mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-03-28 19:21:08 +00:00
move calc_finished_tls_sha256
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
This commit is contained in:
Jerry Yu
parent
d952669ad8
commit
615bd6f5b9
@ -1009,82 +1009,6 @@ static void ssl_update_checksum_sha384( mbedtls_ssl_context *ssl,
|
||||
|
||||
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
|
||||
|
||||
#if defined(MBEDTLS_SHA256_C)
|
||||
static void ssl_calc_finished_tls_sha256(
|
||||
mbedtls_ssl_context *ssl, unsigned char *buf, int from )
|
||||
{
|
||||
int len = 12;
|
||||
const char *sender;
|
||||
unsigned char padbuf[32];
|
||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||
size_t hash_size;
|
||||
psa_hash_operation_t sha256_psa = PSA_HASH_OPERATION_INIT;
|
||||
psa_status_t status;
|
||||
#else
|
||||
mbedtls_sha256_context sha256;
|
||||
#endif
|
||||
|
||||
mbedtls_ssl_session *session = ssl->session_negotiate;
|
||||
if( !session )
|
||||
session = ssl->session;
|
||||
|
||||
sender = ( from == MBEDTLS_SSL_IS_CLIENT )
|
||||
? "client finished"
|
||||
: "server finished";
|
||||
|
||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||
sha256_psa = psa_hash_operation_init();
|
||||
|
||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc PSA finished tls sha256" ) );
|
||||
|
||||
status = psa_hash_clone( &ssl->handshake->fin_sha256_psa, &sha256_psa );
|
||||
if( status != PSA_SUCCESS )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "PSA hash clone failed" ) );
|
||||
return;
|
||||
}
|
||||
|
||||
status = psa_hash_finish( &sha256_psa, padbuf, sizeof( padbuf ), &hash_size );
|
||||
if( status != PSA_SUCCESS )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "PSA hash finish failed" ) );
|
||||
return;
|
||||
}
|
||||
MBEDTLS_SSL_DEBUG_BUF( 3, "PSA calculated padbuf", padbuf, 32 );
|
||||
#else
|
||||
|
||||
mbedtls_sha256_init( &sha256 );
|
||||
|
||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc finished tls sha256" ) );
|
||||
|
||||
mbedtls_sha256_clone( &sha256, &ssl->handshake->fin_sha256 );
|
||||
|
||||
/*
|
||||
* TLSv1.2:
|
||||
* hash = PRF( master, finished_label,
|
||||
* Hash( handshake ) )[0.11]
|
||||
*/
|
||||
|
||||
#if !defined(MBEDTLS_SHA256_ALT)
|
||||
MBEDTLS_SSL_DEBUG_BUF( 4, "finished sha2 state", (unsigned char *)
|
||||
sha256.state, sizeof( sha256.state ) );
|
||||
#endif
|
||||
|
||||
mbedtls_sha256_finish( &sha256, padbuf );
|
||||
mbedtls_sha256_free( &sha256 );
|
||||
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
||||
|
||||
ssl->handshake->tls_prf( session->master, 48, sender,
|
||||
padbuf, 32, buf, len );
|
||||
|
||||
MBEDTLS_SSL_DEBUG_BUF( 3, "calc finished result", buf, len );
|
||||
|
||||
mbedtls_platform_zeroize( padbuf, sizeof( padbuf ) );
|
||||
|
||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc finished" ) );
|
||||
}
|
||||
#endif /* MBEDTLS_SHA256_C */
|
||||
|
||||
#if defined(MBEDTLS_SHA384_C)
|
||||
|
||||
static void ssl_calc_finished_tls_sha384(
|
||||
@ -7967,6 +7891,83 @@ exit:
|
||||
}
|
||||
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
|
||||
|
||||
|
||||
#if defined(MBEDTLS_SHA256_C)
|
||||
static void ssl_calc_finished_tls_sha256(
|
||||
mbedtls_ssl_context *ssl, unsigned char *buf, int from )
|
||||
{
|
||||
int len = 12;
|
||||
const char *sender;
|
||||
unsigned char padbuf[32];
|
||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||
size_t hash_size;
|
||||
psa_hash_operation_t sha256_psa = PSA_HASH_OPERATION_INIT;
|
||||
psa_status_t status;
|
||||
#else
|
||||
mbedtls_sha256_context sha256;
|
||||
#endif
|
||||
|
||||
mbedtls_ssl_session *session = ssl->session_negotiate;
|
||||
if( !session )
|
||||
session = ssl->session;
|
||||
|
||||
sender = ( from == MBEDTLS_SSL_IS_CLIENT )
|
||||
? "client finished"
|
||||
: "server finished";
|
||||
|
||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||
sha256_psa = psa_hash_operation_init();
|
||||
|
||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc PSA finished tls sha256" ) );
|
||||
|
||||
status = psa_hash_clone( &ssl->handshake->fin_sha256_psa, &sha256_psa );
|
||||
if( status != PSA_SUCCESS )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "PSA hash clone failed" ) );
|
||||
return;
|
||||
}
|
||||
|
||||
status = psa_hash_finish( &sha256_psa, padbuf, sizeof( padbuf ), &hash_size );
|
||||
if( status != PSA_SUCCESS )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "PSA hash finish failed" ) );
|
||||
return;
|
||||
}
|
||||
MBEDTLS_SSL_DEBUG_BUF( 3, "PSA calculated padbuf", padbuf, 32 );
|
||||
#else
|
||||
|
||||
mbedtls_sha256_init( &sha256 );
|
||||
|
||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc finished tls sha256" ) );
|
||||
|
||||
mbedtls_sha256_clone( &sha256, &ssl->handshake->fin_sha256 );
|
||||
|
||||
/*
|
||||
* TLSv1.2:
|
||||
* hash = PRF( master, finished_label,
|
||||
* Hash( handshake ) )[0.11]
|
||||
*/
|
||||
|
||||
#if !defined(MBEDTLS_SHA256_ALT)
|
||||
MBEDTLS_SSL_DEBUG_BUF( 4, "finished sha2 state", (unsigned char *)
|
||||
sha256.state, sizeof( sha256.state ) );
|
||||
#endif
|
||||
|
||||
mbedtls_sha256_finish( &sha256, padbuf );
|
||||
mbedtls_sha256_free( &sha256 );
|
||||
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
||||
|
||||
ssl->handshake->tls_prf( session->master, 48, sender,
|
||||
padbuf, 32, buf, len );
|
||||
|
||||
MBEDTLS_SSL_DEBUG_BUF( 3, "calc finished result", buf, len );
|
||||
|
||||
mbedtls_platform_zeroize( padbuf, sizeof( padbuf ) );
|
||||
|
||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc finished" ) );
|
||||
}
|
||||
#endif /* MBEDTLS_SHA256_C */
|
||||
|
||||
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
|
||||
|
||||
#endif /* MBEDTLS_SSL_TLS_C */
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user