterSecret;
|
||||
word16 ci_sz;
|
||||
|
||||
ato16(&input[*inOutIdx], &ci_sz);
|
||||
*inOutIdx += LENGTH_SZ;
|
||||
if (ci_sz > MAX_PSK_ID_LEN) return CLIENT_ID_ERROR;
|
||||
|
||||
XMEMCPY(ssl->arrays.client_identity, &input[*inOutIdx], ci_sz);
|
||||
XMEMCPY(ssl->arrays->client_identity, &input[*inOutIdx], ci_sz);
|
||||
*inOutIdx += ci_sz;
|
||||
ssl->arrays.client_identity[ci_sz] = 0;
|
||||
ssl->arrays->client_identity[ci_sz] = 0;
|
||||
|
||||
ssl->arrays.psk_keySz = ssl->options.server_psk_cb(ssl,
|
||||
ssl->arrays.client_identity, ssl->arrays.psk_key,
|
||||
ssl->arrays->psk_keySz = ssl->options.server_psk_cb(ssl,
|
||||
ssl->arrays->client_identity, ssl->arrays->psk_key,
|
||||
MAX_PSK_KEY_LEN);
|
||||
if (ssl->arrays.psk_keySz == 0 ||
|
||||
ssl->arrays.psk_keySz > MAX_PSK_KEY_LEN) return PSK_KEY_ERROR;
|
||||
if (ssl->arrays->psk_keySz == 0 ||
|
||||
ssl->arrays->psk_keySz > MAX_PSK_KEY_LEN) return PSK_KEY_ERROR;
|
||||
|
||||
/* make psk pre master secret */
|
||||
/* length of key + length 0s + length of key + key */
|
||||
c16toa((word16)ssl->arrays.psk_keySz, pms);
|
||||
c16toa((word16)ssl->arrays->psk_keySz, pms);
|
||||
pms += 2;
|
||||
XMEMSET(pms, 0, ssl->arrays.psk_keySz);
|
||||
pms += ssl->arrays.psk_keySz;
|
||||
c16toa((word16)ssl->arrays.psk_keySz, pms);
|
||||
XMEMSET(pms, 0, ssl->arrays->psk_keySz);
|
||||
pms += ssl->arrays->psk_keySz;
|
||||
c16toa((word16)ssl->arrays->psk_keySz, pms);
|
||||
pms += 2;
|
||||
XMEMCPY(pms, ssl->arrays.psk_key, ssl->arrays.psk_keySz);
|
||||
ssl->arrays.preMasterSz = ssl->arrays.psk_keySz * 2 + 4;
|
||||
XMEMCPY(pms, ssl->arrays->psk_key, ssl->arrays->psk_keySz);
|
||||
ssl->arrays->preMasterSz = ssl->arrays->psk_keySz * 2 + 4;
|
||||
|
||||
ret = MakeMasterSecret(ssl);
|
||||
#endif /* NO_PSK */
|
||||
@ -7087,7 +7116,7 @@ int SetCipherList(Suites* s, const char* list)
|
||||
} else if (ssl->specs.kea == ntru_kea) {
|
||||
word32 rc;
|
||||
word16 cipherLen;
|
||||
word16 plainLen = sizeof(ssl->arrays.preMasterSecret);
|
||||
word16 plainLen = sizeof(ssl->arrays->preMasterSecret);
|
||||
byte* tmp;
|
||||
|
||||
if (!ssl->buffers.key.buffer)
|
||||
@ -7101,13 +7130,13 @@ int SetCipherList(Suites* s, const char* list)
|
||||
tmp = input + *inOutIdx;
|
||||
rc = crypto_ntru_decrypt((word16)ssl->buffers.key.length,
|
||||
ssl->buffers.key.buffer, cipherLen, tmp, &plainLen,
|
||||
ssl->arrays.preMasterSecret);
|
||||
ssl->arrays->preMasterSecret);
|
||||
|
||||
if (rc != NTRU_OK || plainLen != SECRET_LEN)
|
||||
return NTRU_DECRYPT_ERROR;
|
||||
*inOutIdx += cipherLen;
|
||||
|
||||
ssl->arrays.preMasterSz = plainLen;
|
||||
ssl->arrays->preMasterSz = plainLen;
|
||||
ret = MakeMasterSecret(ssl);
|
||||
#endif /* HAVE_NTRU */
|
||||
#ifdef HAVE_ECC
|
||||
@ -7122,7 +7151,7 @@ int SetCipherList(Suites* s, const char* list)
|
||||
*inOutIdx += bLength;
|
||||
ssl->peerEccKeyPresent = 1;
|
||||
|
||||
size = sizeof(ssl->arrays.preMasterSecret);
|
||||
size = sizeof(ssl->arrays->preMasterSecret);
|
||||
if (ssl->specs.static_ecdh) {
|
||||
ecc_key staticKey;
|
||||
word32 i = 0;
|
||||
@ -7132,15 +7161,15 @@ int SetCipherList(Suites* s, const char* list)
|
||||
&staticKey, ssl->buffers.key.length);
|
||||
if (ret == 0)
|
||||
ret = ecc_shared_secret(&staticKey, &ssl->peerEccKey,
|
||||
ssl->arrays.preMasterSecret, &size);
|
||||
ssl->arrays->preMasterSecret, &size);
|
||||
ecc_free(&staticKey);
|
||||
}
|
||||
else
|
||||
ret = ecc_shared_secret(&ssl->eccTempKey, &ssl->peerEccKey,
|
||||
ssl->arrays.preMasterSecret, &size);
|
||||
ssl->arrays->preMasterSecret, &size);
|
||||
if (ret != 0)
|
||||
return ECC_SHARED_ERROR;
|
||||
ssl->arrays.preMasterSz = size;
|
||||
ssl->arrays->preMasterSz = size;
|
||||
ret = MakeMasterSecret(ssl);
|
||||
#endif /* HAVE_ECC */
|
||||
#ifdef OPENSSL_EXTRA
|
||||
@ -7161,8 +7190,8 @@ int SetCipherList(Suites* s, const char* list)
|
||||
ssl->buffers.serverDH_G.buffer,
|
||||
ssl->buffers.serverDH_G.length);
|
||||
if (ret == 0)
|
||||
ret = DhAgree(&dhKey, ssl->arrays.preMasterSecret,
|
||||
&ssl->arrays.preMasterSz,
|
||||
ret = DhAgree(&dhKey, ssl->arrays->preMasterSecret,
|
||||
&ssl->arrays->preMasterSz,
|
||||
ssl->buffers.serverDH_Priv.buffer,
|
||||
ssl->buffers.serverDH_Priv.length,
|
||||
clientPub, clientPubSz);
|
||||
|
||||
32
src/keys.c
32
src/keys.c
@ -1121,7 +1121,7 @@ int DeriveKeys(CYASSL* ssl)
|
||||
InitMd5(&md5);
|
||||
InitSha(&sha);
|
||||
|
||||
XMEMCPY(md5Input, ssl->arrays.masterSecret, SECRET_LEN);
|
||||
XMEMCPY(md5Input, ssl->arrays->masterSecret, SECRET_LEN);
|
||||
|
||||
for (i = 0; i < rounds; ++i) {
|
||||
int j = i + 1;
|
||||
@ -1131,11 +1131,11 @@ int DeriveKeys(CYASSL* ssl)
|
||||
return PREFIX_ERROR;
|
||||
}
|
||||
|
||||
XMEMCPY(shaInput + idx, ssl->arrays.masterSecret, SECRET_LEN);
|
||||
XMEMCPY(shaInput + idx, ssl->arrays->masterSecret, SECRET_LEN);
|
||||
idx += SECRET_LEN;
|
||||
XMEMCPY(shaInput + idx, ssl->arrays.serverRandom, RAN_LEN);
|
||||
XMEMCPY(shaInput + idx, ssl->arrays->serverRandom, RAN_LEN);
|
||||
idx += RAN_LEN;
|
||||
XMEMCPY(shaInput + idx, ssl->arrays.clientRandom, RAN_LEN);
|
||||
XMEMCPY(shaInput + idx, ssl->arrays->clientRandom, RAN_LEN);
|
||||
|
||||
ShaUpdate(&sha, shaInput, sizeof(shaInput) - KEY_PREFIX + j);
|
||||
ShaFinal(&sha, shaOutput);
|
||||
@ -1151,15 +1151,15 @@ int DeriveKeys(CYASSL* ssl)
|
||||
|
||||
static void CleanPreMaster(CYASSL* ssl)
|
||||
{
|
||||
int i, sz = ssl->arrays.preMasterSz;
|
||||
int i, sz = ssl->arrays->preMasterSz;
|
||||
|
||||
for (i = 0; i < sz; i++)
|
||||
ssl->arrays.preMasterSecret[i] = 0;
|
||||
ssl->arrays->preMasterSecret[i] = 0;
|
||||
|
||||
RNG_GenerateBlock(ssl->rng, ssl->arrays.preMasterSecret, sz);
|
||||
RNG_GenerateBlock(ssl->rng, ssl->arrays->preMasterSecret, sz);
|
||||
|
||||
for (i = 0; i < sz; i++)
|
||||
ssl->arrays.preMasterSecret[i] = 0;
|
||||
ssl->arrays->preMasterSecret[i] = 0;
|
||||
|
||||
}
|
||||
|
||||
@ -1172,7 +1172,7 @@ static int MakeSslMasterSecret(CYASSL* ssl)
|
||||
byte shaInput[PREFIX + ENCRYPT_LEN + 2 * RAN_LEN];
|
||||
int i, ret;
|
||||
word32 idx;
|
||||
word32 pmsSz = ssl->arrays.preMasterSz;
|
||||
word32 pmsSz = ssl->arrays->preMasterSz;
|
||||
|
||||
Md5 md5;
|
||||
Sha sha;
|
||||
@ -1182,7 +1182,7 @@ static int MakeSslMasterSecret(CYASSL* ssl)
|
||||
int j;
|
||||
printf("pre master secret: ");
|
||||
for (j = 0; j < pmsSz; j++)
|
||||
printf("%02x", ssl->arrays.preMasterSecret[j]);
|
||||
printf("%02x", ssl->arrays->preMasterSecret[j]);
|
||||
printf("\n");
|
||||
}
|
||||
#endif
|
||||
@ -1190,7 +1190,7 @@ static int MakeSslMasterSecret(CYASSL* ssl)
|
||||
InitMd5(&md5);
|
||||
InitSha(&sha);
|
||||
|
||||
XMEMCPY(md5Input, ssl->arrays.preMasterSecret, pmsSz);
|
||||
XMEMCPY(md5Input, ssl->arrays->preMasterSecret, pmsSz);
|
||||
|
||||
for (i = 0; i < MASTER_ROUNDS; ++i) {
|
||||
byte prefix[PREFIX];
|
||||
@ -1202,11 +1202,11 @@ static int MakeSslMasterSecret(CYASSL* ssl)
|
||||
XMEMCPY(shaInput, prefix, i + 1);
|
||||
idx += i + 1;
|
||||
|
||||
XMEMCPY(shaInput + idx, ssl->arrays.preMasterSecret, pmsSz);
|
||||
XMEMCPY(shaInput + idx, ssl->arrays->preMasterSecret, pmsSz);
|
||||
idx += pmsSz;
|
||||
XMEMCPY(shaInput + idx, ssl->arrays.clientRandom, RAN_LEN);
|
||||
XMEMCPY(shaInput + idx, ssl->arrays->clientRandom, RAN_LEN);
|
||||
idx += RAN_LEN;
|
||||
XMEMCPY(shaInput + idx, ssl->arrays.serverRandom, RAN_LEN);
|
||||
XMEMCPY(shaInput + idx, ssl->arrays->serverRandom, RAN_LEN);
|
||||
idx += RAN_LEN;
|
||||
ShaUpdate(&sha, shaInput, idx);
|
||||
ShaFinal(&sha, shaOutput);
|
||||
@ -1215,7 +1215,7 @@ static int MakeSslMasterSecret(CYASSL* ssl)
|
||||
XMEMCPY(md5Input + idx, shaOutput, SHA_DIGEST_SIZE);
|
||||
idx += SHA_DIGEST_SIZE;
|
||||
Md5Update(&md5, md5Input, idx);
|
||||
Md5Final(&md5, &ssl->arrays.masterSecret[i * MD5_DIGEST_SIZE]);
|
||||
Md5Final(&md5, &ssl->arrays->masterSecret[i * MD5_DIGEST_SIZE]);
|
||||
}
|
||||
|
||||
#ifdef SHOW_SECRETS
|
||||
@ -1223,7 +1223,7 @@ static int MakeSslMasterSecret(CYASSL* ssl)
|
||||
int i;
|
||||
printf("master secret: ");
|
||||
for (i = 0; i < SECRET_LEN; i++)
|
||||
printf("%02x", ssl->arrays.masterSecret[i]);
|
||||
printf("%02x", ssl->arrays->masterSecret[i]);
|
||||
printf("\n");
|
||||
}
|
||||
#endif
|
||||
|
||||
61
src/ssl.c
61
src/ssl.c
@ -414,6 +414,24 @@ void CyaSSL_ERR_error_string_n(unsigned long e, char* buf, unsigned long len)
|
||||
}
|
||||
|
||||
|
||||
/* don't free temporary arrays at end of handshake */
|
||||
void CyaSSL_KeepArrays(CYASSL* ssl)
|
||||
{
|
||||
if (ssl)
|
||||
ssl->options.saveArrays = 1;
|
||||
}
|
||||
|
||||
|
||||
/* user doesn't need temporary arrays anymore, Free */
|
||||
void CyaSSL_FreeArrays(CYASSL* ssl)
|
||||
{
|
||||
if (ssl && ssl->options.handShakeState == HANDSHAKE_DONE) {
|
||||
ssl->options.saveArrays = 0;
|
||||
FreeArrays(ssl, 1);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
CYASSL_CERT_MANAGER* CyaSSL_CertManagerNew(void)
|
||||
{
|
||||
CYASSL_CERT_MANAGER* cm = NULL;
|
||||
@ -2764,7 +2782,7 @@ int CyaSSL_CTX_set_timeout(CYASSL_CTX* ctx, unsigned int to)
|
||||
CYASSL_SESSION* GetSession(CYASSL* ssl, byte* masterSecret)
|
||||
{
|
||||
CYASSL_SESSION* ret = 0;
|
||||
const byte* id = ssl->arrays.sessionID;
|
||||
const byte* id = NULL;
|
||||
word32 row;
|
||||
int idx;
|
||||
|
||||
@ -2774,6 +2792,11 @@ CYASSL_SESSION* GetSession(CYASSL* ssl, byte* masterSecret)
|
||||
if (ssl->options.haveSessionId == 0)
|
||||
return NULL;
|
||||
|
||||
if (ssl->arrays)
|
||||
id = ssl->arrays->sessionID;
|
||||
else
|
||||
id = ssl->session.sessionID;
|
||||
|
||||
row = HashSession(id) % SESSION_ROWS;
|
||||
|
||||
if (LockMutex(&session_mutex) != 0)
|
||||
@ -2838,7 +2861,7 @@ int AddSession(CYASSL* ssl)
|
||||
if (ssl->options.haveSessionId == 0)
|
||||
return 0;
|
||||
|
||||
row = HashSession(ssl->arrays.sessionID) % SESSION_ROWS;
|
||||
row = HashSession(ssl->arrays->sessionID) % SESSION_ROWS;
|
||||
|
||||
if (LockMutex(&session_mutex) != 0)
|
||||
return BAD_MUTEX_ERROR;
|
||||
@ -2846,8 +2869,8 @@ int AddSession(CYASSL* ssl)
|
||||
idx = SessionCache[row].nextIdx++;
|
||||
|
||||
XMEMCPY(SessionCache[row].Sessions[idx].masterSecret,
|
||||
ssl->arrays.masterSecret, SECRET_LEN);
|
||||
XMEMCPY(SessionCache[row].Sessions[idx].sessionID, ssl->arrays.sessionID,
|
||||
ssl->arrays->masterSecret, SECRET_LEN);
|
||||
XMEMCPY(SessionCache[row].Sessions[idx].sessionID, ssl->arrays->sessionID,
|
||||
ID_LEN);
|
||||
|
||||
SessionCache[row].Sessions[idx].timeout = ssl->timeout;
|
||||
@ -3249,14 +3272,22 @@ int CyaSSL_set_compression(CYASSL* ssl)
|
||||
const char* CyaSSL_get_psk_identity_hint(const CYASSL* ssl)
|
||||
{
|
||||
CYASSL_ENTER("SSL_get_psk_identity_hint");
|
||||
return ssl->arrays.server_hint;
|
||||
|
||||
if (ssl == NULL || ssl->arrays == NULL)
|
||||
return NULL;
|
||||
|
||||
return ssl->arrays->server_hint;
|
||||
}
|
||||
|
||||
|
||||
const char* CyaSSL_get_psk_identity(const CYASSL* ssl)
|
||||
{
|
||||
CYASSL_ENTER("SSL_get_psk_identity");
|
||||
return ssl->arrays.client_identity;
|
||||
|
||||
if (ssl == NULL || ssl->arrays == NULL)
|
||||
return NULL;
|
||||
|
||||
return ssl->arrays->client_identity;
|
||||
}
|
||||
|
||||
|
||||
@ -3276,11 +3307,15 @@ int CyaSSL_set_compression(CYASSL* ssl)
|
||||
int CyaSSL_use_psk_identity_hint(CYASSL* ssl, const char* hint)
|
||||
{
|
||||
CYASSL_ENTER("SSL_use_psk_identity_hint");
|
||||
|
||||
if (ssl == NULL || ssl->arrays == NULL)
|
||||
return SSL_FAILURE;
|
||||
|
||||
if (hint == 0)
|
||||
ssl->arrays.server_hint[0] = 0;
|
||||
ssl->arrays->server_hint[0] = 0;
|
||||
else {
|
||||
XSTRNCPY(ssl->arrays.server_hint, hint, MAX_PSK_ID_LEN);
|
||||
ssl->arrays.server_hint[MAX_PSK_ID_LEN - 1] = '\0';
|
||||
XSTRNCPY(ssl->arrays->server_hint, hint, MAX_PSK_ID_LEN);
|
||||
ssl->arrays->server_hint[MAX_PSK_ID_LEN - 1] = '\0';
|
||||
}
|
||||
return SSL_SUCCESS;
|
||||
}
|
||||
@ -3440,12 +3475,12 @@ int CyaSSL_set_compression(CYASSL* ssl)
|
||||
unsigned char** sr, unsigned int* srLen,
|
||||
unsigned char** cr, unsigned int* crLen)
|
||||
{
|
||||
if (ssl == NULL)
|
||||
if (ssl == NULL || ssl->arrays == NULL)
|
||||
return -1;
|
||||
|
||||
*ms = ssl->arrays.masterSecret;
|
||||
*sr = ssl->arrays.serverRandom;
|
||||
*cr = ssl->arrays.clientRandom;
|
||||
*ms = ssl->arrays->masterSecret;
|
||||
*sr = ssl->arrays->serverRandom;
|
||||
*cr = ssl->arrays->clientRandom;
|
||||
|
||||
*msLen = SECRET_LEN;
|
||||
*srLen = RAN_LEN;
|
||||
|
||||
18
src/tls.c
18
src/tls.c
@ -214,7 +214,7 @@ void BuildTlsFinished(CYASSL* ssl, Hashes* hashes, const byte* sender)
|
||||
else
|
||||
side = tls_server;
|
||||
|
||||
PRF(hashes->md5, TLS_FINISHED_SZ, ssl->arrays.masterSecret, SECRET_LEN,
|
||||
PRF(hashes->md5, TLS_FINISHED_SZ, ssl->arrays->masterSecret, SECRET_LEN,
|
||||
side, FINISHED_LABEL_SZ, handshake_hash, hashSz, IsAtLeastTLSv1_2(ssl),
|
||||
ssl->specs.mac_algorithm);
|
||||
}
|
||||
@ -262,10 +262,10 @@ int DeriveTlsKeys(CYASSL* ssl)
|
||||
byte seed[SEED_LEN];
|
||||
byte key_data[MAX_PRF_DIG];
|
||||
|
||||
XMEMCPY(seed, ssl->arrays.serverRandom, RAN_LEN);
|
||||
XMEMCPY(&seed[RAN_LEN], ssl->arrays.clientRandom, RAN_LEN);
|
||||
XMEMCPY(seed, ssl->arrays->serverRandom, RAN_LEN);
|
||||
XMEMCPY(&seed[RAN_LEN], ssl->arrays->clientRandom, RAN_LEN);
|
||||
|
||||
PRF(key_data, length, ssl->arrays.masterSecret, SECRET_LEN, key_label,
|
||||
PRF(key_data, length, ssl->arrays->masterSecret, SECRET_LEN, key_label,
|
||||
KEY_LABEL_SZ, seed, SEED_LEN, IsAtLeastTLSv1_2(ssl),
|
||||
ssl->specs.mac_algorithm);
|
||||
|
||||
@ -277,11 +277,11 @@ int MakeTlsMasterSecret(CYASSL* ssl)
|
||||
{
|
||||
byte seed[SEED_LEN];
|
||||
|
||||
XMEMCPY(seed, ssl->arrays.clientRandom, RAN_LEN);
|
||||
XMEMCPY(&seed[RAN_LEN], ssl->arrays.serverRandom, RAN_LEN);
|
||||
XMEMCPY(seed, ssl->arrays->clientRandom, RAN_LEN);
|
||||
XMEMCPY(&seed[RAN_LEN], ssl->arrays->serverRandom, RAN_LEN);
|
||||
|
||||
PRF(ssl->arrays.masterSecret, SECRET_LEN,
|
||||
ssl->arrays.preMasterSecret, ssl->arrays.preMasterSz,
|
||||
PRF(ssl->arrays->masterSecret, SECRET_LEN,
|
||||
ssl->arrays->preMasterSecret, ssl->arrays->preMasterSz,
|
||||
master_label, MASTER_LABEL_SZ,
|
||||
seed, SEED_LEN, IsAtLeastTLSv1_2(ssl), ssl->specs.mac_algorithm);
|
||||
|
||||
@ -290,7 +290,7 @@ int MakeTlsMasterSecret(CYASSL* ssl)
|
||||
int i;
|
||||
printf("master secret: ");
|
||||
for (i = 0; i < SECRET_LEN; i++)
|
||||
printf("%02x", ssl->arrays.masterSecret[i]);
|
||||
printf("%02x", ssl->arrays->masterSecret[i]);
|
||||
printf("\n");
|
||||
}
|
||||
#endif
|
||||
|
||||
Loading…
Reference in New Issue
Block a user