From ada303048534d90c23e711d9ec5cacf606400195 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 20 Oct 2014 20:33:10 +0200 Subject: [PATCH] Implement extended master secret --- library/ssl_cli.c | 19 +++++++++++++------ library/ssl_tls.c | 34 +++++++++++++++++++++++++++++++++- 2 files changed, 46 insertions(+), 7 deletions(-) diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 065f3a83a..d7b16b855 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -2326,12 +2326,6 @@ static int ssl_write_client_key_exchange( ssl_context *ssl ) return( POLARSSL_ERR_SSL_INTERNAL_ERROR ); } - if( ( ret = ssl_derive_keys( ssl ) ) != 0 ) - { - SSL_DEBUG_RET( 1, "ssl_derive_keys", ret ); - return( ret ); - } - ssl->out_msglen = i + n; ssl->out_msgtype = SSL_MSG_HANDSHAKE; ssl->out_msg[0] = SSL_HS_CLIENT_KEY_EXCHANGE; @@ -2356,9 +2350,16 @@ static int ssl_write_client_key_exchange( ssl_context *ssl ) static int ssl_write_certificate_verify( ssl_context *ssl ) { const ssl_ciphersuite_t *ciphersuite_info = ssl->transform_negotiate->ciphersuite_info; + int ret; SSL_DEBUG_MSG( 2, ( "=> write certificate verify" ) ); + if( ( ret = ssl_derive_keys( ssl ) ) != 0 ) + { + SSL_DEBUG_RET( 1, "ssl_derive_keys", ret ); + return( ret ); + } + if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK || ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA_PSK || ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK || @@ -2385,6 +2386,12 @@ static int ssl_write_certificate_verify( ssl_context *ssl ) SSL_DEBUG_MSG( 2, ( "=> write certificate verify" ) ); + if( ( ret = ssl_derive_keys( ssl ) ) != 0 ) + { + SSL_DEBUG_RET( 1, "ssl_derive_keys", ret ); + return( ret ); + } + if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK || ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA_PSK || ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK || diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 1fe3a95ca..c8b7fa2a9 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -472,13 +472,45 @@ int ssl_derive_keys( ssl_context *ssl ) #if defined(POLARSSL_SSL_EXTENDED_MASTER_SECRET) if( ssl->handshake->extended_ms == SSL_EXTENDED_MS_ENABLED ) + { + unsigned char session_hash[48]; + size_t hash_len; + SSL_DEBUG_MSG( 3, ( "using extended master secret" ) ); - // XXX to be continued, WIP + + ssl->handshake->calc_verify( ssl, session_hash ); + +#if defined(POLARSSL_SSL_PROTO_TLS1_2) + if( ssl->minor_ver == SSL_MINOR_VERSION_3 ) + { +#if defined(POLARSSL_SHA512_C) + if( ssl->transform_negotiate->ciphersuite_info->mac == + POLARSSL_MD_SHA384 ) + { + hash_len = 48; + } + else +#endif + hash_len = 32; + } + else +#endif /* POLARSSL_SSL_PROTO_TLS1_2 */ + hash_len = 36; + + SSL_DEBUG_BUF( 3, "session hash", session_hash, hash_len ); + + handshake->tls_prf( handshake->premaster, handshake->pmslen, + "extended master secret", + session_hash, hash_len, session->master, 48 ); + + } + else #endif handshake->tls_prf( handshake->premaster, handshake->pmslen, "master secret", handshake->randbytes, 64, session->master, 48 ); + polarssl_zeroize( handshake->premaster, sizeof(handshake->premaster) ); } else