commit a3024eef7be4d1ed55976dc15536e41f4897e1d4
author Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Tue Jul 09 12:54:17 2019 +0200
committer Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Tue Jul 23 17:02:09 2019 +0200
tree fccee2492f53db337ef70f27c74442bdeaa6f644
parent ae3f8511fd033de95a86f4cd9641c63189d3afdc

Save Hello random bytes for later use

include/mbedtls/ssl_internal.h

diff --git a/include/mbedtls/ssl_internal.h b/include/mbedtls/ssl_internal.h
index 40391d5..fb9a160 100644
--- a/include/mbedtls/ssl_internal.h
+++ b/include/mbedtls/ssl_internal.h
@@ -728,6 +728,12 @@
     z_stream ctx_deflate;               /*!<  compression context     */
     z_stream ctx_inflate;               /*!<  decompression context   */
 #endif
+
+#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
+    /* We need the Hello random bytes in order to re-derive keys from the
+     * Master Secret and other session info, see ssl_populate_transform() */
+    unsigned char randbytes[64]; /*!< ServerHello.random+ClientHello.random */
+#endif /* MBEDTLS_SSL_CONTEXT_SERIALIZATION */
 };
 
 static inline int mbedtls_ssl_transform_get_minor_ver( mbedtls_ssl_transform const *transform )

library/ssl_tls.c

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 0b1ebdd..39522197 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -812,7 +812,9 @@
     (void) ssl;
 #endif
 
-    /* Copy info about negotiated version and extensions */
+    /*
+     * Some data just needs copying into the structure
+     */
 #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) && \
     defined(MBEDTLS_SSL_SOME_MODES_USE_MAC)
     transform->encrypt_then_mac = encrypt_then_mac;
@@ -824,6 +826,10 @@
     ((void) minor_ver);
 #endif /* !MBEDTLS_SSL_CONF_FIXED_MINOR_VER */
 
+#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
+    memcpy( transform->randbytes, randbytes, sizeof( transform->randbytes ) );
+#endif
+
     /*
      * Get various info structures
      */