wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-29 18:27:29 +02:00
Code Issues Packages Projects Releases Wiki Activity

DTLS 1.3: tie cookie to peer address

Browse Source
This commit is contained in:
Juliusz Sosinowicz
2022-06-30 16:58:41 +02:00
parent e605cfeccb
commit dd7073740b
1 changed files with 14 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
src/tls13.c
View File

@ -2832,6 +2832,13 @@ static int CreateCookie(WOLFSSL* ssl, byte* hash, byte hashSz)
return ret;
if ((ret = wc_HmacUpdate(&cookieHmac, hash, hashSz)) != 0)
return ret;
#ifdef WOLFSSL_DTLS13
/* Tie cookie to peer address */
if (ssl->options.dtls && ssl->buffers.dtlsCtx.peer.sz > 0 &&
(ret = wc_HmacUpdate(&cookieHmac, ssl->buffers.dtlsCtx.peer.sa,
ssl->buffers.dtlsCtx.peer.sz)) != 0)
return ret;
#endif
if ((ret = wc_HmacFinal(&cookieHmac, mac)) != 0)
return ret;
@ -4775,6 +4782,13 @@ static int CheckCookie(WOLFSSL* ssl, byte* cookie, byte cookieSz)
return ret;
if ((ret = wc_HmacUpdate(&cookieHmac, cookie, cookieSz)) != 0)
return ret;
#ifdef WOLFSSL_DTLS13
/* Tie cookie to peer address */
if (ssl->options.dtls && ssl->buffers.dtlsCtx.peer.sz > 0 &&
(ret = wc_HmacUpdate(&cookieHmac, ssl->buffers.dtlsCtx.peer.sa,
ssl->buffers.dtlsCtx.peer.sz)) != 0)
return ret;
#endif
if ((ret = wc_HmacFinal(&cookieHmac, mac)) != 0)
return ret;