session: use plain buffer to store ticket nonce in ticket

2022-09-21 14:23:21 +02:00
parent 43715d1bb5
commit 1a983b4a8f
2 changed files with 20 additions and 17 deletions
--- a/src/internal.c
+++ b/src/internal.c
@ -33986,8 +33986,9 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
        #endif
            /* Resumption master secret. */
            XMEMCPY(it->msecret, ssl->session->masterSecret, SECRET_LEN);
-            XMEMCPY(&it->ticketNonce, &ssl->session->ticketNonce,
-                                                           sizeof(TicketNonce));
+            XMEMCPY(it->ticketNonce, ssl->session->ticketNonce.data,
+                ssl->session->ticketNonce.len);
+            it->ticketNonceLen = ssl->session->ticketNonce.len;
 #endif
        }

@ -34263,8 +34264,9 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
    #endif
                /* Resumption master secret. */
                XMEMCPY(ssl->session->masterSecret, it->msecret, SECRET_LEN);
-                XMEMCPY(&ssl->session->ticketNonce, &it->ticketNonce,
-                                                           sizeof(TicketNonce));
+                XMEMCPY(ssl->session->ticketNonce.data, it->ticketNonce,
+                    it->ticketNonceLen);
+                ssl->session->ticketNonce.len = it->ticketNonceLen;
                ato16(it->namedGroup, &ssl->session->namedGroup);
 #endif
            }
--- a/wolfssl/internal.h
+++ b/wolfssl/internal.h
@ -2776,18 +2776,6 @@ WOLFSSL_LOCAL int TLSX_AddEmptyRenegotiationInfo(TLSX** extensions, void* heap);

 #endif /* HAVE_SECURE_RENEGOTIATION */

-/** Session Ticket - RFC 5077 (session 3.2) */
-#if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK)
-/* Ticket nonce - for deriving PSK.
- * Length allowed to be: 1..255. Only support 4 bytes.
- * Defined here so that it can be included in InternalTicket.
- */
-typedef struct TicketNonce {
-    byte len;
-    byte data[MAX_TICKET_NONCE_SZ];
-} TicketNonce;
-#endif
-
 #ifdef HAVE_SESSION_TICKET
 /* Our ticket format. All members need to be a byte or array of byte to
 * avoid alignment issues */
@ -2800,7 +2788,8 @@ typedef struct InternalTicket {
 #ifdef WOLFSSL_TLS13
    byte            ageAdd[AGEADD_LEN];    /* Obfuscation of age */
    byte            namedGroup[NAMEDGROUP_LEN]; /* Named group used */
-    TicketNonce     ticketNonce;           /* Ticket nonce */
+    byte            ticketNonceLen;
+    byte            ticketNonce[MAX_TICKET_NONCE_SZ];
 #ifdef WOLFSSL_EARLY_DATA
    byte            maxEarlyDataSz[MAXEARLYDATASZ_LEN]; /* Max size of
                                                         * early data */
@ -3696,6 +3685,18 @@ WOLFSSL_LOCAL int wolfSSL_quic_add_transport_extensions(WOLFSSL *ssl, int msg_ty

 #endif /* WOLFSSL_QUIC */

+/** Session Ticket - RFC 5077 (session 3.2) */
+#if defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET) || !defined(NO_PSK)
+/* Ticket nonce - for deriving PSK.
+   Length allowed to be: 1..255. Only support
+ * TLS13_TICKET_NONCE_STATIC_SZ length bytes.
+ */
+typedef struct TicketNonce {
+    byte len;
+    byte data[MAX_TICKET_NONCE_SZ];
+} TicketNonce;
+#endif
+
 /* wolfSSL session type */
 struct WOLFSSL_SESSION {
    /* WARNING Do not add fields here. They will be ignored in