Start adding ticket keys (only key_name for now)

include/polarssl/ssl.h

@@ -328,6 +328,7 @@ typedef struct _ssl_session ssl_session;
 typedef struct _ssl_context ssl_context;
 typedef struct _ssl_transform ssl_transform;
 typedef struct _ssl_handshake_params ssl_handshake_params;
+typedef struct _ssl_ticket_keys ssl_ticket_keys;
 
 /*
  * This structure is used for storing current session data.
@@ -445,6 +446,14 @@ struct _ssl_handshake_params
     int new_session_ticket;             /*!< use NewSessionTicket?    */
 };
 
+/*
+ * Parameters needed to secure session tickets
+ */
+struct _ssl_ticket_keys
+{
+    unsigned char key_name[16];     /*!< name to quickly discard bad tickets */
+};
+
 struct _ssl_context
 {
     /*
@@ -553,6 +562,11 @@ struct _ssl_context
     const char *peer_cn;                /*!<  expected peer CN        */
 #endif /* POLARSSL_X509_PARSE_C */
 
+    /*
+     * Support for generating and checking session tickets
+     */
+    ssl_ticket_keys *ticket_keys;       /*!<  keys for ticket encryption */
+
     /*
      * User settings
      */

library/ssl_srv.c

@@ -165,7 +165,10 @@ static int ssl_write_ticket( ssl_context *ssl, size_t *tlen )
     unsigned char *p = start;
     size_t clear_len, enc_len;
 
-    memset( p, 0, 16 ); // TODO: key_name
+    if( ssl->ticket_keys == NULL )
+        return( POLARSSL_ERR_SSL_BAD_INPUT_DATA );
+
+    memcpy( p, ssl->ticket_keys->key_name, 16 );
     p += 16;
 
     memset( p, 0, 16 ); // TODO: iv
@@ -208,7 +211,7 @@ static int ssl_parse_ticket( ssl_context *ssl,
     const unsigned char *mac;
     size_t enc_len, clear_len;
 
-    if( len < 34 )
+    if( len < 34 || ssl->ticket_keys == NULL )
         return( POLARSSL_ERR_SSL_BAD_INPUT_DATA );
 
     enc_len = ( enc_len_p[0] << 8 ) | enc_len_p[1];
@@ -217,8 +220,8 @@ static int ssl_parse_ticket( ssl_context *ssl,
     if( len != enc_len + 66 )
         return( POLARSSL_ERR_SSL_BAD_INPUT_DATA );
 
-    // TODO: check key_name
+    if( memcmp( key_name, ssl->ticket_keys->key_name, 16 ) != 0 )
-    (void) key_name;
+        return( POLARSSL_ERR_SSL_BAD_INPUT_DATA );
 
     // TODO: check hmac
     (void) mac;

library/ssl_tls.c

@@ -2972,6 +2972,28 @@ int ssl_session_reset( ssl_context *ssl )
     return( 0 );
 }
 
+/*
+ * Allocate and initialize ticket keys
+ */
+static int ssl_ticket_keys_init( ssl_context *ssl )
+{
+    int ret;
+    ssl_ticket_keys *tkeys;
+
+    if( ssl->ticket_keys != NULL )
+        return( 0 );
+
+    if( ( tkeys = polarssl_malloc( sizeof( ssl_ticket_keys ) ) ) == NULL )
+        return( POLARSSL_ERR_SSL_MALLOC_FAILED );
+
+    if( ( ret = ssl->f_rng( ssl->p_rng, tkeys->key_name, 16 ) ) != 0 )
+        return( ret );
+
+    ssl->ticket_keys = tkeys;
+
+    return( 0 );
+}
+
 /*
  * SSL set accessors
  */
@@ -3232,7 +3254,13 @@ int ssl_set_session_tickets( ssl_context *ssl, int use_tickets )
 {
     ssl->session_tickets = use_tickets;
 
-    return( 0 );
+    if( ssl->endpoint == SSL_IS_CLIENT )
+        return( 0 );
+
+    if( ssl->f_rng == NULL )
+        return( POLARSSL_ERR_SSL_BAD_INPUT_DATA );
+
+    return( ssl_ticket_keys_init( ssl ) );
 }
 
 /*
@@ -3671,6 +3699,8 @@ void ssl_free( ssl_context *ssl )
         polarssl_free( ssl->session );
     }
 
+    polarssl_free( ssl->ticket_keys );
+
     if ( ssl->hostname != NULL)
     {
         memset( ssl->hostname, 0, ssl->hostname_len );