tls: Use the same function in TLS 1.2 and 1.3 to check PSK conf
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
This commit is contained in:
Ronald Cron
parent
2a87e9bf83
commit
d29e13eb1b
4 changed files with 18 additions and 38 deletions
|
|
@ -1366,7 +1366,8 @@ MBEDTLS_CHECK_RETURN_CRITICAL
|
|||
int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl,
|
||||
mbedtls_key_exchange_type_t key_ex );
|
||||
#endif /* !MBEDTLS_USE_PSA_CRYPTO */
|
||||
#if defined(MBEDTLS_SSL_CLI_C) && defined(MBEDTLS_SSL_PROTO_TLS1_2)
|
||||
|
||||
#if defined(MBEDTLS_SSL_CLI_C)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_conf_has_static_psk( mbedtls_ssl_config const *conf );
|
||||
#endif
|
||||
|
|
|
|||
|
|
@ -1600,15 +1600,20 @@ int mbedtls_ssl_set_hs_ecjpake_password( mbedtls_ssl_context *ssl,
|
|||
#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
|
||||
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_conf_psk_is_configured( mbedtls_ssl_config const *conf )
|
||||
int mbedtls_ssl_conf_has_static_psk( mbedtls_ssl_config const *conf )
|
||||
{
|
||||
if( conf->psk_identity == NULL ||
|
||||
conf->psk_identity_len == 0 )
|
||||
{
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||
if( ! mbedtls_svc_key_id_is_null( conf->psk_opaque ) )
|
||||
return( 1 );
|
||||
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
||||
if( conf->psk != NULL )
|
||||
|
||||
if( conf->psk != NULL && conf->psk_len != 0 )
|
||||
return( 1 );
|
||||
|
||||
return( 0 );
|
||||
|
|
@ -1678,7 +1683,7 @@ int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf,
|
|||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
||||
/* We currently only support one PSK, raw or opaque. */
|
||||
if( ssl_conf_psk_is_configured( conf ) )
|
||||
if( mbedtls_ssl_conf_has_static_psk( conf ) )
|
||||
return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
|
||||
|
||||
/* Check and set raw PSK */
|
||||
|
|
@ -1796,7 +1801,7 @@ int mbedtls_ssl_conf_psk_opaque( mbedtls_ssl_config *conf,
|
|||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
||||
/* We currently only support one PSK, raw or opaque. */
|
||||
if( ssl_conf_psk_is_configured( conf ) )
|
||||
if( mbedtls_ssl_conf_has_static_psk( conf ) )
|
||||
return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
|
||||
|
||||
/* Check and set opaque PSK */
|
||||
|
|
|
|||
|
|
@ -49,27 +49,6 @@
|
|||
|
||||
#include "hash_info.h"
|
||||
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
|
||||
int mbedtls_ssl_conf_has_static_psk( mbedtls_ssl_config const *conf )
|
||||
{
|
||||
if( conf->psk_identity == NULL ||
|
||||
conf->psk_identity_len == 0 )
|
||||
{
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||
if( ! mbedtls_svc_key_id_is_null( conf->psk_opaque ) )
|
||||
return( 1 );
|
||||
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
||||
|
||||
if( conf->psk != NULL && conf->psk_len != 0 )
|
||||
return( 1 );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
|
||||
|
||||
#if defined(MBEDTLS_SSL_RENEGOTIATION)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_write_renegotiation_ext( mbedtls_ssl_context *ssl,
|
||||
|
|
|
|||
|
|
@ -728,11 +728,6 @@ static int ssl_tls13_ticket_get_psk( mbedtls_ssl_context *ssl,
|
|||
}
|
||||
#endif /* MBEDTLS_SSL_SESSION_TICKETS */
|
||||
|
||||
static int ssl_tls13_has_configured_psk( const mbedtls_ssl_config *conf )
|
||||
{
|
||||
return( conf->psk != NULL && conf->psk_identity != NULL );
|
||||
}
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_psk_get_identity( mbedtls_ssl_context *ssl,
|
||||
psa_algorithm_t *hash_alg,
|
||||
|
|
@ -740,7 +735,7 @@ static int ssl_tls13_psk_get_identity( mbedtls_ssl_context *ssl,
|
|||
size_t *identity_len )
|
||||
{
|
||||
|
||||
if( !ssl_tls13_has_configured_psk( ssl->conf ) )
|
||||
if( !mbedtls_ssl_conf_has_static_psk( ssl->conf ) )
|
||||
return( -1 );
|
||||
|
||||
*hash_alg = PSA_ALG_SHA_256;
|
||||
|
|
@ -756,7 +751,7 @@ static int ssl_tls13_psk_get_psk( mbedtls_ssl_context *ssl,
|
|||
size_t *psk_len )
|
||||
{
|
||||
|
||||
if( !ssl_tls13_has_configured_psk( ssl->conf ) )
|
||||
if( !mbedtls_ssl_conf_has_static_psk( ssl->conf ) )
|
||||
return( -1 );
|
||||
|
||||
*hash_alg = PSA_ALG_SHA_256;
|
||||
|
|
@ -775,7 +770,7 @@ static int ssl_tls13_get_configured_psk_count( mbedtls_ssl_context *ssl )
|
|||
configured_psk_count++;
|
||||
}
|
||||
#endif
|
||||
if( ssl_tls13_has_configured_psk( ssl->conf ) )
|
||||
if( mbedtls_ssl_conf_has_static_psk( ssl->conf ) )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 3, ( "PSK is configured" ) );
|
||||
configured_psk_count++;
|
||||
|
|
@ -1094,7 +1089,7 @@ static int ssl_tls13_parse_server_pre_shared_key_ext( mbedtls_ssl_context *ssl,
|
|||
}
|
||||
else
|
||||
#endif
|
||||
if( ssl_tls13_has_configured_psk( ssl->conf ) )
|
||||
if( mbedtls_ssl_conf_has_static_psk( ssl->conf ) )
|
||||
{
|
||||
ret = ssl_tls13_psk_get_psk( ssl, &hash_alg, &psk, &psk_len );
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue