AuroraMiddleware/mbedtls
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Change ssl_tls to use new MD API and check ret code

Browse Source
This commit is contained in:
Andres Amaya Garcia 2017-06-29 17:09:42 +01:00
parent 95869c4934
commit 1a607a1b9a
1 changed files with 79 additions and 68 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

147
library/ssl_tls.c
View File

@ -221,6 +221,7 @@ static int ssl3_prf( const unsigned char *secret, size_t slen,
const unsigned char *random, size_t rlen,
unsigned char *dstbuf, size_t dlen )
{
int ret;
size_t i;
mbedtls_md5_context md5;
mbedtls_sha1_context sha1;
@ -243,25 +244,35 @@ static int ssl3_prf( const unsigned char *secret, size_t slen,
{
memset( padding, (unsigned char) ('A' + i), 1 + i );
mbedtls_sha1_starts( &sha1 );
mbedtls_sha1_update( &sha1, padding, 1 + i );
mbedtls_sha1_update( &sha1, secret, slen );
mbedtls_sha1_update( &sha1, random, rlen );
mbedtls_sha1_finish( &sha1, sha1sum );
if( ( ret = mbedtls_sha1_starts_ext( &sha1 ) ) != 0 )
goto exit;
if( ( ret = mbedtls_sha1_update_ext( &sha1, padding, 1 + i ) ) != 0 )
goto exit;
if( ( ret = mbedtls_sha1_update_ext( &sha1, secret, slen ) ) != 0 )
goto exit;
if( ( ret = mbedtls_sha1_update_ext( &sha1, random, rlen ) ) != 0 )
goto exit;
if( ( ret = mbedtls_sha1_finish_ext( &sha1, sha1sum ) ) != 0 )
goto exit;
mbedtls_md5_starts( &md5 );
mbedtls_md5_update( &md5, secret, slen );
mbedtls_md5_update( &md5, sha1sum, 20 );
mbedtls_md5_finish( &md5, dstbuf + i * 16 );
if( ( ret = mbedtls_md5_starts_ext( &md5 ) ) != 0 )
goto exit;
if( ( ret = mbedtls_md5_update_ext( &md5, secret, slen ) ) != 0 )
goto exit;
if( ( ret = mbedtls_md5_update_ext( &md5, sha1sum, 20 ) ) != 0 )
goto exit;
if( ( ret = mbedtls_md5_finish_ext( &md5, dstbuf + i * 16 ) ) != 0 )
goto exit;
}
exit:
mbedtls_md5_free( &md5 );
mbedtls_sha1_free( &sha1 );
mbedtls_zeroize( padding, sizeof( padding ) );
mbedtls_zeroize( sha1sum, sizeof( sha1sum ) );
return( 0 );
return( ret );
}
#endif /* MBEDTLS_SSL_PROTO_SSL3 */
@ -978,25 +989,25 @@ void ssl_calc_verify_ssl( mbedtls_ssl_context *ssl, unsigned char hash[36] )
memset( pad_1, 0x36, 48 );
memset( pad_2, 0x5C, 48 );
mbedtls_md5_update( &md5, ssl->session_negotiate->master, 48 );
mbedtls_md5_update( &md5, pad_1, 48 );
mbedtls_md5_finish( &md5, hash );
mbedtls_md5_update_ext( &md5, ssl->session_negotiate->master, 48 );
mbedtls_md5_update_ext( &md5, pad_1, 48 );
mbedtls_md5_finish_ext( &md5, hash );
mbedtls_md5_starts( &md5 );
mbedtls_md5_update( &md5, ssl->session_negotiate->master, 48 );
mbedtls_md5_update( &md5, pad_2, 48 );
mbedtls_md5_update( &md5, hash, 16 );
mbedtls_md5_finish( &md5, hash );
mbedtls_md5_starts_ext( &md5 );
mbedtls_md5_update_ext( &md5, ssl->session_negotiate->master, 48 );
mbedtls_md5_update_ext( &md5, pad_2, 48 );
mbedtls_md5_update_ext( &md5, hash, 16 );
mbedtls_md5_finish_ext( &md5, hash );
mbedtls_sha1_update( &sha1, ssl->session_negotiate->master, 48 );
mbedtls_sha1_update( &sha1, pad_1, 40 );
mbedtls_sha1_finish( &sha1, hash + 16 );
mbedtls_sha1_update_ext( &sha1, ssl->session_negotiate->master, 48 );
mbedtls_sha1_update_ext( &sha1, pad_1, 40 );
mbedtls_sha1_finish_ext( &sha1, hash + 16 );
mbedtls_sha1_starts( &sha1 );
mbedtls_sha1_update( &sha1, ssl->session_negotiate->master, 48 );
mbedtls_sha1_update( &sha1, pad_2, 40 );
mbedtls_sha1_update( &sha1, hash + 16, 20 );
mbedtls_sha1_finish( &sha1, hash + 16 );
mbedtls_sha1_starts_ext( &sha1 );
mbedtls_sha1_update_ext( &sha1, ssl->session_negotiate->master, 48 );
mbedtls_sha1_update_ext( &sha1, pad_2, 40 );
mbedtls_sha1_update_ext( &sha1, hash + 16, 20 );
mbedtls_sha1_finish_ext( &sha1, hash + 16 );
MBEDTLS_SSL_DEBUG_BUF( 3, "calculated verify result", hash, 36 );
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc verify" ) );
@ -1022,8 +1033,8 @@ void ssl_calc_verify_tls( mbedtls_ssl_context *ssl, unsigned char hash[36] )
mbedtls_md5_clone( &md5, &ssl->handshake->fin_md5 );
mbedtls_sha1_clone( &sha1, &ssl->handshake->fin_sha1 );
mbedtls_md5_finish( &md5, hash );
mbedtls_sha1_finish( &sha1, hash + 16 );
mbedtls_md5_finish_ext( &md5, hash );
mbedtls_sha1_finish_ext( &sha1, hash + 16 );
MBEDTLS_SSL_DEBUG_BUF( 3, "calculated verify result", hash, 36 );
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc verify" ) );
@ -1046,7 +1057,7 @@ void ssl_calc_verify_tls_sha256( mbedtls_ssl_context *ssl, unsigned char hash[32
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc verify sha256" ) );
mbedtls_sha256_clone( &sha256, &ssl->handshake->fin_sha256 );
mbedtls_sha256_finish( &sha256, hash );
mbedtls_sha256_finish_ext( &sha256, hash );
MBEDTLS_SSL_DEBUG_BUF( 3, "calculated verify result", hash, 32 );
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc verify" ) );
@ -1067,7 +1078,7 @@ void ssl_calc_verify_tls_sha384( mbedtls_ssl_context *ssl, unsigned char hash[48
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc verify sha384" ) );
mbedtls_sha512_clone( &sha512, &ssl->handshake->fin_sha512 );
mbedtls_sha512_finish( &sha512, hash );
mbedtls_sha512_finish_ext( &sha512, hash );
MBEDTLS_SSL_DEBUG_BUF( 3, "calculated verify result", hash, 48 );
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc verify" ) );
@ -4836,15 +4847,15 @@ void mbedtls_ssl_reset_checksum( mbedtls_ssl_context *ssl )
{
#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
defined(MBEDTLS_SSL_PROTO_TLS1_1)
mbedtls_md5_starts( &ssl->handshake->fin_md5 );
mbedtls_sha1_starts( &ssl->handshake->fin_sha1 );
mbedtls_md5_starts_ext( &ssl->handshake->fin_md5 );
mbedtls_sha1_starts_ext( &ssl->handshake->fin_sha1 );
#endif
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
#if defined(MBEDTLS_SHA256_C)
mbedtls_sha256_starts( &ssl->handshake->fin_sha256, 0 );
mbedtls_sha256_starts_ext( &ssl->handshake->fin_sha256, 0 );
#endif
#if defined(MBEDTLS_SHA512_C)
mbedtls_sha512_starts( &ssl->handshake->fin_sha512, 1 );
mbedtls_sha512_starts_ext( &ssl->handshake->fin_sha512, 1 );
#endif
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
}
@ -4854,15 +4865,15 @@ static void ssl_update_checksum_start( mbedtls_ssl_context *ssl,
{
#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
defined(MBEDTLS_SSL_PROTO_TLS1_1)
mbedtls_md5_update( &ssl->handshake->fin_md5 , buf, len );
mbedtls_sha1_update( &ssl->handshake->fin_sha1, buf, len );
mbedtls_md5_update_ext( &ssl->handshake->fin_md5 , buf, len );
mbedtls_sha1_update_ext( &ssl->handshake->fin_sha1, buf, len );
#endif
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
#if defined(MBEDTLS_SHA256_C)
mbedtls_sha256_update( &ssl->handshake->fin_sha256, buf, len );
mbedtls_sha256_update_ext( &ssl->handshake->fin_sha256, buf, len );
#endif
#if defined(MBEDTLS_SHA512_C)
mbedtls_sha512_update( &ssl->handshake->fin_sha512, buf, len );
mbedtls_sha512_update_ext( &ssl->handshake->fin_sha512, buf, len );
#endif
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
}
@ -4872,8 +4883,8 @@ static void ssl_update_checksum_start( mbedtls_ssl_context *ssl,
static void ssl_update_checksum_md5sha1( mbedtls_ssl_context *ssl,
const unsigned char *buf, size_t len )
{
mbedtls_md5_update( &ssl->handshake->fin_md5 , buf, len );
mbedtls_sha1_update( &ssl->handshake->fin_sha1, buf, len );
mbedtls_md5_update_ext( &ssl->handshake->fin_md5 , buf, len );
mbedtls_sha1_update_ext( &ssl->handshake->fin_sha1, buf, len );
}
#endif
@ -4882,7 +4893,7 @@ static void ssl_update_checksum_md5sha1( mbedtls_ssl_context *ssl,
static void ssl_update_checksum_sha256( mbedtls_ssl_context *ssl,
const unsigned char *buf, size_t len )
{
mbedtls_sha256_update( &ssl->handshake->fin_sha256, buf, len );
mbedtls_sha256_update_ext( &ssl->handshake->fin_sha256, buf, len );
}
#endif
@ -4890,7 +4901,7 @@ static void ssl_update_checksum_sha256( mbedtls_ssl_context *ssl,
static void ssl_update_checksum_sha384( mbedtls_ssl_context *ssl,
const unsigned char *buf, size_t len )
{
mbedtls_sha512_update( &ssl->handshake->fin_sha512, buf, len );
mbedtls_sha512_update_ext( &ssl->handshake->fin_sha512, buf, len );
}
#endif
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
@ -4943,29 +4954,29 @@ static void ssl_calc_finished_ssl(
memset( padbuf, 0x36, 48 );
mbedtls_md5_update( &md5, (const unsigned char *) sender, 4 );
mbedtls_md5_update( &md5, session->master, 48 );
mbedtls_md5_update( &md5, padbuf, 48 );
mbedtls_md5_finish( &md5, md5sum );
mbedtls_md5_update_ext( &md5, (const unsigned char *) sender, 4 );
mbedtls_md5_update_ext( &md5, session->master, 48 );
mbedtls_md5_update_ext( &md5, padbuf, 48 );
mbedtls_md5_finish_ext( &md5, md5sum );
mbedtls_sha1_update( &sha1, (const unsigned char *) sender, 4 );
mbedtls_sha1_update( &sha1, session->master, 48 );
mbedtls_sha1_update( &sha1, padbuf, 40 );
mbedtls_sha1_finish( &sha1, sha1sum );
mbedtls_sha1_update_ext( &sha1, (const unsigned char *) sender, 4 );
mbedtls_sha1_update_ext( &sha1, session->master, 48 );
mbedtls_sha1_update_ext( &sha1, padbuf, 40 );
mbedtls_sha1_finish_ext( &sha1, sha1sum );
memset( padbuf, 0x5C, 48 );
mbedtls_md5_starts( &md5 );
mbedtls_md5_update( &md5, session->master, 48 );
mbedtls_md5_update( &md5, padbuf, 48 );
mbedtls_md5_update( &md5, md5sum, 16 );
mbedtls_md5_finish( &md5, buf );
mbedtls_md5_starts_ext( &md5 );
mbedtls_md5_update_ext( &md5, session->master, 48 );
mbedtls_md5_update_ext( &md5, padbuf, 48 );
mbedtls_md5_update_ext( &md5, md5sum, 16 );
mbedtls_md5_finish_ext( &md5, buf );
mbedtls_sha1_starts( &sha1 );
mbedtls_sha1_update( &sha1, session->master, 48 );
mbedtls_sha1_update( &sha1, padbuf , 40 );
mbedtls_sha1_update( &sha1, sha1sum, 20 );
mbedtls_sha1_finish( &sha1, buf + 16 );
mbedtls_sha1_starts_ext( &sha1 );
mbedtls_sha1_update_ext( &sha1, session->master, 48 );
mbedtls_sha1_update_ext( &sha1, padbuf , 40 );
mbedtls_sha1_update_ext( &sha1, sha1sum, 20 );
mbedtls_sha1_finish_ext( &sha1, buf + 16 );
MBEDTLS_SSL_DEBUG_BUF( 3, "calc finished result", buf, 36 );
@ -5022,8 +5033,8 @@ static void ssl_calc_finished_tls(
? "client finished"
: "server finished";
mbedtls_md5_finish( &md5, padbuf );
mbedtls_sha1_finish( &sha1, padbuf + 16 );
mbedtls_md5_finish_ext( &md5, padbuf );
mbedtls_sha1_finish_ext( &sha1, padbuf + 16 );
ssl->handshake->tls_prf( session->master, 48, sender,
padbuf, 36, buf, len );
@ -5074,7 +5085,7 @@ static void ssl_calc_finished_tls_sha256(
? "client finished"
: "server finished";
mbedtls_sha256_finish( &sha256, padbuf );
mbedtls_sha256_finish_ext( &sha256, padbuf );
ssl->handshake->tls_prf( session->master, 48, sender,
padbuf, 32, buf, len );
@ -5123,7 +5134,7 @@ static void ssl_calc_finished_tls_sha384(
? "client finished"
: "server finished";
mbedtls_sha512_finish( &sha512, padbuf );
mbedtls_sha512_finish_ext( &sha512, padbuf );
ssl->handshake->tls_prf( session->master, 48, sender,
padbuf, 48, buf, len );
@ -5437,17 +5448,17 @@ static void ssl_handshake_params_init( mbedtls_ssl_handshake_params *handshake )
defined(MBEDTLS_SSL_PROTO_TLS1_1)
mbedtls_md5_init( &handshake->fin_md5 );
mbedtls_sha1_init( &handshake->fin_sha1 );
mbedtls_md5_starts( &handshake->fin_md5 );
mbedtls_sha1_starts( &handshake->fin_sha1 );
mbedtls_md5_starts_ext( &handshake->fin_md5 );
mbedtls_sha1_starts_ext( &handshake->fin_sha1 );
#endif
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
#if defined(MBEDTLS_SHA256_C)
mbedtls_sha256_init( &handshake->fin_sha256 );
mbedtls_sha256_starts( &handshake->fin_sha256, 0 );
mbedtls_sha256_starts_ext( &handshake->fin_sha256, 0 );
#endif
#if defined(MBEDTLS_SHA512_C)
mbedtls_sha512_init( &handshake->fin_sha512 );
mbedtls_sha512_starts( &handshake->fin_sha512, 1 );
mbedtls_sha512_starts_ext( &handshake->fin_sha512, 1 );
#endif
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */