AuroraMiddleware/mbedtls
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Rename tls13 prefix to fix coding issues

Browse Source 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
This commit is contained in:
Jerry Yu 2021-10-11 22:30:19 +08:00
parent 4a1733831e
commit c068b6671e
6 changed files with 51 additions and 50 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
library/ecdh.c
View File

@ -806,9 +806,9 @@ int mbedtls_ecdh_setup_no_everest( mbedtls_ecdh_context *ctx,
#endif
}
static int ecdh_tls1_3_read_public_internal( mbedtls_ecdh_context_mbed *ctx,
const unsigned char *buf,
size_t blen )
static int ecdh_tls13_read_public_internal( mbedtls_ecdh_context_mbed *ctx,
const unsigned char *buf,
size_t blen )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
const unsigned char *p = buf;
@ -838,15 +838,15 @@ static int ecdh_tls1_3_read_public_internal( mbedtls_ecdh_context_mbed *ctx,
/*
* Parse and import the client's TLS 1.3 public value
*/
int mbedtls_ecdh_tls1_3_read_public( mbedtls_ecdh_context *ctx,
const unsigned char *buf,
size_t blen )
int mbedtls_ecdh_tls13_read_public( mbedtls_ecdh_context *ctx,
const unsigned char *buf,
size_t blen )
{
ECDH_VALIDATE_RET( ctx != NULL );
ECDH_VALIDATE_RET( buf != NULL );
#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
return( ecdh_tls1_3_read_public_internal( ctx, buf, blen ) );
return( ecdh_tls13_read_public_internal( ctx, buf, blen ) );
#else
switch( ctx->var )
{
@ -855,8 +855,8 @@ int mbedtls_ecdh_tls1_3_read_public( mbedtls_ecdh_context *ctx,
return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE );
#endif
case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0:
return( ecdh_tls1_3_read_public_internal( &ctx->ctx.mbed_ecdh,
buf, blen ) );
return( ecdh_tls13_read_public_internal( &ctx->ctx.mbed_ecdh,
buf, blen ) );
default:
return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
}

6
library/ecdh_misc.h
View File

@ -46,9 +46,9 @@ int mbedtls_ecdh_tls13_make_params( mbedtls_ecdh_context *ctx, size_t *olen,
/*
* TLS 1.3 version of mbedtls_ecdh_read_public in ecdh.h
*/
int mbedtls_ecdh_tls1_3_read_public( mbedtls_ecdh_context *ctx,
const unsigned char *buf,
size_t blen );
int mbedtls_ecdh_tls13_read_public( mbedtls_ecdh_context *ctx,
const unsigned char *buf,
size_t blen );
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */

2
library/ssl_misc.h
View File

@ -737,7 +737,7 @@ struct mbedtls_ssl_handshake_params
unsigned char app [MBEDTLS_TLS1_3_MD_MAX_SIZE];
} tls1_3_master_secrets;
mbedtls_ssl_tls1_3_handshake_secrets tls1_3_hs_secrets;
mbedtls_ssl_tls1_3_handshake_secrets tls13_hs_secrets;
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#if defined(MBEDTLS_SSL_SESSION_TICKETS)

45
library/ssl_tls13_client.c
View File

@ -95,9 +95,9 @@ static int ssl_tls13_write_supported_versions_ext( mbedtls_ssl_context *ssl,
return( 0 );
}
static int ssl_tls1_3_parse_supported_versions_ext( mbedtls_ssl_context *ssl,
const unsigned char *buf,
size_t buf_len )
static int ssl_tls13_parse_supported_versions_ext( mbedtls_ssl_context *ssl,
const unsigned char *buf,
size_t buf_len )
{
((void) ssl);
@ -477,7 +477,7 @@ cleanup:
#if defined(MBEDTLS_ECDH_C)
static int ssl_tls1_3_check_ecdh_params( const mbedtls_ssl_context *ssl )
static int ssl_tls13_check_ecdh_params( const mbedtls_ssl_context *ssl )
{
const mbedtls_ecp_curve_info *curve_info;
mbedtls_ecp_group_id grp_id;
@ -511,13 +511,13 @@ static int ssl_tls1_3_check_ecdh_params( const mbedtls_ssl_context *ssl )
*
* The server only provides a single KeyShareEntry.
*/
static int ssl_tls1_3_read_public_ecdhe_share( mbedtls_ssl_context *ssl,
const unsigned char *buf,
size_t buf_len )
static int ssl_tls13_read_public_ecdhe_share( mbedtls_ssl_context *ssl,
const unsigned char *buf,
size_t buf_len )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
ret = mbedtls_ecdh_tls1_3_read_public( &ssl->handshake->ecdh_ctx,
ret = mbedtls_ecdh_tls13_read_public( &ssl->handshake->ecdh_ctx,
buf, buf_len );
if( ret != 0 )
{
@ -525,9 +525,9 @@ static int ssl_tls1_3_read_public_ecdhe_share( mbedtls_ssl_context *ssl,
return( ret );
}
if( ssl_tls1_3_check_ecdh_params( ssl ) != 0 )
if( ssl_tls13_check_ecdh_params( ssl ) != 0 )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "ssl_tls1_3_check_ecdh_params() failed!" ) );
MBEDTLS_SSL_DEBUG_MSG( 1, ( "ssl_tls13_check_ecdh_params() failed!" ) );
MBEDTLS_SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER,
MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER );
return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER );
@ -579,7 +579,7 @@ static int ssl_tls13_parse_key_share_ext( mbedtls_ssl_context *ssl,
if( mbedtls_ssl_tls13_named_group_is_ecdhe( group ) )
{
/* Complete ECDHE key agreement */
ret = ssl_tls1_3_read_public_ecdhe_share( ssl, p, end - p );
ret = ssl_tls13_read_public_ecdhe_share( ssl, p, end - p );
if( ret != 0 )
return( ret );
}
@ -1028,9 +1028,9 @@ static int ssl_tls13_cipher_suite_is_offered( mbedtls_ssl_context *ssl,
* Extension extensions<6..2 ^ 16 - 1>;
* } ServerHello;
*/
static int ssl_tls1_3_parse_server_hello( mbedtls_ssl_context *ssl,
const unsigned char *buf,
const unsigned char *end )
static int ssl_tls13_parse_server_hello( mbedtls_ssl_context *ssl,
const unsigned char *buf,
const unsigned char *end )
{
int ret;
const unsigned char *p = buf;
@ -1189,7 +1189,7 @@ static int ssl_tls1_3_parse_server_hello( mbedtls_ssl_context *ssl,
MBEDTLS_SSL_DEBUG_MSG( 3,
( "found supported_versions extension" ) );
ret = ssl_tls1_3_parse_supported_versions_ext( ssl,
ret = ssl_tls13_parse_supported_versions_ext( ssl,
p, extension_data_len );
if( ret != 0 )
return( ret );
@ -1236,7 +1236,7 @@ static int ssl_tls1_3_parse_server_hello( mbedtls_ssl_context *ssl,
return( 0 );
}
static int ssl_tls1_3_finalize_server_hello( mbedtls_ssl_context *ssl )
static int ssl_tls13_finalize_server_hello( mbedtls_ssl_context *ssl )
{
int ret;
mbedtls_ssl_key_set traffic_keys;
@ -1305,11 +1305,11 @@ static int ssl_tls1_3_finalize_server_hello( mbedtls_ssl_context *ssl )
/* Next evolution in key schedule: Establish handshake secret and
* key material. */
ret = mbedtls_ssl_tls1_3_generate_handshake_keys( ssl, &traffic_keys );
ret = mbedtls_ssl_tls13_generate_handshake_keys( ssl, &traffic_keys );
if( ret != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1,
"mbedtls_ssl_tls1_3_generate_handshake_keys", ret );
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_tls13_generate_handshake_keys",
ret );
goto cleanup;
}
@ -1350,6 +1350,7 @@ cleanup:
{
if( transform_handshake != NULL )
mbedtls_free( transform_handshake );
MBEDTLS_SSL_PEND_FATAL_ALERT(
MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE,
MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE );
@ -1385,14 +1386,14 @@ static int ssl_tls1_3_process_server_hello( mbedtls_ssl_context *ssl )
*/
if( ret == SSL_SERVER_HELLO_COORDINATE_HELLO )
{
MBEDTLS_SSL_PROC_CHK( ssl_tls1_3_parse_server_hello( ssl, buf,
buf + buf_len ) );
MBEDTLS_SSL_PROC_CHK( ssl_tls13_parse_server_hello( ssl, buf,
buf + buf_len ) );
mbedtls_ssl_tls1_3_add_hs_msg_to_checksum( ssl,
MBEDTLS_SSL_HS_SERVER_HELLO,
buf, buf_len );
MBEDTLS_SSL_PROC_CHK( ssl_tls1_3_finalize_server_hello( ssl ) );
MBEDTLS_SSL_PROC_CHK( ssl_tls13_finalize_server_hello( ssl ) );
}
else if( ret == SSL_SERVER_HELLO_COORDINATE_HRR )
{

24
library/ssl_tls13_keys.c
View File

@ -847,10 +847,10 @@ int mbedtls_ssl_tls1_3_key_schedule_stage_early( mbedtls_ssl_context *ssl )
return( 0 );
}
/* mbedtls_ssl_tls1_3_generate_handshake_keys() generates keys necessary for
/* mbedtls_ssl_tls13_generate_handshake_keys() generates keys necessary for
* protecting the handshake messages, as described in Section 7 of TLS 1.3. */
int mbedtls_ssl_tls1_3_generate_handshake_keys( mbedtls_ssl_context *ssl,
mbedtls_ssl_key_set *traffic_keys )
int mbedtls_ssl_tls13_generate_handshake_keys( mbedtls_ssl_context *ssl,
mbedtls_ssl_key_set *traffic_keys )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
@ -864,7 +864,7 @@ int mbedtls_ssl_tls1_3_generate_handshake_keys( mbedtls_ssl_context *ssl,
mbedtls_cipher_info_t const *cipher_info;
size_t keylen, ivlen;
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> mbedtls_ssl_tls1_3_generate_handshake_keys" ) );
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> mbedtls_ssl_tls13_generate_handshake_keys" ) );
cipher_info = mbedtls_cipher_info_from_type(
ssl->handshake->ciphersuite_info->cipher );
@ -890,7 +890,7 @@ int mbedtls_ssl_tls1_3_generate_handshake_keys( mbedtls_ssl_context *ssl,
ret = mbedtls_ssl_tls1_3_derive_handshake_secrets( md_type,
ssl->handshake->tls1_3_master_secrets.handshake,
transcript, transcript_len,
&ssl->handshake->tls1_3_hs_secrets );
&ssl->handshake->tls13_hs_secrets );
if( ret != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_tls1_3_derive_handshake_secrets",
@ -899,11 +899,11 @@ int mbedtls_ssl_tls1_3_generate_handshake_keys( mbedtls_ssl_context *ssl,
}
MBEDTLS_SSL_DEBUG_BUF( 4, "Client handshake traffic secret",
ssl->handshake->tls1_3_hs_secrets.client_handshake_traffic_secret,
ssl->handshake->tls13_hs_secrets.client_handshake_traffic_secret,
md_size );
MBEDTLS_SSL_DEBUG_BUF( 4, "Server handshake traffic secret",
ssl->handshake->tls1_3_hs_secrets.server_handshake_traffic_secret,
ssl->handshake->tls13_hs_secrets.server_handshake_traffic_secret,
md_size );
/*
@ -914,7 +914,7 @@ int mbedtls_ssl_tls1_3_generate_handshake_keys( mbedtls_ssl_context *ssl,
{
ssl->f_export_keys( ssl->p_export_keys,
MBEDTLS_SSL_KEY_EXPORT_TLS13_CLIENT_HANDSHAKE_TRAFFIC_SECRET,
ssl->handshake->tls1_3_hs_secrets.client_handshake_traffic_secret,
ssl->handshake->tls13_hs_secrets.client_handshake_traffic_secret,
md_size,
ssl->handshake->randbytes + 32,
ssl->handshake->randbytes,
@ -922,7 +922,7 @@ int mbedtls_ssl_tls1_3_generate_handshake_keys( mbedtls_ssl_context *ssl,
ssl->f_export_keys( ssl->p_export_keys,
MBEDTLS_SSL_KEY_EXPORT_TLS13_SERVER_HANDSHAKE_TRAFFIC_SECRET,
ssl->handshake->tls1_3_hs_secrets.server_handshake_traffic_secret,
ssl->handshake->tls13_hs_secrets.server_handshake_traffic_secret,
md_size,
ssl->handshake->randbytes + 32,
ssl->handshake->randbytes,
@ -931,8 +931,8 @@ int mbedtls_ssl_tls1_3_generate_handshake_keys( mbedtls_ssl_context *ssl,
#endif /* MBEDTLS_SSL_EXPORT_KEYS */
ret = mbedtls_ssl_tls1_3_make_traffic_keys( md_type,
ssl->handshake->tls1_3_hs_secrets.client_handshake_traffic_secret,
ssl->handshake->tls1_3_hs_secrets.server_handshake_traffic_secret,
ssl->handshake->tls13_hs_secrets.client_handshake_traffic_secret,
ssl->handshake->tls13_hs_secrets.server_handshake_traffic_secret,
md_size,
keylen, ivlen, traffic_keys );
if( ret != 0 )
@ -957,7 +957,7 @@ int mbedtls_ssl_tls1_3_generate_handshake_keys( mbedtls_ssl_context *ssl,
traffic_keys->server_write_iv,
traffic_keys->iv_len);
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= mbedtls_ssl_tls1_3_generate_handshake_keys" ) );
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= mbedtls_ssl_tls13_generate_handshake_keys" ) );
exit:

6
library/ssl_tls13_keys.h
View File

@ -539,7 +539,7 @@ int mbedtls_ssl_tls1_3_key_schedule_stage_early( mbedtls_ssl_context *ssl );
* with states Initial -> Early -> Handshake -> Application, and
* this function represents the Early -> Handshake transition.
*
* In the handshake stage, mbedtls_ssl_tls1_3_generate_handshake_keys()
* In the handshake stage, mbedtls_ssl_tls13_generate_handshake_keys()
* can be used to derive the handshake traffic keys.
*
* \param ssl The SSL context to operate on. This must be in key schedule
@ -562,7 +562,7 @@ int mbedtls_ssl_tls13_key_schedule_stage_handshake( mbedtls_ssl_context *ssl );
* \returns \c 0 on success.
* \returns A negative error code on failure.
*/
int mbedtls_ssl_tls1_3_generate_handshake_keys( mbedtls_ssl_context *ssl,
mbedtls_ssl_key_set *traffic_keys );
int mbedtls_ssl_tls13_generate_handshake_keys( mbedtls_ssl_context *ssl,
mbedtls_ssl_key_set *traffic_keys );
#endif /* MBEDTLS_SSL_TLS1_3_KEYS_H */