mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-03-28 19:21:08 +00:00
add selected_identity parser
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
This commit is contained in:
parent
1a0a0f4416
commit
b300e3c5be
@ -1083,10 +1083,90 @@ static int ssl_tls13_parse_server_pre_shared_key_ext( mbedtls_ssl_context *ssl,
|
||||
const unsigned char *buf,
|
||||
const unsigned char *end )
|
||||
{
|
||||
((void) ssl);
|
||||
((void) buf);
|
||||
((void) end);
|
||||
return( 0 );
|
||||
int ret = 0;
|
||||
int selected_identity;
|
||||
int psk_type = MBEDTLS_SSL_TLS1_3_PSK_EXTERNAL;
|
||||
const unsigned char *psk;
|
||||
size_t psk_len;
|
||||
psa_algorithm_t psa_alg;
|
||||
|
||||
MBEDTLS_SSL_CHK_BUF_PTR( buf, end, 2 );
|
||||
selected_identity = MBEDTLS_GET_UINT16_BE( buf, 0 );
|
||||
MBEDTLS_SSL_DEBUG_MSG( 3, ( "selected_identity = %d", selected_identity ) );
|
||||
|
||||
if( ssl_tls13_has_configured_psk( ssl ) &&
|
||||
ssl_tls13_has_configured_ticket( ssl ) )
|
||||
{
|
||||
if( selected_identity >= 2 )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "Out of range" ) );
|
||||
goto exit;
|
||||
}
|
||||
switch( selected_identity )
|
||||
{
|
||||
case 0:
|
||||
psk_type = MBEDTLS_SSL_TLS1_3_PSK_RESUMPTION;
|
||||
break;
|
||||
case 1:
|
||||
psk_type = MBEDTLS_SSL_TLS1_3_PSK_EXTERNAL;
|
||||
break;
|
||||
}
|
||||
}
|
||||
else if( ssl_tls13_has_configured_psk( ssl ) ||
|
||||
ssl_tls13_has_configured_ticket( ssl ) )
|
||||
{
|
||||
if( selected_identity >= 1 )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "Out of range" ) );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( ssl_tls13_has_configured_psk( ssl ) )
|
||||
psk_type = MBEDTLS_SSL_TLS1_3_PSK_EXTERNAL;
|
||||
else if( ssl_tls13_has_configured_ticket( ssl ) )
|
||||
psk_type = MBEDTLS_SSL_TLS1_3_PSK_RESUMPTION;
|
||||
}
|
||||
else
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
|
||||
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
|
||||
}
|
||||
switch( psk_type )
|
||||
{
|
||||
#if defined(MBEDTLS_SSL_SESSION_TICKETS)
|
||||
case MBEDTLS_SSL_TLS1_3_PSK_RESUMPTION:
|
||||
ret = ssl_tls13_session_tickets_get_psk(
|
||||
ssl, &psa_alg, &psk, &psk_len );
|
||||
break;
|
||||
#endif
|
||||
case MBEDTLS_SSL_TLS1_3_PSK_EXTERNAL:
|
||||
ret = ssl_tls13_psk_get_psk(
|
||||
ssl, &psa_alg, &psk, &psk_len );
|
||||
break;
|
||||
default:
|
||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
|
||||
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
|
||||
}
|
||||
if( ret != 0 )
|
||||
return( ret );
|
||||
|
||||
ret = mbedtls_ssl_set_hs_psk( ssl, psk, psk_len );
|
||||
if( ret != 0 )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_set_hs_psk", ret );
|
||||
}
|
||||
else
|
||||
ssl->handshake->extensions_present |= MBEDTLS_SSL_EXT_PRE_SHARED_KEY;
|
||||
|
||||
return( ret );
|
||||
|
||||
exit:
|
||||
MBEDTLS_SSL_DEBUG_MSG(
|
||||
1, ( "Invalid chosen PSK identity." ) );
|
||||
|
||||
MBEDTLS_SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER,
|
||||
MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER );
|
||||
return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER );
|
||||
}
|
||||
|
||||
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
|
||||
|
Loading…
x
Reference in New Issue
Block a user