Use local macros for j-pake slient/server strings
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
This commit is contained in:
parent
aa1834254e
commit
18cd6c908c
5 changed files with 49 additions and 35 deletions
|
@ -434,9 +434,6 @@ psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed,
|
|||
#define PSA_PAKE_OPERATION_STAGE_COLLECT_INPUTS 1
|
||||
#define PSA_PAKE_OPERATION_STAGE_COMPUTATION 2
|
||||
|
||||
/** JPAKE user/peer ids. */
|
||||
#define PSA_JPAKE_SERVER_ID "server"
|
||||
#define PSA_JPAKE_CLIENT_ID "client"
|
||||
/**
|
||||
* \brief Set domain parameters for a key.
|
||||
*
|
||||
|
|
|
@ -91,6 +91,10 @@
|
|||
#define BUILTIN_ALG_ANY_HKDF 1
|
||||
#endif
|
||||
|
||||
/* JPAKE user/peer ids. */
|
||||
#define JPAKE_SERVER_ID "server"
|
||||
#define JPAKE_CLIENT_ID "client"
|
||||
|
||||
/****************************************************************/
|
||||
/* Global data, support functions and library management */
|
||||
/****************************************************************/
|
||||
|
@ -7402,8 +7406,8 @@ psa_status_t psa_pake_set_user(
|
|||
}
|
||||
|
||||
/* Allow only "client" or "server" values (temporary restriction). */
|
||||
if (memcmp(peer_id, PSA_JPAKE_SERVER_ID, peer_id_len) != 0 &&
|
||||
memcmp(peer_id, PSA_JPAKE_CLIENT_ID, peer_id_len) != 0) {
|
||||
if (memcmp(user_id, JPAKE_SERVER_ID, user_id_len) != 0 &&
|
||||
memcmp(user_id, JPAKE_CLIENT_ID, user_id_len) != 0) {
|
||||
status = PSA_ERROR_NOT_SUPPORTED;
|
||||
goto exit;
|
||||
}
|
||||
|
@ -7446,8 +7450,8 @@ psa_status_t psa_pake_set_peer(
|
|||
}
|
||||
|
||||
/* Allow only "client" or "server" values (temporary restriction). */
|
||||
if (memcmp(user_id, PSA_JPAKE_SERVER_ID, user_id_len) != 0 &&
|
||||
memcmp(user_id, PSA_JPAKE_CLIENT_ID, user_id_len) != 0) {
|
||||
if (memcmp(peer_id, JPAKE_SERVER_ID, peer_id_len) != 0 &&
|
||||
memcmp(peer_id, JPAKE_CLIENT_ID, peer_id_len) != 0) {
|
||||
status = PSA_ERROR_NOT_SUPPORTED;
|
||||
goto exit;
|
||||
}
|
||||
|
@ -7568,12 +7572,12 @@ static psa_status_t psa_pake_complete_inputs(
|
|||
}
|
||||
|
||||
if (operation->alg == PSA_ALG_JPAKE) {
|
||||
if (memcmp(inputs.user, PSA_JPAKE_CLIENT_ID, inputs.user_len) == 0 &&
|
||||
memcmp(inputs.peer, PSA_JPAKE_SERVER_ID, inputs.peer_len) == 0) {
|
||||
if (memcmp(inputs.user, JPAKE_CLIENT_ID, inputs.user_len) == 0 &&
|
||||
memcmp(inputs.peer, JPAKE_SERVER_ID, inputs.peer_len) == 0) {
|
||||
inputs.role = PSA_PAKE_ROLE_CLIENT;
|
||||
} else
|
||||
if (memcmp(inputs.user, PSA_JPAKE_SERVER_ID, inputs.user_len) == 0 &&
|
||||
memcmp(inputs.peer, PSA_JPAKE_CLIENT_ID, inputs.peer_len) == 0) {
|
||||
if (memcmp(inputs.user, JPAKE_SERVER_ID, inputs.user_len) == 0 &&
|
||||
memcmp(inputs.peer, JPAKE_CLIENT_ID, inputs.peer_len) == 0) {
|
||||
inputs.role = PSA_PAKE_ROLE_SERVER;
|
||||
}
|
||||
|
||||
|
|
|
@ -61,6 +61,10 @@
|
|||
psa_generic_status_to_mbedtls)
|
||||
#endif
|
||||
|
||||
/* JPAKE user/peer ids. */
|
||||
#define JPAKE_SERVER_ID "server"
|
||||
#define JPAKE_CLIENT_ID "client"
|
||||
|
||||
#if defined(MBEDTLS_TEST_HOOKS)
|
||||
static mbedtls_ssl_chk_buf_ptr_args chk_buf_ptr_fail_args;
|
||||
|
||||
|
@ -1972,15 +1976,15 @@ static psa_status_t mbedtls_ssl_set_hs_ecjpake_password_common(
|
|||
}
|
||||
|
||||
if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER) {
|
||||
user = (uint8_t *) PSA_JPAKE_SERVER_ID;
|
||||
user_len = strlen(PSA_JPAKE_SERVER_ID);
|
||||
peer = (uint8_t *) PSA_JPAKE_CLIENT_ID;
|
||||
peer_len = strlen(PSA_JPAKE_CLIENT_ID);
|
||||
user = (uint8_t *) JPAKE_SERVER_ID;
|
||||
user_len = strlen(JPAKE_SERVER_ID);
|
||||
peer = (uint8_t *) JPAKE_CLIENT_ID;
|
||||
peer_len = strlen(JPAKE_CLIENT_ID);
|
||||
} else {
|
||||
user = (uint8_t *) PSA_JPAKE_CLIENT_ID;
|
||||
user_len = strlen(PSA_JPAKE_CLIENT_ID);
|
||||
peer = (uint8_t *) PSA_JPAKE_SERVER_ID;
|
||||
peer_len = strlen(PSA_JPAKE_SERVER_ID);
|
||||
user = (uint8_t *) JPAKE_CLIENT_ID;
|
||||
user_len = strlen(JPAKE_CLIENT_ID);
|
||||
peer = (uint8_t *) JPAKE_SERVER_ID;
|
||||
peer_len = strlen(JPAKE_SERVER_ID);
|
||||
}
|
||||
|
||||
status = psa_pake_set_user(&ssl->handshake->psa_pake_ctx, user, user_len);
|
||||
|
|
|
@ -5,6 +5,11 @@
|
|||
Global to silent the compiler when unused. */
|
||||
size_t pake_expected_hit_count = 0;
|
||||
int pake_in_driver = 0;
|
||||
|
||||
/* JPAKE user/peer ids. */
|
||||
#define JPAKE_SERVER_ID "server"
|
||||
#define JPAKE_CLIENT_ID "client"
|
||||
|
||||
#if defined(PSA_WANT_ALG_JPAKE) && defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR) && \
|
||||
defined(PSA_WANT_ECC_SECP_R1_256) && defined(PSA_WANT_ALG_SHA_256)
|
||||
static void ecjpake_do_round(psa_algorithm_t alg, unsigned int primitive,
|
||||
|
@ -2994,10 +2999,10 @@ void pake_operations(data_t *pw_data, int forced_status_setup_arg, int forced_st
|
|||
PSA_ECC_FAMILY_SECP_R1, 256);
|
||||
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
|
||||
unsigned char *input_buffer = NULL;
|
||||
const uint8_t server_id[] = PSA_JPAKE_SERVER_ID;
|
||||
const uint8_t client_id[] = PSA_JPAKE_CLIENT_ID;
|
||||
const size_t server_id_len = strlen(PSA_JPAKE_SERVER_ID);
|
||||
const size_t client_id_len = strlen(PSA_JPAKE_CLIENT_ID);
|
||||
const uint8_t server_id[] = JPAKE_SERVER_ID;
|
||||
const uint8_t client_id[] = JPAKE_CLIENT_ID;
|
||||
const size_t server_id_len = strlen(JPAKE_SERVER_ID);
|
||||
const size_t client_id_len = strlen(JPAKE_CLIENT_ID);
|
||||
const size_t size_key_share = PSA_PAKE_INPUT_SIZE(PSA_ALG_JPAKE, primitive,
|
||||
PSA_PAKE_STEP_KEY_SHARE);
|
||||
unsigned char *output_buffer = NULL;
|
||||
|
@ -3188,10 +3193,10 @@ void ecjpake_rounds(int alg_arg, int primitive_arg, int hash_arg,
|
|||
PSA_KEY_DERIVATION_OPERATION_INIT;
|
||||
psa_key_derivation_operation_t client_derive =
|
||||
PSA_KEY_DERIVATION_OPERATION_INIT;
|
||||
const uint8_t server_id[] = PSA_JPAKE_SERVER_ID;
|
||||
const uint8_t client_id[] = PSA_JPAKE_CLIENT_ID;
|
||||
const size_t server_id_len = strlen(PSA_JPAKE_SERVER_ID);
|
||||
const size_t client_id_len = strlen(PSA_JPAKE_CLIENT_ID);
|
||||
const uint8_t server_id[] = JPAKE_SERVER_ID;
|
||||
const uint8_t client_id[] = JPAKE_CLIENT_ID;
|
||||
const size_t server_id_len = strlen(JPAKE_SERVER_ID);
|
||||
const size_t client_id_len = strlen(JPAKE_CLIENT_ID);
|
||||
pake_in_driver = in_driver;
|
||||
/* driver setup is called indirectly through pake_output/pake_input */
|
||||
if (pake_in_driver) {
|
||||
|
|
|
@ -53,6 +53,10 @@ typedef enum {
|
|||
PAKE_ROUND_TWO
|
||||
} pake_round_t;
|
||||
|
||||
/* JPAKE user/peer ids. */
|
||||
#define JPAKE_SERVER_ID "server"
|
||||
#define JPAKE_CLIENT_ID "client"
|
||||
|
||||
/*
|
||||
* Inject an error on the specified buffer ONLY it this is the correct stage.
|
||||
* Offset 7 is arbitrary, but chosen because it's "in the middle" of the part
|
||||
|
@ -733,10 +737,10 @@ void ecjpake_rounds_inject(int alg_arg, int primitive_arg, int hash_arg,
|
|||
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
|
||||
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
|
||||
ecjpake_error_stage_t err_stage = err_stage_arg;
|
||||
const uint8_t server_id[] = PSA_JPAKE_SERVER_ID;
|
||||
const uint8_t client_id[] = PSA_JPAKE_CLIENT_ID;
|
||||
const size_t server_id_len = strlen(PSA_JPAKE_SERVER_ID);
|
||||
const size_t client_id_len = strlen(PSA_JPAKE_CLIENT_ID);
|
||||
const uint8_t server_id[] = JPAKE_SERVER_ID;
|
||||
const uint8_t client_id[] = JPAKE_CLIENT_ID;
|
||||
const size_t server_id_len = strlen(JPAKE_SERVER_ID);
|
||||
const size_t client_id_len = strlen(JPAKE_CLIENT_ID);
|
||||
|
||||
PSA_INIT();
|
||||
|
||||
|
@ -801,10 +805,10 @@ void ecjpake_rounds(int alg_arg, int primitive_arg, int hash_arg,
|
|||
psa_key_derivation_operation_t client_derive =
|
||||
PSA_KEY_DERIVATION_OPERATION_INIT;
|
||||
ecjpake_error_stage_t err_stage = err_stage_arg;
|
||||
const uint8_t server_id[] = PSA_JPAKE_SERVER_ID;
|
||||
const uint8_t client_id[] = PSA_JPAKE_CLIENT_ID;
|
||||
const size_t server_id_len = strlen(PSA_JPAKE_SERVER_ID);
|
||||
const size_t client_id_len = strlen(PSA_JPAKE_CLIENT_ID);
|
||||
const uint8_t server_id[] = JPAKE_SERVER_ID;
|
||||
const uint8_t client_id[] = JPAKE_CLIENT_ID;
|
||||
const size_t server_id_len = strlen(JPAKE_SERVER_ID);
|
||||
const size_t client_id_len = strlen(JPAKE_CLIENT_ID);
|
||||
|
||||
PSA_INIT();
|
||||
|
||||
|
|
Loading…
Reference in a new issue