lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-08-08 17:42:09 +03:00
Code Activity

Update code base on comments

Browse Source 
Move reset transcript for hrr to generic
Reset SHA256 or SHA384 other than both
Rename message layer reset
Add check log for hrr parse successfully

Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
This commit is contained in:
XiaokangQian
2022-01-19 06:56:30 +00:00
parent 53f20b71c5
commit 78b1fa7e81
5 changed files with 127 additions and 126 deletions
Download Patch File Download Diff File Expand all files Collapse all files

105
library/ssl_tls13_generic.c
View File

@@ -1128,6 +1128,111 @@ cleanup:
#endif /* MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE */
static int ssl_hash_transcript_core( mbedtls_ssl_context *ssl,
mbedtls_md_type_t md,
unsigned char *transcript,
size_t len,
size_t *olen )
{
int ret;
size_t hash_size;
if( len < 4 )
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
ret = mbedtls_ssl_get_handshake_transcript( ssl, md,
transcript + 4,
len - 4,
&hash_size );
if( ret != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 4, "mbedtls_ssl_get_handshake_transcript", ret );
return( ret );
}
transcript[0] = MBEDTLS_SSL_HS_MESSAGE_HASH;
transcript[1] = 0;
transcript[2] = 0;
transcript[3] = (unsigned char) hash_size;
*olen = 4 + hash_size;
return( 0 );
}
/* Reset SSL context and update hash for handling HRR.
*
* Replace Transcript-Hash(X) by
* Transcript-Hash( message_hash ||
* 00 00 Hash.length ||
* X )
* A few states of the handshake are preserved, including:
* - session ID
* - session ticket
* - negotiated ciphersuite
*/
int mbedtls_ssl_reset_transcript_for_hrr( mbedtls_ssl_context *ssl )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
unsigned char hash_transcript[ MBEDTLS_MD_MAX_SIZE + 4 ];
size_t hash_olen;
const mbedtls_ssl_ciphersuite_t *ciphersuite_info;
uint16_t cipher_suite = ssl->session_negotiate->ciphersuite;
ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( cipher_suite );
MBEDTLS_SSL_DEBUG_MSG( 3, ( "Reset SSL session for HRR" ) );
if( ciphersuite_info->mac == MBEDTLS_MD_SHA256 )
{
#if defined(MBEDTLS_SHA256_C)
ret = ssl_hash_transcript_core( ssl, MBEDTLS_MD_SHA256,
hash_transcript,
sizeof( hash_transcript ),
&hash_olen );
if( ret != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 4, "ssl_hash_transcript_core", ret );
return( ret );
}
MBEDTLS_SSL_DEBUG_BUF( 4, "Truncated SHA-256 handshake transcript",
hash_transcript, hash_olen );
#if defined(MBEDTLS_USE_PSA_CRYPTO)
psa_hash_abort( &ssl->handshake->fin_sha256_psa );
psa_hash_setup( &ssl->handshake->fin_sha256_psa, PSA_ALG_SHA_256 );
#else
mbedtls_sha256_starts( &ssl->handshake->fin_sha256, 0 );
#endif
ssl->handshake->update_checksum( ssl, hash_transcript, hash_olen );
#endif /* MBEDTLS_SHA256_C */
}
else if( ciphersuite_info->mac == MBEDTLS_MD_SHA384 )
{
#if defined(MBEDTLS_SHA384_C)
ret = ssl_hash_transcript_core( ssl, MBEDTLS_MD_SHA384,
hash_transcript,
sizeof( hash_transcript ),
&hash_olen );
if( ret != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 4, "ssl_hash_transcript_core", ret );
return( ret );
}
MBEDTLS_SSL_DEBUG_BUF( 4, "Truncated SHA-384 handshake transcript",
hash_transcript, hash_olen );
#if defined(MBEDTLS_USE_PSA_CRYPTO)
psa_hash_abort( &ssl->handshake->fin_sha384_psa );
psa_hash_setup( &ssl->handshake->fin_sha384_psa, PSA_ALG_SHA_384 );
#else
mbedtls_sha512_starts( &ssl->handshake->fin_sha512, 1 );
#endif
ssl->handshake->update_checksum( ssl, hash_transcript, hash_olen );
#endif /* MBEDTLS_SHA384_C */
}
return( ret );
}
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
#endif /* MBEDTLS_SSL_TLS_C */