diff --git a/cyassl/ctaocrypt/types.h b/cyassl/ctaocrypt/types.h index 4a5f66694..2c72046d8 100644 --- a/cyassl/ctaocrypt/types.h +++ b/cyassl/ctaocrypt/types.h @@ -218,7 +218,8 @@ enum { DYNAMIC_TYPE_ALTNAME = 29, DYNAMIC_TYPE_SUITES = 30, DYNAMIC_TYPE_CIPHER = 31, - DYNAMIC_TYPE_RNG = 32 + DYNAMIC_TYPE_RNG = 32, + DYNAMIC_TYPE_ARRAYS = 33 }; /* stack protection */ diff --git a/cyassl/internal.h b/cyassl/internal.h index 6b8284e0c..29092bc99 100644 --- a/cyassl/internal.h +++ b/cyassl/internal.h @@ -1145,6 +1145,8 @@ typedef struct Options { byte quietShutdown; /* don't send close notify */ byte certOnly; /* stop once we get cert */ byte groupMessages; /* group handshake messages */ + byte saveArrays; /* save array Memory for user get keys + or psk */ #ifndef NO_PSK byte havePSK; /* psk key set by user */ psk_client_callback client_psk_cb; @@ -1239,7 +1241,7 @@ struct CYASSL { Hashes certHashes; /* for cert verify */ Buffers buffers; Options options; - Arrays arrays; + Arrays* arrays; CYASSL_SESSION session; VerifyCallback verifyCallback; /* cert verification callback */ RsaKey peerRsaKey; @@ -1454,6 +1456,8 @@ CYASSL_LOCAL void ShrinkOutputBuffer(CYASSL* ssl); CYASSL_LOCAL Signer* GetCA(void* cm, byte* hash); CYASSL_LOCAL void BuildTlsFinished(CYASSL* ssl, Hashes* hashes, const byte* sender); +CYASSL_LOCAL void FreeArrays(CYASSL* ssl, int keep); + #ifndef NO_TLS CYASSL_LOCAL int MakeTlsMasterSecret(CYASSL*); CYASSL_LOCAL void TLS_hmac(CYASSL* ssl, byte* digest, const byte* buffer, diff --git a/cyassl/ssl.h b/cyassl/ssl.h index e58c0c3a4..a3ae10061 100644 --- a/cyassl/ssl.h +++ b/cyassl/ssl.h @@ -719,6 +719,7 @@ CYASSL_API int CyaSSL_CTX_SetTmpEC_DHE_Sz(CYASSL_CTX*, unsigned short); #endif /* keyblock size in bytes or -1 */ +/* need to call CyaSSL_KeepArrays before handshake to save keys */ CYASSL_API int CyaSSL_get_keyblock_size(CYASSL*); CYASSL_API int CyaSSL_get_keys(CYASSL*,unsigned char** ms, unsigned int* msLen, unsigned char** sr, unsigned int* srLen, @@ -817,6 +818,13 @@ CYASSL_API int CyaSSL_CTX_DisableCRL(CYASSL_CTX* ctx); CYASSL_API int CyaSSL_CTX_LoadCRL(CYASSL_CTX*, const char*, int, int); CYASSL_API int CyaSSL_CTX_SetCRL_Cb(CYASSL_CTX*, CbMissingCRL); +/* end of handshake frees temporary arrays, if user needs for get_keys or + psk hints, call KeepArrays before handshake and then FreeArrays when done + if don't want to wait for object free */ +CYASSL_API void CyaSSL_KeepArrays(CYASSL*); +CYASSL_API void CyaSSL_FreeArrays(CYASSL*); + + #define CYASSL_CRL_MONITOR 0x01 /* monitor this dir flag */ #define CYASSL_CRL_START_MON 0x02 /* start monitoring flag */ diff --git a/src/internal.c b/src/internal.c index 0f47f0be8..8a4b76b16 100644 --- a/src/internal.c +++ b/src/internal.c @@ -980,7 +980,6 @@ int InitSSL(CYASSL* ssl, CYASSL_CTX* ctx) ssl->keys.dtls_epoch = 0; ssl->keys.dtls_peer_epoch = 0; ssl->keys.dtls_expected_peer_epoch = 0; - ssl->arrays.cookieSz = 0; #endif ssl->keys.encryptionOn = 0; /* initially off */ ssl->keys.decryptedCur = 0; /* initially off */ @@ -1003,6 +1002,7 @@ int InitSSL(CYASSL* ssl, CYASSL_CTX* ctx) ssl->options.quietShutdown = ctx->quietShutdown; ssl->options.certOnly = 0; ssl->options.groupMessages = ctx->groupMessages; + ssl->options.saveArrays = 0; /* ctx still owns certificate, certChain, key, dh, and cm */ ssl->buffers.certificate = ctx->certificate; @@ -1044,17 +1044,8 @@ int InitSSL(CYASSL* ssl, CYASSL_CTX* ctx) ssl->toInfoOn = 0; #endif -#ifndef NO_PSK - ssl->arrays.client_identity[0] = 0; - if (ctx->server_hint[0]) { /* set in CTX */ - XSTRNCPY(ssl->arrays.server_hint, ctx->server_hint, MAX_PSK_ID_LEN); - ssl->arrays.server_hint[MAX_PSK_ID_LEN - 1] = '\0'; - } - else - ssl->arrays.server_hint[0] = 0; -#endif /* NO_PSK */ - - ssl->rng = NULL; + ssl->rng = NULL; + ssl->arrays = NULL; InitCiphers(ssl); /* all done with init, now can return errors, call other stuff */ @@ -1066,6 +1057,27 @@ int InitSSL(CYASSL* ssl, CYASSL_CTX* ctx) ctx->refCount++; UnLockMutex(&ctx->countMutex); + ssl->arrays = (Arrays*)XMALLOC(sizeof(Arrays), ssl->heap, + DYNAMIC_TYPE_ARRAYS); + if (ssl->arrays == NULL) { + CYASSL_MSG("Arrays Memory error"); + return MEMORY_E; + } + +#ifndef NO_PSK + ssl->arrays->client_identity[0] = 0; + if (ctx->server_hint[0]) { /* set in CTX */ + XSTRNCPY(ssl->arrays->server_hint, ctx->server_hint, MAX_PSK_ID_LEN); + ssl->arrays->server_hint[MAX_PSK_ID_LEN - 1] = '\0'; + } + else + ssl->arrays->server_hint[0] = 0; +#endif /* NO_PSK */ + +#ifdef CYASSL_DTLS + ssl->arrays->cookieSz = 0; +#endif + ssl->rng = (RNG*)XMALLOC(sizeof(RNG), ssl->heap, DYNAMIC_TYPE_RNG); if (ssl->rng == NULL) { CYASSL_MSG("RNG Memory error"); @@ -1104,10 +1116,23 @@ int InitSSL(CYASSL* ssl, CYASSL_CTX* ctx) } +/* free use of temporary arrays */ +void FreeArrays(CYASSL* ssl, int keep) +{ + if (ssl->arrays && keep) { + /* keeps session id for user retrieval */ + XMEMCPY(ssl->session.sessionID, ssl->arrays->sessionID, ID_LEN); + } + XFREE(ssl->arrays, ssl->heap, DYNAMIC_TYPE_ARRAYS); + ssl->arrays = NULL; +} + + /* In case holding SSL object in array and don't want to free actual ssl */ void SSL_ResourceFree(CYASSL* ssl) { FreeCiphers(ssl); + FreeArrays(ssl, 0); XFREE(ssl->rng, ssl->heap, DYNAMIC_TYPE_RNG); XFREE(ssl->suites, ssl->heap, DYNAMIC_TYPE_SUITES); XFREE(ssl->buffers.serverDH_Priv.buffer, ssl->heap, DYNAMIC_TYPE_DH); @@ -1170,6 +1195,10 @@ void FreeHandshakeResources(CYASSL* ssl) XFREE(ssl->rng, ssl->heap, DYNAMIC_TYPE_RNG); ssl->rng = NULL; } + + /* arrays */ + if (ssl->options.saveArrays) + FreeArrays(ssl, 1); } @@ -1747,12 +1776,12 @@ static void BuildMD5(CYASSL* ssl, Hashes* hashes, const byte* sender) /* make md5 inner */ Md5Update(&ssl->hashMd5, sender, SIZEOF_SENDER); - Md5Update(&ssl->hashMd5, ssl->arrays.masterSecret, SECRET_LEN); + Md5Update(&ssl->hashMd5, ssl->arrays->masterSecret, SECRET_LEN); Md5Update(&ssl->hashMd5, PAD1, PAD_MD5); Md5Final(&ssl->hashMd5, md5_result); /* make md5 outer */ - Md5Update(&ssl->hashMd5, ssl->arrays.masterSecret, SECRET_LEN); + Md5Update(&ssl->hashMd5, ssl->arrays->masterSecret, SECRET_LEN); Md5Update(&ssl->hashMd5, PAD2, PAD_MD5); Md5Update(&ssl->hashMd5, md5_result, MD5_DIGEST_SIZE); @@ -1767,12 +1796,12 @@ static void BuildSHA(CYASSL* ssl, Hashes* hashes, const byte* sender) /* make sha inner */ ShaUpdate(&ssl->hashSha, sender, SIZEOF_SENDER); - ShaUpdate(&ssl->hashSha, ssl->arrays.masterSecret, SECRET_LEN); + ShaUpdate(&ssl->hashSha, ssl->arrays->masterSecret, SECRET_LEN); ShaUpdate(&ssl->hashSha, PAD1, PAD_SHA); ShaFinal(&ssl->hashSha, sha_result); /* make sha outer */ - ShaUpdate(&ssl->hashSha, ssl->arrays.masterSecret, SECRET_LEN); + ShaUpdate(&ssl->hashSha, ssl->arrays->masterSecret, SECRET_LEN); ShaUpdate(&ssl->hashSha, PAD2, PAD_SHA); ShaUpdate(&ssl->hashSha, sha_result, SHA_DIGEST_SIZE); @@ -3197,12 +3226,12 @@ static void BuildMD5_CertVerify(CYASSL* ssl, byte* digest) byte md5_result[MD5_DIGEST_SIZE]; /* make md5 inner */ - Md5Update(&ssl->hashMd5, ssl->arrays.masterSecret, SECRET_LEN); + Md5Update(&ssl->hashMd5, ssl->arrays->masterSecret, SECRET_LEN); Md5Update(&ssl->hashMd5, PAD1, PAD_MD5); Md5Final(&ssl->hashMd5, md5_result); /* make md5 outer */ - Md5Update(&ssl->hashMd5, ssl->arrays.masterSecret, SECRET_LEN); + Md5Update(&ssl->hashMd5, ssl->arrays->masterSecret, SECRET_LEN); Md5Update(&ssl->hashMd5, PAD2, PAD_MD5); Md5Update(&ssl->hashMd5, md5_result, MD5_DIGEST_SIZE); @@ -3215,12 +3244,12 @@ static void BuildSHA_CertVerify(CYASSL* ssl, byte* digest) byte sha_result[SHA_DIGEST_SIZE]; /* make sha inner */ - ShaUpdate(&ssl->hashSha, ssl->arrays.masterSecret, SECRET_LEN); + ShaUpdate(&ssl->hashSha, ssl->arrays->masterSecret, SECRET_LEN); ShaUpdate(&ssl->hashSha, PAD1, PAD_SHA); ShaFinal(&ssl->hashSha, sha_result); /* make sha outer */ - ShaUpdate(&ssl->hashSha, ssl->arrays.masterSecret, SECRET_LEN); + ShaUpdate(&ssl->hashSha, ssl->arrays->masterSecret, SECRET_LEN); ShaUpdate(&ssl->hashSha, PAD2, PAD_SHA); ShaUpdate(&ssl->hashSha, sha_result, SHA_DIGEST_SIZE); @@ -4701,7 +4730,7 @@ int SetCipherList(Suites* s, const char* list) #ifdef CYASSL_DTLS if (ssl->options.dtls) { length += ENUM_LEN; /* cookie */ - if (ssl->arrays.cookieSz != 0) length += ssl->arrays.cookieSz; + if (ssl->arrays->cookieSz != 0) length += ssl->arrays->cookieSz; sendSz = length + DTLS_HANDSHAKE_HEADER_SZ + DTLS_RECORD_HEADER_SZ; idx += DTLS_HANDSHAKE_EXTRA + DTLS_RECORD_EXTRA; } @@ -4727,11 +4756,11 @@ int SetCipherList(Suites* s, const char* list) RNG_GenerateBlock(ssl->rng, output + idx, RAN_LEN); /* store random */ - XMEMCPY(ssl->arrays.clientRandom, output + idx, RAN_LEN); + XMEMCPY(ssl->arrays->clientRandom, output + idx, RAN_LEN); } else { #ifdef CYASSL_DTLS /* send same random on hello again */ - XMEMCPY(output + idx, ssl->arrays.clientRandom, RAN_LEN); + XMEMCPY(output + idx, ssl->arrays->clientRandom, RAN_LEN); #endif } idx += RAN_LEN; @@ -4746,11 +4775,11 @@ int SetCipherList(Suites* s, const char* list) /* then DTLS cookie */ #ifdef CYASSL_DTLS if (ssl->options.dtls) { - byte cookieSz = ssl->arrays.cookieSz; + byte cookieSz = ssl->arrays->cookieSz; output[idx++] = cookieSz; if (cookieSz) { - XMEMCPY(&output[idx], ssl->arrays.cookie, cookieSz); + XMEMCPY(&output[idx], ssl->arrays->cookie, cookieSz); idx += cookieSz; } } @@ -4826,8 +4855,8 @@ int SetCipherList(Suites* s, const char* list) if (cookieSz) { #ifdef CYASSL_DTLS if (cookieSz < MAX_COOKIE_LEN) { - XMEMCPY(ssl->arrays.cookie, input + *inOutIdx, cookieSz); - ssl->arrays.cookieSz = cookieSz; + XMEMCPY(ssl->arrays->cookie, input + *inOutIdx, cookieSz); + ssl->arrays->cookieSz = cookieSz; } #endif *inOutIdx += cookieSz; @@ -4881,11 +4910,11 @@ int SetCipherList(Suites* s, const char* list) ssl->version.minor = TLSv1_1_MINOR; } } - XMEMCPY(ssl->arrays.serverRandom, input + i, RAN_LEN); + XMEMCPY(ssl->arrays->serverRandom, input + i, RAN_LEN); i += RAN_LEN; b = input[i++]; if (b) { - XMEMCPY(ssl->arrays.sessionID, input + i, min(b, ID_LEN)); + XMEMCPY(ssl->arrays->sessionID, input + i, min(b, ID_LEN)); i += b; ssl->options.haveSessionId = 1; } @@ -4907,12 +4936,12 @@ int SetCipherList(Suites* s, const char* list) *inOutIdx = i; if (ssl->options.resuming) { - if (ssl->options.haveSessionId && XMEMCMP(ssl->arrays.sessionID, + if (ssl->options.haveSessionId && XMEMCMP(ssl->arrays->sessionID, ssl->session.sessionID, ID_LEN) == 0) { if (SetCipherSpecs(ssl) == 0) { int ret; - XMEMCPY(ssl->arrays.masterSecret, ssl->session.masterSecret, - SECRET_LEN); + XMEMCPY(ssl->arrays->masterSecret, + ssl->session.masterSecret, SECRET_LEN); if (ssl->options.tls) ret = DeriveTlsKeys(ssl); else @@ -5007,12 +5036,12 @@ int SetCipherList(Suites* s, const char* list) word16 pskLen = 0; ato16(&input[*inOutIdx], &pskLen); *inOutIdx += LENGTH_SZ; - XMEMCPY(ssl->arrays.server_hint, &input[*inOutIdx], + XMEMCPY(ssl->arrays->server_hint, &input[*inOutIdx], min(pskLen, MAX_PSK_ID_LEN)); if (pskLen < MAX_PSK_ID_LEN) - ssl->arrays.server_hint[pskLen] = 0; + ssl->arrays->server_hint[pskLen] = 0; else - ssl->arrays.server_hint[MAX_PSK_ID_LEN - 1] = 0; + ssl->arrays->server_hint[MAX_PSK_ID_LEN - 1] = 0; *inOutIdx += pskLen; return 0; @@ -5122,15 +5151,15 @@ int SetCipherList(Suites* s, const char* list) /* md5 */ InitMd5(&md5); - Md5Update(&md5, ssl->arrays.clientRandom, RAN_LEN); - Md5Update(&md5, ssl->arrays.serverRandom, RAN_LEN); + Md5Update(&md5, ssl->arrays->clientRandom, RAN_LEN); + Md5Update(&md5, ssl->arrays->serverRandom, RAN_LEN); Md5Update(&md5, messageVerify, verifySz); Md5Final(&md5, hash); /* sha */ InitSha(&sha); - ShaUpdate(&sha, ssl->arrays.clientRandom, RAN_LEN); - ShaUpdate(&sha, ssl->arrays.serverRandom, RAN_LEN); + ShaUpdate(&sha, ssl->arrays->clientRandom, RAN_LEN); + ShaUpdate(&sha, ssl->arrays->serverRandom, RAN_LEN); ShaUpdate(&sha, messageVerify, verifySz); ShaFinal(&sha, &hash[MD5_DIGEST_SIZE]); @@ -5203,16 +5232,16 @@ int SetCipherList(Suites* s, const char* list) int ret = 0; if (ssl->specs.kea == rsa_kea) { - RNG_GenerateBlock(ssl->rng, ssl->arrays.preMasterSecret, + RNG_GenerateBlock(ssl->rng, ssl->arrays->preMasterSecret, SECRET_LEN); - ssl->arrays.preMasterSecret[0] = ssl->chVersion.major; - ssl->arrays.preMasterSecret[1] = ssl->chVersion.minor; - ssl->arrays.preMasterSz = SECRET_LEN; + ssl->arrays->preMasterSecret[0] = ssl->chVersion.major; + ssl->arrays->preMasterSecret[1] = ssl->chVersion.minor; + ssl->arrays->preMasterSz = SECRET_LEN; if (ssl->peerRsaKeyPresent == 0) return NO_PEER_KEY; - ret = RsaPublicEncrypt(ssl->arrays.preMasterSecret, SECRET_LEN, + ret = RsaPublicEncrypt(ssl->arrays->preMasterSecret, SECRET_LEN, encSecret, sizeof(encSecret), &ssl->peerRsaKey, ssl->rng); if (ret > 0) { @@ -5240,35 +5269,35 @@ int SetCipherList(Suites* s, const char* list) ret = DhGenerateKeyPair(&key, ssl->rng, priv, &privSz, encSecret, &encSz); if (ret == 0) - ret = DhAgree(&key, ssl->arrays.preMasterSecret, - &ssl->arrays.preMasterSz, priv, privSz, + ret = DhAgree(&key, ssl->arrays->preMasterSecret, + &ssl->arrays->preMasterSz, priv, privSz, serverPub.buffer, serverPub.length); FreeDhKey(&key); #endif /* OPENSSL_EXTRA */ #ifndef NO_PSK } else if (ssl->specs.kea == psk_kea) { - byte* pms = ssl->arrays.preMasterSecret; + byte* pms = ssl->arrays->preMasterSecret; - ssl->arrays.psk_keySz = ssl->options.client_psk_cb(ssl, - ssl->arrays.server_hint, ssl->arrays.client_identity, - MAX_PSK_ID_LEN, ssl->arrays.psk_key, MAX_PSK_KEY_LEN); - if (ssl->arrays.psk_keySz == 0 || - ssl->arrays.psk_keySz > MAX_PSK_KEY_LEN) + ssl->arrays->psk_keySz = ssl->options.client_psk_cb(ssl, + ssl->arrays->server_hint, ssl->arrays->client_identity, + MAX_PSK_ID_LEN, ssl->arrays->psk_key, MAX_PSK_KEY_LEN); + if (ssl->arrays->psk_keySz == 0 || + ssl->arrays->psk_keySz > MAX_PSK_KEY_LEN) return PSK_KEY_ERROR; - encSz = (word32)XSTRLEN(ssl->arrays.client_identity); + encSz = (word32)XSTRLEN(ssl->arrays->client_identity); if (encSz > MAX_PSK_ID_LEN) return CLIENT_ID_ERROR; - XMEMCPY(encSecret, ssl->arrays.client_identity, encSz); + XMEMCPY(encSecret, ssl->arrays->client_identity, encSz); /* make psk pre master secret */ /* length of key + length 0s + length of key + key */ - c16toa((word16)ssl->arrays.psk_keySz, pms); + c16toa((word16)ssl->arrays->psk_keySz, pms); pms += 2; - XMEMSET(pms, 0, ssl->arrays.psk_keySz); - pms += ssl->arrays.psk_keySz; - c16toa((word16)ssl->arrays.psk_keySz, pms); + XMEMSET(pms, 0, ssl->arrays->psk_keySz); + pms += ssl->arrays->psk_keySz; + c16toa((word16)ssl->arrays->psk_keySz, pms); pms += 2; - XMEMCPY(pms, ssl->arrays.psk_key, ssl->arrays.psk_keySz); - ssl->arrays.preMasterSz = ssl->arrays.psk_keySz * 2 + 4; + XMEMCPY(pms, ssl->arrays->psk_key, ssl->arrays->psk_keySz); + ssl->arrays->preMasterSz = ssl->arrays->psk_keySz * 2 + 4; #endif /* NO_PSK */ #ifdef HAVE_NTRU } else if (ssl->specs.kea == ntru_kea) { @@ -5279,9 +5308,9 @@ int SetCipherList(Suites* s, const char* list) 'C', 'y', 'a', 'S', 'S', 'L', ' ', 'N', 'T', 'R', 'U' }; - RNG_GenerateBlock(ssl->rng, ssl->arrays.preMasterSecret, + RNG_GenerateBlock(ssl->rng, ssl->arrays->preMasterSecret, SECRET_LEN); - ssl->arrays.preMasterSz = SECRET_LEN; + ssl->arrays->preMasterSz = SECRET_LEN; if (ssl->peerNtruKeyPresent == 0) return NO_PEER_KEY; @@ -5292,8 +5321,8 @@ int SetCipherList(Suites* s, const char* list) return NTRU_DRBG_ERROR; rc = crypto_ntru_encrypt(drbg, ssl->peerNtruKeyLen,ssl->peerNtruKey, - ssl->arrays.preMasterSz, - ssl->arrays.preMasterSecret, + ssl->arrays->preMasterSz, + ssl->arrays->preMasterSecret, &cipherLen, encSecret); crypto_drbg_uninstantiate(drbg); if (rc != NTRU_OK) @@ -5333,14 +5362,14 @@ int SetCipherList(Suites* s, const char* list) if (ret != 0) ret = ECC_EXPORT_ERROR; else { - size = sizeof(ssl->arrays.preMasterSecret); + size = sizeof(ssl->arrays->preMasterSecret); ret = ecc_shared_secret(&myKey, peerKey, - ssl->arrays.preMasterSecret, &size); + ssl->arrays->preMasterSecret, &size); if (ret != 0) ret = ECC_SHARED_ERROR; } - ssl->arrays.preMasterSz = size; + ssl->arrays->preMasterSz = size; ecc_free(&myKey); #endif /* HAVE_ECC */ } else @@ -5593,8 +5622,8 @@ int SetCipherList(Suites* s, const char* list) /* then random */ if (!ssl->options.resuming) - RNG_GenerateBlock(ssl->rng, ssl->arrays.serverRandom, RAN_LEN); - XMEMCPY(output + idx, ssl->arrays.serverRandom, RAN_LEN); + RNG_GenerateBlock(ssl->rng, ssl->arrays->serverRandom, RAN_LEN); + XMEMCPY(output + idx, ssl->arrays->serverRandom, RAN_LEN); idx += RAN_LEN; #ifdef SHOW_SECRETS @@ -5602,15 +5631,15 @@ int SetCipherList(Suites* s, const char* list) int j; printf("server random: "); for (j = 0; j < RAN_LEN; j++) - printf("%02x", ssl->arrays.serverRandom[j]); + printf("%02x", ssl->arrays->serverRandom[j]); printf("\n"); } #endif /* then session id */ output[idx++] = ID_LEN; if (!ssl->options.resuming) - RNG_GenerateBlock(ssl->rng, ssl->arrays.sessionID, ID_LEN); - XMEMCPY(output + idx, ssl->arrays.sessionID, ID_LEN); + RNG_GenerateBlock(ssl->rng, ssl->arrays->sessionID, ID_LEN); + XMEMCPY(output + idx, ssl->arrays->sessionID, ID_LEN); idx += ID_LEN; /* then cipher suite */ @@ -5685,10 +5714,10 @@ int SetCipherList(Suites* s, const char* list) byte *output; word32 length, idx = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ; int sendSz; - if (ssl->arrays.server_hint[0] == 0) return 0; /* don't send */ + if (ssl->arrays->server_hint[0] == 0) return 0; /* don't send */ /* include size part */ - length = (word32)XSTRLEN(ssl->arrays.server_hint); + length = (word32)XSTRLEN(ssl->arrays->server_hint); if (length > MAX_PSK_ID_LEN) return SERVER_HINT_ERROR; length += HINT_LEN_SZ; sendSz = length + HANDSHAKE_HEADER_SZ + RECORD_HEADER_SZ; @@ -5712,7 +5741,7 @@ int SetCipherList(Suites* s, const char* list) /* key data */ c16toa((word16)(length - HINT_LEN_SZ), output + idx); idx += HINT_LEN_SZ; - XMEMCPY(output + idx, ssl->arrays.server_hint, length -HINT_LEN_SZ); + XMEMCPY(output + idx, ssl->arrays->server_hint,length -HINT_LEN_SZ); HashOutput(ssl, output, sendSz, 0); @@ -5846,15 +5875,15 @@ int SetCipherList(Suites* s, const char* list) /* md5 */ InitMd5(&md5); - Md5Update(&md5, ssl->arrays.clientRandom, RAN_LEN); - Md5Update(&md5, ssl->arrays.serverRandom, RAN_LEN); + Md5Update(&md5, ssl->arrays->clientRandom, RAN_LEN); + Md5Update(&md5, ssl->arrays->serverRandom, RAN_LEN); Md5Update(&md5, output + preSigIdx, preSigSz); Md5Final(&md5, hash); /* sha */ InitSha(&sha); - ShaUpdate(&sha, ssl->arrays.clientRandom, RAN_LEN); - ShaUpdate(&sha, ssl->arrays.serverRandom, RAN_LEN); + ShaUpdate(&sha, ssl->arrays->clientRandom, RAN_LEN); + ShaUpdate(&sha, ssl->arrays->serverRandom, RAN_LEN); ShaUpdate(&sha, output + preSigIdx, preSigSz); ShaFinal(&sha, &hash[MD5_DIGEST_SIZE]); @@ -6048,15 +6077,15 @@ int SetCipherList(Suites* s, const char* list) /* md5 */ InitMd5(&md5); - Md5Update(&md5, ssl->arrays.clientRandom, RAN_LEN); - Md5Update(&md5, ssl->arrays.serverRandom, RAN_LEN); + Md5Update(&md5, ssl->arrays->clientRandom, RAN_LEN); + Md5Update(&md5, ssl->arrays->serverRandom, RAN_LEN); Md5Update(&md5, output + preSigIdx, preSigSz); Md5Final(&md5, hash); /* sha */ InitSha(&sha); - ShaUpdate(&sha, ssl->arrays.clientRandom, RAN_LEN); - ShaUpdate(&sha, ssl->arrays.serverRandom, RAN_LEN); + ShaUpdate(&sha, ssl->arrays->clientRandom, RAN_LEN); + ShaUpdate(&sha, ssl->arrays->serverRandom, RAN_LEN); ShaUpdate(&sha, output + preSigIdx, preSigSz); ShaFinal(&sha, &hash[MD5_DIGEST_SIZE]); @@ -6628,15 +6657,15 @@ int SetCipherList(Suites* s, const char* list) /* session id */ if (sessionSz) { - XMEMCPY(ssl->arrays.sessionID, input + idx, sessionSz); + XMEMCPY(ssl->arrays->sessionID, input + idx, sessionSz); idx += sessionSz; ssl->options.resuming = 1; } /* random */ if (randomSz < RAN_LEN) - XMEMSET(ssl->arrays.clientRandom, 0, RAN_LEN - randomSz); - XMEMCPY(&ssl->arrays.clientRandom[RAN_LEN - randomSz], input + idx, + XMEMSET(ssl->arrays->clientRandom, 0, RAN_LEN - randomSz); + XMEMCPY(&ssl->arrays->clientRandom[RAN_LEN - randomSz], input + idx, randomSz); idx += randomSz; @@ -6650,7 +6679,7 @@ int SetCipherList(Suites* s, const char* list) /* DoClientHello uses same resume code */ while (ssl->options.resuming) { /* let's try */ int ret; - CYASSL_SESSION* session = GetSession(ssl, ssl->arrays.masterSecret); + CYASSL_SESSION* session = GetSession(ssl,ssl->arrays->masterSecret); if (!session) { ssl->options.resuming = 0; break; /* session lookup failed */ @@ -6660,7 +6689,7 @@ int SetCipherList(Suites* s, const char* list) return UNSUPPORTED_SUITE; } - RNG_GenerateBlock(ssl->rng, ssl->arrays.serverRandom, RAN_LEN); + RNG_GenerateBlock(ssl->rng, ssl->arrays->serverRandom, RAN_LEN); if (ssl->options.tls) ret = DeriveTlsKeys(ssl); else @@ -6725,7 +6754,7 @@ int SetCipherList(Suites* s, const char* list) ssl->options.haveStaticECC, ssl->options.side); } /* random */ - XMEMCPY(ssl->arrays.clientRandom, input + i, RAN_LEN); + XMEMCPY(ssl->arrays->clientRandom, input + i, RAN_LEN); i += RAN_LEN; #ifdef SHOW_SECRETS @@ -6733,7 +6762,7 @@ int SetCipherList(Suites* s, const char* list) int j; printf("client random: "); for (j = 0; j < RAN_LEN; j++) - printf("%02x", ssl->arrays.clientRandom[j]); + printf("%02x", ssl->arrays->clientRandom[j]); printf("\n"); } #endif @@ -6742,7 +6771,7 @@ int SetCipherList(Suites* s, const char* list) if (b) { if (i + ID_LEN > totalSz) return INCOMPLETE_DATA; - XMEMCPY(ssl->arrays.sessionID, input + i, ID_LEN); + XMEMCPY(ssl->arrays->sessionID, input + i, ID_LEN); i += b; ssl->options.resuming= 1; /* client wants to resume */ CYASSL_MSG("Client wants to resume session"); @@ -6811,7 +6840,7 @@ int SetCipherList(Suites* s, const char* list) /* ProcessOld uses same resume code */ while (ssl->options.resuming) { /* let's try */ int ret; - CYASSL_SESSION* session = GetSession(ssl, ssl->arrays.masterSecret); + CYASSL_SESSION* session = GetSession(ssl,ssl->arrays->masterSecret); if (!session) { ssl->options.resuming = 0; CYASSL_MSG("Session lookup for resume failed"); @@ -6822,7 +6851,7 @@ int SetCipherList(Suites* s, const char* list) return UNSUPPORTED_SUITE; } - RNG_GenerateBlock(ssl->rng, ssl->arrays.serverRandom, RAN_LEN); + RNG_GenerateBlock(ssl->rng, ssl->arrays->serverRandom, RAN_LEN); if (ssl->options.tls) ret = DeriveTlsKeys(ssl); else @@ -7028,7 +7057,7 @@ int SetCipherList(Suites* s, const char* list) if (ret == 0) { length = RsaEncryptSize(&key); - ssl->arrays.preMasterSz = SECRET_LEN; + ssl->arrays->preMasterSz = SECRET_LEN; if (ssl->options.tls) (*inOutIdx) += 2; @@ -7037,10 +7066,10 @@ int SetCipherList(Suites* s, const char* list) if (RsaPrivateDecryptInline(tmp, length, &out, &key) == SECRET_LEN) { - XMEMCPY(ssl->arrays.preMasterSecret, out, SECRET_LEN); - if (ssl->arrays.preMasterSecret[0] != ssl->chVersion.major + XMEMCPY(ssl->arrays->preMasterSecret, out, SECRET_LEN); + if (ssl->arrays->preMasterSecret[0] != ssl->chVersion.major || - ssl->arrays.preMasterSecret[1] != ssl->chVersion.minor) + ssl->arrays->preMasterSecret[1] != ssl->chVersion.minor) ret = PMS_VERSION_ERROR; else @@ -7053,33 +7082,33 @@ int SetCipherList(Suites* s, const char* list) FreeRsaKey(&key); #ifndef NO_PSK } else if (ssl->specs.kea == psk_kea) { - byte* pms = ssl->arrays.preMasterSecret; + byte* pms = ssl->arrays->preMasterSecret; word16 ci_sz; ato16(&input[*inOutIdx], &ci_sz); *inOutIdx += LENGTH_SZ; if (ci_sz > MAX_PSK_ID_LEN) return CLIENT_ID_ERROR; - XMEMCPY(ssl->arrays.client_identity, &input[*inOutIdx], ci_sz); + XMEMCPY(ssl->arrays->client_identity, &input[*inOutIdx], ci_sz); *inOutIdx += ci_sz; - ssl->arrays.client_identity[ci_sz] = 0; + ssl->arrays->client_identity[ci_sz] = 0; - ssl->arrays.psk_keySz = ssl->options.server_psk_cb(ssl, - ssl->arrays.client_identity, ssl->arrays.psk_key, + ssl->arrays->psk_keySz = ssl->options.server_psk_cb(ssl, + ssl->arrays->client_identity, ssl->arrays->psk_key, MAX_PSK_KEY_LEN); - if (ssl->arrays.psk_keySz == 0 || - ssl->arrays.psk_keySz > MAX_PSK_KEY_LEN) return PSK_KEY_ERROR; + if (ssl->arrays->psk_keySz == 0 || + ssl->arrays->psk_keySz > MAX_PSK_KEY_LEN) return PSK_KEY_ERROR; /* make psk pre master secret */ /* length of key + length 0s + length of key + key */ - c16toa((word16)ssl->arrays.psk_keySz, pms); + c16toa((word16)ssl->arrays->psk_keySz, pms); pms += 2; - XMEMSET(pms, 0, ssl->arrays.psk_keySz); - pms += ssl->arrays.psk_keySz; - c16toa((word16)ssl->arrays.psk_keySz, pms); + XMEMSET(pms, 0, ssl->arrays->psk_keySz); + pms += ssl->arrays->psk_keySz; + c16toa((word16)ssl->arrays->psk_keySz, pms); pms += 2; - XMEMCPY(pms, ssl->arrays.psk_key, ssl->arrays.psk_keySz); - ssl->arrays.preMasterSz = ssl->arrays.psk_keySz * 2 + 4; + XMEMCPY(pms, ssl->arrays->psk_key, ssl->arrays->psk_keySz); + ssl->arrays->preMasterSz = ssl->arrays->psk_keySz * 2 + 4; ret = MakeMasterSecret(ssl); #endif /* NO_PSK */ @@ -7087,7 +7116,7 @@ int SetCipherList(Suites* s, const char* list) } else if (ssl->specs.kea == ntru_kea) { word32 rc; word16 cipherLen; - word16 plainLen = sizeof(ssl->arrays.preMasterSecret); + word16 plainLen = sizeof(ssl->arrays->preMasterSecret); byte* tmp; if (!ssl->buffers.key.buffer) @@ -7101,13 +7130,13 @@ int SetCipherList(Suites* s, const char* list) tmp = input + *inOutIdx; rc = crypto_ntru_decrypt((word16)ssl->buffers.key.length, ssl->buffers.key.buffer, cipherLen, tmp, &plainLen, - ssl->arrays.preMasterSecret); + ssl->arrays->preMasterSecret); if (rc != NTRU_OK || plainLen != SECRET_LEN) return NTRU_DECRYPT_ERROR; *inOutIdx += cipherLen; - ssl->arrays.preMasterSz = plainLen; + ssl->arrays->preMasterSz = plainLen; ret = MakeMasterSecret(ssl); #endif /* HAVE_NTRU */ #ifdef HAVE_ECC @@ -7122,7 +7151,7 @@ int SetCipherList(Suites* s, const char* list) *inOutIdx += bLength; ssl->peerEccKeyPresent = 1; - size = sizeof(ssl->arrays.preMasterSecret); + size = sizeof(ssl->arrays->preMasterSecret); if (ssl->specs.static_ecdh) { ecc_key staticKey; word32 i = 0; @@ -7132,15 +7161,15 @@ int SetCipherList(Suites* s, const char* list) &staticKey, ssl->buffers.key.length); if (ret == 0) ret = ecc_shared_secret(&staticKey, &ssl->peerEccKey, - ssl->arrays.preMasterSecret, &size); + ssl->arrays->preMasterSecret, &size); ecc_free(&staticKey); } else ret = ecc_shared_secret(&ssl->eccTempKey, &ssl->peerEccKey, - ssl->arrays.preMasterSecret, &size); + ssl->arrays->preMasterSecret, &size); if (ret != 0) return ECC_SHARED_ERROR; - ssl->arrays.preMasterSz = size; + ssl->arrays->preMasterSz = size; ret = MakeMasterSecret(ssl); #endif /* HAVE_ECC */ #ifdef OPENSSL_EXTRA @@ -7161,8 +7190,8 @@ int SetCipherList(Suites* s, const char* list) ssl->buffers.serverDH_G.buffer, ssl->buffers.serverDH_G.length); if (ret == 0) - ret = DhAgree(&dhKey, ssl->arrays.preMasterSecret, - &ssl->arrays.preMasterSz, + ret = DhAgree(&dhKey, ssl->arrays->preMasterSecret, + &ssl->arrays->preMasterSz, ssl->buffers.serverDH_Priv.buffer, ssl->buffers.serverDH_Priv.length, clientPub, clientPubSz); diff --git a/src/keys.c b/src/keys.c index cfab8c685..889739d8d 100644 --- a/src/keys.c +++ b/src/keys.c @@ -1121,7 +1121,7 @@ int DeriveKeys(CYASSL* ssl) InitMd5(&md5); InitSha(&sha); - XMEMCPY(md5Input, ssl->arrays.masterSecret, SECRET_LEN); + XMEMCPY(md5Input, ssl->arrays->masterSecret, SECRET_LEN); for (i = 0; i < rounds; ++i) { int j = i + 1; @@ -1131,11 +1131,11 @@ int DeriveKeys(CYASSL* ssl) return PREFIX_ERROR; } - XMEMCPY(shaInput + idx, ssl->arrays.masterSecret, SECRET_LEN); + XMEMCPY(shaInput + idx, ssl->arrays->masterSecret, SECRET_LEN); idx += SECRET_LEN; - XMEMCPY(shaInput + idx, ssl->arrays.serverRandom, RAN_LEN); + XMEMCPY(shaInput + idx, ssl->arrays->serverRandom, RAN_LEN); idx += RAN_LEN; - XMEMCPY(shaInput + idx, ssl->arrays.clientRandom, RAN_LEN); + XMEMCPY(shaInput + idx, ssl->arrays->clientRandom, RAN_LEN); ShaUpdate(&sha, shaInput, sizeof(shaInput) - KEY_PREFIX + j); ShaFinal(&sha, shaOutput); @@ -1151,15 +1151,15 @@ int DeriveKeys(CYASSL* ssl) static void CleanPreMaster(CYASSL* ssl) { - int i, sz = ssl->arrays.preMasterSz; + int i, sz = ssl->arrays->preMasterSz; for (i = 0; i < sz; i++) - ssl->arrays.preMasterSecret[i] = 0; + ssl->arrays->preMasterSecret[i] = 0; - RNG_GenerateBlock(ssl->rng, ssl->arrays.preMasterSecret, sz); + RNG_GenerateBlock(ssl->rng, ssl->arrays->preMasterSecret, sz); for (i = 0; i < sz; i++) - ssl->arrays.preMasterSecret[i] = 0; + ssl->arrays->preMasterSecret[i] = 0; } @@ -1172,7 +1172,7 @@ static int MakeSslMasterSecret(CYASSL* ssl) byte shaInput[PREFIX + ENCRYPT_LEN + 2 * RAN_LEN]; int i, ret; word32 idx; - word32 pmsSz = ssl->arrays.preMasterSz; + word32 pmsSz = ssl->arrays->preMasterSz; Md5 md5; Sha sha; @@ -1182,7 +1182,7 @@ static int MakeSslMasterSecret(CYASSL* ssl) int j; printf("pre master secret: "); for (j = 0; j < pmsSz; j++) - printf("%02x", ssl->arrays.preMasterSecret[j]); + printf("%02x", ssl->arrays->preMasterSecret[j]); printf("\n"); } #endif @@ -1190,7 +1190,7 @@ static int MakeSslMasterSecret(CYASSL* ssl) InitMd5(&md5); InitSha(&sha); - XMEMCPY(md5Input, ssl->arrays.preMasterSecret, pmsSz); + XMEMCPY(md5Input, ssl->arrays->preMasterSecret, pmsSz); for (i = 0; i < MASTER_ROUNDS; ++i) { byte prefix[PREFIX]; @@ -1202,11 +1202,11 @@ static int MakeSslMasterSecret(CYASSL* ssl) XMEMCPY(shaInput, prefix, i + 1); idx += i + 1; - XMEMCPY(shaInput + idx, ssl->arrays.preMasterSecret, pmsSz); + XMEMCPY(shaInput + idx, ssl->arrays->preMasterSecret, pmsSz); idx += pmsSz; - XMEMCPY(shaInput + idx, ssl->arrays.clientRandom, RAN_LEN); + XMEMCPY(shaInput + idx, ssl->arrays->clientRandom, RAN_LEN); idx += RAN_LEN; - XMEMCPY(shaInput + idx, ssl->arrays.serverRandom, RAN_LEN); + XMEMCPY(shaInput + idx, ssl->arrays->serverRandom, RAN_LEN); idx += RAN_LEN; ShaUpdate(&sha, shaInput, idx); ShaFinal(&sha, shaOutput); @@ -1215,7 +1215,7 @@ static int MakeSslMasterSecret(CYASSL* ssl) XMEMCPY(md5Input + idx, shaOutput, SHA_DIGEST_SIZE); idx += SHA_DIGEST_SIZE; Md5Update(&md5, md5Input, idx); - Md5Final(&md5, &ssl->arrays.masterSecret[i * MD5_DIGEST_SIZE]); + Md5Final(&md5, &ssl->arrays->masterSecret[i * MD5_DIGEST_SIZE]); } #ifdef SHOW_SECRETS @@ -1223,7 +1223,7 @@ static int MakeSslMasterSecret(CYASSL* ssl) int i; printf("master secret: "); for (i = 0; i < SECRET_LEN; i++) - printf("%02x", ssl->arrays.masterSecret[i]); + printf("%02x", ssl->arrays->masterSecret[i]); printf("\n"); } #endif diff --git a/src/ssl.c b/src/ssl.c index a283b8ec8..e12ffb6e7 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -414,6 +414,24 @@ void CyaSSL_ERR_error_string_n(unsigned long e, char* buf, unsigned long len) } +/* don't free temporary arrays at end of handshake */ +void CyaSSL_KeepArrays(CYASSL* ssl) +{ + if (ssl) + ssl->options.saveArrays = 1; +} + + +/* user doesn't need temporary arrays anymore, Free */ +void CyaSSL_FreeArrays(CYASSL* ssl) +{ + if (ssl && ssl->options.handShakeState == HANDSHAKE_DONE) { + ssl->options.saveArrays = 0; + FreeArrays(ssl, 1); + } +} + + CYASSL_CERT_MANAGER* CyaSSL_CertManagerNew(void) { CYASSL_CERT_MANAGER* cm = NULL; @@ -2764,7 +2782,7 @@ int CyaSSL_CTX_set_timeout(CYASSL_CTX* ctx, unsigned int to) CYASSL_SESSION* GetSession(CYASSL* ssl, byte* masterSecret) { CYASSL_SESSION* ret = 0; - const byte* id = ssl->arrays.sessionID; + const byte* id = NULL; word32 row; int idx; @@ -2774,6 +2792,11 @@ CYASSL_SESSION* GetSession(CYASSL* ssl, byte* masterSecret) if (ssl->options.haveSessionId == 0) return NULL; + if (ssl->arrays) + id = ssl->arrays->sessionID; + else + id = ssl->session.sessionID; + row = HashSession(id) % SESSION_ROWS; if (LockMutex(&session_mutex) != 0) @@ -2838,7 +2861,7 @@ int AddSession(CYASSL* ssl) if (ssl->options.haveSessionId == 0) return 0; - row = HashSession(ssl->arrays.sessionID) % SESSION_ROWS; + row = HashSession(ssl->arrays->sessionID) % SESSION_ROWS; if (LockMutex(&session_mutex) != 0) return BAD_MUTEX_ERROR; @@ -2846,8 +2869,8 @@ int AddSession(CYASSL* ssl) idx = SessionCache[row].nextIdx++; XMEMCPY(SessionCache[row].Sessions[idx].masterSecret, - ssl->arrays.masterSecret, SECRET_LEN); - XMEMCPY(SessionCache[row].Sessions[idx].sessionID, ssl->arrays.sessionID, + ssl->arrays->masterSecret, SECRET_LEN); + XMEMCPY(SessionCache[row].Sessions[idx].sessionID, ssl->arrays->sessionID, ID_LEN); SessionCache[row].Sessions[idx].timeout = ssl->timeout; @@ -3249,14 +3272,22 @@ int CyaSSL_set_compression(CYASSL* ssl) const char* CyaSSL_get_psk_identity_hint(const CYASSL* ssl) { CYASSL_ENTER("SSL_get_psk_identity_hint"); - return ssl->arrays.server_hint; + + if (ssl == NULL || ssl->arrays == NULL) + return NULL; + + return ssl->arrays->server_hint; } const char* CyaSSL_get_psk_identity(const CYASSL* ssl) { CYASSL_ENTER("SSL_get_psk_identity"); - return ssl->arrays.client_identity; + + if (ssl == NULL || ssl->arrays == NULL) + return NULL; + + return ssl->arrays->client_identity; } @@ -3276,11 +3307,15 @@ int CyaSSL_set_compression(CYASSL* ssl) int CyaSSL_use_psk_identity_hint(CYASSL* ssl, const char* hint) { CYASSL_ENTER("SSL_use_psk_identity_hint"); + + if (ssl == NULL || ssl->arrays == NULL) + return SSL_FAILURE; + if (hint == 0) - ssl->arrays.server_hint[0] = 0; + ssl->arrays->server_hint[0] = 0; else { - XSTRNCPY(ssl->arrays.server_hint, hint, MAX_PSK_ID_LEN); - ssl->arrays.server_hint[MAX_PSK_ID_LEN - 1] = '\0'; + XSTRNCPY(ssl->arrays->server_hint, hint, MAX_PSK_ID_LEN); + ssl->arrays->server_hint[MAX_PSK_ID_LEN - 1] = '\0'; } return SSL_SUCCESS; } @@ -3440,12 +3475,12 @@ int CyaSSL_set_compression(CYASSL* ssl) unsigned char** sr, unsigned int* srLen, unsigned char** cr, unsigned int* crLen) { - if (ssl == NULL) + if (ssl == NULL || ssl->arrays == NULL) return -1; - *ms = ssl->arrays.masterSecret; - *sr = ssl->arrays.serverRandom; - *cr = ssl->arrays.clientRandom; + *ms = ssl->arrays->masterSecret; + *sr = ssl->arrays->serverRandom; + *cr = ssl->arrays->clientRandom; *msLen = SECRET_LEN; *srLen = RAN_LEN; diff --git a/src/tls.c b/src/tls.c index 4904a9157..d2d30e2ad 100644 --- a/src/tls.c +++ b/src/tls.c @@ -214,7 +214,7 @@ void BuildTlsFinished(CYASSL* ssl, Hashes* hashes, const byte* sender) else side = tls_server; - PRF(hashes->md5, TLS_FINISHED_SZ, ssl->arrays.masterSecret, SECRET_LEN, + PRF(hashes->md5, TLS_FINISHED_SZ, ssl->arrays->masterSecret, SECRET_LEN, side, FINISHED_LABEL_SZ, handshake_hash, hashSz, IsAtLeastTLSv1_2(ssl), ssl->specs.mac_algorithm); } @@ -262,10 +262,10 @@ int DeriveTlsKeys(CYASSL* ssl) byte seed[SEED_LEN]; byte key_data[MAX_PRF_DIG]; - XMEMCPY(seed, ssl->arrays.serverRandom, RAN_LEN); - XMEMCPY(&seed[RAN_LEN], ssl->arrays.clientRandom, RAN_LEN); + XMEMCPY(seed, ssl->arrays->serverRandom, RAN_LEN); + XMEMCPY(&seed[RAN_LEN], ssl->arrays->clientRandom, RAN_LEN); - PRF(key_data, length, ssl->arrays.masterSecret, SECRET_LEN, key_label, + PRF(key_data, length, ssl->arrays->masterSecret, SECRET_LEN, key_label, KEY_LABEL_SZ, seed, SEED_LEN, IsAtLeastTLSv1_2(ssl), ssl->specs.mac_algorithm); @@ -277,11 +277,11 @@ int MakeTlsMasterSecret(CYASSL* ssl) { byte seed[SEED_LEN]; - XMEMCPY(seed, ssl->arrays.clientRandom, RAN_LEN); - XMEMCPY(&seed[RAN_LEN], ssl->arrays.serverRandom, RAN_LEN); + XMEMCPY(seed, ssl->arrays->clientRandom, RAN_LEN); + XMEMCPY(&seed[RAN_LEN], ssl->arrays->serverRandom, RAN_LEN); - PRF(ssl->arrays.masterSecret, SECRET_LEN, - ssl->arrays.preMasterSecret, ssl->arrays.preMasterSz, + PRF(ssl->arrays->masterSecret, SECRET_LEN, + ssl->arrays->preMasterSecret, ssl->arrays->preMasterSz, master_label, MASTER_LABEL_SZ, seed, SEED_LEN, IsAtLeastTLSv1_2(ssl), ssl->specs.mac_algorithm); @@ -290,7 +290,7 @@ int MakeTlsMasterSecret(CYASSL* ssl) int i; printf("master secret: "); for (i = 0; i < SECRET_LEN; i++) - printf("%02x", ssl->arrays.masterSecret[i]); + printf("%02x", ssl->arrays->masterSecret[i]); printf("\n"); } #endif