Save Hello random bytes for later use

2026-04-04 22:19:05 +00:00 · 2019-07-09 12:54:17 +02:00 · 2019-07-09 12:54:17 +02:00 · a3024eef7b
commit a3024eef7b
parent ae3f8511fd
2 changed files with 13 additions and 1 deletions
--- a/include/mbedtls/ssl_internal.h
+++ b/include/mbedtls/ssl_internal.h
@ -728,6 +728,12 @@ struct mbedtls_ssl_transform
    z_stream ctx_deflate;               /*!<  compression context     */
    z_stream ctx_inflate;               /*!<  decompression context   */
 #endif
+
+#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
+    /* We need the Hello random bytes in order to re-derive keys from the
+     * Master Secret and other session info, see ssl_populate_transform() */
+    unsigned char randbytes[64]; /*!< ServerHello.random+ClientHello.random */
+#endif /* MBEDTLS_SSL_CONTEXT_SERIALIZATION */
 };

 static inline int mbedtls_ssl_transform_get_minor_ver( mbedtls_ssl_transform const *transform )