AuroraMiddleware/mbedtls
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

fix various issues

Browse Source 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
This commit is contained in:
Jerry Yu 2022-04-25 19:31:51 +08:00
parent c1be19f226
commit fbe3e64b76
3 changed files with 15 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
library/ssl_misc.h
View File

@ -1628,7 +1628,8 @@ static inline int mbedtls_ssl_conf_is_hybrid_tls12_tls13( const mbedtls_ssl_conf
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 && MBEDTLS_SSL_PROTO_TLS1_3 */
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
extern const uint8_t mbedtls_ssl_tls13_hello_retry_request_magic[32];
extern const uint8_t mbedtls_ssl_tls13_hello_retry_request_magic[
MBEDTLS_SERVER_HELLO_RANDOM_LEN ];
int mbedtls_ssl_tls13_process_finished_message( mbedtls_ssl_context *ssl );
int mbedtls_ssl_tls13_write_finished_message( mbedtls_ssl_context *ssl );
void mbedtls_ssl_tls13_handshake_wrapup( mbedtls_ssl_context *ssl );

11
library/ssl_tls13_generic.c
View File

@ -34,11 +34,12 @@
#include "ssl_tls13_keys.h"
#include "ssl_debug_helpers.h"
const uint8_t mbedtls_ssl_tls13_hello_retry_request_magic[32] =
{ 0xCF, 0x21, 0xAD, 0x74, 0xE5, 0x9A, 0x61, 0x11, 0xBE,
0x1D, 0x8C, 0x02, 0x1E, 0x65, 0xB8, 0x91, 0xC2, 0xA2,
0x11, 0x16, 0x7A, 0xBB, 0x8C, 0x5E, 0x07, 0x9E, 0x09,
0xE2, 0xC8, 0xA8, 0x33 ,0x9C };
const uint8_t mbedtls_ssl_tls13_hello_retry_request_magic[
MBEDTLS_SERVER_HELLO_RANDOM_LEN ] =
{ 0xCF, 0x21, 0xAD, 0x74, 0xE5, 0x9A, 0x61, 0x11,
0xBE, 0x1D, 0x8C, 0x02, 0x1E, 0x65, 0xB8, 0x91,
0xC2, 0xA2, 0x11, 0x16, 0x7A, 0xBB, 0x8C, 0x5E,
0x07, 0x9E, 0x09, 0xE2, 0xC8, 0xA8, 0x33, 0x9C };
int mbedtls_ssl_tls13_fetch_handshake_msg( mbedtls_ssl_context *ssl,
unsigned hs_type,

13
library/ssl_tls13_server.c
View File

@ -1013,7 +1013,7 @@ static int ssl_tls13_write_server_hello_body( mbedtls_ssl_context *ssl,
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
unsigned char *p = buf;
unsigned char *p_extensions_len;
size_t output_len; /* Length of buffer used by function */
size_t output_len;
*out_len = 0;
@ -1037,12 +1037,12 @@ static int ssl_tls13_write_server_hello_body( mbedtls_ssl_context *ssl,
if( is_hrr )
{
memcpy( p, mbedtls_ssl_tls13_hello_retry_request_magic,
MBEDTLS_SERVER_HELLO_RANDOM_LEN );
MBEDTLS_SERVER_HELLO_RANDOM_LEN );
}
else
{
memcpy( p, &ssl->handshake->randbytes[MBEDTLS_CLIENT_HELLO_RANDOM_LEN],
MBEDTLS_SERVER_HELLO_RANDOM_LEN );
MBEDTLS_SERVER_HELLO_RANDOM_LEN );
}
MBEDTLS_SSL_DEBUG_BUF( 3, "server hello, random bytes",
p, MBEDTLS_SERVER_HELLO_RANDOM_LEN );
@ -1385,7 +1385,7 @@ static int ssl_tls13_write_hello_retry_request_coordinate(
mbedtls_ssl_context *ssl )
{
int ret;
if( ssl->handshake->hello_retry_request_count > 1 )
if( ssl->handshake->hello_retry_request_count > 0 )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "Too many HRRs" ) );
return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE );
@ -1416,8 +1416,9 @@ static int ssl_tls13_write_hello_retry_request( mbedtls_ssl_context *ssl )
MBEDTLS_SSL_PROC_CHK( ssl_tls13_write_hello_retry_request_coordinate( ssl ) );
MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_start_handshake_msg( ssl,
MBEDTLS_SSL_HS_SERVER_HELLO, &buf, &buf_len ) );
MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_start_handshake_msg(
ssl, MBEDTLS_SSL_HS_SERVER_HELLO,
&buf, &buf_len ) );
MBEDTLS_SSL_PROC_CHK( ssl_tls13_write_server_hello_body( ssl, buf,
buf + buf_len,