Change code based on commetns
Focus on the code style, naming rule,etc. Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
This commit is contained in:
parent
4cab0240c7
commit
a763498490
@ -39,6 +39,7 @@
|
|||||||
#if defined(MBEDTLS_DHM_C)
|
#if defined(MBEDTLS_DHM_C)
|
||||||
#include "mbedtls/dhm.h"
|
#include "mbedtls/dhm.h"
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
/* Adding guard for MBEDTLS_ECDSA_C to ensure no compile errors due
|
/* Adding guard for MBEDTLS_ECDSA_C to ensure no compile errors due
|
||||||
* to guards also being in ssl_srv.c and ssl_cli.c. There is a gap
|
* to guards also being in ssl_srv.c and ssl_cli.c. There is a gap
|
||||||
* in functionality that access to ecdh_ctx structure is needed for
|
* in functionality that access to ecdh_ctx structure is needed for
|
||||||
@ -1050,13 +1051,15 @@ typedef void mbedtls_ssl_async_cancel_t( mbedtls_ssl_context *ssl );
|
|||||||
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED &&
|
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED &&
|
||||||
!MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
|
!MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
|
||||||
typedef struct
|
typedef struct
|
||||||
{
|
{
|
||||||
unsigned char client_application_traffic_secret_N[ MBEDTLS_MD_MAX_SIZE ];
|
unsigned char client_application_traffic_secret_N[ MBEDTLS_MD_MAX_SIZE ];
|
||||||
unsigned char server_application_traffic_secret_N[ MBEDTLS_MD_MAX_SIZE ];
|
unsigned char server_application_traffic_secret_N[ MBEDTLS_MD_MAX_SIZE ];
|
||||||
unsigned char exporter_master_secret [ MBEDTLS_MD_MAX_SIZE ];
|
unsigned char exporter_master_secret [ MBEDTLS_MD_MAX_SIZE ];
|
||||||
unsigned char resumption_master_secret [ MBEDTLS_MD_MAX_SIZE ];
|
unsigned char resumption_master_secret [ MBEDTLS_MD_MAX_SIZE ];
|
||||||
} mbedtls_ssl_tls1_3_application_secrets;
|
} mbedtls_ssl_tls13_application_secrets;
|
||||||
|
#endif
|
||||||
|
|
||||||
#if defined(MBEDTLS_SSL_DTLS_SRTP)
|
#if defined(MBEDTLS_SSL_DTLS_SRTP)
|
||||||
|
|
||||||
@ -1122,7 +1125,9 @@ struct mbedtls_ssl_session
|
|||||||
* to be studied whether one of them can be removed. */
|
* to be studied whether one of them can be removed. */
|
||||||
unsigned char MBEDTLS_PRIVATE(minor_ver); /*!< The TLS version used in the session. */
|
unsigned char MBEDTLS_PRIVATE(minor_ver); /*!< The TLS version used in the session. */
|
||||||
|
|
||||||
mbedtls_ssl_tls1_3_application_secrets MBEDTLS_PRIVATE(app_secrets);
|
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
|
||||||
|
mbedtls_ssl_tls13_application_secrets MBEDTLS_PRIVATE(app_secrets);
|
||||||
|
#endif
|
||||||
|
|
||||||
#if defined(MBEDTLS_X509_CRT_PARSE_C)
|
#if defined(MBEDTLS_X509_CRT_PARSE_C)
|
||||||
#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
|
#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
|
||||||
|
@ -870,7 +870,7 @@ int mbedtls_ssl_tls13_finished_in_process( mbedtls_ssl_context* ssl )
|
|||||||
unsigned char *buf;
|
unsigned char *buf;
|
||||||
size_t buflen;
|
size_t buflen;
|
||||||
|
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse finished" ) );
|
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse server finished_in_process" ) );
|
||||||
|
|
||||||
/* Preprocessing step: Compute handshake digest */
|
/* Preprocessing step: Compute handshake digest */
|
||||||
MBEDTLS_SSL_PROC_CHK( ssl_tls13_finished_in_preprocess( ssl ) );
|
MBEDTLS_SSL_PROC_CHK( ssl_tls13_finished_in_preprocess( ssl ) );
|
||||||
@ -885,7 +885,7 @@ int mbedtls_ssl_tls13_finished_in_process( mbedtls_ssl_context* ssl )
|
|||||||
|
|
||||||
cleanup:
|
cleanup:
|
||||||
|
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse finished" ) );
|
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse server finished_in_process" ) );
|
||||||
return( ret );
|
return( ret );
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -893,14 +893,14 @@ static int ssl_tls13_finished_in_preprocess( mbedtls_ssl_context* ssl )
|
|||||||
{
|
{
|
||||||
int ret;
|
int ret;
|
||||||
|
|
||||||
ret = mbedtls_ssl_tls1_3_calc_finished( ssl,
|
ret = mbedtls_ssl_tls1_3_calculate_expected_finished( ssl,
|
||||||
ssl->handshake->state_local.finished_in.digest,
|
ssl->handshake->state_local.finished_in.digest,
|
||||||
sizeof( ssl->handshake->state_local.finished_in.digest ),
|
sizeof( ssl->handshake->state_local.finished_in.digest ),
|
||||||
&ssl->handshake->state_local.finished_in.digest_len,
|
&ssl->handshake->state_local.finished_in.digest_len,
|
||||||
ssl->conf->endpoint ^ 1 );
|
ssl->conf->endpoint ^ 1 );
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
{
|
{
|
||||||
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_tls1_3_calc_finished", ret );
|
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_tls1_3_calculate_expected_finished", ret );
|
||||||
return( ret );
|
return( ret );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -469,7 +469,7 @@ int mbedtls_ssl_tls1_3_derive_application_secrets(
|
|||||||
mbedtls_md_type_t md_type,
|
mbedtls_md_type_t md_type,
|
||||||
unsigned char const *application_secret,
|
unsigned char const *application_secret,
|
||||||
unsigned char const *transcript, size_t transcript_len,
|
unsigned char const *transcript, size_t transcript_len,
|
||||||
mbedtls_ssl_tls1_3_application_secrets *derived )
|
mbedtls_ssl_tls13_application_secrets *derived )
|
||||||
{
|
{
|
||||||
int ret;
|
int ret;
|
||||||
mbedtls_md_info_t const * const md_info = mbedtls_md_info_from_type( md_type );
|
mbedtls_md_info_t const * const md_info = mbedtls_md_info_from_type( md_type );
|
||||||
@ -539,7 +539,7 @@ int mbedtls_ssl_tls1_3_derive_resumption_master_secret(
|
|||||||
mbedtls_md_type_t md_type,
|
mbedtls_md_type_t md_type,
|
||||||
unsigned char const *application_secret,
|
unsigned char const *application_secret,
|
||||||
unsigned char const *transcript, size_t transcript_len,
|
unsigned char const *transcript, size_t transcript_len,
|
||||||
mbedtls_ssl_tls1_3_application_secrets *derived )
|
mbedtls_ssl_tls13_application_secrets *derived )
|
||||||
{
|
{
|
||||||
int ret;
|
int ret;
|
||||||
mbedtls_md_info_t const * const md_info = mbedtls_md_info_from_type( md_type );
|
mbedtls_md_info_t const * const md_info = mbedtls_md_info_from_type( md_type );
|
||||||
@ -643,13 +643,13 @@ exit:
|
|||||||
return( ret );
|
return( ret );
|
||||||
}
|
}
|
||||||
|
|
||||||
int mbedtls_ssl_tls1_3_calc_finished( mbedtls_ssl_context* ssl,
|
int mbedtls_ssl_tls1_3_calculate_expected_finished( mbedtls_ssl_context* ssl,
|
||||||
unsigned char* dst,
|
unsigned char* dst,
|
||||||
size_t dst_len,
|
size_t dst_len,
|
||||||
size_t *actual_len,
|
size_t *actual_len,
|
||||||
int from )
|
int from )
|
||||||
{
|
{
|
||||||
int ret;
|
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||||
|
|
||||||
unsigned char transcript[MBEDTLS_MD_MAX_SIZE];
|
unsigned char transcript[MBEDTLS_MD_MAX_SIZE];
|
||||||
size_t transcript_len;
|
size_t transcript_len;
|
||||||
@ -660,7 +660,7 @@ int mbedtls_ssl_tls1_3_calc_finished( mbedtls_ssl_context* ssl,
|
|||||||
const mbedtls_md_info_t* const md = mbedtls_md_info_from_type( md_type );
|
const mbedtls_md_info_t* const md = mbedtls_md_info_from_type( md_type );
|
||||||
size_t const md_size = mbedtls_md_get_size( md );
|
size_t const md_size = mbedtls_md_get_size( md );
|
||||||
|
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> mbedtls_ssl_tls1_3_calc_finished" ) );
|
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> mbedtls_ssl_tls1_3_calculate_expected_finished" ) );
|
||||||
|
|
||||||
if( dst_len < md_size )
|
if( dst_len < md_size )
|
||||||
return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
|
return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
|
||||||
@ -686,7 +686,7 @@ int mbedtls_ssl_tls1_3_calc_finished( mbedtls_ssl_context* ssl,
|
|||||||
*actual_len = md_size;
|
*actual_len = md_size;
|
||||||
|
|
||||||
MBEDTLS_SSL_DEBUG_BUF( 3, "verify_data for finished message", dst, md_size );
|
MBEDTLS_SSL_DEBUG_BUF( 3, "verify_data for finished message", dst, md_size );
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= mbedtls_ssl_tls1_3_calc_finished" ) );
|
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= mbedtls_ssl_tls1_3_calculate_expected_finished" ) );
|
||||||
return( 0 );
|
return( 0 );
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1111,10 +1111,10 @@ int mbedtls_ssl_tls1_3_generate_application_keys(
|
|||||||
mbedtls_ssl_context *ssl,
|
mbedtls_ssl_context *ssl,
|
||||||
mbedtls_ssl_key_set *traffic_keys )
|
mbedtls_ssl_key_set *traffic_keys )
|
||||||
{
|
{
|
||||||
int ret = 0;
|
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||||
|
|
||||||
/* Address at which to store the application secrets */
|
/* Address at which to store the application secrets */
|
||||||
mbedtls_ssl_tls1_3_application_secrets * const app_secrets =
|
mbedtls_ssl_tls13_application_secrets * const app_secrets =
|
||||||
&ssl->session_negotiate->app_secrets;
|
&ssl->session_negotiate->app_secrets;
|
||||||
|
|
||||||
/* Holding the transcript up to and including the ServerFinished */
|
/* Holding the transcript up to and including the ServerFinished */
|
||||||
|
@ -344,7 +344,7 @@ int mbedtls_ssl_tls1_3_derive_application_secrets(
|
|||||||
mbedtls_md_type_t md_type,
|
mbedtls_md_type_t md_type,
|
||||||
unsigned char const *master_secret,
|
unsigned char const *master_secret,
|
||||||
unsigned char const *transcript, size_t transcript_len,
|
unsigned char const *transcript, size_t transcript_len,
|
||||||
mbedtls_ssl_tls1_3_application_secrets *derived );
|
mbedtls_ssl_tls13_application_secrets *derived );
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* \brief Derive TLS 1.3 resumption master secret from the master secret.
|
* \brief Derive TLS 1.3 resumption master secret from the master secret.
|
||||||
@ -374,7 +374,7 @@ int mbedtls_ssl_tls1_3_derive_resumption_master_secret(
|
|||||||
mbedtls_md_type_t md_type,
|
mbedtls_md_type_t md_type,
|
||||||
unsigned char const *application_secret,
|
unsigned char const *application_secret,
|
||||||
unsigned char const *transcript, size_t transcript_len,
|
unsigned char const *transcript, size_t transcript_len,
|
||||||
mbedtls_ssl_tls1_3_application_secrets *derived );
|
mbedtls_ssl_tls13_application_secrets *derived );
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* \brief Compute the next secret in the TLS 1.3 key schedule
|
* \brief Compute the next secret in the TLS 1.3 key schedule
|
||||||
@ -625,7 +625,7 @@ int mbedtls_ssl_tls1_3_generate_application_keys(
|
|||||||
* \returns \c 0 on success.
|
* \returns \c 0 on success.
|
||||||
* \returns A negative error code on failure.
|
* \returns A negative error code on failure.
|
||||||
*/
|
*/
|
||||||
int mbedtls_ssl_tls1_3_calc_finished( mbedtls_ssl_context *ssl,
|
int mbedtls_ssl_tls1_3_calculate_expected_finished( mbedtls_ssl_context *ssl,
|
||||||
unsigned char *dst,
|
unsigned char *dst,
|
||||||
size_t dst_len,
|
size_t dst_len,
|
||||||
size_t *actual_len,
|
size_t *actual_len,
|
||||||
|
@ -3862,7 +3862,7 @@ void ssl_tls1_3_derive_application_secrets( int hash_alg,
|
|||||||
data_t *server_expected,
|
data_t *server_expected,
|
||||||
data_t *exporter_expected )
|
data_t *exporter_expected )
|
||||||
{
|
{
|
||||||
mbedtls_ssl_tls1_3_application_secrets secrets;
|
mbedtls_ssl_tls13_application_secrets secrets;
|
||||||
|
|
||||||
/* Double-check that we've passed sane parameters. */
|
/* Double-check that we've passed sane parameters. */
|
||||||
mbedtls_md_type_t md_type = (mbedtls_md_type_t) hash_alg;
|
mbedtls_md_type_t md_type = (mbedtls_md_type_t) hash_alg;
|
||||||
@ -3894,7 +3894,7 @@ void ssl_tls1_3_derive_resumption_secrets( int hash_alg,
|
|||||||
data_t *transcript,
|
data_t *transcript,
|
||||||
data_t *resumption_expected )
|
data_t *resumption_expected )
|
||||||
{
|
{
|
||||||
mbedtls_ssl_tls1_3_application_secrets secrets;
|
mbedtls_ssl_tls13_application_secrets secrets;
|
||||||
|
|
||||||
/* Double-check that we've passed sane parameters. */
|
/* Double-check that we've passed sane parameters. */
|
||||||
mbedtls_md_type_t md_type = (mbedtls_md_type_t) hash_alg;
|
mbedtls_md_type_t md_type = (mbedtls_md_type_t) hash_alg;
|
||||||
|
Loading…
Reference in New Issue
Block a user