eden-emu/mbedtls
15
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Move ssl_set_rng() to act on config

Browse source
This commit is contained in:
Manuel Pégourié-Gonnard 2015-05-07 12:35:38 +01:00
parent 5cb3308e5f
commit 750e4d7769
15 changed files with 52 additions and 51 deletions
Download patch file Download diff file Expand all files Collapse all files

24
library/ssl_srv.c
View file

@ -197,7 +197,7 @@ static int ssl_write_ticket( mbedtls_ssl_context *ssl, size_t *tlen )
p += 16;
/* Generate and write IV (with a copy for aes_crypt) */
if( ( ret = ssl->f_rng( ssl->p_rng, p, 16 ) ) != 0 )
if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, p, 16 ) ) != 0 )
return( ret );
memcpy( iv, p, 16 );
p += 16;
@ -2417,7 +2417,7 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl )
}
#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */
if( ssl->f_rng == NULL )
if( ssl->conf->f_rng == NULL )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "no RNG provided") );
return( MBEDTLS_ERR_SSL_NO_RNG );
@ -2449,13 +2449,13 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl )
MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, current time: %lu", t ) );
#else
if( ( ret = ssl->f_rng( ssl->p_rng, p, 4 ) ) != 0 )
if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, p, 4 ) ) != 0 )
return( ret );
p += 4;
#endif /* MBEDTLS_HAVE_TIME */
if( ( ret = ssl->f_rng( ssl->p_rng, p, 28 ) ) != 0 )
if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, p, 28 ) ) != 0 )
return( ret );
p += 28;
@ -2503,7 +2503,7 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl )
#endif /* MBEDTLS_SSL_SESSION_TICKETS */
{
ssl->session_negotiate->length = n = 32;
if( ( ret = ssl->f_rng( ssl->p_rng, ssl->session_negotiate->id,
if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, ssl->session_negotiate->id,
n ) ) != 0 )
return( ret );
}
@ -2895,7 +2895,7 @@ static int ssl_write_server_key_exchange( mbedtls_ssl_context *ssl )
if( ( ret = mbedtls_dhm_make_params( &ssl->handshake->dhm_ctx,
(int) mbedtls_mpi_size( &ssl->handshake->dhm_ctx.P ),
p, &len, ssl->f_rng, ssl->p_rng ) ) != 0 )
p, &len, ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_make_params", ret );
return( ret );
@ -2960,7 +2960,7 @@ curve_matching_done:
if( ( ret = mbedtls_ecdh_make_params( &ssl->handshake->ecdh_ctx, &len,
p, MBEDTLS_SSL_MAX_CONTENT_LEN - n,
ssl->f_rng, ssl->p_rng ) ) != 0 )
ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_make_params", ret );
return( ret );
@ -3124,7 +3124,7 @@ curve_matching_done:
if( ( ret = mbedtls_pk_sign( mbedtls_ssl_own_key( ssl ), md_alg, hash, hashlen,
p + 2 , &signature_len,
ssl->f_rng, ssl->p_rng ) ) != 0 )
ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_pk_sign", ret );
return( ret );
@ -3282,14 +3282,14 @@ static int ssl_parse_encrypted_pms( mbedtls_ssl_context *ssl,
* Also, avoid data-dependant branches here to protect against
* timing-based variants.
*/
ret = ssl->f_rng( ssl->p_rng, fake_pms, sizeof( fake_pms ) );
ret = ssl->conf->f_rng( ssl->conf->p_rng, fake_pms, sizeof( fake_pms ) );
if( ret != 0 )
return( ret );
ret = mbedtls_pk_decrypt( mbedtls_ssl_own_key( ssl ), p, len,
peer_pms, &peer_pmslen,
sizeof( peer_pms ),
ssl->f_rng, ssl->p_rng );
ssl->conf->f_rng, ssl->conf->p_rng );
diff = (size_t) ret;
diff |= peer_pmslen ^ 48;
@ -3438,7 +3438,7 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl )
if( ( ret = mbedtls_dhm_calc_secret( &ssl->handshake->dhm_ctx,
ssl->handshake->premaster,
&ssl->handshake->pmslen,
ssl->f_rng, ssl->p_rng ) ) != 0 )
ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_calc_secret", ret );
return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS );
@ -3470,7 +3470,7 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl )
&ssl->handshake->pmslen,
ssl->handshake->premaster,
MBEDTLS_MPI_MAX_SIZE,
ssl->f_rng, ssl->p_rng ) ) != 0 )
ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_calc_secret", ret );
return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS );