mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-04-17 20:42:44 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

tls12_client: skip PMS generation for opaque RSA-PSK

Browse Source 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
This commit is contained in:
Przemek Stekiel 2022-04-05 17:21:14 +02:00
parent c2033409e3
commit f2534ba69b
1 changed files with 7 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
library/ssl_tls12_client.c
View File

@ -3138,12 +3138,6 @@ ecdh_calc_secret:
#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ) if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK )
{ {
#if defined(MBEDTLS_USE_PSA_CRYPTO)
/* Opaque PSKs are currently only supported for PSK-only suites. */
if( ssl_conf_has_static_raw_psk( ssl->conf ) == 0 )
return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
#endif /* MBEDTLS_USE_PSA_CRYPTO */
if( ( ret = ssl_write_encrypted_pms( ssl, header_len, if( ( ret = ssl_write_encrypted_pms( ssl, header_len,
&content_len, 2 ) ) != 0 ) &content_len, 2 ) ) != 0 )
return( ret ); return( ret );
@ -3224,6 +3218,13 @@ ecdh_calc_secret:
( "skip PMS generation for opaque PSK" ) ); ( "skip PMS generation for opaque PSK" ) );
} }
else else
if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK &&
ssl_conf_has_static_raw_psk( ssl->conf ) == 0 )
{
MBEDTLS_SSL_DEBUG_MSG( 1,
( "skip PMS generation for opaque RSA-PSK" ) );
}
else
#endif /* MBEDTLS_USE_PSA_CRYPTO && #endif /* MBEDTLS_USE_PSA_CRYPTO &&
MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl, if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl,