Added implementation of keying material export (RFC 5705) (API for PRF implementation...

[BearSSL] / src / ssl / ssl_hs_client.c
diff --git a/src/ssl/ssl_hs_client.c b/src/ssl/ssl_hs_client.c

index 4338fc4..34cb407 100644 (file)
--- a/src/ssl/ssl_hs_client.c
+++ b/src/ssl/ssl_hs_client.c
@@ -170,32 +170,12 @@ make_pms_rsa(br_ssl_client_context *ctx, int prf_id)
  /*
   * OID for hash functions in RSA signatures.
   */
  /*
   * OID for hash functions in RSA signatures.
   */
-static const unsigned char HASH_OID_SHA1[] = {
-       0x05, 0x2B, 0x0E, 0x03, 0x02, 0x1A
-};
-
-static const unsigned char HASH_OID_SHA224[] = {
-       0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x04
-};
-
-static const unsigned char HASH_OID_SHA256[] = {
-       0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01
-};
-
-static const unsigned char HASH_OID_SHA384[] = {
-       0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02
-};
-
-static const unsigned char HASH_OID_SHA512[] = {
-       0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03
-};
-
  static const unsigned char *HASH_OID[] = {
  static const unsigned char *HASH_OID[] = {
-       HASH_OID_SHA1,
-       HASH_OID_SHA224,
-       HASH_OID_SHA256,
-       HASH_OID_SHA384,
-       HASH_OID_SHA512
+       BR_HASH_OID_SHA1,
+       BR_HASH_OID_SHA224,
+       BR_HASH_OID_SHA256,
+       BR_HASH_OID_SHA384,
+       BR_HASH_OID_SHA512
  };
  
  /*
  };
  
  /*
@@ -1212,21 +1192,22 @@ br_ssl_hs_client_run(void *t0ctx)
  
         int prf_id = T0_POP();
         int from_client = T0_POPi();
  
         int prf_id = T0_POP();
         int from_client = T0_POPi();
-       unsigned char seed[48];
-       size_t seed_len;
+       unsigned char tmp[48];
+       br_tls_prf_seed_chunk seed;
  
         br_tls_prf_impl prf = br_ssl_engine_get_PRF(ENG, prf_id);
  
         br_tls_prf_impl prf = br_ssl_engine_get_PRF(ENG, prf_id);
+       seed.data = tmp;
         if (ENG->session.version >= BR_TLS12) {
         if (ENG->session.version >= BR_TLS12) {
-               seed_len = br_multihash_out(&ENG->mhash, prf_id, seed);
+               seed.len = br_multihash_out(&ENG->mhash, prf_id, tmp);
         } else {
         } else {
-               br_multihash_out(&ENG->mhash, br_md5_ID, seed);
-               br_multihash_out(&ENG->mhash, br_sha1_ID, seed + 16);
-               seed_len = 36;
+               br_multihash_out(&ENG->mhash, br_md5_ID, tmp);
+               br_multihash_out(&ENG->mhash, br_sha1_ID, tmp + 16);
+               seed.len = 36;
         }
         prf(ENG->pad, 12, ENG->session.master_secret,
                 sizeof ENG->session.master_secret,
                 from_client ? "client finished" : "server finished",
         }
         prf(ENG->pad, 12, ENG->session.master_secret,
                 sizeof ENG->session.master_secret,
                 from_client ? "client finished" : "server finished",
-               seed, seed_len);
+               1, &seed);
  
                                 }
                                 break;
  
                                 }
                                 break;