yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Rename tls13 prefix to fix coding issues

Browse source 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
This commit is contained in:
Jerry Yu 2021-10-11 22:30:19 +08:00
parent 4a1733831e
commit c068b6671e
6 changed files with 51 additions and 50 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

18
library/ecdh.c
View file

@ -806,9 +806,9 @@ int mbedtls_ecdh_setup_no_everest( mbedtls_ecdh_context *ctx,
#endif #endif
} }
static int ecdh_tls1_3_read_public_internal( mbedtls_ecdh_context_mbed *ctx, static int ecdh_tls13_read_public_internal( mbedtls_ecdh_context_mbed *ctx,
const unsigned char *buf, const unsigned char *buf,
size_t blen ) size_t blen )
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
const unsigned char *p = buf; const unsigned char *p = buf;
@ -838,15 +838,15 @@ static int ecdh_tls1_3_read_public_internal( mbedtls_ecdh_context_mbed *ctx,
/* /*
* Parse and import the client's TLS 1.3 public value * Parse and import the client's TLS 1.3 public value
*/ */
int mbedtls_ecdh_tls1_3_read_public( mbedtls_ecdh_context *ctx, int mbedtls_ecdh_tls13_read_public( mbedtls_ecdh_context *ctx,
const unsigned char *buf, const unsigned char *buf,
size_t blen ) size_t blen )
{ {
ECDH_VALIDATE_RET( ctx != NULL ); ECDH_VALIDATE_RET( ctx != NULL );
ECDH_VALIDATE_RET( buf != NULL ); ECDH_VALIDATE_RET( buf != NULL );
#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) #if defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
return( ecdh_tls1_3_read_public_internal( ctx, buf, blen ) ); return( ecdh_tls13_read_public_internal( ctx, buf, blen ) );
#else #else
switch( ctx->var ) switch( ctx->var )
{ {
@ -855,8 +855,8 @@ int mbedtls_ecdh_tls1_3_read_public( mbedtls_ecdh_context *ctx,
return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE ); return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE );
#endif #endif
case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0: case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0:
return( ecdh_tls1_3_read_public_internal( &ctx->ctx.mbed_ecdh, return( ecdh_tls13_read_public_internal( &ctx->ctx.mbed_ecdh,
buf, blen ) ); buf, blen ) );
default: default:
return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
} }

6
library/ecdh_misc.h
View file

@ -46,9 +46,9 @@ int mbedtls_ecdh_tls13_make_params( mbedtls_ecdh_context *ctx, size_t *olen,
/* /*
* TLS 1.3 version of mbedtls_ecdh_read_public in ecdh.h * TLS 1.3 version of mbedtls_ecdh_read_public in ecdh.h
*/ */
int mbedtls_ecdh_tls1_3_read_public( mbedtls_ecdh_context *ctx, int mbedtls_ecdh_tls13_read_public( mbedtls_ecdh_context *ctx,
const unsigned char *buf, const unsigned char *buf,
size_t blen ); size_t blen );
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */

2
library/ssl_misc.h
View file

@ -737,7 +737,7 @@ struct mbedtls_ssl_handshake_params
unsigned char app [MBEDTLS_TLS1_3_MD_MAX_SIZE]; unsigned char app [MBEDTLS_TLS1_3_MD_MAX_SIZE];
} tls1_3_master_secrets; } tls1_3_master_secrets;
mbedtls_ssl_tls1_3_handshake_secrets tls1_3_hs_secrets; mbedtls_ssl_tls1_3_handshake_secrets tls13_hs_secrets;
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#if defined(MBEDTLS_SSL_SESSION_TICKETS) #if defined(MBEDTLS_SSL_SESSION_TICKETS)

45
library/ssl_tls13_client.c
View file

@ -95,9 +95,9 @@ static int ssl_tls13_write_supported_versions_ext( mbedtls_ssl_context *ssl,
return( 0 ); return( 0 );
} }
static int ssl_tls1_3_parse_supported_versions_ext( mbedtls_ssl_context *ssl, static int ssl_tls13_parse_supported_versions_ext( mbedtls_ssl_context *ssl,
const unsigned char *buf, const unsigned char *buf,
size_t buf_len ) size_t buf_len )
{ {
((void) ssl); ((void) ssl);
@ -477,7 +477,7 @@ cleanup:
#if defined(MBEDTLS_ECDH_C) #if defined(MBEDTLS_ECDH_C)
static int ssl_tls1_3_check_ecdh_params( const mbedtls_ssl_context *ssl ) static int ssl_tls13_check_ecdh_params( const mbedtls_ssl_context *ssl )
{ {
const mbedtls_ecp_curve_info *curve_info; const mbedtls_ecp_curve_info *curve_info;
mbedtls_ecp_group_id grp_id; mbedtls_ecp_group_id grp_id;
@ -511,13 +511,13 @@ static int ssl_tls1_3_check_ecdh_params( const mbedtls_ssl_context *ssl )
* *
* The server only provides a single KeyShareEntry. * The server only provides a single KeyShareEntry.
*/ */
static int ssl_tls1_3_read_public_ecdhe_share( mbedtls_ssl_context *ssl, static int ssl_tls13_read_public_ecdhe_share( mbedtls_ssl_context *ssl,
const unsigned char *buf, const unsigned char *buf,
size_t buf_len ) size_t buf_len )
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
ret = mbedtls_ecdh_tls1_3_read_public( &ssl->handshake->ecdh_ctx, ret = mbedtls_ecdh_tls13_read_public( &ssl->handshake->ecdh_ctx,
buf, buf_len ); buf, buf_len );
if( ret != 0 ) if( ret != 0 )
{ {
@ -525,9 +525,9 @@ static int ssl_tls1_3_read_public_ecdhe_share( mbedtls_ssl_context *ssl,
return( ret ); return( ret );
} }
if( ssl_tls1_3_check_ecdh_params( ssl ) != 0 ) if( ssl_tls13_check_ecdh_params( ssl ) != 0 )
{ {
MBEDTLS_SSL_DEBUG_MSG( 1, ( "ssl_tls1_3_check_ecdh_params() failed!" ) ); MBEDTLS_SSL_DEBUG_MSG( 1, ( "ssl_tls13_check_ecdh_params() failed!" ) );
MBEDTLS_SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER, MBEDTLS_SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER,
MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER );
return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER );
@ -579,7 +579,7 @@ static int ssl_tls13_parse_key_share_ext( mbedtls_ssl_context *ssl,
if( mbedtls_ssl_tls13_named_group_is_ecdhe( group ) ) if( mbedtls_ssl_tls13_named_group_is_ecdhe( group ) )
{ {
/* Complete ECDHE key agreement */ /* Complete ECDHE key agreement */
ret = ssl_tls1_3_read_public_ecdhe_share( ssl, p, end - p ); ret = ssl_tls13_read_public_ecdhe_share( ssl, p, end - p );
if( ret != 0 ) if( ret != 0 )
return( ret ); return( ret );
} }
@ -1028,9 +1028,9 @@ static int ssl_tls13_cipher_suite_is_offered( mbedtls_ssl_context *ssl,
* Extension extensions<6..2 ^ 16 - 1>; * Extension extensions<6..2 ^ 16 - 1>;
* } ServerHello; * } ServerHello;
*/ */
static int ssl_tls1_3_parse_server_hello( mbedtls_ssl_context *ssl, static int ssl_tls13_parse_server_hello( mbedtls_ssl_context *ssl,
const unsigned char *buf, const unsigned char *buf,
const unsigned char *end ) const unsigned char *end )
{ {
int ret; int ret;
const unsigned char *p = buf; const unsigned char *p = buf;
@ -1189,7 +1189,7 @@ static int ssl_tls1_3_parse_server_hello( mbedtls_ssl_context *ssl,
MBEDTLS_SSL_DEBUG_MSG( 3, MBEDTLS_SSL_DEBUG_MSG( 3,
( "found supported_versions extension" ) ); ( "found supported_versions extension" ) );
ret = ssl_tls1_3_parse_supported_versions_ext( ssl, ret = ssl_tls13_parse_supported_versions_ext( ssl,
p, extension_data_len ); p, extension_data_len );
if( ret != 0 ) if( ret != 0 )
return( ret ); return( ret );
@ -1236,7 +1236,7 @@ static int ssl_tls1_3_parse_server_hello( mbedtls_ssl_context *ssl,
return( 0 ); return( 0 );
} }
static int ssl_tls1_3_finalize_server_hello( mbedtls_ssl_context *ssl ) static int ssl_tls13_finalize_server_hello( mbedtls_ssl_context *ssl )
{ {
int ret; int ret;
mbedtls_ssl_key_set traffic_keys; mbedtls_ssl_key_set traffic_keys;
@ -1305,11 +1305,11 @@ static int ssl_tls1_3_finalize_server_hello( mbedtls_ssl_context *ssl )
/* Next evolution in key schedule: Establish handshake secret and /* Next evolution in key schedule: Establish handshake secret and
* key material. */ * key material. */
ret = mbedtls_ssl_tls1_3_generate_handshake_keys( ssl, &traffic_keys ); ret = mbedtls_ssl_tls13_generate_handshake_keys( ssl, &traffic_keys );
if( ret != 0 ) if( ret != 0 )
{ {
MBEDTLS_SSL_DEBUG_RET( 1, MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_tls13_generate_handshake_keys",
"mbedtls_ssl_tls1_3_generate_handshake_keys", ret ); ret );
goto cleanup; goto cleanup;
} }
@ -1350,6 +1350,7 @@ cleanup:
{ {
if( transform_handshake != NULL ) if( transform_handshake != NULL )
mbedtls_free( transform_handshake ); mbedtls_free( transform_handshake );
MBEDTLS_SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_PEND_FATAL_ALERT(
MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE, MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE,
MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE );
@ -1385,14 +1386,14 @@ static int ssl_tls1_3_process_server_hello( mbedtls_ssl_context *ssl )
*/ */
if( ret == SSL_SERVER_HELLO_COORDINATE_HELLO ) if( ret == SSL_SERVER_HELLO_COORDINATE_HELLO )
{ {
MBEDTLS_SSL_PROC_CHK( ssl_tls1_3_parse_server_hello( ssl, buf, MBEDTLS_SSL_PROC_CHK( ssl_tls13_parse_server_hello( ssl, buf,
buf + buf_len ) ); buf + buf_len ) );
mbedtls_ssl_tls1_3_add_hs_msg_to_checksum( ssl, mbedtls_ssl_tls1_3_add_hs_msg_to_checksum( ssl,
MBEDTLS_SSL_HS_SERVER_HELLO, MBEDTLS_SSL_HS_SERVER_HELLO,
buf, buf_len ); buf, buf_len );
MBEDTLS_SSL_PROC_CHK( ssl_tls1_3_finalize_server_hello( ssl ) ); MBEDTLS_SSL_PROC_CHK( ssl_tls13_finalize_server_hello( ssl ) );
} }
else if( ret == SSL_SERVER_HELLO_COORDINATE_HRR ) else if( ret == SSL_SERVER_HELLO_COORDINATE_HRR )
{ {

24
library/ssl_tls13_keys.c
View file

@ -847,10 +847,10 @@ int mbedtls_ssl_tls1_3_key_schedule_stage_early( mbedtls_ssl_context *ssl )
return( 0 ); return( 0 );
} }
/* mbedtls_ssl_tls1_3_generate_handshake_keys() generates keys necessary for /* mbedtls_ssl_tls13_generate_handshake_keys() generates keys necessary for
* protecting the handshake messages, as described in Section 7 of TLS 1.3. */ * protecting the handshake messages, as described in Section 7 of TLS 1.3. */
int mbedtls_ssl_tls1_3_generate_handshake_keys( mbedtls_ssl_context *ssl, int mbedtls_ssl_tls13_generate_handshake_keys( mbedtls_ssl_context *ssl,
mbedtls_ssl_key_set *traffic_keys ) mbedtls_ssl_key_set *traffic_keys )
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
@ -864,7 +864,7 @@ int mbedtls_ssl_tls1_3_generate_handshake_keys( mbedtls_ssl_context *ssl,
mbedtls_cipher_info_t const *cipher_info; mbedtls_cipher_info_t const *cipher_info;
size_t keylen, ivlen; size_t keylen, ivlen;
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> mbedtls_ssl_tls1_3_generate_handshake_keys" ) ); MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> mbedtls_ssl_tls13_generate_handshake_keys" ) );
cipher_info = mbedtls_cipher_info_from_type( cipher_info = mbedtls_cipher_info_from_type(
ssl->handshake->ciphersuite_info->cipher ); ssl->handshake->ciphersuite_info->cipher );
@ -890,7 +890,7 @@ int mbedtls_ssl_tls1_3_generate_handshake_keys( mbedtls_ssl_context *ssl,
ret = mbedtls_ssl_tls1_3_derive_handshake_secrets( md_type, ret = mbedtls_ssl_tls1_3_derive_handshake_secrets( md_type,
ssl->handshake->tls1_3_master_secrets.handshake, ssl->handshake->tls1_3_master_secrets.handshake,
transcript, transcript_len, transcript, transcript_len,
&ssl->handshake->tls1_3_hs_secrets ); &ssl->handshake->tls13_hs_secrets );
if( ret != 0 ) if( ret != 0 )
{ {
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_tls1_3_derive_handshake_secrets", MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_tls1_3_derive_handshake_secrets",
@ -899,11 +899,11 @@ int mbedtls_ssl_tls1_3_generate_handshake_keys( mbedtls_ssl_context *ssl,
} }
MBEDTLS_SSL_DEBUG_BUF( 4, "Client handshake traffic secret", MBEDTLS_SSL_DEBUG_BUF( 4, "Client handshake traffic secret",
ssl->handshake->tls1_3_hs_secrets.client_handshake_traffic_secret, ssl->handshake->tls13_hs_secrets.client_handshake_traffic_secret,
md_size ); md_size );
MBEDTLS_SSL_DEBUG_BUF( 4, "Server handshake traffic secret", MBEDTLS_SSL_DEBUG_BUF( 4, "Server handshake traffic secret",
ssl->handshake->tls1_3_hs_secrets.server_handshake_traffic_secret, ssl->handshake->tls13_hs_secrets.server_handshake_traffic_secret,
md_size ); md_size );
/* /*
@ -914,7 +914,7 @@ int mbedtls_ssl_tls1_3_generate_handshake_keys( mbedtls_ssl_context *ssl,
{ {
ssl->f_export_keys( ssl->p_export_keys, ssl->f_export_keys( ssl->p_export_keys,
MBEDTLS_SSL_KEY_EXPORT_TLS13_CLIENT_HANDSHAKE_TRAFFIC_SECRET, MBEDTLS_SSL_KEY_EXPORT_TLS13_CLIENT_HANDSHAKE_TRAFFIC_SECRET,
ssl->handshake->tls1_3_hs_secrets.client_handshake_traffic_secret, ssl->handshake->tls13_hs_secrets.client_handshake_traffic_secret,
md_size, md_size,
ssl->handshake->randbytes + 32, ssl->handshake->randbytes + 32,
ssl->handshake->randbytes, ssl->handshake->randbytes,
@ -922,7 +922,7 @@ int mbedtls_ssl_tls1_3_generate_handshake_keys( mbedtls_ssl_context *ssl,
ssl->f_export_keys( ssl->p_export_keys, ssl->f_export_keys( ssl->p_export_keys,
MBEDTLS_SSL_KEY_EXPORT_TLS13_SERVER_HANDSHAKE_TRAFFIC_SECRET, MBEDTLS_SSL_KEY_EXPORT_TLS13_SERVER_HANDSHAKE_TRAFFIC_SECRET,
ssl->handshake->tls1_3_hs_secrets.server_handshake_traffic_secret, ssl->handshake->tls13_hs_secrets.server_handshake_traffic_secret,
md_size, md_size,
ssl->handshake->randbytes + 32, ssl->handshake->randbytes + 32,
ssl->handshake->randbytes, ssl->handshake->randbytes,
@ -931,8 +931,8 @@ int mbedtls_ssl_tls1_3_generate_handshake_keys( mbedtls_ssl_context *ssl,
#endif /* MBEDTLS_SSL_EXPORT_KEYS */ #endif /* MBEDTLS_SSL_EXPORT_KEYS */
ret = mbedtls_ssl_tls1_3_make_traffic_keys( md_type, ret = mbedtls_ssl_tls1_3_make_traffic_keys( md_type,
ssl->handshake->tls1_3_hs_secrets.client_handshake_traffic_secret, ssl->handshake->tls13_hs_secrets.client_handshake_traffic_secret,
ssl->handshake->tls1_3_hs_secrets.server_handshake_traffic_secret, ssl->handshake->tls13_hs_secrets.server_handshake_traffic_secret,
md_size, md_size,
keylen, ivlen, traffic_keys ); keylen, ivlen, traffic_keys );
if( ret != 0 ) if( ret != 0 )
@ -957,7 +957,7 @@ int mbedtls_ssl_tls1_3_generate_handshake_keys( mbedtls_ssl_context *ssl,
traffic_keys->server_write_iv, traffic_keys->server_write_iv,
traffic_keys->iv_len); traffic_keys->iv_len);
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= mbedtls_ssl_tls1_3_generate_handshake_keys" ) ); MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= mbedtls_ssl_tls13_generate_handshake_keys" ) );
exit: exit:

6
library/ssl_tls13_keys.h
View file

@ -539,7 +539,7 @@ int mbedtls_ssl_tls1_3_key_schedule_stage_early( mbedtls_ssl_context *ssl );
* with states Initial -> Early -> Handshake -> Application, and * with states Initial -> Early -> Handshake -> Application, and
* this function represents the Early -> Handshake transition. * this function represents the Early -> Handshake transition.
* *
* In the handshake stage, mbedtls_ssl_tls1_3_generate_handshake_keys() * In the handshake stage, mbedtls_ssl_tls13_generate_handshake_keys()
* can be used to derive the handshake traffic keys. * can be used to derive the handshake traffic keys.
* *
* \param ssl The SSL context to operate on. This must be in key schedule * \param ssl The SSL context to operate on. This must be in key schedule
@ -562,7 +562,7 @@ int mbedtls_ssl_tls13_key_schedule_stage_handshake( mbedtls_ssl_context *ssl );
* \returns \c 0 on success. * \returns \c 0 on success.
* \returns A negative error code on failure. * \returns A negative error code on failure.
*/ */
int mbedtls_ssl_tls1_3_generate_handshake_keys( mbedtls_ssl_context *ssl, int mbedtls_ssl_tls13_generate_handshake_keys( mbedtls_ssl_context *ssl,
mbedtls_ssl_key_set *traffic_keys ); mbedtls_ssl_key_set *traffic_keys );
#endif /* MBEDTLS_SSL_TLS1_3_KEYS_H */ #endif /* MBEDTLS_SSL_TLS1_3_KEYS_H */