eden-emu/mbedtls
14
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Update based on comments

Browse source 
Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>
This commit is contained in:
Xiaofei Bai 2021-12-02 06:36:27 +00:00
parent 6dc90da740
commit d25fab6f79
12 changed files with 176 additions and 170 deletions
Download patch file Download diff file Expand all files Collapse all files

22
library/ssl_tls13_generic.c
View file

@ -157,13 +157,13 @@ void mbedtls_ssl_tls13_add_hs_hdr_to_checksum( mbedtls_ssl_context *ssl,
int mbedtls_ssl_tls13_write_sig_alg_ext( mbedtls_ssl_context *ssl,
unsigned char *buf,
unsigned char *end,
size_t *olen )
size_t *out_len )
{
unsigned char *p = buf;
unsigned char *supported_sig_alg; /* Start of supported_signature_algorithms */
size_t supported_sig_alg_len = 0; /* Length of supported_signature_algorithms */
*olen = 0;
*out_len = 0;
/* Skip the extension on the client if all allowed key exchanges
* are PSK-based. */
@ -214,7 +214,7 @@ int mbedtls_ssl_tls13_write_sig_alg_ext( mbedtls_ssl_context *ssl,
MBEDTLS_PUT_UINT16_BE( supported_sig_alg_len, buf, 4 );
/* Output the total length of signature algorithms extension. */
*olen = p - buf;
*out_len = p - buf;
ssl->handshake->extensions_present |= MBEDTLS_SSL_EXT_SIG_ALG;
return( 0 );
@ -321,9 +321,9 @@ static int ssl_tls13_parse_certificate_verify( mbedtls_ssl_context *ssl,
unsigned char verify_hash[MBEDTLS_MD_MAX_SIZE];
size_t verify_hash_len;
void const *opts_ptr = NULL;
void const *options = NULL;
#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
mbedtls_pk_rsassa_pss_options opts;
mbedtls_pk_rsassa_pss_options rsassa_pss_options;
#endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */
/*
@ -443,17 +443,17 @@ static int ssl_tls13_parse_certificate_verify( mbedtls_ssl_context *ssl,
if( sig_alg == MBEDTLS_PK_RSASSA_PSS )
{
const mbedtls_md_info_t* md_info;
opts.mgf1_hash_id = md_alg;
rsassa_pss_options.mgf1_hash_id = md_alg;
if( ( md_info = mbedtls_md_info_from_type( md_alg ) ) == NULL )
{
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
}
opts.expected_salt_len = mbedtls_md_get_size( md_info );
opts_ptr = (const void*) &opts;
rsassa_pss_options.expected_salt_len = mbedtls_md_get_size( md_info );
options = (const void*) &rsassa_pss_options;
}
#endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */
if( ( ret = mbedtls_pk_verify_ext( sig_alg, opts_ptr,
if( ( ret = mbedtls_pk_verify_ext( sig_alg, options,
&ssl->session_negotiate->peer_cert->pk,
md_alg, verify_hash, verify_hash_len,
p, signature_len ) ) == 0 )
@ -1081,7 +1081,7 @@ static int ssl_tls13_finalize_finished_message( mbedtls_ssl_context *ssl )
static int ssl_tls13_write_finished_message_body( mbedtls_ssl_context *ssl,
unsigned char *buf,
unsigned char *end,
size_t *olen )
size_t *out_len )
{
size_t verify_data_len = ssl->handshake->state_local.finished_out.digest_len;
/*
@ -1094,7 +1094,7 @@ static int ssl_tls13_write_finished_message_body( mbedtls_ssl_context *ssl,
memcpy( buf, ssl->handshake->state_local.finished_out.digest,
verify_data_len );
*olen = verify_data_len;
*out_len = verify_data_len;
return( 0 );
}