yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-07-08 04:30:33 +00:00
Code Issues Packages Projects Releases Wiki Activity

Check return value of the TLS PRF

Browse source
This commit is contained in:
Manuel Pégourié-Gonnard 2015-03-26 11:47:47 +01:00
parent b7fcca33b9
commit e960818735
1 changed files with 25 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

34
library/ssl_tls.c
View file

@ -607,17 +607,28 @@ int ssl_derive_keys( ssl_context *ssl )
SSL_DEBUG_BUF( 3, "session hash", session_hash, hash_len ); SSL_DEBUG_BUF( 3, "session hash", session_hash, hash_len );
handshake->tls_prf( handshake->premaster, handshake->pmslen, ret = handshake->tls_prf( handshake->premaster, handshake->pmslen,
"extended master secret", "extended master secret",
session_hash, hash_len, session->master, 48 ); session_hash, hash_len,
session->master, 48 );
if( ret != 0 )
{
SSL_DEBUG_RET( 1, "prf", ret );
return( ret );
}
} }
else else
#endif #endif
handshake->tls_prf( handshake->premaster, handshake->pmslen, ret = handshake->tls_prf( handshake->premaster, handshake->pmslen,
"master secret", "master secret",
handshake->randbytes, 64, session->master, 48 ); handshake->randbytes, 64,
session->master, 48 );
if( ret != 0 )
{
SSL_DEBUG_RET( 1, "prf", ret );
return( ret );
}
polarssl_zeroize( handshake->premaster, sizeof(handshake->premaster) ); polarssl_zeroize( handshake->premaster, sizeof(handshake->premaster) );
} }
@ -644,8 +655,13 @@ int ssl_derive_keys( ssl_context *ssl )
* TLSv1: * TLSv1:
* key block = PRF( master, "key expansion", randbytes ) * key block = PRF( master, "key expansion", randbytes )
*/ */
handshake->tls_prf( session->master, 48, "key expansion", ret = handshake->tls_prf( session->master, 48, "key expansion",
handshake->randbytes, 64, keyblk, 256 ); handshake->randbytes, 64, keyblk, 256 );
if( ret != 0 )
{
SSL_DEBUG_RET( 1, "prf", ret );
return( ret );
}
SSL_DEBUG_MSG( 3, ( "ciphersuite = %s", SSL_DEBUG_MSG( 3, ( "ciphersuite = %s",
ssl_get_ciphersuite_name( session->ciphersuite ) ) ); ssl_get_ciphersuite_name( session->ciphersuite ) ) );