feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Merge pull request #5235 from SparkiDev/sess_sec_cb_fixup

Browse Source 
Improve SessionSecret_callback code.
This commit is contained in:
David Garske
2022-06-13 08:21:45 -07:00
committed by GitHub
parent 8899112456 1de54ed8d7
commit 9ee1833bd2
1 changed files with 48 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

84
src/internal.c
View File

@ -244,6 +244,9 @@ static int SSL_hmac(WOLFSSL* ssl, byte* digest, const byte* in, word32 sz,
const unsigned char* secret, int secretSz, void* ctx); const unsigned char* secret, int secretSz, void* ctx);
#endif #endif
/* Label string for client random. */
#define SSC_CR "CLIENT_RANDOM"
/* /*
* This function builds up string for key-logging then call user's * This function builds up string for key-logging then call user's
* key-log-callback to pass the string for TLS1.2 and older. * key-log-callback to pass the string for TLS1.2 and older.
@ -264,8 +267,8 @@ static int SSL_hmac(WOLFSSL* ssl, byte* digest, const byte* in, word32 sz,
int msSz; int msSz;
int hasVal; int hasVal;
int i; int i;
const char* label = "CLIENT_RANDOM"; const char* label = SSC_CR;
int labelSz = sizeof("CLIENT_RANDOM"); int labelSz = sizeof(SSC_CR);
int buffSz; int buffSz;
byte* log = NULL; byte* log = NULL;
word32 outSz; word32 outSz;
@ -297,7 +300,7 @@ static int SSL_hmac(WOLFSSL* ssl, byte* digest, const byte* in, word32 sz,
/* build up a hex-decoded keylog string /* build up a hex-decoded keylog string
"CLIENT_RANDOM <hex-encoded client random> <hex-encoded master-secret>" "CLIENT_RANDOM <hex-encoded client random> <hex-encoded master-secret>"
note that each keylog string does not have LF. note that each keylog string does not have CR/LF.
*/ */
buffSz = labelSz + (RAN_LEN * 2) + 1 + ((*secretSz) * 2) + 1; buffSz = labelSz + (RAN_LEN * 2) + 1 + ((*secretSz) * 2) + 1;
log = XMALLOC(buffSz, ssl->heap, DYNAMIC_TYPE_SECRET); log = XMALLOC(buffSz, ssl->heap, DYNAMIC_TYPE_SECRET);
@ -307,7 +310,7 @@ static int SSL_hmac(WOLFSSL* ssl, byte* digest, const byte* in, word32 sz,
XMEMSET(log, 0, buffSz); XMEMSET(log, 0, buffSz);
XMEMCPY(log, label, labelSz -1); /* put label w/o terminator */ XMEMCPY(log, label, labelSz -1); /* put label w/o terminator */
XMEMSET(log + labelSz - 1, ' ', 1); /* '\0' -> ' ' */ log[labelSz - 1] = ' '; /* '\0' -> ' ' */
idx = labelSz; idx = labelSz;
outSz = buffSz - idx; outSz = buffSz - idx;
if ((ret = Base16_Encode(ssl->arrays->clientRandom, RAN_LEN, if ((ret = Base16_Encode(ssl->arrays->clientRandom, RAN_LEN,
@ -316,8 +319,7 @@ static int SSL_hmac(WOLFSSL* ssl, byte* digest, const byte* in, word32 sz,
outSz = buffSz - idx; outSz = buffSz - idx;
if (outSz > 1) { if (outSz > 1) {
XMEMSET(log + idx, ' ', 1); /* add space*/ log[idx++] = ' '; /* add space*/
idx++;
outSz = buffSz - idx; outSz = buffSz - idx;
if ((ret = Base16_Encode((byte*)secret, *secretSz, if ((ret = Base16_Encode((byte*)secret, *secretSz,
@ -333,7 +335,24 @@ static int SSL_hmac(WOLFSSL* ssl, byte* digest, const byte* in, word32 sz,
XFREE(log, ssl->heap, DYNAMIC_TYPE_SECRET); XFREE(log, ssl->heap, DYNAMIC_TYPE_SECRET);
return ret; return ret;
} }
#if defined(WOLFSSL_TLS13) #if defined(WOLFSSL_TLS13)
/* Label string for client early traffic secret. */
#define SSC_TLS13_CETS "CLIENT_EARLY_TRAFFIC_SECRET"
/* Label string for client handshake traffic secret. */
#define SSC_TLS13_CHTS "CLIENT_HANDSHAKE_TRAFFIC_SECRET"
/* Label string for server handshake traffic secret. */
#define SSC_TLS13_SHTS "SERVER_HANDSHAKE_TRAFFIC_SECRET"
/* Label string for client traffic secret. */
#define SSC_TLS13_CTS "CLIENT_TRAFFIC_SECRET_0"
/* Label string for server traffic secret. */
#define SSC_TLS13_STS "SERVER_TRAFFIC_SECRET_0"
/* Label string for early exporter secret. */
#define SSC_TLS13_EES "EARLY_EXPORTER_SECRET"
/* Label string for exporter secret. */
#define SSC_TLS13_ES "EXPORTER_SECRET"
/* /*
* This function builds up string for key-logging then call user's * This function builds up string for key-logging then call user's
* key-log-callback to pass the string for TLS1.3. * key-log-callback to pass the string for TLS1.3.
@ -353,10 +372,10 @@ static int SSL_hmac(WOLFSSL* ssl, byte* digest, const byte* in, word32 sz,
const unsigned char* secret, int secretSz, void* ctx) const unsigned char* secret, int secretSz, void* ctx)
{ {
wolfSSL_CTX_keylog_cb_func logCb = NULL; wolfSSL_CTX_keylog_cb_func logCb = NULL;
char label[50]; const char* label;
int labelSz = 0; int labelSz = 0;
int buffSz = 0; int buffSz = 0;
byte* log = NULL; byte* log = NULL;
word32 outSz; word32 outSz;
int idx; int idx;
int ret; int ret;
@ -375,51 +394,45 @@ static int SSL_hmac(WOLFSSL* ssl, byte* digest, const byte* in, word32 sz,
switch (id) { switch (id) {
case CLIENT_EARLY_TRAFFIC_SECRET: case CLIENT_EARLY_TRAFFIC_SECRET:
labelSz = sizeof(SSC_TLS13_CETS);
labelSz = sizeof("CLIENT_EARLY_TRAFFIC_SECRET"); label = SSC_TLS13_CETS;
XSTRNCPY(label,"CLIENT_EARLY_TRAFFIC_SECRET", labelSz);
break; break;
case CLIENT_HANDSHAKE_TRAFFIC_SECRET: case CLIENT_HANDSHAKE_TRAFFIC_SECRET:
labelSz = sizeof(SSC_TLS13_CHTS);
labelSz = sizeof("CLIENT_HANDSHAKE_TRAFFIC_SECRET"); label = SSC_TLS13_CHTS;
XSTRNCPY(label, "CLIENT_HANDSHAKE_TRAFFIC_SECRET", labelSz);
break; break;
case SERVER_HANDSHAKE_TRAFFIC_SECRET: case SERVER_HANDSHAKE_TRAFFIC_SECRET:
labelSz = sizeof(SSC_TLS13_SHTS);
labelSz = sizeof("SERVER_HANDSHAKE_TRAFFIC_SECRET"); label = SSC_TLS13_SHTS;
XSTRNCPY(label, "SERVER_HANDSHAKE_TRAFFIC_SECRET", labelSz);
break; break;
case CLIENT_TRAFFIC_SECRET: case CLIENT_TRAFFIC_SECRET:
labelSz = sizeof(SSC_TLS13_CTS);
labelSz = sizeof("CLIENT_TRAFFIC_SECRET_0"); label = SSC_TLS13_CTS;
XSTRNCPY(label, "CLIENT_TRAFFIC_SECRET_0", labelSz);
break; break;
case SERVER_TRAFFIC_SECRET: case SERVER_TRAFFIC_SECRET:
labelSz = sizeof(SSC_TLS13_STS);
labelSz = sizeof("SERVER_TRAFFIC_SECRET_0"); label = SSC_TLS13_STS;
XSTRNCPY(label, "SERVER_TRAFFIC_SECRET_0", labelSz);
break; break;
case EARLY_EXPORTER_SECRET: case EARLY_EXPORTER_SECRET:
labelSz = sizeof(SSC_TLS13_EES);
labelSz = sizeof("EARLY_EXPORTER_SECRET"); label = SSC_TLS13_EES;
XSTRNCPY(label, "EARLY_EXPORTER_SECRET", labelSz);
break; break;
case EXPORTER_SECRET: case EXPORTER_SECRET:
labelSz = sizeof(SSC_TLS13_ES);
labelSz = sizeof("EXPORTER_SECRET"); label = SSC_TLS13_ES;
XSTRNCPY(label, "EXPORTER_SECRET", labelSz);
break; break;
default: default:
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
} }
/* prepare a log string for passing user callback */ /* prepare a log string for passing user callback
* "<Label> <hex-encoded client random> <hex-encoded secret>" */
buffSz = labelSz + (RAN_LEN * 2) + 1 + secretSz * 2 + 1; buffSz = labelSz + (RAN_LEN * 2) + 1 + secretSz * 2 + 1;
log = XMALLOC(buffSz, ssl->heap, DYNAMIC_TYPE_SECRET); log = XMALLOC(buffSz, ssl->heap, DYNAMIC_TYPE_SECRET);
if (log == NULL) if (log == NULL)
@ -427,18 +440,17 @@ static int SSL_hmac(WOLFSSL* ssl, byte* digest, const byte* in, word32 sz,
XMEMSET(log, 0, buffSz); XMEMSET(log, 0, buffSz);
XMEMCPY(log, label, labelSz - 1); /* put label w/o terminator */ XMEMCPY(log, label, labelSz - 1); /* put label w/o terminator */
XMEMSET(log + labelSz - 1, ' ', 1); /* '\0' -> ' ' */ log[labelSz - 1] = ' '; /* '\0' -> ' ' */
idx = labelSz; idx = labelSz;
outSz = buffSz - idx; outSz = buffSz - idx;
if ((ret = Base16_Encode(ssl->arrays->clientRandom, RAN_LEN, if ((ret = Base16_Encode(ssl->arrays->clientRandom, RAN_LEN,
log + idx, &outSz)) == 0) { log + idx, &outSz)) == 0) {
idx += (outSz -1); /* reduce terminator byte */ idx += (outSz - 1); /* reduce terminator byte */
outSz = buffSz - idx; outSz = buffSz - idx;
if (outSz >1) { if (outSz >1) {
XMEMSET(log + idx, ' ', 1); /* add space*/ log[idx++] = ' '; /* add space*/
idx++;
outSz = buffSz - idx; outSz = buffSz - idx;
if ((ret = Base16_Encode((byte*)secret, secretSz, if ((ret = Base16_Encode((byte*)secret, secretSz,