Save Hello random bytes for later use

This commit is contained in:
Manuel Pégourié-Gonnard 2019-07-09 12:54:17 +02:00 committed by Jarno Lamsa
parent ddf72a1cf6
commit 96fb0ee9cf
2 changed files with 13 additions and 1 deletions

View file

@ -642,6 +642,12 @@ struct mbedtls_ssl_transform
z_stream ctx_deflate; /*!< compression context */ z_stream ctx_deflate; /*!< compression context */
z_stream ctx_inflate; /*!< decompression context */ z_stream ctx_inflate; /*!< decompression context */
#endif #endif
#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
/* We need the Hello random bytes in order to re-derive keys from the
* Master Secret and other session info, see ssl_populate_transform() */
unsigned char randbytes[64]; /*!< ServerHello.random+ClientHello.random */
#endif /* MBEDTLS_SSL_CONTEXT_SERIALIZATION */
}; };
/* /*

View file

@ -1046,13 +1046,19 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform,
(void) ssl; (void) ssl;
#endif #endif
/* Copy info about negotiated version and extensions */ /*
* Some data just needs copying into the structure
*/
#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) && \ #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) && \
defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) defined(MBEDTLS_SSL_SOME_MODES_USE_MAC)
transform->encrypt_then_mac = encrypt_then_mac; transform->encrypt_then_mac = encrypt_then_mac;
#endif #endif
transform->minor_ver = minor_ver; transform->minor_ver = minor_ver;
#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
memcpy( transform->randbytes, randbytes, sizeof( transform->randbytes ) );
#endif
/* /*
* Get various info structures * Get various info structures
*/ */