lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-29 11:41:15 +03:00
Code Activity

tls12: psa_pake: use proper defines for the output size of each step in ECJPAKE

Browse Source 
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
This commit is contained in:
Valerio Setti
2022-11-15 16:39:55 +01:00
parent 02c25b5f83
commit fbbc1f3812
1 changed files with 15 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
library/ssl_misc.h
View File

@ -2366,6 +2366,18 @@ static inline int psa_ssl_status_to_mbedtls( psa_status_t status )
#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) && \ #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) && \
defined(MBEDTLS_USE_PSA_CRYPTO) defined(MBEDTLS_USE_PSA_CRYPTO)
/* Currently JPAKE only supports elliptic curve secp256r1 */
#define MBEDTLS_SSL_ECJPAKE_PSA_PRIMITIVE \
PSA_PAKE_PRIMITIVE( PSA_PAKE_PRIMITIVE_TYPE_ECC, \
PSA_ECC_FAMILY_SECP_R1, 256 )
/* Expected output data size for each "step" of EC-JPAKE key echange */
#define MBEDTLS_SSL_ECJPAKE_OUTPUT_SIZE( step ) \
PSA_PAKE_OUTPUT_SIZE( PSA_ALG_JPAKE, \
MBEDTLS_SSL_ECJPAKE_PSA_PRIMITIVE, \
step )
/** /**
* \brief Parse the provided input buffer for getting the first round * \brief Parse the provided input buffer for getting the first round
* of key exchange. This code is common between server and client * of key exchange. This code is common between server and client
@ -2502,11 +2514,7 @@ static inline int psa_tls12_write_ecjpake_round_one(
++step ) ++step )
{ {
/* For each step, prepend 1 byte with the length of the data */ /* For each step, prepend 1 byte with the length of the data */
if (step != PSA_PAKE_STEP_ZK_PROOF) { *(buf + output_offset) = MBEDTLS_SSL_ECJPAKE_OUTPUT_SIZE( step );
*(buf + output_offset) = 65;
} else {
*(buf + output_offset) = 32;
}
output_offset += 1; output_offset += 1;
status = psa_pake_output( pake_ctx, step, status = psa_pake_output( pake_ctx, step,
@ -2552,11 +2560,7 @@ static inline int psa_tls12_write_ecjpake_round_two(
++step ) ++step )
{ {
/* For each step, prepend 1 byte with the length of the data */ /* For each step, prepend 1 byte with the length of the data */
if (step != PSA_PAKE_STEP_ZK_PROOF) { *(buf + output_offset) = MBEDTLS_SSL_ECJPAKE_OUTPUT_SIZE( step );
*(buf + output_offset) = 65;
} else {
*(buf + output_offset) = 32;
}
output_offset += 1; output_offset += 1;
status = psa_pake_output( pake_ctx, status = psa_pake_output( pake_ctx,
step, buf + output_offset, step, buf + output_offset,