abc/GmSSL
1
0
Fork 0
mirror of https://github.com/guanzhi/GmSSL.git synced 2026-06-28 16:53:37 +08:00
Code Issues Packages Projects Releases Wiki Activity

Fix tls12, tls13 bug

Browse Source 
目前TLS 1.2, 1.3的握手过程中使用了SM2_Z256_POINT,应该改为使用SM2_POINT,可以兼容其他曲线类型,只在做ECDH的时候才判断点的正确性。
This commit is contained in:
Zhi Guan
2024-06-02 10:19:24 +08:00
parent e4c77d9108
commit cffee1dd9f
3 changed files with 25 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
src/tls13.c
View File

@@ -1600,10 +1600,12 @@ int tls13_do_connect(TLS_CONNECT *conn)
uint8_t client_write_iv[12]
uint8_t server_write_iv[12]
*/
sm2_do_ecdh(&client_ecdhe, &server_ecdhe_public, &server_ecdhe_public);
sm2_do_ecdh(&client_ecdhe, &server_ecdhe_public, &server_ecdhe_public);
uint8_t share_point[64];
sm2_z256_point_to_bytes(&server_ecdhe_public, share_point);
/* [1] */ tls13_hkdf_extract(digest, zeros, psk, early_secret);
/* [5] */ tls13_derive_secret(early_secret, "derived", &null_dgst_ctx, handshake_secret);
/* [6] */ tls13_hkdf_extract(digest, handshake_secret, (uint8_t *)&server_ecdhe_public, handshake_secret);
/* [6] */ tls13_hkdf_extract(digest, handshake_secret, share_point, handshake_secret);
/* [7] */ tls13_derive_secret(handshake_secret, "c hs traffic", &dgst_ctx, client_handshake_traffic_secret);
/* [8] */ tls13_derive_secret(handshake_secret, "s hs traffic", &dgst_ctx, server_handshake_traffic_secret);
/* [9] */ tls13_derive_secret(handshake_secret, "derived", &null_dgst_ctx, master_secret);
@@ -2081,10 +2083,13 @@ int tls13_do_accept(TLS_CONNECT *conn)
digest_update(&dgst_ctx, record + 5, recordlen - 5);
sm2_do_ecdh(&server_ecdhe, &client_ecdhe_public, &client_ecdhe_public);
sm2_do_ecdh(&server_ecdhe, &client_ecdhe_public, &client_ecdhe_public);
uint8_t share_point[64];//FIXME: 应该重新考虑TLS中如何使用sm2_do_ecdh还是sm2_ecdh
sm2_z256_point_to_bytes(&client_ecdhe_public, share_point);
/* 1 */ tls13_hkdf_extract(digest, zeros, psk, early_secret);
/* 5 */ tls13_derive_secret(early_secret, "derived", &null_dgst_ctx, handshake_secret);
/* 6 */ tls13_hkdf_extract(digest, handshake_secret, (uint8_t *)&client_ecdhe_public, handshake_secret);
/* 6 */ tls13_hkdf_extract(digest, handshake_secret, share_point, handshake_secret);
/* 7 */ tls13_derive_secret(handshake_secret, "c hs traffic", &dgst_ctx, client_handshake_traffic_secret);
/* 8 */ tls13_derive_secret(handshake_secret, "s hs traffic", &dgst_ctx, server_handshake_traffic_secret);
/* 9 */ tls13_derive_secret(handshake_secret, "derived", &null_dgst_ctx, master_secret);