Don't pass the async config data to async callbacks
The config data is in the SSL config, so callbacks can retrieve it from there, with the new function mbedtls_ssl_conf_get_async_config_data.
This commit is contained in:
parent
e141638868
commit
8f97af7ea3
4 changed files with 42 additions and 44 deletions
|
@ -594,8 +594,6 @@ typedef struct mbedtls_ssl_flight_item mbedtls_ssl_flight_item;
|
||||||
* from step 2, with `digestAlgorithm` obtained by calling
|
* from step 2, with `digestAlgorithm` obtained by calling
|
||||||
* mbedtls_oid_get_oid_by_md() on \p md_alg.
|
* mbedtls_oid_get_oid_by_md() on \p md_alg.
|
||||||
*
|
*
|
||||||
* \param config_data The configuration data parameter passed to
|
|
||||||
* mbedtls_ssl_conf_async_private_cb().
|
|
||||||
* \param ssl The SSL connection instance. It should not be
|
* \param ssl The SSL connection instance. It should not be
|
||||||
* modified other than via mbedtls_ssl_async_set_data().
|
* modified other than via mbedtls_ssl_async_set_data().
|
||||||
* \param cert Certificate containing the public key.
|
* \param cert Certificate containing the public key.
|
||||||
|
@ -615,8 +613,7 @@ typedef struct mbedtls_ssl_flight_item mbedtls_ssl_flight_item;
|
||||||
* \return Any other error indicates a fatal failure and is
|
* \return Any other error indicates a fatal failure and is
|
||||||
* propagated up the call chain.
|
* propagated up the call chain.
|
||||||
*/
|
*/
|
||||||
typedef int mbedtls_ssl_async_sign_t( void *config_data,
|
typedef int mbedtls_ssl_async_sign_t( mbedtls_ssl_context *ssl,
|
||||||
mbedtls_ssl_context *ssl,
|
|
||||||
mbedtls_x509_crt *cert,
|
mbedtls_x509_crt *cert,
|
||||||
mbedtls_md_type_t md_alg,
|
mbedtls_md_type_t md_alg,
|
||||||
const unsigned char *hash,
|
const unsigned char *hash,
|
||||||
|
@ -646,8 +643,6 @@ typedef int mbedtls_ssl_async_sign_t( void *config_data,
|
||||||
* store an operation context for later retrieval
|
* store an operation context for later retrieval
|
||||||
* by the resume callback.
|
* by the resume callback.
|
||||||
*
|
*
|
||||||
* \param config_data The configuration data parameter passed to
|
|
||||||
* mbedtls_ssl_conf_async_private_cb().
|
|
||||||
* \param ssl The SSL connection instance. It should not be
|
* \param ssl The SSL connection instance. It should not be
|
||||||
* modified other than via mbedtls_ssl_async_set_data().
|
* modified other than via mbedtls_ssl_async_set_data().
|
||||||
* \param cert Certificate containing the public key.
|
* \param cert Certificate containing the public key.
|
||||||
|
@ -666,8 +661,7 @@ typedef int mbedtls_ssl_async_sign_t( void *config_data,
|
||||||
* \return Any other error indicates a fatal failure and is
|
* \return Any other error indicates a fatal failure and is
|
||||||
* propagated up the call chain.
|
* propagated up the call chain.
|
||||||
*/
|
*/
|
||||||
typedef int mbedtls_ssl_async_decrypt_t( void *config_data,
|
typedef int mbedtls_ssl_async_decrypt_t( mbedtls_ssl_context *ssl,
|
||||||
mbedtls_ssl_context *ssl,
|
|
||||||
mbedtls_x509_crt *cert,
|
mbedtls_x509_crt *cert,
|
||||||
const unsigned char *input,
|
const unsigned char *input,
|
||||||
size_t input_len );
|
size_t input_len );
|
||||||
|
@ -691,8 +685,6 @@ typedef int mbedtls_ssl_async_decrypt_t( void *config_data,
|
||||||
* It may call mbedtls_ssl_async_set_data() to modify this
|
* It may call mbedtls_ssl_async_set_data() to modify this
|
||||||
* context.
|
* context.
|
||||||
*
|
*
|
||||||
* \param config_data The configuration data parameter passed to
|
|
||||||
* mbedtls_ssl_conf_async_private_cb().
|
|
||||||
* \param ssl The SSL connection instance. It should not be
|
* \param ssl The SSL connection instance. It should not be
|
||||||
* modified other than via mbedtls_ssl_async_set_data().
|
* modified other than via mbedtls_ssl_async_set_data().
|
||||||
* \param output Buffer containing the output (signature or decrypted
|
* \param output Buffer containing the output (signature or decrypted
|
||||||
|
@ -709,8 +701,7 @@ typedef int mbedtls_ssl_async_decrypt_t( void *config_data,
|
||||||
* \return Any other error means that the operation is aborted.
|
* \return Any other error means that the operation is aborted.
|
||||||
* The SSL handshake is aborted.
|
* The SSL handshake is aborted.
|
||||||
*/
|
*/
|
||||||
typedef int mbedtls_ssl_async_resume_t( void *config_data,
|
typedef int mbedtls_ssl_async_resume_t( mbedtls_ssl_context *ssl,
|
||||||
mbedtls_ssl_context *ssl,
|
|
||||||
unsigned char *output,
|
unsigned char *output,
|
||||||
size_t *output_len,
|
size_t *output_len,
|
||||||
size_t output_size );
|
size_t output_size );
|
||||||
|
@ -724,13 +715,10 @@ typedef int mbedtls_ssl_async_resume_t( void *config_data,
|
||||||
* This function may call mbedtls_ssl_async_get_data() to
|
* This function may call mbedtls_ssl_async_get_data() to
|
||||||
* retrieve an operation context set by the start callback.
|
* retrieve an operation context set by the start callback.
|
||||||
*
|
*
|
||||||
* \param config_data The configuration data parameter passed to
|
|
||||||
* mbedtls_ssl_conf_async_private_cb().
|
|
||||||
* \param ssl The SSL connection instance. It should not be
|
* \param ssl The SSL connection instance. It should not be
|
||||||
* modified.
|
* modified.
|
||||||
*/
|
*/
|
||||||
typedef void mbedtls_ssl_async_cancel_t( void *config_data,
|
typedef void mbedtls_ssl_async_cancel_t( mbedtls_ssl_context *ssl );
|
||||||
mbedtls_ssl_context *ssl );
|
|
||||||
#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
|
#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
@ -856,7 +844,7 @@ struct mbedtls_ssl_config
|
||||||
#endif /* MBEDTLS_X509_CRT_PARSE_C */
|
#endif /* MBEDTLS_X509_CRT_PARSE_C */
|
||||||
mbedtls_ssl_async_resume_t *f_async_resume; /*!< resume asynchronous operation */
|
mbedtls_ssl_async_resume_t *f_async_resume; /*!< resume asynchronous operation */
|
||||||
mbedtls_ssl_async_cancel_t *f_async_cancel; /*!< cancel asynchronous operation */
|
mbedtls_ssl_async_cancel_t *f_async_cancel; /*!< cancel asynchronous operation */
|
||||||
void *p_async_config_data; /*!< Configuration data set by mbedtls_ssl_conf_async_private_cb() and passed to the callbacks. */
|
void *p_async_config_data; /*!< Configuration data set by mbedtls_ssl_conf_async_private_cb(). */
|
||||||
#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
|
#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
|
||||||
|
|
||||||
#if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED)
|
#if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED)
|
||||||
|
@ -1531,9 +1519,10 @@ void mbedtls_ssl_conf_export_keys_cb( mbedtls_ssl_config *conf,
|
||||||
* the description of ::mbedtls_ssl_async_cancel_t
|
* the description of ::mbedtls_ssl_async_cancel_t
|
||||||
* for more information. This may be \c NULL if
|
* for more information. This may be \c NULL if
|
||||||
* no cleanup is needed.
|
* no cleanup is needed.
|
||||||
* \param config_data A pointer to configuration data which will be
|
* \param config_data A pointer to configuration data which can be
|
||||||
* passed to the callbacks. The library stores and
|
* retrieved with
|
||||||
* passes back this value without dereferencing it.
|
* mbedtls_ssl_conf_get_async_config_data(). The
|
||||||
|
* library stores this value without dereferencing it.
|
||||||
*/
|
*/
|
||||||
void mbedtls_ssl_conf_async_private_cb( mbedtls_ssl_config *conf,
|
void mbedtls_ssl_conf_async_private_cb( mbedtls_ssl_config *conf,
|
||||||
mbedtls_ssl_async_sign_t *f_async_sign,
|
mbedtls_ssl_async_sign_t *f_async_sign,
|
||||||
|
@ -1542,6 +1531,16 @@ void mbedtls_ssl_conf_async_private_cb( mbedtls_ssl_config *conf,
|
||||||
mbedtls_ssl_async_cancel_t *f_async_cancel,
|
mbedtls_ssl_async_cancel_t *f_async_cancel,
|
||||||
void *config_data );
|
void *config_data );
|
||||||
|
|
||||||
|
/**
|
||||||
|
* \brief Retrieve the configuration data set by
|
||||||
|
* mbedtls_ssl_conf_async_private_cb().
|
||||||
|
*
|
||||||
|
* \param conf SSL configuration context
|
||||||
|
* \return The configuration data set by
|
||||||
|
* mbedtls_ssl_conf_async_private_cb().
|
||||||
|
*/
|
||||||
|
void *mbedtls_ssl_conf_get_async_config_data( const mbedtls_ssl_config *conf );
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* \brief Retrieve the asynchronous operation user context.
|
* \brief Retrieve the asynchronous operation user context.
|
||||||
*
|
*
|
||||||
|
@ -1555,7 +1554,7 @@ void mbedtls_ssl_conf_async_private_cb( mbedtls_ssl_config *conf,
|
||||||
* has not been called during the current handshake yet,
|
* has not been called during the current handshake yet,
|
||||||
* this function returns \c NULL.
|
* this function returns \c NULL.
|
||||||
*/
|
*/
|
||||||
void *mbedtls_ssl_async_get_data( mbedtls_ssl_context *ssl );
|
void *mbedtls_ssl_async_get_data( const mbedtls_ssl_context *ssl );
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* \brief Retrieve the asynchronous operation user context.
|
* \brief Retrieve the asynchronous operation user context.
|
||||||
|
|
|
@ -2847,7 +2847,7 @@ static int ssl_resume_server_key_exchange( mbedtls_ssl_context *ssl,
|
||||||
unsigned char *sig_start = ssl->out_msg + ssl->out_msglen + 2;
|
unsigned char *sig_start = ssl->out_msg + ssl->out_msglen + 2;
|
||||||
size_t sig_max_len = ( ssl->out_buf + MBEDTLS_SSL_MAX_CONTENT_LEN
|
size_t sig_max_len = ( ssl->out_buf + MBEDTLS_SSL_MAX_CONTENT_LEN
|
||||||
- sig_start );
|
- sig_start );
|
||||||
int ret = ssl->conf->f_async_resume( ssl->conf->p_async_config_data, ssl,
|
int ret = ssl->conf->f_async_resume( ssl,
|
||||||
sig_start, signature_len, sig_max_len );
|
sig_start, signature_len, sig_max_len );
|
||||||
if( ret != MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS )
|
if( ret != MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS )
|
||||||
{
|
{
|
||||||
|
@ -3174,8 +3174,7 @@ curve_matching_done:
|
||||||
#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
|
#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
|
||||||
if( ssl->conf->f_async_sign_start != NULL )
|
if( ssl->conf->f_async_sign_start != NULL )
|
||||||
{
|
{
|
||||||
ret = ssl->conf->f_async_sign_start( ssl->conf->p_async_config_data,
|
ret = ssl->conf->f_async_sign_start( ssl,
|
||||||
ssl,
|
|
||||||
mbedtls_ssl_own_cert( ssl ),
|
mbedtls_ssl_own_cert( ssl ),
|
||||||
md_alg, hash, hashlen );
|
md_alg, hash, hashlen );
|
||||||
switch( ret )
|
switch( ret )
|
||||||
|
@ -3402,7 +3401,7 @@ static int ssl_resume_decrypt_pms( mbedtls_ssl_context *ssl,
|
||||||
size_t *peer_pmslen,
|
size_t *peer_pmslen,
|
||||||
size_t peer_pmssize )
|
size_t peer_pmssize )
|
||||||
{
|
{
|
||||||
int ret = ssl->conf->f_async_resume( ssl->conf->p_async_config_data, ssl,
|
int ret = ssl->conf->f_async_resume( ssl,
|
||||||
peer_pms, peer_pmslen, peer_pmssize );
|
peer_pms, peer_pmslen, peer_pmssize );
|
||||||
if( ret != MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS )
|
if( ret != MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS )
|
||||||
{
|
{
|
||||||
|
@ -3465,8 +3464,7 @@ static int ssl_decrypt_encrypted_pms( mbedtls_ssl_context *ssl,
|
||||||
#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
|
#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
|
||||||
if( ssl->conf->f_async_decrypt_start != NULL )
|
if( ssl->conf->f_async_decrypt_start != NULL )
|
||||||
{
|
{
|
||||||
ret = ssl->conf->f_async_decrypt_start( ssl->conf->p_async_config_data,
|
ret = ssl->conf->f_async_decrypt_start( ssl,
|
||||||
ssl,
|
|
||||||
mbedtls_ssl_own_cert( ssl ),
|
mbedtls_ssl_own_cert( ssl ),
|
||||||
p, len );
|
p, len );
|
||||||
switch( ret )
|
switch( ret )
|
||||||
|
|
|
@ -6494,7 +6494,12 @@ void mbedtls_ssl_conf_async_private_cb(
|
||||||
conf->p_async_config_data = async_config_data;
|
conf->p_async_config_data = async_config_data;
|
||||||
}
|
}
|
||||||
|
|
||||||
void *mbedtls_ssl_async_get_data( mbedtls_ssl_context *ssl )
|
void *mbedtls_ssl_conf_get_async_config_data( const mbedtls_ssl_config *conf )
|
||||||
|
{
|
||||||
|
return( conf->p_async_config_data );
|
||||||
|
}
|
||||||
|
|
||||||
|
void *mbedtls_ssl_async_get_data( const mbedtls_ssl_context *ssl )
|
||||||
{
|
{
|
||||||
if( ssl->handshake == NULL )
|
if( ssl->handshake == NULL )
|
||||||
return( NULL );
|
return( NULL );
|
||||||
|
@ -7451,7 +7456,7 @@ void mbedtls_ssl_handshake_free( mbedtls_ssl_context *ssl )
|
||||||
#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
|
#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
|
||||||
if( ssl->conf->f_async_cancel != NULL && handshake->async_in_progress != 0 )
|
if( ssl->conf->f_async_cancel != NULL && handshake->async_in_progress != 0 )
|
||||||
{
|
{
|
||||||
ssl->conf->f_async_cancel( ssl->conf->p_async_config_data, ssl );
|
ssl->conf->f_async_cancel( ssl );
|
||||||
handshake->async_in_progress = 0;
|
handshake->async_in_progress = 0;
|
||||||
}
|
}
|
||||||
#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
|
#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
|
||||||
|
|
|
@ -941,15 +941,15 @@ typedef struct
|
||||||
unsigned remaining_delay;
|
unsigned remaining_delay;
|
||||||
} ssl_async_operation_context_t;
|
} ssl_async_operation_context_t;
|
||||||
|
|
||||||
static int ssl_async_start( void *config_data_arg,
|
static int ssl_async_start( mbedtls_ssl_context *ssl,
|
||||||
mbedtls_ssl_context *ssl,
|
|
||||||
mbedtls_x509_crt *cert,
|
mbedtls_x509_crt *cert,
|
||||||
ssl_async_operation_type_t op_type,
|
ssl_async_operation_type_t op_type,
|
||||||
mbedtls_md_type_t md_alg,
|
mbedtls_md_type_t md_alg,
|
||||||
const unsigned char *input,
|
const unsigned char *input,
|
||||||
size_t input_len )
|
size_t input_len )
|
||||||
{
|
{
|
||||||
ssl_async_key_context_t *config_data = config_data_arg;
|
ssl_async_key_context_t *config_data =
|
||||||
|
mbedtls_ssl_conf_get_async_config_data( ssl->conf );
|
||||||
size_t slot;
|
size_t slot;
|
||||||
ssl_async_operation_context_t *ctx = NULL;
|
ssl_async_operation_context_t *ctx = NULL;
|
||||||
const char *op_name = ssl_async_operation_names[op_type];
|
const char *op_name = ssl_async_operation_names[op_type];
|
||||||
|
@ -1000,37 +1000,35 @@ static int ssl_async_start( void *config_data_arg,
|
||||||
return( MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS );
|
return( MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS );
|
||||||
}
|
}
|
||||||
|
|
||||||
static int ssl_async_sign( void *config_data_arg,
|
static int ssl_async_sign( mbedtls_ssl_context *ssl,
|
||||||
mbedtls_ssl_context *ssl,
|
|
||||||
mbedtls_x509_crt *cert,
|
mbedtls_x509_crt *cert,
|
||||||
mbedtls_md_type_t md_alg,
|
mbedtls_md_type_t md_alg,
|
||||||
const unsigned char *hash,
|
const unsigned char *hash,
|
||||||
size_t hash_len )
|
size_t hash_len )
|
||||||
{
|
{
|
||||||
return( ssl_async_start( config_data_arg, ssl, cert,
|
return( ssl_async_start( ssl, cert,
|
||||||
ASYNC_OP_SIGN, md_alg,
|
ASYNC_OP_SIGN, md_alg,
|
||||||
hash, hash_len ) );
|
hash, hash_len ) );
|
||||||
}
|
}
|
||||||
|
|
||||||
static int ssl_async_decrypt( void *config_data_arg,
|
static int ssl_async_decrypt( mbedtls_ssl_context *ssl,
|
||||||
mbedtls_ssl_context *ssl,
|
|
||||||
mbedtls_x509_crt *cert,
|
mbedtls_x509_crt *cert,
|
||||||
const unsigned char *input,
|
const unsigned char *input,
|
||||||
size_t input_len )
|
size_t input_len )
|
||||||
{
|
{
|
||||||
return( ssl_async_start( config_data_arg, ssl, cert,
|
return( ssl_async_start( ssl, cert,
|
||||||
ASYNC_OP_DECRYPT, MBEDTLS_MD_NONE,
|
ASYNC_OP_DECRYPT, MBEDTLS_MD_NONE,
|
||||||
input, input_len ) );
|
input, input_len ) );
|
||||||
}
|
}
|
||||||
|
|
||||||
static int ssl_async_resume( void *config_data_arg,
|
static int ssl_async_resume( mbedtls_ssl_context *ssl,
|
||||||
mbedtls_ssl_context *ssl,
|
|
||||||
unsigned char *output,
|
unsigned char *output,
|
||||||
size_t *output_len,
|
size_t *output_len,
|
||||||
size_t output_size )
|
size_t output_size )
|
||||||
{
|
{
|
||||||
ssl_async_operation_context_t *ctx = mbedtls_ssl_async_get_data( ssl );
|
ssl_async_operation_context_t *ctx = mbedtls_ssl_async_get_data( ssl );
|
||||||
ssl_async_key_context_t *config_data = config_data_arg;
|
ssl_async_key_context_t *config_data =
|
||||||
|
mbedtls_ssl_conf_get_async_config_data( ssl->conf );
|
||||||
ssl_async_key_slot_t *key_slot = &config_data->slots[ctx->slot];
|
ssl_async_key_slot_t *key_slot = &config_data->slots[ctx->slot];
|
||||||
int ret;
|
int ret;
|
||||||
const char *op_name = NULL;
|
const char *op_name = NULL;
|
||||||
|
@ -1080,11 +1078,9 @@ static int ssl_async_resume( void *config_data_arg,
|
||||||
return( ret );
|
return( ret );
|
||||||
}
|
}
|
||||||
|
|
||||||
static void ssl_async_cancel( void *config_data_arg,
|
static void ssl_async_cancel( mbedtls_ssl_context *ssl )
|
||||||
mbedtls_ssl_context *ssl )
|
|
||||||
{
|
{
|
||||||
ssl_async_operation_context_t *ctx = mbedtls_ssl_async_get_data( ssl );
|
ssl_async_operation_context_t *ctx = mbedtls_ssl_async_get_data( ssl );
|
||||||
(void) config_data_arg;
|
|
||||||
mbedtls_printf( "Async cancel callback.\n" );
|
mbedtls_printf( "Async cancel callback.\n" );
|
||||||
mbedtls_free( ctx );
|
mbedtls_free( ctx );
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue