Update based on comments
Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>
This commit is contained in:
Xiaofei Bai
parent
6dc90da740
commit
d25fab6f79
12 changed files with 176 additions and 170 deletions
|
|
@ -731,8 +731,8 @@ int mbedtls_ecdh_calc_secret( mbedtls_ecdh_context *ctx, size_t *olen,
|
|||
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
|
||||
|
||||
static int ecdh_tls13_make_params_internal( mbedtls_ecdh_context_mbed *ctx,
|
||||
size_t *olen, int point_format,
|
||||
unsigned char *buf, size_t buf_len,
|
||||
size_t *out_len, int point_format,
|
||||
unsigned char *buf, size_t buf_len,
|
||||
int ( *f_rng )( void *, unsigned char *, size_t), void *p_rng )
|
||||
{
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
|
@ -745,20 +745,20 @@ static int ecdh_tls13_make_params_internal( mbedtls_ecdh_context_mbed *ctx,
|
|||
return( ret );
|
||||
|
||||
ret = mbedtls_ecp_point_write_binary( &ctx->grp, &ctx->Q, point_format,
|
||||
olen, buf, buf_len );
|
||||
out_len, buf, buf_len );
|
||||
if( ret != 0 )
|
||||
return( ret );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
int mbedtls_ecdh_tls13_make_params( mbedtls_ecdh_context *ctx, size_t *olen,
|
||||
int mbedtls_ecdh_tls13_make_params( mbedtls_ecdh_context *ctx, size_t *out_len,
|
||||
unsigned char *buf, size_t buf_len,
|
||||
int ( *f_rng )( void *, unsigned char *, size_t ),
|
||||
void *p_rng )
|
||||
{
|
||||
ECDH_VALIDATE_RET( ctx != NULL );
|
||||
ECDH_VALIDATE_RET( olen != NULL );
|
||||
ECDH_VALIDATE_RET( out_len != NULL );
|
||||
ECDH_VALIDATE_RET( buf != NULL );
|
||||
ECDH_VALIDATE_RET( f_rng != NULL );
|
||||
|
||||
|
|
@ -769,7 +769,7 @@ int mbedtls_ecdh_tls13_make_params( mbedtls_ecdh_context *ctx, size_t *olen,
|
|||
#endif
|
||||
|
||||
#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
|
||||
return( ecdh_tls13_make_params_internal( ctx, olen, ctx->point_format,
|
||||
return( ecdh_tls13_make_params_internal( ctx, out_len, ctx->point_format,
|
||||
buf, buf_len, f_rng, p_rng ) );
|
||||
#else
|
||||
switch( ctx->var )
|
||||
|
|
@ -779,9 +779,9 @@ int mbedtls_ecdh_tls13_make_params( mbedtls_ecdh_context *ctx, size_t *olen,
|
|||
return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE );
|
||||
#endif
|
||||
case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0:
|
||||
return( ecdh_tls13_make_params_internal( &ctx->ctx.mbed_ecdh, olen,
|
||||
ctx->point_format, buf, buf_len,
|
||||
f_rng, p_rng ) );
|
||||
return( ecdh_tls13_make_params_internal( &ctx->ctx.mbed_ecdh,
|
||||
out_len, ctx->point_format,
|
||||
buf, buf_len, f_rng, p_rng ) );
|
||||
default:
|
||||
return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -529,7 +529,7 @@ struct mbedtls_ssl_handshake_params
|
|||
* Handshake specific crypto variables
|
||||
*/
|
||||
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
|
||||
int tls1_3_kex_modes; /*!< key exchange modes for TLS 1.3 */
|
||||
int tls13_kex_modes; /*!< key exchange modes for TLS 1.3 */
|
||||
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
|
||||
|
||||
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
|
||||
|
|
@ -765,7 +765,7 @@ struct mbedtls_ssl_handshake_params
|
|||
unsigned char early [MBEDTLS_TLS1_3_MD_MAX_SIZE];
|
||||
unsigned char handshake[MBEDTLS_TLS1_3_MD_MAX_SIZE];
|
||||
unsigned char app [MBEDTLS_TLS1_3_MD_MAX_SIZE];
|
||||
} tls1_3_master_secrets;
|
||||
} tls13_master_secrets;
|
||||
|
||||
mbedtls_ssl_tls13_handshake_secrets tls13_hs_secrets;
|
||||
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
|
||||
|
|
@ -1568,7 +1568,7 @@ static inline int mbedtls_ssl_conf_tls13_some_psk_enabled( mbedtls_ssl_context *
|
|||
static inline unsigned mbedtls_ssl_tls13_check_kex_modes( mbedtls_ssl_context *ssl,
|
||||
int kex_modes_mask )
|
||||
{
|
||||
return( ( ssl->handshake->tls1_3_kex_modes & kex_modes_mask ) == 0 );
|
||||
return( ( ssl->handshake->tls13_kex_modes & kex_modes_mask ) == 0 );
|
||||
}
|
||||
|
||||
static inline int mbedtls_ssl_tls13_psk_enabled( mbedtls_ssl_context *ssl )
|
||||
|
|
@ -1678,7 +1678,7 @@ void mbedtls_ssl_tls13_add_hs_msg_to_checksum( mbedtls_ssl_context *ssl,
|
|||
int mbedtls_ssl_tls13_write_sig_alg_ext( mbedtls_ssl_context *ssl,
|
||||
unsigned char *buf,
|
||||
unsigned char *end,
|
||||
size_t *olen);
|
||||
size_t *out_len);
|
||||
|
||||
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
|
||||
|
||||
|
|
|
|||
|
|
@ -47,11 +47,11 @@
|
|||
static int ssl_tls13_write_supported_versions_ext( mbedtls_ssl_context *ssl,
|
||||
unsigned char *buf,
|
||||
unsigned char *end,
|
||||
size_t *olen )
|
||||
size_t *out_len )
|
||||
{
|
||||
unsigned char *p = buf;
|
||||
|
||||
*olen = 0;
|
||||
*out_len = 0;
|
||||
|
||||
MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding supported versions extension" ) );
|
||||
|
||||
|
|
@ -87,7 +87,7 @@ static int ssl_tls13_write_supported_versions_ext( mbedtls_ssl_context *ssl,
|
|||
ssl->conf->max_major_ver,
|
||||
ssl->conf->max_minor_ver ) );
|
||||
|
||||
*olen = 7;
|
||||
*out_len = 7;
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
|
@ -139,11 +139,11 @@ static int ssl_tls13_parse_supported_versions_ext( mbedtls_ssl_context *ssl,
|
|||
static int ssl_tls13_write_named_group_list_ecdhe( mbedtls_ssl_context *ssl,
|
||||
unsigned char *buf,
|
||||
unsigned char *end,
|
||||
size_t *olen )
|
||||
size_t *out_len )
|
||||
{
|
||||
unsigned char *p = buf;
|
||||
|
||||
*olen = 0;
|
||||
*out_len = 0;
|
||||
|
||||
const uint16_t *group_list = mbedtls_ssl_get_groups( ssl );
|
||||
|
||||
|
|
@ -168,7 +168,7 @@ static int ssl_tls13_write_named_group_list_ecdhe( mbedtls_ssl_context *ssl,
|
|||
curve_info->name, *group_list ) );
|
||||
}
|
||||
|
||||
*olen = p - buf;
|
||||
*out_len = p - buf;
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
|
@ -176,12 +176,12 @@ static int ssl_tls13_write_named_group_list_ecdhe( mbedtls_ssl_context *ssl,
|
|||
static int ssl_tls13_write_named_group_list_ecdhe( mbedtls_ssl_context *ssl,
|
||||
unsigned char *buf,
|
||||
unsigned char *end,
|
||||
size_t *olen )
|
||||
size_t *out_len )
|
||||
{
|
||||
((void) ssl);
|
||||
((void) buf);
|
||||
((void) end);
|
||||
*olen = 0;
|
||||
*out_len = 0;
|
||||
return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
|
||||
}
|
||||
#endif /* MBEDTLS_ECDH_C */
|
||||
|
|
@ -189,12 +189,12 @@ static int ssl_tls13_write_named_group_list_ecdhe( mbedtls_ssl_context *ssl,
|
|||
static int ssl_tls13_write_named_group_list_dhe( mbedtls_ssl_context *ssl,
|
||||
unsigned char *buf,
|
||||
unsigned char *end,
|
||||
size_t *olen )
|
||||
size_t *out_len )
|
||||
{
|
||||
((void) ssl);
|
||||
((void) buf);
|
||||
((void) end);
|
||||
*olen = 0;
|
||||
*out_len = 0;
|
||||
MBEDTLS_SSL_DEBUG_MSG( 3, ( "write_named_group_dhe is not implemented" ) );
|
||||
return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
|
||||
}
|
||||
|
|
@ -202,7 +202,7 @@ static int ssl_tls13_write_named_group_list_dhe( mbedtls_ssl_context *ssl,
|
|||
static int ssl_tls13_write_supported_groups_ext( mbedtls_ssl_context *ssl,
|
||||
unsigned char *buf,
|
||||
unsigned char *end,
|
||||
size_t *olen )
|
||||
size_t *out_len )
|
||||
{
|
||||
unsigned char *p = buf ;
|
||||
unsigned char *named_group_list; /* Start of named_group_list */
|
||||
|
|
@ -210,7 +210,7 @@ static int ssl_tls13_write_supported_groups_ext( mbedtls_ssl_context *ssl,
|
|||
size_t output_len = 0;
|
||||
int ret_ecdhe, ret_dhe;
|
||||
|
||||
*olen = 0;
|
||||
*out_len = 0;
|
||||
|
||||
if( !mbedtls_ssl_conf_tls13_some_ephemeral_enabled( ssl ) )
|
||||
return( 0 );
|
||||
|
|
@ -264,7 +264,7 @@ static int ssl_tls13_write_supported_groups_ext( mbedtls_ssl_context *ssl,
|
|||
|
||||
MBEDTLS_SSL_DEBUG_BUF( 3, "Supported groups extension", buf + 4, named_group_list_len + 2 );
|
||||
|
||||
*olen = p - buf;
|
||||
*out_len = p - buf;
|
||||
|
||||
ssl->handshake->extensions_present |= MBEDTLS_SSL_EXT_SUPPORTED_GROUPS;
|
||||
|
||||
|
|
@ -280,7 +280,7 @@ static int ssl_tls13_generate_and_write_ecdh_key_exchange(
|
|||
uint16_t named_group,
|
||||
unsigned char *buf,
|
||||
unsigned char *end,
|
||||
size_t *olen )
|
||||
size_t *out_len )
|
||||
{
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
const mbedtls_ecp_curve_info *curve_info =
|
||||
|
|
@ -298,9 +298,9 @@ static int ssl_tls13_generate_and_write_ecdh_key_exchange(
|
|||
return( ret );
|
||||
}
|
||||
|
||||
ret = mbedtls_ecdh_tls13_make_params( &ssl->handshake->ecdh_ctx, olen,
|
||||
buf, end - buf,
|
||||
ssl->conf->f_rng, ssl->conf->p_rng );
|
||||
ret = mbedtls_ecdh_tls13_make_params( &ssl->handshake->ecdh_ctx, out_len,
|
||||
buf, end - buf,
|
||||
ssl->conf->f_rng, ssl->conf->p_rng );
|
||||
if( ret != 0 )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_tls13_make_params", ret );
|
||||
|
|
@ -365,7 +365,7 @@ static int ssl_tls13_get_default_group_id( mbedtls_ssl_context *ssl,
|
|||
static int ssl_tls13_write_key_share_ext( mbedtls_ssl_context *ssl,
|
||||
unsigned char *buf,
|
||||
unsigned char *end,
|
||||
size_t *olen )
|
||||
size_t *out_len )
|
||||
{
|
||||
unsigned char *p = buf;
|
||||
unsigned char *client_shares; /* Start of client_shares */
|
||||
|
|
@ -373,7 +373,7 @@ static int ssl_tls13_write_key_share_ext( mbedtls_ssl_context *ssl,
|
|||
uint16_t group_id;
|
||||
int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
|
||||
|
||||
*olen = 0;
|
||||
*out_len = 0;
|
||||
|
||||
if( !mbedtls_ssl_conf_tls13_some_ephemeral_enabled( ssl ) )
|
||||
return( 0 );
|
||||
|
|
@ -459,9 +459,9 @@ static int ssl_tls13_write_key_share_ext( mbedtls_ssl_context *ssl,
|
|||
ssl->handshake->offered_group_id = group_id;
|
||||
|
||||
/* Output the total length of key_share extension. */
|
||||
*olen = p - buf;
|
||||
*out_len = p - buf;
|
||||
|
||||
MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, key_share extension", buf, *olen );
|
||||
MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, key_share extension", buf, *out_len );
|
||||
|
||||
ssl->handshake->extensions_present |= MBEDTLS_SSL_EXT_KEY_SHARE;
|
||||
|
||||
|
|
@ -600,14 +600,14 @@ static int ssl_tls13_write_client_hello_cipher_suites(
|
|||
mbedtls_ssl_context *ssl,
|
||||
unsigned char *buf,
|
||||
unsigned char *end,
|
||||
size_t *olen )
|
||||
size_t *out_len )
|
||||
{
|
||||
unsigned char *p = buf;
|
||||
const int *ciphersuite_list;
|
||||
unsigned char *cipher_suites; /* Start of the cipher_suites list */
|
||||
size_t cipher_suites_len;
|
||||
|
||||
*olen = 0 ;
|
||||
*out_len = 0 ;
|
||||
|
||||
/*
|
||||
* Ciphersuite list
|
||||
|
|
@ -655,7 +655,7 @@ static int ssl_tls13_write_client_hello_cipher_suites(
|
|||
cipher_suites_len/2 ) );
|
||||
|
||||
/* Output the total length of cipher_suites field. */
|
||||
*olen = p - buf;
|
||||
*out_len = p - buf;
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
|
@ -675,7 +675,7 @@ static int ssl_tls13_write_client_hello_cipher_suites(
|
|||
static int ssl_tls13_write_client_hello_body( mbedtls_ssl_context *ssl,
|
||||
unsigned char *buf,
|
||||
unsigned char *end,
|
||||
size_t *olen )
|
||||
size_t *out_len )
|
||||
{
|
||||
|
||||
int ret;
|
||||
|
|
@ -686,7 +686,7 @@ static int ssl_tls13_write_client_hello_body( mbedtls_ssl_context *ssl,
|
|||
/* Buffer management */
|
||||
unsigned char *p = buf;
|
||||
|
||||
*olen = 0;
|
||||
*out_len = 0;
|
||||
|
||||
/* No validation needed here. It has been done by ssl_conf_check() */
|
||||
ssl->major_ver = ssl->conf->min_major_ver;
|
||||
|
|
@ -815,7 +815,7 @@ static int ssl_tls13_write_client_hello_body( mbedtls_ssl_context *ssl,
|
|||
extensions_len ) );
|
||||
MBEDTLS_SSL_DEBUG_BUF( 3, "client hello extensions", p_extensions_len, extensions_len );
|
||||
|
||||
*olen = p - buf;
|
||||
*out_len = p - buf;
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
|
|
@ -1257,17 +1257,17 @@ static int ssl_tls13_finalize_server_hello( mbedtls_ssl_context *ssl )
|
|||
{
|
||||
/* Only the pre_shared_key extension was received */
|
||||
case MBEDTLS_SSL_EXT_PRE_SHARED_KEY:
|
||||
handshake->tls1_3_kex_modes = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK;
|
||||
handshake->tls13_kex_modes = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK;
|
||||
break;
|
||||
|
||||
/* Only the key_share extension was received */
|
||||
case MBEDTLS_SSL_EXT_KEY_SHARE:
|
||||
handshake->tls1_3_kex_modes = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL;
|
||||
handshake->tls13_kex_modes = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL;
|
||||
break;
|
||||
|
||||
/* Both the pre_shared_key and key_share extensions were received */
|
||||
case ( MBEDTLS_SSL_EXT_PRE_SHARED_KEY | MBEDTLS_SSL_EXT_KEY_SHARE ):
|
||||
handshake->tls1_3_kex_modes = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL;
|
||||
handshake->tls13_kex_modes = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL;
|
||||
break;
|
||||
|
||||
/* Neither pre_shared_key nor key_share extension was received */
|
||||
|
|
@ -1662,7 +1662,7 @@ int mbedtls_ssl_tls13_handshake_client_step( mbedtls_ssl_context *ssl )
|
|||
{
|
||||
int ret = 0;
|
||||
|
||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "tls1_3 client state: %d", ssl->state ) );
|
||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "tls13 client state: %d", ssl->state ) );
|
||||
|
||||
switch( ssl->state )
|
||||
{
|
||||
|
|
|
|||
|
|
@ -157,13 +157,13 @@ void mbedtls_ssl_tls13_add_hs_hdr_to_checksum( mbedtls_ssl_context *ssl,
|
|||
int mbedtls_ssl_tls13_write_sig_alg_ext( mbedtls_ssl_context *ssl,
|
||||
unsigned char *buf,
|
||||
unsigned char *end,
|
||||
size_t *olen )
|
||||
size_t *out_len )
|
||||
{
|
||||
unsigned char *p = buf;
|
||||
unsigned char *supported_sig_alg; /* Start of supported_signature_algorithms */
|
||||
size_t supported_sig_alg_len = 0; /* Length of supported_signature_algorithms */
|
||||
|
||||
*olen = 0;
|
||||
*out_len = 0;
|
||||
|
||||
/* Skip the extension on the client if all allowed key exchanges
|
||||
* are PSK-based. */
|
||||
|
|
@ -214,7 +214,7 @@ int mbedtls_ssl_tls13_write_sig_alg_ext( mbedtls_ssl_context *ssl,
|
|||
MBEDTLS_PUT_UINT16_BE( supported_sig_alg_len, buf, 4 );
|
||||
|
||||
/* Output the total length of signature algorithms extension. */
|
||||
*olen = p - buf;
|
||||
*out_len = p - buf;
|
||||
|
||||
ssl->handshake->extensions_present |= MBEDTLS_SSL_EXT_SIG_ALG;
|
||||
return( 0 );
|
||||
|
|
@ -321,9 +321,9 @@ static int ssl_tls13_parse_certificate_verify( mbedtls_ssl_context *ssl,
|
|||
unsigned char verify_hash[MBEDTLS_MD_MAX_SIZE];
|
||||
size_t verify_hash_len;
|
||||
|
||||
void const *opts_ptr = NULL;
|
||||
void const *options = NULL;
|
||||
#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
|
||||
mbedtls_pk_rsassa_pss_options opts;
|
||||
mbedtls_pk_rsassa_pss_options rsassa_pss_options;
|
||||
#endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */
|
||||
|
||||
/*
|
||||
|
|
@ -443,17 +443,17 @@ static int ssl_tls13_parse_certificate_verify( mbedtls_ssl_context *ssl,
|
|||
if( sig_alg == MBEDTLS_PK_RSASSA_PSS )
|
||||
{
|
||||
const mbedtls_md_info_t* md_info;
|
||||
opts.mgf1_hash_id = md_alg;
|
||||
rsassa_pss_options.mgf1_hash_id = md_alg;
|
||||
if( ( md_info = mbedtls_md_info_from_type( md_alg ) ) == NULL )
|
||||
{
|
||||
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
|
||||
}
|
||||
opts.expected_salt_len = mbedtls_md_get_size( md_info );
|
||||
opts_ptr = (const void*) &opts;
|
||||
rsassa_pss_options.expected_salt_len = mbedtls_md_get_size( md_info );
|
||||
options = (const void*) &rsassa_pss_options;
|
||||
}
|
||||
#endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */
|
||||
|
||||
if( ( ret = mbedtls_pk_verify_ext( sig_alg, opts_ptr,
|
||||
if( ( ret = mbedtls_pk_verify_ext( sig_alg, options,
|
||||
&ssl->session_negotiate->peer_cert->pk,
|
||||
md_alg, verify_hash, verify_hash_len,
|
||||
p, signature_len ) ) == 0 )
|
||||
|
|
@ -1081,7 +1081,7 @@ static int ssl_tls13_finalize_finished_message( mbedtls_ssl_context *ssl )
|
|||
static int ssl_tls13_write_finished_message_body( mbedtls_ssl_context *ssl,
|
||||
unsigned char *buf,
|
||||
unsigned char *end,
|
||||
size_t *olen )
|
||||
size_t *out_len )
|
||||
{
|
||||
size_t verify_data_len = ssl->handshake->state_local.finished_out.digest_len;
|
||||
/*
|
||||
|
|
@ -1094,7 +1094,7 @@ static int ssl_tls13_write_finished_message_body( mbedtls_ssl_context *ssl,
|
|||
memcpy( buf, ssl->handshake->state_local.finished_out.digest,
|
||||
verify_data_len );
|
||||
|
||||
*olen = verify_data_len;
|
||||
*out_len = verify_data_len;
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -78,7 +78,7 @@ struct mbedtls_ssl_tls13_labels_struct const mbedtls_ssl_tls13_labels =
|
|||
* the HkdfLabel structure on success.
|
||||
*/
|
||||
|
||||
static const char tls1_3_label_prefix[6] = "tls13 ";
|
||||
static const char tls13_label_prefix[6] = "tls13 ";
|
||||
|
||||
#define SSL_TLS1_3_KEY_SCHEDULE_HKDF_LABEL_LEN( label_len, context_len ) \
|
||||
( 2 /* expansion length */ \
|
||||
|
|
@ -89,7 +89,7 @@ static const char tls1_3_label_prefix[6] = "tls13 ";
|
|||
|
||||
#define SSL_TLS1_3_KEY_SCHEDULE_MAX_HKDF_LABEL_LEN \
|
||||
SSL_TLS1_3_KEY_SCHEDULE_HKDF_LABEL_LEN( \
|
||||
sizeof(tls1_3_label_prefix) + \
|
||||
sizeof(tls13_label_prefix) + \
|
||||
MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_LABEL_LEN, \
|
||||
MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_CONTEXT_LEN )
|
||||
|
||||
|
|
@ -100,7 +100,7 @@ static void ssl_tls13_hkdf_encode_label(
|
|||
unsigned char *dst, size_t *dst_len )
|
||||
{
|
||||
size_t total_label_len =
|
||||
sizeof(tls1_3_label_prefix) + label_len;
|
||||
sizeof(tls13_label_prefix) + label_len;
|
||||
size_t total_hkdf_lbl_len =
|
||||
SSL_TLS1_3_KEY_SCHEDULE_HKDF_LABEL_LEN( total_label_len, ctx_len );
|
||||
|
||||
|
|
@ -119,8 +119,8 @@ static void ssl_tls13_hkdf_encode_label(
|
|||
|
||||
/* Add label incl. prefix */
|
||||
*p++ = MBEDTLS_BYTE_0( total_label_len );
|
||||
memcpy( p, tls1_3_label_prefix, sizeof(tls1_3_label_prefix) );
|
||||
p += sizeof(tls1_3_label_prefix);
|
||||
memcpy( p, tls13_label_prefix, sizeof(tls13_label_prefix) );
|
||||
p += sizeof(tls13_label_prefix);
|
||||
memcpy( p, label, label_len );
|
||||
p += label_len;
|
||||
|
||||
|
|
@ -578,9 +578,9 @@ int mbedtls_ssl_tls13_key_schedule_stage_application( mbedtls_ssl_context *ssl )
|
|||
* Compute MasterSecret
|
||||
*/
|
||||
ret = mbedtls_ssl_tls13_evolve_secret( md_type,
|
||||
handshake->tls1_3_master_secrets.handshake,
|
||||
handshake->tls13_master_secrets.handshake,
|
||||
NULL, 0,
|
||||
handshake->tls1_3_master_secrets.app );
|
||||
handshake->tls13_master_secrets.app );
|
||||
if( ret != 0 )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_tls13_evolve_secret", ret );
|
||||
|
|
@ -588,7 +588,7 @@ int mbedtls_ssl_tls13_key_schedule_stage_application( mbedtls_ssl_context *ssl )
|
|||
}
|
||||
|
||||
MBEDTLS_SSL_DEBUG_BUF( 4, "Master secret",
|
||||
handshake->tls1_3_master_secrets.app, md_size );
|
||||
handshake->tls13_master_secrets.app, md_size );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
|
@ -918,7 +918,7 @@ int mbedtls_ssl_tls13_key_schedule_stage_early( mbedtls_ssl_context *ssl )
|
|||
md_type = handshake->ciphersuite_info->mac;
|
||||
|
||||
ret = mbedtls_ssl_tls13_evolve_secret( md_type, NULL, NULL, 0,
|
||||
handshake->tls1_3_master_secrets.early );
|
||||
handshake->tls13_master_secrets.early );
|
||||
if( ret != 0 )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_tls13_evolve_secret", ret );
|
||||
|
|
@ -972,7 +972,7 @@ int mbedtls_ssl_tls13_generate_handshake_keys( mbedtls_ssl_context *ssl,
|
|||
}
|
||||
|
||||
ret = mbedtls_ssl_tls13_derive_handshake_secrets( md_type,
|
||||
handshake->tls1_3_master_secrets.handshake,
|
||||
handshake->tls13_master_secrets.handshake,
|
||||
transcript, transcript_len, tls13_hs_secrets );
|
||||
if( ret != 0 )
|
||||
{
|
||||
|
|
@ -1091,9 +1091,9 @@ int mbedtls_ssl_tls13_key_schedule_stage_handshake( mbedtls_ssl_context *ssl )
|
|||
* Compute the Handshake Secret
|
||||
*/
|
||||
ret = mbedtls_ssl_tls13_evolve_secret( md_type,
|
||||
handshake->tls1_3_master_secrets.early,
|
||||
handshake->tls13_master_secrets.early,
|
||||
ecdhe, ephemeral_len,
|
||||
handshake->tls1_3_master_secrets.handshake );
|
||||
handshake->tls13_master_secrets.handshake );
|
||||
if( ret != 0 )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_tls13_evolve_secret", ret );
|
||||
|
|
@ -1101,7 +1101,7 @@ int mbedtls_ssl_tls13_key_schedule_stage_handshake( mbedtls_ssl_context *ssl )
|
|||
}
|
||||
|
||||
MBEDTLS_SSL_DEBUG_BUF( 4, "Handshake secret",
|
||||
handshake->tls1_3_master_secrets.handshake, md_size );
|
||||
handshake->tls13_master_secrets.handshake, md_size );
|
||||
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDHE_ENABLED)
|
||||
mbedtls_platform_zeroize( ecdhe, sizeof( ecdhe ) );
|
||||
|
|
@ -1161,7 +1161,7 @@ int mbedtls_ssl_tls13_generate_application_keys(
|
|||
/* Compute application secrets from master secret and transcript hash. */
|
||||
|
||||
ret = mbedtls_ssl_tls13_derive_application_secrets( md_type,
|
||||
handshake->tls1_3_master_secrets.app,
|
||||
handshake->tls13_master_secrets.app,
|
||||
transcript, transcript_len,
|
||||
app_secrets );
|
||||
if( ret != 0 )
|
||||
|
|
|
|||
|
|
@ -95,16 +95,18 @@ extern const struct mbedtls_ssl_tls13_labels_struct mbedtls_ssl_tls13_labels;
|
|||
*
|
||||
* \param hash_alg The identifier for the hash algorithm to use.
|
||||
* \param secret The \c Secret argument to \c HKDF-Expand-Label.
|
||||
* This must be a readable buffer of length \p slen Bytes.
|
||||
* This must be a readable buffer of length
|
||||
* \p secret_len Bytes.
|
||||
* \param secret_len The length of \p secret in Bytes.
|
||||
* \param label The \c Label argument to \c HKDF-Expand-Label.
|
||||
* This must be a readable buffer of length \p llen Bytes.
|
||||
* This must be a readable buffer of length
|
||||
* \p label_len Bytes.
|
||||
* \param label_len The length of \p label in Bytes.
|
||||
* \param ctx The \c Context argument to \c HKDF-Expand-Label.
|
||||
* This must be a readable buffer of length \p clen Bytes.
|
||||
* This must be a readable buffer of length \p ctx_len Bytes.
|
||||
* \param ctx_len The length of \p context in Bytes.
|
||||
* \param buf The destination buffer to hold the expanded secret.
|
||||
* This must be a writable buffer of length \p blen Bytes.
|
||||
* This must be a writable buffer of length \p buf_len Bytes.
|
||||
* \param buf_len The desired size of the expanded secret in Bytes.
|
||||
*
|
||||
* \returns \c 0 on success.
|
||||
|
|
@ -133,9 +135,11 @@ int mbedtls_ssl_tls13_hkdf_expand_label(
|
|||
* \param hash_alg The identifier for the hash algorithm to be used
|
||||
* for the HKDF-based expansion of the secret.
|
||||
* \param client_secret The client traffic secret.
|
||||
* This must be a readable buffer of size \p slen Bytes
|
||||
* This must be a readable buffer of size
|
||||
* \p secret_len Bytes
|
||||
* \param server_secret The server traffic secret.
|
||||
* This must be a readable buffer of size \p slen Bytes
|
||||
* This must be a readable buffer of size
|
||||
* \p secret_len Bytes
|
||||
* \param secret_len Length of the secrets \p client_secret and
|
||||
* \p server_secret in Bytes.
|
||||
* \param key_len The desired length of the key to be extracted in Bytes.
|
||||
|
|
@ -171,15 +175,17 @@ int mbedtls_ssl_tls13_make_traffic_keys(
|
|||
* \param hash_alg The identifier for the hash function used for the
|
||||
* applications of HKDF.
|
||||
* \param secret The \c Secret argument to the \c Derive-Secret function.
|
||||
* This must be a readable buffer of length \p slen Bytes.
|
||||
* This must be a readable buffer of length
|
||||
* \p secret_len Bytes.
|
||||
* \param secret_len The length of \p secret in Bytes.
|
||||
* \param label The \c Label argument to the \c Derive-Secret function.
|
||||
* This must be a readable buffer of length \p llen Bytes.
|
||||
* This must be a readable buffer of length
|
||||
* \p label_len Bytes.
|
||||
* \param label_len The length of \p label in Bytes.
|
||||
* \param ctx The hash of the \c Messages argument to the
|
||||
* \c Derive-Secret function, or the \c Messages argument
|
||||
* itself, depending on \p context_already_hashed.
|
||||
* \param ctx_len The length of \p hash.
|
||||
* itself, depending on \p ctx_hashed.
|
||||
* \param ctx_len The length of \p ctx in Bytes.
|
||||
* \param ctx_hashed This indicates whether the \p ctx contains the hash of
|
||||
* the \c Messages argument in the application of the
|
||||
* \c Derive-Secret function
|
||||
|
|
@ -189,7 +195,7 @@ int mbedtls_ssl_tls13_make_traffic_keys(
|
|||
* (value MBEDTLS_SSL_TLS1_3_CONTEXT_UNHASHED).
|
||||
* \param dstbuf The target buffer to write the output of
|
||||
* \c Derive-Secret to. This must be a writable buffer of
|
||||
* size \p buflen Bytes.
|
||||
* size \p dtsbuf_len Bytes.
|
||||
* \param dstbuf_len The length of \p dstbuf in Bytes.
|
||||
*
|
||||
* \returns \c 0 on success.
|
||||
|
|
|
|||
|
|
@ -30,7 +30,7 @@
|
|||
int mbedtls_ssl_tls13_handshake_server_step( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
((void) ssl);
|
||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "tls1_3 server state: %d", ssl->state ) );
|
||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "tls13 server state: %d", ssl->state ) );
|
||||
|
||||
return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue