Restructure incoming CliKeyExch: Move key derivation code

This commit moves the generation of the master secret and session keys
from the premaster secret (done in mbedtlsssl_derive_keys()) from the
previous ClientKeyExchange parsing function ssl_parse_client_key_exchange()
to the new postprocessing function ssl_client_key_exchange_postprocess().
This commit is contained in:
Hanno Becker 2018-05-21 17:24:27 +01:00
parent 7ec345d95f
commit dc8bfb9001

View file

@ -4109,6 +4109,14 @@ static int ssl_client_key_exchange_parse( mbedtls_ssl_context *ssl,
/* Update the handshake state */
static int ssl_client_key_exchange_postprocess( mbedtls_ssl_context *ssl )
{
int ret;
if( ( ret = mbedtls_ssl_derive_keys( ssl ) ) != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_derive_keys", ret );
return( ret );
}
ssl->state = MBEDTLS_SSL_CERTIFICATE_VERIFY;
return( 0 );
}
@ -4400,11 +4408,11 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl )
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
}
if( ( ret = mbedtls_ssl_derive_keys( ssl ) ) != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_derive_keys", ret );
return( ret );
}
/* if( ( ret = mbedtls_ssl_derive_keys( ssl ) ) != 0 ) */
/* { */
/* MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_derive_keys", ret ); */
/* return( ret ); */
/* } */
ssl->state++;