wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-04 13:14:45 +02:00
Code Issues Packages Projects Releases Wiki Activity

Initial Extended Master Secret PK Callback ZD#19038

Browse Source
This commit is contained in:
night1rider
2024-12-19 15:37:50 -07:00
parent 836ee1cbd5
commit 2f4329306b
4 changed files with 51 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
src/ssl.c
View File

@@ -19234,6 +19234,29 @@ void* wolfSSL_GetGenMasterSecretCtx(WOLFSSL* ssl)
return NULL;
}
/* callback for extended master secret generation */
void wolfSSL_CTX_SetGenExtMasterSecretCb(WOLFSSL_CTX* ctx,
CallbackGenExtMasterSecret cb)
{
if (ctx)
ctx->GenExtMasterCb = cb;
}
/* Set extended master secret generation callback context */
void wolfSSL_SetGenExtMasterSecretCtx(WOLFSSL* ssl, void *ctx)
{
if (ssl)
ssl->GenExtMasterCtx = ctx;
}
/* Get extended master secret generation callback context */
void* wolfSSL_GetGenExtMasterSecretCtx(WOLFSSL* ssl)
{
if (ssl)
return ssl->GenExtMasterCtx;
return NULL;
}
/* callback for session key generation */
void wolfSSL_CTX_SetGenSessionKeyCb(WOLFSSL_CTX* ctx, CallbackGenSessionKey cb)
{

24
src/tls.c
View File

@@ -645,12 +645,24 @@ int MakeTlsMasterSecret(WOLFSSL* ssl)
XMEMSET(handshake_hash, 0, HSHASH_SZ);
ret = BuildTlsHandshakeHash(ssl, handshake_hash, &hashSz);
if (ret == 0) {
ret = _MakeTlsExtendedMasterSecret(
ssl->arrays->masterSecret, SECRET_LEN,
ssl->arrays->preMasterSecret, ssl->arrays->preMasterSz,
handshake_hash, hashSz,
IsAtLeastTLSv1_2(ssl), ssl->specs.mac_algorithm,
ssl->heap, ssl->devId);
#if !defined(NO_CERTS) && defined(HAVE_PK_CALLBACKS)
ret = PROTOCOLCB_UNAVAILABLE;
if (ssl->ctx->GenExtMasterCb) {
void* ctx = wolfSSL_GetGenExtMasterSecretCtx(ssl);
ret = ssl->ctx->GenExtMasterCb(ssl, handshake_hash, hashSz,
ctx);
}
if (!ssl->ctx->GenExtMasterCb ||
ret == WC_NO_ERR_TRACE(PROTOCOLCB_UNAVAILABLE))
#endif /* (HAVE_SECRET_CALLBACK) && (HAVE_EXT_SECRET_CALLBACK) */
{
ret = _MakeTlsExtendedMasterSecret(
ssl->arrays->masterSecret, SECRET_LEN,
ssl->arrays->preMasterSecret, ssl->arrays->preMasterSz,
handshake_hash, hashSz,
IsAtLeastTLSv1_2(ssl), ssl->specs.mac_algorithm,
ssl->heap, ssl->devId);
}
ForceZero(handshake_hash, hashSz);
}

3
wolfssl/internal.h
View File

@@ -4123,6 +4123,8 @@ struct WOLFSSL_CTX {
CallbackGenPreMaster GenPreMasterCb;
/* User generate master secret handler */
CallbackGenMasterSecret GenMasterCb;
/* User generate Extended master secret handler */
CallbackGenExtMasterSecret GenExtMasterCb;
/* User generate session key handler */
CallbackGenSessionKey GenSessionKeyCb;
/* User setting encrypt keys handler */
@@ -6168,6 +6170,7 @@ struct WOLFSSL {
#endif /* NO_RSA */
void* GenPreMasterCtx; /* Generate Premaster Callback Context */
void* GenMasterCtx; /* Generate Master Callback Context */
void* GenExtMasterCtx; /* Generate Extended Master Callback Context */
void* GenSessionKeyCtx; /* Generate Session Key Callback Context */
void* EncryptKeysCtx; /* Set Encrypt keys Callback Context */
void* TlsFinishedCtx; /* Generate Tls Finished Callback Context */

7
wolfssl/ssl.h
View File

@@ -4049,6 +4049,13 @@ WOLFSSL_API void wolfSSL_CTX_SetGenMasterSecretCb(WOLFSSL_CTX* ctx,
WOLFSSL_API void wolfSSL_SetGenMasterSecretCtx(WOLFSSL* ssl, void *ctx);
WOLFSSL_API void* wolfSSL_GetGenMasterSecretCtx(WOLFSSL* ssl);
typedef int (*CallbackGenExtMasterSecret)(WOLFSSL* ssl, byte* hash,
word32 hashsz, void* ctx);
WOLFSSL_API void wolfSSL_CTX_SetGenExtMasterSecretCb(WOLFSSL_CTX* ctx,
CallbackGenExtMasterSecret cb);
WOLFSSL_API void wolfSSL_SetGenExtMasterSecretCtx(WOLFSSL* ssl, void *ctx);
WOLFSSL_API void* wolfSSL_GetGenExtMasterSecretCtx(WOLFSSL* ssl);
typedef int (*CallbackGenPreMaster)(WOLFSSL* ssl, byte *premaster,
word32 preSz, void* ctx);
WOLFSSL_API void wolfSSL_CTX_SetGenPreMasterCb(WOLFSSL_CTX* ctx,