Whitespace, logging and documentation fixes
Introduce a psa_status_t status to handle return values. Add a debug message with API usage description.
This commit is contained in:
parent
d6db9be598
commit
814feffd15
2 changed files with 23 additions and 13 deletions
|
@ -765,7 +765,7 @@ int mbedtls_ssl_get_key_exchange_md_ssl_tls( mbedtls_ssl_context *ssl,
|
||||||
|
|
||||||
#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \
|
#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \
|
||||||
defined(MBEDTLS_SSL_PROTO_TLS1_2)
|
defined(MBEDTLS_SSL_PROTO_TLS1_2)
|
||||||
// The hash buffer must have at least MBEDTLS_MD_MAX_SIZE bytes of length.
|
/* The hash buffer must have at least MBEDTLS_MD_MAX_SIZE bytes of length. */
|
||||||
int mbedtls_ssl_get_key_exchange_md_tls1_2( mbedtls_ssl_context *ssl,
|
int mbedtls_ssl_get_key_exchange_md_tls1_2( mbedtls_ssl_context *ssl,
|
||||||
unsigned char *hash, size_t *hashlen,
|
unsigned char *hash, size_t *hashlen,
|
||||||
unsigned char *data, size_t data_len,
|
unsigned char *data, size_t data_len,
|
||||||
|
|
|
@ -9984,44 +9984,51 @@ int mbedtls_ssl_get_key_exchange_md_tls1_2( mbedtls_ssl_context *ssl,
|
||||||
unsigned char *data, size_t data_len,
|
unsigned char *data, size_t data_len,
|
||||||
mbedtls_md_type_t md_alg )
|
mbedtls_md_type_t md_alg )
|
||||||
{
|
{
|
||||||
int ret = 0;
|
psa_status_t status;
|
||||||
psa_hash_operation_t hash_operation;
|
psa_hash_operation_t hash_operation;
|
||||||
psa_algorithm_t hash_alg = mbedtls_psa_translate_md( md_alg );
|
psa_algorithm_t hash_alg = mbedtls_psa_translate_md( md_alg );
|
||||||
|
|
||||||
if( ( ret = psa_hash_setup( &hash_operation, hash_alg ) ) != PSA_SUCCESS )
|
MBEDTLS_SSL_DEBUG_MSG( 2, ( "Perform PSA-based computation of digest \
|
||||||
|
of ServerKeyExchange" ) );
|
||||||
|
|
||||||
|
if( ( status = psa_hash_setup( &hash_operation,
|
||||||
|
hash_alg ) ) != PSA_SUCCESS )
|
||||||
{
|
{
|
||||||
MBEDTLS_SSL_DEBUG_RET( 1, "psa_hash_setup", ret );
|
MBEDTLS_SSL_DEBUG_RET( 1, "psa_hash_setup", status );
|
||||||
goto exit;
|
goto exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
if( ( ret = psa_hash_update( &hash_operation, ssl->handshake->randbytes, 64 ) ) != PSA_SUCCESS )
|
if( ( status = psa_hash_update( &hash_operation, ssl->handshake->randbytes,
|
||||||
|
64 ) ) != PSA_SUCCESS )
|
||||||
{
|
{
|
||||||
MBEDTLS_SSL_DEBUG_RET( 1, "psa_hash_update", ret );
|
MBEDTLS_SSL_DEBUG_RET( 1, "psa_hash_update", status );
|
||||||
goto exit;
|
goto exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
if( ( ret = psa_hash_update( &hash_operation, data, data_len ) ) != PSA_SUCCESS )
|
if( ( status = psa_hash_update( &hash_operation,
|
||||||
|
data, data_len ) ) != PSA_SUCCESS )
|
||||||
{
|
{
|
||||||
MBEDTLS_SSL_DEBUG_RET( 1, "psa_hash_update", ret );
|
MBEDTLS_SSL_DEBUG_RET( 1, "psa_hash_update", status );
|
||||||
goto exit;
|
goto exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
if( ( ret = psa_hash_finish( &hash_operation, hash, MBEDTLS_MD_MAX_SIZE, hashlen ) ) != PSA_SUCCESS )
|
if( ( status = psa_hash_finish( &hash_operation, hash, MBEDTLS_MD_MAX_SIZE,
|
||||||
|
hashlen ) ) != PSA_SUCCESS )
|
||||||
{
|
{
|
||||||
MBEDTLS_SSL_DEBUG_RET( 1, "psa_hash_finish", ret );
|
MBEDTLS_SSL_DEBUG_RET( 1, "psa_hash_finish", status );
|
||||||
goto exit;
|
goto exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
exit:
|
exit:
|
||||||
if( ret != 0 )
|
if( status != PSA_SUCCESS )
|
||||||
{
|
{
|
||||||
mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
|
mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
|
||||||
MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR );
|
MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR );
|
||||||
switch(ret)
|
switch( status )
|
||||||
{
|
{
|
||||||
case PSA_ERROR_NOT_SUPPORTED:
|
case PSA_ERROR_NOT_SUPPORTED:
|
||||||
return( MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE );
|
return( MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE );
|
||||||
case PSA_ERROR_BAD_STATE: // Intentional fallthrough
|
case PSA_ERROR_BAD_STATE: /* Intentional fallthrough */
|
||||||
case PSA_ERROR_BUFFER_TOO_SMALL:
|
case PSA_ERROR_BUFFER_TOO_SMALL:
|
||||||
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
|
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
|
||||||
case PSA_ERROR_INSUFFICIENT_MEMORY:
|
case PSA_ERROR_INSUFFICIENT_MEMORY:
|
||||||
|
@ -10045,6 +10052,9 @@ int mbedtls_ssl_get_key_exchange_md_tls1_2( mbedtls_ssl_context *ssl,
|
||||||
const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( md_alg );
|
const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( md_alg );
|
||||||
*hashlen = mbedtls_md_get_size( md_info );
|
*hashlen = mbedtls_md_get_size( md_info );
|
||||||
|
|
||||||
|
MBEDTLS_SSL_DEBUG_MSG( 2, ( "Perform mbedtls-based computation of digest \
|
||||||
|
of ServerKeyExchange" ) );
|
||||||
|
|
||||||
mbedtls_md_init( &ctx );
|
mbedtls_md_init( &ctx );
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
|
Loading…
Reference in a new issue