Make variable in ssl_write_client_key_exchange() more descriptive

This commit is contained in:
Hanno Becker 2019-01-14 09:41:16 +00:00
parent 4a63ed421c
commit c14a3bb5a6

View file

@ -3018,7 +3018,9 @@ static int ssl_parse_server_hello_done( mbedtls_ssl_context *ssl )
static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl ) static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl )
{ {
int ret; int ret;
size_t i, n;
size_t header_len;
size_t content_len;
const mbedtls_ssl_ciphersuite_t *ciphersuite_info = const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
ssl->transform_negotiate->ciphersuite_info; ssl->transform_negotiate->ciphersuite_info;
@ -3030,16 +3032,16 @@ static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl )
/* /*
* DHM key exchange -- send G^X mod P * DHM key exchange -- send G^X mod P
*/ */
n = ssl->handshake->dhm_ctx.len; content_len = ssl->handshake->dhm_ctx.len;
ssl->out_msg[4] = (unsigned char)( n >> 8 ); ssl->out_msg[4] = (unsigned char)( content_len >> 8 );
ssl->out_msg[5] = (unsigned char)( n ); ssl->out_msg[5] = (unsigned char)( content_len );
i = 6; header_len = 6;
ret = mbedtls_dhm_make_public( &ssl->handshake->dhm_ctx, ret = mbedtls_dhm_make_public( &ssl->handshake->dhm_ctx,
(int) mbedtls_mpi_size( &ssl->handshake->dhm_ctx.P ), (int) mbedtls_mpi_size( &ssl->handshake->dhm_ctx.P ),
&ssl->out_msg[i], n, &ssl->out_msg[header_len], content_len,
ssl->conf->f_rng, ssl->conf->p_rng ); ssl->conf->f_rng, ssl->conf->p_rng );
if( ret != 0 ) if( ret != 0 )
{ {
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_make_public", ret ); MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_make_public", ret );
@ -3050,10 +3052,10 @@ static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl )
MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: GX", &ssl->handshake->dhm_ctx.GX ); MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: GX", &ssl->handshake->dhm_ctx.GX );
if( ( ret = mbedtls_dhm_calc_secret( &ssl->handshake->dhm_ctx, if( ( ret = mbedtls_dhm_calc_secret( &ssl->handshake->dhm_ctx,
ssl->handshake->premaster, ssl->handshake->premaster,
MBEDTLS_PREMASTER_SIZE, MBEDTLS_PREMASTER_SIZE,
&ssl->handshake->pmslen, &ssl->handshake->pmslen,
ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 )
{ {
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_calc_secret", ret ); MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_calc_secret", ret );
return( ret ); return( ret );
@ -3081,7 +3083,7 @@ static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl )
psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
i = 4; header_len = 4;
/* /*
* Generate EC private key for ECDHE exchange. * Generate EC private key for ECDHE exchange.
@ -3133,9 +3135,10 @@ static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl )
} }
/* Copy ECPoint structure to outgoing message buffer. */ /* Copy ECPoint structure to outgoing message buffer. */
ssl->out_msg[i] = own_pubkey_ecpoint_len; ssl->out_msg[header_len] = own_pubkey_ecpoint_len;
memcpy( ssl->out_msg + i + 1, own_pubkey_ecpoint, own_pubkey_ecpoint_len ); memcpy( ssl->out_msg + header_len + 1,
n = own_pubkey_ecpoint_len + 1; own_pubkey_ecpoint, own_pubkey_ecpoint_len );
content_len = own_pubkey_ecpoint_len + 1;
/* Compute ECDH shared secret. */ /* Compute ECDH shared secret. */
status = psa_key_agreement( &generator, status = psa_key_agreement( &generator,
@ -3185,7 +3188,7 @@ static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl )
/* /*
* ECDH key exchange -- send client public value * ECDH key exchange -- send client public value
*/ */
i = 4; header_len = 4;
#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) #if defined(MBEDTLS_SSL__ECP_RESTARTABLE)
if( ssl->handshake->ecrs_enabled ) if( ssl->handshake->ecrs_enabled )
@ -3198,8 +3201,8 @@ static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl )
#endif #endif
ret = mbedtls_ecdh_make_public( &ssl->handshake->ecdh_ctx, ret = mbedtls_ecdh_make_public( &ssl->handshake->ecdh_ctx,
&n, &content_len,
&ssl->out_msg[i], 1000, &ssl->out_msg[header_len], 1000,
ssl->conf->f_rng, ssl->conf->p_rng ); ssl->conf->f_rng, ssl->conf->p_rng );
if( ret != 0 ) if( ret != 0 )
{ {
@ -3217,19 +3220,19 @@ static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl )
#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) #if defined(MBEDTLS_SSL__ECP_RESTARTABLE)
if( ssl->handshake->ecrs_enabled ) if( ssl->handshake->ecrs_enabled )
{ {
ssl->handshake->ecrs_n = n; ssl->handshake->ecrs_n = content_len;
ssl->handshake->ecrs_state = ssl_ecrs_cke_ecdh_calc_secret; ssl->handshake->ecrs_state = ssl_ecrs_cke_ecdh_calc_secret;
} }
ecdh_calc_secret: ecdh_calc_secret:
if( ssl->handshake->ecrs_enabled ) if( ssl->handshake->ecrs_enabled )
n = ssl->handshake->ecrs_n; content_len = ssl->handshake->ecrs_n;
#endif #endif
if( ( ret = mbedtls_ecdh_calc_secret( &ssl->handshake->ecdh_ctx, if( ( ret = mbedtls_ecdh_calc_secret( &ssl->handshake->ecdh_ctx,
&ssl->handshake->pmslen, &ssl->handshake->pmslen,
ssl->handshake->premaster, ssl->handshake->premaster,
MBEDTLS_MPI_MAX_SIZE, MBEDTLS_MPI_MAX_SIZE,
ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 )
{ {
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_calc_secret", ret ); MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_calc_secret", ret );
#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) #if defined(MBEDTLS_SSL__ECP_RESTARTABLE)
@ -3261,26 +3264,28 @@ ecdh_calc_secret:
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
} }
i = 4; header_len = 4;
n = ssl->conf->psk_identity_len; content_len = ssl->conf->psk_identity_len;
if( i + 2 + n > MBEDTLS_SSL_OUT_CONTENT_LEN ) if( header_len + 2 + content_len > MBEDTLS_SSL_OUT_CONTENT_LEN )
{ {
MBEDTLS_SSL_DEBUG_MSG( 1, ( "psk identity too long or " MBEDTLS_SSL_DEBUG_MSG( 1, ( "psk identity too long or "
"SSL buffer too short" ) ); "SSL buffer too short" ) );
return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
} }
ssl->out_msg[i++] = (unsigned char)( n >> 8 ); ssl->out_msg[header_len++] = (unsigned char)( content_len >> 8 );
ssl->out_msg[i++] = (unsigned char)( n ); ssl->out_msg[header_len++] = (unsigned char)( content_len );
memcpy( ssl->out_msg + i, ssl->conf->psk_identity, ssl->conf->psk_identity_len ); memcpy( ssl->out_msg + header_len,
i += ssl->conf->psk_identity_len; ssl->conf->psk_identity,
ssl->conf->psk_identity_len );
header_len += ssl->conf->psk_identity_len;
#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ) if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK )
{ {
n = 0; content_len = 0;
} }
else else
#endif #endif
@ -3293,7 +3298,8 @@ ecdh_calc_secret:
return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
#endif /* MBEDTLS_USE_PSA_CRYPTO */ #endif /* MBEDTLS_USE_PSA_CRYPTO */
if( ( ret = ssl_write_encrypted_pms( ssl, i, &n, 2 ) ) != 0 ) if( ( ret = ssl_write_encrypted_pms( ssl, header_len,
&content_len, 2 ) ) != 0 )
return( ret ); return( ret );
} }
else else
@ -3310,21 +3316,22 @@ ecdh_calc_secret:
/* /*
* ClientDiffieHellmanPublic public (DHM send G^X mod P) * ClientDiffieHellmanPublic public (DHM send G^X mod P)
*/ */
n = ssl->handshake->dhm_ctx.len; content_len = ssl->handshake->dhm_ctx.len;
if( i + 2 + n > MBEDTLS_SSL_OUT_CONTENT_LEN ) if( header_len + 2 + content_len >
MBEDTLS_SSL_OUT_CONTENT_LEN )
{ {
MBEDTLS_SSL_DEBUG_MSG( 1, ( "psk identity or DHM size too long" MBEDTLS_SSL_DEBUG_MSG( 1, ( "psk identity or DHM size too long"
" or SSL buffer too short" ) ); " or SSL buffer too short" ) );
return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
} }
ssl->out_msg[i++] = (unsigned char)( n >> 8 ); ssl->out_msg[header_len++] = (unsigned char)( content_len >> 8 );
ssl->out_msg[i++] = (unsigned char)( n ); ssl->out_msg[header_len++] = (unsigned char)( content_len );
ret = mbedtls_dhm_make_public( &ssl->handshake->dhm_ctx, ret = mbedtls_dhm_make_public( &ssl->handshake->dhm_ctx,
(int) mbedtls_mpi_size( &ssl->handshake->dhm_ctx.P ), (int) mbedtls_mpi_size( &ssl->handshake->dhm_ctx.P ),
&ssl->out_msg[i], n, &ssl->out_msg[header_len], content_len,
ssl->conf->f_rng, ssl->conf->p_rng ); ssl->conf->f_rng, ssl->conf->p_rng );
if( ret != 0 ) if( ret != 0 )
{ {
@ -3346,8 +3353,10 @@ ecdh_calc_secret:
/* /*
* ClientECDiffieHellmanPublic public; * ClientECDiffieHellmanPublic public;
*/ */
ret = mbedtls_ecdh_make_public( &ssl->handshake->ecdh_ctx, &n, ret = mbedtls_ecdh_make_public( &ssl->handshake->ecdh_ctx,
&ssl->out_msg[i], MBEDTLS_SSL_OUT_CONTENT_LEN - i, &content_len,
&ssl->out_msg[header_len],
MBEDTLS_SSL_OUT_CONTENT_LEN - header_len,
ssl->conf->f_rng, ssl->conf->p_rng ); ssl->conf->f_rng, ssl->conf->p_rng );
if( ret != 0 ) if( ret != 0 )
{ {
@ -3388,8 +3397,9 @@ ecdh_calc_secret:
#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA ) if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA )
{ {
i = 4; header_len = 4;
if( ( ret = ssl_write_encrypted_pms( ssl, i, &n, 0 ) ) != 0 ) if( ( ret = ssl_write_encrypted_pms( ssl, header_len,
&content_len, 0 ) ) != 0 )
return( ret ); return( ret );
} }
else else
@ -3397,10 +3407,12 @@ ecdh_calc_secret:
#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ) if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
{ {
i = 4; header_len = 4;
ret = mbedtls_ecjpake_write_round_two( &ssl->handshake->ecjpake_ctx, ret = mbedtls_ecjpake_write_round_two( &ssl->handshake->ecjpake_ctx,
ssl->out_msg + i, MBEDTLS_SSL_OUT_CONTENT_LEN - i, &n, ssl->out_msg + header_len,
MBEDTLS_SSL_OUT_CONTENT_LEN - header_len,
&content_len,
ssl->conf->f_rng, ssl->conf->p_rng ); ssl->conf->f_rng, ssl->conf->p_rng );
if( ret != 0 ) if( ret != 0 )
{ {
@ -3425,7 +3437,7 @@ ecdh_calc_secret:
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
} }
ssl->out_msglen = i + n; ssl->out_msglen = header_len + content_len;
ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE;
ssl->out_msg[0] = MBEDTLS_SSL_HS_CLIENT_KEY_EXCHANGE; ssl->out_msg[0] = MBEDTLS_SSL_HS_CLIENT_KEY_EXCHANGE;