feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Update to allow resumption with session tickets and extended master secret.

Browse Source
This commit is contained in:
John Safranek
2016-09-12 14:24:56 -07:00
parent c1136a30e9
commit 77cf700657
1 changed files with 7 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/internal.c
View File

@@ -18732,6 +18732,7 @@ int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
byte suite[SUITE_LEN]; /* cipher suite when created */ byte suite[SUITE_LEN]; /* cipher suite when created */
byte msecret[SECRET_LEN]; /* master secret */ byte msecret[SECRET_LEN]; /* master secret */
word32 timestamp; /* born on */ word32 timestamp; /* born on */
word16 haveEMS; /* have extended master secret */
} InternalTicket; } InternalTicket;
/* fit within SESSION_TICKET_LEN */ /* fit within SESSION_TICKET_LEN */
@@ -18753,6 +18754,8 @@ int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
int ret; int ret;
byte zeros[WOLFSSL_TICKET_MAC_SZ]; /* biggest cmp size */ byte zeros[WOLFSSL_TICKET_MAC_SZ]; /* biggest cmp size */
XMEMSET(&it, 0, sizeof(it));
/* build internal */ /* build internal */
it.pv.major = ssl->version.major; it.pv.major = ssl->version.major;
it.pv.minor = ssl->version.minor; it.pv.minor = ssl->version.minor;
@@ -18762,6 +18765,7 @@ int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
XMEMCPY(it.msecret, ssl->arrays->masterSecret, SECRET_LEN); XMEMCPY(it.msecret, ssl->arrays->masterSecret, SECRET_LEN);
c32toa(LowResTimer(), (byte*)&it.timestamp); c32toa(LowResTimer(), (byte*)&it.timestamp);
it.haveEMS = ssl->options.haveEMS;
/* build external */ /* build external */
XMEMCPY(et->enc_ticket, &it, sizeof(InternalTicket)); XMEMCPY(et->enc_ticket, &it, sizeof(InternalTicket));
@@ -18853,8 +18857,10 @@ int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
} }
/* get master secret */ /* get master secret */
if (ret == WOLFSSL_TICKET_RET_OK || ret == WOLFSSL_TICKET_RET_CREATE) if (ret == WOLFSSL_TICKET_RET_OK || ret == WOLFSSL_TICKET_RET_CREATE) {
XMEMCPY(ssl->arrays->masterSecret, it->msecret, SECRET_LEN); XMEMCPY(ssl->arrays->masterSecret, it->msecret, SECRET_LEN);
ssl->session.haveEMS = it->haveEMS;
}
return ret; return ret;
} }