mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2025-07-31 19:24:42 +02:00
make RNG in ssl dynamic, release after hs if stream or < tls1.1
This commit is contained in:
toddouska
@@ -217,7 +217,8 @@ enum {
|
||||
DYNAMIC_TYPE_OCSP_ENTRY = 28,
|
||||
DYNAMIC_TYPE_ALTNAME = 29,
|
||||
DYNAMIC_TYPE_SUITES = 30,
|
||||
DYNAMIC_TYPE_CIPHER = 31
|
||||
DYNAMIC_TYPE_CIPHER = 31,
|
||||
DYNAMIC_TYPE_RNG = 32
|
||||
};
|
||||
|
||||
/* stack protection */
|
||||
|
||||
@@ -1226,7 +1226,7 @@ struct CYASSL {
|
||||
CYASSL_BIO* biowr; /* socket bio write to free/close */
|
||||
void* IOCB_ReadCtx;
|
||||
void* IOCB_WriteCtx;
|
||||
RNG rng;
|
||||
RNG* rng;
|
||||
Md5 hashMd5; /* md5 hash of handshake msgs */
|
||||
Sha hashSha; /* sha hash of handshake msgs */
|
||||
#ifndef NO_SHA256
|
||||
|
||||
@@ -1054,6 +1054,7 @@ int InitSSL(CYASSL* ssl, CYASSL_CTX* ctx)
|
||||
ssl->arrays.server_hint[0] = 0;
|
||||
#endif /* NO_PSK */
|
||||
|
||||
ssl->rng = NULL;
|
||||
InitCiphers(ssl);
|
||||
/* all done with init, now can return errors, call other stuff */
|
||||
|
||||
@@ -1065,7 +1066,13 @@ int InitSSL(CYASSL* ssl, CYASSL_CTX* ctx)
|
||||
ctx->refCount++;
|
||||
UnLockMutex(&ctx->countMutex);
|
||||
|
||||
if ( (ret = InitRng(&ssl->rng)) != 0)
|
||||
ssl->rng = (RNG*)XMALLOC(sizeof(RNG), ssl->heap, DYNAMIC_TYPE_RNG);
|
||||
if (ssl->rng == NULL) {
|
||||
CYASSL_MSG("RNG Memory error");
|
||||
return MEMORY_E;
|
||||
}
|
||||
|
||||
if ( (ret = InitRng(ssl->rng)) != 0)
|
||||
return ret;
|
||||
|
||||
ssl->suites = (Suites*)XMALLOC(sizeof(Suites), ssl->heap,
|
||||
@@ -1101,6 +1108,7 @@ int InitSSL(CYASSL* ssl, CYASSL_CTX* ctx)
|
||||
void SSL_ResourceFree(CYASSL* ssl)
|
||||
{
|
||||
FreeCiphers(ssl);
|
||||
XFREE(ssl->rng, ssl->heap, DYNAMIC_TYPE_RNG);
|
||||
XFREE(ssl->suites, ssl->heap, DYNAMIC_TYPE_SUITES);
|
||||
XFREE(ssl->buffers.serverDH_Priv.buffer, ssl->heap, DYNAMIC_TYPE_DH);
|
||||
XFREE(ssl->buffers.serverDH_Pub.buffer, ssl->heap, DYNAMIC_TYPE_DH);
|
||||
@@ -1149,11 +1157,19 @@ void SSL_ResourceFree(CYASSL* ssl)
|
||||
/* Free any handshake resources no longer needed */
|
||||
void FreeHandshakeResources(CYASSL* ssl)
|
||||
{
|
||||
/* input buffer */
|
||||
if (ssl->buffers.inputBuffer.dynamicFlag)
|
||||
ShrinkInputBuffer(ssl, NO_FORCED_FREE);
|
||||
|
||||
/* suites */
|
||||
XFREE(ssl->suites, ssl->heap, DYNAMIC_TYPE_SUITES);
|
||||
ssl->suites = NULL;
|
||||
|
||||
/* RNG */
|
||||
if (ssl->specs.cipher_type == stream || ssl->options.tls1_1 == 0) {
|
||||
XFREE(ssl->rng, ssl->heap, DYNAMIC_TYPE_RNG);
|
||||
ssl->rng = NULL;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -3269,7 +3285,7 @@ static int BuildMessage(CYASSL* ssl, byte* output, const byte* input, int inSz,
|
||||
if (ssl->options.tls1_1) {
|
||||
ivSz = blockSz;
|
||||
sz += ivSz;
|
||||
RNG_GenerateBlock(&ssl->rng, iv, ivSz);
|
||||
RNG_GenerateBlock(ssl->rng, iv, ivSz);
|
||||
}
|
||||
sz += 1; /* pad byte */
|
||||
pad = (sz - headerSz) % blockSz;
|
||||
@@ -4708,7 +4724,7 @@ int SetCipherList(Suites* s, const char* list)
|
||||
|
||||
/* then random */
|
||||
if (ssl->options.connectState == CONNECT_BEGIN) {
|
||||
RNG_GenerateBlock(&ssl->rng, output + idx, RAN_LEN);
|
||||
RNG_GenerateBlock(ssl->rng, output + idx, RAN_LEN);
|
||||
|
||||
/* store random */
|
||||
XMEMCPY(ssl->arrays.clientRandom, output + idx, RAN_LEN);
|
||||
@@ -5187,7 +5203,7 @@ int SetCipherList(Suites* s, const char* list)
|
||||
int ret = 0;
|
||||
|
||||
if (ssl->specs.kea == rsa_kea) {
|
||||
RNG_GenerateBlock(&ssl->rng, ssl->arrays.preMasterSecret,
|
||||
RNG_GenerateBlock(ssl->rng, ssl->arrays.preMasterSecret,
|
||||
SECRET_LEN);
|
||||
ssl->arrays.preMasterSecret[0] = ssl->chVersion.major;
|
||||
ssl->arrays.preMasterSecret[1] = ssl->chVersion.minor;
|
||||
@@ -5198,7 +5214,7 @@ int SetCipherList(Suites* s, const char* list)
|
||||
|
||||
ret = RsaPublicEncrypt(ssl->arrays.preMasterSecret, SECRET_LEN,
|
||||
encSecret, sizeof(encSecret), &ssl->peerRsaKey,
|
||||
&ssl->rng);
|
||||
ssl->rng);
|
||||
if (ret > 0) {
|
||||
encSz = ret;
|
||||
ret = 0; /* set success to 0 */
|
||||
@@ -5221,7 +5237,7 @@ int SetCipherList(Suites* s, const char* list)
|
||||
serverG.buffer, serverG.length);
|
||||
if (ret == 0)
|
||||
/* for DH, encSecret is Yc, agree is pre-master */
|
||||
ret = DhGenerateKeyPair(&key, &ssl->rng, priv, &privSz,
|
||||
ret = DhGenerateKeyPair(&key, ssl->rng, priv, &privSz,
|
||||
encSecret, &encSz);
|
||||
if (ret == 0)
|
||||
ret = DhAgree(&key, ssl->arrays.preMasterSecret,
|
||||
@@ -5263,7 +5279,7 @@ int SetCipherList(Suites* s, const char* list)
|
||||
'C', 'y', 'a', 'S', 'S', 'L', ' ', 'N', 'T', 'R', 'U'
|
||||
};
|
||||
|
||||
RNG_GenerateBlock(&ssl->rng, ssl->arrays.preMasterSecret,
|
||||
RNG_GenerateBlock(ssl->rng, ssl->arrays.preMasterSecret,
|
||||
SECRET_LEN);
|
||||
ssl->arrays.preMasterSz = SECRET_LEN;
|
||||
|
||||
@@ -5305,7 +5321,7 @@ int SetCipherList(Suites* s, const char* list)
|
||||
}
|
||||
|
||||
ecc_init(&myKey);
|
||||
ret = ecc_make_key(&ssl->rng, peerKey->dp->size, &myKey);
|
||||
ret = ecc_make_key(ssl->rng, peerKey->dp->size, &myKey);
|
||||
if (ret != 0)
|
||||
return ECC_MAKEKEY_ERROR;
|
||||
|
||||
@@ -5472,7 +5488,7 @@ int SetCipherList(Suites* s, const char* list)
|
||||
word32 localSz = sigOutSz;
|
||||
ret = ecc_sign_hash(signBuffer + MD5_DIGEST_SIZE,
|
||||
SHA_DIGEST_SIZE, verify + extraSz + VERIFY_HEADER,
|
||||
&localSz, &ssl->rng, &eccKey);
|
||||
&localSz, ssl->rng, &eccKey);
|
||||
#endif
|
||||
}
|
||||
else {
|
||||
@@ -5491,7 +5507,7 @@ int SetCipherList(Suites* s, const char* list)
|
||||
}
|
||||
|
||||
ret = RsaSSL_Sign(signBuffer, signSz, verify + extraSz +
|
||||
VERIFY_HEADER, ENCRYPT_LEN, &key, &ssl->rng);
|
||||
VERIFY_HEADER, ENCRYPT_LEN, &key, ssl->rng);
|
||||
|
||||
if (ret > 0)
|
||||
ret = 0; /* RSA reset */
|
||||
@@ -5577,7 +5593,7 @@ int SetCipherList(Suites* s, const char* list)
|
||||
|
||||
/* then random */
|
||||
if (!ssl->options.resuming)
|
||||
RNG_GenerateBlock(&ssl->rng, ssl->arrays.serverRandom, RAN_LEN);
|
||||
RNG_GenerateBlock(ssl->rng, ssl->arrays.serverRandom, RAN_LEN);
|
||||
XMEMCPY(output + idx, ssl->arrays.serverRandom, RAN_LEN);
|
||||
idx += RAN_LEN;
|
||||
|
||||
@@ -5593,7 +5609,7 @@ int SetCipherList(Suites* s, const char* list)
|
||||
/* then session id */
|
||||
output[idx++] = ID_LEN;
|
||||
if (!ssl->options.resuming)
|
||||
RNG_GenerateBlock(&ssl->rng, ssl->arrays.sessionID, ID_LEN);
|
||||
RNG_GenerateBlock(ssl->rng, ssl->arrays.sessionID, ID_LEN);
|
||||
XMEMCPY(output + idx, ssl->arrays.sessionID, ID_LEN);
|
||||
idx += ID_LEN;
|
||||
|
||||
@@ -5859,7 +5875,7 @@ int SetCipherList(Suites* s, const char* list)
|
||||
signBuffer = encodedSig;
|
||||
}
|
||||
ret = RsaSSL_Sign(signBuffer, signSz, output + idx, sigSz,
|
||||
&rsaKey, &ssl->rng);
|
||||
&rsaKey, ssl->rng);
|
||||
FreeRsaKey(&rsaKey);
|
||||
ecc_free(&dsaKey);
|
||||
if (ret > 0)
|
||||
@@ -5871,7 +5887,7 @@ int SetCipherList(Suites* s, const char* list)
|
||||
word32 sz = sigSz;
|
||||
|
||||
ret = ecc_sign_hash(&hash[MD5_DIGEST_SIZE], SHA_DIGEST_SIZE,
|
||||
output + idx, &sz, &ssl->rng, &dsaKey);
|
||||
output + idx, &sz, ssl->rng, &dsaKey);
|
||||
FreeRsaKey(&rsaKey);
|
||||
ecc_free(&dsaKey);
|
||||
if (ret < 0) return ret;
|
||||
@@ -5933,7 +5949,7 @@ int SetCipherList(Suites* s, const char* list)
|
||||
ssl->buffers.serverDH_G.buffer,
|
||||
ssl->buffers.serverDH_G.length);
|
||||
if (ret == 0)
|
||||
ret = DhGenerateKeyPair(&dhKey, &ssl->rng,
|
||||
ret = DhGenerateKeyPair(&dhKey, ssl->rng,
|
||||
ssl->buffers.serverDH_Priv.buffer,
|
||||
&ssl->buffers.serverDH_Priv.length,
|
||||
ssl->buffers.serverDH_Pub.buffer,
|
||||
@@ -6061,7 +6077,7 @@ int SetCipherList(Suites* s, const char* list)
|
||||
signBuffer = encodedSig;
|
||||
}
|
||||
ret = RsaSSL_Sign(signBuffer, signSz, output + idx, sigSz,
|
||||
&rsaKey, &ssl->rng);
|
||||
&rsaKey, ssl->rng);
|
||||
FreeRsaKey(&rsaKey);
|
||||
if (ret <= 0)
|
||||
return ret;
|
||||
@@ -6644,7 +6660,7 @@ int SetCipherList(Suites* s, const char* list)
|
||||
return UNSUPPORTED_SUITE;
|
||||
}
|
||||
|
||||
RNG_GenerateBlock(&ssl->rng, ssl->arrays.serverRandom, RAN_LEN);
|
||||
RNG_GenerateBlock(ssl->rng, ssl->arrays.serverRandom, RAN_LEN);
|
||||
if (ssl->options.tls)
|
||||
ret = DeriveTlsKeys(ssl);
|
||||
else
|
||||
@@ -6806,7 +6822,7 @@ int SetCipherList(Suites* s, const char* list)
|
||||
return UNSUPPORTED_SUITE;
|
||||
}
|
||||
|
||||
RNG_GenerateBlock(&ssl->rng, ssl->arrays.serverRandom, RAN_LEN);
|
||||
RNG_GenerateBlock(ssl->rng, ssl->arrays.serverRandom, RAN_LEN);
|
||||
if (ssl->options.tls)
|
||||
ret = DeriveTlsKeys(ssl);
|
||||
else
|
||||
|
||||
@@ -1098,7 +1098,7 @@ int StoreKeys(CYASSL* ssl, const byte* keyData)
|
||||
XMEMCPY(ssl->keys.server_write_IV, &keyData[i], sz);
|
||||
|
||||
return SetKeys(&ssl->encrypt, &ssl->decrypt, &ssl->keys, &ssl->specs,
|
||||
ssl->options.side, ssl->heap, &ssl->rng);
|
||||
ssl->options.side, ssl->heap, ssl->rng);
|
||||
}
|
||||
|
||||
|
||||
@@ -1156,7 +1156,7 @@ static void CleanPreMaster(CYASSL* ssl)
|
||||
for (i = 0; i < sz; i++)
|
||||
ssl->arrays.preMasterSecret[i] = 0;
|
||||
|
||||
RNG_GenerateBlock(&ssl->rng, ssl->arrays.preMasterSecret, sz);
|
||||
RNG_GenerateBlock(ssl->rng, ssl->arrays.preMasterSecret, sz);
|
||||
|
||||
for (i = 0; i < sz; i++)
|
||||
ssl->arrays.preMasterSecret[i] = 0;
|
||||
|
||||
39
src/ssl.c
39
src/ssl.c
@@ -213,25 +213,24 @@ int CyaSSL_negotiate(CYASSL* ssl)
|
||||
int CyaSSL_GetObjectSize(void)
|
||||
{
|
||||
#ifdef SHOW_SIZES
|
||||
printf("sizeof suites = %d\n", sizeof(Suites));
|
||||
printf("sizeof ciphers(2) = %d\n", sizeof(Ciphers));
|
||||
printf("\tsizeof arc4 = %d\n", sizeof(Arc4));
|
||||
printf("\tsizeof aes = %d\n", sizeof(Aes));
|
||||
printf("\tsizeof des3 = %d\n", sizeof(Des3));
|
||||
printf("\tsizeof rabbit = %d\n", sizeof(Rabbitj));
|
||||
printf("sizeof cipher specs = %d\n", sizeof(CipherSpecs));
|
||||
printf("sizeof keys = %d\n", sizeof(Keys));
|
||||
printf("sizeof RNG = %d\n", sizeof(RNG));
|
||||
printf("sizeof MD5 = %d\n", sizeof(Md5));
|
||||
printf("sizeof SHA = %d\n", sizeof(Sha));
|
||||
printf("sizeof SHA256 = %d\n", sizeof(Sha256));
|
||||
printf("sizeof Hashes(2) = %d\n", sizeof(Hashes));
|
||||
printf("sizeof Buffers = %d\n", sizeof(Buffers));
|
||||
printf("sizeof Options = %d\n", sizeof(Options));
|
||||
printf("sizeof Arrays = %d\n", sizeof(Arrays));
|
||||
printf("sizeof Session = %d\n", sizeof(CYASSL_SESSION));
|
||||
printf("sizeof peerKey = %d\n", sizeof(RsaKey));
|
||||
printf("sizeof CYASSL_CIPHER = %d\n", sizeof(CYASSL_CIPHER));
|
||||
printf("sizeof suites = %lu\n", sizeof(Suites));
|
||||
printf("sizeof ciphers(2) = %lu\n", sizeof(Ciphers));
|
||||
printf("\tsizeof arc4 = %lu\n", sizeof(Arc4));
|
||||
printf("\tsizeof aes = %lu\n", sizeof(Aes));
|
||||
printf("\tsizeof des3 = %lu\n", sizeof(Des3));
|
||||
printf("\tsizeof rabbit = %lu\n", sizeof(Rabbit));
|
||||
printf("sizeof cipher specs = %lu\n", sizeof(CipherSpecs));
|
||||
printf("sizeof keys = %lu\n", sizeof(Keys));
|
||||
printf("sizeof MD5 = %lu\n", sizeof(Md5));
|
||||
printf("sizeof SHA = %lu\n", sizeof(Sha));
|
||||
printf("sizeof SHA256 = %lu\n", sizeof(Sha256));
|
||||
printf("sizeof Hashes(2) = %lu\n", sizeof(Hashes));
|
||||
printf("sizeof Buffers = %lu\n", sizeof(Buffers));
|
||||
printf("sizeof Options = %lu\n", sizeof(Options));
|
||||
printf("sizeof Arrays = %lu\n", sizeof(Arrays));
|
||||
printf("sizeof Session = %lu\n", sizeof(CYASSL_SESSION));
|
||||
printf("sizeof peerKey = %lu\n", sizeof(RsaKey));
|
||||
printf("sizeof CYASSL_CIPHER = %lu\n", sizeof(CYASSL_CIPHER));
|
||||
#endif
|
||||
|
||||
return sizeof(CYASSL);
|
||||
@@ -2490,7 +2489,7 @@ int CyaSSL_set_cipher_list(CYASSL* ssl, const char* list)
|
||||
#ifdef HAVE_ECC
|
||||
/* in case used set_accept_state after init */
|
||||
if (ssl->eccTempKeyPresent == 0) {
|
||||
if (ecc_make_key(&ssl->rng, ssl->eccTempKeySz,
|
||||
if (ecc_make_key(ssl->rng, ssl->eccTempKeySz,
|
||||
&ssl->eccTempKey) != 0) {
|
||||
ssl->error = ECC_MAKEKEY_ERROR;
|
||||
CYASSL_ERROR(ssl->error);
|
||||
|
||||
Reference in New Issue
Block a user