lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-29 11:41:15 +03:00
Code Activity

Store randbytes for TLS 1.2 TLS-Exporter

Browse Source 
Previously, if MBEDTLS_SSL_CONTEXT_SERIALIZATION is not defined,
randbytes are not stored after the handshake is done, but they are
needed for TLS-Exporter in TLS 1.2.

This commit also saves randbytes if MBEDTLS_SSL_PROTO_TLS1_2 is defined.

Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
This commit is contained in:
Max Fillinger
2024-10-18 16:19:39 +02:00
parent c48e9e0004
commit 85b33ee42e
2 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
library/ssl_misc.h
View File

@ -1166,10 +1166,10 @@ struct mbedtls_ssl_transform {
unsigned char out_cid[MBEDTLS_SSL_CID_OUT_LEN_MAX];
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) || defined(MBEDTLS_SSL_PROTO_TLS1_2)
/* We need the Hello random bytes in order to re-derive keys from the
* Master Secret and other session info,
* see ssl_tls12_populate_transform() */
* Master Secret and other session info, see ssl_tls12_populate_transform().
* They are also needed for the TLS 1.2 TLS-Exporter. */
unsigned char randbytes[MBEDTLS_SERVER_HELLO_RANDOM_LEN +
MBEDTLS_CLIENT_HELLO_RANDOM_LEN];
/*!< ServerHello.random+ClientHello.random */