/* Call this to write data in records of type |type|. It will return <= 0 if * not all data has been sent or non-blocking IO. */ int ssl3_write_bytes(SSL *s, int type, const void *buf_, int len) { const uint8_t *buf = buf_; unsigned int tot, n, nw; int i; s->rwstate = SSL_NOTHING; assert(s->s3->wnum <= INT_MAX); tot = s->s3->wnum; s->s3->wnum = 0; if (!s->in_handshake && SSL_in_init(s) && !SSL_in_false_start(s)) { i = s->handshake_func(s); if (i < 0) { return i; } if (i == 0) { OPENSSL_PUT_ERROR(SSL, SSL_R_SSL_HANDSHAKE_FAILURE); return -1; } } /* Ensure that if we end up with a smaller value of data to write out than * the the original len from a write which didn't complete for non-blocking * I/O and also somehow ended up avoiding the check for this in * ssl3_write_pending/SSL_R_BAD_WRITE_RETRY as it must never be possible to * end up with (len-tot) as a large number that will then promptly send * beyond the end of the users buffer ... so we trap and report the error in * a way the user will notice. */ if (len < 0 || (size_t)len < tot) { OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_LENGTH); return -1; } n = (len - tot); for (;;) { /* max contains the maximum number of bytes that we can put into a * record. */ unsigned max = s->max_send_fragment; if (n > max) { nw = max; } else { nw = n; } i = do_ssl3_write(s, type, &buf[tot], nw); if (i <= 0) { s->s3->wnum = tot; return i; } if (i == (int)n || (type == SSL3_RT_APPLICATION_DATA && (s->mode & SSL_MODE_ENABLE_PARTIAL_WRITE))) { return tot + i; } n -= i; tot += i; } }
int SSL_export_keying_material(SSL *ssl, uint8_t *out, size_t out_len, const char *label, size_t label_len, const uint8_t *context, size_t context_len, int use_context) { if (!ssl->s3->have_version || ssl->version == SSL3_VERSION) { return 0; } /* Exporters may not be used in the middle of a renegotiation. */ if (SSL_in_init(ssl) && !SSL_in_false_start(ssl)) { return 0; } if (ssl3_protocol_version(ssl) >= TLS1_3_VERSION) { return tls13_export_keying_material(ssl, out, out_len, label, label_len, context, context_len, use_context); } size_t seed_len = 2 * SSL3_RANDOM_SIZE; if (use_context) { if (context_len >= 1u << 16) { OPENSSL_PUT_ERROR(SSL, ERR_R_OVERFLOW); return 0; } seed_len += 2 + context_len; } uint8_t *seed = OPENSSL_malloc(seed_len); if (seed == NULL) { OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); return 0; } OPENSSL_memcpy(seed, ssl->s3->client_random, SSL3_RANDOM_SIZE); OPENSSL_memcpy(seed + SSL3_RANDOM_SIZE, ssl->s3->server_random, SSL3_RANDOM_SIZE); if (use_context) { seed[2 * SSL3_RANDOM_SIZE] = (uint8_t)(context_len >> 8); seed[2 * SSL3_RANDOM_SIZE + 1] = (uint8_t)context_len; OPENSSL_memcpy(seed + 2 * SSL3_RANDOM_SIZE + 2, context, context_len); } const EVP_MD *digest = ssl_get_handshake_digest( SSL_get_session(ssl)->cipher->algorithm_prf, ssl3_protocol_version(ssl)); if (digest == NULL) { OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); return 0; } int ret = tls1_prf(digest, out, out_len, SSL_get_session(ssl)->master_key, SSL_get_session(ssl)->master_key_length, label, label_len, seed, seed_len, NULL, 0); OPENSSL_free(seed); return ret; }
int ssl3_write_app_data(SSL *ssl, const void *buf, int len) { assert(!SSL_in_init(ssl) || SSL_in_false_start(ssl)); return ssl3_write_bytes(ssl, SSL3_RT_APPLICATION_DATA, buf, len); }