mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2025-06-13 20:15:43 +00:00
Move handling of randbytes to derive_keys()
This commit is contained in:
Manuel Pégourié-Gonnard
Jarno Lamsa
parent
de718b99b5
commit
040a9517b5
|
|
@ -989,7 +989,6 @@ static int ssl_populate_transform( mbedtls_ssl_context *ssl )
|
||||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||||
int psa_fallthrough;
|
int psa_fallthrough;
|
||||||
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
||||||
unsigned char tmp[64];
|
|
||||||
unsigned char keyblk[256];
|
unsigned char keyblk[256];
|
||||||
unsigned char *key1;
|
unsigned char *key1;
|
||||||
unsigned char *key2;
|
unsigned char *key2;
|
||||||
|
|
@ -1006,8 +1005,6 @@ static int ssl_populate_transform( mbedtls_ssl_context *ssl )
|
||||||
mbedtls_ssl_transform *transform = ssl->transform_negotiate;
|
mbedtls_ssl_transform *transform = ssl->transform_negotiate;
|
||||||
mbedtls_ssl_handshake_params *handshake = ssl->handshake;
|
mbedtls_ssl_handshake_params *handshake = ssl->handshake;
|
||||||
|
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> derive keys" ) );
|
|
||||||
|
|
||||||
#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) && \
|
#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) && \
|
||||||
defined(MBEDTLS_SSL_SOME_MODES_USE_MAC)
|
defined(MBEDTLS_SSL_SOME_MODES_USE_MAC)
|
||||||
transform->encrypt_then_mac = session->encrypt_then_mac;
|
transform->encrypt_then_mac = session->encrypt_then_mac;
|
||||||
|
|
@ -1051,14 +1048,6 @@ static int ssl_populate_transform( mbedtls_ssl_context *ssl )
|
||||||
}
|
}
|
||||||
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||||
|
|
||||||
/*
|
|
||||||
* Swap the client and server random values.
|
|
||||||
*/
|
|
||||||
memcpy( tmp, handshake->randbytes, 64 );
|
|
||||||
memcpy( handshake->randbytes, tmp + 32, 32 );
|
|
||||||
memcpy( handshake->randbytes + 32, tmp, 32 );
|
|
||||||
mbedtls_platform_zeroize( tmp, sizeof( tmp ) );
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* SSLv3:
|
* SSLv3:
|
||||||
* key block =
|
* key block =
|
||||||
|
|
@ -1505,11 +1494,8 @@ static int ssl_populate_transform( mbedtls_ssl_context *ssl )
|
||||||
}
|
}
|
||||||
#endif /* MBEDTLS_ZLIB_SUPPORT */
|
#endif /* MBEDTLS_ZLIB_SUPPORT */
|
||||||
|
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= derive keys" ) );
|
|
||||||
end:
|
end:
|
||||||
mbedtls_platform_zeroize( keyblk, sizeof( keyblk ) );
|
mbedtls_platform_zeroize( keyblk, sizeof( keyblk ) );
|
||||||
mbedtls_platform_zeroize( handshake->randbytes,
|
|
||||||
sizeof( handshake->randbytes ) );
|
|
||||||
return( ret );
|
return( ret );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -1726,6 +1712,9 @@ int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl )
|
||||||
const mbedtls_ssl_ciphersuite_t * const ciphersuite_info =
|
const mbedtls_ssl_ciphersuite_t * const ciphersuite_info =
|
||||||
ssl->handshake->ciphersuite_info;
|
ssl->handshake->ciphersuite_info;
|
||||||
|
|
||||||
|
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> derive keys" ) );
|
||||||
|
|
||||||
|
/* Set PRF, calc_verify and calc_finished function pointers */
|
||||||
ret = ssl_set_handshake_prfs( ssl->handshake,
|
ret = ssl_set_handshake_prfs( ssl->handshake,
|
||||||
ssl->minor_ver,
|
ssl->minor_ver,
|
||||||
ciphersuite_info->mac );
|
ciphersuite_info->mac );
|
||||||
|
|
@ -1735,6 +1724,7 @@ int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl )
|
||||||
return( ret );
|
return( ret );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* Compute master secret if needed */
|
||||||
ret = ssl_compute_master( ssl->handshake,
|
ret = ssl_compute_master( ssl->handshake,
|
||||||
ssl->session_negotiate->master,
|
ssl->session_negotiate->master,
|
||||||
ssl );
|
ssl );
|
||||||
|
|
@ -1744,7 +1734,32 @@ int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl )
|
||||||
return( ret );
|
return( ret );
|
||||||
}
|
}
|
||||||
|
|
||||||
return( ssl_populate_transform( ssl ) );
|
/* Swap the client and server random values:
|
||||||
|
* - MS derivation wanted client+server (RFC 5246 8.1)
|
||||||
|
* - key derivation wants server+client (RFC 5246 6.3) */
|
||||||
|
{
|
||||||
|
unsigned char tmp[64];
|
||||||
|
memcpy( tmp, ssl->handshake->randbytes, 64 );
|
||||||
|
memcpy( ssl->handshake->randbytes, tmp + 32, 32 );
|
||||||
|
memcpy( ssl->handshake->randbytes + 32, tmp, 32 );
|
||||||
|
mbedtls_platform_zeroize( tmp, sizeof( tmp ) );
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Populate transform structure */
|
||||||
|
ret = ssl_populate_transform( ssl );
|
||||||
|
if( ret != 0 )
|
||||||
|
{
|
||||||
|
MBEDTLS_SSL_DEBUG_RET( 1, "ssl_populate_transform", ret );
|
||||||
|
return( ret );
|
||||||
|
}
|
||||||
|
|
||||||
|
/* We no longer need Server/ClientHello.random values */
|
||||||
|
mbedtls_platform_zeroize( ssl->handshake->randbytes,
|
||||||
|
sizeof( ssl->handshake->randbytes ) );
|
||||||
|
|
||||||
|
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= derive keys" ) );
|
||||||
|
|
||||||
|
return( 0 );
|
||||||
}
|
}
|
||||||
|
|
||||||
#if defined(MBEDTLS_SSL_PROTO_SSL3)
|
#if defined(MBEDTLS_SSL_PROTO_SSL3)
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue