mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-01-27 15:35:50 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Adapt code to be consistent with the existing code

Browse Source 
- init status to error
- use simple assignment to status
- fix code style (spaces)

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
This commit is contained in:
Przemek Stekiel 2022-06-23 09:05:40 +02:00
parent b33bd19197
commit 38ab400dc4
1 changed files with 64 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

100
library/ssl_tls13_keys.c
View File

@ -146,7 +146,8 @@ int mbedtls_ssl_tls13_hkdf_expand_label(
{ {
unsigned char hkdf_label[ SSL_TLS1_3_KEY_SCHEDULE_MAX_HKDF_LABEL_LEN ]; unsigned char hkdf_label[ SSL_TLS1_3_KEY_SCHEDULE_MAX_HKDF_LABEL_LEN ];
size_t hkdf_label_len; size_t hkdf_label_len;
psa_status_t status = PSA_SUCCESS; psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
psa_status_t abort_status = PSA_ERROR_CORRUPTION_DETECTED;
psa_key_derivation_operation_t operation = psa_key_derivation_operation_t operation =
PSA_KEY_DERIVATION_OPERATION_INIT; PSA_KEY_DERIVATION_OPERATION_INIT;
@ -180,23 +181,36 @@ int mbedtls_ssl_tls13_hkdf_expand_label(
&hkdf_label_len ); &hkdf_label_len );
status = psa_key_derivation_setup( &operation, PSA_ALG_HKDF_EXPAND( hash_alg ) ); status = psa_key_derivation_setup( &operation, PSA_ALG_HKDF_EXPAND( hash_alg ) );
if (status == PSA_SUCCESS)
status |= psa_key_derivation_input_bytes( &operation,
PSA_KEY_DERIVATION_INPUT_SECRET,
secret,
secret_len );
if (status == PSA_SUCCESS)
status |= psa_key_derivation_input_bytes( &operation,
PSA_KEY_DERIVATION_INPUT_INFO,
hkdf_label,
hkdf_label_len );
if (status == PSA_SUCCESS)
status |= psa_key_derivation_output_bytes( &operation,
buf,
buf_len );
if (status == PSA_SUCCESS)
status |= psa_key_derivation_abort( &operation );
if( status != PSA_SUCCESS )
goto cleanup;
status = psa_key_derivation_input_bytes( &operation,
PSA_KEY_DERIVATION_INPUT_SECRET,
secret,
secret_len );
if( status != PSA_SUCCESS )
goto cleanup;
status = psa_key_derivation_input_bytes( &operation,
PSA_KEY_DERIVATION_INPUT_INFO,
hkdf_label,
hkdf_label_len );
if( status != PSA_SUCCESS )
goto cleanup;
status = psa_key_derivation_output_bytes( &operation,
buf,
buf_len );
if( status != PSA_SUCCESS )
goto cleanup;
cleanup:
abort_status = psa_key_derivation_abort( &operation );
status = ( status == PSA_SUCCESS ? abort_status : status );
return( psa_ssl_status_to_mbedtls ( status ) ); return( psa_ssl_status_to_mbedtls ( status ) );
} }
@ -314,7 +328,8 @@ int mbedtls_ssl_tls13_evolve_secret(
unsigned char *secret_new ) unsigned char *secret_new )
{ {
int ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR; int ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR;
psa_status_t status = PSA_SUCCESS; psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
psa_status_t abort_status = PSA_ERROR_CORRUPTION_DETECTED;
size_t hlen, ilen; size_t hlen, ilen;
unsigned char tmp_secret[ PSA_MAC_MAX_SIZE ] = { 0 }; unsigned char tmp_secret[ PSA_MAC_MAX_SIZE ] = { 0 };
unsigned char tmp_input [ MBEDTLS_ECP_MAX_BYTES ] = { 0 }; unsigned char tmp_input [ MBEDTLS_ECP_MAX_BYTES ] = { 0 };
@ -341,6 +356,8 @@ int mbedtls_ssl_tls13_evolve_secret(
goto cleanup; goto cleanup;
} }
ret = 0;
if( input != NULL ) if( input != NULL )
{ {
memcpy( tmp_input, input, input_len ); memcpy( tmp_input, input, input_len );
@ -353,26 +370,37 @@ int mbedtls_ssl_tls13_evolve_secret(
status = psa_key_derivation_setup( &operation, status = psa_key_derivation_setup( &operation,
PSA_ALG_HKDF_EXTRACT( hash_alg ) ); PSA_ALG_HKDF_EXTRACT( hash_alg ) );
if (status == PSA_SUCCESS)
status |= psa_key_derivation_input_bytes( &operation,
PSA_KEY_DERIVATION_INPUT_SALT,
tmp_secret,
hlen );
if (status == PSA_SUCCESS)
status |= psa_key_derivation_input_bytes( &operation,
PSA_KEY_DERIVATION_INPUT_SECRET,
tmp_input,
ilen );
if (status == PSA_SUCCESS)
status |= psa_key_derivation_output_bytes( &operation,
secret_new,
PSA_HASH_LENGTH( hash_alg ) );
if (status == PSA_SUCCESS)
status |= psa_key_derivation_abort( &operation );
ret = psa_ssl_status_to_mbedtls ( status ); if( status != PSA_SUCCESS )
goto cleanup;
status = psa_key_derivation_input_bytes( &operation,
PSA_KEY_DERIVATION_INPUT_SALT,
tmp_secret,
hlen );
if( status != PSA_SUCCESS )
goto cleanup;
status = psa_key_derivation_input_bytes( &operation,
PSA_KEY_DERIVATION_INPUT_SECRET,
tmp_input,
ilen );
if( status != PSA_SUCCESS )
goto cleanup;
status = psa_key_derivation_output_bytes( &operation,
secret_new,
PSA_HASH_LENGTH( hash_alg ) );
if( status != PSA_SUCCESS )
goto cleanup;
cleanup: cleanup:
abort_status = psa_key_derivation_abort( &operation );
status = ( status == PSA_SUCCESS ? abort_status : status );
ret = ( ret == 0 ? psa_ssl_status_to_mbedtls ( status ) : ret );
mbedtls_platform_zeroize( tmp_secret, sizeof(tmp_secret) ); mbedtls_platform_zeroize( tmp_secret, sizeof(tmp_secret) );
mbedtls_platform_zeroize( tmp_input, sizeof(tmp_input) ); mbedtls_platform_zeroize( tmp_input, sizeof(tmp_input) );
return( ret ); return( ret );