mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-29 08:14:27 +01:00
mbedtls_ssl_get_key_exchange_md_tls1_2: return hashlen
In mbedtls_ssl_get_key_exchange_md_tls1_2, add an output parameter for the hash length. The code that calls this function can currently do without it, but it will need the hash length in the future, when adding support for a third-party callback to calculate the signature of the hash.
This commit is contained in:
parent
7aeb470f61
commit
ca1d742904
@ -646,9 +646,9 @@ int mbedtls_ssl_get_key_exchange_md_ssl_tls( mbedtls_ssl_context *ssl,
|
|||||||
#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \
|
#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \
|
||||||
defined(MBEDTLS_SSL_PROTO_TLS1_2)
|
defined(MBEDTLS_SSL_PROTO_TLS1_2)
|
||||||
int mbedtls_ssl_get_key_exchange_md_tls1_2( mbedtls_ssl_context *ssl,
|
int mbedtls_ssl_get_key_exchange_md_tls1_2( mbedtls_ssl_context *ssl,
|
||||||
unsigned char *output,
|
unsigned char *hash, size_t *hashlen,
|
||||||
unsigned char *data, size_t data_len,
|
unsigned char *data, size_t data_len,
|
||||||
mbedtls_md_type_t md_alg );
|
mbedtls_md_type_t md_alg );
|
||||||
#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \
|
#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \
|
||||||
MBEDTLS_SSL_PROTO_TLS1_2 */
|
MBEDTLS_SSL_PROTO_TLS1_2 */
|
||||||
|
|
||||||
|
@ -2526,10 +2526,9 @@ static int ssl_parse_server_key_exchange( mbedtls_ssl_context *ssl )
|
|||||||
defined(MBEDTLS_SSL_PROTO_TLS1_2)
|
defined(MBEDTLS_SSL_PROTO_TLS1_2)
|
||||||
if( md_alg != MBEDTLS_MD_NONE )
|
if( md_alg != MBEDTLS_MD_NONE )
|
||||||
{
|
{
|
||||||
/* Info from md_alg will be used instead */
|
ret = mbedtls_ssl_get_key_exchange_md_tls1_2( ssl, hash, &hashlen,
|
||||||
hashlen = 0;
|
params, params_len,
|
||||||
ret = mbedtls_ssl_get_key_exchange_md_tls1_2( ssl, hash, params,
|
md_alg );
|
||||||
params_len, md_alg );
|
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
return( ret );
|
return( ret );
|
||||||
}
|
}
|
||||||
@ -2541,8 +2540,7 @@ static int ssl_parse_server_key_exchange( mbedtls_ssl_context *ssl )
|
|||||||
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
|
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
|
||||||
}
|
}
|
||||||
|
|
||||||
MBEDTLS_SSL_DEBUG_BUF( 3, "parameters hash", hash, hashlen != 0 ? hashlen :
|
MBEDTLS_SSL_DEBUG_BUF( 3, "parameters hash", hash, hashlen );
|
||||||
(unsigned int) ( mbedtls_md_get_size( mbedtls_md_info_from_type( md_alg ) ) ) );
|
|
||||||
|
|
||||||
if( ssl->session_negotiate->peer_cert == NULL )
|
if( ssl->session_negotiate->peer_cert == NULL )
|
||||||
{
|
{
|
||||||
|
@ -3045,7 +3045,7 @@ curve_matching_done:
|
|||||||
if( mbedtls_ssl_ciphersuite_uses_server_signature( ciphersuite_info ) )
|
if( mbedtls_ssl_ciphersuite_uses_server_signature( ciphersuite_info ) )
|
||||||
{
|
{
|
||||||
size_t signature_len = 0;
|
size_t signature_len = 0;
|
||||||
unsigned int hashlen = 0;
|
size_t hashlen = 0;
|
||||||
unsigned char hash[64];
|
unsigned char hash[64];
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@ -3116,9 +3116,7 @@ curve_matching_done:
|
|||||||
defined(MBEDTLS_SSL_PROTO_TLS1_2)
|
defined(MBEDTLS_SSL_PROTO_TLS1_2)
|
||||||
if( md_alg != MBEDTLS_MD_NONE )
|
if( md_alg != MBEDTLS_MD_NONE )
|
||||||
{
|
{
|
||||||
/* Info from md_alg will be used instead */
|
ret = mbedtls_ssl_get_key_exchange_md_tls1_2( ssl, hash, &hashlen,
|
||||||
hashlen = 0;
|
|
||||||
ret = mbedtls_ssl_get_key_exchange_md_tls1_2( ssl, hash,
|
|
||||||
dig_signed,
|
dig_signed,
|
||||||
dig_signed_len,
|
dig_signed_len,
|
||||||
md_alg );
|
md_alg );
|
||||||
@ -3133,8 +3131,7 @@ curve_matching_done:
|
|||||||
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
|
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
|
||||||
}
|
}
|
||||||
|
|
||||||
MBEDTLS_SSL_DEBUG_BUF( 3, "parameters hash", hash, hashlen != 0 ? hashlen :
|
MBEDTLS_SSL_DEBUG_BUF( 3, "parameters hash", hash, hashlen );
|
||||||
(unsigned int) ( mbedtls_md_get_size( mbedtls_md_info_from_type( md_alg ) ) ) );
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* 3.3: Compute and add the signature
|
* 3.3: Compute and add the signature
|
||||||
|
@ -8310,13 +8310,14 @@ exit:
|
|||||||
#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \
|
#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \
|
||||||
defined(MBEDTLS_SSL_PROTO_TLS1_2)
|
defined(MBEDTLS_SSL_PROTO_TLS1_2)
|
||||||
int mbedtls_ssl_get_key_exchange_md_tls1_2( mbedtls_ssl_context *ssl,
|
int mbedtls_ssl_get_key_exchange_md_tls1_2( mbedtls_ssl_context *ssl,
|
||||||
unsigned char *output,
|
unsigned char *hash, size_t *hashlen,
|
||||||
unsigned char *data, size_t data_len,
|
unsigned char *data, size_t data_len,
|
||||||
mbedtls_md_type_t md_alg )
|
mbedtls_md_type_t md_alg )
|
||||||
{
|
{
|
||||||
int ret = 0;
|
int ret = 0;
|
||||||
mbedtls_md_context_t ctx;
|
mbedtls_md_context_t ctx;
|
||||||
const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( md_alg );
|
const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( md_alg );
|
||||||
|
*hashlen = mbedtls_md_get_size( md_info );
|
||||||
|
|
||||||
mbedtls_md_init( &ctx );
|
mbedtls_md_init( &ctx );
|
||||||
|
|
||||||
@ -8347,7 +8348,7 @@ int mbedtls_ssl_get_key_exchange_md_tls1_2( mbedtls_ssl_context *ssl,
|
|||||||
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md_update", ret );
|
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md_update", ret );
|
||||||
goto exit;
|
goto exit;
|
||||||
}
|
}
|
||||||
if( ( ret = mbedtls_md_finish( &ctx, output ) ) != 0 )
|
if( ( ret = mbedtls_md_finish( &ctx, hash ) ) != 0 )
|
||||||
{
|
{
|
||||||
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md_finish", ret );
|
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md_finish", ret );
|
||||||
goto exit;
|
goto exit;
|
||||||
|
Loading…
Reference in New Issue
Block a user