diff --git a/library/ssl_misc.h b/library/ssl_misc.h index cbc04fda6..136892981 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -2223,7 +2223,7 @@ static inline int mbedtls_ssl_tls13_named_group_is_ecdhe(uint16_t named_group) named_group == MBEDTLS_SSL_IANA_TLS_GROUP_X448; } -static inline int mbedtls_ssl_tls13_named_group_is_dhe(uint16_t named_group) +static inline int mbedtls_ssl_tls13_named_group_is_ffdh(uint16_t named_group) { return named_group >= MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE2048 && named_group <= MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE8192; @@ -2258,7 +2258,7 @@ static inline int mbedtls_ssl_named_group_is_supported(uint16_t named_group) } #endif #if defined(PSA_WANT_ALG_FFDH) - if (mbedtls_ssl_tls13_named_group_is_dhe(named_group)) { + if (mbedtls_ssl_tls13_named_group_is_ffdh(named_group)) { return 1; } #endif @@ -2660,7 +2660,7 @@ mbedtls_ssl_mode_t mbedtls_ssl_get_mode_from_ciphersuite( #if defined(PSA_WANT_ALG_ECDH) || defined(PSA_WANT_ALG_FFDH) MBEDTLS_CHECK_RETURN_CRITICAL -int mbedtls_ssl_tls13_read_public_ecdhe_share(mbedtls_ssl_context *ssl, +int mbedtls_ssl_tls13_read_public_dhe_share(mbedtls_ssl_context *ssl, const unsigned char *buf, size_t buf_len); diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index b133fe2d8..01b0ca666 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -196,7 +196,7 @@ static int ssl_tls13_reset_key_share(mbedtls_ssl_context *ssl) #if defined(PSA_WANT_ALG_ECDH) || defined(PSA_WANT_ALG_FFDH) if (mbedtls_ssl_tls13_named_group_is_ecdhe(group_id) || - mbedtls_ssl_tls13_named_group_is_dhe(group_id)) { + mbedtls_ssl_tls13_named_group_is_ffdh(group_id)) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; @@ -247,7 +247,7 @@ static int ssl_tls13_get_default_group_id(mbedtls_ssl_context *ssl, } #endif #if defined(PSA_WANT_ALG_FFDH) - if (mbedtls_ssl_tls13_named_group_is_dhe(*group_list)) { + if (mbedtls_ssl_tls13_named_group_is_ffdh(*group_list)) { *group_id = *group_list; return 0; } @@ -301,7 +301,7 @@ static int ssl_tls13_write_key_share_ext(mbedtls_ssl_context *ssl, /* HRR could already have requested something else. */ group_id = ssl->handshake->offered_group_id; if (!mbedtls_ssl_tls13_named_group_is_ecdhe(group_id) && - !mbedtls_ssl_tls13_named_group_is_dhe(group_id)) { + !mbedtls_ssl_tls13_named_group_is_ffdh(group_id)) { MBEDTLS_SSL_PROC_CHK(ssl_tls13_get_default_group_id(ssl, &group_id)); } @@ -317,7 +317,7 @@ static int ssl_tls13_write_key_share_ext(mbedtls_ssl_context *ssl, client_shares = p; #if defined(PSA_WANT_ALG_ECDH) || defined(PSA_WANT_ALG_FFDH) if (mbedtls_ssl_tls13_named_group_is_ecdhe(group_id) || - mbedtls_ssl_tls13_named_group_is_dhe(group_id)) { + mbedtls_ssl_tls13_named_group_is_ffdh(group_id)) { /* Pointer to group */ unsigned char *group = p; /* Length of key_exchange */ @@ -429,7 +429,7 @@ static int ssl_tls13_parse_hrr_key_share_ext(mbedtls_ssl_context *ssl, } #endif /* PSA_WANT_ALG_ECDH */ #if defined(PSA_WANT_ALG_FFDH) - if (mbedtls_ssl_tls13_named_group_is_dhe(*group_list)) { + if (mbedtls_ssl_tls13_named_group_is_ffdh(*group_list)) { found = 1; break; } @@ -505,10 +505,10 @@ static int ssl_tls13_parse_key_share_ext(mbedtls_ssl_context *ssl, #if defined(PSA_WANT_ALG_ECDH) || defined(PSA_WANT_ALG_FFDH) if (mbedtls_ssl_tls13_named_group_is_ecdhe(group) || - mbedtls_ssl_tls13_named_group_is_dhe(group)) { + mbedtls_ssl_tls13_named_group_is_ffdh(group)) { MBEDTLS_SSL_DEBUG_MSG(2, ("DHE group name: %s", mbedtls_ssl_named_group_to_str(group))); - ret = mbedtls_ssl_tls13_read_public_ecdhe_share(ssl, p, end - p); + ret = mbedtls_ssl_tls13_read_public_dhe_share(ssl, p, end - p); if (ret != 0) { return ret; } diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c index 4ea4d01ff..1b58dceb2 100644 --- a/library/ssl_tls13_generic.c +++ b/library/ssl_tls13_generic.c @@ -1499,7 +1499,7 @@ int mbedtls_ssl_reset_transcript_for_hrr(mbedtls_ssl_context *ssl) #if defined(PSA_WANT_ALG_ECDH) || defined(PSA_WANT_ALG_FFDH) -int mbedtls_ssl_tls13_read_public_ecdhe_share(mbedtls_ssl_context *ssl, +int mbedtls_ssl_tls13_read_public_dhe_share(mbedtls_ssl_context *ssl, const unsigned char *buf, size_t buf_len) { diff --git a/library/ssl_tls13_keys.c b/library/ssl_tls13_keys.c index e8b009f48..7d54bba2f 100644 --- a/library/ssl_tls13_keys.c +++ b/library/ssl_tls13_keys.c @@ -1492,7 +1492,7 @@ static int ssl_tls13_key_schedule_stage_handshake(mbedtls_ssl_context *ssl) */ if (mbedtls_ssl_tls13_key_exchange_mode_with_ephemeral(ssl)) { if (mbedtls_ssl_tls13_named_group_is_ecdhe(handshake->offered_group_id) || - mbedtls_ssl_tls13_named_group_is_dhe(handshake->offered_group_id)) { + mbedtls_ssl_tls13_named_group_is_ffdh(handshake->offered_group_id)) { #if defined(PSA_WANT_ALG_ECDH) || defined(PSA_WANT_ALG_FFDH) psa_algorithm_t alg = mbedtls_ssl_tls13_named_group_is_ecdhe(handshake->offered_group_id) ? diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index ba64c32c1..a4db5dd26 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -914,11 +914,11 @@ static int ssl_tls13_parse_key_shares_ext(mbedtls_ssl_context *ssl, * ECDHE and FFDHE groups are supported */ if (mbedtls_ssl_tls13_named_group_is_ecdhe(group) || - mbedtls_ssl_tls13_named_group_is_dhe(group)) { + mbedtls_ssl_tls13_named_group_is_ffdh(group)) { MBEDTLS_SSL_DEBUG_MSG(2, ("ECDH/FFDH group: %s (%04x)", mbedtls_ssl_named_group_to_str(group), group)); - ret = mbedtls_ssl_tls13_read_public_ecdhe_share( + ret = mbedtls_ssl_tls13_read_public_dhe_share( ssl, key_exchange - 2, key_exchange_len + 2); if (ret != 0) { return ret; @@ -1915,7 +1915,7 @@ static int ssl_tls13_generate_and_write_key_share(mbedtls_ssl_context *ssl, #if defined(PSA_WANT_ALG_ECDH) || defined(PSA_WANT_ALG_FFDH) if (mbedtls_ssl_tls13_named_group_is_ecdhe(named_group) || - mbedtls_ssl_tls13_named_group_is_dhe(named_group)) { + mbedtls_ssl_tls13_named_group_is_ffdh(named_group)) { ret = mbedtls_ssl_tls13_generate_and_write_dh_key_exchange( ssl, named_group, buf, end, out_len); if (ret != 0) {