API tools faq
paste
Advertisement
Guest User

diff between sslKeyExchange.c 55179.13 and 55471

a guest
Feb 23rd, 2014
92
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Diff 21.04 KB | None | 0 0
raw download clone embed print report
  1. 35c35
  2. <
  3. ---
  4. > #include "sslRand.h"
  5. 42c42
  6. <
  7. ---
  8. > #include <utilities/SecCFRelease.h>
  9. 46,47c46,47
  10. < //#include <security_utilities/globalizer.h>
  11. < //#include <security_utilities/threading.h>
  12. ---
  13. > //#include <utilities/globalizer.h>
  14. > //#include <utilities/threading.h>
  15. 52d51
  16. < #include <Security/SecRSAKey.h>
  17. 56a56,58
  18. > #if TARGET_OS_IPHONE
  19. > #include <Security/SecRSAKey.h>
  20. > #endif
  21. 65,68c67,68
  22. < #include <pthread.h>
  23. <
  24. < #pragma mark -
  25. < #pragma mark Forward Static Declarations
  26. ---
  27. > // MARK: -
  28. > // MARK: Forward Static Declarations
  29. 111,112c111,112
  30. < #pragma mark -
  31. < #pragma mark Local Diffie-Hellman Parameter Generator
  32. ---
  33. > // MARK: -
  34. > // MARK: Local Diffie-Hellman Parameter Generator
  35. 131,132c131,132
  36. < #pragma mark -
  37. < #pragma mark RSA Key Exchange
  38. ---
  39. > // MARK: -
  40. > // MARK: RSA Key Exchange
  41. 163,164c163,164
  42. <       SSLFreeBuffer(&modulus, ctx);
  43. <       SSLFreeBuffer(&exponent, ctx);
  44. ---
  45. >       SSLFreeBuffer(&modulus);
  46. >       SSLFreeBuffer(&exponent);
  47. 180,182c180,182
  48. <   SSLFreeBuffer(&modulus, ctx);
  49. <   SSLFreeBuffer(&exponent, ctx);
  50. <     return noErr;
  51. ---
  52. >   SSLFreeBuffer(&modulus);
  53. >   SSLFreeBuffer(&exponent);
  54. >     return errSecSuccess;
  55. 201,202c201,204
  56. <     if ((err = SSLAllocBuffer(keyParams,
  57. <           modulusLength + exponentLength + 4, ctx)) != 0) {
  58. ---
  59. >     if ((err = SSLAllocBuffer(keyParams,
  60. >           modulusLength + exponentLength + 4)) != 0) {
  61. >         CFReleaseSafe(exponent);
  62. >         CFReleaseSafe(modulus);
  63. 213c215
  64. <     return noErr;
  65. ---
  66. >     return errSecSuccess;
  67. 221d222
  68. <     SSLProtocolVersion    maxVersion;
  69. 223,224c224,225
  70. <     if ((err = SSLAllocBuffer(&ctx->preMasterSecret,
  71. <           SSL_RSA_PREMASTER_SECRET_SIZE, ctx)) != 0)
  72. ---
  73. >     if ((err = SSLAllocBuffer(&ctx->preMasterSecret,
  74. >           SSL_RSA_PREMASTER_SECRET_SIZE)) != 0)
  75. 228,229c229,230
  76. <   sslGetMaxProtVersion(ctx, &maxVersion);
  77. <     SSLEncodeInt(ctx->preMasterSecret.data, maxVersion, 2);
  78. ---
  79. >
  80. >     SSLEncodeInt(ctx->preMasterSecret.data, ctx->clientReqProtocol, 2);
  81. 232c233
  82. <     if ((err = sslRand(ctx, &randData)) != 0)
  83. ---
  84. >     if ((err = sslRand(&randData)) != 0)
  85. 234c235
  86. <     return noErr;
  87. ---
  88. >     return errSecSuccess;
  89. 285c286
  90. <     if ((err = ReadyHash(hashRef, &hashCtx, ctx)) != 0)
  91. ---
  92. >     if ((err = ReadyHash(hashRef, &hashCtx)) != 0)
  93. 322,323c323,324
  94. <     SSLFreeBuffer(&signedHashes, ctx);
  95. <     SSLFreeBuffer(&hashCtx, ctx);
  96. ---
  97. >     SSLFreeBuffer(&signedHashes);
  98. >     SSLFreeBuffer(&hashCtx);
  99. 351c352
  100. <         if ((err = ReadyHash(&SSLHashMD5, &hashCtx, ctx)) != 0)
  101. ---
  102. >         if ((err = ReadyHash(&SSLHashMD5, &hashCtx)) != 0)
  103. 361c362
  104. <         if ((err = SSLFreeBuffer(&hashCtx, ctx)) != 0)
  105. ---
  106. >         if ((err = SSLFreeBuffer(&hashCtx)) != 0)
  107. 371c372
  108. <     if ((err = ReadyHash(&SSLHashSHA1, &hashCtx, ctx)) != 0)
  109. ---
  110. >     if ((err = ReadyHash(&SSLHashSHA1, &hashCtx)) != 0)
  111. 381c382
  112. <     if ((err = SSLFreeBuffer(&hashCtx, ctx)) != 0)
  113. ---
  114. >     if ((err = SSLFreeBuffer(&hashCtx)) != 0)
  115. 397c398
  116. <     SSLFreeBuffer(&hashCtx, ctx);
  117. ---
  118. >     SSLFreeBuffer(&hashCtx);
  119. 425c426
  120. <             return noErr;
  121. ---
  122. >             return errSecSuccess;
  123. 458c459
  124. <   switch(ctx->selectedCipherSpec.keyExchangeMethod) {
  125. ---
  126. >   switch(ctx->selectedCipherSpecParams.keyExchangeMethod) {
  127. 491c492
  128. <           err = SSLAllocBuffer(&exchangeParams, len, ctx);
  129. ---
  130. >           err = SSLAllocBuffer(&exchangeParams, len);
  131. 515c516
  132. <     err = SSLAllocBuffer(&signature, maxSigLen, ctx);
  133. ---
  134. >     err = SSLAllocBuffer(&signature, maxSigLen);
  135. 546c547
  136. <     if ((err = SSLAllocBuffer(&keyExch->contents, outputLen+head, ctx)) != 0)
  137. ---
  138. >     if ((err = SSLAllocBuffer(&keyExch->contents, outputLen+head)) != 0)
  139. 565c566
  140. <     err = noErr;
  141. ---
  142. >     err = errSecSuccess;
  143. 568,569c569,570
  144. <     SSLFreeBuffer(&exchangeParams, ctx);
  145. <     SSLFreeBuffer(&signature, ctx);
  146. ---
  147. >     SSLFreeBuffer(&exchangeParams);
  148. >     SSLFreeBuffer(&signature);
  149. 599,600c600,601
  150. <
  151. <       if ((err = ReadyHash(&SSLHashMD5, &hashCtx, ctx)) != 0)
  152. ---
  153. >      
  154. >       if ((err = ReadyHash(&SSLHashMD5, &hashCtx)) != 0)
  155. 619c620
  156. <     if ((err = SSLFreeBuffer(&hashCtx, ctx)) != 0)
  157. ---
  158. >     if ((err = SSLFreeBuffer(&hashCtx)) != 0)
  159. 622c623
  160. <     if ((err = ReadyHash(&SSLHashSHA1, &hashCtx, ctx)) != 0)
  161. ---
  162. >     if ((err = ReadyHash(&SSLHashSHA1, &hashCtx)) != 0)
  163. 629a631
  164. >         goto fail;
  165. 646,647c648,649
  166. <     SSLFreeBuffer(&signedHashes, ctx);
  167. <     SSLFreeBuffer(&hashCtx, ctx);
  168. ---
  169. >     SSLFreeBuffer(&signedHashes);
  170. >     SSLFreeBuffer(&hashCtx);
  171. 697c699
  172. <     if ((err = ReadyHash(hashRef, &hashCtx, ctx)) != 0)
  173. ---
  174. >     if ((err = ReadyHash(hashRef, &hashCtx)) != 0)
  175. 732,733c734,735
  176. <     SSLFreeBuffer(&signedHashes, ctx);
  177. <     SSLFreeBuffer(&hashCtx, ctx);
  178. ---
  179. >     SSLFreeBuffer(&signedHashes);
  180. >     SSLFreeBuffer(&hashCtx);
  181. 760c762
  182. <   switch(ctx->selectedCipherSpec.keyExchangeMethod) {
  183. ---
  184. >   switch(ctx->selectedCipherSpecParams.keyExchangeMethod) {
  185. 847c849
  186. <   switch(ctx->selectedCipherSpec.keyExchangeMethod) {
  187. ---
  188. >   switch(ctx->selectedCipherSpecParams.keyExchangeMethod) {
  189. 892,909c894,896
  190. <
  191. <   #if     SSL_SERVER_KEYEXCH_HACK
  192. <       /*
  193. <        * the way we work with Netscape.
  194. <        * FIXME - maybe we should *require* an encryptPrivKey in this
  195. <        * situation?
  196. <        */
  197. <       if((ctx->selectedCipherSpec.keyExchangeMethod == SSL_RSA_EXPORT) &&
  198. <           (ctx->encryptPrivKey != NULL)) {
  199. <           useEncryptKey = true;
  200. <       }
  201. <
  202. <   #else   /* !SSL_SERVER_KEYEXCH_HACK */
  203. <       /* The "correct" way, I think, which doesn't work with Netscape */
  204. <       if (ctx->encryptPrivKeyRef) {
  205. <           useEncryptKey = true;
  206. <       }
  207. <   #endif  /* SSL_SERVER_KEYEXCH_HACK */
  208. ---
  209. >     if (ctx->encryptPrivKeyRef) {
  210. >       useEncryptKey = true;
  211. >     }
  212. 943c930
  213. <     err = SSLAllocBuffer(&ctx->preMasterSecret, SSL_RSA_PREMASTER_SECRET_SIZE, ctx);
  214. ---
  215. >     err = SSLAllocBuffer(&ctx->preMasterSecret, SSL_RSA_PREMASTER_SECRET_SIZE);
  216. 976c963
  217. <   if(err != noErr) {
  218. ---
  219. >   if(err != errSecSuccess) {
  220. 985c972
  221. <   if(err == noErr) {
  222. ---
  223. >   if(err == errSecSuccess) {
  224. 999c986
  225. <   if(err != noErr) {
  226. ---
  227. >   if(err != errSecSuccess) {
  228. 1009c996
  229. <       sslRand(ctx, &tmpBuf);
  230. ---
  231. >       sslRand(&tmpBuf);
  232. 1013c1000
  233. <     return noErr;
  234. ---
  235. >     return errSecSuccess;
  236. 1052,1054c1039,1041
  237. <     if ((err = SSLAllocBuffer(&keyExchange->contents,
  238. <       bufLen,ctx)) != 0)
  239. <     {
  240. ---
  241. >     if ((err = SSLAllocBuffer(&keyExchange->contents,
  242. >       bufLen)) != 0)
  243. >     {  
  244. 1085c1072
  245. <       sslErrorLog("SSLEncodeRSAKeyExchange: error %d\n", err);
  246. ---
  247. >       sslErrorLog("SSLEncodeRSAKeyExchange: error %d\n", (int)err);
  248. 1091c1078
  249. <     return noErr;
  250. ---
  251. >     return errSecSuccess;
  252. 1097,1098c1084,1085
  253. < #pragma mark -
  254. < #pragma mark Diffie-Hellman Key Exchange
  255. ---
  256. > // MARK: -
  257. > // MARK: Diffie-Hellman Key Exchange
  258. 1151c1138
  259. <   SSLFreeBuffer(&ctx->dhExchangePublic, ctx);
  260. ---
  261. >   SSLFreeBuffer(&ctx->dhExchangePublic);
  262. 1170c1157
  263. <   return noErr;
  264. ---
  265. >   return errSecSuccess;
  266. 1222c1209
  267. <   return noErr;
  268. ---
  269. >   return errSecSuccess;
  270. 1234c1221
  271. <   OSStatus        err = noErr;
  272. ---
  273. >   OSStatus        err = errSecSuccess;
  274. 1242,1243c1229,1230
  275. <   SSLFreeBuffer(&ctx->dhPeerPublic, ctx);
  276. <
  277. ---
  278. >   SSLFreeBuffer(&ctx->dhPeerPublic);
  279. >  
  280. 1273c1260
  281. <   err = SSLAllocBuffer(&ctx->dhPeerPublic, len, ctx);
  282. ---
  283. >   err = SSLAllocBuffer(&ctx->dhPeerPublic, len);
  284. 1281,1282c1268,1269
  285. <   dumpBuf("client prime", &ctx->dhParamsPrime);
  286. <   dumpBuf("client generator", &ctx->dhParamsGenerator);
  287. ---
  288. >     //    dumpBuf("client prime", &ctx->dhParamsPrime);
  289. >   //  dumpBuf("client generator", &ctx->dhParamsGenerator);
  290. 1352c1339
  291. <   OSStatus            ortn = noErr;
  292. ---
  293. >   OSStatus            ortn = errSecSuccess;
  294. 1371c1358
  295. <   if ((ortn = SSLAllocBuffer(&keyExch->contents, length+head, ctx)) != 0)
  296. ---
  297. >   if ((ortn = SSLAllocBuffer(&keyExch->contents, length+head)))
  298. 1383c1370
  299. <   OSStatus        err = noErr;
  300. ---
  301. >   OSStatus        err = errSecSuccess;
  302. 1393c1380
  303. <   if(err == noErr) {
  304. ---
  305. >   if(err == errSecSuccess) {
  306. 1404c1391
  307. <   OSStatus        ortn = noErr;
  308. ---
  309. >   OSStatus        ortn = errSecSuccess;
  310. 1425,1426c1412,1413
  311. <   SSLFreeBuffer(&ctx->dhPeerPublic, ctx); // allow reuse via renegotiation
  312. <   ortn = SSLAllocBuffer(&ctx->dhPeerPublic, publicLen, ctx);
  313. ---
  314. >   SSLFreeBuffer(&ctx->dhPeerPublic);  // allow reuse via renegotiation
  315. >   ortn = SSLAllocBuffer(&ctx->dhPeerPublic, publicLen);
  316. 1433c1420
  317. <   SSLFreeBuffer(&ctx->preMasterSecret, ctx);
  318. ---
  319. >   SSLFreeBuffer(&ctx->preMasterSecret);
  320. 1462c1449
  321. <     if ((err = SSLAllocBuffer(&keyExchange->contents,outputLen + head,ctx)) != 0)
  322. ---
  323. >     if ((err = SSLAllocBuffer(&keyExchange->contents,outputLen + head)))
  324. 1473c1460
  325. <     return noErr;
  326. ---
  327. >     return errSecSuccess;
  328. 1478,1479c1465,1466
  329. < #pragma mark -
  330. < #pragma mark ECDSA Key Exchange
  331. ---
  332. > // MARK: -
  333. > // MARK: ECDSA Key Exchange
  334. 1506c1493
  335. <   switch(ctx->selectedCipherSpec.keyExchangeMethod) {
  336. ---
  337. >   switch(ctx->selectedCipherSpecParams.keyExchangeMethod) {
  338. 1551c1538
  339. <       SSLFreeBuffer(&ctx->ecdhExchangePublic, ctx);
  340. ---
  341. >       SSLFreeBuffer(&ctx->ecdhExchangePublic);
  342. 1583c1570
  343. <   return noErr;
  344. ---
  345. >   return errSecSuccess;
  346. 1596c1583
  347. <   OSStatus        err = noErr;
  348. ---
  349. >   OSStatus        err = errSecSuccess;
  350. 1604c1591
  351. <   SSLFreeBuffer(&ctx->ecdhPeerPublic, ctx);
  352. ---
  353. >   SSLFreeBuffer(&ctx->ecdhPeerPublic);
  354. 1651c1638
  355. <   err = SSLAllocBuffer(&ctx->ecdhPeerPublic, len, ctx);
  356. ---
  357. >   err = SSLAllocBuffer(&ctx->ecdhPeerPublic, len);
  358. 1699c1686
  359. <     if ((err = SSLAllocBuffer(&keyExchange->contents,outputLen + head,ctx)) != 0)
  360. ---
  361. >     if ((err = SSLAllocBuffer(&keyExchange->contents,outputLen + head)))
  362. 1715c1702
  363. <     return noErr;
  364. ---
  365. >     return errSecSuccess;
  366. 1718,1719c1705,1798
  367. < #pragma mark -
  368. < #pragma mark Public Functions
  369. ---
  370. >
  371. >
  372. > static OSStatus
  373. > SSLDecodePSKClientKeyExchange(SSLBuffer keyExchange, SSLContext *ctx)
  374. > {
  375. >   OSStatus        ortn = errSecSuccess;
  376. >     unsigned int    identityLen;
  377. >
  378. >   assert(ctx->protocolSide == kSSLServerSide);
  379. >
  380. >   /* this message simply contains the client's PSK identity */
  381. >   uint8_t *charPtr = keyExchange.data;
  382. >     identityLen = SSLDecodeInt(charPtr, 2);
  383. >   charPtr += 2;
  384. >
  385. >   SSLFreeBuffer(&ctx->pskIdentity);   // allow reuse via renegotiation
  386. >   ortn = SSLAllocBuffer(&ctx->pskIdentity, identityLen);
  387. >   if(ortn) {
  388. >       return ortn;
  389. >   }
  390. >   memmove(ctx->pskIdentity.data, charPtr, identityLen);
  391. >
  392. >     /* TODO: At this point we know the identity of the PSK client,
  393. >       we should break out of the handshake, so we can select the appropriate
  394. >       PreShared secret. As this stands, the preshared secret needs to be known
  395. >       before the handshake starts. */
  396. >
  397. >     size_t n=ctx->pskSharedSecret.length;
  398. >
  399. >     if(n==0) return errSSLBadConfiguration;
  400. >
  401. >     if ((ortn = SSLAllocBuffer(&ctx->preMasterSecret, 2*(n+2))) != 0)
  402. >         return ortn;
  403. >
  404. >     uint8_t *p=ctx->preMasterSecret.data;
  405. >
  406. >     p = SSLEncodeInt(p, n, 2);
  407. >     memset(p, 0, n); p+=n;
  408. >     p = SSLEncodeInt(p, n, 2);
  409. >     memcpy(p, ctx->pskSharedSecret.data, n);
  410. >
  411. >     dumpBuf("server premaster (PSK)", &ctx->preMasterSecret);
  412. >
  413. >   return ortn;
  414. > }
  415. >
  416. >
  417. > static OSStatus
  418. > SSLEncodePSKClientKeyExchange(SSLRecord *keyExchange, SSLContext *ctx)
  419. > {
  420. >     OSStatus            err;
  421. >     size_t                outputLen;
  422. >     int                 head;
  423. >
  424. >   assert(ctx->protocolSide == kSSLClientSide);
  425. >
  426. >   outputLen = ctx->pskIdentity.length+2;
  427. >
  428. >     keyExchange->contentType = SSL_RecordTypeHandshake;
  429. >   assert(ctx->negProtocolVersion >= SSL_Version_3_0);
  430. >     keyExchange->protocolVersion = ctx->negProtocolVersion;
  431. >     head = SSLHandshakeHeaderSize(keyExchange);
  432. >     if ((err = SSLAllocBuffer(&keyExchange->contents,outputLen + head)))
  433. >         return err;
  434. >
  435. >     uint8_t *charPtr = SSLEncodeHandshakeHeader(ctx, keyExchange, SSL_HdskClientKeyExchange, outputLen);
  436. >
  437. >   charPtr = SSLEncodeSize(charPtr, ctx->pskIdentity.length, 2);
  438. >   memcpy(charPtr, ctx->pskIdentity.data, ctx->pskIdentity.length);
  439. >
  440. >
  441. >     /* We better have a pskSharedSecret already */
  442. >     size_t n=ctx->pskSharedSecret.length;
  443. >
  444. >     if(n==0) return errSSLBadConfiguration;
  445. >
  446. >     if ((err = SSLAllocBuffer(&ctx->preMasterSecret, 2*(n+2))) != 0)
  447. >         return err;
  448. >
  449. >     uint8_t *p=ctx->preMasterSecret.data;
  450. >
  451. >     p = SSLEncodeInt(p, n, 2);
  452. >     memset(p, 0, n); p+=n;
  453. >     p = SSLEncodeInt(p, n, 2);
  454. >     memcpy(p, ctx->pskSharedSecret.data, n);
  455. >
  456. >     dumpBuf("client premaster (PSK)", &ctx->preMasterSecret);
  457. >
  458. >     return errSecSuccess;
  459. > }
  460. >
  461. >
  462. > // MARK: -
  463. > // MARK: Public Functions
  464. 1723,1724c1802,1803
  465. <
  466. <     switch (ctx->selectedCipherSpec.keyExchangeMethod)
  467. ---
  468. >    
  469. >     switch (ctx->selectedCipherSpecParams.keyExchangeMethod)
  470. 1744c1823
  471. <             return unimpErr;
  472. ---
  473. >             return errSecUnimplemented;
  474. 1747c1826
  475. <     return noErr;
  476. ---
  477. >     return errSecSuccess;
  478. 1754,1755c1833,1834
  479. <
  480. <     switch (ctx->selectedCipherSpec.keyExchangeMethod) {
  481. ---
  482. >    
  483. >     switch (ctx->selectedCipherSpecParams.keyExchangeMethod) {
  484. 1775c1854
  485. <             err = unimpErr;
  486. ---
  487. >             err = errSecUnimplemented;
  488. 1785,1788c1864,1867
  489. <
  490. <   assert(ctx->protocolSide == kSSLClientSide);
  491. <
  492. <   switch (ctx->selectedCipherSpec.keyExchangeMethod) {
  493. ---
  494. >    
  495. >     assert(ctx->protocolSide == kSSLClientSide);
  496. >    
  497. >     switch (ctx->selectedCipherSpecParams.keyExchangeMethod) {
  498. 1812a1892,1894
  499. >         case TLS_PSK:
  500. >             err = SSLEncodePSKClientKeyExchange(keyExchange, ctx);
  501. >             break;
  502. 1814,1816c1896,1898
  503. <           sslDebugLog("SSLEncodeKeyExchange: unknown method (%d)\n",
  504. <                   ctx->selectedCipherSpec.keyExchangeMethod);
  505. <           err = unimpErr;
  506. ---
  507. >           sslErrorLog("SSLEncodeKeyExchange: unknown method (%d)\n",
  508. >                   ctx->selectedCipherSpecParams.keyExchangeMethod);
  509. >           err = errSecUnimplemented;
  510. 1825,1835c1907,1915
  511. <
  512. <   switch (ctx->selectedCipherSpec.keyExchangeMethod)
  513. <   {   case SSL_RSA:
  514. <       case SSL_RSA_EXPORT:
  515. <           sslDebugLog("SSLProcessKeyExchange: processing RSA key exchange (%d)\n",
  516. <                   ctx->selectedCipherSpec.keyExchangeMethod);
  517. <           if ((err = SSLDecodeRSAKeyExchange(keyExchange, ctx)) != 0)
  518. <               return err;
  519. <           break;
  520. < #if       APPLE_DH
  521. <       case SSL_DH_anon:
  522. ---
  523. >    
  524. >     switch (ctx->selectedCipherSpecParams.keyExchangeMethod)
  525. >     {   case SSL_RSA:
  526. >         case SSL_RSA_EXPORT:
  527. >             if ((err = SSLDecodeRSAKeyExchange(keyExchange, ctx)) != 0)
  528. >                 return err;
  529. >             break;
  530. >       #if     APPLE_DH
  531. >         case SSL_DH_anon:
  532. 1842c1922
  533. <                   ctx->selectedCipherSpec.keyExchangeMethod);
  534. ---
  535. >                   ctx->selectedCipherSpecParams.keyExchangeMethod);
  536. 1846a1927,1930
  537. >         case TLS_PSK:
  538. >           if ((err = SSLDecodePSKClientKeyExchange(keyExchange, ctx)) != 0)
  539. >               return err;
  540. >           break;
  541. 1849,1850c1933,1934
  542. <                   ctx->selectedCipherSpec.keyExchangeMethod);
  543. <           return unimpErr;
  544. ---
  545. >                   ctx->selectedCipherSpecParams.keyExchangeMethod);
  546. >           return errSecUnimplemented;
  547. 1853c1937
  548. <   return noErr;
  549. ---
  550. >   return errSecSuccess;
  551. 1860d1943
  552. <     uint8_t         *keyDataProgress, *keyPtr, *ivPtr;
  553. 1862,1863c1945,1946
  554. <     CipherContext   *serverPending, *clientPending;
  555. <
  556. ---
  557. >        
  558. >     err = errSecSuccess;
  559. 1866,1885c1949,1951
  560. <     ctx->readPending.macRef = ctx->selectedCipherSpec.macAlgorithm;
  561. <     ctx->writePending.macRef = ctx->selectedCipherSpec.macAlgorithm;
  562. <     ctx->readPending.symCipher = ctx->selectedCipherSpec.cipher;
  563. <     ctx->writePending.symCipher = ctx->selectedCipherSpec.cipher;
  564. <
  565. <     if(ctx->negProtocolVersion == DTLS_Version_1_0)
  566. <     {
  567. <         ctx->readPending.sequenceNum.high = (ctx->readPending.sequenceNum.high & (0xffff<<16)) + (1<<16);
  568. <         ctx->writePending.sequenceNum.high = (ctx->writePending.sequenceNum.high & (0xffff<<16)) + (1<<16);
  569. <     } else {
  570. <         ctx->writePending.sequenceNum.high=0;
  571. <         ctx->readPending.sequenceNum.high=0;
  572. <     }
  573. <     ctx->readPending.sequenceNum.low = 0;
  574. <     ctx->writePending.sequenceNum.low = 0;
  575. <
  576. <     keyDataLen = ctx->selectedCipherSpec.macAlgorithm->hash->digestSize +
  577. <                      ctx->selectedCipherSpec.cipher->secretKeySize;
  578. <     if (ctx->selectedCipherSpec.isExportable == NotExportable)
  579. <         keyDataLen += ctx->selectedCipherSpec.cipher->ivSize;
  580. ---
  581. >     keyDataLen = ctx->selectedCipherSpecParams.macSize +
  582. >                     ctx->selectedCipherSpecParams.keySize +
  583. >                     ctx->selectedCipherSpecParams.ivSize;
  584. 1888c1954
  585. <     if ((err = SSLAllocBuffer(&key, keyDataLen, ctx)) != 0)
  586. ---
  587. >     if ((err = SSLAllocBuffer(&key, keyDataLen)))
  588. 1893,2004c1959,1965
  589. <
  590. <     if (ctx->protocolSide == kSSLServerSide)
  591. <     {   serverPending = &ctx->writePending;
  592. <         clientPending = &ctx->readPending;
  593. <     }
  594. <     else
  595. <     {   serverPending = &ctx->readPending;
  596. <         clientPending = &ctx->writePending;
  597. <     }
  598. <
  599. <     keyDataProgress = key.data;
  600. <     memcpy(clientPending->macSecret, keyDataProgress,
  601. <       ctx->selectedCipherSpec.macAlgorithm->hash->digestSize);
  602. <     keyDataProgress += ctx->selectedCipherSpec.macAlgorithm->hash->digestSize;
  603. <     memcpy(serverPending->macSecret, keyDataProgress,
  604. <       ctx->selectedCipherSpec.macAlgorithm->hash->digestSize);
  605. <     keyDataProgress += ctx->selectedCipherSpec.macAlgorithm->hash->digestSize;
  606. <
  607. <   /* init the reusable-per-record MAC contexts */
  608. <   err = ctx->sslTslCalls->initMac(clientPending, ctx);
  609. <   if(err) {
  610. <       goto fail;
  611. <   }
  612. <   err = ctx->sslTslCalls->initMac(serverPending, ctx);
  613. <   if(err) {
  614. <       goto fail;
  615. <   }
  616. <
  617. <     if (ctx->selectedCipherSpec.isExportable == NotExportable)
  618. <     {   keyPtr = keyDataProgress;
  619. <         keyDataProgress += ctx->selectedCipherSpec.cipher->secretKeySize;
  620. <         /* Skip server write key to get to IV */
  621. <       UInt8 ivSize = ctx->selectedCipherSpec.cipher->ivSize;
  622. <
  623. <       if (ivSize == 0)
  624. <       {
  625. <           ivPtr = NULL;
  626. <       }
  627. <       else
  628. <       {
  629. <           ivPtr = keyDataProgress + ctx->selectedCipherSpec.cipher->secretKeySize;
  630. <       }
  631. <
  632. <         if ((err = ctx->selectedCipherSpec.cipher->initialize(keyPtr, ivPtr,
  633. <                                     clientPending, ctx)) != 0)
  634. <             goto fail;
  635. <         keyPtr = keyDataProgress;
  636. <         keyDataProgress += ctx->selectedCipherSpec.cipher->secretKeySize;
  637. <         /* Skip client write IV to get to server write IV */
  638. <       if (ivSize == 0)
  639. <       {
  640. <           ivPtr = NULL;
  641. <       }
  642. <       else
  643. <       {
  644. <           ivPtr = keyDataProgress + ctx->selectedCipherSpec.cipher->ivSize;
  645. <       }
  646. <
  647. <         if ((err = ctx->selectedCipherSpec.cipher->initialize(keyPtr, ivPtr,
  648. <                                     serverPending, ctx)) != 0)
  649. <             goto fail;
  650. <     }
  651. <     else {
  652. <         uint8_t       clientExportKey[16], serverExportKey[16],
  653. <                   clientExportIV[16],  serverExportIV[16];
  654. <         SSLBuffer   clientWrite, serverWrite;
  655. <         SSLBuffer finalClientWrite, finalServerWrite;
  656. <       SSLBuffer   finalClientIV, finalServerIV;
  657. <
  658. <         assert(ctx->selectedCipherSpec.cipher->keySize <= 16);
  659. <         assert(ctx->selectedCipherSpec.cipher->ivSize <= 16);
  660. <
  661. <       /* Inputs to generateExportKeyAndIv are clientRandom, serverRandom,
  662. <        *    clientWriteKey, serverWriteKey. The first two are already present
  663. <        *    in ctx.
  664. <        * Outputs are a key and IV for each of {server, client}.
  665. <        */
  666. <         clientWrite.data = keyDataProgress;
  667. <         clientWrite.length = ctx->selectedCipherSpec.cipher->secretKeySize;
  668. <         serverWrite.data = keyDataProgress + clientWrite.length;
  669. <         serverWrite.length = ctx->selectedCipherSpec.cipher->secretKeySize;
  670. <       finalClientWrite.data = clientExportKey;
  671. <       finalServerWrite.data   = serverExportKey;
  672. <       finalClientIV.data      = clientExportIV;
  673. <       finalServerIV.data      = serverExportIV;
  674. <       finalClientWrite.length = 16;
  675. <       finalServerWrite.length = 16;
  676. <       /* these can be zero */
  677. <       finalClientIV.length    = ctx->selectedCipherSpec.cipher->ivSize;
  678. <       finalServerIV.length    = ctx->selectedCipherSpec.cipher->ivSize;
  679. <
  680. <       assert(ctx->sslTslCalls != NULL);
  681. <       err = ctx->sslTslCalls->generateExportKeyAndIv(ctx, clientWrite, serverWrite,
  682. <           finalClientWrite, finalServerWrite, finalClientIV, finalServerIV);
  683. <       if(err) {
  684. <           goto fail;
  685. <       }
  686. <         if ((err = ctx->selectedCipherSpec.cipher->initialize(clientExportKey,
  687. <               clientExportIV, clientPending, ctx)) != 0)
  688. <             goto fail;
  689. <         if ((err = ctx->selectedCipherSpec.cipher->initialize(serverExportKey,
  690. <               serverExportIV, serverPending, ctx)) != 0)
  691. <             goto fail;
  692. <     }
  693. <
  694. <   /* Ciphers are ready for use */
  695. <     ctx->writePending.ready = 1;
  696. <     ctx->readPending.ready = 1;
  697. <
  698. <   /* Ciphers get swapped by sending or receiving a change cipher spec message */
  699. <
  700. <     err = noErr;
  701. ---
  702. >    
  703. >     if((err = ctx->recFuncs->initPendingCiphers(ctx->recCtx, ctx->selectedCipher, (ctx->protocolSide==kSSLServerSide), key)) != 0)
  704. >         goto fail;
  705. >    
  706. >     ctx->writePending_ready = 1;
  707. >     ctx->readPending_ready = 1;
  708. >    
  709. 2006c1967
  710. <     SSLFreeBuffer(&key, ctx);
  711. ---
  712. >     SSLFreeBuffer(&key);
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!