Change code based on comments

Align coding styles
Add hrr parameter for ssl_tls13_parse_server_hello
Add reset steps for SHA384 in HRR

Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
This commit is contained in:
XiaokangQian 2022-01-18 06:23:32 +00:00
parent 8945db36ab
commit d9e068e10b
3 changed files with 43 additions and 34 deletions

View File

@ -593,7 +593,7 @@ struct mbedtls_ssl_handshake_params
#if defined(MBEDTLS_SSL_CLI_C)
/*!< Number of Hello Retry Request messages received from the server. */
int hello_retry_requests_received;
int hello_retry_request_count;
#endif /* MBEDTLS_SSL_CLI_C */
#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \

View File

@ -7630,9 +7630,9 @@ static int ssl_hash_transcript_core( mbedtls_ssl_context *ssl,
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
ret = mbedtls_ssl_get_handshake_transcript( ssl, md,
transcript + 4,
len - 4,
&hash_size );
transcript + 4,
len - 4,
&hash_size );
if( ret != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 4, "mbedtls_ssl_get_handshake_transcript", ret );
@ -7689,7 +7689,7 @@ int mbedtls_ssl_reset_transcript_for_hrr( mbedtls_ssl_context *ssl )
ssl_update_checksum_sha256( ssl, hash_transcript, hash_olen );
#endif /* MBEDTLS_SHA256_C */
#if defined(MBEDTLS_SHA512_C)
#if defined(MBEDTLS_SHA384_C)
ret = ssl_hash_transcript_core( ssl, MBEDTLS_MD_SHA384,
hash_transcript,
sizeof( hash_transcript ),
@ -7701,7 +7701,15 @@ int mbedtls_ssl_reset_transcript_for_hrr( mbedtls_ssl_context *ssl )
}
MBEDTLS_SSL_DEBUG_BUF( 4, "Truncated SHA-384 handshake transcript",
hash_transcript, hash_olen );
#endif /* MBEDTLS_SHA512_C */
#if defined(MBEDTLS_USE_PSA_CRYPTO)
psa_hash_abort( &ssl->handshake->fin_sha384_psa );
psa_hash_setup( &ssl->handshake->fin_sha384_psa, PSA_ALG_SHA_384 );
#else
mbedtls_sha512_starts( &ssl->handshake->fin_sha512, 1 );
#endif
ssl_update_checksum_sha384( ssl, hash_transcript, hash_olen );
#endif /* MBEDTLS_SHA384_C */
return( ret );
}

View File

@ -136,7 +136,7 @@ static int ssl_tls13_parse_supported_versions_ext( mbedtls_ssl_context *ssl,
*/
#if defined(MBEDTLS_ECDH_C)
static int ssl_reset_ecdhe_share( mbedtls_ssl_context *ssl )
static int ssl_tls13_reset_ecdhe_share( mbedtls_ssl_context *ssl )
{
mbedtls_ecdh_free( &ssl->handshake->ecdh_ctx );
return( 0 );
@ -149,7 +149,7 @@ static int ssl_tls13_reset_key_share( mbedtls_ssl_context *ssl )
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
if( mbedtls_ssl_tls13_named_group_is_ecdhe( group_id ) )
return( ssl_reset_ecdhe_share( ssl ) );
return( ssl_tls13_reset_ecdhe_share( ssl ) );
else if( 0 /* other KEMs? */ )
{
/* Do something */
@ -421,7 +421,7 @@ static int ssl_tls13_read_public_ecdhe_share( mbedtls_ssl_context *ssl,
}
#endif /* MBEDTLS_ECDH_C */
static int ssl_tls13_hrr_check_key_share_ext( mbedtls_ssl_context *ssl,
static int ssl_tls13_parse_hrr_key_share_ext( mbedtls_ssl_context *ssl,
const unsigned char *buf,
const unsigned char *end )
{
@ -451,7 +451,7 @@ static int ssl_tls13_hrr_check_key_share_ext( mbedtls_ssl_context *ssl,
* If the server provided a key share that was not sent in the ClientHello
* then the client MUST abort the handshake with an "illegal_parameter" alert.
*/
for ( ; *group_list != 0; group_list++ )
for( ; *group_list != 0; group_list++ )
{
curve_info = mbedtls_ecp_curve_info_from_tls_id( *group_list );
if( curve_info == NULL || curve_info->tls_id != tls_id )
@ -938,7 +938,7 @@ static int ssl_tls13_server_hello_coordinate( mbedtls_ssl_context *ssl,
* was itself in response to a HelloRetryRequest), it MUST abort the
* handshake with an "unexpected_message" alert.
*/
if( ssl->handshake->hello_retry_requests_received > 0 )
if( ssl->handshake->hello_retry_request_count > 0 )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "Multiple HRRs received" ) );
MBEDTLS_SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE,
@ -946,7 +946,7 @@ static int ssl_tls13_server_hello_coordinate( mbedtls_ssl_context *ssl,
return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE );
}
ssl->handshake->hello_retry_requests_received++;
ssl->handshake->hello_retry_request_count++;
break;
}
@ -1021,7 +1021,8 @@ static int ssl_tls13_cipher_suite_is_offered( mbedtls_ssl_context *ssl,
*/
static int ssl_tls13_parse_server_hello( mbedtls_ssl_context *ssl,
const unsigned char *buf,
const unsigned char *end)
const unsigned char *end,
int is_hrr )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
const unsigned char *p = buf;
@ -1165,9 +1166,6 @@ static int ssl_tls13_parse_server_hello( mbedtls_ssl_context *ssl,
{
unsigned int extension_type;
size_t extension_data_len;
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
int hrr;
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
MBEDTLS_SSL_CHK_BUF_READ_PTR( p, extensions_end, 4 );
extension_type = MBEDTLS_GET_UINT16_BE( p, 0 );
@ -1181,6 +1179,14 @@ static int ssl_tls13_parse_server_hello( mbedtls_ssl_context *ssl,
#if defined(MBEDTLS_SSL_COOKIE_C)
case MBEDTLS_TLS_EXT_COOKIE:
if( !is_hrr )
{
MBEDTLS_SSL_PEND_FATAL_ALERT(
MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT,
MBEDTLS_ERR_SSL_UNSUPPORTED_EXTENSION );
return( MBEDTLS_ERR_SSL_UNSUPPORTED_EXTENSION );
}
/* Retrieve length field of cookie */
MBEDTLS_SSL_CHK_BUF_READ_PTR( p, extensions_end, 2 );
cookie_len = MBEDTLS_GET_UINT16_BE( p, 0 );
@ -1226,16 +1232,15 @@ static int ssl_tls13_parse_server_hello( mbedtls_ssl_context *ssl,
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
case MBEDTLS_TLS_EXT_KEY_SHARE:
hrr = ssl_server_hello_is_hrr( ssl, buf, end );
MBEDTLS_SSL_DEBUG_MSG( 3, ( "found key_shares extension" ) );
if( hrr == SSL_SERVER_HELLO_COORDINATE_HRR )
ret = ssl_tls13_hrr_check_key_share_ext( ssl,
if( is_hrr == SSL_SERVER_HELLO_COORDINATE_HRR )
ret = ssl_tls13_parse_hrr_key_share_ext( ssl,
p, p + extension_data_len );
else if( hrr == SSL_SERVER_HELLO_COORDINATE_HELLO )
else if( is_hrr == SSL_SERVER_HELLO_COORDINATE_HELLO )
ret = ssl_tls13_parse_key_share_ext( ssl,
p, p + extension_data_len );
else
ret = hrr;
ret = is_hrr;
if( ret != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1,
@ -1422,7 +1427,7 @@ static int ssl_tls13_process_server_hello( mbedtls_ssl_context *ssl )
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
unsigned char *buf = NULL;
size_t buf_len = 0;
int hrr = -1;
int is_hrr = -1;
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> %s", __func__ ) );
@ -1435,32 +1440,28 @@ static int ssl_tls13_process_server_hello( mbedtls_ssl_context *ssl )
ssl->handshake->extensions_present = MBEDTLS_SSL_EXT_NONE;
ret = ssl_tls13_server_hello_coordinate( ssl, &buf, &buf_len );
if( ret != SSL_SERVER_HELLO_COORDINATE_HELLO &&
ret != SSL_SERVER_HELLO_COORDINATE_HRR )
if( ret < 0 )
goto cleanup;
else
hrr = ret;
is_hrr = ( ret == SSL_SERVER_HELLO_COORDINATE_HRR );
/* Parsing step
* We know what message to expect by now and call
* the respective parsing function.
*/
MBEDTLS_SSL_PROC_CHK( ssl_tls13_parse_server_hello( ssl, buf,
buf + buf_len ) );
if( hrr == SSL_SERVER_HELLO_COORDINATE_HRR )
buf + buf_len,
is_hrr ) );
if( is_hrr )
MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_reset_transcript_for_hrr( ssl ) );
mbedtls_ssl_tls13_add_hs_msg_to_checksum( ssl,
MBEDTLS_SSL_HS_SERVER_HELLO,
buf, buf_len );
if( hrr == SSL_SERVER_HELLO_COORDINATE_HELLO )
{
MBEDTLS_SSL_PROC_CHK( ssl_tls13_finalize_server_hello( ssl ) );
}
else if( hrr == SSL_SERVER_HELLO_COORDINATE_HRR )
{
if( is_hrr )
MBEDTLS_SSL_PROC_CHK( ssl_tls13_finalize_hrr( ssl ) );
}
else
MBEDTLS_SSL_PROC_CHK( ssl_tls13_finalize_server_hello( ssl ) );
cleanup:
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= %s", __func__ ) );