tls13: set key exchange mode in ticket_flags on client/server
Set the ticket_flags when: - server: preparing NST (new session ticket) message - client: postprocessing NST message Clear the ticket_flags when: - server: preparing NST message - client: parsing NST message Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
This commit is contained in:
Pengyu Lv
parent
b7d50acb37
commit
9f92695c8d
2 changed files with 16 additions and 0 deletions
|
|
@ -2618,6 +2618,10 @@ static int ssl_tls13_parse_new_session_ticket(mbedtls_ssl_context *ssl,
|
||||||
session->ticket = ticket;
|
session->ticket = ticket;
|
||||||
session->ticket_len = ticket_len;
|
session->ticket_len = ticket_len;
|
||||||
|
|
||||||
|
/* Clear all flags in ticket_flags */
|
||||||
|
mbedtls_ssl_tls13_session_clear_ticket_flags(session,
|
||||||
|
MBEDTLS_SSL_TLS1_3_TICKET_FLAGS_MASK);
|
||||||
|
|
||||||
MBEDTLS_SSL_CHK_BUF_READ_PTR(p, end, 2);
|
MBEDTLS_SSL_CHK_BUF_READ_PTR(p, end, 2);
|
||||||
extensions_len = MBEDTLS_GET_UINT16_BE(p, 0);
|
extensions_len = MBEDTLS_GET_UINT16_BE(p, 0);
|
||||||
p += 2;
|
p += 2;
|
||||||
|
|
@ -2701,6 +2705,11 @@ static int ssl_tls13_postprocess_new_session_ticket(mbedtls_ssl_context *ssl,
|
||||||
session->resumption_key,
|
session->resumption_key,
|
||||||
session->resumption_key_len);
|
session->resumption_key_len);
|
||||||
|
|
||||||
|
/* Set ticket_flags depends on the selected key exchange modes */
|
||||||
|
mbedtls_ssl_tls13_session_set_ticket_flags(session,
|
||||||
|
ssl->conf->tls13_kex_modes);
|
||||||
|
MBEDTLS_SSL_DEBUG_TICKET_FLAGS(4, session->ticket_flags);
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -2604,6 +2604,13 @@ static int ssl_tls13_prepare_new_session_ticket(mbedtls_ssl_context *ssl,
|
||||||
session->start = mbedtls_time(NULL);
|
session->start = mbedtls_time(NULL);
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
/* Set ticket_flags depends on the advertised psk key exchange mode */
|
||||||
|
mbedtls_ssl_tls13_session_clear_ticket_flags(session,
|
||||||
|
MBEDTLS_SSL_TLS1_3_TICKET_FLAGS_MASK);
|
||||||
|
mbedtls_ssl_tls13_session_set_ticket_flags(session,
|
||||||
|
ssl->handshake->tls13_kex_modes);
|
||||||
|
MBEDTLS_SSL_DEBUG_TICKET_FLAGS(4, session->ticket_flags);
|
||||||
|
|
||||||
/* Generate ticket_age_add */
|
/* Generate ticket_age_add */
|
||||||
if ((ret = ssl->conf->f_rng(ssl->conf->p_rng,
|
if ((ret = ssl->conf->f_rng(ssl->conf->p_rng,
|
||||||
(unsigned char *) &session->ticket_age_add,
|
(unsigned char *) &session->ticket_age_add,
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue