mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2025-08-04 13:14:45 +02:00
Initial Extended Master Secret PK Callback ZD#19038
This commit is contained in:
night1rider
23
src/ssl.c
23
src/ssl.c
@@ -19234,6 +19234,29 @@ void* wolfSSL_GetGenMasterSecretCtx(WOLFSSL* ssl)
|
|||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* callback for extended master secret generation */
|
||||||
|
void wolfSSL_CTX_SetGenExtMasterSecretCb(WOLFSSL_CTX* ctx,
|
||||||
|
CallbackGenExtMasterSecret cb)
|
||||||
|
{
|
||||||
|
if (ctx)
|
||||||
|
ctx->GenExtMasterCb = cb;
|
||||||
|
}
|
||||||
|
/* Set extended master secret generation callback context */
|
||||||
|
void wolfSSL_SetGenExtMasterSecretCtx(WOLFSSL* ssl, void *ctx)
|
||||||
|
{
|
||||||
|
if (ssl)
|
||||||
|
ssl->GenExtMasterCtx = ctx;
|
||||||
|
}
|
||||||
|
/* Get extended master secret generation callback context */
|
||||||
|
void* wolfSSL_GetGenExtMasterSecretCtx(WOLFSSL* ssl)
|
||||||
|
{
|
||||||
|
if (ssl)
|
||||||
|
return ssl->GenExtMasterCtx;
|
||||||
|
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
/* callback for session key generation */
|
/* callback for session key generation */
|
||||||
void wolfSSL_CTX_SetGenSessionKeyCb(WOLFSSL_CTX* ctx, CallbackGenSessionKey cb)
|
void wolfSSL_CTX_SetGenSessionKeyCb(WOLFSSL_CTX* ctx, CallbackGenSessionKey cb)
|
||||||
{
|
{
|
||||||
|
|||||||
24
src/tls.c
24
src/tls.c
@@ -645,12 +645,24 @@ int MakeTlsMasterSecret(WOLFSSL* ssl)
|
|||||||
XMEMSET(handshake_hash, 0, HSHASH_SZ);
|
XMEMSET(handshake_hash, 0, HSHASH_SZ);
|
||||||
ret = BuildTlsHandshakeHash(ssl, handshake_hash, &hashSz);
|
ret = BuildTlsHandshakeHash(ssl, handshake_hash, &hashSz);
|
||||||
if (ret == 0) {
|
if (ret == 0) {
|
||||||
ret = _MakeTlsExtendedMasterSecret(
|
#if !defined(NO_CERTS) && defined(HAVE_PK_CALLBACKS)
|
||||||
ssl->arrays->masterSecret, SECRET_LEN,
|
ret = PROTOCOLCB_UNAVAILABLE;
|
||||||
ssl->arrays->preMasterSecret, ssl->arrays->preMasterSz,
|
if (ssl->ctx->GenExtMasterCb) {
|
||||||
handshake_hash, hashSz,
|
void* ctx = wolfSSL_GetGenExtMasterSecretCtx(ssl);
|
||||||
IsAtLeastTLSv1_2(ssl), ssl->specs.mac_algorithm,
|
ret = ssl->ctx->GenExtMasterCb(ssl, handshake_hash, hashSz,
|
||||||
ssl->heap, ssl->devId);
|
ctx);
|
||||||
|
}
|
||||||
|
if (!ssl->ctx->GenExtMasterCb ||
|
||||||
|
ret == WC_NO_ERR_TRACE(PROTOCOLCB_UNAVAILABLE))
|
||||||
|
#endif /* (HAVE_SECRET_CALLBACK) && (HAVE_EXT_SECRET_CALLBACK) */
|
||||||
|
{
|
||||||
|
ret = _MakeTlsExtendedMasterSecret(
|
||||||
|
ssl->arrays->masterSecret, SECRET_LEN,
|
||||||
|
ssl->arrays->preMasterSecret, ssl->arrays->preMasterSz,
|
||||||
|
handshake_hash, hashSz,
|
||||||
|
IsAtLeastTLSv1_2(ssl), ssl->specs.mac_algorithm,
|
||||||
|
ssl->heap, ssl->devId);
|
||||||
|
}
|
||||||
ForceZero(handshake_hash, hashSz);
|
ForceZero(handshake_hash, hashSz);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -4123,6 +4123,8 @@ struct WOLFSSL_CTX {
|
|||||||
CallbackGenPreMaster GenPreMasterCb;
|
CallbackGenPreMaster GenPreMasterCb;
|
||||||
/* User generate master secret handler */
|
/* User generate master secret handler */
|
||||||
CallbackGenMasterSecret GenMasterCb;
|
CallbackGenMasterSecret GenMasterCb;
|
||||||
|
/* User generate Extended master secret handler */
|
||||||
|
CallbackGenExtMasterSecret GenExtMasterCb;
|
||||||
/* User generate session key handler */
|
/* User generate session key handler */
|
||||||
CallbackGenSessionKey GenSessionKeyCb;
|
CallbackGenSessionKey GenSessionKeyCb;
|
||||||
/* User setting encrypt keys handler */
|
/* User setting encrypt keys handler */
|
||||||
@@ -6168,6 +6170,7 @@ struct WOLFSSL {
|
|||||||
#endif /* NO_RSA */
|
#endif /* NO_RSA */
|
||||||
void* GenPreMasterCtx; /* Generate Premaster Callback Context */
|
void* GenPreMasterCtx; /* Generate Premaster Callback Context */
|
||||||
void* GenMasterCtx; /* Generate Master Callback Context */
|
void* GenMasterCtx; /* Generate Master Callback Context */
|
||||||
|
void* GenExtMasterCtx; /* Generate Extended Master Callback Context */
|
||||||
void* GenSessionKeyCtx; /* Generate Session Key Callback Context */
|
void* GenSessionKeyCtx; /* Generate Session Key Callback Context */
|
||||||
void* EncryptKeysCtx; /* Set Encrypt keys Callback Context */
|
void* EncryptKeysCtx; /* Set Encrypt keys Callback Context */
|
||||||
void* TlsFinishedCtx; /* Generate Tls Finished Callback Context */
|
void* TlsFinishedCtx; /* Generate Tls Finished Callback Context */
|
||||||
|
|||||||
@@ -4049,6 +4049,13 @@ WOLFSSL_API void wolfSSL_CTX_SetGenMasterSecretCb(WOLFSSL_CTX* ctx,
|
|||||||
WOLFSSL_API void wolfSSL_SetGenMasterSecretCtx(WOLFSSL* ssl, void *ctx);
|
WOLFSSL_API void wolfSSL_SetGenMasterSecretCtx(WOLFSSL* ssl, void *ctx);
|
||||||
WOLFSSL_API void* wolfSSL_GetGenMasterSecretCtx(WOLFSSL* ssl);
|
WOLFSSL_API void* wolfSSL_GetGenMasterSecretCtx(WOLFSSL* ssl);
|
||||||
|
|
||||||
|
typedef int (*CallbackGenExtMasterSecret)(WOLFSSL* ssl, byte* hash,
|
||||||
|
word32 hashsz, void* ctx);
|
||||||
|
WOLFSSL_API void wolfSSL_CTX_SetGenExtMasterSecretCb(WOLFSSL_CTX* ctx,
|
||||||
|
CallbackGenExtMasterSecret cb);
|
||||||
|
WOLFSSL_API void wolfSSL_SetGenExtMasterSecretCtx(WOLFSSL* ssl, void *ctx);
|
||||||
|
WOLFSSL_API void* wolfSSL_GetGenExtMasterSecretCtx(WOLFSSL* ssl);
|
||||||
|
|
||||||
typedef int (*CallbackGenPreMaster)(WOLFSSL* ssl, byte *premaster,
|
typedef int (*CallbackGenPreMaster)(WOLFSSL* ssl, byte *premaster,
|
||||||
word32 preSz, void* ctx);
|
word32 preSz, void* ctx);
|
||||||
WOLFSSL_API void wolfSSL_CTX_SetGenPreMasterCb(WOLFSSL_CTX* ctx,
|
WOLFSSL_API void wolfSSL_CTX_SetGenPreMasterCb(WOLFSSL_CTX* ctx,
|
||||||
|
|||||||
Reference in New Issue
Block a user