yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-02-02 02:01:02 +00:00
Code Issues Packages Projects Releases Wiki Activity

Move ssl_set_rng() to act on config

Browse source
This commit is contained in:
Manuel Pégourié-Gonnard 2015-05-07 12:35:38 +01:00
parent 5cb3308e5f
commit 750e4d7769
15 changed files with 52 additions and 51 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
include/mbedtls/ssl.h
View file

@ -799,12 +799,16 @@ typedef struct
* Pointers * Pointers
*/ */
const int *ciphersuite_list[4]; /*!< allowed ciphersuites / version */ const int *ciphersuite_list[4]; /*!< allowed ciphersuites per version */
/** Callback for printing debug output */ /** Callback for printing debug output */
void (*f_dbg)(void *, int, const char *); void (*f_dbg)(void *, int, const char *);
void *p_dbg; /*!< context for the debug function */ void *p_dbg; /*!< context for the debug function */
/** Callback for getting (pseudo-)random numbers */
int (*f_rng)(void *, unsigned char *, size_t);
void *p_rng; /*!< context for the RNG function */
/** Callback to retrieve a session from the cache */ /** Callback to retrieve a session from the cache */
int (*f_get_cache)(void *, mbedtls_ssl_session *); int (*f_get_cache)(void *, mbedtls_ssl_session *);
/** Callback to store a session into the cache */ /** Callback to store a session into the cache */
@ -836,7 +840,7 @@ typedef struct
/** Callback to verify validity of a ClientHello cookie */ /** Callback to verify validity of a ClientHello cookie */
int (*f_cookie_check)( void *, const unsigned char *, size_t, int (*f_cookie_check)( void *, const unsigned char *, size_t,
const unsigned char *, size_t ); const unsigned char *, size_t );
void *p_cookie; /*!< context for the cookie callbacks */ void *p_cookie; /*!< context for the cookie callbacks */
#endif #endif
#if defined(MBEDTLS_X509_CRT_PARSE_C) #if defined(MBEDTLS_X509_CRT_PARSE_C)
@ -846,7 +850,7 @@ typedef struct
#endif /* MBEDTLS_X509_CRT_PARSE_C */ #endif /* MBEDTLS_X509_CRT_PARSE_C */
#if defined(MBEDTLS_SSL_SET_CURVES) #if defined(MBEDTLS_SSL_SET_CURVES)
const mbedtls_ecp_group_id *curve_list; /*!< allowed curves */ const mbedtls_ecp_group_id *curve_list; /*!< allowed curves */
#endif #endif
#if defined(MBEDTLS_DHM_C) #if defined(MBEDTLS_DHM_C)
@ -966,9 +970,6 @@ struct mbedtls_ssl_context
/* /*
* Callbacks * Callbacks
*/ */
int (*f_rng)(void *, unsigned char *, size_t);
void *p_rng; /*!< context for the RNG function */
int (*f_send)(void *, const unsigned char *, size_t); int (*f_send)(void *, const unsigned char *, size_t);
int (*f_recv)(void *, unsigned char *, size_t); int (*f_recv)(void *, unsigned char *, size_t);
int (*f_recv_timeout)(void *, unsigned char *, size_t, uint32_t); int (*f_recv_timeout)(void *, unsigned char *, size_t, uint32_t);
@ -1243,11 +1244,11 @@ void mbedtls_ssl_set_verify( mbedtls_ssl_config *conf,
/** /**
* \brief Set the random number generator callback * \brief Set the random number generator callback
* *
* \param ssl SSL context * \param conf SSL configuration
* \param f_rng RNG function * \param f_rng RNG function
* \param p_rng RNG parameter * \param p_rng RNG parameter
*/ */
void mbedtls_ssl_set_rng( mbedtls_ssl_context *ssl, void mbedtls_ssl_set_rng( mbedtls_ssl_config *conf,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng );

26
library/ssl_cli.c
View file

@ -534,13 +534,13 @@ static int ssl_generate_random( mbedtls_ssl_context *ssl )
MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, current time: %lu", t ) ); MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, current time: %lu", t ) );
#else #else
if( ( ret = ssl->f_rng( ssl->p_rng, p, 4 ) ) != 0 ) if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, p, 4 ) ) != 0 )
return( ret ); return( ret );
p += 4; p += 4;
#endif /* MBEDTLS_HAVE_TIME */ #endif /* MBEDTLS_HAVE_TIME */
if( ( ret = ssl->f_rng( ssl->p_rng, p, 28 ) ) != 0 ) if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, p, 28 ) ) != 0 )
return( ret ); return( ret );
return( 0 ); return( 0 );
@ -558,7 +558,7 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl )
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write client hello" ) ); MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write client hello" ) );
if( ssl->f_rng == NULL ) if( ssl->conf->f_rng == NULL )
{ {
MBEDTLS_SSL_DEBUG_MSG( 1, ( "no RNG provided") ); MBEDTLS_SSL_DEBUG_MSG( 1, ( "no RNG provided") );
return( MBEDTLS_ERR_SSL_NO_RNG ); return( MBEDTLS_ERR_SSL_NO_RNG );
@ -640,7 +640,7 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl )
if( ssl->session_negotiate->ticket != NULL && if( ssl->session_negotiate->ticket != NULL &&
ssl->session_negotiate->ticket_len != 0 ) ssl->session_negotiate->ticket_len != 0 )
{ {
ret = ssl->f_rng( ssl->p_rng, ssl->session_negotiate->id, 32 ); ret = ssl->conf->f_rng( ssl->conf->p_rng, ssl->session_negotiate->id, 32 );
if( ret != 0 ) if( ret != 0 )
return( ret ); return( ret );
@ -1785,7 +1785,7 @@ static int ssl_write_encrypted_pms( mbedtls_ssl_context *ssl,
mbedtls_ssl_write_version( ssl->conf->max_major_ver, ssl->conf->max_minor_ver, mbedtls_ssl_write_version( ssl->conf->max_major_ver, ssl->conf->max_minor_ver,
ssl->conf->transport, p ); ssl->conf->transport, p );
if( ( ret = ssl->f_rng( ssl->p_rng, p + 2, 46 ) ) != 0 ) if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, p + 2, 46 ) ) != 0 )
{ {
MBEDTLS_SSL_DEBUG_RET( 1, "f_rng", ret ); MBEDTLS_SSL_DEBUG_RET( 1, "f_rng", ret );
return( ret ); return( ret );
@ -1807,7 +1807,7 @@ static int ssl_write_encrypted_pms( mbedtls_ssl_context *ssl,
p, ssl->handshake->pmslen, p, ssl->handshake->pmslen,
ssl->out_msg + offset + len_bytes, olen, ssl->out_msg + offset + len_bytes, olen,
MBEDTLS_SSL_MAX_CONTENT_LEN - offset - len_bytes, MBEDTLS_SSL_MAX_CONTENT_LEN - offset - len_bytes,
ssl->f_rng, ssl->p_rng ) ) != 0 ) ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 )
{ {
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_rsa_pkcs1_encrypt", ret ); MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_rsa_pkcs1_encrypt", ret );
return( ret ); return( ret );
@ -2461,7 +2461,7 @@ static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl )
ret = mbedtls_dhm_make_public( &ssl->handshake->dhm_ctx, ret = mbedtls_dhm_make_public( &ssl->handshake->dhm_ctx,
(int) mbedtls_mpi_size( &ssl->handshake->dhm_ctx.P ), (int) mbedtls_mpi_size( &ssl->handshake->dhm_ctx.P ),
&ssl->out_msg[i], n, &ssl->out_msg[i], n,
ssl->f_rng, ssl->p_rng ); ssl->conf->f_rng, ssl->conf->p_rng );
if( ret != 0 ) if( ret != 0 )
{ {
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_make_public", ret ); MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_make_public", ret );
@ -2476,7 +2476,7 @@ static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl )
if( ( ret = mbedtls_dhm_calc_secret( &ssl->handshake->dhm_ctx, if( ( ret = mbedtls_dhm_calc_secret( &ssl->handshake->dhm_ctx,
ssl->handshake->premaster, ssl->handshake->premaster,
&ssl->handshake->pmslen, &ssl->handshake->pmslen,
ssl->f_rng, ssl->p_rng ) ) != 0 ) ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 )
{ {
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_calc_secret", ret ); MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_calc_secret", ret );
return( ret ); return( ret );
@ -2503,7 +2503,7 @@ static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl )
ret = mbedtls_ecdh_make_public( &ssl->handshake->ecdh_ctx, ret = mbedtls_ecdh_make_public( &ssl->handshake->ecdh_ctx,
&n, &n,
&ssl->out_msg[i], 1000, &ssl->out_msg[i], 1000,
ssl->f_rng, ssl->p_rng ); ssl->conf->f_rng, ssl->conf->p_rng );
if( ret != 0 ) if( ret != 0 )
{ {
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_make_public", ret ); MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_make_public", ret );
@ -2516,7 +2516,7 @@ static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl )
&ssl->handshake->pmslen, &ssl->handshake->pmslen,
ssl->handshake->premaster, ssl->handshake->premaster,
MBEDTLS_MPI_MAX_SIZE, MBEDTLS_MPI_MAX_SIZE,
ssl->f_rng, ssl->p_rng ) ) != 0 ) ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 )
{ {
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_calc_secret", ret ); MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_calc_secret", ret );
return( ret ); return( ret );
@ -2577,7 +2577,7 @@ static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl )
ret = mbedtls_dhm_make_public( &ssl->handshake->dhm_ctx, ret = mbedtls_dhm_make_public( &ssl->handshake->dhm_ctx,
(int) mbedtls_mpi_size( &ssl->handshake->dhm_ctx.P ), (int) mbedtls_mpi_size( &ssl->handshake->dhm_ctx.P ),
&ssl->out_msg[i], n, &ssl->out_msg[i], n,
ssl->f_rng, ssl->p_rng ); ssl->conf->f_rng, ssl->conf->p_rng );
if( ret != 0 ) if( ret != 0 )
{ {
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_make_public", ret ); MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_make_public", ret );
@ -2594,7 +2594,7 @@ static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl )
*/ */
ret = mbedtls_ecdh_make_public( &ssl->handshake->ecdh_ctx, &n, ret = mbedtls_ecdh_make_public( &ssl->handshake->ecdh_ctx, &n,
&ssl->out_msg[i], MBEDTLS_SSL_MAX_CONTENT_LEN - i, &ssl->out_msg[i], MBEDTLS_SSL_MAX_CONTENT_LEN - i,
ssl->f_rng, ssl->p_rng ); ssl->conf->f_rng, ssl->conf->p_rng );
if( ret != 0 ) if( ret != 0 )
{ {
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_make_public", ret ); MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_make_public", ret );
@ -2804,7 +2804,7 @@ static int ssl_write_certificate_verify( mbedtls_ssl_context *ssl )
if( ( ret = mbedtls_pk_sign( mbedtls_ssl_own_key( ssl ), md_alg, hash_start, hashlen, if( ( ret = mbedtls_pk_sign( mbedtls_ssl_own_key( ssl ), md_alg, hash_start, hashlen,
ssl->out_msg + 6 + offset, &n, ssl->out_msg + 6 + offset, &n,
ssl->f_rng, ssl->p_rng ) ) != 0 ) ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 )
{ {
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_pk_sign", ret ); MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_pk_sign", ret );
return( ret ); return( ret );

24
library/ssl_srv.c
View file

@ -197,7 +197,7 @@ static int ssl_write_ticket( mbedtls_ssl_context *ssl, size_t *tlen )
p += 16; p += 16;
/* Generate and write IV (with a copy for aes_crypt) */ /* Generate and write IV (with a copy for aes_crypt) */
if( ( ret = ssl->f_rng( ssl->p_rng, p, 16 ) ) != 0 ) if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, p, 16 ) ) != 0 )
return( ret ); return( ret );
memcpy( iv, p, 16 ); memcpy( iv, p, 16 );
p += 16; p += 16;
@ -2417,7 +2417,7 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl )
} }
#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */ #endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */
if( ssl->f_rng == NULL ) if( ssl->conf->f_rng == NULL )
{ {
MBEDTLS_SSL_DEBUG_MSG( 1, ( "no RNG provided") ); MBEDTLS_SSL_DEBUG_MSG( 1, ( "no RNG provided") );
return( MBEDTLS_ERR_SSL_NO_RNG ); return( MBEDTLS_ERR_SSL_NO_RNG );
@ -2449,13 +2449,13 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl )
MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, current time: %lu", t ) ); MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, current time: %lu", t ) );
#else #else
if( ( ret = ssl->f_rng( ssl->p_rng, p, 4 ) ) != 0 ) if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, p, 4 ) ) != 0 )
return( ret ); return( ret );
p += 4; p += 4;
#endif /* MBEDTLS_HAVE_TIME */ #endif /* MBEDTLS_HAVE_TIME */
if( ( ret = ssl->f_rng( ssl->p_rng, p, 28 ) ) != 0 ) if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, p, 28 ) ) != 0 )
return( ret ); return( ret );
p += 28; p += 28;
@ -2503,7 +2503,7 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl )
#endif /* MBEDTLS_SSL_SESSION_TICKETS */ #endif /* MBEDTLS_SSL_SESSION_TICKETS */
{ {
ssl->session_negotiate->length = n = 32; ssl->session_negotiate->length = n = 32;
if( ( ret = ssl->f_rng( ssl->p_rng, ssl->session_negotiate->id, if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, ssl->session_negotiate->id,
n ) ) != 0 ) n ) ) != 0 )
return( ret ); return( ret );
} }
@ -2895,7 +2895,7 @@ static int ssl_write_server_key_exchange( mbedtls_ssl_context *ssl )
if( ( ret = mbedtls_dhm_make_params( &ssl->handshake->dhm_ctx, if( ( ret = mbedtls_dhm_make_params( &ssl->handshake->dhm_ctx,
(int) mbedtls_mpi_size( &ssl->handshake->dhm_ctx.P ), (int) mbedtls_mpi_size( &ssl->handshake->dhm_ctx.P ),
p, &len, ssl->f_rng, ssl->p_rng ) ) != 0 ) p, &len, ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 )
{ {
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_make_params", ret ); MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_make_params", ret );
return( ret ); return( ret );
@ -2960,7 +2960,7 @@ curve_matching_done:
if( ( ret = mbedtls_ecdh_make_params( &ssl->handshake->ecdh_ctx, &len, if( ( ret = mbedtls_ecdh_make_params( &ssl->handshake->ecdh_ctx, &len,
p, MBEDTLS_SSL_MAX_CONTENT_LEN - n, p, MBEDTLS_SSL_MAX_CONTENT_LEN - n,
ssl->f_rng, ssl->p_rng ) ) != 0 ) ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 )
{ {
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_make_params", ret ); MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_make_params", ret );
return( ret ); return( ret );
@ -3124,7 +3124,7 @@ curve_matching_done:
if( ( ret = mbedtls_pk_sign( mbedtls_ssl_own_key( ssl ), md_alg, hash, hashlen, if( ( ret = mbedtls_pk_sign( mbedtls_ssl_own_key( ssl ), md_alg, hash, hashlen,
p + 2 , &signature_len, p + 2 , &signature_len,
ssl->f_rng, ssl->p_rng ) ) != 0 ) ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 )
{ {
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_pk_sign", ret ); MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_pk_sign", ret );
return( ret ); return( ret );
@ -3282,14 +3282,14 @@ static int ssl_parse_encrypted_pms( mbedtls_ssl_context *ssl,
* Also, avoid data-dependant branches here to protect against * Also, avoid data-dependant branches here to protect against
* timing-based variants. * timing-based variants.
*/ */
ret = ssl->f_rng( ssl->p_rng, fake_pms, sizeof( fake_pms ) ); ret = ssl->conf->f_rng( ssl->conf->p_rng, fake_pms, sizeof( fake_pms ) );
if( ret != 0 ) if( ret != 0 )
return( ret ); return( ret );
ret = mbedtls_pk_decrypt( mbedtls_ssl_own_key( ssl ), p, len, ret = mbedtls_pk_decrypt( mbedtls_ssl_own_key( ssl ), p, len,
peer_pms, &peer_pmslen, peer_pms, &peer_pmslen,
sizeof( peer_pms ), sizeof( peer_pms ),
ssl->f_rng, ssl->p_rng ); ssl->conf->f_rng, ssl->conf->p_rng );
diff = (size_t) ret; diff = (size_t) ret;
diff |= peer_pmslen ^ 48; diff |= peer_pmslen ^ 48;
@ -3438,7 +3438,7 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl )
if( ( ret = mbedtls_dhm_calc_secret( &ssl->handshake->dhm_ctx, if( ( ret = mbedtls_dhm_calc_secret( &ssl->handshake->dhm_ctx,
ssl->handshake->premaster, ssl->handshake->premaster,
&ssl->handshake->pmslen, &ssl->handshake->pmslen,
ssl->f_rng, ssl->p_rng ) ) != 0 ) ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 )
{ {
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_calc_secret", ret ); MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_calc_secret", ret );
return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS ); return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS );
@ -3470,7 +3470,7 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl )
&ssl->handshake->pmslen, &ssl->handshake->pmslen,
ssl->handshake->premaster, ssl->handshake->premaster,
MBEDTLS_MPI_MAX_SIZE, MBEDTLS_MPI_MAX_SIZE,
ssl->f_rng, ssl->p_rng ) ) != 0 ) ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 )
{ {
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_calc_secret", ret ); MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_calc_secret", ret );
return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS ); return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS );

14
library/ssl_tls.c
View file

@ -1108,7 +1108,7 @@ int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exch
/* Write length only when we know the actual value */ /* Write length only when we know the actual value */
if( ( ret = mbedtls_dhm_calc_secret( &ssl->handshake->dhm_ctx, if( ( ret = mbedtls_dhm_calc_secret( &ssl->handshake->dhm_ctx,
p + 2, &len, p + 2, &len,
ssl->f_rng, ssl->p_rng ) ) != 0 ) ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 )
{ {
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_calc_secret", ret ); MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_calc_secret", ret );
return( ret ); return( ret );
@ -1129,7 +1129,7 @@ int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exch
if( ( ret = mbedtls_ecdh_calc_secret( &ssl->handshake->ecdh_ctx, &zlen, if( ( ret = mbedtls_ecdh_calc_secret( &ssl->handshake->ecdh_ctx, &zlen,
p + 2, end - ( p + 2 ), p + 2, end - ( p + 2 ),
ssl->f_rng, ssl->p_rng ) ) != 0 ) ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 )
{ {
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_calc_secret", ret ); MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_calc_secret", ret );
return( ret ); return( ret );
@ -1338,7 +1338,7 @@ static int ssl_encrypt_buf( mbedtls_ssl_context *ssl )
* Generate IV * Generate IV
*/ */
#if defined(MBEDTLS_SSL_AEAD_RANDOM_IV) #if defined(MBEDTLS_SSL_AEAD_RANDOM_IV)
ret = ssl->f_rng( ssl->p_rng, ret = ssl->conf->f_rng( ssl->conf->p_rng,
ssl->transform_out->iv_enc + ssl->transform_out->fixed_ivlen, ssl->transform_out->iv_enc + ssl->transform_out->fixed_ivlen,
ssl->transform_out->ivlen - ssl->transform_out->fixed_ivlen ); ssl->transform_out->ivlen - ssl->transform_out->fixed_ivlen );
if( ret != 0 ) if( ret != 0 )
@ -1434,7 +1434,7 @@ static int ssl_encrypt_buf( mbedtls_ssl_context *ssl )
/* /*
* Generate IV * Generate IV
*/ */
int ret = ssl->f_rng( ssl->p_rng, ssl->transform_out->iv_enc, int ret = ssl->conf->f_rng( ssl->conf->p_rng, ssl->transform_out->iv_enc,
ssl->transform_out->ivlen ); ssl->transform_out->ivlen );
if( ret != 0 ) if( ret != 0 )
return( ret ); return( ret );
@ -5210,12 +5210,12 @@ void mbedtls_ssl_set_verify( mbedtls_ssl_config *conf,
} }
#endif /* MBEDTLS_X509_CRT_PARSE_C */ #endif /* MBEDTLS_X509_CRT_PARSE_C */
void mbedtls_ssl_set_rng( mbedtls_ssl_context *ssl, void mbedtls_ssl_set_rng( mbedtls_ssl_config *conf,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ) void *p_rng )
{ {
ssl->f_rng = f_rng; conf->f_rng = f_rng;
ssl->p_rng = p_rng; conf->p_rng = p_rng;
} }
void mbedtls_ssl_set_dbg( mbedtls_ssl_config *conf, void mbedtls_ssl_set_dbg( mbedtls_ssl_config *conf,

2
programs/ssl/dtls_client.c
View file

@ -187,7 +187,7 @@ int main( int argc, char *argv[] )
goto exit; goto exit;
} }
mbedtls_ssl_set_rng( &ssl, mbedtls_ctr_drbg_random, &ctr_drbg ); mbedtls_ssl_set_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
mbedtls_ssl_set_dbg( &conf, my_debug, stdout ); mbedtls_ssl_set_dbg( &conf, my_debug, stdout );
mbedtls_ssl_set_bio( &ssl, &server_fd, mbedtls_ssl_set_bio( &ssl, &server_fd,

2
programs/ssl/dtls_server.c
View file

@ -206,7 +206,7 @@ int main( void )
goto exit; goto exit;
} }
mbedtls_ssl_set_rng( &ssl, mbedtls_ctr_drbg_random, &ctr_drbg ); mbedtls_ssl_set_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
mbedtls_ssl_set_dbg( &conf, my_debug, stdout ); mbedtls_ssl_set_dbg( &conf, my_debug, stdout );
#if defined(MBEDTLS_SSL_CACHE_C) #if defined(MBEDTLS_SSL_CACHE_C)

2
programs/ssl/mini_client.c
View file

@ -203,7 +203,7 @@ int main( void )
goto exit; goto exit;
} }
mbedtls_ssl_set_rng( &ssl, mbedtls_ctr_drbg_random, &ctr_drbg ); mbedtls_ssl_set_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
mbedtls_ssl_set_psk( &ssl, psk, sizeof( psk ), mbedtls_ssl_set_psk( &ssl, psk, sizeof( psk ),

2
programs/ssl/ssl_client1.c
View file

@ -176,7 +176,7 @@ int main( void )
goto exit; goto exit;
} }
mbedtls_ssl_set_rng( &ssl, mbedtls_ctr_drbg_random, &ctr_drbg ); mbedtls_ssl_set_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
mbedtls_ssl_set_dbg( &conf, my_debug, stdout ); mbedtls_ssl_set_dbg( &conf, my_debug, stdout );
mbedtls_ssl_set_bio( &ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL ); mbedtls_ssl_set_bio( &ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL );

2
programs/ssl/ssl_client2.c
View file

@ -1115,7 +1115,7 @@ int main( int argc, char *argv[] )
} }
#endif #endif
mbedtls_ssl_set_rng( &ssl, mbedtls_ctr_drbg_random, &ctr_drbg ); mbedtls_ssl_set_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
mbedtls_ssl_set_dbg( &conf, my_debug, stdout ); mbedtls_ssl_set_dbg( &conf, my_debug, stdout );
if( opt.nbio == 2 ) if( opt.nbio == 2 )

2
programs/ssl/ssl_fork_server.c
View file

@ -265,7 +265,7 @@ int main( void )
mbedtls_printf( " ok\n" ); mbedtls_printf( " ok\n" );
mbedtls_ssl_set_rng( &ssl, mbedtls_ctr_drbg_random, &ctr_drbg ); mbedtls_ssl_set_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
mbedtls_ssl_set_dbg( &conf, my_debug, stdout ); mbedtls_ssl_set_dbg( &conf, my_debug, stdout );
mbedtls_ssl_set_bio( &ssl, &client_fd, mbedtls_net_send, mbedtls_net_recv, NULL ); mbedtls_ssl_set_bio( &ssl, &client_fd, mbedtls_net_send, mbedtls_net_recv, NULL );

2
programs/ssl/ssl_mail_client.c
View file

@ -604,7 +604,7 @@ int main( int argc, char *argv[] )
* but makes interop easier in this simplified example */ * but makes interop easier in this simplified example */
mbedtls_ssl_set_authmode( &conf, MBEDTLS_SSL_VERIFY_OPTIONAL ); mbedtls_ssl_set_authmode( &conf, MBEDTLS_SSL_VERIFY_OPTIONAL );
mbedtls_ssl_set_rng( &ssl, mbedtls_ctr_drbg_random, &ctr_drbg ); mbedtls_ssl_set_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
mbedtls_ssl_set_dbg( &conf, my_debug, stdout ); mbedtls_ssl_set_dbg( &conf, my_debug, stdout );
mbedtls_ssl_set_bio( &ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL ); mbedtls_ssl_set_bio( &ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL );

2
programs/ssl/ssl_pthread_server.c
View file

@ -176,7 +176,7 @@ static void *handle_ssl_connection( void *data )
goto thread_exit; goto thread_exit;
} }
mbedtls_ssl_set_rng( &ssl, mbedtls_ctr_drbg_random, &ctr_drbg ); mbedtls_ssl_set_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
mbedtls_ssl_set_dbg( &conf, my_mutexed_debug, stdout ); mbedtls_ssl_set_dbg( &conf, my_mutexed_debug, stdout );
/* mbedtls_ssl_cache_get() and mbedtls_ssl_cache_set() are thread-safe if /* mbedtls_ssl_cache_get() and mbedtls_ssl_cache_set() are thread-safe if

2
programs/ssl/ssl_server.c
View file

@ -205,7 +205,7 @@ int main( void )
goto exit; goto exit;
} }
mbedtls_ssl_set_rng( &ssl, mbedtls_ctr_drbg_random, &ctr_drbg ); mbedtls_ssl_set_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
mbedtls_ssl_set_dbg( &conf, my_debug, stdout ); mbedtls_ssl_set_dbg( &conf, my_debug, stdout );
#if defined(MBEDTLS_SSL_CACHE_C) #if defined(MBEDTLS_SSL_CACHE_C)

2
programs/ssl/ssl_server2.c
View file

@ -1574,7 +1574,7 @@ int main( int argc, char *argv[] )
} }
#endif #endif
mbedtls_ssl_set_rng( &ssl, mbedtls_ctr_drbg_random, &ctr_drbg ); mbedtls_ssl_set_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
mbedtls_ssl_set_dbg( &conf, my_debug, stdout ); mbedtls_ssl_set_dbg( &conf, my_debug, stdout );
#if defined(MBEDTLS_SSL_CACHE_C) #if defined(MBEDTLS_SSL_CACHE_C)

2
programs/x509/cert_app.c
View file

@ -419,7 +419,7 @@ int main( int argc, char *argv[] )
else else
mbedtls_ssl_set_authmode( &conf, MBEDTLS_SSL_VERIFY_NONE ); mbedtls_ssl_set_authmode( &conf, MBEDTLS_SSL_VERIFY_NONE );
mbedtls_ssl_set_rng( &ssl, mbedtls_ctr_drbg_random, &ctr_drbg ); mbedtls_ssl_set_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
mbedtls_ssl_set_dbg( &conf, my_debug, stdout ); mbedtls_ssl_set_dbg( &conf, my_debug, stdout );
mbedtls_ssl_set_bio( &ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL ); mbedtls_ssl_set_bio( &ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL );