diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2014-10-25 21:25:11 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2014-10-25 21:27:28 +0200 |
commit | 1bf16e8335bf34cbdf7095be576cc6d36aa3038a (patch) | |
tree | 9dc668742eeb16013efe87729117b1c775381b50 | |
parent | 996fe9f8a390fca98620dd5e25f6275a67c74a79 (diff) | |
download | gnutls-1bf16e8335bf34cbdf7095be576cc6d36aa3038a.tar.gz |
Improved support of draft-ietf-tls-session-hash-02.
Now the session hash is calculated correctly even when a
client certificate is sent. That is, the session hash now
does not take into account the CertificateVerify message.
-rw-r--r-- | lib/gnutls_handshake.c | 27 | ||||
-rw-r--r-- | lib/gnutls_int.h | 2 |
2 files changed, 24 insertions, 5 deletions
diff --git a/lib/gnutls_handshake.c b/lib/gnutls_handshake.c index cb00c821a9..2fec7c670f 100644 --- a/lib/gnutls_handshake.c +++ b/lib/gnutls_handshake.c @@ -116,6 +116,7 @@ recv_hello_verify_request(gnutls_session_t session, void _gnutls_handshake_hash_buffers_clear(gnutls_session_t session) { session->internals.handshake_hash_buffer_prev_len = 0; + session->internals.handshake_hash_buffer_client_kx_len = 0; _gnutls_buffer_clear(&session->internals.handshake_hash_buffer); } @@ -1355,6 +1356,13 @@ handshake_hash_add_recvd(gnutls_session_t session, return gnutls_assert_val(ret); } + /* save the size until client KX. That is because the TLS + * session hash is calculated up to this message. + */ + if (recv_type == GNUTLS_HANDSHAKE_CLIENT_KEY_EXCHANGE) + session->internals.handshake_hash_buffer_client_kx_len = + session->internals.handshake_hash_buffer.length; + return 0; } @@ -1397,6 +1405,10 @@ handshake_hash_add_sent(gnutls_session_t session, if (ret < 0) return gnutls_assert_val(ret); + if (type == GNUTLS_HANDSHAKE_CLIENT_KEY_EXCHANGE) + session->internals.handshake_hash_buffer_client_kx_len = + session->internals.handshake_hash_buffer.length; + return 0; } @@ -3591,6 +3603,12 @@ int _gnutls_handshake_get_session_hash(gnutls_session_t session, gnutls_datum_t if (unlikely(ver == NULL)) return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); + if (session->internals.handshake_hash_buffer_client_kx_len == 0 || + (session->internals.handshake_hash_buffer.length < + session->internals.handshake_hash_buffer_client_kx_len)) { + return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); + } + if (_gnutls_version_has_selectable_prf(ver)) { /* TLS 1.2+ */ gnutls_mac_algorithm_t prf; @@ -3604,8 +3622,8 @@ int _gnutls_handshake_get_session_hash(gnutls_session_t session, gnutls_datum_t _gnutls_hash_fast((gnutls_digest_algorithm_t)me->id, session->internals.handshake_hash_buffer. data, - session->internals.handshake_hash_buffer. - length, concat); + session->internals.handshake_hash_buffer_client_kx_len, + concat); if (ret < 0) return gnutls_assert_val(ret); @@ -3619,7 +3637,7 @@ int _gnutls_handshake_get_session_hash(gnutls_session_t session, gnutls_datum_t _gnutls_hash(&td_sha, session->internals.handshake_hash_buffer.data, - session->internals.handshake_hash_buffer.length); + session->internals.handshake_hash_buffer_client_kx_len); _gnutls_hash_deinit(&td_sha, &concat[16]); @@ -3631,8 +3649,7 @@ int _gnutls_handshake_get_session_hash(gnutls_session_t session, gnutls_datum_t _gnutls_hash(&td_md5, session->internals.handshake_hash_buffer.data, - session->internals.handshake_hash_buffer. - length); + session->internals.handshake_hash_buffer_client_kx_len); _gnutls_hash_deinit(&td_md5, concat); diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h index 2782bfc4e5..7faa5ace05 100644 --- a/lib/gnutls_int.h +++ b/lib/gnutls_int.h @@ -757,6 +757,8 @@ typedef struct { int handshake_hash_buffer_prev_len; /* keeps the length of handshake_hash_buffer, excluding * the last received message */ + unsigned handshake_hash_buffer_client_kx_len;/* if non-zero it is the length of data until the + * the client key exchange message */ gnutls_buffer_st handshake_hash_buffer; /* used to keep the last received handshake * message */ bool resumable; /* TRUE or FALSE - if we can resume that session */ |