/* Create and store the master secret see page 32, 6.1 */ int MakeMasterSecret(SSL* ssl) { byte shaOutput[SHA_DIGEST_SIZE]; byte md5Input[ENCRYPT_LEN + SHA_DIGEST_SIZE]; byte shaInput[PREFIX + ENCRYPT_LEN + 2 * RAN_LEN]; int i; word32 idx; word32 pmsSz = ssl->arrays.preMasterSz; Md5 md5; Sha sha; #ifndef NO_TLS if (ssl->options.tls) return MakeTlsMasterSecret(ssl); #endif InitMd5(&md5); InitSha(&sha); memcpy(md5Input, ssl->arrays.preMasterSecret, pmsSz); for (i = 0; i < MASTER_ROUNDS; ++i) { byte prefix[PREFIX]; if (!SetPrefix(prefix, i)) { return PREFIX_ERROR; } idx = 0; memcpy(shaInput, prefix, i + 1); idx += i + 1; memcpy(shaInput + idx, ssl->arrays.preMasterSecret, pmsSz); idx += pmsSz; memcpy(shaInput + idx, ssl->arrays.clientRandom, RAN_LEN); idx += RAN_LEN; memcpy(shaInput + idx, ssl->arrays.serverRandom, RAN_LEN); idx += RAN_LEN; ShaUpdate(&sha, shaInput, idx); ShaFinal(&sha, shaOutput); idx = pmsSz; /* preSz */ memcpy(md5Input + idx, shaOutput, SHA_DIGEST_SIZE); idx += SHA_DIGEST_SIZE; Md5Update(&md5, md5Input, idx); Md5Final(&md5, &ssl->arrays.masterSecret[i * MD5_DIGEST_SIZE]); } DeriveKeys(ssl); CleanPreMaster(ssl); return 0; }
/* Create and store the master secret see page 32, 6.1 */ int MakeMasterSecret(SSL* ssl) { byte shaOutput[SHA_DIGEST_SIZE]; byte md5Input[ENCRYPT_LEN + SHA_DIGEST_SIZE]; byte shaInput[PREFIX + ENCRYPT_LEN + 2 * RAN_LEN]; int i, ret; word32 idx; word32 pmsSz = ssl->arrays.preMasterSz; Md5 md5; Sha sha; #ifdef SHOW_SECRETS { int j; printf("pre master secret: "); for (j = 0; j < pmsSz; j++) printf("%02x", ssl->arrays.preMasterSecret[j]); printf("\n"); } #endif #ifndef NO_TLS if (ssl->options.tls) return MakeTlsMasterSecret(ssl); #endif InitMd5(&md5); InitSha(&sha); XMEMCPY(md5Input, ssl->arrays.preMasterSecret, pmsSz); for (i = 0; i < MASTER_ROUNDS; ++i) { byte prefix[PREFIX]; if (!SetPrefix(prefix, i)) { return PREFIX_ERROR; } idx = 0; XMEMCPY(shaInput, prefix, i + 1); idx += i + 1; XMEMCPY(shaInput + idx, ssl->arrays.preMasterSecret, pmsSz); idx += pmsSz; XMEMCPY(shaInput + idx, ssl->arrays.clientRandom, RAN_LEN); idx += RAN_LEN; XMEMCPY(shaInput + idx, ssl->arrays.serverRandom, RAN_LEN); idx += RAN_LEN; ShaUpdate(&sha, shaInput, idx); ShaFinal(&sha, shaOutput); idx = pmsSz; /* preSz */ XMEMCPY(md5Input + idx, shaOutput, SHA_DIGEST_SIZE); idx += SHA_DIGEST_SIZE; Md5Update(&md5, md5Input, idx); Md5Final(&md5, &ssl->arrays.masterSecret[i * MD5_DIGEST_SIZE]); } #ifdef SHOW_SECRETS { int i; printf("master secret: "); for (i = 0; i < SECRET_LEN; i++) printf("%02x", ssl->arrays.masterSecret[i]); printf("\n"); } #endif ret = DeriveKeys(ssl); CleanPreMaster(ssl); return ret; }