diff --git a/mongoose.c b/mongoose.c index 8233747f..f45de9ac 100644 --- a/mongoose.c +++ b/mongoose.c @@ -9310,7 +9310,6 @@ int mg_aes_gcm_decrypt(unsigned char *output, const unsigned char *input, -#define mg_tls_random(x, n) memset(x, 0xab, n) #if MG_TLS == MG_TLS_BUILTIN /* TLS 1.3 Record Content Type (RFC8446 B.1) */ @@ -9887,7 +9886,7 @@ static void mg_tls_server_send_hello(struct mg_connection *c) { // calculate keyshare uint8_t x25519_pub[X25519_BYTES]; uint8_t x25519_prv[X25519_BYTES]; - mg_tls_random(x25519_prv, sizeof(x25519_prv)); + mg_random(x25519_prv, sizeof(x25519_prv)); mg_tls_x25519(x25519_pub, x25519_prv, X25519_BASE_POINT, 1); mg_tls_x25519(tls->x25519_sec, x25519_prv, tls->x25519_cli, 1); mg_tls_hexdump("s x25519 sec", tls->x25519_sec, sizeof(tls->x25519_sec)); @@ -10178,12 +10177,12 @@ static void mg_tls_client_send_hello(struct mg_connection *c) { MG_STORE_BE16(msg_client_hello + 192, hostnamesz); // calculate keyshare - mg_tls_random(tls->x25519_cli, sizeof(tls->x25519_cli)); + mg_random(tls->x25519_cli, sizeof(tls->x25519_cli)); mg_tls_x25519(x25519_pub, tls->x25519_cli, X25519_BASE_POINT, 1); // fill in the gaps: random + session ID + keyshare - mg_tls_random(tls->session_id, sizeof(tls->session_id)); - mg_tls_random(tls->random, sizeof(tls->random)); + mg_random(tls->session_id, sizeof(tls->session_id)); + mg_random(tls->random, sizeof(tls->random)); memmove(msg_client_hello + 11, tls->random, sizeof(tls->random)); memmove(msg_client_hello + 44, tls->session_id, sizeof(tls->session_id)); memmove(msg_client_hello + 94, x25519_pub, sizeof(x25519_pub)); diff --git a/src/tls_builtin.c b/src/tls_builtin.c index cef90932..ae76c993 100644 --- a/src/tls_builtin.c +++ b/src/tls_builtin.c @@ -2,7 +2,6 @@ #include "tls_aes128.h" #include "tls_x25519.h" -#define mg_tls_random(x, n) memset(x, 0xab, n) #if MG_TLS == MG_TLS_BUILTIN /* TLS 1.3 Record Content Type (RFC8446 B.1) */ @@ -579,7 +578,7 @@ static void mg_tls_server_send_hello(struct mg_connection *c) { // calculate keyshare uint8_t x25519_pub[X25519_BYTES]; uint8_t x25519_prv[X25519_BYTES]; - mg_tls_random(x25519_prv, sizeof(x25519_prv)); + mg_random(x25519_prv, sizeof(x25519_prv)); mg_tls_x25519(x25519_pub, x25519_prv, X25519_BASE_POINT, 1); mg_tls_x25519(tls->x25519_sec, x25519_prv, tls->x25519_cli, 1); mg_tls_hexdump("s x25519 sec", tls->x25519_sec, sizeof(tls->x25519_sec)); @@ -870,12 +869,12 @@ static void mg_tls_client_send_hello(struct mg_connection *c) { MG_STORE_BE16(msg_client_hello + 192, hostnamesz); // calculate keyshare - mg_tls_random(tls->x25519_cli, sizeof(tls->x25519_cli)); + mg_random(tls->x25519_cli, sizeof(tls->x25519_cli)); mg_tls_x25519(x25519_pub, tls->x25519_cli, X25519_BASE_POINT, 1); // fill in the gaps: random + session ID + keyshare - mg_tls_random(tls->session_id, sizeof(tls->session_id)); - mg_tls_random(tls->random, sizeof(tls->random)); + mg_random(tls->session_id, sizeof(tls->session_id)); + mg_random(tls->random, sizeof(tls->random)); memmove(msg_client_hello + 11, tls->random, sizeof(tls->random)); memmove(msg_client_hello + 44, tls->session_id, sizeof(tls->session_id)); memmove(msg_client_hello + 94, x25519_pub, sizeof(x25519_pub));