/* Call this to write data in records of type |type|. It will return <= 0 if
* not all data has been sent or non-blocking IO. */
int ssl3_write_bytes(SSL *s, int type, const void *buf_, int len) {
const uint8_t *buf = buf_;
unsigned int tot, n, nw;
int i;
s->rwstate = SSL_NOTHING;
assert(s->s3->wnum <= INT_MAX);
tot = s->s3->wnum;
s->s3->wnum = 0;
if (!s->in_handshake && SSL_in_init(s) && !SSL_in_false_start(s)) {
i = s->handshake_func(s);
if (i < 0) {
return i;
}
if (i == 0) {
OPENSSL_PUT_ERROR(SSL, SSL_R_SSL_HANDSHAKE_FAILURE);
return -1;
}
}
/* Ensure that if we end up with a smaller value of data to write out than
* the the original len from a write which didn't complete for non-blocking
* I/O and also somehow ended up avoiding the check for this in
* ssl3_write_pending/SSL_R_BAD_WRITE_RETRY as it must never be possible to
* end up with (len-tot) as a large number that will then promptly send
* beyond the end of the users buffer ... so we trap and report the error in
* a way the user will notice. */
if (len < 0 || (size_t)len < tot) {
OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_LENGTH);
return -1;
}
n = (len - tot);
for (;;) {
/* max contains the maximum number of bytes that we can put into a
* record. */
unsigned max = s->max_send_fragment;
if (n > max) {
nw = max;
} else {
nw = n;
}
i = do_ssl3_write(s, type, &buf[tot], nw);
if (i <= 0) {
s->s3->wnum = tot;
return i;
}
if (i == (int)n || (type == SSL3_RT_APPLICATION_DATA &&
(s->mode & SSL_MODE_ENABLE_PARTIAL_WRITE))) {
return tot + i;
}
n -= i;
tot += i;
}
}
int SSL_export_keying_material(SSL *ssl, uint8_t *out, size_t out_len,
const char *label, size_t label_len,
const uint8_t *context, size_t context_len,
int use_context) {
if (!ssl->s3->have_version || ssl->version == SSL3_VERSION) {
return 0;
}
/* Exporters may not be used in the middle of a renegotiation. */
if (SSL_in_init(ssl) && !SSL_in_false_start(ssl)) {
return 0;
}
if (ssl3_protocol_version(ssl) >= TLS1_3_VERSION) {
return tls13_export_keying_material(ssl, out, out_len, label, label_len,
context, context_len, use_context);
}
size_t seed_len = 2 * SSL3_RANDOM_SIZE;
if (use_context) {
if (context_len >= 1u << 16) {
OPENSSL_PUT_ERROR(SSL, ERR_R_OVERFLOW);
return 0;
}
seed_len += 2 + context_len;
}
uint8_t *seed = OPENSSL_malloc(seed_len);
if (seed == NULL) {
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
return 0;
}
OPENSSL_memcpy(seed, ssl->s3->client_random, SSL3_RANDOM_SIZE);
OPENSSL_memcpy(seed + SSL3_RANDOM_SIZE, ssl->s3->server_random,
SSL3_RANDOM_SIZE);
if (use_context) {
seed[2 * SSL3_RANDOM_SIZE] = (uint8_t)(context_len >> 8);
seed[2 * SSL3_RANDOM_SIZE + 1] = (uint8_t)context_len;
OPENSSL_memcpy(seed + 2 * SSL3_RANDOM_SIZE + 2, context, context_len);
}
const EVP_MD *digest = ssl_get_handshake_digest(
SSL_get_session(ssl)->cipher->algorithm_prf, ssl3_protocol_version(ssl));
if (digest == NULL) {
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
return 0;
}
int ret = tls1_prf(digest, out, out_len, SSL_get_session(ssl)->master_key,
SSL_get_session(ssl)->master_key_length, label, label_len,
seed, seed_len, NULL, 0);
OPENSSL_free(seed);
return ret;
}
int ssl3_write_app_data(SSL *ssl, const void *buf, int len) {
assert(!SSL_in_init(ssl) || SSL_in_false_start(ssl));
return ssl3_write_bytes(ssl, SSL3_RT_APPLICATION_DATA, buf, len);
}
