lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-30 22:43:08 +03:00
Code Activity

Move session ticket keys to conf

Browse Source 
This is temporary, they will soon be replaced by callbacks.
!!! In this intermediate step security is removed !!!
This commit is contained in:
Manuel Pégourié-Gonnard
2015-05-06 10:05:11 +01:00
parent e51bba05cf
commit 2b49445876
5 changed files with 34 additions and 47 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
library/ssl_srv.c
View File

@ -189,11 +189,11 @@ static int ssl_write_ticket( mbedtls_ssl_context *ssl, size_t *tlen )
*tlen = 0;
if( ssl->ticket_keys == NULL )
if( ssl->conf->ticket_keys == NULL )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
/* Write key name */
memcpy( p, ssl->ticket_keys->key_name, 16 );
memcpy( p, ssl->conf->ticket_keys->key_name, 16 );
p += 16;
/* Generate and write IV (with a copy for aes_crypt) */
@ -224,7 +224,7 @@ static int ssl_write_ticket( mbedtls_ssl_context *ssl, size_t *tlen )
state[i] = (unsigned char) pad_len;
/* Encrypt */
if( ( ret = mbedtls_aes_crypt_cbc( &ssl->ticket_keys->enc, MBEDTLS_AES_ENCRYPT,
if( ( ret = mbedtls_aes_crypt_cbc( &ssl->conf->ticket_keys->enc, MBEDTLS_AES_ENCRYPT,
enc_len, iv, state, state ) ) != 0 )
{
return( ret );
@ -237,7 +237,7 @@ static int ssl_write_ticket( mbedtls_ssl_context *ssl, size_t *tlen )
/* Compute and write MAC( key_name + iv + enc_state_len + enc_state ) */
if( ( ret = mbedtls_md_hmac( mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 ),
ssl->ticket_keys->mac_key, 16,
ssl->conf->ticket_keys->mac_key, 16,
start, p - start, p ) ) != 0 )
{
return( ret );
@ -271,7 +271,7 @@ static int ssl_parse_ticket( mbedtls_ssl_context *ssl,
MBEDTLS_SSL_DEBUG_BUF( 3, "session ticket structure", buf, len );
if( len < 34 || ssl->ticket_keys == NULL )
if( len < 34 || ssl->conf->ticket_keys == NULL )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
enc_len = ( enc_len_p[0] << 8 ) | enc_len_p[1];
@ -283,12 +283,12 @@ static int ssl_parse_ticket( mbedtls_ssl_context *ssl,
/* Check name, in constant time though it's not a big secret */
diff = 0;
for( i = 0; i < 16; i++ )
diff |= key_name[i] ^ ssl->ticket_keys->key_name[i];
diff |= key_name[i] ^ ssl->conf->ticket_keys->key_name[i];
/* don't return yet, check the MAC anyway */
/* Check mac, with constant-time buffer comparison */
if( ( ret = mbedtls_md_hmac( mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 ),
ssl->ticket_keys->mac_key, 16,
ssl->conf->ticket_keys->mac_key, 16,
buf, len - 32, computed_mac ) ) != 0 )
{
return( ret );
@ -303,7 +303,7 @@ static int ssl_parse_ticket( mbedtls_ssl_context *ssl,
return( MBEDTLS_ERR_SSL_INVALID_MAC );
/* Decrypt */
if( ( ret = mbedtls_aes_crypt_cbc( &ssl->ticket_keys->dec, MBEDTLS_AES_DECRYPT,
if( ( ret = mbedtls_aes_crypt_cbc( &ssl->conf->ticket_keys->dec, MBEDTLS_AES_DECRYPT,
enc_len, iv, ticket, ticket ) ) != 0 )
{
return( ret );

46
library/ssl_tls.c
View File

@ -5120,13 +5120,13 @@ static void ssl_ticket_keys_free( mbedtls_ssl_ticket_keys *tkeys )
/*
* Allocate and initialize ticket keys
*/
static int ssl_ticket_keys_init( mbedtls_ssl_context *ssl )
static int ssl_ticket_keys_init( mbedtls_ssl_config *conf )
{
int ret;
mbedtls_ssl_ticket_keys *tkeys;
unsigned char buf[16];
if( ssl->ticket_keys != NULL )
if( conf->ticket_keys != NULL )
return( 0 );
tkeys = mbedtls_malloc( sizeof(mbedtls_ssl_ticket_keys) );
@ -5136,15 +5136,15 @@ static int ssl_ticket_keys_init( mbedtls_ssl_context *ssl )
mbedtls_aes_init( &tkeys->enc );
mbedtls_aes_init( &tkeys->dec );
if( ( ret = ssl->f_rng( ssl->p_rng, tkeys->key_name, 16 ) ) != 0 )
{
ssl_ticket_keys_free( tkeys );
mbedtls_free( tkeys );
return( ret );
}
/* Temporary WIP! Using hardcoded keys. This is to remove the dependency
* on the RNG and allow puttint the keys in conf. Key generation will soon
* be move outside the main SSL module anyway. */
if( ( ret = ssl->f_rng( ssl->p_rng, buf, 16 ) ) != 0 ||
( ret = mbedtls_aes_setkey_enc( &tkeys->enc, buf, 128 ) ) != 0 ||
memset( tkeys->key_name, 'x', 16 );
memset( tkeys->mac_key, 0x2a, 16 );
memset( buf, 0x2a, 16 );
if( ( ret = mbedtls_aes_setkey_enc( &tkeys->enc, buf, 128 ) ) != 0 ||
( ret = mbedtls_aes_setkey_dec( &tkeys->dec, buf, 128 ) ) != 0 )
{
ssl_ticket_keys_free( tkeys );
@ -5152,14 +5152,7 @@ static int ssl_ticket_keys_init( mbedtls_ssl_context *ssl )
return( ret );
}
if( ( ret = ssl->f_rng( ssl->p_rng, tkeys->mac_key, 16 ) ) != 0 )
{
ssl_ticket_keys_free( tkeys );
mbedtls_free( tkeys );
return( ret );
}
ssl->ticket_keys = tkeys;
conf->ticket_keys = tkeys;
return( 0 );
}
@ -5649,22 +5642,19 @@ void mbedtls_ssl_set_renegotiation_period( mbedtls_ssl_config *conf,
#endif /* MBEDTLS_SSL_RENEGOTIATION */
#if defined(MBEDTLS_SSL_SESSION_TICKETS)
int mbedtls_ssl_set_session_tickets( mbedtls_ssl_context *ssl, int use_tickets )
int mbedtls_ssl_set_session_tickets( mbedtls_ssl_config *conf, int use_tickets )
{
ssl->conf->session_tickets = use_tickets;
conf->session_tickets = use_tickets;
#if defined(MBEDTLS_SSL_CLI_C)
if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT )
if( conf->endpoint == MBEDTLS_SSL_IS_CLIENT )
return( 0 );
#endif
if( use_tickets == MBEDTLS_SSL_SESSION_TICKETS_DISABLED )
return( 0 );
if( ssl->f_rng == NULL )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
return( ssl_ticket_keys_init( ssl ) );
return( ssl_ticket_keys_init( conf ) );
}
void mbedtls_ssl_set_session_ticket_lifetime( mbedtls_ssl_config *conf, int lifetime )
@ -6562,10 +6552,10 @@ void mbedtls_ssl_free( mbedtls_ssl_context *ssl )
}
#if defined(MBEDTLS_SSL_SESSION_TICKETS)
if( ssl->ticket_keys )
if( ssl->conf->ticket_keys )
{
ssl_ticket_keys_free( ssl->ticket_keys );
mbedtls_free( ssl->ticket_keys );
ssl_ticket_keys_free( ssl->conf->ticket_keys );
mbedtls_free( ssl->conf->ticket_keys );
}
#endif