wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-30 10:47:28 +02:00
Code Issues Packages Projects Releases Wiki Activity

session: use plain buffer to store ticket nonce in ticket

Browse Source
This commit is contained in:
Marco Oliverio
2022-09-21 14:23:21 +02:00
parent 43715d1bb5
commit 1a983b4a8f
2 changed files with 20 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/internal.c
View File

@ -33986,8 +33986,9 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
#endif #endif
/* Resumption master secret. */ /* Resumption master secret. */
XMEMCPY(it->msecret, ssl->session->masterSecret, SECRET_LEN); XMEMCPY(it->msecret, ssl->session->masterSecret, SECRET_LEN);
XMEMCPY(&it->ticketNonce, &ssl->session->ticketNonce, XMEMCPY(it->ticketNonce, ssl->session->ticketNonce.data,
sizeof(TicketNonce)); ssl->session->ticketNonce.len);
it->ticketNonceLen = ssl->session->ticketNonce.len;
#endif #endif
} }
@ -34263,8 +34264,9 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
#endif #endif
/* Resumption master secret. */ /* Resumption master secret. */
XMEMCPY(ssl->session->masterSecret, it->msecret, SECRET_LEN); XMEMCPY(ssl->session->masterSecret, it->msecret, SECRET_LEN);
XMEMCPY(&ssl->session->ticketNonce, &it->ticketNonce, XMEMCPY(ssl->session->ticketNonce.data, it->ticketNonce,
sizeof(TicketNonce)); it->ticketNonceLen);
ssl->session->ticketNonce.len = it->ticketNonceLen;
ato16(it->namedGroup, &ssl->session->namedGroup); ato16(it->namedGroup, &ssl->session->namedGroup);
#endif #endif
} }

27
wolfssl/internal.h
View File

@ -2776,18 +2776,6 @@ WOLFSSL_LOCAL int TLSX_AddEmptyRenegotiationInfo(TLSX** extensions, void* heap);
#endif /* HAVE_SECURE_RENEGOTIATION */ #endif /* HAVE_SECURE_RENEGOTIATION */
/** Session Ticket - RFC 5077 (session 3.2) */
#if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK)
/* Ticket nonce - for deriving PSK.
* Length allowed to be: 1..255. Only support 4 bytes.
* Defined here so that it can be included in InternalTicket.
*/
typedef struct TicketNonce {
byte len;
byte data[MAX_TICKET_NONCE_SZ];
} TicketNonce;
#endif
#ifdef HAVE_SESSION_TICKET #ifdef HAVE_SESSION_TICKET
/* Our ticket format. All members need to be a byte or array of byte to /* Our ticket format. All members need to be a byte or array of byte to
* avoid alignment issues */ * avoid alignment issues */
@ -2800,7 +2788,8 @@ typedef struct InternalTicket {
#ifdef WOLFSSL_TLS13 #ifdef WOLFSSL_TLS13
byte ageAdd[AGEADD_LEN]; /* Obfuscation of age */ byte ageAdd[AGEADD_LEN]; /* Obfuscation of age */
byte namedGroup[NAMEDGROUP_LEN]; /* Named group used */ byte namedGroup[NAMEDGROUP_LEN]; /* Named group used */
TicketNonce ticketNonce; /* Ticket nonce */ byte ticketNonceLen;
byte ticketNonce[MAX_TICKET_NONCE_SZ];
#ifdef WOLFSSL_EARLY_DATA #ifdef WOLFSSL_EARLY_DATA
byte maxEarlyDataSz[MAXEARLYDATASZ_LEN]; /* Max size of byte maxEarlyDataSz[MAXEARLYDATASZ_LEN]; /* Max size of
* early data */ * early data */
@ -3696,6 +3685,18 @@ WOLFSSL_LOCAL int wolfSSL_quic_add_transport_extensions(WOLFSSL *ssl, int msg_ty
#endif /* WOLFSSL_QUIC */ #endif /* WOLFSSL_QUIC */
/** Session Ticket - RFC 5077 (session 3.2) */
#if defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET) || !defined(NO_PSK)
/* Ticket nonce - for deriving PSK.
Length allowed to be: 1..255. Only support
* TLS13_TICKET_NONCE_STATIC_SZ length bytes.
*/
typedef struct TicketNonce {
byte len;
byte data[MAX_TICKET_NONCE_SZ];
} TicketNonce;
#endif
/* wolfSSL session type */ /* wolfSSL session type */
struct WOLFSSL_SESSION { struct WOLFSSL_SESSION {
/* WARNING Do not add fields here. They will be ignored in /* WARNING Do not add fields here. They will be ignored in