Restructure incoming CliKeyExch: Add frame for restructuring

This commit adds declarations and dummy implementations for the restructured incoming client key exchange handling that will replace the previous ssl_parse_client_key_exchange(). The entry point for the CliKeyExchange handling that is called from the handshake state machine is `ssl_process_client_key_exchange()`, splitting the processing into the following steps: - Fetching: Read next message from the messaging layer and check that it has the correct type. The ClientKeyExchange message is never omitted, so there is no ambiguity in what to expect, and hence no dedicated preparation step as for other handshake states. - Parsing: Parse the ClientKeyExchange message and use the information in it to derive keying material such as the shared (EC)DHE secret. - Postprocessing: Compute the session keys from the available keying material. This splits in two steps: (1) Build the PreMasterSecret (PMS) from the available keying material, e.g. concatenate the (EC)DHE secret with a PSK, if used. (2) Extract the MasterSecret and Session Keys from the PreMasterSecret. The subsequent commits will scatter the code from the previous monolithic function ssl_parse_client_key_exchange() among those dedicated functions, commenting out each part of ssl_parse_client_key_exchange() that has already been dealt with. This gradual progression is meant to ease reviewing. Once all code has been moved and all changes explained, ssl_parse_client_key_exchange() will be removed.
2025-03-22 18:15:14 +00:00 · 2018-05-21 17:16:42 +01:00 · 2018-05-21 17:16:42 +01:00 · 7ec345d95f
parent 4f68b04018
commit 7ec345d95f
1 changed files with 81 additions and 1 deletions
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@ -4040,6 +4040,86 @@ static int ssl_parse_client_psk_identity( mbedtls_ssl_context *ssl, unsigned cha
 }
 #endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */

+/*
+ *
+ * STATE HANDLING: Client Key Exchange
+ *
+ */
+
+/*
+ * Overview
+ */
+
+/* Main entry point; orchestrates the other functions. */
+static int ssl_process_client_key_exchange( mbedtls_ssl_context *ssl );
+
+static int ssl_client_key_exchange_parse( mbedtls_ssl_context *ssl,
+                                          unsigned char *buf,
+                                          size_t buflen );
+/* Update the handshake state */
+static int ssl_client_key_exchange_postprocess( mbedtls_ssl_context *ssl );
+
+/*
+ * Implementation
+ */
+
+static int ssl_process_client_key_exchange( mbedtls_ssl_context *ssl )
+{
+    int ret;
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> process client key exchange" ) );
+
+    /* The ClientKeyExchange message is never skipped. */
+
+    /* Reading step */
+    if( ( ret = mbedtls_ssl_read_record( ssl ) ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret );
+        return( ret );
+    }
+
+    if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE ||
+        ssl->in_msg[0]  != MBEDTLS_SSL_HS_CLIENT_KEY_EXCHANGE )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) );
+        mbedtls_ssl_pend_fatal_alert( ssl,
+                                MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE );
+        ret = MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE;
+        goto cleanup;
+    }
+
+    SSL_PROC_CHK( ssl_client_key_exchange_parse( ssl, ssl->in_msg,
+                                                 ssl->in_hslen ) );
+
+    /* Update state */
+    SSL_PROC_CHK( ssl_client_key_exchange_postprocess( ssl ) );
+
+cleanup:
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= process client key exchange" ) );
+    return( ret );
+}
+
+static int ssl_client_key_exchange_parse( mbedtls_ssl_context *ssl,
+                                          unsigned char *buf,
+                                          size_t buflen )
+{
+    /* TBD */
+}
+
+/* Update the handshake state */
+static int ssl_client_key_exchange_postprocess( mbedtls_ssl_context *ssl )
+{
+    ssl->state = MBEDTLS_SSL_CERTIFICATE_VERIFY;
+    return( 0 );
+}
+
+/* OLD CODE
+ *
+ * Temporarily included to gradually move it to the correct
+ * place in the restructured code.
+ *
+ */
+
 static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl )
 {
    int ret;
@ -4705,7 +4785,7 @@ int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl )
            break;

        case MBEDTLS_SSL_CLIENT_KEY_EXCHANGE:
-            ret = ssl_parse_client_key_exchange( ssl );
+            ret = ssl_process_client_key_exchange( ssl );
            break;

        case MBEDTLS_SSL_CERTIFICATE_VERIFY: