eden-emu/mbedtls
19
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Use intermediate pointer for readability and rename PMS pointer in ECHDE-PSK PSA version of ssl_write_client_key_exchange()

Browse source 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
This commit is contained in:
Neil Armstrong 2022-04-04 18:27:15 +02:00
parent fdf20cb513
commit b7ca76b652
1 changed files with 24 additions and 21 deletions
Download patch file Download diff file Expand all files Collapse all files

45
library/ssl_tls12_client.c
View file

@ -3029,9 +3029,8 @@ ecdh_calc_secret:
const size_t content_len_size = 2; const size_t content_len_size = 2;
header_len = 4; header_len = 4;
content_len = ssl->conf->psk_identity_len;
if( header_len + content_len_size + content_len if( header_len + content_len_size + ssl->conf->psk_identity_len
> MBEDTLS_SSL_OUT_CONTENT_LEN ) > MBEDTLS_SSL_OUT_CONTENT_LEN )
{ {
MBEDTLS_SSL_DEBUG_MSG( 1, MBEDTLS_SSL_DEBUG_MSG( 1,
@ -3039,12 +3038,16 @@ ecdh_calc_secret:
return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
} }
ssl->out_msg[header_len++] = MBEDTLS_BYTE_1( content_len ); unsigned char *p = ssl->out_msg + header_len;
ssl->out_msg[header_len++] = MBEDTLS_BYTE_0( content_len );
memcpy( ssl->out_msg + header_len, *p++ = MBEDTLS_BYTE_1( ssl->conf->psk_identity_len );
ssl->conf->psk_identity, *p++ = MBEDTLS_BYTE_0( ssl->conf->psk_identity_len );
header_len += content_len_size;
memcpy( p, ssl->conf->psk_identity,
ssl->conf->psk_identity_len ); ssl->conf->psk_identity_len );
p += ssl->conf->psk_identity_len;
header_len += ssl->conf->psk_identity_len; header_len += ssl->conf->psk_identity_len;
MBEDTLS_SSL_DEBUG_MSG( 1, ( "Perform PSA-based ECDH computation." ) ); MBEDTLS_SSL_DEBUG_MSG( 1, ( "Perform PSA-based ECDH computation." ) );
@ -3075,7 +3078,7 @@ ecdh_calc_secret:
/* Export the public part of the ECDH private key from PSA. /* Export the public part of the ECDH private key from PSA.
* The export format is an ECPoint structure as expected by TLS, * The export format is an ECPoint structure as expected by TLS,
* but we just need to add a length byte before that. */ * but we just need to add a length byte before that. */
unsigned char *own_pubkey = ssl->out_msg + header_len + 1; unsigned char *own_pubkey = p + 1;
unsigned char *end = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN; unsigned char *end = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN;
size_t own_pubkey_max_len = (size_t)( end - own_pubkey ); size_t own_pubkey_max_len = (size_t)( end - own_pubkey );
size_t own_pubkey_len = 0; size_t own_pubkey_len = 0;
@ -3090,7 +3093,7 @@ ecdh_calc_secret:
return( psa_ssl_status_to_mbedtls( status ) ); return( psa_ssl_status_to_mbedtls( status ) );
} }
ssl->out_msg[header_len] = (unsigned char) own_pubkey_len; *p = (unsigned char) own_pubkey_len;
content_len = own_pubkey_len + 1; content_len = own_pubkey_len + 1;
/* As RFC 5489 section 2, the premaster secret is formed as follows: /* As RFC 5489 section 2, the premaster secret is formed as follows:
@ -3099,8 +3102,8 @@ ecdh_calc_secret:
* - a uint16 containing the length (in octets) of the PSK * - a uint16 containing the length (in octets) of the PSK
* - the PSK itself * - the PSK itself
*/ */
unsigned char *p = ssl->handshake->premaster; unsigned char *pms = ssl->handshake->premaster;
const unsigned char* const p_end = p + const unsigned char* const pms_end = pms +
sizeof( ssl->handshake->premaster ); sizeof( ssl->handshake->premaster );
/* uint16 to store length (in octets) of the ECDH computation */ /* uint16 to store length (in octets) of the ECDH computation */
const size_t zlen_size = 2; const size_t zlen_size = 2;
@ -3111,8 +3114,8 @@ ecdh_calc_secret:
handshake->ecdh_psa_privkey, handshake->ecdh_psa_privkey,
handshake->ecdh_psa_peerkey, handshake->ecdh_psa_peerkey,
handshake->ecdh_psa_peerkey_len, handshake->ecdh_psa_peerkey_len,
p + zlen_size, pms + zlen_size,
p_end - ( p + zlen_size ), pms_end - ( pms + zlen_size ),
&zlen ); &zlen );
destruction_status = psa_destroy_key( handshake->ecdh_psa_privkey ); destruction_status = psa_destroy_key( handshake->ecdh_psa_privkey );
@ -3124,11 +3127,11 @@ ecdh_calc_secret:
return( psa_ssl_status_to_mbedtls( destruction_status ) ); return( psa_ssl_status_to_mbedtls( destruction_status ) );
/* Write the ECDH computation length before the ECDH computation */ /* Write the ECDH computation length before the ECDH computation */
MBEDTLS_PUT_UINT16_BE( zlen, p, 0 ); MBEDTLS_PUT_UINT16_BE( zlen, pms, 0 );
p += zlen_size + zlen; pms += zlen_size + zlen;
/* opaque psk<0..2^16-1>; */ /* opaque psk<0..2^16-1>; */
if( p_end - p < 2 ) if( pms_end - pms < 2 )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
const unsigned char *psk = NULL; const unsigned char *psk = NULL;
@ -3143,17 +3146,17 @@ ecdh_calc_secret:
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
/* Write the PSK length as uint16 */ /* Write the PSK length as uint16 */
MBEDTLS_PUT_UINT16_BE( psk_len, p, 0 ); MBEDTLS_PUT_UINT16_BE( psk_len, pms, 0 );
p += 2; pms += 2;
if( p_end < p || (size_t)( p_end - p ) < psk_len ) if( pms_end < pms || (size_t)( pms_end - pms ) < psk_len )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
/* Write the PSK itself */ /* Write the PSK itself */
memcpy( p, psk, psk_len ); memcpy( pms, psk, psk_len );
p += psk_len; pms += psk_len;
ssl->handshake->pmslen = p - ssl->handshake->premaster; ssl->handshake->pmslen = pms - ssl->handshake->premaster;
} }
else else
#endif /* MBEDTLS_USE_PSA_CRYPTO && #endif /* MBEDTLS_USE_PSA_CRYPTO &&