提交 1cf218bc 编写于 作者: D Dr. Stephen Henson

New compile time option OPENSSL_SSL_TRACE_CRYPTO, when set this passes

all derived keys to the message callback.

Add code to SSL_trace to include support for printing out keys.
上级 093050b6
......@@ -375,6 +375,27 @@ int ssl3_change_cipher_state(SSL *s, int which)
EVP_CipherInit_ex(dd,c,NULL,key,iv,(which & SSL3_CC_WRITE));
#ifdef OPENSSL_SSL_TRACE_CRYPTO
if (s->msg_callback)
{
int wh = which & SSL3_CC_WRITE ?
TLS1_RT_CRYPTO_WRITE : TLS1_RT_CRYPTO_READ;
s->msg_callback(2, s->version, wh | TLS1_RT_CRYPTO_MAC,
mac_secret, EVP_MD_size(m),
s, s->msg_callback_arg);
if (c->key_len)
s->msg_callback(2, s->version, wh | TLS1_RT_CRYPTO_KEY,
key, c->key_len,
s, s->msg_callback_arg);
if (k)
{
s->msg_callback(2, s->version, wh | TLS1_RT_CRYPTO_IV,
iv, k, s, s->msg_callback_arg);
}
}
#endif
OPENSSL_cleanse(&(exp_key[0]),sizeof(exp_key));
OPENSSL_cleanse(&(exp_iv[0]),sizeof(exp_iv));
EVP_MD_CTX_cleanup(&md);
......@@ -797,6 +818,9 @@ int ssl3_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p,
EVP_MD_CTX ctx;
int i,ret=0;
unsigned int n;
#ifdef SSL_TRACE_CRYPTO_DEBUG
unsigned char *tmpout = out;
#endif
EVP_MD_CTX_init(&ctx);
for (i=0; i<3; i++)
......@@ -818,6 +842,23 @@ int ssl3_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p,
ret+=n;
}
EVP_MD_CTX_cleanup(&ctx);
#ifdef SSL_TRACE_CRYPTO_DEBUG
if (s->msg_callback)
{
s->msg_callback(2, s->version, TLS1_RT_CRYPTO_PREMASTER,
p, len, s, s->msg_callback_arg);
s->msg_callback(2, s->version, TLS1_RT_CRYPTO_CLIENT_RANDOM,
s->s3->client_random, SSL3_RANDOM_SIZE,
s, s->msg_callback_arg);
s->msg_callback(2, s->version, TLS1_RT_CRYPTO_SERVER_RANDOM,
s->s3->server_random, SSL3_RANDOM_SIZE,
s, s->msg_callback_arg);
s->msg_callback(2, s->version, TLS1_RT_CRYPTO_MASTER,
tmpout, SSL3_MASTER_SECRET_SIZE,
s, s->msg_callback_arg);
}
#endif
return(ret);
}
......
......@@ -324,6 +324,20 @@ extern "C" {
#define SSL3_RT_APPLICATION_DATA 23
#define TLS1_RT_HEARTBEAT 24
/* Pseudo content types to indicate additional parameters */
#define TLS1_RT_CRYPTO 0x1000
#define TLS1_RT_CRYPTO_PREMASTER (TLS1_RT_CRYPTO | 0x1)
#define TLS1_RT_CRYPTO_CLIENT_RANDOM (TLS1_RT_CRYPTO | 0x2)
#define TLS1_RT_CRYPTO_SERVER_RANDOM (TLS1_RT_CRYPTO | 0x3)
#define TLS1_RT_CRYPTO_MASTER (TLS1_RT_CRYPTO | 0x4)
#define TLS1_RT_CRYPTO_READ 0x0000
#define TLS1_RT_CRYPTO_WRITE 0x0100
#define TLS1_RT_CRYPTO_MAC (TLS1_RT_CRYPTO | 0x5)
#define TLS1_RT_CRYPTO_KEY (TLS1_RT_CRYPTO | 0x6)
#define TLS1_RT_CRYPTO_IV (TLS1_RT_CRYPTO | 0x7)
#define TLS1_RT_CRYPTO_FIXED_IV (TLS1_RT_CRYPTO | 0x8)
#define SSL3_AL_WARNING 1
#define SSL3_AL_FATAL 2
......
......@@ -556,6 +556,30 @@ printf("which = %04X\nmac key=",which);
EVP_CIPHER_CTX_ctrl(dd,EVP_CTRL_AEAD_SET_MAC_KEY,
*mac_secret_size,mac_secret);
#ifdef OPENSSL_SSL_TRACE_CRYPTO
if (s->msg_callback)
{
int wh = which & SSL3_CC_WRITE ? TLS1_RT_CRYPTO_WRITE : 0;
if (*mac_secret_size)
s->msg_callback(2, s->version, wh | TLS1_RT_CRYPTO_MAC,
mac_secret, *mac_secret_size,
s, s->msg_callback_arg);
if (c->key_len)
s->msg_callback(2, s->version, wh | TLS1_RT_CRYPTO_KEY,
key, c->key_len,
s, s->msg_callback_arg);
if (k)
{
if (EVP_CIPHER_mode(c) == EVP_CIPH_GCM_MODE)
wh |= TLS1_RT_CRYPTO_FIXED_IV;
else
wh |= TLS1_RT_CRYPTO_IV;
s->msg_callback(2, s->version, wh, iv, k,
s, s->msg_callback_arg);
}
}
#endif
#ifdef TLS_DEBUG
printf("which = %04X\nkey=",which);
{ int z; for (z=0; z<EVP_CIPHER_key_length(c); z++) printf("%02X%c",key[z],((z+1)%16)?' ':'\n'); }
......@@ -1118,6 +1142,24 @@ int tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p,
BIO_dump_fp(stderr, (char *)s->session->master_key, SSL3_MASTER_SECRET_SIZE);
#endif
#ifdef OPENSSL_SSL_TRACE_CRYPTO
if (s->msg_callback)
{
s->msg_callback(2, s->version, TLS1_RT_CRYPTO_PREMASTER,
p, len, s, s->msg_callback_arg);
s->msg_callback(2, s->version, TLS1_RT_CRYPTO_CLIENT_RANDOM,
s->s3->client_random, SSL3_RANDOM_SIZE,
s, s->msg_callback_arg);
s->msg_callback(2, s->version, TLS1_RT_CRYPTO_SERVER_RANDOM,
s->s3->server_random, SSL3_RANDOM_SIZE,
s, s->msg_callback_arg);
s->msg_callback(2, s->version, TLS1_RT_CRYPTO_MASTER,
s->session->master_key,
SSL3_MASTER_SECRET_SIZE,
s, s->msg_callback_arg);
}
#endif
#ifdef KSSL_DEBUG
printf ("tls1_generate_master_secret() complete\n");
#endif /* KSSL_DEBUG */
......
......@@ -444,6 +444,21 @@ static ssl_trace_tbl ssl_ctype_tbl[] = {
{66, "ecdsa_fixed_ecdh"}
};
static ssl_trace_tbl ssl_crypto_tbl[] = {
{TLS1_RT_CRYPTO_PREMASTER, "Premaster Secret"},
{TLS1_RT_CRYPTO_CLIENT_RANDOM, "Client Random"},
{TLS1_RT_CRYPTO_SERVER_RANDOM, "Server Random"},
{TLS1_RT_CRYPTO_MASTER, "Master Secret"},
{TLS1_RT_CRYPTO_MAC|TLS1_RT_CRYPTO_WRITE, "Write Mac Secret"},
{TLS1_RT_CRYPTO_MAC|TLS1_RT_CRYPTO_READ, "Read Mac Secret"},
{TLS1_RT_CRYPTO_KEY|TLS1_RT_CRYPTO_WRITE, "Write Key"},
{TLS1_RT_CRYPTO_KEY|TLS1_RT_CRYPTO_READ, "Read Key"},
{TLS1_RT_CRYPTO_IV|TLS1_RT_CRYPTO_WRITE, "Write IV"},
{TLS1_RT_CRYPTO_IV|TLS1_RT_CRYPTO_READ, "Read IV"},
{TLS1_RT_CRYPTO_FIXED_IV|TLS1_RT_CRYPTO_WRITE, "Write IV (fixed part)"},
{TLS1_RT_CRYPTO_FIXED_IV|TLS1_RT_CRYPTO_READ, "Read IV (fixed part)"}
};
static void ssl_print_hex(BIO *bio, int indent, const char *name,
const unsigned char *msg, size_t msglen)
{
......@@ -1194,6 +1209,15 @@ void SSL_trace(int write_p, int version, int content_type,
const unsigned char *msg = buf;
BIO *bio = arg;
if (write_p == 2)
{
BIO_puts(bio, "Session ");
ssl_print_hex(bio, 0,
ssl_trace_str(content_type, ssl_crypto_tbl),
msg, msglen);
return;
}
BIO_printf(bio, "%s Record: Version = %s (0x%x)",
write_p ? "Sent" : "Received",
ssl_trace_str(version, ssl_version_tbl),
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册