mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

make arrays temporary, freed at end of handshake unless user calls KeepArrays for get_keys or psk hints

Browse Source
This commit is contained in:
toddouska 2012-09-14 15:22:51 -07:00
parent 8c32a5a2ed
commit 66bbb44f44
7 changed files with 236 additions and 159 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
cyassl/ctaocrypt/types.h
View File

@ -218,7 +218,8 @@ enum {
DYNAMIC_TYPE_ALTNAME = 29, DYNAMIC_TYPE_ALTNAME = 29,
DYNAMIC_TYPE_SUITES = 30, DYNAMIC_TYPE_SUITES = 30,
DYNAMIC_TYPE_CIPHER = 31, DYNAMIC_TYPE_CIPHER = 31,
DYNAMIC_TYPE_RNG = 32 DYNAMIC_TYPE_RNG = 32,
DYNAMIC_TYPE_ARRAYS = 33
}; };
/* stack protection */ /* stack protection */

6
cyassl/internal.h
View File

@ -1145,6 +1145,8 @@ typedef struct Options {
byte quietShutdown; /* don't send close notify */ byte quietShutdown; /* don't send close notify */
byte certOnly; /* stop once we get cert */ byte certOnly; /* stop once we get cert */
byte groupMessages; /* group handshake messages */ byte groupMessages; /* group handshake messages */
byte saveArrays; /* save array Memory for user get keys
or psk */
#ifndef NO_PSK #ifndef NO_PSK
byte havePSK; /* psk key set by user */ byte havePSK; /* psk key set by user */
psk_client_callback client_psk_cb; psk_client_callback client_psk_cb;
@ -1239,7 +1241,7 @@ struct CYASSL {
Hashes certHashes; /* for cert verify */ Hashes certHashes; /* for cert verify */
Buffers buffers; Buffers buffers;
Options options; Options options;
Arrays arrays; Arrays* arrays;
CYASSL_SESSION session; CYASSL_SESSION session;
VerifyCallback verifyCallback; /* cert verification callback */ VerifyCallback verifyCallback; /* cert verification callback */
RsaKey peerRsaKey; RsaKey peerRsaKey;
@ -1454,6 +1456,8 @@ CYASSL_LOCAL void ShrinkOutputBuffer(CYASSL* ssl);
CYASSL_LOCAL Signer* GetCA(void* cm, byte* hash); CYASSL_LOCAL Signer* GetCA(void* cm, byte* hash);
CYASSL_LOCAL void BuildTlsFinished(CYASSL* ssl, Hashes* hashes, CYASSL_LOCAL void BuildTlsFinished(CYASSL* ssl, Hashes* hashes,
const byte* sender); const byte* sender);
CYASSL_LOCAL void FreeArrays(CYASSL* ssl, int keep);
#ifndef NO_TLS #ifndef NO_TLS
CYASSL_LOCAL int MakeTlsMasterSecret(CYASSL*); CYASSL_LOCAL int MakeTlsMasterSecret(CYASSL*);
CYASSL_LOCAL void TLS_hmac(CYASSL* ssl, byte* digest, const byte* buffer, CYASSL_LOCAL void TLS_hmac(CYASSL* ssl, byte* digest, const byte* buffer,

8
cyassl/ssl.h
View File

@ -719,6 +719,7 @@ CYASSL_API int CyaSSL_CTX_SetTmpEC_DHE_Sz(CYASSL_CTX*, unsigned short);
#endif #endif
/* keyblock size in bytes or -1 */ /* keyblock size in bytes or -1 */
/* need to call CyaSSL_KeepArrays before handshake to save keys */
CYASSL_API int CyaSSL_get_keyblock_size(CYASSL*); CYASSL_API int CyaSSL_get_keyblock_size(CYASSL*);
CYASSL_API int CyaSSL_get_keys(CYASSL*,unsigned char** ms, unsigned int* msLen, CYASSL_API int CyaSSL_get_keys(CYASSL*,unsigned char** ms, unsigned int* msLen,
unsigned char** sr, unsigned int* srLen, unsigned char** sr, unsigned int* srLen,
@ -817,6 +818,13 @@ CYASSL_API int CyaSSL_CTX_DisableCRL(CYASSL_CTX* ctx);
CYASSL_API int CyaSSL_CTX_LoadCRL(CYASSL_CTX*, const char*, int, int); CYASSL_API int CyaSSL_CTX_LoadCRL(CYASSL_CTX*, const char*, int, int);
CYASSL_API int CyaSSL_CTX_SetCRL_Cb(CYASSL_CTX*, CbMissingCRL); CYASSL_API int CyaSSL_CTX_SetCRL_Cb(CYASSL_CTX*, CbMissingCRL);
/* end of handshake frees temporary arrays, if user needs for get_keys or
psk hints, call KeepArrays before handshake and then FreeArrays when done
if don't want to wait for object free */
CYASSL_API void CyaSSL_KeepArrays(CYASSL*);
CYASSL_API void CyaSSL_FreeArrays(CYASSL*);
#define CYASSL_CRL_MONITOR 0x01 /* monitor this dir flag */ #define CYASSL_CRL_MONITOR 0x01 /* monitor this dir flag */
#define CYASSL_CRL_START_MON 0x02 /* start monitoring flag */ #define CYASSL_CRL_START_MON 0x02 /* start monitoring flag */

265
src/internal.c
View File

@ -980,7 +980,6 @@ int InitSSL(CYASSL* ssl, CYASSL_CTX* ctx)
ssl->keys.dtls_epoch = 0; ssl->keys.dtls_epoch = 0;
ssl->keys.dtls_peer_epoch = 0; ssl->keys.dtls_peer_epoch = 0;
ssl->keys.dtls_expected_peer_epoch = 0; ssl->keys.dtls_expected_peer_epoch = 0;
ssl->arrays.cookieSz = 0;
#endif #endif
ssl->keys.encryptionOn = 0; /* initially off */ ssl->keys.encryptionOn = 0; /* initially off */
ssl->keys.decryptedCur = 0; /* initially off */ ssl->keys.decryptedCur = 0; /* initially off */
@ -1003,6 +1002,7 @@ int InitSSL(CYASSL* ssl, CYASSL_CTX* ctx)
ssl->options.quietShutdown = ctx->quietShutdown; ssl->options.quietShutdown = ctx->quietShutdown;
ssl->options.certOnly = 0; ssl->options.certOnly = 0;
ssl->options.groupMessages = ctx->groupMessages; ssl->options.groupMessages = ctx->groupMessages;
ssl->options.saveArrays = 0;
/* ctx still owns certificate, certChain, key, dh, and cm */ /* ctx still owns certificate, certChain, key, dh, and cm */
ssl->buffers.certificate = ctx->certificate; ssl->buffers.certificate = ctx->certificate;
@ -1044,17 +1044,8 @@ int InitSSL(CYASSL* ssl, CYASSL_CTX* ctx)
ssl->toInfoOn = 0; ssl->toInfoOn = 0;
#endif #endif
#ifndef NO_PSK
ssl->arrays.client_identity[0] = 0;
if (ctx->server_hint[0]) { /* set in CTX */
XSTRNCPY(ssl->arrays.server_hint, ctx->server_hint, MAX_PSK_ID_LEN);
ssl->arrays.server_hint[MAX_PSK_ID_LEN - 1] = '\0';
}
else
ssl->arrays.server_hint[0] = 0;
#endif /* NO_PSK */
ssl->rng = NULL; ssl->rng = NULL;
ssl->arrays = NULL;
InitCiphers(ssl); InitCiphers(ssl);
/* all done with init, now can return errors, call other stuff */ /* all done with init, now can return errors, call other stuff */
@ -1066,6 +1057,27 @@ int InitSSL(CYASSL* ssl, CYASSL_CTX* ctx)
ctx->refCount++; ctx->refCount++;
UnLockMutex(&ctx->countMutex); UnLockMutex(&ctx->countMutex);
ssl->arrays = (Arrays*)XMALLOC(sizeof(Arrays), ssl->heap,
DYNAMIC_TYPE_ARRAYS);
if (ssl->arrays == NULL) {
CYASSL_MSG("Arrays Memory error");
return MEMORY_E;
}
#ifndef NO_PSK
ssl->arrays->client_identity[0] = 0;
if (ctx->server_hint[0]) { /* set in CTX */
XSTRNCPY(ssl->arrays->server_hint, ctx->server_hint, MAX_PSK_ID_LEN);
ssl->arrays->server_hint[MAX_PSK_ID_LEN - 1] = '\0';
}
else
ssl->arrays->server_hint[0] = 0;
#endif /* NO_PSK */
#ifdef CYASSL_DTLS
ssl->arrays->cookieSz = 0;
#endif
ssl->rng = (RNG*)XMALLOC(sizeof(RNG), ssl->heap, DYNAMIC_TYPE_RNG); ssl->rng = (RNG*)XMALLOC(sizeof(RNG), ssl->heap, DYNAMIC_TYPE_RNG);
if (ssl->rng == NULL) { if (ssl->rng == NULL) {
CYASSL_MSG("RNG Memory error"); CYASSL_MSG("RNG Memory error");
@ -1104,10 +1116,23 @@ int InitSSL(CYASSL* ssl, CYASSL_CTX* ctx)
} }
/* free use of temporary arrays */
void FreeArrays(CYASSL* ssl, int keep)
{
if (ssl->arrays && keep) {
/* keeps session id for user retrieval */
XMEMCPY(ssl->session.sessionID, ssl->arrays->sessionID, ID_LEN);
}
XFREE(ssl->arrays, ssl->heap, DYNAMIC_TYPE_ARRAYS);
ssl->arrays = NULL;
}
/* In case holding SSL object in array and don't want to free actual ssl */ /* In case holding SSL object in array and don't want to free actual ssl */
void SSL_ResourceFree(CYASSL* ssl) void SSL_ResourceFree(CYASSL* ssl)
{ {
FreeCiphers(ssl); FreeCiphers(ssl);
FreeArrays(ssl, 0);
XFREE(ssl->rng, ssl->heap, DYNAMIC_TYPE_RNG); XFREE(ssl->rng, ssl->heap, DYNAMIC_TYPE_RNG);
XFREE(ssl->suites, ssl->heap, DYNAMIC_TYPE_SUITES); XFREE(ssl->suites, ssl->heap, DYNAMIC_TYPE_SUITES);
XFREE(ssl->buffers.serverDH_Priv.buffer, ssl->heap, DYNAMIC_TYPE_DH); XFREE(ssl->buffers.serverDH_Priv.buffer, ssl->heap, DYNAMIC_TYPE_DH);
@ -1170,6 +1195,10 @@ void FreeHandshakeResources(CYASSL* ssl)
XFREE(ssl->rng, ssl->heap, DYNAMIC_TYPE_RNG); XFREE(ssl->rng, ssl->heap, DYNAMIC_TYPE_RNG);
ssl->rng = NULL; ssl->rng = NULL;
} }
/* arrays */
if (ssl->options.saveArrays)
FreeArrays(ssl, 1);
} }
@ -1747,12 +1776,12 @@ static void BuildMD5(CYASSL* ssl, Hashes* hashes, const byte* sender)
/* make md5 inner */ /* make md5 inner */
Md5Update(&ssl->hashMd5, sender, SIZEOF_SENDER); Md5Update(&ssl->hashMd5, sender, SIZEOF_SENDER);
Md5Update(&ssl->hashMd5, ssl->arrays.masterSecret, SECRET_LEN); Md5Update(&ssl->hashMd5, ssl->arrays->masterSecret, SECRET_LEN);
Md5Update(&ssl->hashMd5, PAD1, PAD_MD5); Md5Update(&ssl->hashMd5, PAD1, PAD_MD5);
Md5Final(&ssl->hashMd5, md5_result); Md5Final(&ssl->hashMd5, md5_result);
/* make md5 outer */ /* make md5 outer */
Md5Update(&ssl->hashMd5, ssl->arrays.masterSecret, SECRET_LEN); Md5Update(&ssl->hashMd5, ssl->arrays->masterSecret, SECRET_LEN);
Md5Update(&ssl->hashMd5, PAD2, PAD_MD5); Md5Update(&ssl->hashMd5, PAD2, PAD_MD5);
Md5Update(&ssl->hashMd5, md5_result, MD5_DIGEST_SIZE); Md5Update(&ssl->hashMd5, md5_result, MD5_DIGEST_SIZE);
@ -1767,12 +1796,12 @@ static void BuildSHA(CYASSL* ssl, Hashes* hashes, const byte* sender)
/* make sha inner */ /* make sha inner */
ShaUpdate(&ssl->hashSha, sender, SIZEOF_SENDER); ShaUpdate(&ssl->hashSha, sender, SIZEOF_SENDER);
ShaUpdate(&ssl->hashSha, ssl->arrays.masterSecret, SECRET_LEN); ShaUpdate(&ssl->hashSha, ssl->arrays->masterSecret, SECRET_LEN);
ShaUpdate(&ssl->hashSha, PAD1, PAD_SHA); ShaUpdate(&ssl->hashSha, PAD1, PAD_SHA);
ShaFinal(&ssl->hashSha, sha_result); ShaFinal(&ssl->hashSha, sha_result);
/* make sha outer */ /* make sha outer */
ShaUpdate(&ssl->hashSha, ssl->arrays.masterSecret, SECRET_LEN); ShaUpdate(&ssl->hashSha, ssl->arrays->masterSecret, SECRET_LEN);
ShaUpdate(&ssl->hashSha, PAD2, PAD_SHA); ShaUpdate(&ssl->hashSha, PAD2, PAD_SHA);
ShaUpdate(&ssl->hashSha, sha_result, SHA_DIGEST_SIZE); ShaUpdate(&ssl->hashSha, sha_result, SHA_DIGEST_SIZE);
@ -3197,12 +3226,12 @@ static void BuildMD5_CertVerify(CYASSL* ssl, byte* digest)
byte md5_result[MD5_DIGEST_SIZE]; byte md5_result[MD5_DIGEST_SIZE];
/* make md5 inner */ /* make md5 inner */
Md5Update(&ssl->hashMd5, ssl->arrays.masterSecret, SECRET_LEN); Md5Update(&ssl->hashMd5, ssl->arrays->masterSecret, SECRET_LEN);
Md5Update(&ssl->hashMd5, PAD1, PAD_MD5); Md5Update(&ssl->hashMd5, PAD1, PAD_MD5);
Md5Final(&ssl->hashMd5, md5_result); Md5Final(&ssl->hashMd5, md5_result);
/* make md5 outer */ /* make md5 outer */
Md5Update(&ssl->hashMd5, ssl->arrays.masterSecret, SECRET_LEN); Md5Update(&ssl->hashMd5, ssl->arrays->masterSecret, SECRET_LEN);
Md5Update(&ssl->hashMd5, PAD2, PAD_MD5); Md5Update(&ssl->hashMd5, PAD2, PAD_MD5);
Md5Update(&ssl->hashMd5, md5_result, MD5_DIGEST_SIZE); Md5Update(&ssl->hashMd5, md5_result, MD5_DIGEST_SIZE);
@ -3215,12 +3244,12 @@ static void BuildSHA_CertVerify(CYASSL* ssl, byte* digest)
byte sha_result[SHA_DIGEST_SIZE]; byte sha_result[SHA_DIGEST_SIZE];
/* make sha inner */ /* make sha inner */
ShaUpdate(&ssl->hashSha, ssl->arrays.masterSecret, SECRET_LEN); ShaUpdate(&ssl->hashSha, ssl->arrays->masterSecret, SECRET_LEN);
ShaUpdate(&ssl->hashSha, PAD1, PAD_SHA); ShaUpdate(&ssl->hashSha, PAD1, PAD_SHA);
ShaFinal(&ssl->hashSha, sha_result); ShaFinal(&ssl->hashSha, sha_result);
/* make sha outer */ /* make sha outer */
ShaUpdate(&ssl->hashSha, ssl->arrays.masterSecret, SECRET_LEN); ShaUpdate(&ssl->hashSha, ssl->arrays->masterSecret, SECRET_LEN);
ShaUpdate(&ssl->hashSha, PAD2, PAD_SHA); ShaUpdate(&ssl->hashSha, PAD2, PAD_SHA);
ShaUpdate(&ssl->hashSha, sha_result, SHA_DIGEST_SIZE); ShaUpdate(&ssl->hashSha, sha_result, SHA_DIGEST_SIZE);
@ -4701,7 +4730,7 @@ int SetCipherList(Suites* s, const char* list)
#ifdef CYASSL_DTLS #ifdef CYASSL_DTLS
if (ssl->options.dtls) { if (ssl->options.dtls) {
length += ENUM_LEN; /* cookie */ length += ENUM_LEN; /* cookie */
if (ssl->arrays.cookieSz != 0) length += ssl->arrays.cookieSz; if (ssl->arrays->cookieSz != 0) length += ssl->arrays->cookieSz;
sendSz = length + DTLS_HANDSHAKE_HEADER_SZ + DTLS_RECORD_HEADER_SZ; sendSz = length + DTLS_HANDSHAKE_HEADER_SZ + DTLS_RECORD_HEADER_SZ;
idx += DTLS_HANDSHAKE_EXTRA + DTLS_RECORD_EXTRA; idx += DTLS_HANDSHAKE_EXTRA + DTLS_RECORD_EXTRA;
} }
@ -4727,11 +4756,11 @@ int SetCipherList(Suites* s, const char* list)
RNG_GenerateBlock(ssl->rng, output + idx, RAN_LEN); RNG_GenerateBlock(ssl->rng, output + idx, RAN_LEN);
/* store random */ /* store random */
XMEMCPY(ssl->arrays.clientRandom, output + idx, RAN_LEN); XMEMCPY(ssl->arrays->clientRandom, output + idx, RAN_LEN);
} else { } else {
#ifdef CYASSL_DTLS #ifdef CYASSL_DTLS
/* send same random on hello again */ /* send same random on hello again */
XMEMCPY(output + idx, ssl->arrays.clientRandom, RAN_LEN); XMEMCPY(output + idx, ssl->arrays->clientRandom, RAN_LEN);
#endif #endif
} }
idx += RAN_LEN; idx += RAN_LEN;
@ -4746,11 +4775,11 @@ int SetCipherList(Suites* s, const char* list)
/* then DTLS cookie */ /* then DTLS cookie */
#ifdef CYASSL_DTLS #ifdef CYASSL_DTLS
if (ssl->options.dtls) { if (ssl->options.dtls) {
byte cookieSz = ssl->arrays.cookieSz; byte cookieSz = ssl->arrays->cookieSz;
output[idx++] = cookieSz; output[idx++] = cookieSz;
if (cookieSz) { if (cookieSz) {
XMEMCPY(&output[idx], ssl->arrays.cookie, cookieSz); XMEMCPY(&output[idx], ssl->arrays->cookie, cookieSz);
idx += cookieSz; idx += cookieSz;
} }
} }
@ -4826,8 +4855,8 @@ int SetCipherList(Suites* s, const char* list)
if (cookieSz) { if (cookieSz) {
#ifdef CYASSL_DTLS #ifdef CYASSL_DTLS
if (cookieSz < MAX_COOKIE_LEN) { if (cookieSz < MAX_COOKIE_LEN) {
XMEMCPY(ssl->arrays.cookie, input + *inOutIdx, cookieSz); XMEMCPY(ssl->arrays->cookie, input + *inOutIdx, cookieSz);
ssl->arrays.cookieSz = cookieSz; ssl->arrays->cookieSz = cookieSz;
} }
#endif #endif
*inOutIdx += cookieSz; *inOutIdx += cookieSz;
@ -4881,11 +4910,11 @@ int SetCipherList(Suites* s, const char* list)
ssl->version.minor = TLSv1_1_MINOR; ssl->version.minor = TLSv1_1_MINOR;
} }
} }
XMEMCPY(ssl->arrays.serverRandom, input + i, RAN_LEN); XMEMCPY(ssl->arrays->serverRandom, input + i, RAN_LEN);
i += RAN_LEN; i += RAN_LEN;
b = input[i++]; b = input[i++];
if (b) { if (b) {
XMEMCPY(ssl->arrays.sessionID, input + i, min(b, ID_LEN)); XMEMCPY(ssl->arrays->sessionID, input + i, min(b, ID_LEN));
i += b; i += b;
ssl->options.haveSessionId = 1; ssl->options.haveSessionId = 1;
} }
@ -4907,12 +4936,12 @@ int SetCipherList(Suites* s, const char* list)
*inOutIdx = i; *inOutIdx = i;
if (ssl->options.resuming) { if (ssl->options.resuming) {
if (ssl->options.haveSessionId && XMEMCMP(ssl->arrays.sessionID, if (ssl->options.haveSessionId && XMEMCMP(ssl->arrays->sessionID,
ssl->session.sessionID, ID_LEN) == 0) { ssl->session.sessionID, ID_LEN) == 0) {
if (SetCipherSpecs(ssl) == 0) { if (SetCipherSpecs(ssl) == 0) {
int ret; int ret;
XMEMCPY(ssl->arrays.masterSecret, ssl->session.masterSecret, XMEMCPY(ssl->arrays->masterSecret,
SECRET_LEN); ssl->session.masterSecret, SECRET_LEN);
if (ssl->options.tls) if (ssl->options.tls)
ret = DeriveTlsKeys(ssl); ret = DeriveTlsKeys(ssl);
else else
@ -5007,12 +5036,12 @@ int SetCipherList(Suites* s, const char* list)
word16 pskLen = 0; word16 pskLen = 0;
ato16(&input[*inOutIdx], &pskLen); ato16(&input[*inOutIdx], &pskLen);
*inOutIdx += LENGTH_SZ; *inOutIdx += LENGTH_SZ;
XMEMCPY(ssl->arrays.server_hint, &input[*inOutIdx], XMEMCPY(ssl->arrays->server_hint, &input[*inOutIdx],
min(pskLen, MAX_PSK_ID_LEN)); min(pskLen, MAX_PSK_ID_LEN));
if (pskLen < MAX_PSK_ID_LEN) if (pskLen < MAX_PSK_ID_LEN)
ssl->arrays.server_hint[pskLen] = 0; ssl->arrays->server_hint[pskLen] = 0;
else else
ssl->arrays.server_hint[MAX_PSK_ID_LEN - 1] = 0; ssl->arrays->server_hint[MAX_PSK_ID_LEN - 1] = 0;
*inOutIdx += pskLen; *inOutIdx += pskLen;
return 0; return 0;
@ -5122,15 +5151,15 @@ int SetCipherList(Suites* s, const char* list)
/* md5 */ /* md5 */
InitMd5(&md5); InitMd5(&md5);
Md5Update(&md5, ssl->arrays.clientRandom, RAN_LEN); Md5Update(&md5, ssl->arrays->clientRandom, RAN_LEN);
Md5Update(&md5, ssl->arrays.serverRandom, RAN_LEN); Md5Update(&md5, ssl->arrays->serverRandom, RAN_LEN);
Md5Update(&md5, messageVerify, verifySz); Md5Update(&md5, messageVerify, verifySz);
Md5Final(&md5, hash); Md5Final(&md5, hash);
/* sha */ /* sha */
InitSha(&sha); InitSha(&sha);
ShaUpdate(&sha, ssl->arrays.clientRandom, RAN_LEN); ShaUpdate(&sha, ssl->arrays->clientRandom, RAN_LEN);
ShaUpdate(&sha, ssl->arrays.serverRandom, RAN_LEN); ShaUpdate(&sha, ssl->arrays->serverRandom, RAN_LEN);
ShaUpdate(&sha, messageVerify, verifySz); ShaUpdate(&sha, messageVerify, verifySz);
ShaFinal(&sha, &hash[MD5_DIGEST_SIZE]); ShaFinal(&sha, &hash[MD5_DIGEST_SIZE]);
@ -5203,16 +5232,16 @@ int SetCipherList(Suites* s, const char* list)
int ret = 0; int ret = 0;
if (ssl->specs.kea == rsa_kea) { if (ssl->specs.kea == rsa_kea) {
RNG_GenerateBlock(ssl->rng, ssl->arrays.preMasterSecret, RNG_GenerateBlock(ssl->rng, ssl->arrays->preMasterSecret,
SECRET_LEN); SECRET_LEN);
ssl->arrays.preMasterSecret[0] = ssl->chVersion.major; ssl->arrays->preMasterSecret[0] = ssl->chVersion.major;
ssl->arrays.preMasterSecret[1] = ssl->chVersion.minor; ssl->arrays->preMasterSecret[1] = ssl->chVersion.minor;
ssl->arrays.preMasterSz = SECRET_LEN; ssl->arrays->preMasterSz = SECRET_LEN;
if (ssl->peerRsaKeyPresent == 0) if (ssl->peerRsaKeyPresent == 0)
return NO_PEER_KEY; return NO_PEER_KEY;
ret = RsaPublicEncrypt(ssl->arrays.preMasterSecret, SECRET_LEN, ret = RsaPublicEncrypt(ssl->arrays->preMasterSecret, SECRET_LEN,
encSecret, sizeof(encSecret), &ssl->peerRsaKey, encSecret, sizeof(encSecret), &ssl->peerRsaKey,
ssl->rng); ssl->rng);
if (ret > 0) { if (ret > 0) {
@ -5240,35 +5269,35 @@ int SetCipherList(Suites* s, const char* list)
ret = DhGenerateKeyPair(&key, ssl->rng, priv, &privSz, ret = DhGenerateKeyPair(&key, ssl->rng, priv, &privSz,
encSecret, &encSz); encSecret, &encSz);
if (ret == 0) if (ret == 0)
ret = DhAgree(&key, ssl->arrays.preMasterSecret, ret = DhAgree(&key, ssl->arrays->preMasterSecret,
&ssl->arrays.preMasterSz, priv, privSz, &ssl->arrays->preMasterSz, priv, privSz,
serverPub.buffer, serverPub.length); serverPub.buffer, serverPub.length);
FreeDhKey(&key); FreeDhKey(&key);
#endif /* OPENSSL_EXTRA */ #endif /* OPENSSL_EXTRA */
#ifndef NO_PSK #ifndef NO_PSK
} else if (ssl->specs.kea == psk_kea) { } else if (ssl->specs.kea == psk_kea) {
byte* pms = ssl->arrays.preMasterSecret; byte* pms = ssl->arrays->preMasterSecret;
ssl->arrays.psk_keySz = ssl->options.client_psk_cb(ssl, ssl->arrays->psk_keySz = ssl->options.client_psk_cb(ssl,
ssl->arrays.server_hint, ssl->arrays.client_identity, ssl->arrays->server_hint, ssl->arrays->client_identity,
MAX_PSK_ID_LEN, ssl->arrays.psk_key, MAX_PSK_KEY_LEN); MAX_PSK_ID_LEN, ssl->arrays->psk_key, MAX_PSK_KEY_LEN);
if (ssl->arrays.psk_keySz == 0 || if (ssl->arrays->psk_keySz == 0 ||
ssl->arrays.psk_keySz > MAX_PSK_KEY_LEN) ssl->arrays->psk_keySz > MAX_PSK_KEY_LEN)
return PSK_KEY_ERROR; return PSK_KEY_ERROR;
encSz = (word32)XSTRLEN(ssl->arrays.client_identity); encSz = (word32)XSTRLEN(ssl->arrays->client_identity);
if (encSz > MAX_PSK_ID_LEN) return CLIENT_ID_ERROR; if (encSz > MAX_PSK_ID_LEN) return CLIENT_ID_ERROR;
XMEMCPY(encSecret, ssl->arrays.client_identity, encSz); XMEMCPY(encSecret, ssl->arrays->client_identity, encSz);
/* make psk pre master secret */ /* make psk pre master secret */
/* length of key + length 0s + length of key + key */ /* length of key + length 0s + length of key + key */
c16toa((word16)ssl->arrays.psk_keySz, pms); c16toa((word16)ssl->arrays->psk_keySz, pms);
pms += 2; pms += 2;
XMEMSET(pms, 0, ssl->arrays.psk_keySz); XMEMSET(pms, 0, ssl->arrays->psk_keySz);
pms += ssl->arrays.psk_keySz; pms += ssl->arrays->psk_keySz;
c16toa((word16)ssl->arrays.psk_keySz, pms); c16toa((word16)ssl->arrays->psk_keySz, pms);
pms += 2; pms += 2;
XMEMCPY(pms, ssl->arrays.psk_key, ssl->arrays.psk_keySz); XMEMCPY(pms, ssl->arrays->psk_key, ssl->arrays->psk_keySz);
ssl->arrays.preMasterSz = ssl->arrays.psk_keySz * 2 + 4; ssl->arrays->preMasterSz = ssl->arrays->psk_keySz * 2 + 4;
#endif /* NO_PSK */ #endif /* NO_PSK */
#ifdef HAVE_NTRU #ifdef HAVE_NTRU
} else if (ssl->specs.kea == ntru_kea) { } else if (ssl->specs.kea == ntru_kea) {
@ -5279,9 +5308,9 @@ int SetCipherList(Suites* s, const char* list)
'C', 'y', 'a', 'S', 'S', 'L', ' ', 'N', 'T', 'R', 'U' 'C', 'y', 'a', 'S', 'S', 'L', ' ', 'N', 'T', 'R', 'U'
}; };
RNG_GenerateBlock(ssl->rng, ssl->arrays.preMasterSecret, RNG_GenerateBlock(ssl->rng, ssl->arrays->preMasterSecret,
SECRET_LEN); SECRET_LEN);
ssl->arrays.preMasterSz = SECRET_LEN; ssl->arrays->preMasterSz = SECRET_LEN;
if (ssl->peerNtruKeyPresent == 0) if (ssl->peerNtruKeyPresent == 0)
return NO_PEER_KEY; return NO_PEER_KEY;
@ -5292,8 +5321,8 @@ int SetCipherList(Suites* s, const char* list)
return NTRU_DRBG_ERROR; return NTRU_DRBG_ERROR;
rc = crypto_ntru_encrypt(drbg, ssl->peerNtruKeyLen,ssl->peerNtruKey, rc = crypto_ntru_encrypt(drbg, ssl->peerNtruKeyLen,ssl->peerNtruKey,
ssl->arrays.preMasterSz, ssl->arrays->preMasterSz,
ssl->arrays.preMasterSecret, ssl->arrays->preMasterSecret,
&cipherLen, encSecret); &cipherLen, encSecret);
crypto_drbg_uninstantiate(drbg); crypto_drbg_uninstantiate(drbg);
if (rc != NTRU_OK) if (rc != NTRU_OK)
@ -5333,14 +5362,14 @@ int SetCipherList(Suites* s, const char* list)
if (ret != 0) if (ret != 0)
ret = ECC_EXPORT_ERROR; ret = ECC_EXPORT_ERROR;
else { else {
size = sizeof(ssl->arrays.preMasterSecret); size = sizeof(ssl->arrays->preMasterSecret);
ret = ecc_shared_secret(&myKey, peerKey, ret = ecc_shared_secret(&myKey, peerKey,
ssl->arrays.preMasterSecret, &size); ssl->arrays->preMasterSecret, &size);
if (ret != 0) if (ret != 0)
ret = ECC_SHARED_ERROR; ret = ECC_SHARED_ERROR;
} }
ssl->arrays.preMasterSz = size; ssl->arrays->preMasterSz = size;
ecc_free(&myKey); ecc_free(&myKey);
#endif /* HAVE_ECC */ #endif /* HAVE_ECC */
} else } else
@ -5593,8 +5622,8 @@ int SetCipherList(Suites* s, const char* list)
/* then random */ /* then random */
if (!ssl->options.resuming) if (!ssl->options.resuming)
RNG_GenerateBlock(ssl->rng, ssl->arrays.serverRandom, RAN_LEN); RNG_GenerateBlock(ssl->rng, ssl->arrays->serverRandom, RAN_LEN);
XMEMCPY(output + idx, ssl->arrays.serverRandom, RAN_LEN); XMEMCPY(output + idx, ssl->arrays->serverRandom, RAN_LEN);
idx += RAN_LEN; idx += RAN_LEN;
#ifdef SHOW_SECRETS #ifdef SHOW_SECRETS
@ -5602,15 +5631,15 @@ int SetCipherList(Suites* s, const char* list)
int j; int j;
printf("server random: "); printf("server random: ");
for (j = 0; j < RAN_LEN; j++) for (j = 0; j < RAN_LEN; j++)
printf("%02x", ssl->arrays.serverRandom[j]); printf("%02x", ssl->arrays->serverRandom[j]);
printf("\n"); printf("\n");
} }
#endif #endif
/* then session id */ /* then session id */
output[idx++] = ID_LEN; output[idx++] = ID_LEN;
if (!ssl->options.resuming) if (!ssl->options.resuming)
RNG_GenerateBlock(ssl->rng, ssl->arrays.sessionID, ID_LEN); RNG_GenerateBlock(ssl->rng, ssl->arrays->sessionID, ID_LEN);
XMEMCPY(output + idx, ssl->arrays.sessionID, ID_LEN); XMEMCPY(output + idx, ssl->arrays->sessionID, ID_LEN);
idx += ID_LEN; idx += ID_LEN;
/* then cipher suite */ /* then cipher suite */
@ -5685,10 +5714,10 @@ int SetCipherList(Suites* s, const char* list)
byte *output; byte *output;
word32 length, idx = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ; word32 length, idx = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ;
int sendSz; int sendSz;
if (ssl->arrays.server_hint[0] == 0) return 0; /* don't send */ if (ssl->arrays->server_hint[0] == 0) return 0; /* don't send */
/* include size part */ /* include size part */
length = (word32)XSTRLEN(ssl->arrays.server_hint); length = (word32)XSTRLEN(ssl->arrays->server_hint);
if (length > MAX_PSK_ID_LEN) return SERVER_HINT_ERROR; if (length > MAX_PSK_ID_LEN) return SERVER_HINT_ERROR;
length += HINT_LEN_SZ; length += HINT_LEN_SZ;
sendSz = length + HANDSHAKE_HEADER_SZ + RECORD_HEADER_SZ; sendSz = length + HANDSHAKE_HEADER_SZ + RECORD_HEADER_SZ;
@ -5712,7 +5741,7 @@ int SetCipherList(Suites* s, const char* list)
/* key data */ /* key data */
c16toa((word16)(length - HINT_LEN_SZ), output + idx); c16toa((word16)(length - HINT_LEN_SZ), output + idx);
idx += HINT_LEN_SZ; idx += HINT_LEN_SZ;
XMEMCPY(output + idx, ssl->arrays.server_hint, length -HINT_LEN_SZ); XMEMCPY(output + idx, ssl->arrays->server_hint,length -HINT_LEN_SZ);
HashOutput(ssl, output, sendSz, 0); HashOutput(ssl, output, sendSz, 0);
@ -5846,15 +5875,15 @@ int SetCipherList(Suites* s, const char* list)
/* md5 */ /* md5 */
InitMd5(&md5); InitMd5(&md5);
Md5Update(&md5, ssl->arrays.clientRandom, RAN_LEN); Md5Update(&md5, ssl->arrays->clientRandom, RAN_LEN);
Md5Update(&md5, ssl->arrays.serverRandom, RAN_LEN); Md5Update(&md5, ssl->arrays->serverRandom, RAN_LEN);
Md5Update(&md5, output + preSigIdx, preSigSz); Md5Update(&md5, output + preSigIdx, preSigSz);
Md5Final(&md5, hash); Md5Final(&md5, hash);
/* sha */ /* sha */
InitSha(&sha); InitSha(&sha);
ShaUpdate(&sha, ssl->arrays.clientRandom, RAN_LEN); ShaUpdate(&sha, ssl->arrays->clientRandom, RAN_LEN);
ShaUpdate(&sha, ssl->arrays.serverRandom, RAN_LEN); ShaUpdate(&sha, ssl->arrays->serverRandom, RAN_LEN);
ShaUpdate(&sha, output + preSigIdx, preSigSz); ShaUpdate(&sha, output + preSigIdx, preSigSz);
ShaFinal(&sha, &hash[MD5_DIGEST_SIZE]); ShaFinal(&sha, &hash[MD5_DIGEST_SIZE]);
@ -6048,15 +6077,15 @@ int SetCipherList(Suites* s, const char* list)
/* md5 */ /* md5 */
InitMd5(&md5); InitMd5(&md5);
Md5Update(&md5, ssl->arrays.clientRandom, RAN_LEN); Md5Update(&md5, ssl->arrays->clientRandom, RAN_LEN);
Md5Update(&md5, ssl->arrays.serverRandom, RAN_LEN); Md5Update(&md5, ssl->arrays->serverRandom, RAN_LEN);
Md5Update(&md5, output + preSigIdx, preSigSz); Md5Update(&md5, output + preSigIdx, preSigSz);
Md5Final(&md5, hash); Md5Final(&md5, hash);
/* sha */ /* sha */
InitSha(&sha); InitSha(&sha);
ShaUpdate(&sha, ssl->arrays.clientRandom, RAN_LEN); ShaUpdate(&sha, ssl->arrays->clientRandom, RAN_LEN);
ShaUpdate(&sha, ssl->arrays.serverRandom, RAN_LEN); ShaUpdate(&sha, ssl->arrays->serverRandom, RAN_LEN);
ShaUpdate(&sha, output + preSigIdx, preSigSz); ShaUpdate(&sha, output + preSigIdx, preSigSz);
ShaFinal(&sha, &hash[MD5_DIGEST_SIZE]); ShaFinal(&sha, &hash[MD5_DIGEST_SIZE]);
@ -6628,15 +6657,15 @@ int SetCipherList(Suites* s, const char* list)
/* session id */ /* session id */
if (sessionSz) { if (sessionSz) {
XMEMCPY(ssl->arrays.sessionID, input + idx, sessionSz); XMEMCPY(ssl->arrays->sessionID, input + idx, sessionSz);
idx += sessionSz; idx += sessionSz;
ssl->options.resuming = 1; ssl->options.resuming = 1;
} }
/* random */ /* random */
if (randomSz < RAN_LEN) if (randomSz < RAN_LEN)
XMEMSET(ssl->arrays.clientRandom, 0, RAN_LEN - randomSz); XMEMSET(ssl->arrays->clientRandom, 0, RAN_LEN - randomSz);
XMEMCPY(&ssl->arrays.clientRandom[RAN_LEN - randomSz], input + idx, XMEMCPY(&ssl->arrays->clientRandom[RAN_LEN - randomSz], input + idx,
randomSz); randomSz);
idx += randomSz; idx += randomSz;
@ -6650,7 +6679,7 @@ int SetCipherList(Suites* s, const char* list)
/* DoClientHello uses same resume code */ /* DoClientHello uses same resume code */
while (ssl->options.resuming) { /* let's try */ while (ssl->options.resuming) { /* let's try */
int ret; int ret;
CYASSL_SESSION* session = GetSession(ssl, ssl->arrays.masterSecret); CYASSL_SESSION* session = GetSession(ssl,ssl->arrays->masterSecret);
if (!session) { if (!session) {
ssl->options.resuming = 0; ssl->options.resuming = 0;
break; /* session lookup failed */ break; /* session lookup failed */
@ -6660,7 +6689,7 @@ int SetCipherList(Suites* s, const char* list)
return UNSUPPORTED_SUITE; return UNSUPPORTED_SUITE;
} }
RNG_GenerateBlock(ssl->rng, ssl->arrays.serverRandom, RAN_LEN); RNG_GenerateBlock(ssl->rng, ssl->arrays->serverRandom, RAN_LEN);
if (ssl->options.tls) if (ssl->options.tls)
ret = DeriveTlsKeys(ssl); ret = DeriveTlsKeys(ssl);
else else
@ -6725,7 +6754,7 @@ int SetCipherList(Suites* s, const char* list)
ssl->options.haveStaticECC, ssl->options.side); ssl->options.haveStaticECC, ssl->options.side);
} }
/* random */ /* random */
XMEMCPY(ssl->arrays.clientRandom, input + i, RAN_LEN); XMEMCPY(ssl->arrays->clientRandom, input + i, RAN_LEN);
i += RAN_LEN; i += RAN_LEN;
#ifdef SHOW_SECRETS #ifdef SHOW_SECRETS
@ -6733,7 +6762,7 @@ int SetCipherList(Suites* s, const char* list)
int j; int j;
printf("client random: "); printf("client random: ");
for (j = 0; j < RAN_LEN; j++) for (j = 0; j < RAN_LEN; j++)
printf("%02x", ssl->arrays.clientRandom[j]); printf("%02x", ssl->arrays->clientRandom[j]);
printf("\n"); printf("\n");
} }
#endif #endif
@ -6742,7 +6771,7 @@ int SetCipherList(Suites* s, const char* list)
if (b) { if (b) {
if (i + ID_LEN > totalSz) if (i + ID_LEN > totalSz)
return INCOMPLETE_DATA; return INCOMPLETE_DATA;
XMEMCPY(ssl->arrays.sessionID, input + i, ID_LEN); XMEMCPY(ssl->arrays->sessionID, input + i, ID_LEN);
i += b; i += b;
ssl->options.resuming= 1; /* client wants to resume */ ssl->options.resuming= 1; /* client wants to resume */
CYASSL_MSG("Client wants to resume session"); CYASSL_MSG("Client wants to resume session");
@ -6811,7 +6840,7 @@ int SetCipherList(Suites* s, const char* list)
/* ProcessOld uses same resume code */ /* ProcessOld uses same resume code */
while (ssl->options.resuming) { /* let's try */ while (ssl->options.resuming) { /* let's try */
int ret; int ret;
CYASSL_SESSION* session = GetSession(ssl, ssl->arrays.masterSecret); CYASSL_SESSION* session = GetSession(ssl,ssl->arrays->masterSecret);
if (!session) { if (!session) {
ssl->options.resuming = 0; ssl->options.resuming = 0;
CYASSL_MSG("Session lookup for resume failed"); CYASSL_MSG("Session lookup for resume failed");
@ -6822,7 +6851,7 @@ int SetCipherList(Suites* s, const char* list)
return UNSUPPORTED_SUITE; return UNSUPPORTED_SUITE;
} }
RNG_GenerateBlock(ssl->rng, ssl->arrays.serverRandom, RAN_LEN); RNG_GenerateBlock(ssl->rng, ssl->arrays->serverRandom, RAN_LEN);
if (ssl->options.tls) if (ssl->options.tls)
ret = DeriveTlsKeys(ssl); ret = DeriveTlsKeys(ssl);
else else
@ -7028,7 +7057,7 @@ int SetCipherList(Suites* s, const char* list)
if (ret == 0) { if (ret == 0) {
length = RsaEncryptSize(&key); length = RsaEncryptSize(&key);
ssl->arrays.preMasterSz = SECRET_LEN; ssl->arrays->preMasterSz = SECRET_LEN;
if (ssl->options.tls) if (ssl->options.tls)
(*inOutIdx) += 2; (*inOutIdx) += 2;
@ -7037,10 +7066,10 @@ int SetCipherList(Suites* s, const char* list)
if (RsaPrivateDecryptInline(tmp, length, &out, &key) == if (RsaPrivateDecryptInline(tmp, length, &out, &key) ==
SECRET_LEN) { SECRET_LEN) {
XMEMCPY(ssl->arrays.preMasterSecret, out, SECRET_LEN); XMEMCPY(ssl->arrays->preMasterSecret, out, SECRET_LEN);
if (ssl->arrays.preMasterSecret[0] != ssl->chVersion.major if (ssl->arrays->preMasterSecret[0] != ssl->chVersion.major
|| ||
ssl->arrays.preMasterSecret[1] != ssl->chVersion.minor) ssl->arrays->preMasterSecret[1] != ssl->chVersion.minor)
ret = PMS_VERSION_ERROR; ret = PMS_VERSION_ERROR;
else else
@ -7053,33 +7082,33 @@ int SetCipherList(Suites* s, const char* list)
FreeRsaKey(&key); FreeRsaKey(&key);
#ifndef NO_PSK #ifndef NO_PSK
} else if (ssl->specs.kea == psk_kea) { } else if (ssl->specs.kea == psk_kea) {
byte* pms = ssl->arrays.preMasterSecret; byte* pms = ssl->arrays->preMasterSecret;
word16 ci_sz; word16 ci_sz;
ato16(&input[*inOutIdx], &ci_sz); ato16(&input[*inOutIdx], &ci_sz);
*inOutIdx += LENGTH_SZ; *inOutIdx += LENGTH_SZ;
if (ci_sz > MAX_PSK_ID_LEN) return CLIENT_ID_ERROR; if (ci_sz > MAX_PSK_ID_LEN) return CLIENT_ID_ERROR;
XMEMCPY(ssl->arrays.client_identity, &input[*inOutIdx], ci_sz); XMEMCPY(ssl->arrays->client_identity, &input[*inOutIdx], ci_sz);
*inOutIdx += ci_sz; *inOutIdx += ci_sz;
ssl->arrays.client_identity[ci_sz] = 0; ssl->arrays->client_identity[ci_sz] = 0;
ssl->arrays.psk_keySz = ssl->options.server_psk_cb(ssl, ssl->arrays->psk_keySz = ssl->options.server_psk_cb(ssl,
ssl->arrays.client_identity, ssl->arrays.psk_key, ssl->arrays->client_identity, ssl->arrays->psk_key,
MAX_PSK_KEY_LEN); MAX_PSK_KEY_LEN);
if (ssl->arrays.psk_keySz == 0 || if (ssl->arrays->psk_keySz == 0 ||
ssl->arrays.psk_keySz > MAX_PSK_KEY_LEN) return PSK_KEY_ERROR; ssl->arrays->psk_keySz > MAX_PSK_KEY_LEN) return PSK_KEY_ERROR;
/* make psk pre master secret */ /* make psk pre master secret */
/* length of key + length 0s + length of key + key */ /* length of key + length 0s + length of key + key */
c16toa((word16)ssl->arrays.psk_keySz, pms); c16toa((word16)ssl->arrays->psk_keySz, pms);
pms += 2; pms += 2;
XMEMSET(pms, 0, ssl->arrays.psk_keySz); XMEMSET(pms, 0, ssl->arrays->psk_keySz);
pms += ssl->arrays.psk_keySz; pms += ssl->arrays->psk_keySz;
c16toa((word16)ssl->arrays.psk_keySz, pms); c16toa((word16)ssl->arrays->psk_keySz, pms);
pms += 2; pms += 2;
XMEMCPY(pms, ssl->arrays.psk_key, ssl->arrays.psk_keySz); XMEMCPY(pms, ssl->arrays->psk_key, ssl->arrays->psk_keySz);
ssl->arrays.preMasterSz = ssl->arrays.psk_keySz * 2 + 4; ssl->arrays->preMasterSz = ssl->arrays->psk_keySz * 2 + 4;
ret = MakeMasterSecret(ssl); ret = MakeMasterSecret(ssl);
#endif /* NO_PSK */ #endif /* NO_PSK */
@ -7087,7 +7116,7 @@ int SetCipherList(Suites* s, const char* list)
} else if (ssl->specs.kea == ntru_kea) { } else if (ssl->specs.kea == ntru_kea) {
word32 rc; word32 rc;
word16 cipherLen; word16 cipherLen;
word16 plainLen = sizeof(ssl->arrays.preMasterSecret); word16 plainLen = sizeof(ssl->arrays->preMasterSecret);
byte* tmp; byte* tmp;
if (!ssl->buffers.key.buffer) if (!ssl->buffers.key.buffer)
@ -7101,13 +7130,13 @@ int SetCipherList(Suites* s, const char* list)
tmp = input + *inOutIdx; tmp = input + *inOutIdx;
rc = crypto_ntru_decrypt((word16)ssl->buffers.key.length, rc = crypto_ntru_decrypt((word16)ssl->buffers.key.length,
ssl->buffers.key.buffer, cipherLen, tmp, &plainLen, ssl->buffers.key.buffer, cipherLen, tmp, &plainLen,
ssl->arrays.preMasterSecret); ssl->arrays->preMasterSecret);
if (rc != NTRU_OK || plainLen != SECRET_LEN) if (rc != NTRU_OK || plainLen != SECRET_LEN)
return NTRU_DECRYPT_ERROR; return NTRU_DECRYPT_ERROR;
*inOutIdx += cipherLen; *inOutIdx += cipherLen;
ssl->arrays.preMasterSz = plainLen; ssl->arrays->preMasterSz = plainLen;
ret = MakeMasterSecret(ssl); ret = MakeMasterSecret(ssl);
#endif /* HAVE_NTRU */ #endif /* HAVE_NTRU */
#ifdef HAVE_ECC #ifdef HAVE_ECC
@ -7122,7 +7151,7 @@ int SetCipherList(Suites* s, const char* list)
*inOutIdx += bLength; *inOutIdx += bLength;
ssl->peerEccKeyPresent = 1; ssl->peerEccKeyPresent = 1;
size = sizeof(ssl->arrays.preMasterSecret); size = sizeof(ssl->arrays->preMasterSecret);
if (ssl->specs.static_ecdh) { if (ssl->specs.static_ecdh) {
ecc_key staticKey; ecc_key staticKey;
word32 i = 0; word32 i = 0;
@ -7132,15 +7161,15 @@ int SetCipherList(Suites* s, const char* list)
&staticKey, ssl->buffers.key.length); &staticKey, ssl->buffers.key.length);
if (ret == 0) if (ret == 0)
ret = ecc_shared_secret(&staticKey, &ssl->peerEccKey, ret = ecc_shared_secret(&staticKey, &ssl->peerEccKey,
ssl->arrays.preMasterSecret, &size); ssl->arrays->preMasterSecret, &size);
ecc_free(&staticKey); ecc_free(&staticKey);
} }
else else
ret = ecc_shared_secret(&ssl->eccTempKey, &ssl->peerEccKey, ret = ecc_shared_secret(&ssl->eccTempKey, &ssl->peerEccKey,
ssl->arrays.preMasterSecret, &size); ssl->arrays->preMasterSecret, &size);
if (ret != 0) if (ret != 0)
return ECC_SHARED_ERROR; return ECC_SHARED_ERROR;
ssl->arrays.preMasterSz = size; ssl->arrays->preMasterSz = size;
ret = MakeMasterSecret(ssl); ret = MakeMasterSecret(ssl);
#endif /* HAVE_ECC */ #endif /* HAVE_ECC */
#ifdef OPENSSL_EXTRA #ifdef OPENSSL_EXTRA
@ -7161,8 +7190,8 @@ int SetCipherList(Suites* s, const char* list)
ssl->buffers.serverDH_G.buffer, ssl->buffers.serverDH_G.buffer,
ssl->buffers.serverDH_G.length); ssl->buffers.serverDH_G.length);
if (ret == 0) if (ret == 0)
ret = DhAgree(&dhKey, ssl->arrays.preMasterSecret, ret = DhAgree(&dhKey, ssl->arrays->preMasterSecret,
&ssl->arrays.preMasterSz, &ssl->arrays->preMasterSz,
ssl->buffers.serverDH_Priv.buffer, ssl->buffers.serverDH_Priv.buffer,
ssl->buffers.serverDH_Priv.length, ssl->buffers.serverDH_Priv.length,
clientPub, clientPubSz); clientPub, clientPubSz);

32
src/keys.c
View File

@ -1121,7 +1121,7 @@ int DeriveKeys(CYASSL* ssl)
InitMd5(&md5); InitMd5(&md5);
InitSha(&sha); InitSha(&sha);
XMEMCPY(md5Input, ssl->arrays.masterSecret, SECRET_LEN); XMEMCPY(md5Input, ssl->arrays->masterSecret, SECRET_LEN);
for (i = 0; i < rounds; ++i) { for (i = 0; i < rounds; ++i) {
int j = i + 1; int j = i + 1;
@ -1131,11 +1131,11 @@ int DeriveKeys(CYASSL* ssl)
return PREFIX_ERROR; return PREFIX_ERROR;
} }
XMEMCPY(shaInput + idx, ssl->arrays.masterSecret, SECRET_LEN); XMEMCPY(shaInput + idx, ssl->arrays->masterSecret, SECRET_LEN);
idx += SECRET_LEN; idx += SECRET_LEN;
XMEMCPY(shaInput + idx, ssl->arrays.serverRandom, RAN_LEN); XMEMCPY(shaInput + idx, ssl->arrays->serverRandom, RAN_LEN);
idx += RAN_LEN; idx += RAN_LEN;
XMEMCPY(shaInput + idx, ssl->arrays.clientRandom, RAN_LEN); XMEMCPY(shaInput + idx, ssl->arrays->clientRandom, RAN_LEN);
ShaUpdate(&sha, shaInput, sizeof(shaInput) - KEY_PREFIX + j); ShaUpdate(&sha, shaInput, sizeof(shaInput) - KEY_PREFIX + j);
ShaFinal(&sha, shaOutput); ShaFinal(&sha, shaOutput);
@ -1151,15 +1151,15 @@ int DeriveKeys(CYASSL* ssl)
static void CleanPreMaster(CYASSL* ssl) static void CleanPreMaster(CYASSL* ssl)
{ {
int i, sz = ssl->arrays.preMasterSz; int i, sz = ssl->arrays->preMasterSz;
for (i = 0; i < sz; i++) for (i = 0; i < sz; i++)
ssl->arrays.preMasterSecret[i] = 0; ssl->arrays->preMasterSecret[i] = 0;
RNG_GenerateBlock(ssl->rng, ssl->arrays.preMasterSecret, sz); RNG_GenerateBlock(ssl->rng, ssl->arrays->preMasterSecret, sz);
for (i = 0; i < sz; i++) for (i = 0; i < sz; i++)
ssl->arrays.preMasterSecret[i] = 0; ssl->arrays->preMasterSecret[i] = 0;
} }
@ -1172,7 +1172,7 @@ static int MakeSslMasterSecret(CYASSL* ssl)
byte shaInput[PREFIX + ENCRYPT_LEN + 2 * RAN_LEN]; byte shaInput[PREFIX + ENCRYPT_LEN + 2 * RAN_LEN];
int i, ret; int i, ret;
word32 idx; word32 idx;
word32 pmsSz = ssl->arrays.preMasterSz; word32 pmsSz = ssl->arrays->preMasterSz;
Md5 md5; Md5 md5;
Sha sha; Sha sha;
@ -1182,7 +1182,7 @@ static int MakeSslMasterSecret(CYASSL* ssl)
int j; int j;
printf("pre master secret: "); printf("pre master secret: ");
for (j = 0; j < pmsSz; j++) for (j = 0; j < pmsSz; j++)
printf("%02x", ssl->arrays.preMasterSecret[j]); printf("%02x", ssl->arrays->preMasterSecret[j]);
printf("\n"); printf("\n");
} }
#endif #endif
@ -1190,7 +1190,7 @@ static int MakeSslMasterSecret(CYASSL* ssl)
InitMd5(&md5); InitMd5(&md5);
InitSha(&sha); InitSha(&sha);
XMEMCPY(md5Input, ssl->arrays.preMasterSecret, pmsSz); XMEMCPY(md5Input, ssl->arrays->preMasterSecret, pmsSz);
for (i = 0; i < MASTER_ROUNDS; ++i) { for (i = 0; i < MASTER_ROUNDS; ++i) {
byte prefix[PREFIX]; byte prefix[PREFIX];
@ -1202,11 +1202,11 @@ static int MakeSslMasterSecret(CYASSL* ssl)
XMEMCPY(shaInput, prefix, i + 1); XMEMCPY(shaInput, prefix, i + 1);
idx += i + 1; idx += i + 1;
XMEMCPY(shaInput + idx, ssl->arrays.preMasterSecret, pmsSz); XMEMCPY(shaInput + idx, ssl->arrays->preMasterSecret, pmsSz);
idx += pmsSz; idx += pmsSz;
XMEMCPY(shaInput + idx, ssl->arrays.clientRandom, RAN_LEN); XMEMCPY(shaInput + idx, ssl->arrays->clientRandom, RAN_LEN);
idx += RAN_LEN; idx += RAN_LEN;
XMEMCPY(shaInput + idx, ssl->arrays.serverRandom, RAN_LEN); XMEMCPY(shaInput + idx, ssl->arrays->serverRandom, RAN_LEN);
idx += RAN_LEN; idx += RAN_LEN;
ShaUpdate(&sha, shaInput, idx); ShaUpdate(&sha, shaInput, idx);
ShaFinal(&sha, shaOutput); ShaFinal(&sha, shaOutput);
@ -1215,7 +1215,7 @@ static int MakeSslMasterSecret(CYASSL* ssl)
XMEMCPY(md5Input + idx, shaOutput, SHA_DIGEST_SIZE); XMEMCPY(md5Input + idx, shaOutput, SHA_DIGEST_SIZE);
idx += SHA_DIGEST_SIZE; idx += SHA_DIGEST_SIZE;
Md5Update(&md5, md5Input, idx); Md5Update(&md5, md5Input, idx);
Md5Final(&md5, &ssl->arrays.masterSecret[i * MD5_DIGEST_SIZE]); Md5Final(&md5, &ssl->arrays->masterSecret[i * MD5_DIGEST_SIZE]);
} }
#ifdef SHOW_SECRETS #ifdef SHOW_SECRETS
@ -1223,7 +1223,7 @@ static int MakeSslMasterSecret(CYASSL* ssl)
int i; int i;
printf("master secret: "); printf("master secret: ");
for (i = 0; i < SECRET_LEN; i++) for (i = 0; i < SECRET_LEN; i++)
printf("%02x", ssl->arrays.masterSecret[i]); printf("%02x", ssl->arrays->masterSecret[i]);
printf("\n"); printf("\n");
} }
#endif #endif

61
src/ssl.c
View File

@ -414,6 +414,24 @@ void CyaSSL_ERR_error_string_n(unsigned long e, char* buf, unsigned long len)
} }
/* don't free temporary arrays at end of handshake */
void CyaSSL_KeepArrays(CYASSL* ssl)
{
if (ssl)
ssl->options.saveArrays = 1;
}
/* user doesn't need temporary arrays anymore, Free */
void CyaSSL_FreeArrays(CYASSL* ssl)
{
if (ssl && ssl->options.handShakeState == HANDSHAKE_DONE) {
ssl->options.saveArrays = 0;
FreeArrays(ssl, 1);
}
}
CYASSL_CERT_MANAGER* CyaSSL_CertManagerNew(void) CYASSL_CERT_MANAGER* CyaSSL_CertManagerNew(void)
{ {
CYASSL_CERT_MANAGER* cm = NULL; CYASSL_CERT_MANAGER* cm = NULL;
@ -2764,7 +2782,7 @@ int CyaSSL_CTX_set_timeout(CYASSL_CTX* ctx, unsigned int to)
CYASSL_SESSION* GetSession(CYASSL* ssl, byte* masterSecret) CYASSL_SESSION* GetSession(CYASSL* ssl, byte* masterSecret)
{ {
CYASSL_SESSION* ret = 0; CYASSL_SESSION* ret = 0;
const byte* id = ssl->arrays.sessionID; const byte* id = NULL;
word32 row; word32 row;
int idx; int idx;
@ -2774,6 +2792,11 @@ CYASSL_SESSION* GetSession(CYASSL* ssl, byte* masterSecret)
if (ssl->options.haveSessionId == 0) if (ssl->options.haveSessionId == 0)
return NULL; return NULL;
if (ssl->arrays)
id = ssl->arrays->sessionID;
else
id = ssl->session.sessionID;
row = HashSession(id) % SESSION_ROWS; row = HashSession(id) % SESSION_ROWS;
if (LockMutex(&session_mutex) != 0) if (LockMutex(&session_mutex) != 0)
@ -2838,7 +2861,7 @@ int AddSession(CYASSL* ssl)
if (ssl->options.haveSessionId == 0) if (ssl->options.haveSessionId == 0)
return 0; return 0;
row = HashSession(ssl->arrays.sessionID) % SESSION_ROWS; row = HashSession(ssl->arrays->sessionID) % SESSION_ROWS;
if (LockMutex(&session_mutex) != 0) if (LockMutex(&session_mutex) != 0)
return BAD_MUTEX_ERROR; return BAD_MUTEX_ERROR;
@ -2846,8 +2869,8 @@ int AddSession(CYASSL* ssl)
idx = SessionCache[row].nextIdx++; idx = SessionCache[row].nextIdx++;
XMEMCPY(SessionCache[row].Sessions[idx].masterSecret, XMEMCPY(SessionCache[row].Sessions[idx].masterSecret,
ssl->arrays.masterSecret, SECRET_LEN); ssl->arrays->masterSecret, SECRET_LEN);
XMEMCPY(SessionCache[row].Sessions[idx].sessionID, ssl->arrays.sessionID, XMEMCPY(SessionCache[row].Sessions[idx].sessionID, ssl->arrays->sessionID,
ID_LEN); ID_LEN);
SessionCache[row].Sessions[idx].timeout = ssl->timeout; SessionCache[row].Sessions[idx].timeout = ssl->timeout;
@ -3249,14 +3272,22 @@ int CyaSSL_set_compression(CYASSL* ssl)
const char* CyaSSL_get_psk_identity_hint(const CYASSL* ssl) const char* CyaSSL_get_psk_identity_hint(const CYASSL* ssl)
{ {
CYASSL_ENTER("SSL_get_psk_identity_hint"); CYASSL_ENTER("SSL_get_psk_identity_hint");
return ssl->arrays.server_hint;
if (ssl == NULL || ssl->arrays == NULL)
return NULL;
return ssl->arrays->server_hint;
} }
const char* CyaSSL_get_psk_identity(const CYASSL* ssl) const char* CyaSSL_get_psk_identity(const CYASSL* ssl)
{ {
CYASSL_ENTER("SSL_get_psk_identity"); CYASSL_ENTER("SSL_get_psk_identity");
return ssl->arrays.client_identity;
if (ssl == NULL || ssl->arrays == NULL)
return NULL;
return ssl->arrays->client_identity;
} }
@ -3276,11 +3307,15 @@ int CyaSSL_set_compression(CYASSL* ssl)
int CyaSSL_use_psk_identity_hint(CYASSL* ssl, const char* hint) int CyaSSL_use_psk_identity_hint(CYASSL* ssl, const char* hint)
{ {
CYASSL_ENTER("SSL_use_psk_identity_hint"); CYASSL_ENTER("SSL_use_psk_identity_hint");
if (ssl == NULL || ssl->arrays == NULL)
return SSL_FAILURE;
if (hint == 0) if (hint == 0)
ssl->arrays.server_hint[0] = 0; ssl->arrays->server_hint[0] = 0;
else { else {
XSTRNCPY(ssl->arrays.server_hint, hint, MAX_PSK_ID_LEN); XSTRNCPY(ssl->arrays->server_hint, hint, MAX_PSK_ID_LEN);
ssl->arrays.server_hint[MAX_PSK_ID_LEN - 1] = '\0'; ssl->arrays->server_hint[MAX_PSK_ID_LEN - 1] = '\0';
} }
return SSL_SUCCESS; return SSL_SUCCESS;
} }
@ -3440,12 +3475,12 @@ int CyaSSL_set_compression(CYASSL* ssl)
unsigned char** sr, unsigned int* srLen, unsigned char** sr, unsigned int* srLen,
unsigned char** cr, unsigned int* crLen) unsigned char** cr, unsigned int* crLen)
{ {
if (ssl == NULL) if (ssl == NULL || ssl->arrays == NULL)
return -1; return -1;
*ms = ssl->arrays.masterSecret; *ms = ssl->arrays->masterSecret;
*sr = ssl->arrays.serverRandom; *sr = ssl->arrays->serverRandom;
*cr = ssl->arrays.clientRandom; *cr = ssl->arrays->clientRandom;
*msLen = SECRET_LEN; *msLen = SECRET_LEN;
*srLen = RAN_LEN; *srLen = RAN_LEN;

18
src/tls.c
View File

@ -214,7 +214,7 @@ void BuildTlsFinished(CYASSL* ssl, Hashes* hashes, const byte* sender)
else else
side = tls_server; side = tls_server;
PRF(hashes->md5, TLS_FINISHED_SZ, ssl->arrays.masterSecret, SECRET_LEN, PRF(hashes->md5, TLS_FINISHED_SZ, ssl->arrays->masterSecret, SECRET_LEN,
side, FINISHED_LABEL_SZ, handshake_hash, hashSz, IsAtLeastTLSv1_2(ssl), side, FINISHED_LABEL_SZ, handshake_hash, hashSz, IsAtLeastTLSv1_2(ssl),
ssl->specs.mac_algorithm); ssl->specs.mac_algorithm);
} }
@ -262,10 +262,10 @@ int DeriveTlsKeys(CYASSL* ssl)
byte seed[SEED_LEN]; byte seed[SEED_LEN];
byte key_data[MAX_PRF_DIG]; byte key_data[MAX_PRF_DIG];
XMEMCPY(seed, ssl->arrays.serverRandom, RAN_LEN); XMEMCPY(seed, ssl->arrays->serverRandom, RAN_LEN);
XMEMCPY(&seed[RAN_LEN], ssl->arrays.clientRandom, RAN_LEN); XMEMCPY(&seed[RAN_LEN], ssl->arrays->clientRandom, RAN_LEN);
PRF(key_data, length, ssl->arrays.masterSecret, SECRET_LEN, key_label, PRF(key_data, length, ssl->arrays->masterSecret, SECRET_LEN, key_label,
KEY_LABEL_SZ, seed, SEED_LEN, IsAtLeastTLSv1_2(ssl), KEY_LABEL_SZ, seed, SEED_LEN, IsAtLeastTLSv1_2(ssl),
ssl->specs.mac_algorithm); ssl->specs.mac_algorithm);
@ -277,11 +277,11 @@ int MakeTlsMasterSecret(CYASSL* ssl)
{ {
byte seed[SEED_LEN]; byte seed[SEED_LEN];
XMEMCPY(seed, ssl->arrays.clientRandom, RAN_LEN); XMEMCPY(seed, ssl->arrays->clientRandom, RAN_LEN);
XMEMCPY(&seed[RAN_LEN], ssl->arrays.serverRandom, RAN_LEN); XMEMCPY(&seed[RAN_LEN], ssl->arrays->serverRandom, RAN_LEN);
PRF(ssl->arrays.masterSecret, SECRET_LEN, PRF(ssl->arrays->masterSecret, SECRET_LEN,
ssl->arrays.preMasterSecret, ssl->arrays.preMasterSz, ssl->arrays->preMasterSecret, ssl->arrays->preMasterSz,
master_label, MASTER_LABEL_SZ, master_label, MASTER_LABEL_SZ,
seed, SEED_LEN, IsAtLeastTLSv1_2(ssl), ssl->specs.mac_algorithm); seed, SEED_LEN, IsAtLeastTLSv1_2(ssl), ssl->specs.mac_algorithm);
@ -290,7 +290,7 @@ int MakeTlsMasterSecret(CYASSL* ssl)
int i; int i;
printf("master secret: "); printf("master secret: ");
for (i = 0; i < SECRET_LEN; i++) for (i = 0; i < SECRET_LEN; i++)
printf("%02x", ssl->arrays.masterSecret[i]); printf("%02x", ssl->arrays->masterSecret[i]);
printf("\n"); printf("\n");
} }
#endif #endif