ARMmbed/mbedtls
1
0
Fork 0
mirror of https://github.com/ARMmbed/mbedtls.git synced 2025-05-10 00:49:04 +08:00
Code Issues Releases Wiki Activity

rename ticket_creation to ticket_creation_time

Browse Source 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
This commit is contained in:
Jerry Yu 2023-11-10 14:12:20 +08:00
parent 46c7926f74
commit 25ba4d40ef
7 changed files with 26 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
include/mbedtls/ssl.h
View File

@ -1248,18 +1248,20 @@ struct mbedtls_ssl_session {
uint8_t MBEDTLS_PRIVATE(ticket_flags); /*!< Ticket flags */ uint8_t MBEDTLS_PRIVATE(ticket_flags); /*!< Ticket flags */
uint32_t MBEDTLS_PRIVATE(ticket_age_add); /*!< Randomly generated value used to obscure the age of the ticket */ uint32_t MBEDTLS_PRIVATE(ticket_age_add); /*!< Randomly generated value used to obscure the age of the ticket */
uint8_t MBEDTLS_PRIVATE(resumption_key_len); /*!< resumption_key length */ uint8_t MBEDTLS_PRIVATE(resumption_key_len); /*!< resumption_key length */
#if defined(MBEDTLS_HAVE_TIME)
mbedtls_ms_time_t MBEDTLS_PRIVATE(ticket_creation); /*!< create time of ticket */
#endif
unsigned char MBEDTLS_PRIVATE(resumption_key)[MBEDTLS_SSL_TLS1_3_TICKET_RESUMPTION_KEY_LEN]; unsigned char MBEDTLS_PRIVATE(resumption_key)[MBEDTLS_SSL_TLS1_3_TICKET_RESUMPTION_KEY_LEN];
#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) && defined(MBEDTLS_SSL_CLI_C) #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) && defined(MBEDTLS_SSL_CLI_C)
char *MBEDTLS_PRIVATE(hostname); /*!< host name binded with tickets */ char *MBEDTLS_PRIVATE(hostname); /*!< host name binded with tickets */
#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION && MBEDTLS_SSL_CLI_C */ #endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION && MBEDTLS_SSL_CLI_C */
#if defined(MBEDTLS_HAVE_TIME) && defined(MBEDTLS_SSL_CLI_C) #if defined(MBEDTLS_HAVE_TIME)
mbedtls_ms_time_t MBEDTLS_PRIVATE(ticket_received); /*!< time ticket was received */ #if defined(MBEDTLS_SSL_CLI_C)
#endif /* MBEDTLS_HAVE_TIME && MBEDTLS_SSL_CLI_C */ mbedtls_ms_time_t MBEDTLS_PRIVATE(ticket_received); /*!< time that ticket was received */
#endif
#if defined(MBEDTLS_SSL_SRV_C)
mbedtls_ms_time_t MBEDTLS_PRIVATE(ticket_creation_time); /*!< create time of ticket */
#endif
#endif /* MBEDTLS_HAVE_TIME */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 && MBEDTLS_SSL_SESSION_TICKETS */ #endif /* MBEDTLS_SSL_PROTO_TLS1_3 && MBEDTLS_SSL_SESSION_TICKETS */

2
library/ssl_ticket.c
View File

@ -498,7 +498,7 @@ int mbedtls_ssl_ticket_parse(void *p_ticket,
#if defined(MBEDTLS_SSL_PROTO_TLS1_3) #if defined(MBEDTLS_SSL_PROTO_TLS1_3)
if (session->tls_version == MBEDTLS_SSL_VERSION_TLS1_3) { if (session->tls_version == MBEDTLS_SSL_VERSION_TLS1_3) {
/* Check for expiration */ /* Check for expiration */
mbedtls_ms_time_t ticket_age = mbedtls_ms_time() - session->ticket_creation; mbedtls_ms_time_t ticket_age = mbedtls_ms_time() - session->ticket_creation_time;
mbedtls_ms_time_t ticket_lifetime = ctx->ticket_lifetime * 1000; mbedtls_ms_time_t ticket_lifetime = ctx->ticket_lifetime * 1000;
if (ticket_age < 0 || ticket_age > ticket_lifetime) { if (ticket_age < 0 || ticket_age > ticket_lifetime) {

6
library/ssl_tls.c
View File

@ -2457,7 +2457,7 @@ mbedtls_ssl_mode_t mbedtls_ssl_get_mode_from_ciphersuite(
* uint32 max_early_data_size; * uint32 max_early_data_size;
* select ( endpoint ) { * select ( endpoint ) {
* case client: ClientOnlyData; * case client: ClientOnlyData;
* case server: uint64 start_time; * case server: uint64 ticket_creation_time_time;
* }; * };
* } serialized_session_tls13; * } serialized_session_tls13;
* *
@ -2537,7 +2537,7 @@ static int ssl_tls13_session_save(const mbedtls_ssl_session *session,
#if defined(MBEDTLS_HAVE_TIME) && defined(MBEDTLS_SSL_SRV_C) #if defined(MBEDTLS_HAVE_TIME) && defined(MBEDTLS_SSL_SRV_C)
if (session->endpoint == MBEDTLS_SSL_IS_SERVER) { if (session->endpoint == MBEDTLS_SSL_IS_SERVER) {
MBEDTLS_PUT_UINT64_BE((uint64_t) session->ticket_creation, p, 0); MBEDTLS_PUT_UINT64_BE((uint64_t) session->ticket_creation_time, p, 0);
p += 8; p += 8;
} }
#endif /* MBEDTLS_HAVE_TIME */ #endif /* MBEDTLS_HAVE_TIME */
@ -2616,7 +2616,7 @@ static int ssl_tls13_session_load(mbedtls_ssl_session *session,
if (end - p < 8) { if (end - p < 8) {
return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
} }
session->ticket_creation = MBEDTLS_GET_UINT64_BE(p, 0); session->ticket_creation_time = MBEDTLS_GET_UINT64_BE(p, 0);
p += 8; p += 8;
} }
#endif /* MBEDTLS_HAVE_TIME */ #endif /* MBEDTLS_HAVE_TIME */

8
library/ssl_tls13_server.c
View File

@ -193,15 +193,15 @@ static int ssl_tls13_offered_psks_check_identity_match_ticket(
#if defined(MBEDTLS_HAVE_TIME) #if defined(MBEDTLS_HAVE_TIME)
now = mbedtls_ms_time(); now = mbedtls_ms_time();
if (now < session->ticket_creation) { if (now < session->ticket_creation_time) {
MBEDTLS_SSL_DEBUG_MSG( MBEDTLS_SSL_DEBUG_MSG(
3, ("Invalid ticket start time ( now = %" MBEDTLS_PRINTF_MS_TIME 3, ("Invalid ticket start time ( now = %" MBEDTLS_PRINTF_MS_TIME
", start = %" MBEDTLS_PRINTF_MS_TIME " )", ", start = %" MBEDTLS_PRINTF_MS_TIME " )",
now, session->ticket_creation)); now, session->ticket_creation_time));
goto exit; goto exit;
} }
server_age = now - session->ticket_creation; server_age = now - session->ticket_creation_time;
/* RFC 8446 section 4.6.1 /* RFC 8446 section 4.6.1
* *
@ -2878,7 +2878,7 @@ static int ssl_tls13_prepare_new_session_ticket(mbedtls_ssl_context *ssl,
MBEDTLS_SSL_DEBUG_MSG(2, ("=> prepare NewSessionTicket msg")); MBEDTLS_SSL_DEBUG_MSG(2, ("=> prepare NewSessionTicket msg"));
#if defined(MBEDTLS_HAVE_TIME) #if defined(MBEDTLS_HAVE_TIME)
session->ticket_creation = mbedtls_ms_time(); session->ticket_creation_time = mbedtls_ms_time();
#endif #endif
/* Set ticket_flags depends on the advertised psk key exchange mode */ /* Set ticket_flags depends on the advertised psk key exchange mode */

14
programs/ssl/ssl_server2.c
View File

@ -1422,28 +1422,28 @@ int dummy_ticket_parse(void *p_ticket, mbedtls_ssl_session *session,
#if defined(MBEDTLS_SSL_PROTO_TLS1_3) #if defined(MBEDTLS_SSL_PROTO_TLS1_3)
case 3: case 3:
/* Creation time in the future. */ /* Creation time in the future. */
session->ticket_creation = mbedtls_ms_time() + session->ticket_creation_time = mbedtls_ms_time() +
MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE + MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE +
4 * 1000; 4 * 1000;
break; break;
case 4: case 4:
/* Ticket reaches the end of lifetime. */ /* Ticket reaches the end of lifetime. */
session->ticket_creation = mbedtls_ms_time() - session->ticket_lifetime - session->ticket_creation_time = mbedtls_ms_time() - session->ticket_lifetime -
MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE - 4 * 1000; MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE - 4 * 1000;
break; break;
case 5: case 5:
/* Ticket is valid, but client age is beyond the upper bound of tolerance window. */ /* Ticket is valid, but client age is beyond the upper bound of tolerance window. */
session->ticket_age_add += MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE + 4 * 1000; session->ticket_age_add += MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE + 4 * 1000;
/* Make sure the execution time does not affect the result */ /* Make sure the execution time does not affect the result */
session->ticket_creation = mbedtls_ms_time(); session->ticket_creation_time = mbedtls_ms_time();
break; break;
case 6: case 6:
/* Ticket is valid, but client age is beyond the lower bound of tolerance window. */ /* Ticket is valid, but client age is beyond the lower bound of tolerance window. */
session->ticket_age_add -= MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE + 4 * 1000; session->ticket_age_add -= MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE + 4 * 1000;
/* Make sure the execution time does not affect the result */ /* Make sure the execution time does not affect the result */
session->ticket_creation = mbedtls_ms_time(); session->ticket_creation_time = mbedtls_ms_time();
break; break;
case 7: case 7:
session->ticket_flags = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_NONE; session->ticket_flags = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_NONE;

2
tests/src/test_helpers/ssl_helpers.c
View File

@ -1754,7 +1754,7 @@ int mbedtls_test_ssl_tls13_populate_session(mbedtls_ssl_session *session,
#if defined(MBEDTLS_HAVE_TIME) #if defined(MBEDTLS_HAVE_TIME)
if (session->endpoint == MBEDTLS_SSL_IS_SERVER) { if (session->endpoint == MBEDTLS_SSL_IS_SERVER) {
session->ticket_creation = mbedtls_ms_time() - 42; session->ticket_creation_time = mbedtls_ms_time() - 42;
} }
#endif #endif

4
tests/suites/test_suite_ssl.function
View File

@ -1975,7 +1975,7 @@ void ssl_serialize_session_save_load(int ticket_len, char *crt_file,
#if defined(MBEDTLS_HAVE_TIME) #if defined(MBEDTLS_HAVE_TIME)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3) #if defined(MBEDTLS_SSL_PROTO_TLS1_3)
if (tls_version == MBEDTLS_SSL_VERSION_TLS1_3) { if (tls_version == MBEDTLS_SSL_VERSION_TLS1_3) {
TEST_ASSERT(original.ticket_creation == restored.ticket_creation); TEST_ASSERT(original.ticket_creation_time == restored.ticket_creation_time);
} }
#endif #endif
@ -2066,7 +2066,7 @@ void ssl_serialize_session_save_load(int ticket_len, char *crt_file,
#if defined(MBEDTLS_HAVE_TIME) && defined(MBEDTLS_SSL_SRV_C) #if defined(MBEDTLS_HAVE_TIME) && defined(MBEDTLS_SSL_SRV_C)
if (endpoint_type == MBEDTLS_SSL_IS_SERVER) { if (endpoint_type == MBEDTLS_SSL_IS_SERVER) {
TEST_ASSERT(original.ticket_creation == restored.ticket_creation); TEST_ASSERT(original.ticket_creation_time == restored.ticket_creation_time);
} }
#endif #endif
#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C) #if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C)