yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-27 07:44:17 +01:00
Code Issues Packages Projects Releases Wiki Activity

Move handling of randbytes to derive_keys()

Browse Source
This commit is contained in:
Manuel Pégourié-Gonnard 2019-05-06 12:05:58 +02:00
parent bcf258e077
commit 707728dfca
1 changed files with 30 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
library/ssl_tls.c
View File

@ -616,7 +616,6 @@ static void ssl_calc_finished_tls_sha384( mbedtls_ssl_context *, unsigned char *
static int ssl_populate_transform( mbedtls_ssl_context *ssl )
{
int ret = 0;
unsigned char tmp[64];
unsigned char keyblk[256];
unsigned char *key1;
unsigned char *key2;
@ -633,8 +632,6 @@ static int ssl_populate_transform( mbedtls_ssl_context *ssl )
mbedtls_ssl_transform *transform = ssl->transform_negotiate;
mbedtls_ssl_handshake_params *handshake = ssl->handshake;
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> derive keys" ) );
#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
transform->encrypt_then_mac = session->encrypt_then_mac;
#endif
@ -657,14 +654,6 @@ static int ssl_populate_transform( mbedtls_ssl_context *ssl )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
}
/*
* Swap the client and server random values.
*/
memcpy( tmp, handshake->randbytes, 64 );
memcpy( handshake->randbytes, tmp + 32, 32 );
memcpy( handshake->randbytes + 32, tmp, 32 );
mbedtls_platform_zeroize( tmp, sizeof( tmp ) );
/*
* SSLv3:
* key block =
@ -691,9 +680,6 @@ static int ssl_populate_transform( mbedtls_ssl_context *ssl )
MBEDTLS_SSL_DEBUG_BUF( 4, "random bytes", handshake->randbytes, 64 );
MBEDTLS_SSL_DEBUG_BUF( 4, "key block", keyblk, 256 );
mbedtls_platform_zeroize( handshake->randbytes,
sizeof( handshake->randbytes ) );
/*
* Determine the appropriate key, IV and MAC length.
*/
@ -1024,8 +1010,6 @@ static int ssl_populate_transform( mbedtls_ssl_context *ssl )
}
#endif /* MBEDTLS_ZLIB_SUPPORT */
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= derive keys" ) );
return( 0 );
}
@ -1165,6 +1149,9 @@ int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl )
const mbedtls_ssl_ciphersuite_t * const ciphersuite_info =
ssl->handshake->ciphersuite_info;
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> derive keys" ) );
/* Set PRF, calc_verify and calc_finished function pointers */
ret = ssl_set_handshake_prfs( ssl->handshake,
ssl->minor_ver,
ciphersuite_info->mac );
@ -1174,6 +1161,7 @@ int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl )
return( ret );
}
/* Compute master secret if needed */
ret = ssl_compute_master( ssl->handshake,
ssl->session_negotiate->master,
ssl );
@ -1183,7 +1171,32 @@ int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl )
return( ret );
}
return( ssl_populate_transform( ssl ) );
/* Swap the client and server random values:
* - MS derivation wanted client+server (RFC 5246 8.1)
* - key derivation wants server+client (RFC 5246 6.3) */
{
unsigned char tmp[64];
memcpy( tmp, ssl->handshake->randbytes, 64 );
memcpy( ssl->handshake->randbytes, tmp + 32, 32 );
memcpy( ssl->handshake->randbytes + 32, tmp, 32 );
mbedtls_platform_zeroize( tmp, sizeof( tmp ) );
}
/* Populate transform structure */
ret = ssl_populate_transform( ssl );
if( ret != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "ssl_populate_transform", ret );
return( ret );
}
/* We no longer need Server/ClientHello.random values */
mbedtls_platform_zeroize( ssl->handshake->randbytes,
sizeof( ssl->handshake->randbytes ) );
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= derive keys" ) );
return( 0 );
}
#if defined(MBEDTLS_SSL_PROTO_SSL3)