Encrypt session tickets

commit: 990c51a55722d9e1e7b92c376ba1526e7b721ab7 [log] [tgz]
author: Manuel Pégourié-Gonnard <mpg@elzevir.fr> Sat Aug 03 15:37:58 2013 +0200
committer: Paul Bakker <p.j.bakker@polarssl.org> Wed Aug 14 14:08:07 2013 +0200
tree: fe2549ba1cb9a9507278b6244819e7d575abec6c
parent: 779e42982c0d3462600a4ad4659110c6ab80b645 [diff] [blame]
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index f4d6e24..fb01c6c 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c

@@ -2979,6 +2979,7 @@
 {
     int ret;
     ssl_ticket_keys *tkeys;
+    unsigned char buf[32];
 
     if( ssl->ticket_keys != NULL )
         return( 0 );
@@ -2989,6 +2990,13 @@
     if( ( ret = ssl->f_rng( ssl->p_rng, tkeys->key_name, 16 ) ) != 0 )
         return( ret );
 
+    if( ( ret = ssl->f_rng( ssl->p_rng, buf, 16 ) ) != 0 ||
+        ( ret = aes_setkey_enc( &tkeys->enc, buf, 128 ) ) != 0 ||
+        ( ret = aes_setkey_dec( &tkeys->dec, buf, 128 ) ) != 0 )
+    {
+            return( ret );
+    }
+
     ssl->ticket_keys = tkeys;
 
     return( 0 );
commit	990c51a55722d9e1e7b92c376ba1526e7b721ab7	[log] [tgz]
author	Manuel Pégourié-Gonnard <mpg@elzevir.fr>	Sat Aug 03 15:37:58 2013 +0200
committer	Paul Bakker <p.j.bakker@polarssl.org>	Wed Aug 14 14:08:07 2013 +0200
tree	fe2549ba1cb9a9507278b6244819e7d575abec6c
parent	779e42982c0d3462600a4ad4659110c6ab80b645 [diff] [blame]