Add negotiation of Extended Master Secret
(But not the actual thing yet.)
diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index 50ab05f..065f3a8 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -359,6 +359,31 @@
}
#endif /* POLARSSL_SSL_TRUNCATED_HMAC */
+#if defined(POLARSSL_SSL_EXTENDED_MASTER_SECRET)
+static void ssl_write_extended_ms_ext( ssl_context *ssl,
+ unsigned char *buf, size_t *olen )
+{
+ unsigned char *p = buf;
+
+ if( ssl->extended_ms == SSL_EXTENDED_MS_DISABLED )
+ {
+ *olen = 0;
+ return;
+ }
+
+ SSL_DEBUG_MSG( 3, ( "client hello, adding extended_master_secret "
+ "extension" ) );
+
+ *p++ = (unsigned char)( ( TLS_EXT_EXTENDED_MASTER_SECRET >> 8 ) & 0xFF );
+ *p++ = (unsigned char)( ( TLS_EXT_EXTENDED_MASTER_SECRET ) & 0xFF );
+
+ *p++ = 0x00;
+ *p++ = 0x00;
+
+ *olen = 4;
+}
+#endif /* POLARSSL_SSL_EXTENDED_MASTER_SECRET */
+
#if defined(POLARSSL_SSL_SESSION_TICKETS)
static void ssl_write_session_ticket_ext( ssl_context *ssl,
unsigned char *buf, size_t *olen )
@@ -662,6 +687,11 @@
ext_len += olen;
#endif
+#if defined(POLARSSL_SSL_EXTENDED_MASTER_SECRET)
+ ssl_write_extended_ms_ext( ssl, p + 2 + ext_len, &olen );
+ ext_len += olen;
+#endif
+
#if defined(POLARSSL_SSL_SESSION_TICKETS)
ssl_write_session_ticket_ext( ssl, p + 2 + ext_len, &olen );
ext_len += olen;
@@ -780,6 +810,25 @@
}
#endif /* POLARSSL_SSL_TRUNCATED_HMAC */
+#if defined(POLARSSL_SSL_EXTENDED_MASTER_SECRET)
+static int ssl_parse_extended_ms_ext( ssl_context *ssl,
+ const unsigned char *buf,
+ size_t len )
+{
+ if( ssl->extended_ms == SSL_EXTENDED_MS_DISABLED ||
+ len != 0 )
+ {
+ return( POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO );
+ }
+
+ ((void) buf);
+
+ ssl->handshake->extended_ms = SSL_EXTENDED_MS_ENABLED;
+
+ return( 0 );
+}
+#endif /* POLARSSL_SSL_EXTENDED_MASTER_SECRET */
+
#if defined(POLARSSL_SSL_SESSION_TICKETS)
static int ssl_parse_session_ticket_ext( ssl_context *ssl,
const unsigned char *buf,
@@ -1152,6 +1201,19 @@
break;
#endif /* POLARSSL_SSL_TRUNCATED_HMAC */
+#if defined(POLARSSL_SSL_EXTENDED_MASTER_SECRET)
+ case TLS_EXT_EXTENDED_MASTER_SECRET:
+ SSL_DEBUG_MSG( 3, ( "found extended_master_secret extension" ) );
+
+ if( ( ret = ssl_parse_extended_ms_ext( ssl,
+ ext + 4, ext_size ) ) != 0 )
+ {
+ return( ret );
+ }
+
+ break;
+#endif /* POLARSSL_SSL_EXTENDED_MASTER_SECRET */
+
#if defined(POLARSSL_SSL_SESSION_TICKETS)
case TLS_EXT_SESSION_TICKET:
SSL_DEBUG_MSG( 3, ( "found session_ticket extension" ) );
diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index 57b0ecf..f65338e 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -635,6 +635,26 @@
}
#endif /* POLARSSL_SSL_TRUNCATED_HMAC */
+#if defined(POLARSSL_SSL_EXTENDED_MASTER_SECRET)
+static int ssl_parse_extended_ms_ext( ssl_context *ssl,
+ const unsigned char *buf,
+ size_t len )
+{
+ if( len != 0 )
+ {
+ SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
+ return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO );
+ }
+
+ ((void) buf);
+
+ if( ssl->extended_ms == SSL_EXTENDED_MS_ENABLED )
+ ssl->handshake->extended_ms = SSL_EXTENDED_MS_ENABLED;
+
+ return( 0 );
+}
+#endif /* POLARSSL_SSL_EXTENDED_MASTER_SECRET */
+
#if defined(POLARSSL_SSL_SESSION_TICKETS)
static int ssl_parse_session_ticket_ext( ssl_context *ssl,
unsigned char *buf,
@@ -1500,6 +1520,16 @@
break;
#endif /* POLARSSL_SSL_TRUNCATED_HMAC */
+#if defined(POLARSSL_SSL_EXTENDED_MASTER_SECRET)
+ case TLS_EXT_EXTENDED_MASTER_SECRET:
+ SSL_DEBUG_MSG( 3, ( "found extended master secret extension" ) );
+
+ ret = ssl_parse_extended_ms_ext( ssl, ext + 4, ext_size );
+ if( ret != 0 )
+ return( ret );
+ break;
+#endif /* POLARSSL_SSL_EXTENDED_MASTER_SECRET */
+
#if defined(POLARSSL_SSL_SESSION_TICKETS)
case TLS_EXT_SESSION_TICKET:
SSL_DEBUG_MSG( 3, ( "found session ticket extension" ) );
@@ -1649,6 +1679,32 @@
}
#endif /* POLARSSL_SSL_TRUNCATED_HMAC */
+#if defined(POLARSSL_SSL_EXTENDED_MASTER_SECRET)
+static void ssl_write_extended_ms_ext( ssl_context *ssl,
+ unsigned char *buf,
+ size_t *olen )
+{
+ unsigned char *p = buf;
+
+ if( ssl->handshake->extended_ms == SSL_EXTENDED_MS_DISABLED )
+ {
+ *olen = 0;
+ return;
+ }
+
+ SSL_DEBUG_MSG( 3, ( "server hello, adding extended master secret "
+ "extension" ) );
+
+ *p++ = (unsigned char)( ( TLS_EXT_EXTENDED_MASTER_SECRET >> 8 ) & 0xFF );
+ *p++ = (unsigned char)( ( TLS_EXT_EXTENDED_MASTER_SECRET ) & 0xFF );
+
+ *p++ = 0x00;
+ *p++ = 0x00;
+
+ *olen = 4;
+}
+#endif /* POLARSSL_SSL_EXTENDED_MASTER_SECRET */
+
#if defined(POLARSSL_SSL_SESSION_TICKETS)
static void ssl_write_session_ticket_ext( ssl_context *ssl,
unsigned char *buf,
@@ -1952,6 +2008,11 @@
ext_len += olen;
#endif
+#if defined(POLARSSL_SSL_EXTENDED_MASTER_SECRET)
+ ssl_write_extended_ms_ext( ssl, p + 2 + ext_len, &olen );
+ ext_len += olen;
+#endif
+
#if defined(POLARSSL_SSL_SESSION_TICKETS)
ssl_write_session_ticket_ext( ssl, p + 2 + ext_len, &olen );
ext_len += olen;
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index bd4494f..1fe3a95 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -470,6 +470,11 @@
SSL_DEBUG_BUF( 3, "premaster secret", handshake->premaster,
handshake->pmslen );
+#if defined(POLARSSL_SSL_EXTENDED_MASTER_SECRET)
+ if( ssl->handshake->extended_ms == SSL_EXTENDED_MS_ENABLED )
+ SSL_DEBUG_MSG( 3, ( "using extended master secret" ) );
+ // XXX to be continued, WIP
+#endif
handshake->tls_prf( handshake->premaster, handshake->pmslen,
"master secret",
handshake->randbytes, 64, session->master, 48 );
@@ -3437,6 +3442,10 @@
memset( ssl-> in_ctr, 0, SSL_BUFFER_LEN );
memset( ssl->out_ctr, 0, SSL_BUFFER_LEN );
+#if defined(POLARSSL_SSL_EXTENDED_MASTER_SECRET)
+ ssl->extended_ms = SSL_EXTENDED_MS_ENABLED;
+#endif
+
#if defined(POLARSSL_SSL_SESSION_TICKETS)
ssl->ticket_lifetime = SSL_DEFAULT_TICKET_LIFETIME;
#endif
@@ -3984,6 +3993,13 @@
}
#endif
+#if defined(POLARSSL_SSL_EXTENDED_MASTER_SECRET)
+void ssl_set_extended_master_secret( ssl_context *ssl, char ems )
+{
+ ssl->extended_ms = ems;
+}
+#endif
+
#if defined(POLARSSL_SSL_MAX_FRAGMENT_LENGTH)
int ssl_set_max_frag_len( ssl_context *ssl, unsigned char mfl_code )
{