add selected_identity parser

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
This commit is contained in:
Jerry Yu 2022-09-28 22:12:07 +08:00
parent 1a0a0f4416
commit b300e3c5be

View File

@ -1083,10 +1083,90 @@ static int ssl_tls13_parse_server_pre_shared_key_ext( mbedtls_ssl_context *ssl,
const unsigned char *buf,
const unsigned char *end )
{
((void) ssl);
((void) buf);
((void) end);
return( 0 );
int ret = 0;
int selected_identity;
int psk_type = MBEDTLS_SSL_TLS1_3_PSK_EXTERNAL;
const unsigned char *psk;
size_t psk_len;
psa_algorithm_t psa_alg;
MBEDTLS_SSL_CHK_BUF_PTR( buf, end, 2 );
selected_identity = MBEDTLS_GET_UINT16_BE( buf, 0 );
MBEDTLS_SSL_DEBUG_MSG( 3, ( "selected_identity = %d", selected_identity ) );
if( ssl_tls13_has_configured_psk( ssl ) &&
ssl_tls13_has_configured_ticket( ssl ) )
{
if( selected_identity >= 2 )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "Out of range" ) );
goto exit;
}
switch( selected_identity )
{
case 0:
psk_type = MBEDTLS_SSL_TLS1_3_PSK_RESUMPTION;
break;
case 1:
psk_type = MBEDTLS_SSL_TLS1_3_PSK_EXTERNAL;
break;
}
}
else if( ssl_tls13_has_configured_psk( ssl ) ||
ssl_tls13_has_configured_ticket( ssl ) )
{
if( selected_identity >= 1 )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "Out of range" ) );
goto exit;
}
if( ssl_tls13_has_configured_psk( ssl ) )
psk_type = MBEDTLS_SSL_TLS1_3_PSK_EXTERNAL;
else if( ssl_tls13_has_configured_ticket( ssl ) )
psk_type = MBEDTLS_SSL_TLS1_3_PSK_RESUMPTION;
}
else
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
}
switch( psk_type )
{
#if defined(MBEDTLS_SSL_SESSION_TICKETS)
case MBEDTLS_SSL_TLS1_3_PSK_RESUMPTION:
ret = ssl_tls13_session_tickets_get_psk(
ssl, &psa_alg, &psk, &psk_len );
break;
#endif
case MBEDTLS_SSL_TLS1_3_PSK_EXTERNAL:
ret = ssl_tls13_psk_get_psk(
ssl, &psa_alg, &psk, &psk_len );
break;
default:
MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
}
if( ret != 0 )
return( ret );
ret = mbedtls_ssl_set_hs_psk( ssl, psk, psk_len );
if( ret != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_set_hs_psk", ret );
}
else
ssl->handshake->extensions_present |= MBEDTLS_SSL_EXT_PRE_SHARED_KEY;
return( ret );
exit:
MBEDTLS_SSL_DEBUG_MSG(
1, ( "Invalid chosen PSK identity." ) );
MBEDTLS_SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER,
MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER );
return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER );
}
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */