mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-12-25 05:15:31 +00:00
Restructure incoming CliKeyExch: Move PMS assembly code
After parsing and performing key generation operations, the server-side incoming ClientKeyExchange handling includes code-paths to assembly the PreMasterSecret (PMS) from the available keying material, the exact assembly procedure depending on which ciphersuite is in use. E.g., in an (EC)DHE-PSK ciphersuite, the (EC)DHE secret would be concatenated with the PSK to form the PMS. This assembly of the PMS logically comes done after the ClientKeyExchange has been parsed and the respective keying material has been generated, and this commit moves it to the new postprocessing function ssl_client_key_exchange_postprocess().
This commit is contained in:
parent
dc8bfb9001
commit
1e23af8fa8
|
@ -4071,7 +4071,8 @@ static int ssl_process_client_key_exchange( mbedtls_ssl_context *ssl )
|
||||||
/* The ClientKeyExchange message is never skipped. */
|
/* The ClientKeyExchange message is never skipped. */
|
||||||
|
|
||||||
/* Reading step */
|
/* Reading step */
|
||||||
if( ( ret = mbedtls_ssl_read_record( ssl ) ) != 0 )
|
if( ( ret = mbedtls_ssl_read_record( ssl,
|
||||||
|
1 /* update checksum */ ) ) != 0 )
|
||||||
{
|
{
|
||||||
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret );
|
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret );
|
||||||
return( ret );
|
return( ret );
|
||||||
|
@ -4110,6 +4111,130 @@ static int ssl_client_key_exchange_parse( mbedtls_ssl_context *ssl,
|
||||||
static int ssl_client_key_exchange_postprocess( mbedtls_ssl_context *ssl )
|
static int ssl_client_key_exchange_postprocess( mbedtls_ssl_context *ssl )
|
||||||
{
|
{
|
||||||
int ret;
|
int ret;
|
||||||
|
mbedtls_ssl_ciphersuite_handle_t ciphersuite_info =
|
||||||
|
mbedtls_ssl_handshake_get_ciphersuite( ssl->handshake );
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
|
||||||
|
if( mbedtls_ssl_suite_get_key_exchange( ciphersuite_info )
|
||||||
|
== MBEDTLS_KEY_EXCHANGE_DHE_RSA )
|
||||||
|
{
|
||||||
|
if( ( ret = mbedtls_dhm_calc_secret( &ssl->handshake->dhm_ctx,
|
||||||
|
ssl->handshake->premaster,
|
||||||
|
MBEDTLS_PREMASTER_SIZE,
|
||||||
|
&ssl->handshake->pmslen,
|
||||||
|
ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 )
|
||||||
|
{
|
||||||
|
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_calc_secret", ret );
|
||||||
|
return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS );
|
||||||
|
}
|
||||||
|
|
||||||
|
MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: K ", &ssl->handshake->dhm_ctx.K );
|
||||||
|
}
|
||||||
|
else
|
||||||
|
#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
|
||||||
|
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
|
||||||
|
defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
|
||||||
|
defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
|
||||||
|
defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
|
||||||
|
if( mbedtls_ssl_suite_get_key_exchange( ciphersuite_info )
|
||||||
|
== MBEDTLS_KEY_EXCHANGE_ECDHE_RSA ||
|
||||||
|
mbedtls_ssl_suite_get_key_exchange( ciphersuite_info )
|
||||||
|
== MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA ||
|
||||||
|
mbedtls_ssl_suite_get_key_exchange( ciphersuite_info )
|
||||||
|
== MBEDTLS_KEY_EXCHANGE_ECDH_RSA ||
|
||||||
|
mbedtls_ssl_suite_get_key_exchange( ciphersuite_info )
|
||||||
|
== MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA )
|
||||||
|
{
|
||||||
|
if( ( ret = mbedtls_ecdh_calc_secret( &ssl->handshake->ecdh_ctx,
|
||||||
|
&ssl->handshake->pmslen,
|
||||||
|
ssl->handshake->premaster,
|
||||||
|
MBEDTLS_MPI_MAX_SIZE,
|
||||||
|
mbedtls_ssl_conf_get_frng( ssl->conf ),
|
||||||
|
ssl->conf->p_rng ) ) != 0 )
|
||||||
|
{
|
||||||
|
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_calc_secret", ret );
|
||||||
|
return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS );
|
||||||
|
}
|
||||||
|
|
||||||
|
MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx,
|
||||||
|
MBEDTLS_DEBUG_ECDH_Z );
|
||||||
|
}
|
||||||
|
else
|
||||||
|
#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED ||
|
||||||
|
MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ||
|
||||||
|
MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED ||
|
||||||
|
MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
|
||||||
|
#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
|
||||||
|
if( mbedtls_ssl_suite_get_key_exchange( ciphersuite_info )
|
||||||
|
== MBEDTLS_KEY_EXCHANGE_PSK )
|
||||||
|
{
|
||||||
|
if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl,
|
||||||
|
mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) ) ) != 0 )
|
||||||
|
{
|
||||||
|
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_psk_derive_premaster", ret );
|
||||||
|
return( ret );
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else
|
||||||
|
#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
|
||||||
|
#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
|
||||||
|
if( mbedtls_ssl_suite_get_key_exchange( ciphersuite_info )
|
||||||
|
== MBEDTLS_KEY_EXCHANGE_RSA_PSK )
|
||||||
|
{
|
||||||
|
if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl,
|
||||||
|
mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) ) ) != 0 )
|
||||||
|
{
|
||||||
|
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_psk_derive_premaster", ret );
|
||||||
|
return( ret );
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else
|
||||||
|
#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
|
||||||
|
#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
|
||||||
|
if( mbedtls_ssl_suite_get_key_exchange( ciphersuite_info )
|
||||||
|
== MBEDTLS_KEY_EXCHANGE_DHE_PSK )
|
||||||
|
{
|
||||||
|
if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl,
|
||||||
|
mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) ) ) != 0 )
|
||||||
|
{
|
||||||
|
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_psk_derive_premaster", ret );
|
||||||
|
return( ret );
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else
|
||||||
|
#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
|
||||||
|
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
|
||||||
|
if( mbedtls_ssl_suite_get_key_exchange( ciphersuite_info )
|
||||||
|
== MBEDTLS_KEY_EXCHANGE_ECDHE_PSK )
|
||||||
|
{
|
||||||
|
if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl,
|
||||||
|
mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) ) ) != 0 )
|
||||||
|
{
|
||||||
|
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_psk_derive_premaster", ret );
|
||||||
|
return( ret );
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else
|
||||||
|
#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
|
||||||
|
#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
|
||||||
|
if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
|
||||||
|
{
|
||||||
|
ret = mbedtls_ecjpake_derive_secret( &ssl->handshake->ecjpake_ctx,
|
||||||
|
ssl->handshake->premaster, 32, &ssl->handshake->pmslen,
|
||||||
|
mbedtls_ssl_conf_get_frng( ssl->conf ),
|
||||||
|
ssl->conf->p_rng );
|
||||||
|
if( ret != 0 )
|
||||||
|
{
|
||||||
|
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecjpake_derive_secret", ret );
|
||||||
|
return( ret );
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else
|
||||||
|
#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
|
||||||
|
{
|
||||||
|
MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
|
||||||
|
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
|
||||||
|
}
|
||||||
|
|
||||||
if( ( ret = mbedtls_ssl_derive_keys( ssl ) ) != 0 )
|
if( ( ret = mbedtls_ssl_derive_keys( ssl ) ) != 0 )
|
||||||
{
|
{
|
||||||
|
@ -4188,18 +4313,18 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl )
|
||||||
return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE );
|
return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE );
|
||||||
}
|
}
|
||||||
|
|
||||||
if( ( ret = mbedtls_dhm_calc_secret( &ssl->handshake->dhm_ctx,
|
/* if( ( ret = mbedtls_dhm_calc_secret( &ssl->handshake->dhm_ctx, */
|
||||||
ssl->handshake->premaster,
|
/* ssl->handshake->premaster, */
|
||||||
MBEDTLS_PREMASTER_SIZE,
|
/* MBEDTLS_PREMASTER_SIZE, */
|
||||||
&ssl->handshake->pmslen,
|
/* &ssl->handshake->pmslen, */
|
||||||
mbedtls_ssl_conf_get_frng( ssl->conf ),
|
/* mbedtls_ssl_conf_get_frng( ssl->conf ), */
|
||||||
ssl->conf->p_rng ) ) != 0 )
|
/* ssl->conf->p_rng ) ) != 0 ) */
|
||||||
{
|
/* { */
|
||||||
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_calc_secret", ret );
|
/* MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_calc_secret", ret ); */
|
||||||
return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS );
|
/* return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS ); */
|
||||||
}
|
/* } */
|
||||||
|
|
||||||
MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: K ", &ssl->handshake->dhm_ctx.K );
|
/* MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: K ", &ssl->handshake->dhm_ctx.K ); */
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
|
#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
|
||||||
|
@ -4226,19 +4351,19 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl )
|
||||||
MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx,
|
MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx,
|
||||||
MBEDTLS_DEBUG_ECDH_QP );
|
MBEDTLS_DEBUG_ECDH_QP );
|
||||||
|
|
||||||
if( ( ret = mbedtls_ecdh_calc_secret( &ssl->handshake->ecdh_ctx,
|
/* if( ( ret = mbedtls_ecdh_calc_secret( &ssl->handshake->ecdh_ctx, */
|
||||||
&ssl->handshake->pmslen,
|
/* &ssl->handshake->pmslen, */
|
||||||
ssl->handshake->premaster,
|
/* ssl->handshake->premaster, */
|
||||||
MBEDTLS_MPI_MAX_SIZE,
|
/* MBEDTLS_MPI_MAX_SIZE, */
|
||||||
mbedtls_ssl_conf_get_frng( ssl->conf ),
|
/* mbedtls_ssl_conf_get_frng( ssl->conf ), */
|
||||||
ssl->conf->p_rng ) ) != 0 )
|
/* ssl->conf->p_rng ) ) != 0 ) */
|
||||||
{
|
/* { */
|
||||||
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_calc_secret", ret );
|
/* MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_calc_secret", ret ); */
|
||||||
return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS );
|
/* return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS ); */
|
||||||
}
|
/* } */
|
||||||
|
|
||||||
MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx,
|
/* MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx, */
|
||||||
MBEDTLS_DEBUG_ECDH_Z );
|
/* MBEDTLS_DEBUG_ECDH_Z ); */
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED ||
|
#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED ||
|
||||||
|
@ -4261,12 +4386,12 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl )
|
||||||
return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE );
|
return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE );
|
||||||
}
|
}
|
||||||
|
|
||||||
if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl,
|
/* if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl, */
|
||||||
mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) ) ) != 0 )
|
/* mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) ) ) != 0 ) */
|
||||||
{
|
/* { */
|
||||||
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_psk_derive_premaster", ret );
|
/* MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_psk_derive_premaster", ret ); */
|
||||||
return( ret );
|
/* return( ret ); */
|
||||||
}
|
/* } */
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
|
#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
|
||||||
|
@ -4299,12 +4424,12 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl )
|
||||||
return( ret );
|
return( ret );
|
||||||
}
|
}
|
||||||
|
|
||||||
if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl,
|
/* if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl, */
|
||||||
mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) ) ) != 0 )
|
/* mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) ) ) != 0 ) */
|
||||||
{
|
/* { */
|
||||||
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_psk_derive_premaster", ret );
|
/* MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_psk_derive_premaster", ret ); */
|
||||||
return( ret );
|
/* return( ret ); */
|
||||||
}
|
/* } */
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
|
#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
|
||||||
|
@ -4329,12 +4454,12 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl )
|
||||||
return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE );
|
return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE );
|
||||||
}
|
}
|
||||||
|
|
||||||
if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl,
|
/* if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl, */
|
||||||
mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) ) ) != 0 )
|
/* mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) ) ) != 0 ) */
|
||||||
{
|
/* { */
|
||||||
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_psk_derive_premaster", ret );
|
/* MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_psk_derive_premaster", ret ); */
|
||||||
return( ret );
|
/* return( ret ); */
|
||||||
}
|
/* } */
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
|
#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
|
||||||
|
@ -4358,12 +4483,12 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl )
|
||||||
MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx,
|
MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx,
|
||||||
MBEDTLS_DEBUG_ECDH_QP );
|
MBEDTLS_DEBUG_ECDH_QP );
|
||||||
|
|
||||||
if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl,
|
/* if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl, */
|
||||||
mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) ) ) != 0 )
|
/* mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) ) ) != 0 ) */
|
||||||
{
|
/* { */
|
||||||
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_psk_derive_premaster", ret );
|
/* MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_psk_derive_premaster", ret ); */
|
||||||
return( ret );
|
/* return( ret ); */
|
||||||
}
|
/* } */
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
|
#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
|
||||||
|
@ -4391,15 +4516,15 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl )
|
||||||
return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
|
return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
|
||||||
}
|
}
|
||||||
|
|
||||||
ret = mbedtls_ecjpake_derive_secret( &ssl->handshake->ecjpake_ctx,
|
/* ret = mbedtls_ecjpake_derive_secret( &ssl->handshake->ecjpake_ctx, */
|
||||||
ssl->handshake->premaster, 32, &ssl->handshake->pmslen,
|
/* ssl->handshake->premaster, 32, &ssl->handshake->pmslen, */
|
||||||
mbedtls_ssl_conf_get_frng( ssl->conf ),
|
/* mbedtls_ssl_conf_get_frng( ssl->conf ), */
|
||||||
ssl->conf->p_rng );
|
/* ssl->conf->p_rng ); */
|
||||||
if( ret != 0 )
|
/* if( ret != 0 ) */
|
||||||
{
|
/* { */
|
||||||
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecjpake_derive_secret", ret );
|
/* MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecjpake_derive_secret", ret ); */
|
||||||
return( ret );
|
/* return( ret ); */
|
||||||
}
|
/* } */
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
|
#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
|
||||||
|
|
Loading…
Reference in a new issue