mirror of
https://github.com/yuzu-emu/mbedtls
synced 2024-11-24 23:48:09 +00:00
More *-PSK refactoring
This commit is contained in:
Manuel Pégourié-Gonnard
parent
bd1ae24449
commit
72fb62daa2
1 changed files with 65 additions and 90 deletions
|
|
@ -1802,15 +1802,17 @@ static int ssl_write_client_key_exchange( ssl_context *ssl )
|
|||
else
|
||||
#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED ||
|
||||
POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
|
||||
#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED)
|
||||
if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK )
|
||||
#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) || \
|
||||
defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) || \
|
||||
defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
|
||||
if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK ||
|
||||
ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK ||
|
||||
ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK )
|
||||
{
|
||||
/*
|
||||
* PSK key exchange
|
||||
*
|
||||
* opaque psk_identity<0..2^16-1>;
|
||||
*/
|
||||
if( ssl->psk == NULL )
|
||||
if( ssl->psk == NULL || ssl->psk_identity == NULL )
|
||||
return( POLARSSL_ERR_SSL_PRIVATE_KEY_REQUIRED );
|
||||
|
||||
i = 4;
|
||||
|
|
@ -1821,35 +1823,19 @@ static int ssl_write_client_key_exchange( ssl_context *ssl )
|
|||
memcpy( ssl->out_msg + i, ssl->psk_identity, ssl->psk_identity_len );
|
||||
i += ssl->psk_identity_len;
|
||||
|
||||
if( ( ret = ssl_psk_derive_premaster( ssl,
|
||||
ciphersuite_info->key_exchange ) ) != 0 )
|
||||
#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED)
|
||||
if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK )
|
||||
{
|
||||
SSL_DEBUG_RET( 1, "ssl_psk_derive_premaster", ret );
|
||||
return( ret );
|
||||
}
|
||||
n = 0;
|
||||
}
|
||||
else
|
||||
#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED */
|
||||
#endif
|
||||
#if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED)
|
||||
if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK )
|
||||
{
|
||||
/*
|
||||
* DHE_PSK key exchange
|
||||
*
|
||||
* opaque psk_identity<0..2^16-1>;
|
||||
* ClientDiffieHellmanPublic public (DHM send G^X mod P)
|
||||
*/
|
||||
if( ssl->psk == NULL )
|
||||
return( POLARSSL_ERR_SSL_PRIVATE_KEY_REQUIRED );
|
||||
|
||||
i = 4;
|
||||
n = ssl->psk_identity_len;
|
||||
ssl->out_msg[i++] = (unsigned char)( n >> 8 );
|
||||
ssl->out_msg[i++] = (unsigned char)( n );
|
||||
|
||||
memcpy( ssl->out_msg + i, ssl->psk_identity, ssl->psk_identity_len );
|
||||
i += ssl->psk_identity_len;
|
||||
|
||||
n = ssl->handshake->dhm_ctx.len;
|
||||
ssl->out_msg[i++] = (unsigned char)( n >> 8 );
|
||||
ssl->out_msg[i++] = (unsigned char)( n );
|
||||
|
|
@ -1863,13 +1849,6 @@ static int ssl_write_client_key_exchange( ssl_context *ssl )
|
|||
SSL_DEBUG_RET( 1, "dhm_make_public", ret );
|
||||
return( ret );
|
||||
}
|
||||
|
||||
if( ( ret = ssl_psk_derive_premaster( ssl,
|
||||
ciphersuite_info->key_exchange ) ) != 0 )
|
||||
{
|
||||
SSL_DEBUG_RET( 1, "ssl_psk_derive_premaster", ret );
|
||||
return( ret );
|
||||
}
|
||||
}
|
||||
else
|
||||
#endif /* POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */
|
||||
|
|
@ -1877,21 +1856,8 @@ static int ssl_write_client_key_exchange( ssl_context *ssl )
|
|||
if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK )
|
||||
{
|
||||
/*
|
||||
* ECDHE_PSK key exchange: RFC 5489, section 2
|
||||
*
|
||||
* opaque psk_identity<0..2^16-1>;
|
||||
* ClientECDiffieHellmanPublic public;
|
||||
*/
|
||||
if( ssl->psk == NULL )
|
||||
return( POLARSSL_ERR_SSL_PRIVATE_KEY_REQUIRED );
|
||||
|
||||
i = 4;
|
||||
ssl->out_msg[i++] = (unsigned char)( ssl->psk_identity_len >> 8 );
|
||||
ssl->out_msg[i++] = (unsigned char)( ssl->psk_identity_len );
|
||||
|
||||
memcpy( ssl->out_msg + i, ssl->psk_identity, ssl->psk_identity_len );
|
||||
i += ssl->psk_identity_len;
|
||||
|
||||
ret = ecdh_make_public( &ssl->handshake->ecdh_ctx, &n,
|
||||
&ssl->out_msg[i], SSL_MAX_CONTENT_LEN - i,
|
||||
ssl->f_rng, ssl->p_rng );
|
||||
|
|
@ -1902,6 +1868,13 @@ static int ssl_write_client_key_exchange( ssl_context *ssl )
|
|||
}
|
||||
|
||||
SSL_DEBUG_ECP( 3, "ECDH: Q", &ssl->handshake->ecdh_ctx.Q );
|
||||
}
|
||||
else
|
||||
#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
|
||||
{
|
||||
SSL_DEBUG_MSG( 1, ( "should never happen" ) );
|
||||
return( POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE );
|
||||
}
|
||||
|
||||
if( ( ret = ssl_psk_derive_premaster( ssl,
|
||||
ciphersuite_info->key_exchange ) ) != 0 )
|
||||
|
|
@ -1911,7 +1884,9 @@ static int ssl_write_client_key_exchange( ssl_context *ssl )
|
|||
}
|
||||
}
|
||||
else
|
||||
#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
|
||||
#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED ||
|
||||
POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED ||
|
||||
POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
|
||||
#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED)
|
||||
if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA )
|
||||
{
|
||||
|
|
|
|||
Loading…
Reference in a new issue