Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
OpenHarmony
Third Party Openssl
提交
74b4b494
T
Third Party Openssl
项目概览
OpenHarmony
/
Third Party Openssl
大约 1 年 前同步成功
通知
9
Star
18
Fork
1
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
T
Third Party Openssl
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
提交
74b4b494
编写于
2月 22, 2012
作者:
D
Dr. Stephen Henson
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
SSL export fixes (from Adam Langley) [original from 1.0.1]
上级
de2b5b74
变更
5
隐藏空白更改
内联
并排
Showing
5 changed file
with
55 addition
and
46 deletion
+55
-46
ssl/s3_lib.c
ssl/s3_lib.c
+2
-2
ssl/ssl_lib.c
ssl/ssl_lib.c
+6
-5
ssl/ssl_locl.h
ssl/ssl_locl.h
+8
-8
ssl/t1_enc.c
ssl/t1_enc.c
+29
-29
ssl/tls1.h
ssl/tls1.h
+10
-2
未找到文件。
ssl/s3_lib.c
浏览文件 @
74b4b494
...
...
@@ -2904,8 +2904,8 @@ SSL3_ENC_METHOD SSLv3_enc_data={
SSL3_MD_CLIENT_FINISHED_CONST
,
4
,
SSL3_MD_SERVER_FINISHED_CONST
,
4
,
ssl3_alert_code
,
(
int
(
*
)(
SSL
*
,
unsigned
char
*
,
unsigned
in
t
,
const
char
*
,
unsigned
int
,
const
unsigned
char
*
,
unsigned
in
t
,
(
int
(
*
)(
SSL
*
,
unsigned
char
*
,
size_
t
,
const
char
*
,
size_t
,
const
unsigned
char
*
,
size_
t
,
int
use_context
))
ssl_undefined_function
,
};
...
...
ssl/ssl_lib.c
浏览文件 @
74b4b494
...
...
@@ -178,9 +178,9 @@ SSL3_ENC_METHOD ssl3_undef_enc_method={
NULL
,
/* server_finished_label */
0
,
/* server_finished_label_len */
(
int
(
*
)(
int
))
ssl_undefined_function
,
(
int
(
*
)(
SSL
*
,
unsigned
char
*
,
unsigned
in
t
,
const
char
*
,
unsigned
int
,
const
unsigned
char
*
,
unsigned
in
t
,
int
use_context
))
ssl_undefined_function
,
(
int
(
*
)(
SSL
*
,
unsigned
char
*
,
size_
t
,
const
char
*
,
size_t
,
const
unsigned
char
*
,
size_
t
,
int
use_context
))
ssl_undefined_function
,
};
int
SSL_clear
(
SSL
*
s
)
...
...
@@ -1632,8 +1632,9 @@ void SSL_CTX_set_next_proto_select_cb(SSL_CTX *ctx, int (*cb) (SSL *s, unsigned
# endif
#endif
int
SSL_export_keying_material
(
SSL
*
s
,
unsigned
char
*
out
,
int
olen
,
char
*
label
,
int
llen
,
unsigned
char
*
p
,
int
plen
,
int
use_context
)
int
SSL_export_keying_material
(
SSL
*
s
,
unsigned
char
*
out
,
size_t
olen
,
const
char
*
label
,
size_t
llen
,
const
unsigned
char
*
p
,
size_t
plen
,
int
use_context
)
{
if
(
s
->
version
<
TLS1_VERSION
)
return
-
1
;
...
...
ssl/ssl_locl.h
浏览文件 @
74b4b494
...
...
@@ -571,11 +571,11 @@ typedef struct ssl3_enc_method
const
char
*
server_finished_label
;
int
server_finished_label_len
;
int
(
*
alert_value
)(
int
);
int
(
*
export_keying_material
)(
SSL
*
,
unsigned
char
*
,
unsigned
in
t
,
const
char
*
,
unsigned
in
t
,
const
unsigned
char
*
,
unsigned
in
t
,
int
use_context
);
}
SSL3_ENC_METHOD
;
int
(
*
export_keying_material
)(
SSL
*
,
unsigned
char
*
,
size_
t
,
const
char
*
,
size_
t
,
const
unsigned
char
*
,
size_
t
,
int
use_context
);
}
SSL3_ENC_METHOD
;
#ifndef OPENSSL_NO_COMP
/* Used for holding the relevant compression methods loaded into SSL_CTX */
...
...
@@ -1068,9 +1068,9 @@ int tls1_cert_verify_mac(SSL *s, int md_nid, unsigned char *p);
int
tls1_mac
(
SSL
*
ssl
,
unsigned
char
*
md
,
int
snd
);
int
tls1_generate_master_secret
(
SSL
*
s
,
unsigned
char
*
out
,
unsigned
char
*
p
,
int
len
);
int
tls1_export_keying_material
(
SSL
*
s
,
unsigned
char
*
out
,
unsigned
int
olen
,
const
char
*
label
,
unsigned
int
llen
,
const
unsigned
char
*
p
,
unsigned
in
t
plen
,
int
use_context
);
int
tls1_export_keying_material
(
SSL
*
s
,
unsigned
char
*
out
,
size_t
olen
,
const
char
*
label
,
size_t
llen
,
const
unsigned
char
*
p
,
size_
t
plen
,
int
use_context
);
int
tls1_alert_code
(
int
code
);
int
ssl3_alert_code
(
int
code
);
int
ssl_ok
(
SSL
*
s
);
...
...
ssl/t1_enc.c
浏览文件 @
74b4b494
...
...
@@ -1119,16 +1119,17 @@ int tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p,
return
(
SSL3_MASTER_SECRET_SIZE
);
}
int
tls1_export_keying_material
(
SSL
*
s
,
unsigned
char
*
out
,
unsigned
int
olen
,
const
char
*
label
,
unsigned
int
llen
,
const
unsigned
char
*
context
,
unsigned
in
t
contextlen
,
int
use_context
)
int
tls1_export_keying_material
(
SSL
*
s
,
unsigned
char
*
out
,
size_t
olen
,
const
char
*
label
,
size_t
llen
,
const
unsigned
char
*
context
,
size_
t
contextlen
,
int
use_context
)
{
unsigned
char
*
buff
;
unsigned
char
*
val
=
NULL
;
unsigned
int
vallen
,
currentvalpos
,
rv
;
size_t
vallen
,
currentvalpos
;
int
rv
;
#ifdef KSSL_DEBUG
printf
(
"tls1_export_keying_material(%p,
%p,%d, %s,%d, %p,%d)
\n
"
,
s
,
out
,
olen
,
label
,
llen
,
p
,
plen
);
printf
(
"tls1_export_keying_material(%p,
%p,%d,%s,%d,%p,%d)
\n
"
,
s
,
out
,
olen
,
label
,
llen
,
p
,
plen
);
#endif
/* KSSL_DEBUG */
buff
=
OPENSSL_malloc
(
olen
);
...
...
@@ -1140,10 +1141,10 @@ int tls1_export_keying_material(SSL *s, unsigned char *out, unsigned int olen,
* does not create a prohibited label.
*/
vallen
=
llen
+
SSL3_RANDOM_SIZE
*
2
;
if
(
use_context
)
{
vallen
+=
2
+
contextlen
;
}
if
(
use_context
)
{
vallen
+=
2
+
contextlen
;
}
val
=
OPENSSL_malloc
(
vallen
);
if
(
val
==
NULL
)
goto
err2
;
...
...
@@ -1155,17 +1156,17 @@ int tls1_export_keying_material(SSL *s, unsigned char *out, unsigned int olen,
memcpy
(
val
+
currentvalpos
,
s
->
s3
->
server_random
,
SSL3_RANDOM_SIZE
);
currentvalpos
+=
SSL3_RANDOM_SIZE
;
if
(
use_context
)
{
val
[
currentvalpos
]
=
(
contextlen
<<
8
)
&
0xff
;
currentvalpos
++
;
val
[
currentvalpos
]
=
contextlen
&
0xff
;
currentvalpos
++
;
if
((
contextlen
>
0
)
||
(
context
!=
NULL
))
{
memcpy
(
val
+
currentvalpos
,
context
,
contextlen
);
}
}
if
(
use_context
)
{
val
[
currentvalpos
]
=
(
contextlen
>>
8
)
&
0xff
;
currentvalpos
++
;
val
[
currentvalpos
]
=
contextlen
&
0xff
;
currentvalpos
++
;
if
((
contextlen
>
0
)
||
(
context
!=
NULL
))
{
memcpy
(
val
+
currentvalpos
,
context
,
contextlen
);
}
}
/* disallow prohibited labels
* note that SSL3_RANDOM_SIZE > max(prohibited label len) =
...
...
@@ -1181,19 +1182,18 @@ int tls1_export_keying_material(SSL *s, unsigned char *out, unsigned int olen,
if
(
memcmp
(
val
,
TLS_MD_KEY_EXPANSION_CONST
,
TLS_MD_KEY_EXPANSION_CONST_SIZE
)
==
0
)
goto
err1
;
tls1_PRF
(
s
->
s3
->
tmp
.
new_cipher
->
algorithm2
,
val
,
vallen
,
NULL
,
0
,
NULL
,
0
,
NULL
,
0
,
NULL
,
0
,
s
->
session
->
master_key
,
s
->
session
->
master_key_length
,
out
,
buff
,
olen
);
rv
=
tls1_PRF
(
s
->
s3
->
tmp
.
new_cipher
->
algorithm2
,
val
,
vallen
,
NULL
,
0
,
NULL
,
0
,
NULL
,
0
,
NULL
,
0
,
s
->
session
->
master_key
,
s
->
session
->
master_key_length
,
out
,
buff
,
olen
);
#ifdef KSSL_DEBUG
printf
(
"tls1_export_keying_material() complete
\n
"
);
#endif
/* KSSL_DEBUG */
rv
=
olen
;
goto
ret
;
err1:
SSLerr
(
SSL_F_TLS1_EXPORT_KEYING_MATERIAL
,
SSL_R_TLS_ILLEGAL_EXPORTER_LABEL
);
...
...
ssl/tls1.h
浏览文件 @
74b4b494
...
...
@@ -265,8 +265,16 @@ extern "C" {
const
char
*
SSL_get_servername
(
const
SSL
*
s
,
const
int
type
);
int
SSL_get_servername_type
(
const
SSL
*
s
);
int
SSL_export_keying_material
(
SSL
*
s
,
unsigned
char
*
out
,
int
olen
,
char
*
label
,
int
llen
,
unsigned
char
*
p
,
int
plen
,
int
use_context
);
/* SSL_export_keying_material exports a value derived from the master secret,
* as specified in RFC 5705. It writes |olen| bytes to |out| given a label and
* optional context. (Since a zero length context is allowed, the |use_context|
* flag controls whether a context is included.)
*
* It returns 1 on success and zero otherwise.
*/
int
SSL_export_keying_material
(
SSL
*
s
,
unsigned
char
*
out
,
size_t
olen
,
const
char
*
label
,
size_t
llen
,
const
unsigned
char
*
p
,
size_t
plen
,
int
use_context
);
#define SSL_set_tlsext_host_name(s,name) \
SSL_ctrl(s,SSL_CTRL_SET_TLSEXT_HOSTNAME,TLSEXT_NAMETYPE_host_name,(char *)name)
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录