Implement generate resumption master secret
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
diff --git a/library/ssl_tls13_keys.c b/library/ssl_tls13_keys.c
index 32a4f2a..d0809fc 100644
--- a/library/ssl_tls13_keys.c
+++ b/library/ssl_tls13_keys.c
@@ -1507,9 +1507,42 @@
int mbedtls_ssl_tls13_generate_resumption_master_secret(
mbedtls_ssl_context *ssl )
{
+ int ret = 0;
+
+ mbedtls_md_type_t md_type;
+
+ unsigned char transcript[MBEDTLS_MD_MAX_SIZE];
+ size_t transcript_len;
+
+ MBEDTLS_SSL_DEBUG_MSG( 2,
+ ( "=> mbedtls_ssl_tls13_generate_resumption_master_secret" ) );
+
+ md_type = ssl->handshake->ciphersuite_info->mac;
+
+ ret = mbedtls_ssl_get_handshake_transcript( ssl, md_type,
+ transcript, sizeof( transcript ),
+ &transcript_len );
+ if( ret != 0 )
+ return( ret );
+
+ ret = mbedtls_ssl_tls13_derive_resumption_master_secret(
+ mbedtls_psa_translate_md( md_type ),
+ ssl->handshake->tls13_master_secrets.app,
+ transcript, transcript_len,
+ &ssl->session_negotiate->app_secrets );
+ if( ret != 0 )
+ return( ret );
+
/* Erase master secrets */
mbedtls_platform_zeroize( &ssl->handshake->tls13_master_secrets,
sizeof( ssl->handshake->tls13_master_secrets ) );
+
+ MBEDTLS_SSL_DEBUG_BUF( 4, "Resumption master secret",
+ ssl->session_negotiate->app_secrets.resumption_master_secret,
+ mbedtls_md_get_size( mbedtls_md_info_from_type( md_type ) ) );
+
+ MBEDTLS_SSL_DEBUG_MSG( 2,
+ ( "<= mbedtls_ssl_tls13_generate_resumption_master_secret" ) );
return( 0 );
}