Update tls12.c

2026-06-19 19:33:38 +08:00 · 2026-06-12 00:10:00 +08:00
parent 85252fb28b
commit e6f4ece239
1 changed files with 87 additions and 46 deletions
--- a/src/tls12.c
+++ b/src/tls12.c
@@ -2916,30 +2916,34 @@ int tls_recv_client_certificate(TLS_CONNECT *conn)
 	return 1;
 }
-int tls_generate_keys(TLS_CONNECT *conn)
+static int tls12_generate_pre_master_secret(TLS_CONNECT *conn,
 	uint8_t *pre_master_secret, size_t *pre_master_secret_len)
 {
-	uint8_t pre_master_secret[32];
+	if (!conn || !pre_master_secret || !pre_master_secret_len) {
 	size_t pre_master_secret_len;
 	// 这里密钥是完全用ECDHE生成的
 	if (x509_key_exchange(&conn->key_exchanges[0],
 		conn->peer_key_exchange, conn->peer_key_exchange_len,
 		pre_master_secret, &pre_master_secret_len) != 1) {
 		error_print();
 		return -1;
 	}
-	if (pre_master_secret_len != sizeof(pre_master_secret)) {
+	if (x509_key_exchange(&conn->key_exchanges[0], conn->peer_key_exchange,
 		conn->peer_key_exchange_len, pre_master_secret, pre_master_secret_len) != 1) {
 		error_print();
 		return -1;
 	}
 	if (*pre_master_secret_len != 32) {
 		error_print();
 		return -1;
 	}
 	format_bytes(stderr, 0, 0, "pre_master_secret", pre_master_secret, *pre_master_secret_len);
 	return 1;
 }
-	format_bytes(stderr, 0, 0, "pre_master_secret", pre_master_secret, pre_master_secret_len);
+static int tls12_generate_master_secret(TLS_CONNECT *conn,
-
+	const uint8_t *pre_master_secret, size_t pre_master_secret_len)
-	// master_secret和transcript_hash没有任何关系
+{
-	if (tls12_prf(conn->digest,
+	if (!conn || !pre_master_secret || pre_master_secret_len != 32) {
-			pre_master_secret, 32,
+		error_print();
 		return -1;
 	}
 	if (tls12_prf(conn->digest, pre_master_secret, pre_master_secret_len,
 			"master secret",
 			conn->client_random, 32,
 			conn->server_random, 32,
@@ -2949,8 +2953,11 @@ int tls_generate_keys(TLS_CONNECT *conn)
 	}
 	format_bytes(stderr, 0, 0, "master_secret", conn->master_secret, 48);
 	return 1;
 }
-
+static int tls12_generate_key_block(TLS_CONNECT *conn)
 {
 	switch (conn->cipher_suite) {
 	case TLS_cipher_ecdhe_sm4_gcm_sm3:
 	case TLS_cipher_ecdhe_ecdsa_with_aes_128_gcm_sha256:
@@ -2968,21 +2975,6 @@ int tls_generate_keys(TLS_CONNECT *conn)
 		}
 		format_bytes(stderr, 0, 0, "key_blocks", conn->key_block, key_block_len);
 		format_bytes(stderr, 0, 0, "client_write_key", conn->key_block, keylen);
 		format_bytes(stderr, 0, 0, "server_write_key", conn->key_block + keylen, keylen);
 		format_bytes(stderr, 0, 0, "client_write_iv", conn->key_block + keylen * 2, 4);
 		format_bytes(stderr, 0, 0, "server_write_iv", conn->key_block + keylen * 2 + 4, 4);
 		memset(conn->client_write_iv, 0, sizeof(conn->client_write_iv));
 		memset(conn->server_write_iv, 0, sizeof(conn->server_write_iv));
 		memcpy(conn->client_write_iv, conn->key_block + keylen * 2, 4);
 		memcpy(conn->server_write_iv, conn->key_block + keylen * 2 + 4, 4);
 		if (block_cipher_set_encrypt_key(&conn->client_write_key, conn->cipher, conn->key_block) != 1
 			|| block_cipher_set_encrypt_key(&conn->server_write_key, conn->cipher, conn->key_block + keylen) != 1) {
 			error_print();
 			return -1;
 		}
 		break;
 	}
 	case TLS_cipher_ecdhe_sm4_cbc_sm3:
@@ -3007,7 +2999,41 @@ int tls_generate_keys(TLS_CONNECT *conn)
 		*/
 		format_bytes(stderr, 0, 0, "key_blocks", conn->key_block, 96);
 		break;
 	default:
 		error_print();
 		return -1;
 	}
 	return 1;
 }
 static int tls12_generate_record_keys(TLS_CONNECT *conn)
 {
 	switch (conn->cipher_suite) {
 	case TLS_cipher_ecdhe_sm4_gcm_sm3:
 	case TLS_cipher_ecdhe_ecdsa_with_aes_128_gcm_sha256:
 	{
 		size_t keylen = conn->cipher->key_size;
 		format_bytes(stderr, 0, 0, "client_write_key", conn->key_block, keylen);
 		format_bytes(stderr, 0, 0, "server_write_key", conn->key_block + keylen, keylen);
 		format_bytes(stderr, 0, 0, "client_write_iv", conn->key_block + keylen * 2, 4);
 		format_bytes(stderr, 0, 0, "server_write_iv", conn->key_block + keylen * 2 + 4, 4);
 		memset(conn->client_write_iv, 0, sizeof(conn->client_write_iv));
 		memset(conn->server_write_iv, 0, sizeof(conn->server_write_iv));
 		memcpy(conn->client_write_iv, conn->key_block + keylen * 2, 4);
 		memcpy(conn->server_write_iv, conn->key_block + keylen * 2 + 4, 4);
 		if (block_cipher_set_encrypt_key(&conn->client_write_key, conn->cipher, conn->key_block) != 1
 			|| block_cipher_set_encrypt_key(&conn->server_write_key, conn->cipher, conn->key_block + keylen) != 1) {
 			error_print();
 			return -1;
 		}
 		break;
 	}
 	case TLS_cipher_ecdhe_sm4_cbc_sm3:
 	case TLS_cipher_ecdhe_ecdsa_with_aes_128_cbc_sha256:
 		if (hmac_init(&conn->client_write_mac_ctx, conn->digest, conn->key_block, 32) != 1) {
 			error_print();
 			return -1;
@@ -3037,21 +3063,35 @@ int tls_generate_keys(TLS_CONNECT *conn)
 		error_print();
 		return -1;
 	}
 	return 1;
 }
 int tls_generate_keys(TLS_CONNECT *conn)
 {
 	uint8_t pre_master_secret[32];
 	size_t pre_master_secret_len;
 	if (tls12_generate_pre_master_secret(conn, pre_master_secret, &pre_master_secret_len) != 1
 		|| tls12_generate_master_secret(conn, pre_master_secret, pre_master_secret_len) != 1
 		|| tls12_generate_key_block(conn) != 1
 		|| tls12_generate_record_keys(conn) != 1) {
 		error_print();
 		gmssl_secure_clear(pre_master_secret, sizeof(pre_master_secret));
 		return -1;
 	}
 	tls_seq_num_reset(conn->client_seq_num);
 	tls_seq_num_reset(conn->server_seq_num);
 	/*
 	tls_secrets_print(stderr,
-		pre_master_secret, 32,
+		pre_master_secret, pre_master_secret_len,
 		conn->client_random, conn->server_random,
 		conn->master_secret,
 		conn->key_block, 96,
 		0, 4);
 	*/
 	gmssl_secure_clear(pre_master_secret, sizeof(pre_master_secret));
 	return 1;
 }
@@ -3111,6 +3151,11 @@ int tls_send_client_key_exchange(TLS_CONNECT *conn)
 	if (conn->client_certs_len)
 		sm2_sign_update(&conn->sign_ctx, conn->record + 5, conn->recordlen - 5);
 	if (tls_generate_keys(conn) != 1) {
 		error_print();
 		return -1;
 	}
 	return 1;
 }
@@ -3160,6 +3205,11 @@ int tls_recv_client_key_exchange(TLS_CONNECT *conn)
 	if (conn->ctx->cacertslen)
 		tls_client_verify_update(&conn->client_verify_ctx, conn->record + 5, conn->recordlen - 5);
 	if (tls_generate_keys(conn) != 1) {
 		error_print();
 		return -1;
 	}
 	return 1;
 }
@@ -3696,11 +3746,6 @@ int tls12_do_client_handshake(TLS_CONNECT *conn)
 	case TLS_state_client_key_exchange:
 		ret = tls_send_client_key_exchange(conn);
 		next_state = TLS_state_generate_keys;
 		break;
 	case TLS_state_generate_keys:
 		ret = tls_generate_keys(conn);
 		if (conn->client_certificate_verify)
 			next_state = TLS_state_certificate_verify;
 		else	next_state = TLS_state_client_change_cipher_spec;
@@ -3709,6 +3754,7 @@ int tls12_do_client_handshake(TLS_CONNECT *conn)
 	case TLS_state_certificate_verify:
 		ret = tls_send_certificate_verify(conn);
 		next_state = TLS_state_client_change_cipher_spec;
 		break;
 	case TLS_state_client_change_cipher_spec:
 		ret = tls_send_change_cipher_spec(conn);
@@ -3803,16 +3849,11 @@ int tls12_do_server_handshake(TLS_CONNECT *conn)
 		ret = tls_recv_client_key_exchange(conn);
 		if (conn->client_certificate_verify)
 			next_state = TLS_state_certificate_verify;
-		else	next_state = TLS_state_generate_keys;
+		else	next_state = TLS_state_client_change_cipher_spec;
 		break;
 	case TLS_state_certificate_verify:
 		ret = tls_recv_certificate_verify(conn);
 		next_state = TLS_state_generate_keys;
 		break;
 	case TLS_state_generate_keys:
 		ret = tls_generate_keys(conn);
 		next_state = TLS_state_client_change_cipher_spec;
 		break;