Fix 1_3/13 usages in macros and function names
Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>
This commit is contained in:
Xiaofei Bai
parent
74217ee03c
commit
746f9481ea
13 changed files with 398 additions and 398 deletions
|
|
@ -212,7 +212,7 @@ MVP definition
|
|||
(1) Some support has already been upstreamed but it is incomplete.
|
||||
(2) Key exchange configuration options for TLS 1.3 will likely to be
|
||||
organized around the notion of key exchange mode along the line
|
||||
of the MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_NONE/PSK/PSK_EPHEMERAL/EPHEMERAL
|
||||
of the MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_NONE/PSK/PSK_EPHEMERAL/EPHEMERAL
|
||||
runtime configuration macros.
|
||||
|
||||
- Quality considerations
|
||||
|
|
|
|||
|
|
@ -218,27 +218,27 @@
|
|||
* mbedtls_ssl_conf_tls13_key_exchange_modes().
|
||||
*/
|
||||
|
||||
#define MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK ( 1u << 0 ) /*!< Pure-PSK TLS 1.3 key exchange,
|
||||
* encompassing both externally agreed PSKs
|
||||
* as well as resumption PSKs. */
|
||||
#define MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_EPHEMERAL ( 1u << 1 ) /*!< Pure-Ephemeral TLS 1.3 key exchanges,
|
||||
* including for example ECDHE and DHE
|
||||
* key exchanges. */
|
||||
#define MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK_EPHEMERAL ( 1u << 2 ) /*!< PSK-Ephemeral TLS 1.3 key exchanges,
|
||||
* using both a PSK and an ephemeral
|
||||
* key exchange. */
|
||||
#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK ( 1u << 0 ) /*!< Pure-PSK TLS 1.3 key exchange,
|
||||
* encompassing both externally agreed PSKs
|
||||
* as well as resumption PSKs. */
|
||||
#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL ( 1u << 1 ) /*!< Pure-Ephemeral TLS 1.3 key exchanges,
|
||||
* including for example ECDHE and DHE
|
||||
* key exchanges. */
|
||||
#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL ( 1u << 2 ) /*!< PSK-Ephemeral TLS 1.3 key exchanges,
|
||||
* using both a PSK and an ephemeral
|
||||
* key exchange. */
|
||||
|
||||
/* Convenience macros for sets of key exchanges. */
|
||||
#define MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_ALL \
|
||||
( MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK | \
|
||||
MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK_EPHEMERAL | \
|
||||
MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_EPHEMERAL ) /*!< All TLS 1.3 key exchanges */
|
||||
#define MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK_ALL \
|
||||
( MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK | \
|
||||
MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK_EPHEMERAL ) /*!< All PSK-based TLS 1.3 key exchanges */
|
||||
#define MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_EPHEMERAL_ALL \
|
||||
( MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_EPHEMERAL | \
|
||||
MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK_EPHEMERAL ) /*!< All ephemeral TLS 1.3 key exchanges */
|
||||
#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_ALL \
|
||||
( MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK | \
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL | \
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL ) /*!< All TLS 1.3 key exchanges */
|
||||
#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL \
|
||||
( MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK | \
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL ) /*!< All PSK-based TLS 1.3 key exchanges */
|
||||
#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ALL \
|
||||
( MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL | \
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL ) /*!< All ephemeral TLS 1.3 key exchanges */
|
||||
|
||||
/*
|
||||
* Various constants
|
||||
|
|
@ -414,34 +414,34 @@
|
|||
*/
|
||||
|
||||
/* RSASSA-PKCS1-v1_5 algorithms */
|
||||
#define MBEDTLS_TLS13_SIG_RSA_PKCS1_SHA256 0x0401
|
||||
#define MBEDTLS_TLS13_SIG_RSA_PKCS1_SHA384 0x0501
|
||||
#define MBEDTLS_TLS13_SIG_RSA_PKCS1_SHA512 0x0601
|
||||
#define MBEDTLS_TLS1_3_SIG_RSA_PKCS1_SHA256 0x0401
|
||||
#define MBEDTLS_TLS1_3_SIG_RSA_PKCS1_SHA384 0x0501
|
||||
#define MBEDTLS_TLS1_3_SIG_RSA_PKCS1_SHA512 0x0601
|
||||
|
||||
/* ECDSA algorithms */
|
||||
#define MBEDTLS_TLS13_SIG_ECDSA_SECP256R1_SHA256 0x0403
|
||||
#define MBEDTLS_TLS13_SIG_ECDSA_SECP384R1_SHA384 0x0503
|
||||
#define MBEDTLS_TLS13_SIG_ECDSA_SECP521R1_SHA512 0x0603
|
||||
#define MBEDTLS_TLS1_3_SIG_ECDSA_SECP256R1_SHA256 0x0403
|
||||
#define MBEDTLS_TLS1_3_SIG_ECDSA_SECP384R1_SHA384 0x0503
|
||||
#define MBEDTLS_TLS1_3_SIG_ECDSA_SECP521R1_SHA512 0x0603
|
||||
|
||||
/* RSASSA-PSS algorithms with public key OID rsaEncryption */
|
||||
#define MBEDTLS_TLS13_SIG_RSA_PSS_RSAE_SHA256 0x0804
|
||||
#define MBEDTLS_TLS13_SIG_RSA_PSS_RSAE_SHA384 0x0805
|
||||
#define MBEDTLS_TLS13_SIG_RSA_PSS_RSAE_SHA512 0x0806
|
||||
#define MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA256 0x0804
|
||||
#define MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA384 0x0805
|
||||
#define MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA512 0x0806
|
||||
|
||||
/* EdDSA algorithms */
|
||||
#define MBEDTLS_TLS13_SIG_ED25519 0x0807
|
||||
#define MBEDTLS_TLS13_SIG_ED448 0x0808
|
||||
#define MBEDTLS_TLS1_3_SIG_ED25519 0x0807
|
||||
#define MBEDTLS_TLS1_3_SIG_ED448 0x0808
|
||||
|
||||
/* RSASSA-PSS algorithms with public key OID RSASSA-PSS */
|
||||
#define MBEDTLS_TLS13_SIG_RSA_PSS_PSS_SHA256 0x0809
|
||||
#define MBEDTLS_TLS13_SIG_RSA_PSS_PSS_SHA384 0x080A
|
||||
#define MBEDTLS_TLS13_SIG_RSA_PSS_PSS_SHA512 0x080B
|
||||
#define MBEDTLS_TLS1_3_SIG_RSA_PSS_PSS_SHA256 0x0809
|
||||
#define MBEDTLS_TLS1_3_SIG_RSA_PSS_PSS_SHA384 0x080A
|
||||
#define MBEDTLS_TLS1_3_SIG_RSA_PSS_PSS_SHA512 0x080B
|
||||
|
||||
/* LEGACY ALGORITHMS */
|
||||
#define MBEDTLS_TLS13_SIG_RSA_PKCS1_SHA1 0x0201
|
||||
#define MBEDTLS_TLS13_SIG_ECDSA_SHA1 0x0203
|
||||
#define MBEDTLS_TLS1_3_SIG_RSA_PKCS1_SHA1 0x0201
|
||||
#define MBEDTLS_TLS1_3_SIG_ECDSA_SHA1 0x0203
|
||||
|
||||
#define MBEDTLS_TLS13_SIG_NONE 0x0
|
||||
#define MBEDTLS_TLS1_3_SIG_NONE 0x0
|
||||
|
||||
/*
|
||||
* Client Certificate Types
|
||||
|
|
@ -1058,7 +1058,7 @@ typedef struct
|
|||
unsigned char server_application_traffic_secret_N[ MBEDTLS_TLS1_3_MD_MAX_SIZE ];
|
||||
unsigned char exporter_master_secret [ MBEDTLS_TLS1_3_MD_MAX_SIZE ];
|
||||
unsigned char resumption_master_secret [ MBEDTLS_TLS1_3_MD_MAX_SIZE ];
|
||||
} mbedtls_ssl_tls1_3_application_secrets;
|
||||
} mbedtls_ssl_tls13_application_secrets;
|
||||
|
||||
#if defined(MBEDTLS_SSL_DTLS_SRTP)
|
||||
|
||||
|
|
@ -1152,7 +1152,7 @@ struct mbedtls_ssl_session
|
|||
#endif
|
||||
|
||||
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
|
||||
mbedtls_ssl_tls1_3_application_secrets MBEDTLS_PRIVATE(app_secrets);
|
||||
mbedtls_ssl_tls13_application_secrets MBEDTLS_PRIVATE(app_secrets);
|
||||
#endif
|
||||
};
|
||||
|
||||
|
|
@ -1173,12 +1173,12 @@ typedef enum
|
|||
{
|
||||
MBEDTLS_SSL_KEY_EXPORT_TLS12_MASTER_SECRET = 0,
|
||||
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
|
||||
MBEDTLS_SSL_KEY_EXPORT_TLS13_CLIENT_EARLY_SECRET,
|
||||
MBEDTLS_SSL_KEY_EXPORT_TLS13_EARLY_EXPORTER_SECRET,
|
||||
MBEDTLS_SSL_KEY_EXPORT_TLS13_CLIENT_HANDSHAKE_TRAFFIC_SECRET,
|
||||
MBEDTLS_SSL_KEY_EXPORT_TLS13_SERVER_HANDSHAKE_TRAFFIC_SECRET,
|
||||
MBEDTLS_SSL_KEY_EXPORT_TLS13_CLIENT_APPLICATION_TRAFFIC_SECRET,
|
||||
MBEDTLS_SSL_KEY_EXPORT_TLS13_SERVER_APPLICATION_TRAFFIC_SECRET,
|
||||
MBEDTLS_SSL_KEY_EXPORT_TLS1_3_CLIENT_EARLY_SECRET,
|
||||
MBEDTLS_SSL_KEY_EXPORT_TLS1_3_EARLY_EXPORTER_SECRET,
|
||||
MBEDTLS_SSL_KEY_EXPORT_TLS1_3_CLIENT_HANDSHAKE_TRAFFIC_SECRET,
|
||||
MBEDTLS_SSL_KEY_EXPORT_TLS1_3_SERVER_HANDSHAKE_TRAFFIC_SECRET,
|
||||
MBEDTLS_SSL_KEY_EXPORT_TLS1_3_CLIENT_APPLICATION_TRAFFIC_SECRET,
|
||||
MBEDTLS_SSL_KEY_EXPORT_TLS1_3_SERVER_APPLICATION_TRAFFIC_SECRET,
|
||||
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
|
||||
} mbedtls_ssl_key_export_type;
|
||||
|
||||
|
|
@ -2759,20 +2759,20 @@ void mbedtls_ssl_conf_ciphersuites( mbedtls_ssl_config *conf,
|
|||
*
|
||||
* \param conf The SSL configuration the change should apply to.
|
||||
* \param kex_modes A bitwise combination of one or more of the following:
|
||||
* - MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK
|
||||
* - MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK
|
||||
* This flag enables pure-PSK key exchanges.
|
||||
* - MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK_EPHEMERAL
|
||||
* - MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL
|
||||
* This flag enables combined PSK-ephemeral key exchanges.
|
||||
* - MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_EPHEMERAL
|
||||
* - MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL
|
||||
* This flag enables pure-ephemeral key exchanges.
|
||||
* For convenience, the following pre-defined macros are
|
||||
* available for combinations of the above:
|
||||
* - MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_ALL
|
||||
* - MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_ALL
|
||||
* Includes all of pure-PSK, PSK-ephemeral and pure-ephemeral.
|
||||
* - MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK_ALL
|
||||
* - MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL
|
||||
* Includes both pure-PSK and combined PSK-ephemeral
|
||||
* key exchanges, but excludes pure-ephemeral key exchanges.
|
||||
* - MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_EPHEMERAL_ALL
|
||||
* - MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ALL
|
||||
* Includes both pure-ephemeral and combined PSK-ephemeral
|
||||
* key exchanges.
|
||||
*
|
||||
|
|
@ -3252,7 +3252,7 @@ void MBEDTLS_DEPRECATED mbedtls_ssl_conf_curves( mbedtls_ssl_config *conf,
|
|||
* \param conf SSL configuration
|
||||
* \param groups List of allowed groups ordered by preference, terminated by 0.
|
||||
* Must contain valid IANA NamedGroup IDs (provided via either an integer
|
||||
* or using MBEDTLS_TLS13_NAMED_GROUP_XXX macros).
|
||||
* or using MBEDTLS_TLS1_3_NAMED_GROUP_XXX macros).
|
||||
*/
|
||||
void mbedtls_ssl_conf_groups( mbedtls_ssl_config *conf,
|
||||
const uint16_t *groups );
|
||||
|
|
@ -3296,9 +3296,9 @@ void mbedtls_ssl_conf_sig_hashes( mbedtls_ssl_config *conf,
|
|||
*
|
||||
* \param conf The SSL configuration to use.
|
||||
* \param sig_algs List of allowed IANA values for TLS 1.3 signature algorithms,
|
||||
* terminated by \c MBEDTLS_TLS13_SIG_NONE. The list must remain
|
||||
* terminated by \c MBEDTLS_TLS1_3_SIG_NONE. The list must remain
|
||||
* available throughout the lifetime of the conf object. Supported
|
||||
* values are available as \c MBEDTLS_TLS13_SIG_XXXX
|
||||
* values are available as \c MBEDTLS_TLS1_3_SIG_XXXX
|
||||
*/
|
||||
void mbedtls_ssl_conf_sig_algs( mbedtls_ssl_config *conf,
|
||||
const uint16_t* sig_algs );
|
||||
|
|
|
|||
|
|
@ -512,13 +512,13 @@ typedef struct
|
|||
unsigned char binder_key [ MBEDTLS_TLS1_3_MD_MAX_SIZE ];
|
||||
unsigned char client_early_traffic_secret [ MBEDTLS_TLS1_3_MD_MAX_SIZE ];
|
||||
unsigned char early_exporter_master_secret[ MBEDTLS_TLS1_3_MD_MAX_SIZE ];
|
||||
} mbedtls_ssl_tls1_3_early_secrets;
|
||||
} mbedtls_ssl_tls13_early_secrets;
|
||||
|
||||
typedef struct
|
||||
{
|
||||
unsigned char client_handshake_traffic_secret[ MBEDTLS_TLS1_3_MD_MAX_SIZE ];
|
||||
unsigned char server_handshake_traffic_secret[ MBEDTLS_TLS1_3_MD_MAX_SIZE ];
|
||||
} mbedtls_ssl_tls1_3_handshake_secrets;
|
||||
} mbedtls_ssl_tls13_handshake_secrets;
|
||||
|
||||
/*
|
||||
* This structure contains the parameters only needed during handshake.
|
||||
|
|
@ -767,7 +767,7 @@ struct mbedtls_ssl_handshake_params
|
|||
unsigned char app [MBEDTLS_TLS1_3_MD_MAX_SIZE];
|
||||
} tls1_3_master_secrets;
|
||||
|
||||
mbedtls_ssl_tls1_3_handshake_secrets tls13_hs_secrets;
|
||||
mbedtls_ssl_tls13_handshake_secrets tls13_hs_secrets;
|
||||
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
|
||||
|
||||
#if defined(MBEDTLS_SSL_SESSION_TICKETS)
|
||||
|
|
@ -1528,31 +1528,31 @@ static inline unsigned mbedtls_ssl_conf_tls13_check_kex_modes( mbedtls_ssl_conte
|
|||
static inline int mbedtls_ssl_conf_tls13_psk_enabled( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
return( mbedtls_ssl_conf_tls13_check_kex_modes( ssl,
|
||||
MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK ) );
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK ) );
|
||||
}
|
||||
|
||||
static inline int mbedtls_ssl_conf_tls13_psk_ephemeral_enabled( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
return( mbedtls_ssl_conf_tls13_check_kex_modes( ssl,
|
||||
MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK_EPHEMERAL ) );
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL ) );
|
||||
}
|
||||
|
||||
static inline int mbedtls_ssl_conf_tls13_ephemeral_enabled( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
return( mbedtls_ssl_conf_tls13_check_kex_modes( ssl,
|
||||
MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_EPHEMERAL ) );
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL ) );
|
||||
}
|
||||
|
||||
static inline int mbedtls_ssl_conf_tls13_some_ephemeral_enabled( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
return( mbedtls_ssl_conf_tls13_check_kex_modes( ssl,
|
||||
MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_EPHEMERAL_ALL ) );
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ALL ) );
|
||||
}
|
||||
|
||||
static inline int mbedtls_ssl_conf_tls13_some_psk_enabled( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
return( mbedtls_ssl_conf_tls13_check_kex_modes( ssl,
|
||||
MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK_ALL ) );
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL ) );
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -1565,41 +1565,41 @@ static inline int mbedtls_ssl_conf_tls13_some_psk_enabled( mbedtls_ssl_context *
|
|||
* \return 0 if at least one of the key exchange modes is supported,
|
||||
* !=0 otherwise.
|
||||
*/
|
||||
static inline unsigned mbedtls_ssl_tls1_3_check_kex_modes( mbedtls_ssl_context *ssl,
|
||||
int kex_modes_mask )
|
||||
static inline unsigned mbedtls_ssl_tls13_check_kex_modes( mbedtls_ssl_context *ssl,
|
||||
int kex_modes_mask )
|
||||
{
|
||||
return( ( ssl->handshake->tls1_3_kex_modes & kex_modes_mask ) == 0 );
|
||||
}
|
||||
|
||||
static inline int mbedtls_ssl_tls1_3_psk_enabled( mbedtls_ssl_context *ssl )
|
||||
static inline int mbedtls_ssl_tls13_psk_enabled( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
return( ! mbedtls_ssl_tls1_3_check_kex_modes( ssl,
|
||||
MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK ) );
|
||||
return( ! mbedtls_ssl_tls13_check_kex_modes( ssl,
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK ) );
|
||||
}
|
||||
|
||||
static inline int mbedtls_ssl_tls1_3_psk_ephemeral_enabled(
|
||||
static inline int mbedtls_ssl_tls13_psk_ephemeral_enabled(
|
||||
mbedtls_ssl_context *ssl )
|
||||
{
|
||||
return( ! mbedtls_ssl_tls1_3_check_kex_modes( ssl,
|
||||
MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK_EPHEMERAL ) );
|
||||
return( ! mbedtls_ssl_tls13_check_kex_modes( ssl,
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL ) );
|
||||
}
|
||||
|
||||
static inline int mbedtls_ssl_tls1_3_ephemeral_enabled( mbedtls_ssl_context *ssl )
|
||||
static inline int mbedtls_ssl_tls13_ephemeral_enabled( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
return( ! mbedtls_ssl_tls1_3_check_kex_modes( ssl,
|
||||
MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_EPHEMERAL ) );
|
||||
return( ! mbedtls_ssl_tls13_check_kex_modes( ssl,
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL ) );
|
||||
}
|
||||
|
||||
static inline int mbedtls_ssl_tls1_3_some_ephemeral_enabled( mbedtls_ssl_context *ssl )
|
||||
static inline int mbedtls_ssl_tls13_some_ephemeral_enabled( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
return( ! mbedtls_ssl_tls1_3_check_kex_modes( ssl,
|
||||
MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_EPHEMERAL_ALL ) );
|
||||
return( ! mbedtls_ssl_tls13_check_kex_modes( ssl,
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ALL ) );
|
||||
}
|
||||
|
||||
static inline int mbedtls_ssl_tls1_3_some_psk_enabled( mbedtls_ssl_context *ssl )
|
||||
static inline int mbedtls_ssl_tls13_some_psk_enabled( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
return( ! mbedtls_ssl_tls1_3_check_kex_modes( ssl,
|
||||
MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK_ALL ) );
|
||||
return( ! mbedtls_ssl_tls13_check_kex_modes( ssl,
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL ) );
|
||||
}
|
||||
|
||||
/*
|
||||
|
|
@ -1629,10 +1629,10 @@ static inline void mbedtls_ssl_handshake_set_state( mbedtls_ssl_context *ssl,
|
|||
/*
|
||||
* Fetch TLS 1.3 handshake message header
|
||||
*/
|
||||
int mbedtls_ssl_tls1_3_fetch_handshake_msg( mbedtls_ssl_context *ssl,
|
||||
unsigned hs_type,
|
||||
unsigned char **buf,
|
||||
size_t *buf_len );
|
||||
int mbedtls_ssl_tls13_fetch_handshake_msg( mbedtls_ssl_context *ssl,
|
||||
unsigned hs_type,
|
||||
unsigned char **buf,
|
||||
size_t *buf_len );
|
||||
|
||||
/*
|
||||
* Write TLS 1.3 handshake message header
|
||||
|
|
@ -1666,10 +1666,10 @@ void mbedtls_ssl_tls13_add_hs_hdr_to_checksum( mbedtls_ssl_context *ssl,
|
|||
/*
|
||||
* Update checksum of handshake messages.
|
||||
*/
|
||||
void mbedtls_ssl_tls1_3_add_hs_msg_to_checksum( mbedtls_ssl_context *ssl,
|
||||
unsigned hs_type,
|
||||
unsigned char const *msg,
|
||||
size_t msg_len );
|
||||
void mbedtls_ssl_tls13_add_hs_msg_to_checksum( mbedtls_ssl_context *ssl,
|
||||
unsigned hs_type,
|
||||
unsigned char const *msg,
|
||||
size_t msg_len );
|
||||
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
|
||||
/*
|
||||
|
|
|
|||
|
|
@ -3574,7 +3574,7 @@ void mbedtls_ssl_conf_ciphersuites( mbedtls_ssl_config *conf,
|
|||
void mbedtls_ssl_conf_tls13_key_exchange_modes( mbedtls_ssl_config *conf,
|
||||
const int kex_modes )
|
||||
{
|
||||
conf->tls13_kex_modes = kex_modes & MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_ALL;
|
||||
conf->tls13_kex_modes = kex_modes & MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_ALL;
|
||||
}
|
||||
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
|
||||
|
||||
|
|
@ -6362,13 +6362,13 @@ static uint16_t ssl_preset_default_sig_algs[] = {
|
|||
/* ECDSA algorithms */
|
||||
#if defined(MBEDTLS_ECDSA_C)
|
||||
#if defined(MBEDTLS_SHA256_C) && defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
|
||||
MBEDTLS_TLS13_SIG_ECDSA_SECP256R1_SHA256,
|
||||
MBEDTLS_TLS1_3_SIG_ECDSA_SECP256R1_SHA256,
|
||||
#endif /* MBEDTLS_SHA256_C && MBEDTLS_ECP_DP_SECP256R1_ENABLED */
|
||||
#if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
|
||||
MBEDTLS_TLS13_SIG_ECDSA_SECP384R1_SHA384,
|
||||
MBEDTLS_TLS1_3_SIG_ECDSA_SECP384R1_SHA384,
|
||||
#endif /* MBEDTLS_SHA512_C && MBEDTLS_ECP_DP_SECP384R1_ENABLED */
|
||||
#if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
|
||||
MBEDTLS_TLS13_SIG_ECDSA_SECP521R1_SHA512,
|
||||
MBEDTLS_TLS1_3_SIG_ECDSA_SECP521R1_SHA512,
|
||||
#endif /* MBEDTLS_SHA512_C && MBEDTLS_ECP_DP_SECP521R1_ENABLED */
|
||||
#endif /* MBEDTLS_ECDSA_C */
|
||||
|
||||
|
|
@ -6385,10 +6385,10 @@ static uint16_t ssl_preset_suiteb_sig_algs[] = {
|
|||
/* ECDSA algorithms */
|
||||
#if defined(MBEDTLS_ECDSA_C)
|
||||
#if defined(MBEDTLS_SHA256_C) && defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
|
||||
MBEDTLS_TLS13_SIG_ECDSA_SECP256R1_SHA256,
|
||||
MBEDTLS_TLS1_3_SIG_ECDSA_SECP256R1_SHA256,
|
||||
#endif /* MBEDTLS_SHA256_C && MBEDTLS_ECP_DP_SECP256R1_ENABLED */
|
||||
#if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
|
||||
MBEDTLS_TLS13_SIG_ECDSA_SECP384R1_SHA384,
|
||||
MBEDTLS_TLS1_3_SIG_ECDSA_SECP384R1_SHA384,
|
||||
#endif /* MBEDTLS_SHA512_C && MBEDTLS_ECP_DP_SECP384R1_ENABLED */
|
||||
#endif /* MBEDTLS_ECDSA_C */
|
||||
|
||||
|
|
@ -6495,7 +6495,7 @@ int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf,
|
|||
/*
|
||||
* Allow all TLS 1.3 key exchange modes by default.
|
||||
*/
|
||||
conf->tls13_kex_modes = MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_ALL;
|
||||
conf->tls13_kex_modes = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_ALL;
|
||||
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
|
||||
|
||||
/*
|
||||
|
|
|
|||
|
|
@ -1257,17 +1257,17 @@ static int ssl_tls13_finalize_server_hello( mbedtls_ssl_context *ssl )
|
|||
{
|
||||
/* Only the pre_shared_key extension was received */
|
||||
case MBEDTLS_SSL_EXT_PRE_SHARED_KEY:
|
||||
handshake->tls1_3_kex_modes = MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK;
|
||||
handshake->tls1_3_kex_modes = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK;
|
||||
break;
|
||||
|
||||
/* Only the key_share extension was received */
|
||||
case MBEDTLS_SSL_EXT_KEY_SHARE:
|
||||
handshake->tls1_3_kex_modes = MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_EPHEMERAL;
|
||||
handshake->tls1_3_kex_modes = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL;
|
||||
break;
|
||||
|
||||
/* Both the pre_shared_key and key_share extensions were received */
|
||||
case ( MBEDTLS_SSL_EXT_PRE_SHARED_KEY | MBEDTLS_SSL_EXT_KEY_SHARE ):
|
||||
handshake->tls1_3_kex_modes = MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK_EPHEMERAL;
|
||||
handshake->tls1_3_kex_modes = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL;
|
||||
break;
|
||||
|
||||
/* Neither pre_shared_key nor key_share extension was received */
|
||||
|
|
@ -1282,10 +1282,10 @@ static int ssl_tls13_finalize_server_hello( mbedtls_ssl_context *ssl )
|
|||
* TODO: We don't have to do this in case we offered 0-RTT and the
|
||||
* server accepted it. In this case, we could skip generating
|
||||
* the early secret. */
|
||||
ret = mbedtls_ssl_tls1_3_key_schedule_stage_early( ssl );
|
||||
ret = mbedtls_ssl_tls13_key_schedule_stage_early( ssl );
|
||||
if( ret != 0 )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_tls1_3_key_schedule_stage_early_data",
|
||||
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_tls13_key_schedule_stage_early_data",
|
||||
ret );
|
||||
goto cleanup;
|
||||
}
|
||||
|
|
@ -1294,7 +1294,7 @@ static int ssl_tls13_finalize_server_hello( mbedtls_ssl_context *ssl )
|
|||
ret = mbedtls_ssl_tls13_key_schedule_stage_handshake( ssl );
|
||||
if( ret != 0 )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_tls1_3_derive_master_secret", ret );
|
||||
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_tls13_derive_master_secret", ret );
|
||||
goto cleanup;
|
||||
}
|
||||
|
||||
|
|
@ -1355,7 +1355,7 @@ cleanup:
|
|||
* Wait and parse ServerHello handshake message.
|
||||
* Handler for MBEDTLS_SSL_SERVER_HELLO
|
||||
*/
|
||||
static int ssl_tls1_3_process_server_hello( mbedtls_ssl_context *ssl )
|
||||
static int ssl_tls13_process_server_hello( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
unsigned char *buf;
|
||||
|
|
@ -1381,9 +1381,9 @@ static int ssl_tls1_3_process_server_hello( mbedtls_ssl_context *ssl )
|
|||
MBEDTLS_SSL_PROC_CHK( ssl_tls13_parse_server_hello( ssl, buf,
|
||||
buf + buf_len ) );
|
||||
|
||||
mbedtls_ssl_tls1_3_add_hs_msg_to_checksum( ssl,
|
||||
MBEDTLS_SSL_HS_SERVER_HELLO,
|
||||
buf, buf_len );
|
||||
mbedtls_ssl_tls13_add_hs_msg_to_checksum( ssl,
|
||||
MBEDTLS_SSL_HS_SERVER_HELLO,
|
||||
buf, buf_len );
|
||||
|
||||
MBEDTLS_SSL_PROC_CHK( ssl_tls13_finalize_server_hello( ssl ) );
|
||||
}
|
||||
|
|
@ -1432,7 +1432,7 @@ static int ssl_tls13_process_encrypted_extensions( mbedtls_ssl_context *ssl )
|
|||
|
||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse encrypted extensions" ) );
|
||||
|
||||
MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_tls1_3_fetch_handshake_msg( ssl,
|
||||
MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_tls13_fetch_handshake_msg( ssl,
|
||||
MBEDTLS_SSL_HS_ENCRYPTED_EXTENSIONS,
|
||||
&buf, &buf_len ) );
|
||||
|
||||
|
|
@ -1440,7 +1440,7 @@ static int ssl_tls13_process_encrypted_extensions( mbedtls_ssl_context *ssl )
|
|||
MBEDTLS_SSL_PROC_CHK(
|
||||
ssl_tls13_parse_encrypted_extensions( ssl, buf, buf + buf_len ) );
|
||||
|
||||
mbedtls_ssl_tls1_3_add_hs_msg_to_checksum(
|
||||
mbedtls_ssl_tls13_add_hs_msg_to_checksum(
|
||||
ssl, MBEDTLS_SSL_HS_ENCRYPTED_EXTENSIONS, buf, buf_len );
|
||||
|
||||
MBEDTLS_SSL_PROC_CHK( ssl_tls13_postprocess_encrypted_extensions( ssl ) );
|
||||
|
|
@ -1530,7 +1530,7 @@ static int ssl_tls13_parse_encrypted_extensions( mbedtls_ssl_context *ssl,
|
|||
static int ssl_tls13_postprocess_encrypted_extensions( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
|
||||
if( mbedtls_ssl_tls1_3_some_psk_enabled( ssl ) )
|
||||
if( mbedtls_ssl_tls13_some_psk_enabled( ssl ) )
|
||||
mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SERVER_FINISHED );
|
||||
else
|
||||
mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CERTIFICATE_REQUEST );
|
||||
|
|
@ -1573,7 +1573,7 @@ static int ssl_tls13_process_certificate_request( mbedtls_ssl_context *ssl )
|
|||
/*
|
||||
* Handler for MBEDTLS_SSL_SERVER_CERTIFICATE
|
||||
*/
|
||||
static int ssl_tls1_3_process_server_certificate( mbedtls_ssl_context *ssl )
|
||||
static int ssl_tls13_process_server_certificate( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret;
|
||||
|
||||
|
|
@ -1588,7 +1588,7 @@ static int ssl_tls1_3_process_server_certificate( mbedtls_ssl_context *ssl )
|
|||
/*
|
||||
* Handler for MBEDTLS_SSL_CERTIFICATE_VERIFY
|
||||
*/
|
||||
static int ssl_tls1_3_process_certificate_verify( mbedtls_ssl_context *ssl )
|
||||
static int ssl_tls13_process_certificate_verify( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret;
|
||||
|
||||
|
|
@ -1603,7 +1603,7 @@ static int ssl_tls1_3_process_certificate_verify( mbedtls_ssl_context *ssl )
|
|||
/*
|
||||
* Handler for MBEDTLS_SSL_SERVER_FINISHED
|
||||
*/
|
||||
static int ssl_tls1_3_process_server_finished( mbedtls_ssl_context *ssl )
|
||||
static int ssl_tls13_process_server_finished( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret;
|
||||
|
||||
|
|
@ -1634,7 +1634,7 @@ static int ssl_tls13_write_client_finished( mbedtls_ssl_context *ssl )
|
|||
/*
|
||||
* Handler for MBEDTLS_SSL_FLUSH_BUFFERS
|
||||
*/
|
||||
static int ssl_tls1_3_flush_buffers( mbedtls_ssl_context *ssl )
|
||||
static int ssl_tls13_flush_buffers( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "handshake: done" ) );
|
||||
mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_HANDSHAKE_WRAPUP );
|
||||
|
|
@ -1644,7 +1644,7 @@ static int ssl_tls1_3_flush_buffers( mbedtls_ssl_context *ssl )
|
|||
/*
|
||||
* Handler for MBEDTLS_SSL_HANDSHAKE_WRAPUP
|
||||
*/
|
||||
static int ssl_tls1_3_handshake_wrapup( mbedtls_ssl_context *ssl )
|
||||
static int ssl_tls13_handshake_wrapup( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "Switch to application keys for inbound traffic" ) );
|
||||
mbedtls_ssl_set_inbound_transform ( ssl, ssl->transform_application );
|
||||
|
|
@ -1676,7 +1676,7 @@ int mbedtls_ssl_tls13_handshake_client_step( mbedtls_ssl_context *ssl )
|
|||
break;
|
||||
|
||||
case MBEDTLS_SSL_SERVER_HELLO:
|
||||
ret = ssl_tls1_3_process_server_hello( ssl );
|
||||
ret = ssl_tls13_process_server_hello( ssl );
|
||||
break;
|
||||
|
||||
case MBEDTLS_SSL_ENCRYPTED_EXTENSIONS:
|
||||
|
|
@ -1689,16 +1689,16 @@ int mbedtls_ssl_tls13_handshake_client_step( mbedtls_ssl_context *ssl )
|
|||
break;
|
||||
|
||||
case MBEDTLS_SSL_SERVER_CERTIFICATE:
|
||||
ret = ssl_tls1_3_process_server_certificate( ssl );
|
||||
ret = ssl_tls13_process_server_certificate( ssl );
|
||||
break;
|
||||
|
||||
case MBEDTLS_SSL_CERTIFICATE_VERIFY:
|
||||
ret = ssl_tls1_3_process_certificate_verify( ssl );
|
||||
ret = ssl_tls13_process_certificate_verify( ssl );
|
||||
break;
|
||||
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
|
||||
|
||||
case MBEDTLS_SSL_SERVER_FINISHED:
|
||||
ret = ssl_tls1_3_process_server_finished( ssl );
|
||||
ret = ssl_tls13_process_server_finished( ssl );
|
||||
break;
|
||||
|
||||
case MBEDTLS_SSL_CLIENT_FINISHED:
|
||||
|
|
@ -1706,11 +1706,11 @@ int mbedtls_ssl_tls13_handshake_client_step( mbedtls_ssl_context *ssl )
|
|||
break;
|
||||
|
||||
case MBEDTLS_SSL_FLUSH_BUFFERS:
|
||||
ret = ssl_tls1_3_flush_buffers( ssl );
|
||||
ret = ssl_tls13_flush_buffers( ssl );
|
||||
break;
|
||||
|
||||
case MBEDTLS_SSL_HANDSHAKE_WRAPUP:
|
||||
ret = ssl_tls1_3_handshake_wrapup( ssl );
|
||||
ret = ssl_tls13_handshake_wrapup( ssl );
|
||||
break;
|
||||
|
||||
default:
|
||||
|
|
|
|||
|
|
@ -35,10 +35,10 @@
|
|||
#include "ssl_misc.h"
|
||||
#include "ssl_tls13_keys.h"
|
||||
|
||||
int mbedtls_ssl_tls1_3_fetch_handshake_msg( mbedtls_ssl_context *ssl,
|
||||
unsigned hs_type,
|
||||
unsigned char **buf,
|
||||
size_t *buflen )
|
||||
int mbedtls_ssl_tls13_fetch_handshake_msg( mbedtls_ssl_context *ssl,
|
||||
unsigned hs_type,
|
||||
unsigned char **buf,
|
||||
size_t *buflen )
|
||||
{
|
||||
int ret;
|
||||
|
||||
|
|
@ -111,10 +111,10 @@ cleanup:
|
|||
return( ret );
|
||||
}
|
||||
|
||||
void mbedtls_ssl_tls1_3_add_hs_msg_to_checksum( mbedtls_ssl_context *ssl,
|
||||
unsigned hs_type,
|
||||
unsigned char const *msg,
|
||||
size_t msg_len )
|
||||
void mbedtls_ssl_tls13_add_hs_msg_to_checksum( mbedtls_ssl_context *ssl,
|
||||
unsigned hs_type,
|
||||
unsigned char const *msg,
|
||||
size_t msg_len )
|
||||
{
|
||||
mbedtls_ssl_tls13_add_hs_hdr_to_checksum( ssl, hs_type, msg_len );
|
||||
ssl->handshake->update_checksum( ssl, msg, msg_len );
|
||||
|
|
@ -190,7 +190,7 @@ int mbedtls_ssl_tls13_write_sig_alg_ext( mbedtls_ssl_context *ssl,
|
|||
*/
|
||||
supported_sig_alg_ptr = p;
|
||||
for( const uint16_t *sig_alg = ssl->conf->tls13_sig_algs;
|
||||
*sig_alg != MBEDTLS_TLS13_SIG_NONE; sig_alg++ )
|
||||
*sig_alg != MBEDTLS_TLS1_3_SIG_NONE; sig_alg++ )
|
||||
{
|
||||
MBEDTLS_SSL_CHK_BUF_PTR( p, end, 2 );
|
||||
MBEDTLS_PUT_UINT16_BE( *sig_alg, p, 0 );
|
||||
|
|
@ -298,7 +298,7 @@ static int ssl_tls13_sig_alg_is_offered( const mbedtls_ssl_context *ssl,
|
|||
{
|
||||
const uint16_t *tls13_sig_alg = ssl->conf->tls13_sig_algs;
|
||||
|
||||
for( ; *tls13_sig_alg != MBEDTLS_TLS13_SIG_NONE ; tls13_sig_alg++ )
|
||||
for( ; *tls13_sig_alg != MBEDTLS_TLS1_3_SIG_NONE ; tls13_sig_alg++ )
|
||||
{
|
||||
if( *tls13_sig_alg == sig_alg )
|
||||
return( 1 );
|
||||
|
|
@ -362,15 +362,15 @@ static int ssl_tls13_parse_certificate_verify( mbedtls_ssl_context *ssl,
|
|||
/* We currently only support ECDSA-based signatures */
|
||||
switch( algorithm )
|
||||
{
|
||||
case MBEDTLS_TLS13_SIG_ECDSA_SECP256R1_SHA256:
|
||||
case MBEDTLS_TLS1_3_SIG_ECDSA_SECP256R1_SHA256:
|
||||
md_alg = MBEDTLS_MD_SHA256;
|
||||
sig_alg = MBEDTLS_PK_ECDSA;
|
||||
break;
|
||||
case MBEDTLS_TLS13_SIG_ECDSA_SECP384R1_SHA384:
|
||||
case MBEDTLS_TLS1_3_SIG_ECDSA_SECP384R1_SHA384:
|
||||
md_alg = MBEDTLS_MD_SHA384;
|
||||
sig_alg = MBEDTLS_PK_ECDSA;
|
||||
break;
|
||||
case MBEDTLS_TLS13_SIG_ECDSA_SECP521R1_SHA512:
|
||||
case MBEDTLS_TLS1_3_SIG_ECDSA_SECP521R1_SHA512:
|
||||
md_alg = MBEDTLS_MD_SHA512;
|
||||
sig_alg = MBEDTLS_PK_ECDSA;
|
||||
break;
|
||||
|
|
@ -490,7 +490,7 @@ int mbedtls_ssl_tls13_process_certificate_verify( mbedtls_ssl_context *ssl )
|
|||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse certificate verify" ) );
|
||||
|
||||
MBEDTLS_SSL_PROC_CHK(
|
||||
mbedtls_ssl_tls1_3_fetch_handshake_msg( ssl,
|
||||
mbedtls_ssl_tls13_fetch_handshake_msg( ssl,
|
||||
MBEDTLS_SSL_HS_CERTIFICATE_VERIFY, &buf, &buf_len ) );
|
||||
|
||||
/* Need to calculate the hash of the transcript first
|
||||
|
|
@ -524,7 +524,7 @@ int mbedtls_ssl_tls13_process_certificate_verify( mbedtls_ssl_context *ssl )
|
|||
MBEDTLS_SSL_PROC_CHK( ssl_tls13_parse_certificate_verify( ssl, buf,
|
||||
buf + buf_len, verify_buffer, verify_buffer_len ) );
|
||||
|
||||
mbedtls_ssl_tls1_3_add_hs_msg_to_checksum( ssl,
|
||||
mbedtls_ssl_tls13_add_hs_msg_to_checksum( ssl,
|
||||
MBEDTLS_SSL_HS_CERTIFICATE_VERIFY, buf, buf_len );
|
||||
|
||||
cleanup:
|
||||
|
|
@ -850,7 +850,7 @@ int mbedtls_ssl_tls13_process_certificate( mbedtls_ssl_context *ssl )
|
|||
unsigned char *buf;
|
||||
size_t buf_len;
|
||||
|
||||
MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_tls1_3_fetch_handshake_msg(
|
||||
MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_tls13_fetch_handshake_msg(
|
||||
ssl, MBEDTLS_SSL_HS_CERTIFICATE,
|
||||
&buf, &buf_len ) );
|
||||
|
||||
|
|
@ -859,8 +859,8 @@ int mbedtls_ssl_tls13_process_certificate( mbedtls_ssl_context *ssl )
|
|||
/* Validate the certificate chain and set the verification results. */
|
||||
MBEDTLS_SSL_PROC_CHK( ssl_tls13_validate_certificate( ssl ) );
|
||||
|
||||
mbedtls_ssl_tls1_3_add_hs_msg_to_checksum( ssl, MBEDTLS_SSL_HS_CERTIFICATE,
|
||||
buf, buf_len );
|
||||
mbedtls_ssl_tls13_add_hs_msg_to_checksum( ssl, MBEDTLS_SSL_HS_CERTIFICATE,
|
||||
buf, buf_len );
|
||||
|
||||
cleanup:
|
||||
|
||||
|
|
@ -1027,11 +1027,11 @@ int mbedtls_ssl_tls13_process_finished_message( mbedtls_ssl_context *ssl )
|
|||
/* Preprocessing step: Compute handshake digest */
|
||||
MBEDTLS_SSL_PROC_CHK( ssl_tls13_preprocess_finished_message( ssl ) );
|
||||
|
||||
MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_tls1_3_fetch_handshake_msg( ssl,
|
||||
MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_tls13_fetch_handshake_msg( ssl,
|
||||
MBEDTLS_SSL_HS_FINISHED,
|
||||
&buf, &buflen ) );
|
||||
MBEDTLS_SSL_PROC_CHK( ssl_tls13_parse_finished_message( ssl, buf, buf + buflen ) );
|
||||
mbedtls_ssl_tls1_3_add_hs_msg_to_checksum(
|
||||
mbedtls_ssl_tls13_add_hs_msg_to_checksum(
|
||||
ssl, MBEDTLS_SSL_HS_FINISHED, buf, buflen );
|
||||
MBEDTLS_SSL_PROC_CHK( ssl_tls13_postprocess_finished_message( ssl ) );
|
||||
|
||||
|
|
@ -1115,8 +1115,8 @@ int mbedtls_ssl_tls13_write_finished_message( mbedtls_ssl_context *ssl )
|
|||
MBEDTLS_SSL_PROC_CHK( ssl_tls13_write_finished_message_body(
|
||||
ssl, buf, buf + buf_len, &msg_len ) );
|
||||
|
||||
mbedtls_ssl_tls1_3_add_hs_msg_to_checksum( ssl, MBEDTLS_SSL_HS_FINISHED,
|
||||
buf, msg_len );
|
||||
mbedtls_ssl_tls13_add_hs_msg_to_checksum( ssl, MBEDTLS_SSL_HS_FINISHED,
|
||||
buf, msg_len );
|
||||
|
||||
MBEDTLS_SSL_PROC_CHK( ssl_tls13_finalize_finished_message( ssl ) );
|
||||
MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_tls13_finish_handshake_msg( ssl,
|
||||
|
|
|
|||
|
|
@ -34,7 +34,7 @@
|
|||
#define MBEDTLS_SSL_TLS1_3_LABEL( name, string ) \
|
||||
.name = string,
|
||||
|
||||
struct mbedtls_ssl_tls1_3_labels_struct const mbedtls_ssl_tls1_3_labels =
|
||||
struct mbedtls_ssl_tls13_labels_struct const mbedtls_ssl_tls13_labels =
|
||||
{
|
||||
/* This seems to work in C, despite the string literal being one
|
||||
* character too long due to the 0-termination. */
|
||||
|
|
@ -93,7 +93,7 @@ static const char tls1_3_label_prefix[6] = "tls13 ";
|
|||
MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_LABEL_LEN, \
|
||||
MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_CONTEXT_LEN )
|
||||
|
||||
static void ssl_tls1_3_hkdf_encode_label(
|
||||
static void ssl_tls13_hkdf_encode_label(
|
||||
size_t desired_length,
|
||||
const unsigned char *label, size_t llen,
|
||||
const unsigned char *ctx, size_t clen,
|
||||
|
|
@ -110,7 +110,7 @@ static void ssl_tls1_3_hkdf_encode_label(
|
|||
* We're hardcoding the high byte to 0 here assuming that we never use
|
||||
* TLS 1.3 HKDF key expansion to more than 255 Bytes. */
|
||||
#if MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_EXPANSION_LEN > 255
|
||||
#error "The implementation of ssl_tls1_3_hkdf_encode_label() is not fit for the \
|
||||
#error "The implementation of ssl_tls13_hkdf_encode_label() is not fit for the \
|
||||
value of MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_EXPANSION_LEN"
|
||||
#endif
|
||||
|
||||
|
|
@ -133,7 +133,7 @@ static void ssl_tls1_3_hkdf_encode_label(
|
|||
*dlen = total_hkdf_lbl_len;
|
||||
}
|
||||
|
||||
int mbedtls_ssl_tls1_3_hkdf_expand_label(
|
||||
int mbedtls_ssl_tls13_hkdf_expand_label(
|
||||
mbedtls_md_type_t hash_alg,
|
||||
const unsigned char *secret, size_t slen,
|
||||
const unsigned char *label, size_t llen,
|
||||
|
|
@ -168,11 +168,11 @@ int mbedtls_ssl_tls1_3_hkdf_expand_label(
|
|||
if( md == NULL )
|
||||
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
|
||||
|
||||
ssl_tls1_3_hkdf_encode_label( blen,
|
||||
label, llen,
|
||||
ctx, clen,
|
||||
hkdf_label,
|
||||
&hkdf_label_len );
|
||||
ssl_tls13_hkdf_encode_label( blen,
|
||||
label, llen,
|
||||
ctx, clen,
|
||||
hkdf_label,
|
||||
&hkdf_label_len );
|
||||
|
||||
return( mbedtls_hkdf_expand( md,
|
||||
secret, slen,
|
||||
|
|
@ -196,7 +196,7 @@ int mbedtls_ssl_tls1_3_hkdf_expand_label(
|
|||
* by the function caller. Note that we generate server and client side
|
||||
* keys in a single function call.
|
||||
*/
|
||||
int mbedtls_ssl_tls1_3_make_traffic_keys(
|
||||
int mbedtls_ssl_tls13_make_traffic_keys(
|
||||
mbedtls_md_type_t hash_alg,
|
||||
const unsigned char *client_secret,
|
||||
const unsigned char *server_secret,
|
||||
|
|
@ -205,7 +205,7 @@ int mbedtls_ssl_tls1_3_make_traffic_keys(
|
|||
{
|
||||
int ret = 0;
|
||||
|
||||
ret = mbedtls_ssl_tls1_3_hkdf_expand_label( hash_alg,
|
||||
ret = mbedtls_ssl_tls13_hkdf_expand_label( hash_alg,
|
||||
client_secret, slen,
|
||||
MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( key ),
|
||||
NULL, 0,
|
||||
|
|
@ -213,7 +213,7 @@ int mbedtls_ssl_tls1_3_make_traffic_keys(
|
|||
if( ret != 0 )
|
||||
return( ret );
|
||||
|
||||
ret = mbedtls_ssl_tls1_3_hkdf_expand_label( hash_alg,
|
||||
ret = mbedtls_ssl_tls13_hkdf_expand_label( hash_alg,
|
||||
server_secret, slen,
|
||||
MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( key ),
|
||||
NULL, 0,
|
||||
|
|
@ -221,7 +221,7 @@ int mbedtls_ssl_tls1_3_make_traffic_keys(
|
|||
if( ret != 0 )
|
||||
return( ret );
|
||||
|
||||
ret = mbedtls_ssl_tls1_3_hkdf_expand_label( hash_alg,
|
||||
ret = mbedtls_ssl_tls13_hkdf_expand_label( hash_alg,
|
||||
client_secret, slen,
|
||||
MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( iv ),
|
||||
NULL, 0,
|
||||
|
|
@ -229,7 +229,7 @@ int mbedtls_ssl_tls1_3_make_traffic_keys(
|
|||
if( ret != 0 )
|
||||
return( ret );
|
||||
|
||||
ret = mbedtls_ssl_tls1_3_hkdf_expand_label( hash_alg,
|
||||
ret = mbedtls_ssl_tls13_hkdf_expand_label( hash_alg,
|
||||
server_secret, slen,
|
||||
MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( iv ),
|
||||
NULL, 0,
|
||||
|
|
@ -243,7 +243,7 @@ int mbedtls_ssl_tls1_3_make_traffic_keys(
|
|||
return( 0 );
|
||||
}
|
||||
|
||||
int mbedtls_ssl_tls1_3_derive_secret(
|
||||
int mbedtls_ssl_tls13_derive_secret(
|
||||
mbedtls_md_type_t hash_alg,
|
||||
const unsigned char *secret, size_t slen,
|
||||
const unsigned char *label, size_t llen,
|
||||
|
|
@ -280,14 +280,14 @@ int mbedtls_ssl_tls1_3_derive_secret(
|
|||
memcpy( hashed_context, ctx, clen );
|
||||
}
|
||||
|
||||
return( mbedtls_ssl_tls1_3_hkdf_expand_label( hash_alg,
|
||||
secret, slen,
|
||||
label, llen,
|
||||
hashed_context, clen,
|
||||
dstbuf, buflen ) );
|
||||
return( mbedtls_ssl_tls13_hkdf_expand_label( hash_alg,
|
||||
secret, slen,
|
||||
label, llen,
|
||||
hashed_context, clen,
|
||||
dstbuf, buflen ) );
|
||||
}
|
||||
|
||||
int mbedtls_ssl_tls1_3_evolve_secret(
|
||||
int mbedtls_ssl_tls13_evolve_secret(
|
||||
mbedtls_md_type_t hash_alg,
|
||||
const unsigned char *secret_old,
|
||||
const unsigned char *input, size_t input_len,
|
||||
|
|
@ -309,7 +309,7 @@ int mbedtls_ssl_tls1_3_evolve_secret(
|
|||
* on the old secret. */
|
||||
if( secret_old != NULL )
|
||||
{
|
||||
ret = mbedtls_ssl_tls1_3_derive_secret(
|
||||
ret = mbedtls_ssl_tls13_derive_secret(
|
||||
hash_alg,
|
||||
secret_old, hlen,
|
||||
MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( derived ),
|
||||
|
|
@ -349,11 +349,11 @@ int mbedtls_ssl_tls1_3_evolve_secret(
|
|||
return( ret );
|
||||
}
|
||||
|
||||
int mbedtls_ssl_tls1_3_derive_early_secrets(
|
||||
int mbedtls_ssl_tls13_derive_early_secrets(
|
||||
mbedtls_md_type_t md_type,
|
||||
unsigned char const *early_secret,
|
||||
unsigned char const *transcript, size_t transcript_len,
|
||||
mbedtls_ssl_tls1_3_early_secrets *derived )
|
||||
mbedtls_ssl_tls13_early_secrets *derived )
|
||||
{
|
||||
int ret;
|
||||
mbedtls_md_info_t const * const md_info = mbedtls_md_info_from_type( md_type );
|
||||
|
|
@ -379,7 +379,7 @@ int mbedtls_ssl_tls1_3_derive_early_secrets(
|
|||
*/
|
||||
|
||||
/* Create client_early_traffic_secret */
|
||||
ret = mbedtls_ssl_tls1_3_derive_secret( md_type,
|
||||
ret = mbedtls_ssl_tls13_derive_secret( md_type,
|
||||
early_secret, md_size,
|
||||
MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( c_e_traffic ),
|
||||
transcript, transcript_len,
|
||||
|
|
@ -390,7 +390,7 @@ int mbedtls_ssl_tls1_3_derive_early_secrets(
|
|||
return( ret );
|
||||
|
||||
/* Create early exporter */
|
||||
ret = mbedtls_ssl_tls1_3_derive_secret( md_type,
|
||||
ret = mbedtls_ssl_tls13_derive_secret( md_type,
|
||||
early_secret, md_size,
|
||||
MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( e_exp_master ),
|
||||
transcript, transcript_len,
|
||||
|
|
@ -403,11 +403,11 @@ int mbedtls_ssl_tls1_3_derive_early_secrets(
|
|||
return( 0 );
|
||||
}
|
||||
|
||||
int mbedtls_ssl_tls1_3_derive_handshake_secrets(
|
||||
int mbedtls_ssl_tls13_derive_handshake_secrets(
|
||||
mbedtls_md_type_t md_type,
|
||||
unsigned char const *handshake_secret,
|
||||
unsigned char const *transcript, size_t transcript_len,
|
||||
mbedtls_ssl_tls1_3_handshake_secrets *derived )
|
||||
mbedtls_ssl_tls13_handshake_secrets *derived )
|
||||
{
|
||||
int ret;
|
||||
mbedtls_md_info_t const * const md_info = mbedtls_md_info_from_type( md_type );
|
||||
|
|
@ -437,7 +437,7 @@ int mbedtls_ssl_tls1_3_derive_handshake_secrets(
|
|||
* Derive-Secret( ., "c hs traffic", ClientHello...ServerHello )
|
||||
*/
|
||||
|
||||
ret = mbedtls_ssl_tls1_3_derive_secret( md_type,
|
||||
ret = mbedtls_ssl_tls13_derive_secret( md_type,
|
||||
handshake_secret, md_size,
|
||||
MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( c_hs_traffic ),
|
||||
transcript, transcript_len,
|
||||
|
|
@ -452,7 +452,7 @@ int mbedtls_ssl_tls1_3_derive_handshake_secrets(
|
|||
* Derive-Secret( ., "s hs traffic", ClientHello...ServerHello )
|
||||
*/
|
||||
|
||||
ret = mbedtls_ssl_tls1_3_derive_secret( md_type,
|
||||
ret = mbedtls_ssl_tls13_derive_secret( md_type,
|
||||
handshake_secret, md_size,
|
||||
MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( s_hs_traffic ),
|
||||
transcript, transcript_len,
|
||||
|
|
@ -465,11 +465,11 @@ int mbedtls_ssl_tls1_3_derive_handshake_secrets(
|
|||
return( 0 );
|
||||
}
|
||||
|
||||
int mbedtls_ssl_tls1_3_derive_application_secrets(
|
||||
int mbedtls_ssl_tls13_derive_application_secrets(
|
||||
mbedtls_md_type_t md_type,
|
||||
unsigned char const *application_secret,
|
||||
unsigned char const *transcript, size_t transcript_len,
|
||||
mbedtls_ssl_tls1_3_application_secrets *derived )
|
||||
mbedtls_ssl_tls13_application_secrets *derived )
|
||||
{
|
||||
int ret;
|
||||
mbedtls_md_info_t const * const md_info = mbedtls_md_info_from_type( md_type );
|
||||
|
|
@ -498,7 +498,7 @@ int mbedtls_ssl_tls1_3_derive_application_secrets(
|
|||
*
|
||||
*/
|
||||
|
||||
ret = mbedtls_ssl_tls1_3_derive_secret( md_type,
|
||||
ret = mbedtls_ssl_tls13_derive_secret( md_type,
|
||||
application_secret, md_size,
|
||||
MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( c_ap_traffic ),
|
||||
transcript, transcript_len,
|
||||
|
|
@ -508,7 +508,7 @@ int mbedtls_ssl_tls1_3_derive_application_secrets(
|
|||
if( ret != 0 )
|
||||
return( ret );
|
||||
|
||||
ret = mbedtls_ssl_tls1_3_derive_secret( md_type,
|
||||
ret = mbedtls_ssl_tls13_derive_secret( md_type,
|
||||
application_secret, md_size,
|
||||
MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( s_ap_traffic ),
|
||||
transcript, transcript_len,
|
||||
|
|
@ -518,7 +518,7 @@ int mbedtls_ssl_tls1_3_derive_application_secrets(
|
|||
if( ret != 0 )
|
||||
return( ret );
|
||||
|
||||
ret = mbedtls_ssl_tls1_3_derive_secret( md_type,
|
||||
ret = mbedtls_ssl_tls13_derive_secret( md_type,
|
||||
application_secret, md_size,
|
||||
MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( exp_master ),
|
||||
transcript, transcript_len,
|
||||
|
|
@ -533,13 +533,13 @@ int mbedtls_ssl_tls1_3_derive_application_secrets(
|
|||
|
||||
/* Generate resumption_master_secret for use with the ticket exchange.
|
||||
*
|
||||
* This is not integrated with mbedtls_ssl_tls1_3_derive_application_secrets()
|
||||
* This is not integrated with mbedtls_ssl_tls13_derive_application_secrets()
|
||||
* because it uses the transcript hash up to and including ClientFinished. */
|
||||
int mbedtls_ssl_tls1_3_derive_resumption_master_secret(
|
||||
int mbedtls_ssl_tls13_derive_resumption_master_secret(
|
||||
mbedtls_md_type_t md_type,
|
||||
unsigned char const *application_secret,
|
||||
unsigned char const *transcript, size_t transcript_len,
|
||||
mbedtls_ssl_tls1_3_application_secrets *derived )
|
||||
mbedtls_ssl_tls13_application_secrets *derived )
|
||||
{
|
||||
int ret;
|
||||
mbedtls_md_info_t const * const md_info = mbedtls_md_info_from_type( md_type );
|
||||
|
|
@ -550,7 +550,7 @@ int mbedtls_ssl_tls1_3_derive_resumption_master_secret(
|
|||
if( md_info == 0 )
|
||||
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
|
||||
|
||||
ret = mbedtls_ssl_tls1_3_derive_secret( md_type,
|
||||
ret = mbedtls_ssl_tls13_derive_secret( md_type,
|
||||
application_secret, md_size,
|
||||
MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( res_master ),
|
||||
transcript, transcript_len,
|
||||
|
|
@ -577,13 +577,13 @@ int mbedtls_ssl_tls13_key_schedule_stage_application( mbedtls_ssl_context *ssl )
|
|||
/*
|
||||
* Compute MasterSecret
|
||||
*/
|
||||
ret = mbedtls_ssl_tls1_3_evolve_secret( md_type,
|
||||
ret = mbedtls_ssl_tls13_evolve_secret( md_type,
|
||||
handshake->tls1_3_master_secrets.handshake,
|
||||
NULL, 0,
|
||||
handshake->tls1_3_master_secrets.app );
|
||||
if( ret != 0 )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_tls1_3_evolve_secret", ret );
|
||||
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_tls13_evolve_secret", ret );
|
||||
return( ret );
|
||||
}
|
||||
|
||||
|
|
@ -593,10 +593,10 @@ int mbedtls_ssl_tls13_key_schedule_stage_application( mbedtls_ssl_context *ssl )
|
|||
return( 0 );
|
||||
}
|
||||
|
||||
static int ssl_tls1_3_calc_finished_core( mbedtls_md_type_t md_type,
|
||||
unsigned char const *base_key,
|
||||
unsigned char const *transcript,
|
||||
unsigned char *dst )
|
||||
static int ssl_tls13_calc_finished_core( mbedtls_md_type_t md_type,
|
||||
unsigned char const *base_key,
|
||||
unsigned char const *transcript,
|
||||
unsigned char *dst )
|
||||
{
|
||||
const mbedtls_md_info_t* const md_info = mbedtls_md_info_from_type( md_type );
|
||||
size_t const md_size = mbedtls_md_get_size( md_info );
|
||||
|
|
@ -625,7 +625,7 @@ static int ssl_tls1_3_calc_finished_core( mbedtls_md_type_t md_type,
|
|||
* HKDF-Expand-Label( BaseKey, "finished", "", Hash.length )
|
||||
*/
|
||||
|
||||
ret = mbedtls_ssl_tls1_3_hkdf_expand_label(
|
||||
ret = mbedtls_ssl_tls13_hkdf_expand_label(
|
||||
md_type, base_key, md_size,
|
||||
MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( finished ),
|
||||
NULL, 0,
|
||||
|
|
@ -680,7 +680,7 @@ int mbedtls_ssl_tls13_calculate_verify_data( mbedtls_ssl_context* ssl,
|
|||
else
|
||||
base_key = ssl->handshake->tls13_hs_secrets.server_handshake_traffic_secret;
|
||||
|
||||
ret = ssl_tls1_3_calc_finished_core( md_type, base_key, transcript, dst );
|
||||
ret = ssl_tls13_calc_finished_core( md_type, base_key, transcript, dst );
|
||||
if( ret != 0 )
|
||||
goto exit;
|
||||
*actual_len = md_size;
|
||||
|
|
@ -694,7 +694,7 @@ exit:
|
|||
return( ret );
|
||||
}
|
||||
|
||||
int mbedtls_ssl_tls1_3_create_psk_binder( mbedtls_ssl_context *ssl,
|
||||
int mbedtls_ssl_tls13_create_psk_binder( mbedtls_ssl_context *ssl,
|
||||
const mbedtls_md_type_t md_type,
|
||||
unsigned char const *psk, size_t psk_len,
|
||||
int psk_type,
|
||||
|
|
@ -728,19 +728,19 @@ int mbedtls_ssl_tls1_3_create_psk_binder( mbedtls_ssl_context *ssl,
|
|||
* v
|
||||
*/
|
||||
|
||||
ret = mbedtls_ssl_tls1_3_evolve_secret( md_type,
|
||||
NULL, /* Old secret */
|
||||
psk, psk_len, /* Input */
|
||||
early_secret );
|
||||
ret = mbedtls_ssl_tls13_evolve_secret( md_type,
|
||||
NULL, /* Old secret */
|
||||
psk, psk_len, /* Input */
|
||||
early_secret );
|
||||
if( ret != 0 )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_tls1_3_evolve_secret", ret );
|
||||
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_tls13_evolve_secret", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( psk_type == MBEDTLS_SSL_TLS1_3_PSK_RESUMPTION )
|
||||
{
|
||||
ret = mbedtls_ssl_tls1_3_derive_secret( md_type,
|
||||
ret = mbedtls_ssl_tls13_derive_secret( md_type,
|
||||
early_secret, md_size,
|
||||
MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( res_binder ),
|
||||
NULL, 0, MBEDTLS_SSL_TLS1_3_CONTEXT_UNHASHED,
|
||||
|
|
@ -749,7 +749,7 @@ int mbedtls_ssl_tls1_3_create_psk_binder( mbedtls_ssl_context *ssl,
|
|||
}
|
||||
else
|
||||
{
|
||||
ret = mbedtls_ssl_tls1_3_derive_secret( md_type,
|
||||
ret = mbedtls_ssl_tls13_derive_secret( md_type,
|
||||
early_secret, md_size,
|
||||
MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( ext_binder ),
|
||||
NULL, 0, MBEDTLS_SSL_TLS1_3_CONTEXT_UNHASHED,
|
||||
|
|
@ -759,7 +759,7 @@ int mbedtls_ssl_tls1_3_create_psk_binder( mbedtls_ssl_context *ssl,
|
|||
|
||||
if( ret != 0 )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_tls1_3_derive_secret", ret );
|
||||
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_tls13_derive_secret", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
|
|
@ -768,7 +768,7 @@ int mbedtls_ssl_tls1_3_create_psk_binder( mbedtls_ssl_context *ssl,
|
|||
* but with the BaseKey being the binder_key.
|
||||
*/
|
||||
|
||||
ret = ssl_tls1_3_calc_finished_core( md_type, binder_key, transcript, result );
|
||||
ret = ssl_tls13_calc_finished_core( md_type, binder_key, transcript, result );
|
||||
if( ret != 0 )
|
||||
goto exit;
|
||||
|
||||
|
|
@ -902,7 +902,7 @@ int mbedtls_ssl_tls13_populate_transform( mbedtls_ssl_transform *transform,
|
|||
return( 0 );
|
||||
}
|
||||
|
||||
int mbedtls_ssl_tls1_3_key_schedule_stage_early( mbedtls_ssl_context *ssl )
|
||||
int mbedtls_ssl_tls13_key_schedule_stage_early( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
mbedtls_md_type_t md_type;
|
||||
|
|
@ -916,11 +916,11 @@ int mbedtls_ssl_tls1_3_key_schedule_stage_early( mbedtls_ssl_context *ssl )
|
|||
|
||||
md_type = handshake->ciphersuite_info->mac;
|
||||
|
||||
ret = mbedtls_ssl_tls1_3_evolve_secret( md_type, NULL, NULL, 0,
|
||||
handshake->tls1_3_master_secrets.early );
|
||||
ret = mbedtls_ssl_tls13_evolve_secret( md_type, NULL, NULL, 0,
|
||||
handshake->tls1_3_master_secrets.early );
|
||||
if( ret != 0 )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_tls1_3_evolve_secret", ret );
|
||||
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_tls13_evolve_secret", ret );
|
||||
return( ret );
|
||||
}
|
||||
|
||||
|
|
@ -946,7 +946,7 @@ int mbedtls_ssl_tls13_generate_handshake_keys( mbedtls_ssl_context *ssl,
|
|||
|
||||
mbedtls_ssl_handshake_params *handshake = ssl->handshake;
|
||||
const mbedtls_ssl_ciphersuite_t *ciphersuite_info = handshake->ciphersuite_info;
|
||||
mbedtls_ssl_tls1_3_handshake_secrets *tls13_hs_secrets = &handshake->tls13_hs_secrets;
|
||||
mbedtls_ssl_tls13_handshake_secrets *tls13_hs_secrets = &handshake->tls13_hs_secrets;
|
||||
|
||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> mbedtls_ssl_tls13_generate_handshake_keys" ) );
|
||||
|
||||
|
|
@ -970,12 +970,12 @@ int mbedtls_ssl_tls13_generate_handshake_keys( mbedtls_ssl_context *ssl,
|
|||
return( ret );
|
||||
}
|
||||
|
||||
ret = mbedtls_ssl_tls1_3_derive_handshake_secrets( md_type,
|
||||
ret = mbedtls_ssl_tls13_derive_handshake_secrets( md_type,
|
||||
handshake->tls1_3_master_secrets.handshake,
|
||||
transcript, transcript_len, tls13_hs_secrets );
|
||||
if( ret != 0 )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_tls1_3_derive_handshake_secrets",
|
||||
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_tls13_derive_handshake_secrets",
|
||||
ret );
|
||||
return( ret );
|
||||
}
|
||||
|
|
@ -993,7 +993,7 @@ int mbedtls_ssl_tls13_generate_handshake_keys( mbedtls_ssl_context *ssl,
|
|||
if( ssl->f_export_keys != NULL )
|
||||
{
|
||||
ssl->f_export_keys( ssl->p_export_keys,
|
||||
MBEDTLS_SSL_KEY_EXPORT_TLS13_CLIENT_HANDSHAKE_TRAFFIC_SECRET,
|
||||
MBEDTLS_SSL_KEY_EXPORT_TLS1_3_CLIENT_HANDSHAKE_TRAFFIC_SECRET,
|
||||
tls13_hs_secrets->client_handshake_traffic_secret,
|
||||
md_size,
|
||||
handshake->randbytes + 32,
|
||||
|
|
@ -1001,7 +1001,7 @@ int mbedtls_ssl_tls13_generate_handshake_keys( mbedtls_ssl_context *ssl,
|
|||
MBEDTLS_SSL_TLS_PRF_NONE /* TODO: FIX! */ );
|
||||
|
||||
ssl->f_export_keys( ssl->p_export_keys,
|
||||
MBEDTLS_SSL_KEY_EXPORT_TLS13_SERVER_HANDSHAKE_TRAFFIC_SECRET,
|
||||
MBEDTLS_SSL_KEY_EXPORT_TLS1_3_SERVER_HANDSHAKE_TRAFFIC_SECRET,
|
||||
tls13_hs_secrets->server_handshake_traffic_secret,
|
||||
md_size,
|
||||
handshake->randbytes + 32,
|
||||
|
|
@ -1009,13 +1009,13 @@ int mbedtls_ssl_tls13_generate_handshake_keys( mbedtls_ssl_context *ssl,
|
|||
MBEDTLS_SSL_TLS_PRF_NONE /* TODO: FIX! */ );
|
||||
}
|
||||
|
||||
ret = mbedtls_ssl_tls1_3_make_traffic_keys( md_type,
|
||||
ret = mbedtls_ssl_tls13_make_traffic_keys( md_type,
|
||||
tls13_hs_secrets->client_handshake_traffic_secret,
|
||||
tls13_hs_secrets->server_handshake_traffic_secret,
|
||||
md_size, keylen, ivlen, traffic_keys );
|
||||
if( ret != 0 )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_tls1_3_make_traffic_keys", ret );
|
||||
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_tls13_make_traffic_keys", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
|
|
@ -1060,7 +1060,7 @@ int mbedtls_ssl_tls13_key_schedule_stage_handshake( mbedtls_ssl_context *ssl )
|
|||
* client_handshake_traffic_secret and server_handshake_traffic_secret
|
||||
* are derived in the handshake secret derivation stage.
|
||||
*/
|
||||
if( mbedtls_ssl_tls1_3_ephemeral_enabled( ssl ) )
|
||||
if( mbedtls_ssl_tls13_ephemeral_enabled( ssl ) )
|
||||
{
|
||||
if( mbedtls_ssl_tls13_named_group_is_ecdhe( handshake->offered_group_id ) )
|
||||
{
|
||||
|
|
@ -1089,13 +1089,13 @@ int mbedtls_ssl_tls13_key_schedule_stage_handshake( mbedtls_ssl_context *ssl )
|
|||
/*
|
||||
* Compute the Handshake Secret
|
||||
*/
|
||||
ret = mbedtls_ssl_tls1_3_evolve_secret( md_type,
|
||||
ret = mbedtls_ssl_tls13_evolve_secret( md_type,
|
||||
handshake->tls1_3_master_secrets.early,
|
||||
ecdhe, ephemeral_len,
|
||||
handshake->tls1_3_master_secrets.handshake );
|
||||
if( ret != 0 )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_tls1_3_evolve_secret", ret );
|
||||
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_tls13_evolve_secret", ret );
|
||||
return( ret );
|
||||
}
|
||||
|
||||
|
|
@ -1119,7 +1119,7 @@ int mbedtls_ssl_tls13_generate_application_keys(
|
|||
mbedtls_ssl_handshake_params *handshake = ssl->handshake;
|
||||
|
||||
/* Address at which to store the application secrets */
|
||||
mbedtls_ssl_tls1_3_application_secrets * const app_secrets =
|
||||
mbedtls_ssl_tls13_application_secrets * const app_secrets =
|
||||
&ssl->session_negotiate->app_secrets;
|
||||
|
||||
/* Holding the transcript up to and including the ServerFinished */
|
||||
|
|
@ -1159,26 +1159,26 @@ int mbedtls_ssl_tls13_generate_application_keys(
|
|||
|
||||
/* Compute application secrets from master secret and transcript hash. */
|
||||
|
||||
ret = mbedtls_ssl_tls1_3_derive_application_secrets( md_type,
|
||||
ret = mbedtls_ssl_tls13_derive_application_secrets( md_type,
|
||||
handshake->tls1_3_master_secrets.app,
|
||||
transcript, transcript_len,
|
||||
app_secrets );
|
||||
if( ret != 0 )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_RET( 1,
|
||||
"mbedtls_ssl_tls1_3_derive_application_secrets", ret );
|
||||
"mbedtls_ssl_tls13_derive_application_secrets", ret );
|
||||
goto cleanup;
|
||||
}
|
||||
|
||||
/* Derive first epoch of IV + Key for application traffic. */
|
||||
|
||||
ret = mbedtls_ssl_tls1_3_make_traffic_keys( md_type,
|
||||
ret = mbedtls_ssl_tls13_make_traffic_keys( md_type,
|
||||
app_secrets->client_application_traffic_secret_N,
|
||||
app_secrets->server_application_traffic_secret_N,
|
||||
md_size, keylen, ivlen, traffic_keys );
|
||||
if( ret != 0 )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_tls1_3_make_traffic_keys", ret );
|
||||
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_tls13_make_traffic_keys", ret );
|
||||
goto cleanup;
|
||||
}
|
||||
|
||||
|
|
@ -1196,7 +1196,7 @@ int mbedtls_ssl_tls13_generate_application_keys(
|
|||
if( ssl->f_export_keys != NULL )
|
||||
{
|
||||
ssl->f_export_keys( ssl->p_export_keys,
|
||||
MBEDTLS_SSL_KEY_EXPORT_TLS13_CLIENT_APPLICATION_TRAFFIC_SECRET,
|
||||
MBEDTLS_SSL_KEY_EXPORT_TLS1_3_CLIENT_APPLICATION_TRAFFIC_SECRET,
|
||||
app_secrets->client_application_traffic_secret_N, md_size,
|
||||
handshake->randbytes + 32,
|
||||
handshake->randbytes,
|
||||
|
|
@ -1204,7 +1204,7 @@ int mbedtls_ssl_tls13_generate_application_keys(
|
|||
a new constant for TLS 1.3! */ );
|
||||
|
||||
ssl->f_export_keys( ssl->p_export_keys,
|
||||
MBEDTLS_SSL_KEY_EXPORT_TLS13_SERVER_APPLICATION_TRAFFIC_SECRET,
|
||||
MBEDTLS_SSL_KEY_EXPORT_TLS1_3_SERVER_APPLICATION_TRAFFIC_SECRET,
|
||||
app_secrets->server_application_traffic_secret_N, md_size,
|
||||
handshake->randbytes + 32,
|
||||
handshake->randbytes,
|
||||
|
|
|
|||
|
|
@ -20,7 +20,7 @@
|
|||
#define MBEDTLS_SSL_TLS1_3_KEYS_H
|
||||
|
||||
/* This requires MBEDTLS_SSL_TLS1_3_LABEL( idx, name, string ) to be defined at
|
||||
* the point of use. See e.g. the definition of mbedtls_ssl_tls1_3_labels_union
|
||||
* the point of use. See e.g. the definition of mbedtls_ssl_tls13_labels_union
|
||||
* below. */
|
||||
#define MBEDTLS_SSL_TLS1_3_LABEL_LIST \
|
||||
MBEDTLS_SSL_TLS1_3_LABEL( finished , "finished" ) \
|
||||
|
|
@ -47,27 +47,27 @@
|
|||
#define MBEDTLS_SSL_TLS1_3_LABEL( name, string ) \
|
||||
const unsigned char name [ sizeof(string) - 1 ];
|
||||
|
||||
union mbedtls_ssl_tls1_3_labels_union
|
||||
union mbedtls_ssl_tls13_labels_union
|
||||
{
|
||||
MBEDTLS_SSL_TLS1_3_LABEL_LIST
|
||||
};
|
||||
struct mbedtls_ssl_tls1_3_labels_struct
|
||||
struct mbedtls_ssl_tls13_labels_struct
|
||||
{
|
||||
MBEDTLS_SSL_TLS1_3_LABEL_LIST
|
||||
};
|
||||
#undef MBEDTLS_SSL_TLS1_3_LABEL
|
||||
|
||||
extern const struct mbedtls_ssl_tls1_3_labels_struct mbedtls_ssl_tls1_3_labels;
|
||||
extern const struct mbedtls_ssl_tls13_labels_struct mbedtls_ssl_tls13_labels;
|
||||
|
||||
#define MBEDTLS_SSL_TLS1_3_LBL_LEN( LABEL ) \
|
||||
sizeof(mbedtls_ssl_tls1_3_labels.LABEL)
|
||||
sizeof(mbedtls_ssl_tls13_labels.LABEL)
|
||||
|
||||
#define MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( LABEL ) \
|
||||
mbedtls_ssl_tls1_3_labels.LABEL, \
|
||||
mbedtls_ssl_tls13_labels.LABEL, \
|
||||
MBEDTLS_SSL_TLS1_3_LBL_LEN( LABEL )
|
||||
|
||||
#define MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_LABEL_LEN \
|
||||
sizeof( union mbedtls_ssl_tls1_3_labels_union )
|
||||
sizeof( union mbedtls_ssl_tls13_labels_union )
|
||||
|
||||
/* The maximum length of HKDF contexts used in the TLS 1.3 standard.
|
||||
* Since contexts are always hashes of message transcripts, this can
|
||||
|
|
@ -79,7 +79,7 @@ extern const struct mbedtls_ssl_tls1_3_labels_struct mbedtls_ssl_tls1_3_labels;
|
|||
* by HKDF-Expand-Label.
|
||||
*
|
||||
* Warning: If this ever needs to be increased, the implementation
|
||||
* ssl_tls1_3_hkdf_encode_label() in ssl_tls13_keys.c needs to be
|
||||
* ssl_tls13_hkdf_encode_label() in ssl_tls13_keys.c needs to be
|
||||
* adjusted since it currently assumes that HKDF key expansion
|
||||
* is never used with more than 255 Bytes of output. */
|
||||
#define MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_EXPANSION_LEN 255
|
||||
|
|
@ -111,7 +111,7 @@ extern const struct mbedtls_ssl_tls1_3_labels_struct mbedtls_ssl_tls1_3_labels;
|
|||
* \return A negative error code on failure.
|
||||
*/
|
||||
|
||||
int mbedtls_ssl_tls1_3_hkdf_expand_label(
|
||||
int mbedtls_ssl_tls13_hkdf_expand_label(
|
||||
mbedtls_md_type_t hash_alg,
|
||||
const unsigned char *secret, size_t slen,
|
||||
const unsigned char *label, size_t llen,
|
||||
|
|
@ -147,7 +147,7 @@ int mbedtls_ssl_tls1_3_hkdf_expand_label(
|
|||
* \returns A negative error code on failure.
|
||||
*/
|
||||
|
||||
int mbedtls_ssl_tls1_3_make_traffic_keys(
|
||||
int mbedtls_ssl_tls13_make_traffic_keys(
|
||||
mbedtls_md_type_t hash_alg,
|
||||
const unsigned char *client_secret,
|
||||
const unsigned char *server_secret,
|
||||
|
|
@ -195,7 +195,7 @@ int mbedtls_ssl_tls1_3_make_traffic_keys(
|
|||
* \returns \c 0 on success.
|
||||
* \returns A negative error code on failure.
|
||||
*/
|
||||
int mbedtls_ssl_tls1_3_derive_secret(
|
||||
int mbedtls_ssl_tls13_derive_secret(
|
||||
mbedtls_md_type_t hash_alg,
|
||||
const unsigned char *secret, size_t slen,
|
||||
const unsigned char *label, size_t llen,
|
||||
|
|
@ -206,7 +206,7 @@ int mbedtls_ssl_tls1_3_derive_secret(
|
|||
/**
|
||||
* \brief Derive TLS 1.3 early data key material from early secret.
|
||||
*
|
||||
* This is a small wrapper invoking mbedtls_ssl_tls1_3_derive_secret()
|
||||
* This is a small wrapper invoking mbedtls_ssl_tls13_derive_secret()
|
||||
* with the appropriate labels.
|
||||
*
|
||||
* <tt>
|
||||
|
|
@ -223,11 +223,11 @@ int mbedtls_ssl_tls1_3_derive_secret(
|
|||
*
|
||||
* \note To obtain the actual key and IV for the early data traffic,
|
||||
* the client secret derived by this function need to be
|
||||
* further processed by mbedtls_ssl_tls1_3_make_traffic_keys().
|
||||
* further processed by mbedtls_ssl_tls13_make_traffic_keys().
|
||||
*
|
||||
* \note The binder key, which is also generated from the early secret,
|
||||
* is omitted here. Its calculation is part of the separate routine
|
||||
* mbedtls_ssl_tls1_3_create_psk_binder().
|
||||
* mbedtls_ssl_tls13_create_psk_binder().
|
||||
*
|
||||
* \param md_type The hash algorithm associated with the PSK for which
|
||||
* early data key material is being derived.
|
||||
|
|
@ -245,16 +245,16 @@ int mbedtls_ssl_tls1_3_derive_secret(
|
|||
* \returns \c 0 on success.
|
||||
* \returns A negative error code on failure.
|
||||
*/
|
||||
int mbedtls_ssl_tls1_3_derive_early_secrets(
|
||||
int mbedtls_ssl_tls13_derive_early_secrets(
|
||||
mbedtls_md_type_t md_type,
|
||||
unsigned char const *early_secret,
|
||||
unsigned char const *transcript, size_t transcript_len,
|
||||
mbedtls_ssl_tls1_3_early_secrets *derived );
|
||||
mbedtls_ssl_tls13_early_secrets *derived );
|
||||
|
||||
/**
|
||||
* \brief Derive TLS 1.3 handshake key material from the handshake secret.
|
||||
*
|
||||
* This is a small wrapper invoking mbedtls_ssl_tls1_3_derive_secret()
|
||||
* This is a small wrapper invoking mbedtls_ssl_tls13_derive_secret()
|
||||
* with the appropriate labels from the standard.
|
||||
*
|
||||
* <tt>
|
||||
|
|
@ -272,7 +272,7 @@ int mbedtls_ssl_tls1_3_derive_early_secrets(
|
|||
*
|
||||
* \note To obtain the actual key and IV for the encrypted handshake traffic,
|
||||
* the client and server secret derived by this function need to be
|
||||
* further processed by mbedtls_ssl_tls1_3_make_traffic_keys().
|
||||
* further processed by mbedtls_ssl_tls13_make_traffic_keys().
|
||||
*
|
||||
* \param md_type The hash algorithm associated with the ciphersuite
|
||||
* that's being used for the connection.
|
||||
|
|
@ -290,16 +290,16 @@ int mbedtls_ssl_tls1_3_derive_early_secrets(
|
|||
* \returns \c 0 on success.
|
||||
* \returns A negative error code on failure.
|
||||
*/
|
||||
int mbedtls_ssl_tls1_3_derive_handshake_secrets(
|
||||
int mbedtls_ssl_tls13_derive_handshake_secrets(
|
||||
mbedtls_md_type_t md_type,
|
||||
unsigned char const *handshake_secret,
|
||||
unsigned char const *transcript, size_t transcript_len,
|
||||
mbedtls_ssl_tls1_3_handshake_secrets *derived );
|
||||
mbedtls_ssl_tls13_handshake_secrets *derived );
|
||||
|
||||
/**
|
||||
* \brief Derive TLS 1.3 application key material from the master secret.
|
||||
*
|
||||
* This is a small wrapper invoking mbedtls_ssl_tls1_3_derive_secret()
|
||||
* This is a small wrapper invoking mbedtls_ssl_tls13_derive_secret()
|
||||
* with the appropriate labels from the standard.
|
||||
*
|
||||
* <tt>
|
||||
|
|
@ -321,7 +321,7 @@ int mbedtls_ssl_tls1_3_derive_handshake_secrets(
|
|||
*
|
||||
* \note To obtain the actual key and IV for the (0-th) application traffic,
|
||||
* the client and server secret derived by this function need to be
|
||||
* further processed by mbedtls_ssl_tls1_3_make_traffic_keys().
|
||||
* further processed by mbedtls_ssl_tls13_make_traffic_keys().
|
||||
*
|
||||
* \param md_type The hash algorithm associated with the ciphersuite
|
||||
* that's being used for the connection.
|
||||
|
|
@ -340,16 +340,16 @@ int mbedtls_ssl_tls1_3_derive_handshake_secrets(
|
|||
* \returns \c 0 on success.
|
||||
* \returns A negative error code on failure.
|
||||
*/
|
||||
int mbedtls_ssl_tls1_3_derive_application_secrets(
|
||||
int mbedtls_ssl_tls13_derive_application_secrets(
|
||||
mbedtls_md_type_t md_type,
|
||||
unsigned char const *master_secret,
|
||||
unsigned char const *transcript, size_t transcript_len,
|
||||
mbedtls_ssl_tls1_3_application_secrets *derived );
|
||||
mbedtls_ssl_tls13_application_secrets *derived );
|
||||
|
||||
/**
|
||||
* \brief Derive TLS 1.3 resumption master secret from the master secret.
|
||||
*
|
||||
* This is a small wrapper invoking mbedtls_ssl_tls1_3_derive_secret()
|
||||
* This is a small wrapper invoking mbedtls_ssl_tls13_derive_secret()
|
||||
* with the appropriate labels from the standard.
|
||||
*
|
||||
* \param md_type The hash algorithm used in the application for which
|
||||
|
|
@ -370,11 +370,11 @@ int mbedtls_ssl_tls1_3_derive_application_secrets(
|
|||
* \returns \c 0 on success.
|
||||
* \returns A negative error code on failure.
|
||||
*/
|
||||
int mbedtls_ssl_tls1_3_derive_resumption_master_secret(
|
||||
int mbedtls_ssl_tls13_derive_resumption_master_secret(
|
||||
mbedtls_md_type_t md_type,
|
||||
unsigned char const *application_secret,
|
||||
unsigned char const *transcript, size_t transcript_len,
|
||||
mbedtls_ssl_tls1_3_application_secrets *derived );
|
||||
mbedtls_ssl_tls13_application_secrets *derived );
|
||||
|
||||
/**
|
||||
* \brief Compute the next secret in the TLS 1.3 key schedule
|
||||
|
|
@ -406,7 +406,7 @@ int mbedtls_ssl_tls1_3_derive_resumption_master_secret(
|
|||
*
|
||||
* Each of the three secrets in turn is the basis for further
|
||||
* key derivations, such as the derivation of traffic keys and IVs;
|
||||
* see e.g. mbedtls_ssl_tls1_3_make_traffic_keys().
|
||||
* see e.g. mbedtls_ssl_tls13_make_traffic_keys().
|
||||
*
|
||||
* This function implements one step in this evolution of secrets:
|
||||
*
|
||||
|
|
@ -443,7 +443,7 @@ int mbedtls_ssl_tls1_3_derive_resumption_master_secret(
|
|||
* \returns A negative error code on failure.
|
||||
*/
|
||||
|
||||
int mbedtls_ssl_tls1_3_evolve_secret(
|
||||
int mbedtls_ssl_tls13_evolve_secret(
|
||||
mbedtls_md_type_t hash_alg,
|
||||
const unsigned char *secret_old,
|
||||
const unsigned char *input, size_t input_len,
|
||||
|
|
@ -475,7 +475,7 @@ int mbedtls_ssl_tls1_3_evolve_secret(
|
|||
* \returns \c 0 on success.
|
||||
* \returns A negative error code on failure.
|
||||
*/
|
||||
int mbedtls_ssl_tls1_3_create_psk_binder( mbedtls_ssl_context *ssl,
|
||||
int mbedtls_ssl_tls13_create_psk_binder( mbedtls_ssl_context *ssl,
|
||||
const mbedtls_md_type_t md_type,
|
||||
unsigned char const *psk, size_t psk_len,
|
||||
int psk_type,
|
||||
|
|
@ -520,7 +520,7 @@ int mbedtls_ssl_tls13_populate_transform( mbedtls_ssl_transform *transform,
|
|||
*
|
||||
* Early -> Handshake -> Application
|
||||
*
|
||||
* Small wrappers around mbedtls_ssl_tls1_3_evolve_secret().
|
||||
* Small wrappers around mbedtls_ssl_tls13_evolve_secret().
|
||||
*/
|
||||
|
||||
/**
|
||||
|
|
@ -535,7 +535,7 @@ int mbedtls_ssl_tls13_populate_transform( mbedtls_ssl_transform *transform,
|
|||
* \returns \c 0 on success.
|
||||
* \returns A negative error code on failure.
|
||||
*/
|
||||
int mbedtls_ssl_tls1_3_key_schedule_stage_early( mbedtls_ssl_context *ssl );
|
||||
int mbedtls_ssl_tls13_key_schedule_stage_early( mbedtls_ssl_context *ssl );
|
||||
|
||||
/**
|
||||
* \brief Transition into handshake stage of TLS 1.3 key schedule.
|
||||
|
|
|
|||
|
|
@ -69,7 +69,7 @@ int main( void )
|
|||
#define DFL_ECJPAKE_PW NULL
|
||||
#define DFL_EC_MAX_OPS -1
|
||||
#define DFL_FORCE_CIPHER 0
|
||||
#define DFL_TLS13_KEX_MODES MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_ALL
|
||||
#define DFL_TLS1_3_KEX_MODES MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_ALL
|
||||
#define DFL_RENEGOTIATION MBEDTLS_SSL_RENEGOTIATION_DISABLED
|
||||
#define DFL_ALLOW_LEGACY -2
|
||||
#define DFL_RENEGOTIATE 0
|
||||
|
|
@ -344,11 +344,11 @@ int main( void )
|
|||
#endif
|
||||
|
||||
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
|
||||
#define USAGE_TLS13_KEY_EXCHANGE_MODES \
|
||||
#define USAGE_TLS1_3_KEY_EXCHANGE_MODES \
|
||||
" tls13_kex_modes=%%s default: all\n" \
|
||||
" options: psk, psk_ephemeral, ephemeral, ephemeral_all, psk_all, all\n"
|
||||
#else
|
||||
#define USAGE_TLS13_KEY_EXCHANGE_MODES ""
|
||||
#define USAGE_TLS1_3_KEY_EXCHANGE_MODES ""
|
||||
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
|
||||
|
||||
/* USAGE is arbitrarily split to stay under the portable string literal
|
||||
|
|
@ -427,7 +427,7 @@ int main( void )
|
|||
" options: tls1_2, dtls1_2" TLS1_3_VERSION_OPTIONS \
|
||||
"\n\n" \
|
||||
" force_ciphersuite=<name> default: all enabled\n" \
|
||||
USAGE_TLS13_KEY_EXCHANGE_MODES \
|
||||
USAGE_TLS1_3_KEY_EXCHANGE_MODES \
|
||||
" query_config=<name> return 0 if the specified\n" \
|
||||
" configuration macro is defined and 1\n" \
|
||||
" otherwise. The expansion of the macro\n" \
|
||||
|
|
@ -841,7 +841,7 @@ int main( int argc, char *argv[] )
|
|||
opt.ec_max_ops = DFL_EC_MAX_OPS;
|
||||
opt.force_ciphersuite[0]= DFL_FORCE_CIPHER;
|
||||
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
|
||||
opt.tls13_kex_modes = DFL_TLS13_KEX_MODES;
|
||||
opt.tls13_kex_modes = DFL_TLS1_3_KEX_MODES;
|
||||
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
|
||||
opt.renegotiation = DFL_RENEGOTIATION;
|
||||
opt.allow_legacy = DFL_ALLOW_LEGACY;
|
||||
|
|
@ -1112,17 +1112,17 @@ int main( int argc, char *argv[] )
|
|||
else if( strcmp( p, "tls13_kex_modes" ) == 0 )
|
||||
{
|
||||
if( strcmp( q, "psk" ) == 0 )
|
||||
opt.tls13_kex_modes = MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK;
|
||||
opt.tls13_kex_modes = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK;
|
||||
else if( strcmp(q, "psk_ephemeral" ) == 0 )
|
||||
opt.tls13_kex_modes = MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK_EPHEMERAL;
|
||||
opt.tls13_kex_modes = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL;
|
||||
else if( strcmp(q, "ephemeral" ) == 0 )
|
||||
opt.tls13_kex_modes = MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_EPHEMERAL;
|
||||
opt.tls13_kex_modes = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL;
|
||||
else if( strcmp(q, "ephemeral_all" ) == 0 )
|
||||
opt.tls13_kex_modes = MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_EPHEMERAL_ALL;
|
||||
opt.tls13_kex_modes = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ALL;
|
||||
else if( strcmp( q, "psk_all" ) == 0 )
|
||||
opt.tls13_kex_modes = MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK_ALL;
|
||||
opt.tls13_kex_modes = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL;
|
||||
else if( strcmp( q, "all" ) == 0 )
|
||||
opt.tls13_kex_modes = MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_ALL;
|
||||
opt.tls13_kex_modes = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_ALL;
|
||||
else goto usage;
|
||||
}
|
||||
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
|
||||
|
|
@ -1511,7 +1511,7 @@ int main( int argc, char *argv[] )
|
|||
p = (char *) opt.sig_algs;
|
||||
i = 0;
|
||||
|
||||
/* Leave room for a final MBEDTLS_TLS13_SIG_NONE in signature algorithm list (sig_alg_list). */
|
||||
/* Leave room for a final MBEDTLS_TLS1_3_SIG_NONE in signature algorithm list (sig_alg_list). */
|
||||
while( i < SIG_ALG_LIST_SIZE - 1 && *p != '\0' )
|
||||
{
|
||||
q = p;
|
||||
|
|
@ -1524,15 +1524,15 @@ int main( int argc, char *argv[] )
|
|||
|
||||
if( strcmp( q, "ecdsa_secp256r1_sha256" ) == 0 )
|
||||
{
|
||||
sig_alg_list[i++] = MBEDTLS_TLS13_SIG_ECDSA_SECP256R1_SHA256;
|
||||
sig_alg_list[i++] = MBEDTLS_TLS1_3_SIG_ECDSA_SECP256R1_SHA256;
|
||||
}
|
||||
else if( strcmp( q, "ecdsa_secp384r1_sha384" ) == 0 )
|
||||
{
|
||||
sig_alg_list[i++] = MBEDTLS_TLS13_SIG_ECDSA_SECP384R1_SHA384;
|
||||
sig_alg_list[i++] = MBEDTLS_TLS1_3_SIG_ECDSA_SECP384R1_SHA384;
|
||||
}
|
||||
else if( strcmp( q, "ecdsa_secp521r1_sha512" ) == 0 )
|
||||
{
|
||||
sig_alg_list[i++] = MBEDTLS_TLS13_SIG_ECDSA_SECP521R1_SHA512;
|
||||
sig_alg_list[i++] = MBEDTLS_TLS1_3_SIG_ECDSA_SECP521R1_SHA512;
|
||||
}
|
||||
else if( strcmp( q, "rsa_pss_rsae_sha256" ) == 0 )
|
||||
{
|
||||
|
|
@ -1563,7 +1563,7 @@ int main( int argc, char *argv[] )
|
|||
goto exit;
|
||||
}
|
||||
|
||||
sig_alg_list[i] = MBEDTLS_TLS13_SIG_NONE;
|
||||
sig_alg_list[i] = MBEDTLS_TLS1_3_SIG_NONE;
|
||||
}
|
||||
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL &&
|
||||
MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
|
||||
|
|
|
|||
|
|
@ -100,7 +100,7 @@ int main( void )
|
|||
#define DFL_ECJPAKE_PW NULL
|
||||
#define DFL_PSK_LIST NULL
|
||||
#define DFL_FORCE_CIPHER 0
|
||||
#define DFL_TLS13_KEX_MODES MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_ALL
|
||||
#define DFL_TLS1_3_KEX_MODES MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_ALL
|
||||
#define DFL_RENEGOTIATION MBEDTLS_SSL_RENEGOTIATION_DISABLED
|
||||
#define DFL_ALLOW_LEGACY -2
|
||||
#define DFL_RENEGOTIATE 0
|
||||
|
|
@ -449,11 +449,11 @@ int main( void )
|
|||
#endif
|
||||
|
||||
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
|
||||
#define USAGE_TLS13_KEY_EXCHANGE_MODES \
|
||||
#define USAGE_TLS1_3_KEY_EXCHANGE_MODES \
|
||||
" tls13_kex_modes=%%s default: all\n" \
|
||||
" options: psk, psk_ephemeral, ephemeral, ephemeral_all, psk_all, all\n"
|
||||
#else
|
||||
#define USAGE_TLS13_KEY_EXCHANGE_MODES ""
|
||||
#define USAGE_TLS1_3_KEY_EXCHANGE_MODES ""
|
||||
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
|
||||
|
||||
|
||||
|
|
@ -529,7 +529,7 @@ int main( void )
|
|||
" options: tls1_2, dtls1_2" TLS1_3_VERSION_OPTIONS \
|
||||
"\n\n" \
|
||||
" force_ciphersuite=<name> default: all enabled\n" \
|
||||
USAGE_TLS13_KEY_EXCHANGE_MODES \
|
||||
USAGE_TLS1_3_KEY_EXCHANGE_MODES \
|
||||
" query_config=<name> return 0 if the specified\n" \
|
||||
" configuration macro is defined and 1\n" \
|
||||
" otherwise. The expansion of the macro\n" \
|
||||
|
|
@ -1522,7 +1522,7 @@ int main( int argc, char *argv[] )
|
|||
opt.ecjpake_pw = DFL_ECJPAKE_PW;
|
||||
opt.force_ciphersuite[0]= DFL_FORCE_CIPHER;
|
||||
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
|
||||
opt.tls13_kex_modes = DFL_TLS13_KEX_MODES;
|
||||
opt.tls13_kex_modes = DFL_TLS1_3_KEX_MODES;
|
||||
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
|
||||
opt.renegotiation = DFL_RENEGOTIATION;
|
||||
opt.allow_legacy = DFL_ALLOW_LEGACY;
|
||||
|
|
@ -1775,17 +1775,17 @@ int main( int argc, char *argv[] )
|
|||
else if( strcmp( p, "tls13_kex_modes" ) == 0 )
|
||||
{
|
||||
if( strcmp( q, "psk" ) == 0 )
|
||||
opt.tls13_kex_modes = MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK;
|
||||
opt.tls13_kex_modes = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK;
|
||||
else if( strcmp(q, "psk_ephemeral" ) == 0 )
|
||||
opt.tls13_kex_modes = MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK_EPHEMERAL;
|
||||
opt.tls13_kex_modes = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL;
|
||||
else if( strcmp(q, "ephemeral" ) == 0 )
|
||||
opt.tls13_kex_modes = MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_EPHEMERAL;
|
||||
opt.tls13_kex_modes = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL;
|
||||
else if( strcmp(q, "ephemeral_all" ) == 0 )
|
||||
opt.tls13_kex_modes = MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_EPHEMERAL_ALL;
|
||||
opt.tls13_kex_modes = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ALL;
|
||||
else if( strcmp( q, "psk_all" ) == 0 )
|
||||
opt.tls13_kex_modes = MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK_ALL;
|
||||
opt.tls13_kex_modes = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL;
|
||||
else if( strcmp( q, "all" ) == 0 )
|
||||
opt.tls13_kex_modes = MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_ALL;
|
||||
opt.tls13_kex_modes = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_ALL;
|
||||
else goto usage;
|
||||
}
|
||||
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
|
||||
|
|
@ -2255,7 +2255,7 @@ int main( int argc, char *argv[] )
|
|||
p = (char *) opt.sig_algs;
|
||||
i = 0;
|
||||
|
||||
/* Leave room for a final MBEDTLS_TLS13_SIG_NONE in signature algorithm list (sig_alg_list). */
|
||||
/* Leave room for a final MBEDTLS_TLS1_3_SIG_NONE in signature algorithm list (sig_alg_list). */
|
||||
while( i < SIG_ALG_LIST_SIZE - 1 && *p != '\0' )
|
||||
{
|
||||
q = p;
|
||||
|
|
@ -2268,15 +2268,15 @@ int main( int argc, char *argv[] )
|
|||
|
||||
if( strcmp( q, "ecdsa_secp256r1_sha256" ) == 0 )
|
||||
{
|
||||
sig_alg_list[i++] = MBEDTLS_TLS13_SIG_ECDSA_SECP256R1_SHA256;
|
||||
sig_alg_list[i++] = MBEDTLS_TLS1_3_SIG_ECDSA_SECP256R1_SHA256;
|
||||
}
|
||||
else if( strcmp( q, "ecdsa_secp384r1_sha384" ) == 0 )
|
||||
{
|
||||
sig_alg_list[i++] = MBEDTLS_TLS13_SIG_ECDSA_SECP384R1_SHA384;
|
||||
sig_alg_list[i++] = MBEDTLS_TLS1_3_SIG_ECDSA_SECP384R1_SHA384;
|
||||
}
|
||||
else if( strcmp( q, "ecdsa_secp521r1_sha512" ) == 0 )
|
||||
{
|
||||
sig_alg_list[i++] = MBEDTLS_TLS13_SIG_ECDSA_SECP521R1_SHA512;
|
||||
sig_alg_list[i++] = MBEDTLS_TLS1_3_SIG_ECDSA_SECP521R1_SHA512;
|
||||
}
|
||||
else
|
||||
{
|
||||
|
|
@ -2297,7 +2297,7 @@ int main( int argc, char *argv[] )
|
|||
goto exit;
|
||||
}
|
||||
|
||||
sig_alg_list[i] = MBEDTLS_TLS13_SIG_NONE;
|
||||
sig_alg_list[i] = MBEDTLS_TLS1_3_SIG_NONE;
|
||||
}
|
||||
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL &&
|
||||
MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
|
||||
|
|
|
|||
|
|
@ -8829,10 +8829,10 @@ run_test "TLS1.3: minimal feature sets - openssl" \
|
|||
-c "tls1_3 client state: 11" \
|
||||
-c "tls1_3 client state: 14" \
|
||||
-c "tls1_3 client state: 15" \
|
||||
-c "<= ssl_tls1_3_process_server_hello" \
|
||||
-c "<= ssl_tls13_process_server_hello" \
|
||||
-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
|
||||
-c "ECDH curve: x25519" \
|
||||
-c "=> ssl_tls1_3_process_server_hello" \
|
||||
-c "=> ssl_tls13_process_server_hello" \
|
||||
-c "<= parse encrypted extensions" \
|
||||
-c "Certificate verification flags clear" \
|
||||
-c "=> parse certificate verify" \
|
||||
|
|
@ -8877,10 +8877,10 @@ run_test "TLS1.3: minimal feature sets - gnutls" \
|
|||
-c "tls1_3 client state: 11" \
|
||||
-c "tls1_3 client state: 14" \
|
||||
-c "tls1_3 client state: 15" \
|
||||
-c "<= ssl_tls1_3_process_server_hello" \
|
||||
-c "<= ssl_tls13_process_server_hello" \
|
||||
-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
|
||||
-c "ECDH curve: x25519" \
|
||||
-c "=> ssl_tls1_3_process_server_hello" \
|
||||
-c "=> ssl_tls13_process_server_hello" \
|
||||
-c "<= parse encrypted extensions" \
|
||||
-c "Certificate verification flags clear" \
|
||||
-c "=> parse certificate verify" \
|
||||
|
|
|
|||
|
|
@ -5890,136 +5890,136 @@ SSL TLS 1.3 Key schedule: Secret evolution #1
|
|||
# Vector from TLS 1.3 Byte by Byte (https://tls13.ulfheim.net/)
|
||||
# Initial secret to Early Secret
|
||||
depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
|
||||
ssl_tls1_3_key_evolution:MBEDTLS_MD_SHA256:"":"":"33ad0a1c607ec03b09e6cd9893680ce210adf300aa1f2660e1b22e10f170f92a"
|
||||
ssl_tls13_key_evolution:MBEDTLS_MD_SHA256:"":"":"33ad0a1c607ec03b09e6cd9893680ce210adf300aa1f2660e1b22e10f170f92a"
|
||||
|
||||
SSL TLS 1.3 Key schedule: Secret evolution #2
|
||||
# Vector from TLS 1.3 Byte by Byte (https://tls13.ulfheim.net/)
|
||||
# Early secret to Handshake Secret
|
||||
ssl_tls1_3_key_evolution:MBEDTLS_MD_SHA256:"33ad0a1c607ec03b09e6cd9893680ce210adf300aa1f2660e1b22e10f170f92a":"df4a291baa1eb7cfa6934b29b474baad2697e29f1f920dcc77c8a0a088447624":"fb9fc80689b3a5d02c33243bf69a1b1b20705588a794304a6e7120155edf149a"
|
||||
ssl_tls13_key_evolution:MBEDTLS_MD_SHA256:"33ad0a1c607ec03b09e6cd9893680ce210adf300aa1f2660e1b22e10f170f92a":"df4a291baa1eb7cfa6934b29b474baad2697e29f1f920dcc77c8a0a088447624":"fb9fc80689b3a5d02c33243bf69a1b1b20705588a794304a6e7120155edf149a"
|
||||
|
||||
SSL TLS 1.3 Key schedule: Secret evolution #3
|
||||
# Vector from TLS 1.3 Byte by Byte (https://tls13.ulfheim.net/)
|
||||
# Handshake secret to Master Secret
|
||||
ssl_tls1_3_key_evolution:MBEDTLS_MD_SHA256:"fb9fc80689b3a5d02c33243bf69a1b1b20705588a794304a6e7120155edf149a":"":"7f2882bb9b9a46265941653e9c2f19067118151e21d12e57a7b6aca1f8150c8d"
|
||||
ssl_tls13_key_evolution:MBEDTLS_MD_SHA256:"fb9fc80689b3a5d02c33243bf69a1b1b20705588a794304a6e7120155edf149a":"":"7f2882bb9b9a46265941653e9c2f19067118151e21d12e57a7b6aca1f8150c8d"
|
||||
|
||||
SSL TLS 1.3 Key schedule: HKDF Expand Label #1
|
||||
# Vector from TLS 1.3 Byte by Byte (https://tls13.ulfheim.net/)
|
||||
# Server handshake traffic secret -> Server traffic key
|
||||
# HKDF-Expand-Label(server_handshake_secret, "key", "", 16)
|
||||
ssl_tls1_3_hkdf_expand_label:MBEDTLS_MD_SHA256:"a2067265e7f0652a923d5d72ab0467c46132eeb968b6a32d311c805868548814":tls1_3_label_key:"":16:"844780a7acad9f980fa25c114e43402a"
|
||||
ssl_tls13_hkdf_expand_label:MBEDTLS_MD_SHA256:"a2067265e7f0652a923d5d72ab0467c46132eeb968b6a32d311c805868548814":tls1_3_label_key:"":16:"844780a7acad9f980fa25c114e43402a"
|
||||
|
||||
SSL TLS 1.3 Key schedule: HKDF Expand Label #2
|
||||
# Vector from TLS 1.3 Byte by Byte (https://tls13.ulfheim.net/)
|
||||
# Server handshake traffic secret -> Server traffic IV
|
||||
# HKDF-Expand-Label(server_handshake_secret, "iv", "", 12)
|
||||
ssl_tls1_3_hkdf_expand_label:MBEDTLS_MD_SHA256:"a2067265e7f0652a923d5d72ab0467c46132eeb968b6a32d311c805868548814":tls1_3_label_iv:"":12:"4c042ddc120a38d1417fc815"
|
||||
ssl_tls13_hkdf_expand_label:MBEDTLS_MD_SHA256:"a2067265e7f0652a923d5d72ab0467c46132eeb968b6a32d311c805868548814":tls1_3_label_iv:"":12:"4c042ddc120a38d1417fc815"
|
||||
|
||||
SSL TLS 1.3 Key schedule: HKDF Expand Label #3
|
||||
# Vector from TLS 1.3 Byte by Byte (https://tls13.ulfheim.net/)
|
||||
# Client handshake traffic secret -> Client traffic key
|
||||
# HKDF-Expand-Label(client_handshake_secret, "key", "", 16)
|
||||
ssl_tls1_3_hkdf_expand_label:MBEDTLS_MD_SHA256:"ff0e5b965291c608c1e8cd267eefc0afcc5e98a2786373f0db47b04786d72aea":tls1_3_label_key:"":16:"7154f314e6be7dc008df2c832baa1d39"
|
||||
ssl_tls13_hkdf_expand_label:MBEDTLS_MD_SHA256:"ff0e5b965291c608c1e8cd267eefc0afcc5e98a2786373f0db47b04786d72aea":tls1_3_label_key:"":16:"7154f314e6be7dc008df2c832baa1d39"
|
||||
|
||||
SSL TLS 1.3 Key schedule: HKDF Expand Label #4
|
||||
# Vector from TLS 1.3 Byte by Byte (https://tls13.ulfheim.net/)
|
||||
# Client handshake traffic secret -> Client traffic IV
|
||||
# HKDF-Expand-Label(client_handshake_secret, "iv", "", 12)
|
||||
ssl_tls1_3_hkdf_expand_label:MBEDTLS_MD_SHA256:"ff0e5b965291c608c1e8cd267eefc0afcc5e98a2786373f0db47b04786d72aea":tls1_3_label_iv:"":12:"71abc2cae4c699d47c600268"
|
||||
ssl_tls13_hkdf_expand_label:MBEDTLS_MD_SHA256:"ff0e5b965291c608c1e8cd267eefc0afcc5e98a2786373f0db47b04786d72aea":tls1_3_label_iv:"":12:"71abc2cae4c699d47c600268"
|
||||
|
||||
SSL TLS 1.3 Key schedule: HKDF Expand Label #5 (RFC 8448)
|
||||
# Vector from RFC 8448
|
||||
# Server handshake traffic secret -> Server traffic IV
|
||||
# HKDF-Expand-Label(server_handshake_secret, "iv", "", 12)
|
||||
ssl_tls1_3_hkdf_expand_label:MBEDTLS_MD_SHA256:"b67b7d690cc16c4e75e54213cb2d37b4e9c912bcded9105d42befd59d391ad38":tls1_3_label_iv:"":12:"5d313eb2671276ee13000b30"
|
||||
ssl_tls13_hkdf_expand_label:MBEDTLS_MD_SHA256:"b67b7d690cc16c4e75e54213cb2d37b4e9c912bcded9105d42befd59d391ad38":tls1_3_label_iv:"":12:"5d313eb2671276ee13000b30"
|
||||
|
||||
SSL TLS 1.3 Key schedule: HKDF Expand Label #6 (RFC 8448)
|
||||
# Vector from RFC 8448
|
||||
# Server handshake traffic secret -> Server traffic Key
|
||||
# HKDF-Expand-Label(server_handshake_secret, "key", "", 16)
|
||||
ssl_tls1_3_hkdf_expand_label:MBEDTLS_MD_SHA256:"b67b7d690cc16c4e75e54213cb2d37b4e9c912bcded9105d42befd59d391ad38":tls1_3_label_key:"":16:"3fce516009c21727d0f2e4e86ee403bc"
|
||||
ssl_tls13_hkdf_expand_label:MBEDTLS_MD_SHA256:"b67b7d690cc16c4e75e54213cb2d37b4e9c912bcded9105d42befd59d391ad38":tls1_3_label_key:"":16:"3fce516009c21727d0f2e4e86ee403bc"
|
||||
|
||||
SSL TLS 1.3 Key schedule: HKDF Expand Label #7 (RFC 8448)
|
||||
# Vector from RFC 8448
|
||||
# Client handshake traffic secret -> Client traffic IV
|
||||
# HKDF-Expand-Label(client_handshake_secret, "iv", "", 12)
|
||||
ssl_tls1_3_hkdf_expand_label:MBEDTLS_MD_SHA256:"b3eddb126e067f35a780b3abf45e2d8f3b1a950738f52e9600746a0e27a55a21":tls1_3_label_iv:"":12:"5bd3c71b836e0b76bb73265f"
|
||||
ssl_tls13_hkdf_expand_label:MBEDTLS_MD_SHA256:"b3eddb126e067f35a780b3abf45e2d8f3b1a950738f52e9600746a0e27a55a21":tls1_3_label_iv:"":12:"5bd3c71b836e0b76bb73265f"
|
||||
|
||||
SSL TLS 1.3 Key schedule: HKDF Expand Label #8 (RFC 8448)
|
||||
# Vector from RFC 8448
|
||||
# Client handshake traffic secret -> Client traffic Key
|
||||
# HKDF-Expand-Label(client_handshake_secret, "key", "", 16)
|
||||
ssl_tls1_3_hkdf_expand_label:MBEDTLS_MD_SHA256:"b3eddb126e067f35a780b3abf45e2d8f3b1a950738f52e9600746a0e27a55a21":tls1_3_label_key:"":16:"dbfaa693d1762c5b666af5d950258d01"
|
||||
ssl_tls13_hkdf_expand_label:MBEDTLS_MD_SHA256:"b3eddb126e067f35a780b3abf45e2d8f3b1a950738f52e9600746a0e27a55a21":tls1_3_label_key:"":16:"dbfaa693d1762c5b666af5d950258d01"
|
||||
|
||||
SSL TLS 1.3 Key schedule: HKDF Expand Label #9 (RFC 8448)
|
||||
# Calculation of finished_key
|
||||
ssl_tls1_3_hkdf_expand_label:MBEDTLS_MD_SHA256:"2faac08f851d35fea3604fcb4de82dc62c9b164a70974d0462e27f1ab278700f":tls1_3_label_finished:"":32:"5ace394c26980d581243f627d1150ae27e37fa52364e0a7f20ac686d09cd0e8e"
|
||||
ssl_tls13_hkdf_expand_label:MBEDTLS_MD_SHA256:"2faac08f851d35fea3604fcb4de82dc62c9b164a70974d0462e27f1ab278700f":tls1_3_label_finished:"":32:"5ace394c26980d581243f627d1150ae27e37fa52364e0a7f20ac686d09cd0e8e"
|
||||
|
||||
SSL TLS 1.3 Key schedule: HKDF Expand Label #10 (RFC 8448)
|
||||
# Calculation of resumption key
|
||||
ssl_tls1_3_hkdf_expand_label:MBEDTLS_MD_SHA256:"7df235f2031d2a051287d02b0241b0bfdaf86cc856231f2d5aba46c434ec196c":tls1_3_label_resumption:"0000":32:"4ecd0eb6ec3b4d87f5d6028f922ca4c5851a277fd41311c9e62d2c9492e1c4f3"
|
||||
ssl_tls13_hkdf_expand_label:MBEDTLS_MD_SHA256:"7df235f2031d2a051287d02b0241b0bfdaf86cc856231f2d5aba46c434ec196c":tls1_3_label_resumption:"0000":32:"4ecd0eb6ec3b4d87f5d6028f922ca4c5851a277fd41311c9e62d2c9492e1c4f3"
|
||||
|
||||
SSL TLS 1.3 Key schedule: Traffic key generation #1
|
||||
# Vector from TLS 1.3 Byte by Byte (https://tls13.ulfheim.net/)
|
||||
# Client/Server handshake traffic secrets -> Client/Server traffic {Key,IV}
|
||||
ssl_tls1_3_traffic_key_generation:MBEDTLS_MD_SHA256:"a2067265e7f0652a923d5d72ab0467c46132eeb968b6a32d311c805868548814":"ff0e5b965291c608c1e8cd267eefc0afcc5e98a2786373f0db47b04786d72aea":12:16:"844780a7acad9f980fa25c114e43402a":"4c042ddc120a38d1417fc815":"7154f314e6be7dc008df2c832baa1d39":"71abc2cae4c699d47c600268"
|
||||
ssl_tls13_traffic_key_generation:MBEDTLS_MD_SHA256:"a2067265e7f0652a923d5d72ab0467c46132eeb968b6a32d311c805868548814":"ff0e5b965291c608c1e8cd267eefc0afcc5e98a2786373f0db47b04786d72aea":12:16:"844780a7acad9f980fa25c114e43402a":"4c042ddc120a38d1417fc815":"7154f314e6be7dc008df2c832baa1d39":"71abc2cae4c699d47c600268"
|
||||
|
||||
SSL TLS 1.3 Key schedule: Traffic key generation #2 (RFC 8448)
|
||||
# Vector RFC 8448
|
||||
# Client/Server handshake traffic secrets -> Client/Server traffic {Key,IV}
|
||||
ssl_tls1_3_traffic_key_generation:MBEDTLS_MD_SHA256:"a2067265e7f0652a923d5d72ab0467c46132eeb968b6a32d311c805868548814":"ff0e5b965291c608c1e8cd267eefc0afcc5e98a2786373f0db47b04786d72aea":12:16:"844780a7acad9f980fa25c114e43402a":"4c042ddc120a38d1417fc815":"7154f314e6be7dc008df2c832baa1d39":"71abc2cae4c699d47c600268"
|
||||
ssl_tls13_traffic_key_generation:MBEDTLS_MD_SHA256:"a2067265e7f0652a923d5d72ab0467c46132eeb968b6a32d311c805868548814":"ff0e5b965291c608c1e8cd267eefc0afcc5e98a2786373f0db47b04786d72aea":12:16:"844780a7acad9f980fa25c114e43402a":"4c042ddc120a38d1417fc815":"7154f314e6be7dc008df2c832baa1d39":"71abc2cae4c699d47c600268"
|
||||
|
||||
SSL TLS 1.3 Key schedule: Derive-Secret( ., "derived", "")
|
||||
# Vector from TLS 1.3 Byte by Byte (https://tls13.ulfheim.net/)
|
||||
# Derive-Secret( Early-Secret, "derived", "")
|
||||
# Tests the case where context isn't yet hashed (empty string here,
|
||||
# but still needs to be hashed)
|
||||
ssl_tls1_3_derive_secret:MBEDTLS_MD_SHA256:"33ad0a1c607ec03b09e6cd9893680ce210adf300aa1f2660e1b22e10f170f92a":tls1_3_label_derived:"":32:MBEDTLS_SSL_TLS1_3_CONTEXT_UNHASHED:"6f2615a108c702c5678f54fc9dbab69716c076189c48250cebeac3576c3611ba"
|
||||
ssl_tls13_derive_secret:MBEDTLS_MD_SHA256:"33ad0a1c607ec03b09e6cd9893680ce210adf300aa1f2660e1b22e10f170f92a":tls1_3_label_derived:"":32:MBEDTLS_SSL_TLS1_3_CONTEXT_UNHASHED:"6f2615a108c702c5678f54fc9dbab69716c076189c48250cebeac3576c3611ba"
|
||||
|
||||
SSL TLS 1.3 Key schedule: Derive-Secret( ., "s ap traffic", hash) #1
|
||||
# Vector from TLS 1.3 Byte by Byte (https://tls13.ulfheim.net/)
|
||||
# Derive-Secret( MasterSecret, "s ap traffic", hash)
|
||||
# Tests the case where context is already hashed
|
||||
ssl_tls1_3_derive_secret:MBEDTLS_MD_SHA256:"7f2882bb9b9a46265941653e9c2f19067118151e21d12e57a7b6aca1f8150c8d":tls1_3_label_s_ap_traffic:"22844b930e5e0a59a09d5ac35fc032fc91163b193874a265236e568077378d8b":32:MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED:"3fc35ea70693069a277956afa23b8f4543ce68ac595f2aace05cd7a1c92023d5"
|
||||
ssl_tls13_derive_secret:MBEDTLS_MD_SHA256:"7f2882bb9b9a46265941653e9c2f19067118151e21d12e57a7b6aca1f8150c8d":tls1_3_label_s_ap_traffic:"22844b930e5e0a59a09d5ac35fc032fc91163b193874a265236e568077378d8b":32:MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED:"3fc35ea70693069a277956afa23b8f4543ce68ac595f2aace05cd7a1c92023d5"
|
||||
|
||||
SSL TLS 1.3 Key schedule: Derive-Secret( ., "c e traffic", hash)
|
||||
# Vector from RFC 8448
|
||||
ssl_tls1_3_derive_secret:MBEDTLS_MD_SHA256:"9b2188e9b2fc6d64d71dc329900e20bb41915000f678aa839cbb797cb7d8332c":tls1_3_label_c_e_traffic:"08ad0fa05d7c7233b1775ba2ff9f4c5b8b59276b7f227f13a976245f5d960913":32:MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED:"3fbbe6a60deb66c30a32795aba0eff7eaa10105586e7be5c09678d63b6caab62"
|
||||
ssl_tls13_derive_secret:MBEDTLS_MD_SHA256:"9b2188e9b2fc6d64d71dc329900e20bb41915000f678aa839cbb797cb7d8332c":tls1_3_label_c_e_traffic:"08ad0fa05d7c7233b1775ba2ff9f4c5b8b59276b7f227f13a976245f5d960913":32:MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED:"3fbbe6a60deb66c30a32795aba0eff7eaa10105586e7be5c09678d63b6caab62"
|
||||
|
||||
SSL TLS 1.3 Key schedule: Derive-Secret( ., "e exp master", hash)
|
||||
# Vector from RFC 8448
|
||||
ssl_tls1_3_derive_secret:MBEDTLS_MD_SHA256:"9b2188e9b2fc6d64d71dc329900e20bb41915000f678aa839cbb797cb7d8332c":tls1_3_label_e_exp_master:"08ad0fa05d7c7233b1775ba2ff9f4c5b8b59276b7f227f13a976245f5d960913":32:MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED:"b2026866610937d7423e5be90862ccf24c0e6091186d34f812089ff5be2ef7df"
|
||||
ssl_tls13_derive_secret:MBEDTLS_MD_SHA256:"9b2188e9b2fc6d64d71dc329900e20bb41915000f678aa839cbb797cb7d8332c":tls1_3_label_e_exp_master:"08ad0fa05d7c7233b1775ba2ff9f4c5b8b59276b7f227f13a976245f5d960913":32:MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED:"b2026866610937d7423e5be90862ccf24c0e6091186d34f812089ff5be2ef7df"
|
||||
|
||||
SSL TLS 1.3 Key schedule: Derive-Secret( ., "c hs traffic", hash)
|
||||
# Vector from RFC 8448
|
||||
ssl_tls1_3_derive_secret:MBEDTLS_MD_SHA256:"005cb112fd8eb4ccc623bb88a07c64b3ede1605363fc7d0df8c7ce4ff0fb4ae6":tls1_3_label_c_hs_traffic:"f736cb34fe25e701551bee6fd24c1cc7102a7daf9405cb15d97aafe16f757d03":32:MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED:"2faac08f851d35fea3604fcb4de82dc62c9b164a70974d0462e27f1ab278700f"
|
||||
ssl_tls13_derive_secret:MBEDTLS_MD_SHA256:"005cb112fd8eb4ccc623bb88a07c64b3ede1605363fc7d0df8c7ce4ff0fb4ae6":tls1_3_label_c_hs_traffic:"f736cb34fe25e701551bee6fd24c1cc7102a7daf9405cb15d97aafe16f757d03":32:MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED:"2faac08f851d35fea3604fcb4de82dc62c9b164a70974d0462e27f1ab278700f"
|
||||
|
||||
SSL TLS 1.3 Key schedule: Derive-Secret( ., "s hs traffic", hash)
|
||||
# Vector from RFC 8448
|
||||
ssl_tls1_3_derive_secret:MBEDTLS_MD_SHA256:"005cb112fd8eb4ccc623bb88a07c64b3ede1605363fc7d0df8c7ce4ff0fb4ae6":tls1_3_label_s_hs_traffic:"f736cb34fe25e701551bee6fd24c1cc7102a7daf9405cb15d97aafe16f757d03":32:MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED:"fe927ae271312e8bf0275b581c54eef020450dc4ecffaa05a1a35d27518e7803"
|
||||
ssl_tls13_derive_secret:MBEDTLS_MD_SHA256:"005cb112fd8eb4ccc623bb88a07c64b3ede1605363fc7d0df8c7ce4ff0fb4ae6":tls1_3_label_s_hs_traffic:"f736cb34fe25e701551bee6fd24c1cc7102a7daf9405cb15d97aafe16f757d03":32:MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED:"fe927ae271312e8bf0275b581c54eef020450dc4ecffaa05a1a35d27518e7803"
|
||||
|
||||
SSL TLS 1.3 Key schedule: Derive-Secret( ., "c ap traffic", hash)
|
||||
# Vector from RFC 8448
|
||||
ssl_tls1_3_derive_secret:MBEDTLS_MD_SHA256:"e2d32d4ed66dd37897a0e80c84107503ce58bf8aad4cb55a5002d77ecb890ece":tls1_3_label_c_ap_traffic:"b0aeffc46a2cfe33114e6fd7d51f9f04b1ca3c497dab08934a774a9d9ad7dbf3":32:MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED:"2abbf2b8e381d23dbebe1dd2a7d16a8bf484cb4950d23fb7fb7fa8547062d9a1"
|
||||
ssl_tls13_derive_secret:MBEDTLS_MD_SHA256:"e2d32d4ed66dd37897a0e80c84107503ce58bf8aad4cb55a5002d77ecb890ece":tls1_3_label_c_ap_traffic:"b0aeffc46a2cfe33114e6fd7d51f9f04b1ca3c497dab08934a774a9d9ad7dbf3":32:MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED:"2abbf2b8e381d23dbebe1dd2a7d16a8bf484cb4950d23fb7fb7fa8547062d9a1"
|
||||
|
||||
SSL TLS 1.3 Key schedule: Derive-Secret( ., "s ap traffic", hash) #2
|
||||
# Vector from RFC 8448
|
||||
ssl_tls1_3_derive_secret:MBEDTLS_MD_SHA256:"e2d32d4ed66dd37897a0e80c84107503ce58bf8aad4cb55a5002d77ecb890ece":tls1_3_label_s_ap_traffic:"b0aeffc46a2cfe33114e6fd7d51f9f04b1ca3c497dab08934a774a9d9ad7dbf3":32:MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED:"cc21f1bf8feb7dd5fa505bd9c4b468a9984d554a993dc49e6d285598fb672691"
|
||||
ssl_tls13_derive_secret:MBEDTLS_MD_SHA256:"e2d32d4ed66dd37897a0e80c84107503ce58bf8aad4cb55a5002d77ecb890ece":tls1_3_label_s_ap_traffic:"b0aeffc46a2cfe33114e6fd7d51f9f04b1ca3c497dab08934a774a9d9ad7dbf3":32:MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED:"cc21f1bf8feb7dd5fa505bd9c4b468a9984d554a993dc49e6d285598fb672691"
|
||||
|
||||
SSL TLS 1.3 Key schedule: Derive-Secret( ., "exp master", hash)
|
||||
# Vector from RFC 8448
|
||||
ssl_tls1_3_derive_secret:MBEDTLS_MD_SHA256:"e2d32d4ed66dd37897a0e80c84107503ce58bf8aad4cb55a5002d77ecb890ece":tls1_3_label_exp_master:"b0aeffc46a2cfe33114e6fd7d51f9f04b1ca3c497dab08934a774a9d9ad7dbf3":32:MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED:"3fd93d4ffddc98e64b14dd107aedf8ee4add23f4510f58a4592d0b201bee56b4"
|
||||
ssl_tls13_derive_secret:MBEDTLS_MD_SHA256:"e2d32d4ed66dd37897a0e80c84107503ce58bf8aad4cb55a5002d77ecb890ece":tls1_3_label_exp_master:"b0aeffc46a2cfe33114e6fd7d51f9f04b1ca3c497dab08934a774a9d9ad7dbf3":32:MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED:"3fd93d4ffddc98e64b14dd107aedf8ee4add23f4510f58a4592d0b201bee56b4"
|
||||
|
||||
SSL TLS 1.3 Key schedule: Derive-Secret( ., "res master", hash)
|
||||
# Vector from RFC 8448
|
||||
ssl_tls1_3_derive_secret:MBEDTLS_MD_SHA256:"e2d32d4ed66dd37897a0e80c84107503ce58bf8aad4cb55a5002d77ecb890ece":tls1_3_label_res_master:"c3c122e0bd907a4a3ff6112d8fd53dbf89c773d9552e8b6b9d56d361b3a97bf6":32:MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED:"5e95bdf1f89005ea2e9aa0ba85e728e3c19c5fe0c699e3f5bee59faebd0b5406"
|
||||
ssl_tls13_derive_secret:MBEDTLS_MD_SHA256:"e2d32d4ed66dd37897a0e80c84107503ce58bf8aad4cb55a5002d77ecb890ece":tls1_3_label_res_master:"c3c122e0bd907a4a3ff6112d8fd53dbf89c773d9552e8b6b9d56d361b3a97bf6":32:MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED:"5e95bdf1f89005ea2e9aa0ba85e728e3c19c5fe0c699e3f5bee59faebd0b5406"
|
||||
|
||||
SSL TLS 1.3 Key schedule: Early secrets derivation helper
|
||||
# Vector from RFC 8448
|
||||
ssl_tls1_3_derive_early_secrets:MBEDTLS_MD_SHA256:"9b2188e9b2fc6d64d71dc329900e20bb41915000f678aa839cbb797cb7d8332c":"08ad0fa05d7c7233b1775ba2ff9f4c5b8b59276b7f227f13a976245f5d960913":"3fbbe6a60deb66c30a32795aba0eff7eaa10105586e7be5c09678d63b6caab62":"b2026866610937d7423e5be90862ccf24c0e6091186d34f812089ff5be2ef7df"
|
||||
ssl_tls13_derive_early_secrets:MBEDTLS_MD_SHA256:"9b2188e9b2fc6d64d71dc329900e20bb41915000f678aa839cbb797cb7d8332c":"08ad0fa05d7c7233b1775ba2ff9f4c5b8b59276b7f227f13a976245f5d960913":"3fbbe6a60deb66c30a32795aba0eff7eaa10105586e7be5c09678d63b6caab62":"b2026866610937d7423e5be90862ccf24c0e6091186d34f812089ff5be2ef7df"
|
||||
|
||||
SSL TLS 1.3 Key schedule: Handshake secrets derivation helper
|
||||
# Vector from RFC 8448
|
||||
ssl_tls1_3_derive_handshake_secrets:MBEDTLS_MD_SHA256:"005cb112fd8eb4ccc623bb88a07c64b3ede1605363fc7d0df8c7ce4ff0fb4ae6":"f736cb34fe25e701551bee6fd24c1cc7102a7daf9405cb15d97aafe16f757d03":"2faac08f851d35fea3604fcb4de82dc62c9b164a70974d0462e27f1ab278700f":"fe927ae271312e8bf0275b581c54eef020450dc4ecffaa05a1a35d27518e7803"
|
||||
ssl_tls13_derive_handshake_secrets:MBEDTLS_MD_SHA256:"005cb112fd8eb4ccc623bb88a07c64b3ede1605363fc7d0df8c7ce4ff0fb4ae6":"f736cb34fe25e701551bee6fd24c1cc7102a7daf9405cb15d97aafe16f757d03":"2faac08f851d35fea3604fcb4de82dc62c9b164a70974d0462e27f1ab278700f":"fe927ae271312e8bf0275b581c54eef020450dc4ecffaa05a1a35d27518e7803"
|
||||
|
||||
SSL TLS 1.3 Record Encryption, tls13.ulfheim.net Example #1
|
||||
# - Server App Key: 0b6d22c8ff68097ea871c672073773bf
|
||||
|
|
@ -6029,7 +6029,7 @@ SSL TLS 1.3 Record Encryption, tls13.ulfheim.net Example #1
|
|||
# - App data payload: 70696e67
|
||||
# - Complete record: 1703030015c74061535eb12f5f25a781957874742ab7fb305dd5
|
||||
# - Padding used: No (== granularity 1)
|
||||
ssl_tls1_3_record_protection:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:MBEDTLS_SSL_IS_CLIENT:0:1:"0b6d22c8ff68097ea871c672073773bf":"1b13dd9f8d8f17091d34b349":"49134b95328f279f0183860589ac6707":"bc4dd5f7b98acff85466261d":"70696e67":"c74061535eb12f5f25a781957874742ab7fb305dd5"
|
||||
ssl_tls13_record_protection:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:MBEDTLS_SSL_IS_CLIENT:0:1:"0b6d22c8ff68097ea871c672073773bf":"1b13dd9f8d8f17091d34b349":"49134b95328f279f0183860589ac6707":"bc4dd5f7b98acff85466261d":"70696e67":"c74061535eb12f5f25a781957874742ab7fb305dd5"
|
||||
|
||||
SSL TLS 1.3 Record Encryption, tls13.ulfheim.net Example #2
|
||||
# - Server App Key: 0b6d22c8ff68097ea871c672073773bf
|
||||
|
|
@ -6039,7 +6039,7 @@ SSL TLS 1.3 Record Encryption, tls13.ulfheim.net Example #2
|
|||
# - App data payload: 706f6e67
|
||||
# - Complete record: 1703030015370e5f168afa7fb16b663ecdfca3dbb81931a90ca7
|
||||
# - Padding used: No (== granularity 1)
|
||||
ssl_tls1_3_record_protection:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:MBEDTLS_SSL_IS_SERVER:1:1:"0b6d22c8ff68097ea871c672073773bf":"1b13dd9f8d8f17091d34b349":"49134b95328f279f0183860589ac6707":"bc4dd5f7b98acff85466261d":"706f6e67":"370e5f168afa7fb16b663ecdfca3dbb81931a90ca7"
|
||||
ssl_tls13_record_protection:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:MBEDTLS_SSL_IS_SERVER:1:1:"0b6d22c8ff68097ea871c672073773bf":"1b13dd9f8d8f17091d34b349":"49134b95328f279f0183860589ac6707":"bc4dd5f7b98acff85466261d":"706f6e67":"370e5f168afa7fb16b663ecdfca3dbb81931a90ca7"
|
||||
|
||||
SSL TLS 1.3 Record Encryption RFC 8448 Example #1
|
||||
# Application Data record sent by Client in 1-RTT example of RFC 8448, Section 3
|
||||
|
|
@ -6057,7 +6057,7 @@ SSL TLS 1.3 Record Encryption RFC 8448 Example #1
|
|||
# 62 97 4e 1f 5a 62 92 a2 97 70 14 bd 1e 3d ea e6
|
||||
# 3a ee bb 21 69 49 15 e4
|
||||
# - Padding used: No (== granularity 1)
|
||||
ssl_tls1_3_record_protection:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:MBEDTLS_SSL_IS_CLIENT:0:1:"9f02283b6c9c07efc26bb9f2ac92e356":"cf782b88dd83549aadf1e984":"17422dda596ed5d9acd890e3c63f5051":"5b78923dee08579033e523d9":"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f3031":"a23f7054b62c94d0affafe8228ba55cbefacea42f914aa66bcab3f2b9819a8a5b46b395bd54a9a20441e2b62974e1f5a6292a2977014bd1e3deae63aeebb21694915e4"
|
||||
ssl_tls13_record_protection:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:MBEDTLS_SSL_IS_CLIENT:0:1:"9f02283b6c9c07efc26bb9f2ac92e356":"cf782b88dd83549aadf1e984":"17422dda596ed5d9acd890e3c63f5051":"5b78923dee08579033e523d9":"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f3031":"a23f7054b62c94d0affafe8228ba55cbefacea42f914aa66bcab3f2b9819a8a5b46b395bd54a9a20441e2b62974e1f5a6292a2977014bd1e3deae63aeebb21694915e4"
|
||||
|
||||
SSL TLS 1.3 Record Encryption RFC 8448 Example #2
|
||||
# Application Data record sent by Server in 1-RTT example of RFC 8448, Section 3
|
||||
|
|
@ -6075,21 +6075,21 @@ SSL TLS 1.3 Record Encryption RFC 8448 Example #2
|
|||
# fc c4 9c 4b f2 e5 f0 a2 1c 00 47 c2 ab f3 32 54
|
||||
# 0d d0 32 e1 67 c2 95 5d
|
||||
# - Padding used: No (== granularity 1)
|
||||
ssl_tls1_3_record_protection:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:MBEDTLS_SSL_IS_SERVER:1:1:"9f02283b6c9c07efc26bb9f2ac92e356":"cf782b88dd83549aadf1e984":"17422dda596ed5d9acd890e3c63f5051":"5b78923dee08579033e523d9":"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f3031":"2e937e11ef4ac740e538ad36005fc4a46932fc3225d05f82aa1b36e30efaf97d90e6dffc602dcb501a59a8fcc49c4bf2e5f0a21c0047c2abf332540dd032e167c2955d"
|
||||
ssl_tls13_record_protection:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:MBEDTLS_SSL_IS_SERVER:1:1:"9f02283b6c9c07efc26bb9f2ac92e356":"cf782b88dd83549aadf1e984":"17422dda596ed5d9acd890e3c63f5051":"5b78923dee08579033e523d9":"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f3031":"2e937e11ef4ac740e538ad36005fc4a46932fc3225d05f82aa1b36e30efaf97d90e6dffc602dcb501a59a8fcc49c4bf2e5f0a21c0047c2abf332540dd032e167c2955d"
|
||||
|
||||
SSL TLS 1.3 Key schedule: Application secrets derivation helper
|
||||
# Vector from RFC 8448
|
||||
ssl_tls1_3_derive_application_secrets:MBEDTLS_MD_SHA256:"e2d32d4ed66dd37897a0e80c84107503ce58bf8aad4cb55a5002d77ecb890ece":"b0aeffc46a2cfe33114e6fd7d51f9f04b1ca3c497dab08934a774a9d9ad7dbf3":"2abbf2b8e381d23dbebe1dd2a7d16a8bf484cb4950d23fb7fb7fa8547062d9a1":"cc21f1bf8feb7dd5fa505bd9c4b468a9984d554a993dc49e6d285598fb672691":"3fd93d4ffddc98e64b14dd107aedf8ee4add23f4510f58a4592d0b201bee56b4"
|
||||
ssl_tls13_derive_application_secrets:MBEDTLS_MD_SHA256:"e2d32d4ed66dd37897a0e80c84107503ce58bf8aad4cb55a5002d77ecb890ece":"b0aeffc46a2cfe33114e6fd7d51f9f04b1ca3c497dab08934a774a9d9ad7dbf3":"2abbf2b8e381d23dbebe1dd2a7d16a8bf484cb4950d23fb7fb7fa8547062d9a1":"cc21f1bf8feb7dd5fa505bd9c4b468a9984d554a993dc49e6d285598fb672691":"3fd93d4ffddc98e64b14dd107aedf8ee4add23f4510f58a4592d0b201bee56b4"
|
||||
|
||||
SSL TLS 1.3 Key schedule: Resumption secrets derivation helper
|
||||
# Vector from RFC 8448
|
||||
ssl_tls1_3_derive_resumption_secrets:MBEDTLS_MD_SHA256:"e2d32d4ed66dd37897a0e80c84107503ce58bf8aad4cb55a5002d77ecb890ece":"c3c122e0bd907a4a3ff6112d8fd53dbf89c773d9552e8b6b9d56d361b3a97bf6":"5e95bdf1f89005ea2e9aa0ba85e728e3c19c5fe0c699e3f5bee59faebd0b5406"
|
||||
ssl_tls13_derive_resumption_secrets:MBEDTLS_MD_SHA256:"e2d32d4ed66dd37897a0e80c84107503ce58bf8aad4cb55a5002d77ecb890ece":"c3c122e0bd907a4a3ff6112d8fd53dbf89c773d9552e8b6b9d56d361b3a97bf6":"5e95bdf1f89005ea2e9aa0ba85e728e3c19c5fe0c699e3f5bee59faebd0b5406"
|
||||
|
||||
SSL TLS 1.3 Key schedule: PSK binder
|
||||
# Vector from RFC 8448
|
||||
# For the resumption PSK, see Section 3, 'generate resumption secret "tls13 resumption"'
|
||||
# For all other data, see Section 4, 'construct a ClientHello handshake message:'
|
||||
ssl_tls1_3_create_psk_binder:MBEDTLS_MD_SHA256:"4ecd0eb6ec3b4d87f5d6028f922ca4c5851a277fd41311c9e62d2c9492e1c4f3":MBEDTLS_SSL_TLS1_3_PSK_RESUMPTION:"63224b2e4573f2d3454ca84b9d009a04f6be9e05711a8396473aefa01e924a14":"3add4fb2d8fdf822a0ca3cf7678ef5e88dae990141c5924d57bb6fa31b9e5f9d"
|
||||
ssl_tls13_create_psk_binder:MBEDTLS_MD_SHA256:"4ecd0eb6ec3b4d87f5d6028f922ca4c5851a277fd41311c9e62d2c9492e1c4f3":MBEDTLS_SSL_TLS1_3_PSK_RESUMPTION:"63224b2e4573f2d3454ca84b9d009a04f6be9e05711a8396473aefa01e924a14":"3add4fb2d8fdf822a0ca3cf7678ef5e88dae990141c5924d57bb6fa31b9e5f9d"
|
||||
|
||||
SSL TLS_PRF MBEDTLS_SSL_TLS_PRF_NONE
|
||||
ssl_tls_prf:MBEDTLS_SSL_TLS_PRF_NONE:"":"":"test tls_prf label":"":MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE
|
||||
|
|
|
|||
|
|
@ -3670,12 +3670,12 @@ exit:
|
|||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
|
||||
void ssl_tls1_3_hkdf_expand_label( int hash_alg,
|
||||
data_t *secret,
|
||||
int label_idx,
|
||||
data_t *ctx,
|
||||
int desired_length,
|
||||
data_t *expected )
|
||||
void ssl_tls13_hkdf_expand_label( int hash_alg,
|
||||
data_t *secret,
|
||||
int label_idx,
|
||||
data_t *ctx,
|
||||
int desired_length,
|
||||
data_t *expected )
|
||||
{
|
||||
unsigned char dst[ 100 ];
|
||||
|
||||
|
|
@ -3684,8 +3684,8 @@ void ssl_tls1_3_hkdf_expand_label( int hash_alg,
|
|||
#define MBEDTLS_SSL_TLS1_3_LABEL( name, string ) \
|
||||
if( label_idx == (int) tls1_3_label_ ## name ) \
|
||||
{ \
|
||||
lbl = mbedtls_ssl_tls1_3_labels.name; \
|
||||
lbl_len = sizeof( mbedtls_ssl_tls1_3_labels.name ); \
|
||||
lbl = mbedtls_ssl_tls13_labels.name; \
|
||||
lbl_len = sizeof( mbedtls_ssl_tls13_labels.name ); \
|
||||
}
|
||||
MBEDTLS_SSL_TLS1_3_LABEL_LIST
|
||||
#undef MBEDTLS_SSL_TLS1_3_LABEL
|
||||
|
|
@ -3695,7 +3695,7 @@ MBEDTLS_SSL_TLS1_3_LABEL_LIST
|
|||
TEST_ASSERT( (size_t) desired_length <= sizeof(dst) );
|
||||
TEST_ASSERT( (size_t) desired_length == expected->len );
|
||||
|
||||
TEST_ASSERT( mbedtls_ssl_tls1_3_hkdf_expand_label(
|
||||
TEST_ASSERT( mbedtls_ssl_tls13_hkdf_expand_label(
|
||||
(mbedtls_md_type_t) hash_alg,
|
||||
secret->x, secret->len,
|
||||
lbl, lbl_len,
|
||||
|
|
@ -3708,15 +3708,15 @@ MBEDTLS_SSL_TLS1_3_LABEL_LIST
|
|||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
|
||||
void ssl_tls1_3_traffic_key_generation( int hash_alg,
|
||||
data_t *server_secret,
|
||||
data_t *client_secret,
|
||||
int desired_iv_len,
|
||||
int desired_key_len,
|
||||
data_t *expected_server_write_key,
|
||||
data_t *expected_server_write_iv,
|
||||
data_t *expected_client_write_key,
|
||||
data_t *expected_client_write_iv )
|
||||
void ssl_tls13_traffic_key_generation( int hash_alg,
|
||||
data_t *server_secret,
|
||||
data_t *client_secret,
|
||||
int desired_iv_len,
|
||||
int desired_key_len,
|
||||
data_t *expected_server_write_key,
|
||||
data_t *expected_server_write_iv,
|
||||
data_t *expected_client_write_key,
|
||||
data_t *expected_client_write_iv )
|
||||
{
|
||||
mbedtls_ssl_key_set keys;
|
||||
|
||||
|
|
@ -3727,7 +3727,7 @@ void ssl_tls1_3_traffic_key_generation( int hash_alg,
|
|||
TEST_ASSERT( expected_client_write_key->len == expected_server_write_key->len &&
|
||||
expected_client_write_key->len == (size_t) desired_key_len );
|
||||
|
||||
TEST_ASSERT( mbedtls_ssl_tls1_3_make_traffic_keys(
|
||||
TEST_ASSERT( mbedtls_ssl_tls13_make_traffic_keys(
|
||||
(mbedtls_md_type_t) hash_alg,
|
||||
client_secret->x,
|
||||
server_secret->x,
|
||||
|
|
@ -3755,13 +3755,13 @@ void ssl_tls1_3_traffic_key_generation( int hash_alg,
|
|||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
|
||||
void ssl_tls1_3_derive_secret( int hash_alg,
|
||||
data_t *secret,
|
||||
int label_idx,
|
||||
data_t *ctx,
|
||||
int desired_length,
|
||||
int already_hashed,
|
||||
data_t *expected )
|
||||
void ssl_tls13_derive_secret( int hash_alg,
|
||||
data_t *secret,
|
||||
int label_idx,
|
||||
data_t *ctx,
|
||||
int desired_length,
|
||||
int already_hashed,
|
||||
data_t *expected )
|
||||
{
|
||||
unsigned char dst[ 100 ];
|
||||
|
||||
|
|
@ -3770,8 +3770,8 @@ void ssl_tls1_3_derive_secret( int hash_alg,
|
|||
#define MBEDTLS_SSL_TLS1_3_LABEL( name, string ) \
|
||||
if( label_idx == (int) tls1_3_label_ ## name ) \
|
||||
{ \
|
||||
lbl = mbedtls_ssl_tls1_3_labels.name; \
|
||||
lbl_len = sizeof( mbedtls_ssl_tls1_3_labels.name ); \
|
||||
lbl = mbedtls_ssl_tls13_labels.name; \
|
||||
lbl_len = sizeof( mbedtls_ssl_tls13_labels.name ); \
|
||||
}
|
||||
MBEDTLS_SSL_TLS1_3_LABEL_LIST
|
||||
#undef MBEDTLS_SSL_TLS1_3_LABEL
|
||||
|
|
@ -3781,7 +3781,7 @@ MBEDTLS_SSL_TLS1_3_LABEL_LIST
|
|||
TEST_ASSERT( (size_t) desired_length <= sizeof(dst) );
|
||||
TEST_ASSERT( (size_t) desired_length == expected->len );
|
||||
|
||||
TEST_ASSERT( mbedtls_ssl_tls1_3_derive_secret(
|
||||
TEST_ASSERT( mbedtls_ssl_tls13_derive_secret(
|
||||
(mbedtls_md_type_t) hash_alg,
|
||||
secret->x, secret->len,
|
||||
lbl, lbl_len,
|
||||
|
|
@ -3795,13 +3795,13 @@ MBEDTLS_SSL_TLS1_3_LABEL_LIST
|
|||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
|
||||
void ssl_tls1_3_derive_early_secrets( int hash_alg,
|
||||
data_t *secret,
|
||||
data_t *transcript,
|
||||
data_t *traffic_expected,
|
||||
data_t *exporter_expected )
|
||||
void ssl_tls13_derive_early_secrets( int hash_alg,
|
||||
data_t *secret,
|
||||
data_t *transcript,
|
||||
data_t *traffic_expected,
|
||||
data_t *exporter_expected )
|
||||
{
|
||||
mbedtls_ssl_tls1_3_early_secrets secrets;
|
||||
mbedtls_ssl_tls13_early_secrets secrets;
|
||||
|
||||
/* Double-check that we've passed sane parameters. */
|
||||
mbedtls_md_type_t md_type = (mbedtls_md_type_t) hash_alg;
|
||||
|
|
@ -3813,7 +3813,7 @@ void ssl_tls1_3_derive_early_secrets( int hash_alg,
|
|||
traffic_expected->len == md_size &&
|
||||
exporter_expected->len == md_size );
|
||||
|
||||
TEST_ASSERT( mbedtls_ssl_tls1_3_derive_early_secrets(
|
||||
TEST_ASSERT( mbedtls_ssl_tls13_derive_early_secrets(
|
||||
md_type, secret->x, transcript->x, transcript->len,
|
||||
&secrets ) == 0 );
|
||||
|
||||
|
|
@ -3825,13 +3825,13 @@ void ssl_tls1_3_derive_early_secrets( int hash_alg,
|
|||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
|
||||
void ssl_tls1_3_derive_handshake_secrets( int hash_alg,
|
||||
data_t *secret,
|
||||
data_t *transcript,
|
||||
data_t *client_expected,
|
||||
data_t *server_expected )
|
||||
void ssl_tls13_derive_handshake_secrets( int hash_alg,
|
||||
data_t *secret,
|
||||
data_t *transcript,
|
||||
data_t *client_expected,
|
||||
data_t *server_expected )
|
||||
{
|
||||
mbedtls_ssl_tls1_3_handshake_secrets secrets;
|
||||
mbedtls_ssl_tls13_handshake_secrets secrets;
|
||||
|
||||
/* Double-check that we've passed sane parameters. */
|
||||
mbedtls_md_type_t md_type = (mbedtls_md_type_t) hash_alg;
|
||||
|
|
@ -3843,7 +3843,7 @@ void ssl_tls1_3_derive_handshake_secrets( int hash_alg,
|
|||
client_expected->len == md_size &&
|
||||
server_expected->len == md_size );
|
||||
|
||||
TEST_ASSERT( mbedtls_ssl_tls1_3_derive_handshake_secrets(
|
||||
TEST_ASSERT( mbedtls_ssl_tls13_derive_handshake_secrets(
|
||||
md_type, secret->x, transcript->x, transcript->len,
|
||||
&secrets ) == 0 );
|
||||
|
||||
|
|
@ -3855,14 +3855,14 @@ void ssl_tls1_3_derive_handshake_secrets( int hash_alg,
|
|||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
|
||||
void ssl_tls1_3_derive_application_secrets( int hash_alg,
|
||||
data_t *secret,
|
||||
data_t *transcript,
|
||||
data_t *client_expected,
|
||||
data_t *server_expected,
|
||||
data_t *exporter_expected )
|
||||
void ssl_tls13_derive_application_secrets( int hash_alg,
|
||||
data_t *secret,
|
||||
data_t *transcript,
|
||||
data_t *client_expected,
|
||||
data_t *server_expected,
|
||||
data_t *exporter_expected )
|
||||
{
|
||||
mbedtls_ssl_tls1_3_application_secrets secrets;
|
||||
mbedtls_ssl_tls13_application_secrets secrets;
|
||||
|
||||
/* Double-check that we've passed sane parameters. */
|
||||
mbedtls_md_type_t md_type = (mbedtls_md_type_t) hash_alg;
|
||||
|
|
@ -3875,7 +3875,7 @@ void ssl_tls1_3_derive_application_secrets( int hash_alg,
|
|||
server_expected->len == md_size &&
|
||||
exporter_expected->len == md_size );
|
||||
|
||||
TEST_ASSERT( mbedtls_ssl_tls1_3_derive_application_secrets(
|
||||
TEST_ASSERT( mbedtls_ssl_tls13_derive_application_secrets(
|
||||
md_type, secret->x, transcript->x, transcript->len,
|
||||
&secrets ) == 0 );
|
||||
|
||||
|
|
@ -3889,12 +3889,12 @@ void ssl_tls1_3_derive_application_secrets( int hash_alg,
|
|||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
|
||||
void ssl_tls1_3_derive_resumption_secrets( int hash_alg,
|
||||
data_t *secret,
|
||||
data_t *transcript,
|
||||
data_t *resumption_expected )
|
||||
void ssl_tls13_derive_resumption_secrets( int hash_alg,
|
||||
data_t *secret,
|
||||
data_t *transcript,
|
||||
data_t *resumption_expected )
|
||||
{
|
||||
mbedtls_ssl_tls1_3_application_secrets secrets;
|
||||
mbedtls_ssl_tls13_application_secrets secrets;
|
||||
|
||||
/* Double-check that we've passed sane parameters. */
|
||||
mbedtls_md_type_t md_type = (mbedtls_md_type_t) hash_alg;
|
||||
|
|
@ -3905,7 +3905,7 @@ void ssl_tls1_3_derive_resumption_secrets( int hash_alg,
|
|||
transcript->len == md_size &&
|
||||
resumption_expected->len == md_size );
|
||||
|
||||
TEST_ASSERT( mbedtls_ssl_tls1_3_derive_resumption_master_secret(
|
||||
TEST_ASSERT( mbedtls_ssl_tls13_derive_resumption_master_secret(
|
||||
md_type, secret->x, transcript->x, transcript->len,
|
||||
&secrets ) == 0 );
|
||||
|
||||
|
|
@ -3915,11 +3915,11 @@ void ssl_tls1_3_derive_resumption_secrets( int hash_alg,
|
|||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
|
||||
void ssl_tls1_3_create_psk_binder( int hash_alg,
|
||||
data_t *psk,
|
||||
int psk_type,
|
||||
data_t *transcript,
|
||||
data_t *binder_expected )
|
||||
void ssl_tls13_create_psk_binder( int hash_alg,
|
||||
data_t *psk,
|
||||
int psk_type,
|
||||
data_t *transcript,
|
||||
data_t *binder_expected )
|
||||
{
|
||||
unsigned char binder[ MBEDTLS_MD_MAX_SIZE ];
|
||||
|
||||
|
|
@ -3931,7 +3931,7 @@ void ssl_tls1_3_create_psk_binder( int hash_alg,
|
|||
transcript->len == md_size &&
|
||||
binder_expected->len == md_size );
|
||||
|
||||
TEST_ASSERT( mbedtls_ssl_tls1_3_create_psk_binder(
|
||||
TEST_ASSERT( mbedtls_ssl_tls13_create_psk_binder(
|
||||
NULL, /* SSL context for debugging only */
|
||||
md_type,
|
||||
psk->x, psk->len,
|
||||
|
|
@ -3945,16 +3945,16 @@ void ssl_tls1_3_create_psk_binder( int hash_alg,
|
|||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
|
||||
void ssl_tls1_3_record_protection( int ciphersuite,
|
||||
int endpoint,
|
||||
int ctr,
|
||||
int padding_used,
|
||||
data_t *server_write_key,
|
||||
data_t *server_write_iv,
|
||||
data_t *client_write_key,
|
||||
data_t *client_write_iv,
|
||||
data_t *plaintext,
|
||||
data_t *ciphertext )
|
||||
void ssl_tls13_record_protection( int ciphersuite,
|
||||
int endpoint,
|
||||
int ctr,
|
||||
int padding_used,
|
||||
data_t *server_write_key,
|
||||
data_t *server_write_iv,
|
||||
data_t *client_write_key,
|
||||
data_t *client_write_iv,
|
||||
data_t *plaintext,
|
||||
data_t *ciphertext )
|
||||
{
|
||||
mbedtls_ssl_key_set keys;
|
||||
mbedtls_ssl_transform transform_send;
|
||||
|
|
@ -4043,14 +4043,14 @@ void ssl_tls1_3_record_protection( int ciphersuite,
|
|||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
|
||||
void ssl_tls1_3_key_evolution( int hash_alg,
|
||||
data_t *secret,
|
||||
data_t *input,
|
||||
data_t *expected )
|
||||
void ssl_tls13_key_evolution( int hash_alg,
|
||||
data_t *secret,
|
||||
data_t *input,
|
||||
data_t *expected )
|
||||
{
|
||||
unsigned char secret_new[ MBEDTLS_MD_MAX_SIZE ];
|
||||
|
||||
TEST_ASSERT( mbedtls_ssl_tls1_3_evolve_secret(
|
||||
TEST_ASSERT( mbedtls_ssl_tls13_evolve_secret(
|
||||
(mbedtls_md_type_t) hash_alg,
|
||||
secret->len ? secret->x : NULL,
|
||||
input->len ? input->x : NULL, input->len,
|
||||
|
|
|
|||
Loading…
Reference in a new issue