Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- 35c35
- <
- ---
- > #include "sslRand.h"
- 42c42
- <
- ---
- > #include <utilities/SecCFRelease.h>
- 46,47c46,47
- < //#include <security_utilities/globalizer.h>
- < //#include <security_utilities/threading.h>
- ---
- > //#include <utilities/globalizer.h>
- > //#include <utilities/threading.h>
- 52d51
- < #include <Security/SecRSAKey.h>
- 56a56,58
- > #if TARGET_OS_IPHONE
- > #include <Security/SecRSAKey.h>
- > #endif
- 65,68c67,68
- < #include <pthread.h>
- <
- < #pragma mark -
- < #pragma mark Forward Static Declarations
- ---
- > // MARK: -
- > // MARK: Forward Static Declarations
- 111,112c111,112
- < #pragma mark -
- < #pragma mark Local Diffie-Hellman Parameter Generator
- ---
- > // MARK: -
- > // MARK: Local Diffie-Hellman Parameter Generator
- 131,132c131,132
- < #pragma mark -
- < #pragma mark RSA Key Exchange
- ---
- > // MARK: -
- > // MARK: RSA Key Exchange
- 163,164c163,164
- < SSLFreeBuffer(&modulus, ctx);
- < SSLFreeBuffer(&exponent, ctx);
- ---
- > SSLFreeBuffer(&modulus);
- > SSLFreeBuffer(&exponent);
- 180,182c180,182
- < SSLFreeBuffer(&modulus, ctx);
- < SSLFreeBuffer(&exponent, ctx);
- < return noErr;
- ---
- > SSLFreeBuffer(&modulus);
- > SSLFreeBuffer(&exponent);
- > return errSecSuccess;
- 201,202c201,204
- < if ((err = SSLAllocBuffer(keyParams,
- < modulusLength + exponentLength + 4, ctx)) != 0) {
- ---
- > if ((err = SSLAllocBuffer(keyParams,
- > modulusLength + exponentLength + 4)) != 0) {
- > CFReleaseSafe(exponent);
- > CFReleaseSafe(modulus);
- 213c215
- < return noErr;
- ---
- > return errSecSuccess;
- 221d222
- < SSLProtocolVersion maxVersion;
- 223,224c224,225
- < if ((err = SSLAllocBuffer(&ctx->preMasterSecret,
- < SSL_RSA_PREMASTER_SECRET_SIZE, ctx)) != 0)
- ---
- > if ((err = SSLAllocBuffer(&ctx->preMasterSecret,
- > SSL_RSA_PREMASTER_SECRET_SIZE)) != 0)
- 228,229c229,230
- < sslGetMaxProtVersion(ctx, &maxVersion);
- < SSLEncodeInt(ctx->preMasterSecret.data, maxVersion, 2);
- ---
- >
- > SSLEncodeInt(ctx->preMasterSecret.data, ctx->clientReqProtocol, 2);
- 232c233
- < if ((err = sslRand(ctx, &randData)) != 0)
- ---
- > if ((err = sslRand(&randData)) != 0)
- 234c235
- < return noErr;
- ---
- > return errSecSuccess;
- 285c286
- < if ((err = ReadyHash(hashRef, &hashCtx, ctx)) != 0)
- ---
- > if ((err = ReadyHash(hashRef, &hashCtx)) != 0)
- 322,323c323,324
- < SSLFreeBuffer(&signedHashes, ctx);
- < SSLFreeBuffer(&hashCtx, ctx);
- ---
- > SSLFreeBuffer(&signedHashes);
- > SSLFreeBuffer(&hashCtx);
- 351c352
- < if ((err = ReadyHash(&SSLHashMD5, &hashCtx, ctx)) != 0)
- ---
- > if ((err = ReadyHash(&SSLHashMD5, &hashCtx)) != 0)
- 361c362
- < if ((err = SSLFreeBuffer(&hashCtx, ctx)) != 0)
- ---
- > if ((err = SSLFreeBuffer(&hashCtx)) != 0)
- 371c372
- < if ((err = ReadyHash(&SSLHashSHA1, &hashCtx, ctx)) != 0)
- ---
- > if ((err = ReadyHash(&SSLHashSHA1, &hashCtx)) != 0)
- 381c382
- < if ((err = SSLFreeBuffer(&hashCtx, ctx)) != 0)
- ---
- > if ((err = SSLFreeBuffer(&hashCtx)) != 0)
- 397c398
- < SSLFreeBuffer(&hashCtx, ctx);
- ---
- > SSLFreeBuffer(&hashCtx);
- 425c426
- < return noErr;
- ---
- > return errSecSuccess;
- 458c459
- < switch(ctx->selectedCipherSpec.keyExchangeMethod) {
- ---
- > switch(ctx->selectedCipherSpecParams.keyExchangeMethod) {
- 491c492
- < err = SSLAllocBuffer(&exchangeParams, len, ctx);
- ---
- > err = SSLAllocBuffer(&exchangeParams, len);
- 515c516
- < err = SSLAllocBuffer(&signature, maxSigLen, ctx);
- ---
- > err = SSLAllocBuffer(&signature, maxSigLen);
- 546c547
- < if ((err = SSLAllocBuffer(&keyExch->contents, outputLen+head, ctx)) != 0)
- ---
- > if ((err = SSLAllocBuffer(&keyExch->contents, outputLen+head)) != 0)
- 565c566
- < err = noErr;
- ---
- > err = errSecSuccess;
- 568,569c569,570
- < SSLFreeBuffer(&exchangeParams, ctx);
- < SSLFreeBuffer(&signature, ctx);
- ---
- > SSLFreeBuffer(&exchangeParams);
- > SSLFreeBuffer(&signature);
- 599,600c600,601
- <
- < if ((err = ReadyHash(&SSLHashMD5, &hashCtx, ctx)) != 0)
- ---
- >
- > if ((err = ReadyHash(&SSLHashMD5, &hashCtx)) != 0)
- 619c620
- < if ((err = SSLFreeBuffer(&hashCtx, ctx)) != 0)
- ---
- > if ((err = SSLFreeBuffer(&hashCtx)) != 0)
- 622c623
- < if ((err = ReadyHash(&SSLHashSHA1, &hashCtx, ctx)) != 0)
- ---
- > if ((err = ReadyHash(&SSLHashSHA1, &hashCtx)) != 0)
- 629a631
- > goto fail;
- 646,647c648,649
- < SSLFreeBuffer(&signedHashes, ctx);
- < SSLFreeBuffer(&hashCtx, ctx);
- ---
- > SSLFreeBuffer(&signedHashes);
- > SSLFreeBuffer(&hashCtx);
- 697c699
- < if ((err = ReadyHash(hashRef, &hashCtx, ctx)) != 0)
- ---
- > if ((err = ReadyHash(hashRef, &hashCtx)) != 0)
- 732,733c734,735
- < SSLFreeBuffer(&signedHashes, ctx);
- < SSLFreeBuffer(&hashCtx, ctx);
- ---
- > SSLFreeBuffer(&signedHashes);
- > SSLFreeBuffer(&hashCtx);
- 760c762
- < switch(ctx->selectedCipherSpec.keyExchangeMethod) {
- ---
- > switch(ctx->selectedCipherSpecParams.keyExchangeMethod) {
- 847c849
- < switch(ctx->selectedCipherSpec.keyExchangeMethod) {
- ---
- > switch(ctx->selectedCipherSpecParams.keyExchangeMethod) {
- 892,909c894,896
- <
- < #if SSL_SERVER_KEYEXCH_HACK
- < /*
- < * the way we work with Netscape.
- < * FIXME - maybe we should *require* an encryptPrivKey in this
- < * situation?
- < */
- < if((ctx->selectedCipherSpec.keyExchangeMethod == SSL_RSA_EXPORT) &&
- < (ctx->encryptPrivKey != NULL)) {
- < useEncryptKey = true;
- < }
- <
- < #else /* !SSL_SERVER_KEYEXCH_HACK */
- < /* The "correct" way, I think, which doesn't work with Netscape */
- < if (ctx->encryptPrivKeyRef) {
- < useEncryptKey = true;
- < }
- < #endif /* SSL_SERVER_KEYEXCH_HACK */
- ---
- > if (ctx->encryptPrivKeyRef) {
- > useEncryptKey = true;
- > }
- 943c930
- < err = SSLAllocBuffer(&ctx->preMasterSecret, SSL_RSA_PREMASTER_SECRET_SIZE, ctx);
- ---
- > err = SSLAllocBuffer(&ctx->preMasterSecret, SSL_RSA_PREMASTER_SECRET_SIZE);
- 976c963
- < if(err != noErr) {
- ---
- > if(err != errSecSuccess) {
- 985c972
- < if(err == noErr) {
- ---
- > if(err == errSecSuccess) {
- 999c986
- < if(err != noErr) {
- ---
- > if(err != errSecSuccess) {
- 1009c996
- < sslRand(ctx, &tmpBuf);
- ---
- > sslRand(&tmpBuf);
- 1013c1000
- < return noErr;
- ---
- > return errSecSuccess;
- 1052,1054c1039,1041
- < if ((err = SSLAllocBuffer(&keyExchange->contents,
- < bufLen,ctx)) != 0)
- < {
- ---
- > if ((err = SSLAllocBuffer(&keyExchange->contents,
- > bufLen)) != 0)
- > {
- 1085c1072
- < sslErrorLog("SSLEncodeRSAKeyExchange: error %d\n", err);
- ---
- > sslErrorLog("SSLEncodeRSAKeyExchange: error %d\n", (int)err);
- 1091c1078
- < return noErr;
- ---
- > return errSecSuccess;
- 1097,1098c1084,1085
- < #pragma mark -
- < #pragma mark Diffie-Hellman Key Exchange
- ---
- > // MARK: -
- > // MARK: Diffie-Hellman Key Exchange
- 1151c1138
- < SSLFreeBuffer(&ctx->dhExchangePublic, ctx);
- ---
- > SSLFreeBuffer(&ctx->dhExchangePublic);
- 1170c1157
- < return noErr;
- ---
- > return errSecSuccess;
- 1222c1209
- < return noErr;
- ---
- > return errSecSuccess;
- 1234c1221
- < OSStatus err = noErr;
- ---
- > OSStatus err = errSecSuccess;
- 1242,1243c1229,1230
- < SSLFreeBuffer(&ctx->dhPeerPublic, ctx);
- <
- ---
- > SSLFreeBuffer(&ctx->dhPeerPublic);
- >
- 1273c1260
- < err = SSLAllocBuffer(&ctx->dhPeerPublic, len, ctx);
- ---
- > err = SSLAllocBuffer(&ctx->dhPeerPublic, len);
- 1281,1282c1268,1269
- < dumpBuf("client prime", &ctx->dhParamsPrime);
- < dumpBuf("client generator", &ctx->dhParamsGenerator);
- ---
- > // dumpBuf("client prime", &ctx->dhParamsPrime);
- > // dumpBuf("client generator", &ctx->dhParamsGenerator);
- 1352c1339
- < OSStatus ortn = noErr;
- ---
- > OSStatus ortn = errSecSuccess;
- 1371c1358
- < if ((ortn = SSLAllocBuffer(&keyExch->contents, length+head, ctx)) != 0)
- ---
- > if ((ortn = SSLAllocBuffer(&keyExch->contents, length+head)))
- 1383c1370
- < OSStatus err = noErr;
- ---
- > OSStatus err = errSecSuccess;
- 1393c1380
- < if(err == noErr) {
- ---
- > if(err == errSecSuccess) {
- 1404c1391
- < OSStatus ortn = noErr;
- ---
- > OSStatus ortn = errSecSuccess;
- 1425,1426c1412,1413
- < SSLFreeBuffer(&ctx->dhPeerPublic, ctx); // allow reuse via renegotiation
- < ortn = SSLAllocBuffer(&ctx->dhPeerPublic, publicLen, ctx);
- ---
- > SSLFreeBuffer(&ctx->dhPeerPublic); // allow reuse via renegotiation
- > ortn = SSLAllocBuffer(&ctx->dhPeerPublic, publicLen);
- 1433c1420
- < SSLFreeBuffer(&ctx->preMasterSecret, ctx);
- ---
- > SSLFreeBuffer(&ctx->preMasterSecret);
- 1462c1449
- < if ((err = SSLAllocBuffer(&keyExchange->contents,outputLen + head,ctx)) != 0)
- ---
- > if ((err = SSLAllocBuffer(&keyExchange->contents,outputLen + head)))
- 1473c1460
- < return noErr;
- ---
- > return errSecSuccess;
- 1478,1479c1465,1466
- < #pragma mark -
- < #pragma mark ECDSA Key Exchange
- ---
- > // MARK: -
- > // MARK: ECDSA Key Exchange
- 1506c1493
- < switch(ctx->selectedCipherSpec.keyExchangeMethod) {
- ---
- > switch(ctx->selectedCipherSpecParams.keyExchangeMethod) {
- 1551c1538
- < SSLFreeBuffer(&ctx->ecdhExchangePublic, ctx);
- ---
- > SSLFreeBuffer(&ctx->ecdhExchangePublic);
- 1583c1570
- < return noErr;
- ---
- > return errSecSuccess;
- 1596c1583
- < OSStatus err = noErr;
- ---
- > OSStatus err = errSecSuccess;
- 1604c1591
- < SSLFreeBuffer(&ctx->ecdhPeerPublic, ctx);
- ---
- > SSLFreeBuffer(&ctx->ecdhPeerPublic);
- 1651c1638
- < err = SSLAllocBuffer(&ctx->ecdhPeerPublic, len, ctx);
- ---
- > err = SSLAllocBuffer(&ctx->ecdhPeerPublic, len);
- 1699c1686
- < if ((err = SSLAllocBuffer(&keyExchange->contents,outputLen + head,ctx)) != 0)
- ---
- > if ((err = SSLAllocBuffer(&keyExchange->contents,outputLen + head)))
- 1715c1702
- < return noErr;
- ---
- > return errSecSuccess;
- 1718,1719c1705,1798
- < #pragma mark -
- < #pragma mark Public Functions
- ---
- >
- >
- > static OSStatus
- > SSLDecodePSKClientKeyExchange(SSLBuffer keyExchange, SSLContext *ctx)
- > {
- > OSStatus ortn = errSecSuccess;
- > unsigned int identityLen;
- >
- > assert(ctx->protocolSide == kSSLServerSide);
- >
- > /* this message simply contains the client's PSK identity */
- > uint8_t *charPtr = keyExchange.data;
- > identityLen = SSLDecodeInt(charPtr, 2);
- > charPtr += 2;
- >
- > SSLFreeBuffer(&ctx->pskIdentity); // allow reuse via renegotiation
- > ortn = SSLAllocBuffer(&ctx->pskIdentity, identityLen);
- > if(ortn) {
- > return ortn;
- > }
- > memmove(ctx->pskIdentity.data, charPtr, identityLen);
- >
- > /* TODO: At this point we know the identity of the PSK client,
- > we should break out of the handshake, so we can select the appropriate
- > PreShared secret. As this stands, the preshared secret needs to be known
- > before the handshake starts. */
- >
- > size_t n=ctx->pskSharedSecret.length;
- >
- > if(n==0) return errSSLBadConfiguration;
- >
- > if ((ortn = SSLAllocBuffer(&ctx->preMasterSecret, 2*(n+2))) != 0)
- > return ortn;
- >
- > uint8_t *p=ctx->preMasterSecret.data;
- >
- > p = SSLEncodeInt(p, n, 2);
- > memset(p, 0, n); p+=n;
- > p = SSLEncodeInt(p, n, 2);
- > memcpy(p, ctx->pskSharedSecret.data, n);
- >
- > dumpBuf("server premaster (PSK)", &ctx->preMasterSecret);
- >
- > return ortn;
- > }
- >
- >
- > static OSStatus
- > SSLEncodePSKClientKeyExchange(SSLRecord *keyExchange, SSLContext *ctx)
- > {
- > OSStatus err;
- > size_t outputLen;
- > int head;
- >
- > assert(ctx->protocolSide == kSSLClientSide);
- >
- > outputLen = ctx->pskIdentity.length+2;
- >
- > keyExchange->contentType = SSL_RecordTypeHandshake;
- > assert(ctx->negProtocolVersion >= SSL_Version_3_0);
- > keyExchange->protocolVersion = ctx->negProtocolVersion;
- > head = SSLHandshakeHeaderSize(keyExchange);
- > if ((err = SSLAllocBuffer(&keyExchange->contents,outputLen + head)))
- > return err;
- >
- > uint8_t *charPtr = SSLEncodeHandshakeHeader(ctx, keyExchange, SSL_HdskClientKeyExchange, outputLen);
- >
- > charPtr = SSLEncodeSize(charPtr, ctx->pskIdentity.length, 2);
- > memcpy(charPtr, ctx->pskIdentity.data, ctx->pskIdentity.length);
- >
- >
- > /* We better have a pskSharedSecret already */
- > size_t n=ctx->pskSharedSecret.length;
- >
- > if(n==0) return errSSLBadConfiguration;
- >
- > if ((err = SSLAllocBuffer(&ctx->preMasterSecret, 2*(n+2))) != 0)
- > return err;
- >
- > uint8_t *p=ctx->preMasterSecret.data;
- >
- > p = SSLEncodeInt(p, n, 2);
- > memset(p, 0, n); p+=n;
- > p = SSLEncodeInt(p, n, 2);
- > memcpy(p, ctx->pskSharedSecret.data, n);
- >
- > dumpBuf("client premaster (PSK)", &ctx->preMasterSecret);
- >
- > return errSecSuccess;
- > }
- >
- >
- > // MARK: -
- > // MARK: Public Functions
- 1723,1724c1802,1803
- <
- < switch (ctx->selectedCipherSpec.keyExchangeMethod)
- ---
- >
- > switch (ctx->selectedCipherSpecParams.keyExchangeMethod)
- 1744c1823
- < return unimpErr;
- ---
- > return errSecUnimplemented;
- 1747c1826
- < return noErr;
- ---
- > return errSecSuccess;
- 1754,1755c1833,1834
- <
- < switch (ctx->selectedCipherSpec.keyExchangeMethod) {
- ---
- >
- > switch (ctx->selectedCipherSpecParams.keyExchangeMethod) {
- 1775c1854
- < err = unimpErr;
- ---
- > err = errSecUnimplemented;
- 1785,1788c1864,1867
- <
- < assert(ctx->protocolSide == kSSLClientSide);
- <
- < switch (ctx->selectedCipherSpec.keyExchangeMethod) {
- ---
- >
- > assert(ctx->protocolSide == kSSLClientSide);
- >
- > switch (ctx->selectedCipherSpecParams.keyExchangeMethod) {
- 1812a1892,1894
- > case TLS_PSK:
- > err = SSLEncodePSKClientKeyExchange(keyExchange, ctx);
- > break;
- 1814,1816c1896,1898
- < sslDebugLog("SSLEncodeKeyExchange: unknown method (%d)\n",
- < ctx->selectedCipherSpec.keyExchangeMethod);
- < err = unimpErr;
- ---
- > sslErrorLog("SSLEncodeKeyExchange: unknown method (%d)\n",
- > ctx->selectedCipherSpecParams.keyExchangeMethod);
- > err = errSecUnimplemented;
- 1825,1835c1907,1915
- <
- < switch (ctx->selectedCipherSpec.keyExchangeMethod)
- < { case SSL_RSA:
- < case SSL_RSA_EXPORT:
- < sslDebugLog("SSLProcessKeyExchange: processing RSA key exchange (%d)\n",
- < ctx->selectedCipherSpec.keyExchangeMethod);
- < if ((err = SSLDecodeRSAKeyExchange(keyExchange, ctx)) != 0)
- < return err;
- < break;
- < #if APPLE_DH
- < case SSL_DH_anon:
- ---
- >
- > switch (ctx->selectedCipherSpecParams.keyExchangeMethod)
- > { case SSL_RSA:
- > case SSL_RSA_EXPORT:
- > if ((err = SSLDecodeRSAKeyExchange(keyExchange, ctx)) != 0)
- > return err;
- > break;
- > #if APPLE_DH
- > case SSL_DH_anon:
- 1842c1922
- < ctx->selectedCipherSpec.keyExchangeMethod);
- ---
- > ctx->selectedCipherSpecParams.keyExchangeMethod);
- 1846a1927,1930
- > case TLS_PSK:
- > if ((err = SSLDecodePSKClientKeyExchange(keyExchange, ctx)) != 0)
- > return err;
- > break;
- 1849,1850c1933,1934
- < ctx->selectedCipherSpec.keyExchangeMethod);
- < return unimpErr;
- ---
- > ctx->selectedCipherSpecParams.keyExchangeMethod);
- > return errSecUnimplemented;
- 1853c1937
- < return noErr;
- ---
- > return errSecSuccess;
- 1860d1943
- < uint8_t *keyDataProgress, *keyPtr, *ivPtr;
- 1862,1863c1945,1946
- < CipherContext *serverPending, *clientPending;
- <
- ---
- >
- > err = errSecSuccess;
- 1866,1885c1949,1951
- < ctx->readPending.macRef = ctx->selectedCipherSpec.macAlgorithm;
- < ctx->writePending.macRef = ctx->selectedCipherSpec.macAlgorithm;
- < ctx->readPending.symCipher = ctx->selectedCipherSpec.cipher;
- < ctx->writePending.symCipher = ctx->selectedCipherSpec.cipher;
- <
- < if(ctx->negProtocolVersion == DTLS_Version_1_0)
- < {
- < ctx->readPending.sequenceNum.high = (ctx->readPending.sequenceNum.high & (0xffff<<16)) + (1<<16);
- < ctx->writePending.sequenceNum.high = (ctx->writePending.sequenceNum.high & (0xffff<<16)) + (1<<16);
- < } else {
- < ctx->writePending.sequenceNum.high=0;
- < ctx->readPending.sequenceNum.high=0;
- < }
- < ctx->readPending.sequenceNum.low = 0;
- < ctx->writePending.sequenceNum.low = 0;
- <
- < keyDataLen = ctx->selectedCipherSpec.macAlgorithm->hash->digestSize +
- < ctx->selectedCipherSpec.cipher->secretKeySize;
- < if (ctx->selectedCipherSpec.isExportable == NotExportable)
- < keyDataLen += ctx->selectedCipherSpec.cipher->ivSize;
- ---
- > keyDataLen = ctx->selectedCipherSpecParams.macSize +
- > ctx->selectedCipherSpecParams.keySize +
- > ctx->selectedCipherSpecParams.ivSize;
- 1888c1954
- < if ((err = SSLAllocBuffer(&key, keyDataLen, ctx)) != 0)
- ---
- > if ((err = SSLAllocBuffer(&key, keyDataLen)))
- 1893,2004c1959,1965
- <
- < if (ctx->protocolSide == kSSLServerSide)
- < { serverPending = &ctx->writePending;
- < clientPending = &ctx->readPending;
- < }
- < else
- < { serverPending = &ctx->readPending;
- < clientPending = &ctx->writePending;
- < }
- <
- < keyDataProgress = key.data;
- < memcpy(clientPending->macSecret, keyDataProgress,
- < ctx->selectedCipherSpec.macAlgorithm->hash->digestSize);
- < keyDataProgress += ctx->selectedCipherSpec.macAlgorithm->hash->digestSize;
- < memcpy(serverPending->macSecret, keyDataProgress,
- < ctx->selectedCipherSpec.macAlgorithm->hash->digestSize);
- < keyDataProgress += ctx->selectedCipherSpec.macAlgorithm->hash->digestSize;
- <
- < /* init the reusable-per-record MAC contexts */
- < err = ctx->sslTslCalls->initMac(clientPending, ctx);
- < if(err) {
- < goto fail;
- < }
- < err = ctx->sslTslCalls->initMac(serverPending, ctx);
- < if(err) {
- < goto fail;
- < }
- <
- < if (ctx->selectedCipherSpec.isExportable == NotExportable)
- < { keyPtr = keyDataProgress;
- < keyDataProgress += ctx->selectedCipherSpec.cipher->secretKeySize;
- < /* Skip server write key to get to IV */
- < UInt8 ivSize = ctx->selectedCipherSpec.cipher->ivSize;
- <
- < if (ivSize == 0)
- < {
- < ivPtr = NULL;
- < }
- < else
- < {
- < ivPtr = keyDataProgress + ctx->selectedCipherSpec.cipher->secretKeySize;
- < }
- <
- < if ((err = ctx->selectedCipherSpec.cipher->initialize(keyPtr, ivPtr,
- < clientPending, ctx)) != 0)
- < goto fail;
- < keyPtr = keyDataProgress;
- < keyDataProgress += ctx->selectedCipherSpec.cipher->secretKeySize;
- < /* Skip client write IV to get to server write IV */
- < if (ivSize == 0)
- < {
- < ivPtr = NULL;
- < }
- < else
- < {
- < ivPtr = keyDataProgress + ctx->selectedCipherSpec.cipher->ivSize;
- < }
- <
- < if ((err = ctx->selectedCipherSpec.cipher->initialize(keyPtr, ivPtr,
- < serverPending, ctx)) != 0)
- < goto fail;
- < }
- < else {
- < uint8_t clientExportKey[16], serverExportKey[16],
- < clientExportIV[16], serverExportIV[16];
- < SSLBuffer clientWrite, serverWrite;
- < SSLBuffer finalClientWrite, finalServerWrite;
- < SSLBuffer finalClientIV, finalServerIV;
- <
- < assert(ctx->selectedCipherSpec.cipher->keySize <= 16);
- < assert(ctx->selectedCipherSpec.cipher->ivSize <= 16);
- <
- < /* Inputs to generateExportKeyAndIv are clientRandom, serverRandom,
- < * clientWriteKey, serverWriteKey. The first two are already present
- < * in ctx.
- < * Outputs are a key and IV for each of {server, client}.
- < */
- < clientWrite.data = keyDataProgress;
- < clientWrite.length = ctx->selectedCipherSpec.cipher->secretKeySize;
- < serverWrite.data = keyDataProgress + clientWrite.length;
- < serverWrite.length = ctx->selectedCipherSpec.cipher->secretKeySize;
- < finalClientWrite.data = clientExportKey;
- < finalServerWrite.data = serverExportKey;
- < finalClientIV.data = clientExportIV;
- < finalServerIV.data = serverExportIV;
- < finalClientWrite.length = 16;
- < finalServerWrite.length = 16;
- < /* these can be zero */
- < finalClientIV.length = ctx->selectedCipherSpec.cipher->ivSize;
- < finalServerIV.length = ctx->selectedCipherSpec.cipher->ivSize;
- <
- < assert(ctx->sslTslCalls != NULL);
- < err = ctx->sslTslCalls->generateExportKeyAndIv(ctx, clientWrite, serverWrite,
- < finalClientWrite, finalServerWrite, finalClientIV, finalServerIV);
- < if(err) {
- < goto fail;
- < }
- < if ((err = ctx->selectedCipherSpec.cipher->initialize(clientExportKey,
- < clientExportIV, clientPending, ctx)) != 0)
- < goto fail;
- < if ((err = ctx->selectedCipherSpec.cipher->initialize(serverExportKey,
- < serverExportIV, serverPending, ctx)) != 0)
- < goto fail;
- < }
- <
- < /* Ciphers are ready for use */
- < ctx->writePending.ready = 1;
- < ctx->readPending.ready = 1;
- <
- < /* Ciphers get swapped by sending or receiving a change cipher spec message */
- <
- < err = noErr;
- ---
- >
- > if((err = ctx->recFuncs->initPendingCiphers(ctx->recCtx, ctx->selectedCipher, (ctx->protocolSide==kSSLServerSide), key)) != 0)
- > goto fail;
- >
- > ctx->writePending_ready = 1;
- > ctx->readPending_ready = 1;
- >
- 2006c1967
- < SSLFreeBuffer(&key, ctx);
- ---
- > SSLFreeBuffer(&key);
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement