fix psk only build fail
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
This commit is contained in:
parent
72637c734b
commit
90f152dfac
3 changed files with 13 additions and 17 deletions
|
@ -1735,6 +1735,7 @@ int mbedtls_ssl_tls13_start_handshake_msg( mbedtls_ssl_context *ssl,
|
||||||
*/
|
*/
|
||||||
int mbedtls_ssl_tls13_process_certificate( mbedtls_ssl_context *ssl );
|
int mbedtls_ssl_tls13_process_certificate( mbedtls_ssl_context *ssl );
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
|
||||||
/*
|
/*
|
||||||
* Handler of TLS 1.3 write certificate message
|
* Handler of TLS 1.3 write certificate message
|
||||||
*/
|
*/
|
||||||
|
@ -1744,6 +1745,9 @@ int mbedtls_ssl_tls13_write_certificate( mbedtls_ssl_context *ssl );
|
||||||
* Handler of TLS 1.3 write certificate verify message
|
* Handler of TLS 1.3 write certificate verify message
|
||||||
*/
|
*/
|
||||||
int mbedtls_ssl_tls13_write_certificate_verify( mbedtls_ssl_context *ssl );
|
int mbedtls_ssl_tls13_write_certificate_verify( mbedtls_ssl_context *ssl );
|
||||||
|
|
||||||
|
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Generic handler of Certificate Verify
|
* Generic handler of Certificate Verify
|
||||||
*/
|
*/
|
||||||
|
|
|
@ -1943,6 +1943,7 @@ static int ssl_tls13_write_change_cipher_spec( mbedtls_ssl_context *ssl )
|
||||||
}
|
}
|
||||||
#endif /* MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE */
|
#endif /* MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE */
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
|
||||||
/*
|
/*
|
||||||
* Handler for MBEDTLS_SSL_CLIENT_CERTIFICATE
|
* Handler for MBEDTLS_SSL_CLIENT_CERTIFICATE
|
||||||
*/
|
*/
|
||||||
|
@ -1962,6 +1963,7 @@ static int ssl_tls13_write_client_certificate_verify( mbedtls_ssl_context *ssl )
|
||||||
{
|
{
|
||||||
return( mbedtls_ssl_tls13_write_certificate_verify( ssl ) );
|
return( mbedtls_ssl_tls13_write_certificate_verify( ssl ) );
|
||||||
}
|
}
|
||||||
|
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Handler for MBEDTLS_SSL_CLIENT_FINISHED
|
* Handler for MBEDTLS_SSL_CLIENT_FINISHED
|
||||||
|
@ -2057,6 +2059,7 @@ int mbedtls_ssl_tls13_handshake_client_step( mbedtls_ssl_context *ssl )
|
||||||
ret = ssl_tls13_process_server_finished( ssl );
|
ret = ssl_tls13_process_server_finished( ssl );
|
||||||
break;
|
break;
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
|
||||||
case MBEDTLS_SSL_CLIENT_CERTIFICATE:
|
case MBEDTLS_SSL_CLIENT_CERTIFICATE:
|
||||||
ret = ssl_tls13_write_client_certificate( ssl );
|
ret = ssl_tls13_write_client_certificate( ssl );
|
||||||
break;
|
break;
|
||||||
|
@ -2064,7 +2067,7 @@ int mbedtls_ssl_tls13_handshake_client_step( mbedtls_ssl_context *ssl )
|
||||||
case MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY:
|
case MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY:
|
||||||
ret = ssl_tls13_write_client_certificate_verify( ssl );
|
ret = ssl_tls13_write_client_certificate_verify( ssl );
|
||||||
break;
|
break;
|
||||||
|
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
|
||||||
|
|
||||||
case MBEDTLS_SSL_CLIENT_FINISHED:
|
case MBEDTLS_SSL_CLIENT_FINISHED:
|
||||||
ret = ssl_tls13_write_client_finished( ssl );
|
ret = ssl_tls13_write_client_finished( ssl );
|
||||||
|
|
|
@ -846,6 +846,7 @@ cleanup:
|
||||||
#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
|
#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
|
||||||
return( ret );
|
return( ret );
|
||||||
}
|
}
|
||||||
|
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* STATE HANDLING: Output Certificate
|
* STATE HANDLING: Output Certificate
|
||||||
|
@ -862,7 +863,6 @@ cleanup:
|
||||||
#define SSL_WRITE_CERTIFICATE_AVAILABLE 0
|
#define SSL_WRITE_CERTIFICATE_AVAILABLE 0
|
||||||
#define SSL_WRITE_CERTIFICATE_SKIP 1
|
#define SSL_WRITE_CERTIFICATE_SKIP 1
|
||||||
|
|
||||||
|
|
||||||
static int ssl_tls13_write_certificate_coordinate( mbedtls_ssl_context* ssl )
|
static int ssl_tls13_write_certificate_coordinate( mbedtls_ssl_context* ssl )
|
||||||
{
|
{
|
||||||
|
|
||||||
|
@ -873,7 +873,6 @@ static int ssl_tls13_write_certificate_coordinate( mbedtls_ssl_context* ssl )
|
||||||
return( SSL_WRITE_CERTIFICATE_SKIP );
|
return( SSL_WRITE_CERTIFICATE_SKIP );
|
||||||
}
|
}
|
||||||
|
|
||||||
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
|
|
||||||
#if defined(MBEDTLS_SSL_CLI_C)
|
#if defined(MBEDTLS_SSL_CLI_C)
|
||||||
if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT )
|
if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT )
|
||||||
{
|
{
|
||||||
|
@ -893,13 +892,9 @@ static int ssl_tls13_write_certificate_coordinate( mbedtls_ssl_context* ssl )
|
||||||
#endif /* MBEDTLS_SSL_CLI_C */
|
#endif /* MBEDTLS_SSL_CLI_C */
|
||||||
|
|
||||||
return( SSL_WRITE_CERTIFICATE_AVAILABLE );
|
return( SSL_WRITE_CERTIFICATE_AVAILABLE );
|
||||||
#else /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
|
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
|
|
||||||
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
|
|
||||||
#endif /* !MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
|
|
||||||
}
|
}
|
||||||
|
|
||||||
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
|
|
||||||
static int ssl_tls13_write_certificate( mbedtls_ssl_context *ssl,
|
static int ssl_tls13_write_certificate( mbedtls_ssl_context *ssl,
|
||||||
unsigned char *buf,
|
unsigned char *buf,
|
||||||
size_t buflen,
|
size_t buflen,
|
||||||
|
@ -978,7 +973,6 @@ static int ssl_tls13_write_certificate( mbedtls_ssl_context *ssl,
|
||||||
|
|
||||||
return( 0 );
|
return( 0 );
|
||||||
}
|
}
|
||||||
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
|
|
||||||
|
|
||||||
/* Update the state after handling the outgoing certificate message. */
|
/* Update the state after handling the outgoing certificate message. */
|
||||||
static int ssl_tls13_finalize_write_certificate( mbedtls_ssl_context* ssl )
|
static int ssl_tls13_finalize_write_certificate( mbedtls_ssl_context* ssl )
|
||||||
|
@ -1003,7 +997,6 @@ int mbedtls_ssl_tls13_write_certificate( mbedtls_ssl_context* ssl )
|
||||||
/* Coordination: Check if we need to send a certificate. */
|
/* Coordination: Check if we need to send a certificate. */
|
||||||
MBEDTLS_SSL_PROC_CHK_NEG( ssl_tls13_write_certificate_coordinate( ssl ) );
|
MBEDTLS_SSL_PROC_CHK_NEG( ssl_tls13_write_certificate_coordinate( ssl ) );
|
||||||
|
|
||||||
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
|
|
||||||
if( ret == SSL_WRITE_CERTIFICATE_AVAILABLE )
|
if( ret == SSL_WRITE_CERTIFICATE_AVAILABLE )
|
||||||
{
|
{
|
||||||
unsigned char *buf;
|
unsigned char *buf;
|
||||||
|
@ -1025,7 +1018,6 @@ int mbedtls_ssl_tls13_write_certificate( mbedtls_ssl_context* ssl )
|
||||||
ssl, buf_len, msg_len ) );
|
ssl, buf_len, msg_len ) );
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
|
|
||||||
{
|
{
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate" ) );
|
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate" ) );
|
||||||
MBEDTLS_SSL_PROC_CHK( ssl_tls13_finalize_write_certificate( ssl ) );
|
MBEDTLS_SSL_PROC_CHK( ssl_tls13_finalize_write_certificate( ssl ) );
|
||||||
|
@ -1080,12 +1072,12 @@ static int ssl_tls13_write_certificate_verify_coordinate(
|
||||||
return( SSL_WRITE_CERTIFICATE_VERIFY_SEND );
|
return( SSL_WRITE_CERTIFICATE_VERIFY_SEND );
|
||||||
#else /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
|
#else /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
|
MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
|
||||||
|
((void) crt);
|
||||||
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
|
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
|
||||||
|
|
||||||
#endif /* !MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
|
#endif /* !MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
|
||||||
}
|
}
|
||||||
|
|
||||||
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
|
|
||||||
static int ssl_tls13_write_certificate_verify_body( mbedtls_ssl_context* ssl,
|
static int ssl_tls13_write_certificate_verify_body( mbedtls_ssl_context* ssl,
|
||||||
unsigned char* buf,
|
unsigned char* buf,
|
||||||
size_t buflen,
|
size_t buflen,
|
||||||
|
@ -1105,8 +1097,6 @@ static int ssl_tls13_write_certificate_verify_body( mbedtls_ssl_context* ssl,
|
||||||
size_t handshake_hash_len;
|
size_t handshake_hash_len;
|
||||||
unsigned char *p;
|
unsigned char *p;
|
||||||
const mbedtls_md_info_t *md_info;
|
const mbedtls_md_info_t *md_info;
|
||||||
/* Verify whether we can use signature algorithm */
|
|
||||||
// int signature_scheme_client;
|
|
||||||
unsigned char * const end = buf + buflen;
|
unsigned char * const end = buf + buflen;
|
||||||
|
|
||||||
p = buf;
|
p = buf;
|
||||||
|
@ -1182,8 +1172,6 @@ static int ssl_tls13_write_certificate_verify_body( mbedtls_ssl_context* ssl,
|
||||||
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
|
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
|
||||||
}
|
}
|
||||||
|
|
||||||
// signature_scheme_client = MBEDTLS_TLS1_3_SIG_NONE;
|
|
||||||
|
|
||||||
if( !mbedtls_ssl_sig_alg_is_received( ssl, sig_alg ) )
|
if( !mbedtls_ssl_sig_alg_is_received( ssl, sig_alg ) )
|
||||||
{
|
{
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
|
MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
|
||||||
|
@ -1223,7 +1211,6 @@ static int ssl_tls13_write_certificate_verify_body( mbedtls_ssl_context* ssl,
|
||||||
MBEDTLS_SSL_DEBUG_BUF( 3, "xverify hash", buf, *olen );
|
MBEDTLS_SSL_DEBUG_BUF( 3, "xverify hash", buf, *olen );
|
||||||
return( ret );
|
return( ret );
|
||||||
}
|
}
|
||||||
#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
|
|
||||||
|
|
||||||
static int ssl_tls13_finalize_certificate_verify( mbedtls_ssl_context* ssl )
|
static int ssl_tls13_finalize_certificate_verify( mbedtls_ssl_context* ssl )
|
||||||
{
|
{
|
||||||
|
@ -1279,6 +1266,8 @@ cleanup:
|
||||||
return( ret );
|
return( ret );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
|
||||||
|
|
||||||
/*
|
/*
|
||||||
*
|
*
|
||||||
* STATE HANDLING: Incoming Finished message.
|
* STATE HANDLING: Incoming Finished message.
|
||||||
|
|
Loading…
Reference in a new issue