ARMmbed/mbedtls
1
0
Fork 0
mirror of https://github.com/ARMmbed/mbedtls.git synced 2025-05-12 18:04:39 +08:00
Code Issues Releases Wiki Activity

Fix coding style

Browse Source 
Signed-off-by: Max Fillinger <max@max-fillinger.net>
This commit is contained in:
Max Fillinger 2024-09-21 10:48:57 +02:00 committed by Max Fillinger
parent 15f9f5e562
commit 9359f4d703
6 changed files with 63 additions and 42 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
include/mbedtls/ssl.h
View File

@ -5767,7 +5767,7 @@ int mbedtls_ssl_tls_prf(const mbedtls_tls_prf_types prf,
const unsigned char *random, size_t rlen, const unsigned char *random, size_t rlen,
unsigned char *dstbuf, size_t dlen); unsigned char *dstbuf, size_t dlen);
/** /**
* \brief TLS-Exporter to derive shared symmetric keys between server and client. * \brief TLS-Exporter to derive shared symmetric keys between server and client.
* *
* \param ssl SSL context from which to export keys. Must have finished the handshake. * \param ssl SSL context from which to export keys. Must have finished the handshake.
@ -5786,7 +5786,7 @@ int mbedtls_ssl_tls_prf(const mbedtls_tls_prf_types prf,
* *
* \return 0 on success. An SSL specific error on failure. * \return 0 on success. An SSL specific error on failure.
*/ */
int mbedtls_ssl_export_keying_material(mbedtls_ssl_context *ssl, int mbedtls_ssl_export_keying_material(mbedtls_ssl_context *ssl,
uint8_t *out, const size_t key_len, uint8_t *out, const size_t key_len,
const char *label, const size_t label_len, const char *label, const size_t label_len,
const unsigned char *context, const size_t context_len, const unsigned char *context, const size_t context_len,

31
library/ssl_tls.c
View File

@ -10056,9 +10056,12 @@ int mbedtls_ssl_verify_certificate(mbedtls_ssl_context *ssl,
static int mbedtls_ssl_tls12_export_keying_material(const mbedtls_ssl_context *ssl, static int mbedtls_ssl_tls12_export_keying_material(const mbedtls_ssl_context *ssl,
const mbedtls_md_type_t hash_alg, const mbedtls_md_type_t hash_alg,
uint8_t *out, const size_t key_len, uint8_t *out,
const char *label, const size_t label_len, const size_t key_len,
const unsigned char *context, const size_t context_len, const char *label,
const size_t label_len,
const unsigned char *context,
const size_t context_len,
const int use_context) const int use_context)
{ {
int ret = 0; int ret = 0;
@ -10087,8 +10090,8 @@ static int mbedtls_ssl_tls12_export_keying_material(const mbedtls_ssl_context *s
memcpy(prf_input, ssl->transform->randbytes + 32, 32); memcpy(prf_input, ssl->transform->randbytes + 32, 32);
memcpy(prf_input + 32, ssl->transform->randbytes, 32); memcpy(prf_input + 32, ssl->transform->randbytes, 32);
if (use_context) { if (use_context) {
prf_input[64] = (unsigned char)((context_len >> 8) & 0xff); prf_input[64] = (unsigned char) ((context_len >> 8) & 0xff);
prf_input[65] = (unsigned char)(context_len & 0xff); prf_input[65] = (unsigned char) (context_len & 0xff);
memcpy(prf_input + 66, context, context_len); memcpy(prf_input + 66, context, context_len);
} }
ret = tls_prf_generic(hash_alg, ssl->session->master, 48, label_str, ret = tls_prf_generic(hash_alg, ssl->session->master, 48, label_str,
@ -10103,9 +10106,12 @@ exit:
static int mbedtls_ssl_tls13_export_keying_material(mbedtls_ssl_context *ssl, static int mbedtls_ssl_tls13_export_keying_material(mbedtls_ssl_context *ssl,
const mbedtls_md_type_t hash_alg, const mbedtls_md_type_t hash_alg,
uint8_t *out, const size_t key_len, uint8_t *out,
const char *label, const size_t label_len, const size_t key_len,
const unsigned char *context, const size_t context_len) const char *label,
const size_t label_len,
const unsigned char *context,
const size_t context_len)
{ {
const psa_algorithm_t psa_hash_alg = mbedtls_md_psa_alg_from_type(hash_alg); const psa_algorithm_t psa_hash_alg = mbedtls_md_psa_alg_from_type(hash_alg);
const size_t hash_len = PSA_HASH_LENGTH(hash_alg); const size_t hash_len = PSA_HASH_LENGTH(hash_alg);
@ -10116,7 +10122,7 @@ static int mbedtls_ssl_tls13_export_keying_material(mbedtls_ssl_context *ssl,
} }
return mbedtls_ssl_tls13_exporter(psa_hash_alg, secret, hash_len, return mbedtls_ssl_tls13_exporter(psa_hash_alg, secret, hash_len,
(const unsigned char *)label, label_len, (const unsigned char *) label, label_len,
context, context_len, out, key_len); context, context_len, out, key_len);
} }
@ -10140,7 +10146,12 @@ int mbedtls_ssl_export_keying_material(mbedtls_ssl_context *ssl,
label, label_len, label, label_len,
context, context_len, use_context); context, context_len, use_context);
case MBEDTLS_SSL_VERSION_TLS1_3: case MBEDTLS_SSL_VERSION_TLS1_3:
return mbedtls_ssl_tls13_export_keying_material(ssl, hash_alg, out, key_len, label, label_len, return mbedtls_ssl_tls13_export_keying_material(ssl,
hash_alg,
out,
key_len,
label,
label_len,
use_context ? context : NULL, use_context ? context : NULL,
use_context ? context_len : 0); use_context ? context_len : 0);
default: default:

14
library/ssl_tls13_keys.c
View File

@ -1893,14 +1893,20 @@ int mbedtls_ssl_tls13_exporter(const psa_algorithm_t hash_alg,
int ret = 0; int ret = 0;
ret = mbedtls_ssl_tls13_derive_secret(hash_alg, secret, secret_len, label, label_len, NULL, 0, ret = mbedtls_ssl_tls13_derive_secret(hash_alg, secret, secret_len, label, label_len, NULL, 0,
MBEDTLS_SSL_TLS1_3_CONTEXT_UNHASHED, hkdf_secret, hash_len); MBEDTLS_SSL_TLS1_3_CONTEXT_UNHASHED, hkdf_secret,
hash_len);
if (ret != 0) { if (ret != 0) {
goto exit; goto exit;
} }
ret = mbedtls_ssl_tls13_derive_secret(hash_alg, hkdf_secret, hash_len, ret = mbedtls_ssl_tls13_derive_secret(hash_alg,
hkdf_secret,
hash_len,
MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN(exporter), MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN(exporter),
context_value, context_len, MBEDTLS_SSL_TLS1_3_CONTEXT_UNHASHED, context_value,
out, out_len); context_len,
MBEDTLS_SSL_TLS1_3_CONTEXT_UNHASHED,
out,
out_len);
exit: exit:
mbedtls_platform_zeroize(hkdf_secret, sizeof(hkdf_secret)); mbedtls_platform_zeroize(hkdf_secret, sizeof(hkdf_secret));

8
programs/ssl/ssl_client2.c
View File

@ -2575,19 +2575,21 @@ usage:
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
if (opt.exp_label != NULL && opt.exp_len > 0) { if (opt.exp_label != NULL && opt.exp_len > 0) {
unsigned char *exported_key = calloc((size_t)opt.exp_len, sizeof(unsigned int)); unsigned char *exported_key = calloc((size_t) opt.exp_len, sizeof(unsigned int));
if (exported_key == NULL) { if (exported_key == NULL) {
mbedtls_printf("Could not allocate %d bytes\n", opt.exp_len); mbedtls_printf("Could not allocate %d bytes\n", opt.exp_len);
ret = 3; ret = 3;
goto exit; goto exit;
} }
ret = mbedtls_ssl_export_keying_material(&ssl, exported_key, (size_t)opt.exp_len, ret = mbedtls_ssl_export_keying_material(&ssl, exported_key, (size_t) opt.exp_len,
opt.exp_label, strlen(opt.exp_label), opt.exp_label, strlen(opt.exp_label),
NULL, 0, 0); NULL, 0, 0);
if (ret != 0) { if (ret != 0) {
goto exit; goto exit;
} }
mbedtls_printf("Exporting key of length %d with label \"%s\": 0x", opt.exp_len, opt.exp_label); mbedtls_printf("Exporting key of length %d with label \"%s\": 0x",
opt.exp_len,
opt.exp_label);
for (i = 0; i < opt.exp_len; i++) { for (i = 0; i < opt.exp_len; i++) {
mbedtls_printf("%02X", exported_key[i]); mbedtls_printf("%02X", exported_key[i]);
} }

8
programs/ssl/ssl_server2.c
View File

@ -3657,19 +3657,21 @@ handshake:
} }
if (opt.exp_label != NULL && opt.exp_len > 0) { if (opt.exp_label != NULL && opt.exp_len > 0) {
unsigned char *exported_key = calloc((size_t)opt.exp_len, sizeof(unsigned int)); unsigned char *exported_key = calloc((size_t) opt.exp_len, sizeof(unsigned int));
if (exported_key == NULL) { if (exported_key == NULL) {
mbedtls_printf("Could not allocate %d bytes\n", opt.exp_len); mbedtls_printf("Could not allocate %d bytes\n", opt.exp_len);
ret = 3; ret = 3;
goto exit; goto exit;
} }
ret = mbedtls_ssl_export_keying_material(&ssl, exported_key, (size_t)opt.exp_len, ret = mbedtls_ssl_export_keying_material(&ssl, exported_key, (size_t) opt.exp_len,
opt.exp_label, strlen(opt.exp_label), opt.exp_label, strlen(opt.exp_label),
NULL, 0, 0); NULL, 0, 0);
if (ret != 0) { if (ret != 0) {
goto exit; goto exit;
} }
mbedtls_printf("Exporting key of length %d with label \"%s\": 0x", opt.exp_len, opt.exp_label); mbedtls_printf("Exporting key of length %d with label \"%s\": 0x",
opt.exp_len,
opt.exp_label);
for (i = 0; i < opt.exp_len; i++) { for (i = 0; i < opt.exp_len; i++) {
mbedtls_printf("%02X", exported_key[i]); mbedtls_printf("%02X", exported_key[i]);
} }

4
tests/suites/test_suite_ssl.function
View File

@ -1983,8 +1983,8 @@ void ssl_tls13_exporter(int hash_alg,
TEST_ASSERT(mbedtls_ssl_tls13_exporter( TEST_ASSERT(mbedtls_ssl_tls13_exporter(
(psa_algorithm_t) hash_alg, (psa_algorithm_t) hash_alg,
secret->x, secret->len, secret->x, secret->len,
(unsigned char *)label, strlen(label), (unsigned char *) label, strlen(label),
(unsigned char *)context_value, strlen(context_value), (unsigned char *) context_value, strlen(context_value),
dst, desired_length) == 0); dst, desired_length) == 0);
TEST_MEMORY_COMPARE(dst, desired_length, TEST_MEMORY_COMPARE(dst, desired_length,