Amazing-Mirror/fragattacks
1
0
Fork 0
mirror of https://github.com/vanhoefm/fragattacks.git synced 2025-02-17 17:43:06 -05:00
Code Issues Projects Releases Wiki Activity

OpenSSL: Add SHA256 support in openssl_tls_prf() for TLSv1.2

Browse Source 
This is needed when enabling TLSv1.2 support for EAP-FAST since the
SSL_export_keying_material() call does not support the needed parameters
for TLS PRF and the external-to-OpenSSL PRF needs to be used instead.

Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2015-07-28 11:40:17 +03:00
parent 3de28506d2
commit 16bc3b8935
5 changed files with 35 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
hostapd/Android.mk
View File

@ -562,6 +562,8 @@ HOBJS += src/crypto/crypto_openssl.c
ifdef NEED_FIPS186_2_PRF ifdef NEED_FIPS186_2_PRF
OBJS += src/crypto/fips_prf_openssl.c OBJS += src/crypto/fips_prf_openssl.c
endif endif
NEED_SHA256=y
NEED_TLS_PRF_SHA256=y
LIBS += -lcrypto LIBS += -lcrypto
LIBS_h += -lcrypto LIBS_h += -lcrypto
endif endif

2
hostapd/Makefile
View File

@ -541,6 +541,8 @@ HOBJS += ../src/crypto/crypto_openssl.o
ifdef NEED_FIPS186_2_PRF ifdef NEED_FIPS186_2_PRF
OBJS += ../src/crypto/fips_prf_openssl.o OBJS += ../src/crypto/fips_prf_openssl.o
endif endif
NEED_SHA256=y
NEED_TLS_PRF_SHA256=y
LIBS += -lcrypto LIBS += -lcrypto
LIBS_h += -lcrypto LIBS_h += -lcrypto
endif endif

40
src/crypto/tls_openssl.c
View File

@ -1,6 +1,6 @@
/* /*
* SSL/TLS interface functions for OpenSSL * SSL/TLS interface functions for OpenSSL
* Copyright (c) 2004-2013, Jouni Malinen <j@w1.fi> * Copyright (c) 2004-2015, Jouni Malinen <j@w1.fi>
* *
* This software may be distributed under the terms of the BSD license. * This software may be distributed under the terms of the BSD license.
* See README for more details. * See README for more details.
@ -33,6 +33,7 @@
#include "common.h" #include "common.h"
#include "crypto.h" #include "crypto.h"
#include "sha1.h" #include "sha1.h"
#include "sha256.h"
#include "tls.h" #include "tls.h"
#if OPENSSL_VERSION_NUMBER < 0x10000000L #if OPENSSL_VERSION_NUMBER < 0x10000000L
@ -2756,6 +2757,7 @@ static int openssl_tls_prf(void *tls_ctx, struct tls_connection *conn,
int skip = 0; int skip = 0;
u8 *tmp_out = NULL; u8 *tmp_out = NULL;
u8 *_out = out; u8 *_out = out;
const char *ver;
/* /*
* TLS library did not support key generation, so get the needed TLS * TLS library did not support key generation, so get the needed TLS
@ -2769,6 +2771,7 @@ static int openssl_tls_prf(void *tls_ctx, struct tls_connection *conn,
if (ssl == NULL || ssl->s3 == NULL || ssl->session == NULL || if (ssl == NULL || ssl->s3 == NULL || ssl->session == NULL ||
ssl->session->master_key_length <= 0) ssl->session->master_key_length <= 0)
return -1; return -1;
ver = SSL_get_version(ssl);
if (skip_keyblock) { if (skip_keyblock) {
skip = openssl_get_keyblock_size(ssl); skip = openssl_get_keyblock_size(ssl);
@ -2796,13 +2799,18 @@ static int openssl_tls_prf(void *tls_ctx, struct tls_connection *conn,
SSL3_RANDOM_SIZE); SSL3_RANDOM_SIZE);
} }
/* TODO: TLSv1.2 may need another PRF. This could use something closer if (os_strcmp(ver, "TLSv1.2") == 0) {
* to SSL_export_keying_material() design. */ tls_prf_sha256(ssl->session->master_key,
if (tls_prf_sha1_md5(ssl->session->master_key, ssl->session->master_key_length,
ssl->session->master_key_length, label, rnd, 2 * SSL3_RANDOM_SIZE,
label, rnd, 2 * SSL3_RANDOM_SIZE, _out, skip + out_len);
_out, skip + out_len) == 0)
ret = 0; ret = 0;
} else if (tls_prf_sha1_md5(ssl->session->master_key,
ssl->session->master_key_length,
label, rnd, 2 * SSL3_RANDOM_SIZE,
_out, skip + out_len) == 0) {
ret = 0;
}
os_free(rnd); os_free(rnd);
if (ret == 0 && skip_keyblock) if (ret == 0 && skip_keyblock)
os_memcpy(out, _out + skip, out_len); os_memcpy(out, _out + skip, out_len);
@ -2821,6 +2829,7 @@ static int openssl_tls_prf(void *tls_ctx, struct tls_connection *conn,
unsigned char server_random[SSL3_RANDOM_SIZE]; unsigned char server_random[SSL3_RANDOM_SIZE];
unsigned char master_key[64]; unsigned char master_key[64];
size_t master_key_len; size_t master_key_len;
const char *ver;
/* /*
* TLS library did not support key generation, so get the needed TLS * TLS library did not support key generation, so get the needed TLS
@ -2833,8 +2842,9 @@ static int openssl_tls_prf(void *tls_ctx, struct tls_connection *conn,
ssl = conn->ssl; ssl = conn->ssl;
if (ssl == NULL) if (ssl == NULL)
return -1; return -1;
ver = SSL_get_version(ssl);
sess = SSL_get_session(ssl); sess = SSL_get_session(ssl);
if (!sess) if (!ver || !sess)
return -1; return -1;
if (skip_keyblock) { if (skip_keyblock) {
@ -2868,12 +2878,16 @@ static int openssl_tls_prf(void *tls_ctx, struct tls_connection *conn,
SSL3_RANDOM_SIZE); SSL3_RANDOM_SIZE);
} }
/* TODO: TLSv1.2 may need another PRF. This could use something closer if (os_strcmp(ver, "TLSv1.2") == 0) {
* to SSL_export_keying_material() design. */ tls_prf_sha256(master_key, master_key_len,
if (tls_prf_sha1_md5(master_key, master_key_len, label, rnd, 2 * SSL3_RANDOM_SIZE,
label, rnd, 2 * SSL3_RANDOM_SIZE, _out, skip + out_len);
_out, skip + out_len) == 0)
ret = 0; ret = 0;
} else if (tls_prf_sha1_md5(master_key, master_key_len,
label, rnd, 2 * SSL3_RANDOM_SIZE,
_out, skip + out_len) == 0) {
ret = 0;
}
os_memset(master_key, 0, sizeof(master_key)); os_memset(master_key, 0, sizeof(master_key));
os_free(rnd); os_free(rnd);
if (ret == 0 && skip_keyblock) if (ret == 0 && skip_keyblock)

2
wpa_supplicant/Android.mk
View File

@ -990,6 +990,8 @@ OBJS_p += src/crypto/crypto_openssl.c
ifdef NEED_FIPS186_2_PRF ifdef NEED_FIPS186_2_PRF
OBJS += src/crypto/fips_prf_openssl.c OBJS += src/crypto/fips_prf_openssl.c
endif endif
NEED_SHA256=y
NEED_TLS_PRF_SHA256=y
LIBS += -lcrypto LIBS += -lcrypto
LIBS_p += -lcrypto LIBS_p += -lcrypto
ifdef CONFIG_TLS_ADD_DL ifdef CONFIG_TLS_ADD_DL

2
wpa_supplicant/Makefile
View File

@ -1001,6 +1001,8 @@ OBJS_priv += ../src/crypto/crypto_openssl.o
ifdef NEED_FIPS186_2_PRF ifdef NEED_FIPS186_2_PRF
OBJS += ../src/crypto/fips_prf_openssl.o OBJS += ../src/crypto/fips_prf_openssl.o
endif endif
NEED_SHA256=y
NEED_TLS_PRF_SHA256=y
LIBS += -lcrypto LIBS += -lcrypto
LIBS_p += -lcrypto LIBS_p += -lcrypto
ifdef CONFIG_TLS_ADD_DL ifdef CONFIG_TLS_ADD_DL