AuroraMiddleware/mbedtls
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fix variable names in ssl_tls13_keys.*

Browse Source 
Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>
This commit is contained in:
Xiaofei Bai 2021-11-18 07:29:56 +00:00
parent eef150418f
commit b7972840fd
1 changed files with 71 additions and 70 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

141
library/ssl_tls13_keys.c
View File

@ -95,14 +95,14 @@ static const char tls1_3_label_prefix[6] = "tls13 ";
static void ssl_tls13_hkdf_encode_label(
size_t desired_length,
const unsigned char *label, size_t llen,
const unsigned char *ctx, size_t clen,
unsigned char *dst, size_t *dlen )
const unsigned char *label, size_t label_len,
const unsigned char *ctx, size_t ctx_len,
unsigned char *dst, size_t *dst_len )
{
size_t total_label_len =
sizeof(tls1_3_label_prefix) + llen;
sizeof(tls1_3_label_prefix) + label_len;
size_t total_hkdf_lbl_len =
SSL_TLS1_3_KEY_SCHEDULE_HKDF_LABEL_LEN( total_label_len, clen );
SSL_TLS1_3_KEY_SCHEDULE_HKDF_LABEL_LEN( total_label_len, ctx_len );
unsigned char *p = dst;
@ -121,30 +121,30 @@ static void ssl_tls13_hkdf_encode_label(
*p++ = MBEDTLS_BYTE_0( total_label_len );
memcpy( p, tls1_3_label_prefix, sizeof(tls1_3_label_prefix) );
p += sizeof(tls1_3_label_prefix);
memcpy( p, label, llen );
p += llen;
memcpy( p, label, label_len );
p += label_len;
/* Add context value */
*p++ = MBEDTLS_BYTE_0( clen );
if( clen != 0 )
memcpy( p, ctx, clen );
*p++ = MBEDTLS_BYTE_0( ctx_len );
if( ctx_len != 0 )
memcpy( p, ctx, ctx_len );
/* Return total length to the caller. */
*dlen = total_hkdf_lbl_len;
*dst_len = total_hkdf_lbl_len;
}
int mbedtls_ssl_tls13_hkdf_expand_label(
mbedtls_md_type_t hash_alg,
const unsigned char *secret, size_t slen,
const unsigned char *label, size_t llen,
const unsigned char *ctx, size_t clen,
unsigned char *buf, size_t blen )
const unsigned char *secret, size_t secret_len,
const unsigned char *label, size_t label_len,
const unsigned char *ctx, size_t ctx_len,
unsigned char *buf, size_t buf_len )
{
const mbedtls_md_info_t *md;
const mbedtls_md_info_t *md_info;
unsigned char hkdf_label[ SSL_TLS1_3_KEY_SCHEDULE_MAX_HKDF_LABEL_LEN ];
size_t hkdf_label_len;
if( llen > MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_LABEL_LEN )
if( label_len > MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_LABEL_LEN )
{
/* Should never happen since this is an internal
* function, and we know statically which labels
@ -152,32 +152,32 @@ int mbedtls_ssl_tls13_hkdf_expand_label(
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
}
if( clen > MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_CONTEXT_LEN )
if( ctx_len > MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_CONTEXT_LEN )
{
/* Should not happen, as above. */
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
}
if( blen > MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_EXPANSION_LEN )
if( buf_len > MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_EXPANSION_LEN )
{
/* Should not happen, as above. */
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
}
md = mbedtls_md_info_from_type( hash_alg );
if( md == NULL )
md_info = mbedtls_md_info_from_type( hash_alg );
if( md_info == NULL )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
ssl_tls13_hkdf_encode_label( blen,
label, llen,
ctx, clen,
ssl_tls13_hkdf_encode_label( buf_len,
label, label_len,
ctx, ctx_len,
hkdf_label,
&hkdf_label_len );
return( mbedtls_hkdf_expand( md,
secret, slen,
return( mbedtls_hkdf_expand( md_info,
secret, secret_len,
hkdf_label, hkdf_label_len,
buf, blen ) );
buf, buf_len ) );
}
/*
@ -199,14 +199,14 @@ int mbedtls_ssl_tls13_hkdf_expand_label(
int mbedtls_ssl_tls13_make_traffic_keys(
mbedtls_md_type_t hash_alg,
const unsigned char *client_secret,
const unsigned char *server_secret,
size_t slen, size_t key_len, size_t iv_len,
const unsigned char *server_secret, size_t secret_len,
size_t key_len, size_t iv_len,
mbedtls_ssl_key_set *keys )
{
int ret = 0;
ret = mbedtls_ssl_tls13_hkdf_expand_label( hash_alg,
client_secret, slen,
client_secret, secret_len,
MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( key ),
NULL, 0,
keys->client_write_key, key_len );
@ -214,7 +214,7 @@ int mbedtls_ssl_tls13_make_traffic_keys(
return( ret );
ret = mbedtls_ssl_tls13_hkdf_expand_label( hash_alg,
server_secret, slen,
server_secret, secret_len,
MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( key ),
NULL, 0,
keys->server_write_key, key_len );
@ -222,7 +222,7 @@ int mbedtls_ssl_tls13_make_traffic_keys(
return( ret );
ret = mbedtls_ssl_tls13_hkdf_expand_label( hash_alg,
client_secret, slen,
client_secret, secret_len,
MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( iv ),
NULL, 0,
keys->client_write_iv, iv_len );
@ -230,7 +230,7 @@ int mbedtls_ssl_tls13_make_traffic_keys(
return( ret );
ret = mbedtls_ssl_tls13_hkdf_expand_label( hash_alg,
server_secret, slen,
server_secret, secret_len,
MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( iv ),
NULL, 0,
keys->server_write_iv, iv_len );
@ -245,30 +245,30 @@ int mbedtls_ssl_tls13_make_traffic_keys(
int mbedtls_ssl_tls13_derive_secret(
mbedtls_md_type_t hash_alg,
const unsigned char *secret, size_t slen,
const unsigned char *label, size_t llen,
const unsigned char *ctx, size_t clen,
const unsigned char *secret, size_t secret_len,
const unsigned char *label, size_t label_len,
const unsigned char *ctx, size_t ctx_len,
int ctx_hashed,
unsigned char *dstbuf, size_t buflen )
unsigned char *dstbuf, size_t dstbuf_len )
{
int ret;
unsigned char hashed_context[ MBEDTLS_MD_MAX_SIZE ];
const mbedtls_md_info_t *md;
md = mbedtls_md_info_from_type( hash_alg );
if( md == NULL )
const mbedtls_md_info_t *md_info;
md_info = mbedtls_md_info_from_type( hash_alg );
if( md_info == NULL )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
if( ctx_hashed == MBEDTLS_SSL_TLS1_3_CONTEXT_UNHASHED )
{
ret = mbedtls_md( md, ctx, clen, hashed_context );
ret = mbedtls_md( md_info, ctx, ctx_len, hashed_context );
if( ret != 0 )
return( ret );
clen = mbedtls_md_get_size( md );
ctx_len = mbedtls_md_get_size( md_info );
}
else
{
if( clen > sizeof(hashed_context) )
if( ctx_len > sizeof(hashed_context) )
{
/* This should never happen since this function is internal
* and the code sets `ctx_hashed` correctly.
@ -277,14 +277,14 @@ int mbedtls_ssl_tls13_derive_secret(
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
}
memcpy( hashed_context, ctx, clen );
memcpy( hashed_context, ctx, ctx_len );
}
return( mbedtls_ssl_tls13_hkdf_expand_label( hash_alg,
secret, slen,
label, llen,
hashed_context, clen,
dstbuf, buflen ) );
secret, secret_len,
label, label_len,
hashed_context, ctx_len,
dstbuf, dstbuf_len ) );
}
int mbedtls_ssl_tls13_evolve_secret(
@ -298,12 +298,12 @@ int mbedtls_ssl_tls13_evolve_secret(
unsigned char tmp_secret[ MBEDTLS_MD_MAX_SIZE ] = { 0 };
unsigned char tmp_input [ MBEDTLS_MD_MAX_SIZE ] = { 0 };
const mbedtls_md_info_t *md;
md = mbedtls_md_info_from_type( hash_alg );
if( md == NULL )
const mbedtls_md_info_t *md_info;
md_info = mbedtls_md_info_from_type( hash_alg );
if( md_info == NULL )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
hlen = mbedtls_md_get_size( md );
hlen = mbedtls_md_get_size( md_info );
/* For non-initial runs, call Derive-Secret( ., "derived", "")
* on the old secret. */
@ -333,7 +333,7 @@ int mbedtls_ssl_tls13_evolve_secret(
/* HKDF-Extract takes a salt and input key material.
* The salt is the old secret, and the input key material
* is the input secret (PSK / ECDHE). */
ret = mbedtls_hkdf_extract( md,
ret = mbedtls_hkdf_extract( md_info,
tmp_secret, hlen,
tmp_input, ilen,
secret_new );
@ -657,8 +657,9 @@ int mbedtls_ssl_tls13_calculate_verify_data( mbedtls_ssl_context* ssl,
unsigned char const *base_key = NULL;
mbedtls_md_type_t const md_type = ssl->handshake->ciphersuite_info->mac;
const mbedtls_md_info_t* const md = mbedtls_md_info_from_type( md_type );
size_t const md_size = mbedtls_md_get_size( md );
const mbedtls_md_info_t* const md_info =
mbedtls_md_info_from_type( md_type );
size_t const md_size = mbedtls_md_get_size( md_info );
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> mbedtls_ssl_tls13_calculate_verify_data" ) );
@ -942,7 +943,7 @@ int mbedtls_ssl_tls13_generate_handshake_keys( mbedtls_ssl_context *ssl,
size_t transcript_len;
mbedtls_cipher_info_t const *cipher_info;
size_t keylen, ivlen;
size_t key_len, iv_len;
mbedtls_ssl_handshake_params *handshake = ssl->handshake;
const mbedtls_ssl_ciphersuite_t *ciphersuite_info = handshake->ciphersuite_info;
@ -951,8 +952,8 @@ int mbedtls_ssl_tls13_generate_handshake_keys( mbedtls_ssl_context *ssl,
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> mbedtls_ssl_tls13_generate_handshake_keys" ) );
cipher_info = mbedtls_cipher_info_from_type( ciphersuite_info->cipher );
keylen = cipher_info->key_bitlen >> 3;
ivlen = cipher_info->iv_size;
key_len = cipher_info->key_bitlen >> 3;
iv_len = cipher_info->iv_size;
md_type = ciphersuite_info->mac;
md_info = mbedtls_md_info_from_type( md_type );
@ -1012,7 +1013,7 @@ int mbedtls_ssl_tls13_generate_handshake_keys( mbedtls_ssl_context *ssl,
ret = mbedtls_ssl_tls13_make_traffic_keys( md_type,
tls13_hs_secrets->client_handshake_traffic_secret,
tls13_hs_secrets->server_handshake_traffic_secret,
md_size, keylen, ivlen, traffic_keys );
md_size, key_len, iv_len, traffic_keys );
if( ret != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_tls13_make_traffic_keys", ret );
@ -1090,9 +1091,9 @@ int mbedtls_ssl_tls13_key_schedule_stage_handshake( mbedtls_ssl_context *ssl )
* Compute the Handshake Secret
*/
ret = mbedtls_ssl_tls13_evolve_secret( md_type,
handshake->tls1_3_master_secrets.early,
ecdhe, ephemeral_len,
handshake->tls1_3_master_secrets.handshake );
handshake->tls1_3_master_secrets.early,
ecdhe, ephemeral_len,
handshake->tls1_3_master_secrets.handshake );
if( ret != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_tls13_evolve_secret", ret );
@ -1133,7 +1134,7 @@ int mbedtls_ssl_tls13_generate_application_keys(
/* Variables relating to the cipher for the chosen ciphersuite. */
mbedtls_cipher_info_t const *cipher_info;
size_t keylen, ivlen;
size_t key_len, iv_len;
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> derive application traffic keys" ) );
@ -1141,8 +1142,8 @@ int mbedtls_ssl_tls13_generate_application_keys(
cipher_info = mbedtls_cipher_info_from_type(
handshake->ciphersuite_info->cipher );
keylen = cipher_info->key_bitlen / 8;
ivlen = cipher_info->iv_size;
key_len = cipher_info->key_bitlen / 8;
iv_len = cipher_info->iv_size;
md_type = handshake->ciphersuite_info->mac;
md_info = mbedtls_md_info_from_type( md_type );
@ -1175,7 +1176,7 @@ int mbedtls_ssl_tls13_generate_application_keys(
ret = mbedtls_ssl_tls13_make_traffic_keys( md_type,
app_secrets->client_application_traffic_secret_N,
app_secrets->server_application_traffic_secret_N,
md_size, keylen, ivlen, traffic_keys );
md_size, key_len, iv_len, traffic_keys );
if( ret != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_tls13_make_traffic_keys", ret );
@ -1213,13 +1214,13 @@ int mbedtls_ssl_tls13_generate_application_keys(
}
MBEDTLS_SSL_DEBUG_BUF( 4, "client application_write_key:",
traffic_keys->client_write_key, keylen );
traffic_keys->client_write_key, key_len );
MBEDTLS_SSL_DEBUG_BUF( 4, "server application write key",
traffic_keys->server_write_key, keylen );
traffic_keys->server_write_key, key_len );
MBEDTLS_SSL_DEBUG_BUF( 4, "client application write IV",
traffic_keys->client_write_iv, ivlen );
traffic_keys->client_write_iv, iv_len );
MBEDTLS_SSL_DEBUG_BUF( 4, "server application write IV",
traffic_keys->server_write_iv, ivlen );
traffic_keys->server_write_iv, iv_len );
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= derive application traffic keys" ) );