diff options
| author | Nick Mathewson <nickm@torproject.org> | 2007-11-05 18:15:47 +0000 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2007-11-05 18:15:47 +0000 |
| commit | 22c31d91ab5766db23f65a28d01009f594095901 (patch) | |
| tree | bcc29f5834eed5e146939bacbb1be0f154dc92b0 /src/common | |
| parent | e94fad36aceece917b65a9558b2f1156c0dba3ea (diff) | |
| download | tor-22c31d91ab5766db23f65a28d01009f594095901.tar.gz tor-22c31d91ab5766db23f65a28d01009f594095901.zip | |
r16410@catbus: nickm | 2007-11-05 10:54:29 -0500
Code to remember client_random and server_random values, and to compute hmac using TLS master secret.
svn:r12381
Diffstat (limited to 'src/common')
| -rw-r--r-- | src/common/tortls.c | 37 | ||||
| -rw-r--r-- | src/common/tortls.h | 7 |
2 files changed, 44 insertions, 0 deletions
diff --git a/src/common/tortls.c b/src/common/tortls.c index 162c9d740b..ce5b702a2b 100644 --- a/src/common/tortls.c +++ b/src/common/tortls.c @@ -20,6 +20,7 @@ const char tortls_c_id[] = #include <assert.h> #include <openssl/ssl.h> +#include <openssl/ssl3.h> #include <openssl/err.h> #include <openssl/tls1.h> #include <openssl/asn1.h> @@ -896,3 +897,39 @@ tor_tls_used_v1_handshake(tor_tls_t *tls) return 1; } +#if SSL3_RANDOM_SIZE != TOR_TLS_RANDOM_LEN +#error "The TOR_TLS_RANDOM_LEN macro is defined incorrectly. That's a bug." +#endif + +/** DOCDOC */ +int +tor_tls_get_random_values(tor_tls_t *tls, char *client_random_out, + char *server_random_out) +{ + tor_assert(tls && tls->ssl); + if (!tls->ssl->s3) + return -1; + memcpy(client_random_out, tls->ssl->s3->client_random, SSL3_RANDOM_SIZE); + memcpy(server_random_out, tls->ssl->s3->server_random, SSL3_RANDOM_SIZE); + return 0; +} + +/** DOCDOC */ +int +tor_tls_hmac_with_master_secret(tor_tls_t *tls, char *hmac_out, + const char *data, size_t data_len) +{ + SSL_SESSION *s; + tor_assert(tls && tls->ssl); + if (!(s = SSL_get_session(tls->ssl))) + return -1; + if (s->master_key_length < 0) + return -1; + crypto_hmac_sha1(hmac_out, + (const char*)s->master_key, + (size_t)s->master_key_length, + data, data_len); + return 0; +} + + diff --git a/src/common/tortls.h b/src/common/tortls.h index 89cbe3be58..eac337b921 100644 --- a/src/common/tortls.h +++ b/src/common/tortls.h @@ -41,6 +41,9 @@ typedef struct tor_tls_t tor_tls_t; case TOR_TLS_ERROR_NO_ROUTE: \ case TOR_TLS_ERROR_TIMEOUT +/**DOCDOC*/ +#define TOR_TLS_RANDOM_LEN 32 + #define TOR_TLS_IS_ERROR(rv) ((rv) < TOR_TLS_CLOSE) void tor_tls_free_all(void); @@ -65,6 +68,10 @@ void tor_tls_get_n_raw_bytes(tor_tls_t *tls, size_t *n_read, size_t *n_written); int tor_tls_used_v1_handshake(tor_tls_t *tls); +int tor_tls_get_random_values(tor_tls_t *tls, char *client_random_out, + char *server_random_out); +int tor_tls_hmac_with_master_secret(tor_tls_t *tls, char *hmac_out, + const char *data, size_t data_len); /* Log and abort if there are unhandled TLS errors in OpenSSL's error stack. */ |