From 0d0a0b79b79c97129fd5dfc980657d67b06bdf02 Mon Sep 17 00:00:00 2001
From: mathewmarcus <mathewmarcus456@gmail.com>
Date: Sun, 24 Jun 2018 12:37:19 -0500
Subject: [PATCH] finished support for extended master secret

---
 ssl/ssl_h.h     |  4 ---
 ssl/ssldecode.c | 69 +++++++++++++++++++++++++++++++------------------
 ssl/ssldecode.h |  3 ++-
 3 files changed, 46 insertions(+), 30 deletions(-)

diff --git a/ssl/ssl_h.h b/ssl/ssl_h.h
index 34f6539..d8765ec 100644
--- a/ssl/ssl_h.h
+++ b/ssl/ssl_h.h
@@ -112,10 +112,6 @@ typedef struct decoder_ {
      int (*print) PROTO_LIST((ssl_obj *,int direction,segment *seg,Data *data));
 } decoder;
 
-typedef struct ssl_extensions_ {
-  int extended_master_secret;
-} ssl_extensions;
-
 #define SSL_NO_DATA	1
 #define SSL_BAD_CONTENT_TYPE 2
 #define SSL_BAD_PMS	     3
diff --git a/ssl/ssldecode.c b/ssl/ssldecode.c
index fa8d8ef..3139a79 100644
--- a/ssl/ssldecode.c
+++ b/ssl/ssldecode.c
@@ -392,9 +392,10 @@ int ssl_update_handshake_messages(ssl,data)
   ssl_obj *ssl;
   Data *data;
   {
+#ifdef OPENSSL
     Data *hms;
     UCHAR *d;
-    int l,r,_status;
+    int l,r;
 
     hms = ssl->decoder->handshake_messages;
     d = data->data-4;
@@ -402,20 +403,19 @@ int ssl_update_handshake_messages(ssl,data)
 
     if(hms){
       if(!(hms->data = realloc(hms->data,l+hms->len)))
-	ABORT(R_NO_MEMORY);
+	ERETURN(R_NO_MEMORY);
 
       memcpy(hms->data+hms->len,d,l);
       hms->len+=l;
     }
     else{
       if(r=r_data_create(&hms,d,l))
-  	ABORT(r);
+  	ERETURN(r);
       ssl->decoder->handshake_messages=hms;
     }
+#endif
+    return(0);
 
-    _status=0;
-  abort:
-    return(_status);
   }
 
 static int ssl_create_session_lookup_key(ssl,id,idlen,keyp,keyl)
@@ -846,7 +846,7 @@ static int ssl_generate_keying_material(ssl,d)
   ssl_obj *ssl;
   ssl_decoder *d;
   {
-    Data *key_block=0;
+    Data *key_block=0,temp;
     UCHAR _iv_c[8],_iv_s[8];
     UCHAR _key_c[16],_key_s[16];
     int needed;
@@ -857,8 +857,13 @@ static int ssl_generate_keying_material(ssl,d)
       if(r=r_data_alloc(&d->MS,48))
         ABORT(r);
 
-      if (ssl->extensions->extended_master_secret)
+      if (ssl->extensions->extended_master_secret) {
 	ssl_generate_session_hash(ssl,d);
+	temp.len=0;
+	if(r=PRF(ssl,d->PMS,"extended master secret",d->session_hash,&temp,
+	  d->MS))
+	  ABORT(r);
+      }
       else
 	if(r=PRF(ssl,d->PMS,"master secret",d->client_random,d->server_random,
 	  d->MS))
@@ -1000,34 +1005,48 @@ static int ssl_generate_keying_material(ssl,d)
 static int ssl_generate_session_hash(ssl,d)
   ssl_obj *ssl;
   ssl_decoder *d;
-  /* Data **sh; */
   {
-    UCHAR *out[32];
-    int dgi;
+    int r,_status,dgi;
     unsigned int len;
     const EVP_MD *md;
     EVP_MD_CTX dgictx;
 
+    if(r=r_data_alloc(&d->session_hash,EVP_MAX_MD_SIZE))
+      ABORT(r);
+
     switch(ssl->version){
-    case TLSV12_VERSION:
-      dgi = MAX(DIG_SHA256, ssl->cs->dig)-0x40;
-      if ((md=EVP_get_digestbyname(digests[dgi])) == NULL) {
-	DBG((0,"Cannot get EVP for digest %s, openssl library current?",
-	     digests[dgi]));
-	ERETURN(SSL_BAD_MAC);
-      }
-      break;
+      case TLSV12_VERSION:
+	dgi = MAX(DIG_SHA256,ssl->cs->dig)-0x40;
+	if ((md=EVP_get_digestbyname(digests[dgi])) == NULL) {
+	  DBG((0,"Cannot get EVP for digest %s, openssl library current?",
+	       digests[dgi]));
+	  ERETURN(SSL_BAD_MAC);
+	}
+
+	EVP_DigestInit(&dgictx,md);
+	EVP_DigestUpdate(&dgictx,d->handshake_messages->data,d->handshake_messages->len);
+	EVP_DigestFinal(&dgictx,d->session_hash->data,&d->session_hash->len);
+
+	break;
       case SSLV3_VERSION:
       case TLSV1_VERSION:
       case TLSV11_VERSION:
+	EVP_DigestInit(&dgictx,EVP_get_digestbyname("MD5"));
+	EVP_DigestUpdate(&dgictx,d->handshake_messages->data,d->handshake_messages->len);
+	EVP_DigestFinal_ex(&dgictx,d->session_hash->data,&d->session_hash->len);
+
+	EVP_DigestInit(&dgictx,EVP_get_digestbyname("SHA1"));
+	EVP_DigestUpdate(&dgictx,d->handshake_messages->data,d->handshake_messages->len);
+	EVP_DigestFinal(&dgictx,d->session_hash->data+d->session_hash->len,&len);
+
+	d->session_hash->len+=len;
+	break;
       default:
-	exit(1);
-	/* ABORT(SSL_CANT_DO_CIPHER);	 */
+	ABORT(SSL_CANT_DO_CIPHER);
     }
 
-    EVP_DigestInit(&dgictx, md);
-    EVP_DigestUpdate(&dgictx, d->handshake_messages->data, d->handshake_messages->len);
-    EVP_DigestFinal(&dgictx, out, &len);
-    exit(0);
+    _status=0;
+  abort:
+    return(_status);
   }
 #endif
diff --git a/ssl/ssldecode.h b/ssl/ssldecode.h
index e47f836..88c7291 100644
--- a/ssl/ssldecode.h
+++ b/ssl/ssldecode.h
@@ -66,7 +66,8 @@ int ssl_process_client_key_exchange PROTO_LIST((struct ssl_obj_ *,
   ssl_decoder *d,UCHAR *msg,int len));
 int ssl_process_change_cipher_spec PROTO_LIST((ssl_obj *ssl,
   ssl_decoder *d,int direction));
-
+int ssl_update_handshake_messages PROTO_LIST((ssl_obj *ssl,
+					      Data *data));
 int ssl_decode_record PROTO_LIST((ssl_obj *ssl,ssl_decoder *dec,int direction,
   int ct,int version,Data *d));