abc/GmSSL
1
0
Fork 0
mirror of https://github.com/guanzhi/GmSSL.git synced 2026-05-06 16:36:16 +08:00
Code Issues Packages Projects Releases Wiki Activity

Fix return value and secret clean bug

Browse Source
This commit is contained in:
Zhi Guan
2022-12-28 16:46:55 +08:00
parent 6ef810f51f
commit 49962a267f
3 changed files with 32 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
src/tls13.c
View File

@@ -1415,6 +1415,7 @@ TLS 1.3的区别:
int tls13_do_connect(TLS_CONNECT *conn)
{
int ret = -1;
uint8_t *record = conn->record;
uint8_t *enced_record = conn->enced_record;
size_t recordlen;
@@ -1876,13 +1877,27 @@ int tls13_do_connect(TLS_CONNECT *conn)
format_print(stderr, 0, 0, "\n");
*/
fprintf(stderr, "Connection established\n");
ret = 1;
end:
return 1;
gmssl_secure_clear(&client_ecdhe, sizeof(client_ecdhe));
gmssl_secure_clear(&server_sign_key, sizeof(server_sign_key));
gmssl_secure_clear(psk, sizeof(psk));
gmssl_secure_clear(early_secret, sizeof(early_secret));
gmssl_secure_clear(handshake_secret, sizeof(handshake_secret));
gmssl_secure_clear(master_secret, sizeof(master_secret));
gmssl_secure_clear(client_handshake_traffic_secret, sizeof(client_handshake_traffic_secret));
gmssl_secure_clear(server_handshake_traffic_secret, sizeof(server_handshake_traffic_secret));
gmssl_secure_clear(client_application_traffic_secret, sizeof(client_application_traffic_secret));
gmssl_secure_clear(server_application_traffic_secret, sizeof(server_application_traffic_secret));
gmssl_secure_clear(client_write_key, sizeof(client_write_key));
gmssl_secure_clear(server_write_key, sizeof(server_write_key));
return ret;
}
int tls13_do_accept(TLS_CONNECT *conn)
{
int ret = -1;
uint8_t *record = conn->record;
size_t recordlen;
uint8_t enced_record[25600];
@@ -2320,7 +2335,19 @@ int tls13_do_accept(TLS_CONNECT *conn)
*/
fprintf(stderr, "Connection Established!\n\n");
ret = 1;
end:
return 1;
gmssl_secure_clear(&server_ecdhe, sizeof(server_ecdhe));
gmssl_secure_clear(&client_sign_key, sizeof(client_sign_key));
gmssl_secure_clear(psk, sizeof(psk));
gmssl_secure_clear(early_secret, sizeof(early_secret));
gmssl_secure_clear(handshake_secret, sizeof(handshake_secret));
gmssl_secure_clear(master_secret, sizeof(master_secret));
gmssl_secure_clear(client_handshake_traffic_secret, sizeof(client_handshake_traffic_secret));
gmssl_secure_clear(server_handshake_traffic_secret, sizeof(server_handshake_traffic_secret));
gmssl_secure_clear(client_application_traffic_secret, sizeof(client_application_traffic_secret));
gmssl_secure_clear(server_application_traffic_secret, sizeof(server_application_traffic_secret));
gmssl_secure_clear(client_write_key, sizeof(client_write_key));
gmssl_secure_clear(server_write_key, sizeof(server_write_key));
return ret;
}