ARMmbed/mbedtls
1
0
Fork 0
mirror of https://github.com/ARMmbed/mbedtls.git synced 2025-05-12 09:54:38 +08:00
Code Issues Releases Wiki Activity

Change code based on comments

Browse Source 
Move set_state function into client
Add back export_key callback function in generate
application keys

Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
This commit is contained in:
XiaokangQian 2021-11-03 06:40:11 +00:00
parent 8903bd97b0
commit ac0385c08f
3 changed files with 28 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
library/ssl_tls13_client.c
View File

@ -1605,7 +1605,14 @@ static int ssl_tls1_3_process_certificate_verify( mbedtls_ssl_context *ssl )
*/ */
static int ssl_tls1_3_process_server_finished( mbedtls_ssl_context *ssl ) static int ssl_tls1_3_process_server_finished( mbedtls_ssl_context *ssl )
{ {
return ( mbedtls_ssl_tls13_process_finished_in( ssl ) ); int ret;
ret = mbedtls_ssl_tls13_process_finished_in( ssl );
if( ret != 0 )
return( ret );
mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CLIENT_FINISHED );
return( 0 );
} }
/* /*

2
library/ssl_tls13_generic.c
View File

@ -983,8 +983,6 @@ static int ssl_tls13_postprocess_finished_in_cli( mbedtls_ssl_context *ssl )
ssl->transform_application = transform_application; ssl->transform_application = transform_application;
mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CLIENT_FINISHED );
cleanup: cleanup:
mbedtls_platform_zeroize( &traffic_keys, sizeof(mbedtls_ssl_key_set) ); mbedtls_platform_zeroize( &traffic_keys, sizeof(mbedtls_ssl_key_set) );

20
library/ssl_tls13_keys.c
View File

@ -1189,6 +1189,26 @@ int mbedtls_ssl_tls1_3_generate_application_keys(
app_secrets->server_application_traffic_secret_N, app_secrets->server_application_traffic_secret_N,
md_size ); md_size );
/*
* Export client/server application traffic secret 0
*/
if( ssl->f_export_keys != NULL )
{
ssl->f_export_keys( ssl->p_export_keys,
MBEDTLS_SSL_KEY_EXPORT_TLS13_CLIENT_APPLICATION_TRAFFIC_SECRET,
app_secrets->client_application_traffic_secret_N, md_size,
ssl->handshake->randbytes + 32,
ssl->handshake->randbytes,
MBEDTLS_SSL_TLS_PRF_NONE /* TODO: FIX! */ );
ssl->f_export_keys( ssl->p_export_keys,
MBEDTLS_SSL_KEY_EXPORT_TLS13_SERVER_APPLICATION_TRAFFIC_SECRET,
app_secrets->server_application_traffic_secret_N, md_size,
ssl->handshake->randbytes + 32,
ssl->handshake->randbytes,
MBEDTLS_SSL_TLS_PRF_NONE /* TODO: FIX! */ );
}
MBEDTLS_SSL_DEBUG_BUF( 4, "client application_write_key:", MBEDTLS_SSL_DEBUG_BUF( 4, "client application_write_key:",
traffic_keys->client_write_key, keylen ); traffic_keys->client_write_key, keylen );
MBEDTLS_SSL_DEBUG_BUF( 4, "server application write key", MBEDTLS_SSL_DEBUG_BUF( 4, "server application write key",