Merge pull request #5263 from ronald-cron-arm/psa-test-driver_3.x
Forward port to 3.x: Introduce PSA test driver library to test PSA configuration
diff --git a/.travis.yml b/.travis.yml
index 39ae19c..cdb68ac 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -1,5 +1,7 @@
-language: c
-compiler: gcc
+# Declare python as our language. This way we get our chosen Python version,
+# and pip is available. Gcc and clang are available anyway.
+language: python
+python: 3.5
sudo: false
cache: ccache
@@ -16,10 +18,6 @@
- libnewlib-arm-none-eabi
- gcc-arm-linux-gnueabi
- libc6-dev-armel-cross
- language: python # Needed to get pip for Python 3
- python: 3.5 # version from Ubuntu 16.04
- install:
- - pip install mypy==0.780 pylint==2.4.4
script:
- tests/scripts/all.sh -k 'check_*'
- tests/scripts/all.sh -k test_default_out_of_box
@@ -32,11 +30,16 @@
- name: Windows
os: windows
+ # The language 'python' is currently unsupported on the
+ # Windows Build Environment. And 'generic' causes the job to get stuck
+ # on "Booting virtual machine".
+ language: c
before_install:
- choco install python --version=3.5.4
env:
# Add the directory where the Choco packages go
- PATH=/c/Python35:/c/Python35/Scripts:$PATH
+ - PYTHON=python.exe
script:
- type perl; perl --version
- type python; python --version
@@ -53,6 +56,9 @@
- SEED=1
- secure: "FrI5d2s+ckckC17T66c8jm2jV6i2DkBPU5nyWzwbedjmEBeocREfQLd/x8yKpPzLDz7ghOvr+/GQvsPPn0dVkGlNzm3Q+hGHc/ujnASuUtGrcuMM+0ALnJ3k4rFr9xEvjJeWb4SmhJO5UCAZYvTItW4k7+bj9L+R6lt3TzQbXzg="
+install:
+ - $PYTHON scripts/min_requirements.py
+
addons:
apt:
packages:
diff --git a/ChangeLog.d/additional_cipher_info_getters.txt b/ChangeLog.d/additional_cipher_info_getters.txt
new file mode 100644
index 0000000..5cb1ad6
--- /dev/null
+++ b/ChangeLog.d/additional_cipher_info_getters.txt
@@ -0,0 +1,3 @@
+Features
+ * Add functions to get the IV and block size from cipher_info structs.
+ * Add functions to check if a cipher supports variable IV or key size.
diff --git a/ChangeLog.d/build-without-sha.txt b/ChangeLog.d/build-without-sha.txt
new file mode 100644
index 0000000..78ba276
--- /dev/null
+++ b/ChangeLog.d/build-without-sha.txt
@@ -0,0 +1,3 @@
+Bugfix
+ * Fix the build when no SHA2 module is included. Fixes #4930.
+ * Fix the build when only the bignum module is included. Fixes #4929.
diff --git a/README.md b/README.md
index c8d9450..ea1d7a3 100644
--- a/README.md
+++ b/README.md
@@ -59,7 +59,10 @@
The following tools are required:
* Perl, for some library source files and for Visual Studio build files.
-* Python 3, for some sample programs and test data.
+* Python 3 and some Python packages, for some library source files, sample programs and test data. To install the necessary packages, run
+ ```
+ python -m pip install -r scripts/basic.requirements.txt
+ ```
* A C compiler for the host platform, for some test data.
If you are cross-compiling, you must set the `CC` environment variable to a C compiler for the host platform when generating the configuration-independent files.
diff --git a/docs/architecture/tls13-experimental.md b/docs/architecture/tls13-experimental.md
index 88d0b73..0dceeeb 100644
--- a/docs/architecture/tls13-experimental.md
+++ b/docs/architecture/tls13-experimental.md
@@ -133,17 +133,23 @@
(1) This is just for comparison.
- (2) The MVP sends one shared secret corresponding to the configured preferred
- group. The preferred group is the group of the first curve in the list of
- allowed curves as defined by the configuration. The allowed curves are
- by default ordered as follow: `secp256r1`, `x25519`, `secp384r1`
- and finally `secp521r1`. This default order is aligned with the
- list of mandatory-to-implement groups (in absence of an application
- profile standard specifying otherwise) defined in section 9.1 of the
- specification. The list of allowed curves can be changed through the
- `mbedtls_ssl_conf_curves()` API.
+ (2) The MVP sends only one shared secret corresponding to the configured
+ preferred group. This could end up with connection failure if the
+ server does not support our preferred curve, as the MVP does not implement
+ HelloRetryRequest. The preferred group is the group of the first curve in
+ the list of allowed curves as defined by the configuration. The allowed
+ curves are by default ordered as follows: `x25519`, `secp256r1`,
+ `secp384r1` and finally `secp521r1`. Note that, in the absence of an
+ application profile standard specifying otherwise, section 9.1 of the
+ specification rather promotes curve `secp256r1` to be supported over
+ curve `x25519`. The MVP would, however, rather keep the preference order
+ currently promoted by Mbed TLS as this applies to TLS 1.2 as well, and
+ changing the order only for TLS1.3 would be potentially difficult.
+ In the unlikely event a server does not support curve `x25519` but does
+ support curve `secp256r1`, curve `secp256r1` can be set as the preferred
+ curve through the `mbedtls_ssl_conf_curves()` API.
- (3) The MVP proposes only TLS 1.3 and does not support version negociation.
+ (3) The MVP proposes only TLS 1.3 and does not support version negotiation.
Out-of-protocol fallback is supported though if the Mbed TLS library
has been built to support both TLS 1.3 and TLS 1.2: just set the
maximum of the minor version of the SSL configuration to
@@ -212,7 +218,7 @@
(1) Some support has already been upstreamed but it is incomplete.
(2) Key exchange configuration options for TLS 1.3 will likely to be
organized around the notion of key exchange mode along the line
- of the MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_NONE/PSK/PSK_EPHEMERAL/EPHEMERAL
+ of the MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_NONE/PSK/PSK_EPHEMERAL/EPHEMERAL
runtime configuration macros.
- Quality considerations
diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h
index 892771e..c04097d 100644
--- a/include/mbedtls/cipher.h
+++ b/include/mbedtls/cipher.h
@@ -508,6 +508,80 @@
}
/**
+ * \brief This function returns the size of the IV or nonce
+ * for the cipher info structure, in bytes.
+ *
+ * \param info The cipher info structure. This may be \c NULL.
+ *
+ * \return The recommended IV size.
+ * \return \c 0 for ciphers not using an IV or a nonce.
+ * \return \c 0 if \p info is \c NULL.
+ */
+static inline size_t mbedtls_cipher_info_get_iv_size(
+ const mbedtls_cipher_info_t *info )
+{
+ if( info == NULL )
+ return( 0 );
+
+ return( (size_t) info->MBEDTLS_PRIVATE(iv_size) );
+}
+
+/**
+ * \brief This function returns the block size of the given
+ * cipher info structure in bytes.
+ *
+ * \param info The cipher info structure. This may be \c NULL.
+ *
+ * \return The block size of the cipher.
+ * \return \c 1 if the cipher is a stream cipher.
+ * \return \c 0 if \p info is \c NULL.
+ */
+static inline size_t mbedtls_cipher_info_get_block_size(
+ const mbedtls_cipher_info_t *info )
+{
+ if( info == NULL )
+ return( 0 );
+
+ return( (size_t) info->MBEDTLS_PRIVATE(block_size) );
+}
+
+/**
+ * \brief This function returns a non-zero value if the key length for
+ * the given cipher is variable.
+ *
+ * \param info The cipher info structure. This may be \c NULL.
+ *
+ * \return Non-zero if the key length is variable, \c 0 otherwise.
+ * \return \c 0 if the given pointer is \c NULL.
+ */
+static inline int mbedtls_cipher_info_has_variable_key_bitlen(
+ const mbedtls_cipher_info_t *info )
+{
+ if( info == NULL )
+ return( 0 );
+
+ return( info->MBEDTLS_PRIVATE(flags) & MBEDTLS_CIPHER_VARIABLE_KEY_LEN );
+}
+
+/**
+ * \brief This function returns a non-zero value if the IV size for
+ * the given cipher is variable.
+ *
+ * \param info The cipher info structure. This may be \c NULL.
+ *
+ * \return Non-zero if the IV size is variable, \c 0 otherwise.
+ * \return \c 0 if the given pointer is \c NULL.
+ */
+static inline int mbedtls_cipher_info_has_variable_iv_size(
+ const mbedtls_cipher_info_t *info )
+{
+ if( info == NULL )
+ return( 0 );
+
+ return( info->MBEDTLS_PRIVATE(flags) & MBEDTLS_CIPHER_VARIABLE_IV_LEN );
+}
+
+/**
* \brief This function initializes a \p cipher_context as NONE.
*
* \param ctx The context to be initialized. This must not be \c NULL.
@@ -583,11 +657,13 @@
#endif /* MBEDTLS_USE_PSA_CRYPTO */
/**
- * \brief This function returns the block size of the given cipher.
+ * \brief This function returns the block size of the given cipher
+ * in bytes.
*
- * \param ctx The context of the cipher. This must be initialized.
+ * \param ctx The context of the cipher.
*
* \return The block size of the underlying cipher.
+ * \return \c 1 if the cipher is a stream cipher.
* \return \c 0 if \p ctx has not been initialized.
*/
static inline unsigned int mbedtls_cipher_get_block_size(
diff --git a/include/mbedtls/entropy.h b/include/mbedtls/entropy.h
index 128ec82..fede05f 100644
--- a/include/mbedtls/entropy.h
+++ b/include/mbedtls/entropy.h
@@ -124,7 +124,7 @@
* -1 after free. */
#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
mbedtls_sha512_context MBEDTLS_PRIVATE(accumulator);
-#else
+#elif defined(MBEDTLS_ENTROPY_SHA256_ACCUMULATOR)
mbedtls_sha256_context MBEDTLS_PRIVATE(accumulator);
#endif
int MBEDTLS_PRIVATE(source_count); /* Number of entries used in source. */
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 45e0544..d42e180 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -218,27 +218,27 @@
* mbedtls_ssl_conf_tls13_key_exchange_modes().
*/
-#define MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK ( 1u << 0 ) /*!< Pure-PSK TLS 1.3 key exchange,
- * encompassing both externally agreed PSKs
- * as well as resumption PSKs. */
-#define MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_EPHEMERAL ( 1u << 1 ) /*!< Pure-Ephemeral TLS 1.3 key exchanges,
- * including for example ECDHE and DHE
- * key exchanges. */
-#define MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK_EPHEMERAL ( 1u << 2 ) /*!< PSK-Ephemeral TLS 1.3 key exchanges,
- * using both a PSK and an ephemeral
- * key exchange. */
+#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK ( 1u << 0 ) /*!< Pure-PSK TLS 1.3 key exchange,
+ * encompassing both externally agreed PSKs
+ * as well as resumption PSKs. */
+#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL ( 1u << 1 ) /*!< Pure-Ephemeral TLS 1.3 key exchanges,
+ * including for example ECDHE and DHE
+ * key exchanges. */
+#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL ( 1u << 2 ) /*!< PSK-Ephemeral TLS 1.3 key exchanges,
+ * using both a PSK and an ephemeral
+ * key exchange. */
/* Convenience macros for sets of key exchanges. */
-#define MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_ALL \
- ( MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK | \
- MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK_EPHEMERAL | \
- MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_EPHEMERAL ) /*!< All TLS 1.3 key exchanges */
-#define MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK_ALL \
- ( MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK | \
- MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK_EPHEMERAL ) /*!< All PSK-based TLS 1.3 key exchanges */
-#define MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_EPHEMERAL_ALL \
- ( MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_EPHEMERAL | \
- MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK_EPHEMERAL ) /*!< All ephemeral TLS 1.3 key exchanges */
+#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_ALL \
+ ( MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK | \
+ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL | \
+ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL ) /*!< All TLS 1.3 key exchanges */
+#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL \
+ ( MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK | \
+ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL ) /*!< All PSK-based TLS 1.3 key exchanges */
+#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ALL \
+ ( MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL | \
+ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL ) /*!< All ephemeral TLS 1.3 key exchanges */
/*
* Various constants
@@ -414,34 +414,34 @@
*/
/* RSASSA-PKCS1-v1_5 algorithms */
-#define MBEDTLS_TLS13_SIG_RSA_PKCS1_SHA256 0x0401
-#define MBEDTLS_TLS13_SIG_RSA_PKCS1_SHA384 0x0501
-#define MBEDTLS_TLS13_SIG_RSA_PKCS1_SHA512 0x0601
+#define MBEDTLS_TLS1_3_SIG_RSA_PKCS1_SHA256 0x0401
+#define MBEDTLS_TLS1_3_SIG_RSA_PKCS1_SHA384 0x0501
+#define MBEDTLS_TLS1_3_SIG_RSA_PKCS1_SHA512 0x0601
/* ECDSA algorithms */
-#define MBEDTLS_TLS13_SIG_ECDSA_SECP256R1_SHA256 0x0403
-#define MBEDTLS_TLS13_SIG_ECDSA_SECP384R1_SHA384 0x0503
-#define MBEDTLS_TLS13_SIG_ECDSA_SECP521R1_SHA512 0x0603
+#define MBEDTLS_TLS1_3_SIG_ECDSA_SECP256R1_SHA256 0x0403
+#define MBEDTLS_TLS1_3_SIG_ECDSA_SECP384R1_SHA384 0x0503
+#define MBEDTLS_TLS1_3_SIG_ECDSA_SECP521R1_SHA512 0x0603
/* RSASSA-PSS algorithms with public key OID rsaEncryption */
-#define MBEDTLS_TLS13_SIG_RSA_PSS_RSAE_SHA256 0x0804
-#define MBEDTLS_TLS13_SIG_RSA_PSS_RSAE_SHA384 0x0805
-#define MBEDTLS_TLS13_SIG_RSA_PSS_RSAE_SHA512 0x0806
+#define MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA256 0x0804
+#define MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA384 0x0805
+#define MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA512 0x0806
/* EdDSA algorithms */
-#define MBEDTLS_TLS13_SIG_ED25519 0x0807
-#define MBEDTLS_TLS13_SIG_ED448 0x0808
+#define MBEDTLS_TLS1_3_SIG_ED25519 0x0807
+#define MBEDTLS_TLS1_3_SIG_ED448 0x0808
/* RSASSA-PSS algorithms with public key OID RSASSA-PSS */
-#define MBEDTLS_TLS13_SIG_RSA_PSS_PSS_SHA256 0x0809
-#define MBEDTLS_TLS13_SIG_RSA_PSS_PSS_SHA384 0x080A
-#define MBEDTLS_TLS13_SIG_RSA_PSS_PSS_SHA512 0x080B
+#define MBEDTLS_TLS1_3_SIG_RSA_PSS_PSS_SHA256 0x0809
+#define MBEDTLS_TLS1_3_SIG_RSA_PSS_PSS_SHA384 0x080A
+#define MBEDTLS_TLS1_3_SIG_RSA_PSS_PSS_SHA512 0x080B
/* LEGACY ALGORITHMS */
-#define MBEDTLS_TLS13_SIG_RSA_PKCS1_SHA1 0x0201
-#define MBEDTLS_TLS13_SIG_ECDSA_SHA1 0x0203
+#define MBEDTLS_TLS1_3_SIG_RSA_PKCS1_SHA1 0x0201
+#define MBEDTLS_TLS1_3_SIG_ECDSA_SHA1 0x0203
-#define MBEDTLS_TLS13_SIG_NONE 0x0
+#define MBEDTLS_TLS1_3_SIG_NONE 0x0
/*
* Client Certificate Types
@@ -1058,7 +1058,7 @@
unsigned char server_application_traffic_secret_N[ MBEDTLS_TLS1_3_MD_MAX_SIZE ];
unsigned char exporter_master_secret [ MBEDTLS_TLS1_3_MD_MAX_SIZE ];
unsigned char resumption_master_secret [ MBEDTLS_TLS1_3_MD_MAX_SIZE ];
-} mbedtls_ssl_tls1_3_application_secrets;
+} mbedtls_ssl_tls13_application_secrets;
#if defined(MBEDTLS_SSL_DTLS_SRTP)
@@ -1152,7 +1152,7 @@
#endif
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
- mbedtls_ssl_tls1_3_application_secrets MBEDTLS_PRIVATE(app_secrets);
+ mbedtls_ssl_tls13_application_secrets MBEDTLS_PRIVATE(app_secrets);
#endif
};
@@ -1173,12 +1173,12 @@
{
MBEDTLS_SSL_KEY_EXPORT_TLS12_MASTER_SECRET = 0,
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
- MBEDTLS_SSL_KEY_EXPORT_TLS13_CLIENT_EARLY_SECRET,
- MBEDTLS_SSL_KEY_EXPORT_TLS13_EARLY_EXPORTER_SECRET,
- MBEDTLS_SSL_KEY_EXPORT_TLS13_CLIENT_HANDSHAKE_TRAFFIC_SECRET,
- MBEDTLS_SSL_KEY_EXPORT_TLS13_SERVER_HANDSHAKE_TRAFFIC_SECRET,
- MBEDTLS_SSL_KEY_EXPORT_TLS13_CLIENT_APPLICATION_TRAFFIC_SECRET,
- MBEDTLS_SSL_KEY_EXPORT_TLS13_SERVER_APPLICATION_TRAFFIC_SECRET,
+ MBEDTLS_SSL_KEY_EXPORT_TLS1_3_CLIENT_EARLY_SECRET,
+ MBEDTLS_SSL_KEY_EXPORT_TLS1_3_EARLY_EXPORTER_SECRET,
+ MBEDTLS_SSL_KEY_EXPORT_TLS1_3_CLIENT_HANDSHAKE_TRAFFIC_SECRET,
+ MBEDTLS_SSL_KEY_EXPORT_TLS1_3_SERVER_HANDSHAKE_TRAFFIC_SECRET,
+ MBEDTLS_SSL_KEY_EXPORT_TLS1_3_CLIENT_APPLICATION_TRAFFIC_SECRET,
+ MBEDTLS_SSL_KEY_EXPORT_TLS1_3_SERVER_APPLICATION_TRAFFIC_SECRET,
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
} mbedtls_ssl_key_export_type;
@@ -2759,20 +2759,20 @@
*
* \param conf The SSL configuration the change should apply to.
* \param kex_modes A bitwise combination of one or more of the following:
- * - MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK
+ * - MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK
* This flag enables pure-PSK key exchanges.
- * - MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK_EPHEMERAL
+ * - MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL
* This flag enables combined PSK-ephemeral key exchanges.
- * - MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_EPHEMERAL
+ * - MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL
* This flag enables pure-ephemeral key exchanges.
* For convenience, the following pre-defined macros are
* available for combinations of the above:
- * - MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_ALL
+ * - MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_ALL
* Includes all of pure-PSK, PSK-ephemeral and pure-ephemeral.
- * - MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK_ALL
+ * - MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL
* Includes both pure-PSK and combined PSK-ephemeral
* key exchanges, but excludes pure-ephemeral key exchanges.
- * - MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_EPHEMERAL_ALL
+ * - MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ALL
* Includes both pure-ephemeral and combined PSK-ephemeral
* key exchanges.
*
@@ -3252,7 +3252,7 @@
* \param conf SSL configuration
* \param groups List of allowed groups ordered by preference, terminated by 0.
* Must contain valid IANA NamedGroup IDs (provided via either an integer
- * or using MBEDTLS_TLS13_NAMED_GROUP_XXX macros).
+ * or using MBEDTLS_TLS1_3_NAMED_GROUP_XXX macros).
*/
void mbedtls_ssl_conf_groups( mbedtls_ssl_config *conf,
const uint16_t *groups );
@@ -3296,9 +3296,9 @@
*
* \param conf The SSL configuration to use.
* \param sig_algs List of allowed IANA values for TLS 1.3 signature algorithms,
- * terminated by \c MBEDTLS_TLS13_SIG_NONE. The list must remain
+ * terminated by \c MBEDTLS_TLS1_3_SIG_NONE. The list must remain
* available throughout the lifetime of the conf object. Supported
- * values are available as \c MBEDTLS_TLS13_SIG_XXXX
+ * values are available as \c MBEDTLS_TLS1_3_SIG_XXXX
*/
void mbedtls_ssl_conf_sig_algs( mbedtls_ssl_config *conf,
const uint16_t* sig_algs );
diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index ee4b54c..1643b2e 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -153,10 +153,10 @@
* the owner of a key.
*
* \param[out] attributes The attribute structure to write to.
- * \param owner_id The key owner identifier.
+ * \param owner The key owner identifier.
*/
static void mbedtls_set_key_owner_id( psa_key_attributes_t *attributes,
- mbedtls_key_owner_id_t owner_id );
+ mbedtls_key_owner_id_t owner );
#endif
/** Set the location of a persistent key.
diff --git a/library/bignum.c b/library/bignum.c
index fdf8c9a..e47e259 100644
--- a/library/bignum.c
+++ b/library/bignum.c
@@ -43,6 +43,7 @@
#include "mbedtls/error.h"
#include "constant_time_internal.h"
+#include <limits.h>
#include <string.h>
#if defined(MBEDTLS_PLATFORM_C)
diff --git a/library/ecdh.c b/library/ecdh.c
index ddd4ef5..3f39926 100644
--- a/library/ecdh.c
+++ b/library/ecdh.c
@@ -731,7 +731,8 @@
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
static int ecdh_tls13_make_params_internal( mbedtls_ecdh_context_mbed *ctx,
- size_t *olen, int point_format, unsigned char *buf, size_t blen,
+ size_t *out_len, int point_format,
+ unsigned char *buf, size_t buf_len,
int ( *f_rng )( void *, unsigned char *, size_t), void *p_rng )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
@@ -744,20 +745,20 @@
return( ret );
ret = mbedtls_ecp_point_write_binary( &ctx->grp, &ctx->Q, point_format,
- olen, buf, blen );
+ out_len, buf, buf_len );
if( ret != 0 )
return( ret );
return( 0 );
}
-int mbedtls_ecdh_tls13_make_params( mbedtls_ecdh_context *ctx, size_t *olen,
- unsigned char *buf, size_t blen,
+int mbedtls_ecdh_tls13_make_params( mbedtls_ecdh_context *ctx, size_t *out_len,
+ unsigned char *buf, size_t buf_len,
int ( *f_rng )( void *, unsigned char *, size_t ),
void *p_rng )
{
ECDH_VALIDATE_RET( ctx != NULL );
- ECDH_VALIDATE_RET( olen != NULL );
+ ECDH_VALIDATE_RET( out_len != NULL );
ECDH_VALIDATE_RET( buf != NULL );
ECDH_VALIDATE_RET( f_rng != NULL );
@@ -768,8 +769,8 @@
#endif
#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
- return( ecdh_tls13_make_params_internal( ctx, olen, ctx->point_format,
- buf, blen, f_rng, p_rng ) );
+ return( ecdh_tls13_make_params_internal( ctx, out_len, ctx->point_format,
+ buf, buf_len, f_rng, p_rng ) );
#else
switch( ctx->var )
{
@@ -778,9 +779,9 @@
return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE );
#endif
case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0:
- return( ecdh_tls13_make_params_internal( &ctx->ctx.mbed_ecdh, olen,
- ctx->point_format, buf, blen,
- f_rng, p_rng ) );
+ return( ecdh_tls13_make_params_internal( &ctx->ctx.mbed_ecdh,
+ out_len, ctx->point_format,
+ buf, buf_len, f_rng, p_rng ) );
default:
return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
}
diff --git a/library/ssl_misc.h b/library/ssl_misc.h
index 36a0712..a94c79f 100644
--- a/library/ssl_misc.h
+++ b/library/ssl_misc.h
@@ -512,13 +512,13 @@
unsigned char binder_key [ MBEDTLS_TLS1_3_MD_MAX_SIZE ];
unsigned char client_early_traffic_secret [ MBEDTLS_TLS1_3_MD_MAX_SIZE ];
unsigned char early_exporter_master_secret[ MBEDTLS_TLS1_3_MD_MAX_SIZE ];
-} mbedtls_ssl_tls1_3_early_secrets;
+} mbedtls_ssl_tls13_early_secrets;
typedef struct
{
unsigned char client_handshake_traffic_secret[ MBEDTLS_TLS1_3_MD_MAX_SIZE ];
unsigned char server_handshake_traffic_secret[ MBEDTLS_TLS1_3_MD_MAX_SIZE ];
-} mbedtls_ssl_tls1_3_handshake_secrets;
+} mbedtls_ssl_tls13_handshake_secrets;
/*
* This structure contains the parameters only needed during handshake.
@@ -529,7 +529,7 @@
* Handshake specific crypto variables
*/
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
- int tls1_3_kex_modes; /*!< key exchange modes for TLS 1.3 */
+ int tls13_kex_modes; /*!< key exchange modes for TLS 1.3 */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
@@ -765,9 +765,9 @@
unsigned char early [MBEDTLS_TLS1_3_MD_MAX_SIZE];
unsigned char handshake[MBEDTLS_TLS1_3_MD_MAX_SIZE];
unsigned char app [MBEDTLS_TLS1_3_MD_MAX_SIZE];
- } tls1_3_master_secrets;
+ } tls13_master_secrets;
- mbedtls_ssl_tls1_3_handshake_secrets tls13_hs_secrets;
+ mbedtls_ssl_tls13_handshake_secrets tls13_hs_secrets;
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#if defined(MBEDTLS_SSL_SESSION_TICKETS)
@@ -1528,31 +1528,31 @@
static inline int mbedtls_ssl_conf_tls13_psk_enabled( mbedtls_ssl_context *ssl )
{
return( mbedtls_ssl_conf_tls13_check_kex_modes( ssl,
- MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK ) );
+ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK ) );
}
static inline int mbedtls_ssl_conf_tls13_psk_ephemeral_enabled( mbedtls_ssl_context *ssl )
{
return( mbedtls_ssl_conf_tls13_check_kex_modes( ssl,
- MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK_EPHEMERAL ) );
+ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL ) );
}
static inline int mbedtls_ssl_conf_tls13_ephemeral_enabled( mbedtls_ssl_context *ssl )
{
return( mbedtls_ssl_conf_tls13_check_kex_modes( ssl,
- MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_EPHEMERAL ) );
+ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL ) );
}
static inline int mbedtls_ssl_conf_tls13_some_ephemeral_enabled( mbedtls_ssl_context *ssl )
{
return( mbedtls_ssl_conf_tls13_check_kex_modes( ssl,
- MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_EPHEMERAL_ALL ) );
+ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ALL ) );
}
static inline int mbedtls_ssl_conf_tls13_some_psk_enabled( mbedtls_ssl_context *ssl )
{
return( mbedtls_ssl_conf_tls13_check_kex_modes( ssl,
- MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK_ALL ) );
+ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL ) );
}
/**
@@ -1565,41 +1565,41 @@
* \return 0 if at least one of the key exchange modes is supported,
* !=0 otherwise.
*/
-static inline unsigned mbedtls_ssl_tls1_3_check_kex_modes( mbedtls_ssl_context *ssl,
- int kex_modes_mask )
+static inline unsigned mbedtls_ssl_tls13_check_kex_modes( mbedtls_ssl_context *ssl,
+ int kex_modes_mask )
{
- return( ( ssl->handshake->tls1_3_kex_modes & kex_modes_mask ) == 0 );
+ return( ( ssl->handshake->tls13_kex_modes & kex_modes_mask ) == 0 );
}
-static inline int mbedtls_ssl_tls1_3_psk_enabled( mbedtls_ssl_context *ssl )
+static inline int mbedtls_ssl_tls13_psk_enabled( mbedtls_ssl_context *ssl )
{
- return( ! mbedtls_ssl_tls1_3_check_kex_modes( ssl,
- MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK ) );
+ return( ! mbedtls_ssl_tls13_check_kex_modes( ssl,
+ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK ) );
}
-static inline int mbedtls_ssl_tls1_3_psk_ephemeral_enabled(
+static inline int mbedtls_ssl_tls13_psk_ephemeral_enabled(
mbedtls_ssl_context *ssl )
{
- return( ! mbedtls_ssl_tls1_3_check_kex_modes( ssl,
- MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK_EPHEMERAL ) );
+ return( ! mbedtls_ssl_tls13_check_kex_modes( ssl,
+ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL ) );
}
-static inline int mbedtls_ssl_tls1_3_ephemeral_enabled( mbedtls_ssl_context *ssl )
+static inline int mbedtls_ssl_tls13_ephemeral_enabled( mbedtls_ssl_context *ssl )
{
- return( ! mbedtls_ssl_tls1_3_check_kex_modes( ssl,
- MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_EPHEMERAL ) );
+ return( ! mbedtls_ssl_tls13_check_kex_modes( ssl,
+ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL ) );
}
-static inline int mbedtls_ssl_tls1_3_some_ephemeral_enabled( mbedtls_ssl_context *ssl )
+static inline int mbedtls_ssl_tls13_some_ephemeral_enabled( mbedtls_ssl_context *ssl )
{
- return( ! mbedtls_ssl_tls1_3_check_kex_modes( ssl,
- MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_EPHEMERAL_ALL ) );
+ return( ! mbedtls_ssl_tls13_check_kex_modes( ssl,
+ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ALL ) );
}
-static inline int mbedtls_ssl_tls1_3_some_psk_enabled( mbedtls_ssl_context *ssl )
+static inline int mbedtls_ssl_tls13_some_psk_enabled( mbedtls_ssl_context *ssl )
{
- return( ! mbedtls_ssl_tls1_3_check_kex_modes( ssl,
- MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK_ALL ) );
+ return( ! mbedtls_ssl_tls13_check_kex_modes( ssl,
+ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL ) );
}
/*
@@ -1629,10 +1629,10 @@
/*
* Fetch TLS 1.3 handshake message header
*/
-int mbedtls_ssl_tls1_3_fetch_handshake_msg( mbedtls_ssl_context *ssl,
- unsigned hs_type,
- unsigned char **buf,
- size_t *buf_len );
+int mbedtls_ssl_tls13_fetch_handshake_msg( mbedtls_ssl_context *ssl,
+ unsigned hs_type,
+ unsigned char **buf,
+ size_t *buf_len );
/*
* Write TLS 1.3 handshake message header
@@ -1640,7 +1640,7 @@
int mbedtls_ssl_tls13_start_handshake_msg( mbedtls_ssl_context *ssl,
unsigned hs_type,
unsigned char **buf,
- size_t *buflen );
+ size_t *buf_len );
/*
* Handler of TLS 1.3 server certificate message
@@ -1666,10 +1666,10 @@
/*
* Update checksum of handshake messages.
*/
-void mbedtls_ssl_tls1_3_add_hs_msg_to_checksum( mbedtls_ssl_context *ssl,
- unsigned hs_type,
- unsigned char const *msg,
- size_t msg_len );
+void mbedtls_ssl_tls13_add_hs_msg_to_checksum( mbedtls_ssl_context *ssl,
+ unsigned hs_type,
+ unsigned char const *msg,
+ size_t msg_len );
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
/*
@@ -1678,7 +1678,7 @@
int mbedtls_ssl_tls13_write_sig_alg_ext( mbedtls_ssl_context *ssl,
unsigned char *buf,
unsigned char *end,
- size_t *olen);
+ size_t *out_len);
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 5c27692..3d5eb1e 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -3574,7 +3574,7 @@
void mbedtls_ssl_conf_tls13_key_exchange_modes( mbedtls_ssl_config *conf,
const int kex_modes )
{
- conf->tls13_kex_modes = kex_modes & MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_ALL;
+ conf->tls13_kex_modes = kex_modes & MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_ALL;
}
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
@@ -6362,43 +6362,43 @@
/* ECDSA algorithms */
#if defined(MBEDTLS_ECDSA_C)
#if defined(MBEDTLS_SHA256_C) && defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
- MBEDTLS_TLS13_SIG_ECDSA_SECP256R1_SHA256,
+ MBEDTLS_TLS1_3_SIG_ECDSA_SECP256R1_SHA256,
#endif /* MBEDTLS_SHA256_C && MBEDTLS_ECP_DP_SECP256R1_ENABLED */
#if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
- MBEDTLS_TLS13_SIG_ECDSA_SECP384R1_SHA384,
+ MBEDTLS_TLS1_3_SIG_ECDSA_SECP384R1_SHA384,
#endif /* MBEDTLS_SHA512_C && MBEDTLS_ECP_DP_SECP384R1_ENABLED */
#if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
- MBEDTLS_TLS13_SIG_ECDSA_SECP521R1_SHA512,
+ MBEDTLS_TLS1_3_SIG_ECDSA_SECP521R1_SHA512,
#endif /* MBEDTLS_SHA512_C && MBEDTLS_ECP_DP_SECP521R1_ENABLED */
#endif /* MBEDTLS_ECDSA_C */
/* RSA algorithms */
#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
- MBEDTLS_TLS13_SIG_RSA_PSS_RSAE_SHA256,
+ MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA256,
#endif
- MBEDTLS_TLS13_SIG_RSA_PKCS1_SHA256,
+ MBEDTLS_TLS1_3_SIG_RSA_PKCS1_SHA256,
- MBEDTLS_TLS13_SIG_NONE
+ MBEDTLS_TLS1_3_SIG_NONE
};
static uint16_t ssl_preset_suiteb_sig_algs[] = {
/* ECDSA algorithms */
#if defined(MBEDTLS_ECDSA_C)
#if defined(MBEDTLS_SHA256_C) && defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
- MBEDTLS_TLS13_SIG_ECDSA_SECP256R1_SHA256,
+ MBEDTLS_TLS1_3_SIG_ECDSA_SECP256R1_SHA256,
#endif /* MBEDTLS_SHA256_C && MBEDTLS_ECP_DP_SECP256R1_ENABLED */
#if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
- MBEDTLS_TLS13_SIG_ECDSA_SECP384R1_SHA384,
+ MBEDTLS_TLS1_3_SIG_ECDSA_SECP384R1_SHA384,
#endif /* MBEDTLS_SHA512_C && MBEDTLS_ECP_DP_SECP384R1_ENABLED */
#endif /* MBEDTLS_ECDSA_C */
/* RSA algorithms */
#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
- MBEDTLS_TLS13_SIG_RSA_PSS_RSAE_SHA256,
+ MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA256,
#endif
- MBEDTLS_TLS13_SIG_RSA_PKCS1_SHA256,
+ MBEDTLS_TLS1_3_SIG_RSA_PKCS1_SHA256,
- MBEDTLS_TLS13_SIG_NONE
+ MBEDTLS_TLS1_3_SIG_NONE
};
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif
@@ -6495,7 +6495,7 @@
/*
* Allow all TLS 1.3 key exchange modes by default.
*/
- conf->tls13_kex_modes = MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_ALL;
+ conf->tls13_kex_modes = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_ALL;
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
/*
diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c
index d848415..1874d4f 100644
--- a/library/ssl_tls13_client.c
+++ b/library/ssl_tls13_client.c
@@ -47,11 +47,11 @@
static int ssl_tls13_write_supported_versions_ext( mbedtls_ssl_context *ssl,
unsigned char *buf,
unsigned char *end,
- size_t *olen )
+ size_t *out_len )
{
unsigned char *p = buf;
- *olen = 0;
+ *out_len = 0;
MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding supported versions extension" ) );
@@ -87,7 +87,7 @@
ssl->conf->max_major_ver,
ssl->conf->max_minor_ver ) );
- *olen = 7;
+ *out_len = 7;
return( 0 );
}
@@ -139,11 +139,11 @@
static int ssl_tls13_write_named_group_list_ecdhe( mbedtls_ssl_context *ssl,
unsigned char *buf,
unsigned char *end,
- size_t *olen )
+ size_t *out_len )
{
unsigned char *p = buf;
- *olen = 0;
+ *out_len = 0;
const uint16_t *group_list = mbedtls_ssl_get_groups( ssl );
@@ -152,9 +152,9 @@
for ( ; *group_list != 0; group_list++ )
{
- const mbedtls_ecp_curve_info *info;
- info = mbedtls_ecp_curve_info_from_tls_id( *group_list );
- if( info == NULL )
+ const mbedtls_ecp_curve_info *curve_info;
+ curve_info = mbedtls_ecp_curve_info_from_tls_id( *group_list );
+ if( curve_info == NULL )
continue;
if( !mbedtls_ssl_tls13_named_group_is_ecdhe( *group_list ) )
@@ -165,10 +165,10 @@
p += 2;
MBEDTLS_SSL_DEBUG_MSG( 3, ( "NamedGroup: %s ( %x )",
- info->name, *group_list ) );
+ curve_info->name, *group_list ) );
}
- *olen = p - buf;
+ *out_len = p - buf;
return( 0 );
}
@@ -176,12 +176,12 @@
static int ssl_tls13_write_named_group_list_ecdhe( mbedtls_ssl_context *ssl,
unsigned char *buf,
unsigned char *end,
- size_t *olen )
+ size_t *out_len )
{
((void) ssl);
((void) buf);
((void) end);
- *olen = 0;
+ *out_len = 0;
return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
}
#endif /* MBEDTLS_ECDH_C */
@@ -189,12 +189,12 @@
static int ssl_tls13_write_named_group_list_dhe( mbedtls_ssl_context *ssl,
unsigned char *buf,
unsigned char *end,
- size_t *olen )
+ size_t *out_len )
{
((void) ssl);
((void) buf);
((void) end);
- *olen = 0;
+ *out_len = 0;
MBEDTLS_SSL_DEBUG_MSG( 3, ( "write_named_group_dhe is not implemented" ) );
return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
}
@@ -202,15 +202,15 @@
static int ssl_tls13_write_supported_groups_ext( mbedtls_ssl_context *ssl,
unsigned char *buf,
unsigned char *end,
- size_t *olen )
+ size_t *out_len )
{
unsigned char *p = buf ;
- unsigned char *named_group_list_ptr; /* Start of named_group_list */
- size_t named_group_list_len; /* Length of named_group_list */
+ unsigned char *named_group_list; /* Start of named_group_list */
+ size_t named_group_list_len; /* Length of named_group_list */
size_t output_len = 0;
int ret_ecdhe, ret_dhe;
- *olen = 0;
+ *out_len = 0;
if( !mbedtls_ssl_conf_tls13_some_ephemeral_enabled( ssl ) )
return( 0 );
@@ -218,14 +218,14 @@
MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding supported_groups extension" ) );
/* Check if we have space for header and length fields:
- * - extension_type (2 bytes)
- * - extension_data_length (2 bytes)
+ * - extension_type (2 bytes)
+ * - extension_data_length (2 bytes)
* - named_group_list_length (2 bytes)
*/
MBEDTLS_SSL_CHK_BUF_PTR( p, end, 6 );
p += 6;
- named_group_list_ptr = p;
+ named_group_list = p;
ret_ecdhe = ssl_tls13_write_named_group_list_ecdhe( ssl, p, end, &output_len );
if( ret_ecdhe != 0 )
{
@@ -248,7 +248,7 @@
}
/* Length of named_group_list*/
- named_group_list_len = p - named_group_list_ptr;
+ named_group_list_len = p - named_group_list;
if( named_group_list_len == 0 )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "No group available." ) );
@@ -264,7 +264,7 @@
MBEDTLS_SSL_DEBUG_BUF( 3, "Supported groups extension", buf + 4, named_group_list_len + 2 );
- *olen = p - buf;
+ *out_len = p - buf;
ssl->handshake->extensions_present |= MBEDTLS_SSL_EXT_SUPPORTED_GROUPS;
@@ -280,7 +280,7 @@
uint16_t named_group,
unsigned char *buf,
unsigned char *end,
- size_t *olen )
+ size_t *out_len )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
const mbedtls_ecp_curve_info *curve_info =
@@ -298,9 +298,9 @@
return( ret );
}
- ret = mbedtls_ecdh_tls13_make_params( &ssl->handshake->ecdh_ctx, olen,
- buf, end - buf,
- ssl->conf->f_rng, ssl->conf->p_rng );
+ ret = mbedtls_ecdh_tls13_make_params( &ssl->handshake->ecdh_ctx, out_len,
+ buf, end - buf,
+ ssl->conf->f_rng, ssl->conf->p_rng );
if( ret != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_tls13_make_params", ret );
@@ -327,9 +327,9 @@
for ( ; *group_list != 0; group_list++ )
{
- const mbedtls_ecp_curve_info *info;
- info = mbedtls_ecp_curve_info_from_tls_id( *group_list );
- if( info != NULL &&
+ const mbedtls_ecp_curve_info *curve_info;
+ curve_info = mbedtls_ecp_curve_info_from_tls_id( *group_list );
+ if( curve_info != NULL &&
mbedtls_ssl_tls13_named_group_is_ecdhe( *group_list ) )
{
*group_id = *group_list;
@@ -365,15 +365,15 @@
static int ssl_tls13_write_key_share_ext( mbedtls_ssl_context *ssl,
unsigned char *buf,
unsigned char *end,
- size_t *olen )
+ size_t *out_len )
{
unsigned char *p = buf;
- unsigned char *client_shares_ptr; /* Start of client_shares */
- size_t client_shares_len; /* Length of client_shares */
+ unsigned char *client_shares; /* Start of client_shares */
+ size_t client_shares_len; /* Length of client_shares */
uint16_t group_id;
int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
- *olen = 0;
+ *out_len = 0;
if( !mbedtls_ssl_conf_tls13_some_ephemeral_enabled( ssl ) )
return( 0 );
@@ -405,12 +405,12 @@
* type of KEM, and dispatch to the corresponding crypto. And
* only one key share entry is allowed.
*/
- client_shares_ptr = p;
+ client_shares = p;
#if defined(MBEDTLS_ECDH_C)
if( mbedtls_ssl_tls13_named_group_is_ecdhe( group_id ) )
{
/* Pointer to group */
- unsigned char *group_ptr = p;
+ unsigned char *group = p;
/* Length of key_exchange */
size_t key_exchange_len;
@@ -428,9 +428,9 @@
return( ret );
/* Write group */
- MBEDTLS_PUT_UINT16_BE( group_id, group_ptr, 0 );
+ MBEDTLS_PUT_UINT16_BE( group_id, group, 0 );
/* Write key_exchange_length */
- MBEDTLS_PUT_UINT16_BE( key_exchange_len, group_ptr, 2 );
+ MBEDTLS_PUT_UINT16_BE( key_exchange_len, group, 2 );
}
else
#endif /* MBEDTLS_ECDH_C */
@@ -442,7 +442,7 @@
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
/* Length of client_shares */
- client_shares_len = p - client_shares_ptr;
+ client_shares_len = p - client_shares;
if( client_shares_len == 0)
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "No key share defined." ) );
@@ -459,9 +459,9 @@
ssl->handshake->offered_group_id = group_id;
/* Output the total length of key_share extension. */
- *olen = p - buf;
+ *out_len = p - buf;
- MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, key_share extension", buf, *olen );
+ MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, key_share extension", buf, *out_len );
ssl->handshake->extensions_present |= MBEDTLS_SSL_EXT_KEY_SHARE;
@@ -600,14 +600,14 @@
mbedtls_ssl_context *ssl,
unsigned char *buf,
unsigned char *end,
- size_t *olen )
+ size_t *out_len )
{
unsigned char *p = buf;
const int *ciphersuite_list;
- unsigned char *cipher_suites_ptr; /* Start of the cipher_suites list */
+ unsigned char *cipher_suites; /* Start of the cipher_suites list */
size_t cipher_suites_len;
- *olen = 0 ;
+ *out_len = 0 ;
/*
* Ciphersuite list
@@ -624,7 +624,7 @@
p += 2;
/* Write cipher_suites */
- cipher_suites_ptr = p;
+ cipher_suites = p;
for ( size_t i = 0; ciphersuite_list[i] != 0; i++ )
{
int cipher_suite = ciphersuite_list[i];
@@ -648,14 +648,14 @@
}
/* Write the cipher_suites length in number of bytes */
- cipher_suites_len = p - cipher_suites_ptr;
+ cipher_suites_len = p - cipher_suites;
MBEDTLS_PUT_UINT16_BE( cipher_suites_len, buf, 0 );
MBEDTLS_SSL_DEBUG_MSG( 3,
( "client hello, got %" MBEDTLS_PRINTF_SIZET " cipher suites",
cipher_suites_len/2 ) );
/* Output the total length of cipher_suites field. */
- *olen = p - buf;
+ *out_len = p - buf;
return( 0 );
}
@@ -675,18 +675,18 @@
static int ssl_tls13_write_client_hello_body( mbedtls_ssl_context *ssl,
unsigned char *buf,
unsigned char *end,
- size_t *olen )
+ size_t *out_len )
{
int ret;
- unsigned char *extensions_len_ptr; /* Pointer to extensions length */
- size_t output_len; /* Length of buffer used by function */
- size_t extensions_len; /* Length of the list of extensions*/
+ unsigned char *p_extensions_len; /* Pointer to extensions length */
+ size_t output_len; /* Length of buffer used by function */
+ size_t extensions_len; /* Length of the list of extensions*/
/* Buffer management */
unsigned char *p = buf;
- *olen = 0;
+ *out_len = 0;
/* No validation needed here. It has been done by ssl_conf_check() */
ssl->major_ver = ssl->conf->min_major_ver;
@@ -749,7 +749,7 @@
/* First write extensions, then the total length */
MBEDTLS_SSL_CHK_BUF_PTR( p, end, 2 );
- extensions_len_ptr = p;
+ p_extensions_len = p;
p += 2;
/* Write supported_versions extension
@@ -809,13 +809,13 @@
/* Add more extensions here */
/* Write the length of the list of extensions. */
- extensions_len = p - extensions_len_ptr - 2;
- MBEDTLS_PUT_UINT16_BE( extensions_len, extensions_len_ptr, 0 );
+ extensions_len = p - p_extensions_len - 2;
+ MBEDTLS_PUT_UINT16_BE( extensions_len, p_extensions_len, 0 );
MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, total extension length: %" MBEDTLS_PRINTF_SIZET ,
extensions_len ) );
- MBEDTLS_SSL_DEBUG_BUF( 3, "client hello extensions", extensions_len_ptr, extensions_len );
+ MBEDTLS_SSL_DEBUG_BUF( 3, "client hello extensions", p_extensions_len, extensions_len );
- *olen = p - buf;
+ *out_len = p - buf;
return( 0 );
}
@@ -1257,17 +1257,17 @@
{
/* Only the pre_shared_key extension was received */
case MBEDTLS_SSL_EXT_PRE_SHARED_KEY:
- handshake->tls1_3_kex_modes = MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK;
+ handshake->tls13_kex_modes = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK;
break;
/* Only the key_share extension was received */
case MBEDTLS_SSL_EXT_KEY_SHARE:
- handshake->tls1_3_kex_modes = MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_EPHEMERAL;
+ handshake->tls13_kex_modes = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL;
break;
/* Both the pre_shared_key and key_share extensions were received */
case ( MBEDTLS_SSL_EXT_PRE_SHARED_KEY | MBEDTLS_SSL_EXT_KEY_SHARE ):
- handshake->tls1_3_kex_modes = MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK_EPHEMERAL;
+ handshake->tls13_kex_modes = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL;
break;
/* Neither pre_shared_key nor key_share extension was received */
@@ -1282,10 +1282,10 @@
* TODO: We don't have to do this in case we offered 0-RTT and the
* server accepted it. In this case, we could skip generating
* the early secret. */
- ret = mbedtls_ssl_tls1_3_key_schedule_stage_early( ssl );
+ ret = mbedtls_ssl_tls13_key_schedule_stage_early( ssl );
if( ret != 0 )
{
- MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_tls1_3_key_schedule_stage_early_data",
+ MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_tls13_key_schedule_stage_early_data",
ret );
goto cleanup;
}
@@ -1294,7 +1294,7 @@
ret = mbedtls_ssl_tls13_key_schedule_stage_handshake( ssl );
if( ret != 0 )
{
- MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_tls1_3_derive_master_secret", ret );
+ MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_tls13_derive_master_secret", ret );
goto cleanup;
}
@@ -1355,7 +1355,7 @@
* Wait and parse ServerHello handshake message.
* Handler for MBEDTLS_SSL_SERVER_HELLO
*/
-static int ssl_tls1_3_process_server_hello( mbedtls_ssl_context *ssl )
+static int ssl_tls13_process_server_hello( mbedtls_ssl_context *ssl )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
unsigned char *buf;
@@ -1381,9 +1381,9 @@
MBEDTLS_SSL_PROC_CHK( ssl_tls13_parse_server_hello( ssl, buf,
buf + buf_len ) );
- mbedtls_ssl_tls1_3_add_hs_msg_to_checksum( ssl,
- MBEDTLS_SSL_HS_SERVER_HELLO,
- buf, buf_len );
+ mbedtls_ssl_tls13_add_hs_msg_to_checksum( ssl,
+ MBEDTLS_SSL_HS_SERVER_HELLO,
+ buf, buf_len );
MBEDTLS_SSL_PROC_CHK( ssl_tls13_finalize_server_hello( ssl ) );
}
@@ -1432,7 +1432,7 @@
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse encrypted extensions" ) );
- MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_tls1_3_fetch_handshake_msg( ssl,
+ MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_tls13_fetch_handshake_msg( ssl,
MBEDTLS_SSL_HS_ENCRYPTED_EXTENSIONS,
&buf, &buf_len ) );
@@ -1440,7 +1440,7 @@
MBEDTLS_SSL_PROC_CHK(
ssl_tls13_parse_encrypted_extensions( ssl, buf, buf + buf_len ) );
- mbedtls_ssl_tls1_3_add_hs_msg_to_checksum(
+ mbedtls_ssl_tls13_add_hs_msg_to_checksum(
ssl, MBEDTLS_SSL_HS_ENCRYPTED_EXTENSIONS, buf, buf_len );
MBEDTLS_SSL_PROC_CHK( ssl_tls13_postprocess_encrypted_extensions( ssl ) );
@@ -1530,7 +1530,7 @@
static int ssl_tls13_postprocess_encrypted_extensions( mbedtls_ssl_context *ssl )
{
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
- if( mbedtls_ssl_tls1_3_some_psk_enabled( ssl ) )
+ if( mbedtls_ssl_tls13_some_psk_enabled( ssl ) )
mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SERVER_FINISHED );
else
mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CERTIFICATE_REQUEST );
@@ -1573,7 +1573,7 @@
/*
* Handler for MBEDTLS_SSL_SERVER_CERTIFICATE
*/
-static int ssl_tls1_3_process_server_certificate( mbedtls_ssl_context *ssl )
+static int ssl_tls13_process_server_certificate( mbedtls_ssl_context *ssl )
{
int ret;
@@ -1588,7 +1588,7 @@
/*
* Handler for MBEDTLS_SSL_CERTIFICATE_VERIFY
*/
-static int ssl_tls1_3_process_certificate_verify( mbedtls_ssl_context *ssl )
+static int ssl_tls13_process_certificate_verify( mbedtls_ssl_context *ssl )
{
int ret;
@@ -1603,7 +1603,7 @@
/*
* Handler for MBEDTLS_SSL_SERVER_FINISHED
*/
-static int ssl_tls1_3_process_server_finished( mbedtls_ssl_context *ssl )
+static int ssl_tls13_process_server_finished( mbedtls_ssl_context *ssl )
{
int ret;
@@ -1634,7 +1634,7 @@
/*
* Handler for MBEDTLS_SSL_FLUSH_BUFFERS
*/
-static int ssl_tls1_3_flush_buffers( mbedtls_ssl_context *ssl )
+static int ssl_tls13_flush_buffers( mbedtls_ssl_context *ssl )
{
MBEDTLS_SSL_DEBUG_MSG( 2, ( "handshake: done" ) );
mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_HANDSHAKE_WRAPUP );
@@ -1644,7 +1644,7 @@
/*
* Handler for MBEDTLS_SSL_HANDSHAKE_WRAPUP
*/
-static int ssl_tls1_3_handshake_wrapup( mbedtls_ssl_context *ssl )
+static int ssl_tls13_handshake_wrapup( mbedtls_ssl_context *ssl )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "Switch to application keys for inbound traffic" ) );
mbedtls_ssl_set_inbound_transform ( ssl, ssl->transform_application );
@@ -1662,7 +1662,7 @@
{
int ret = 0;
- MBEDTLS_SSL_DEBUG_MSG( 2, ( "tls1_3 client state: %d", ssl->state ) );
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "tls13 client state: %d", ssl->state ) );
switch( ssl->state )
{
@@ -1676,7 +1676,7 @@
break;
case MBEDTLS_SSL_SERVER_HELLO:
- ret = ssl_tls1_3_process_server_hello( ssl );
+ ret = ssl_tls13_process_server_hello( ssl );
break;
case MBEDTLS_SSL_ENCRYPTED_EXTENSIONS:
@@ -1689,16 +1689,16 @@
break;
case MBEDTLS_SSL_SERVER_CERTIFICATE:
- ret = ssl_tls1_3_process_server_certificate( ssl );
+ ret = ssl_tls13_process_server_certificate( ssl );
break;
case MBEDTLS_SSL_CERTIFICATE_VERIFY:
- ret = ssl_tls1_3_process_certificate_verify( ssl );
+ ret = ssl_tls13_process_certificate_verify( ssl );
break;
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
case MBEDTLS_SSL_SERVER_FINISHED:
- ret = ssl_tls1_3_process_server_finished( ssl );
+ ret = ssl_tls13_process_server_finished( ssl );
break;
case MBEDTLS_SSL_CLIENT_FINISHED:
@@ -1706,11 +1706,11 @@
break;
case MBEDTLS_SSL_FLUSH_BUFFERS:
- ret = ssl_tls1_3_flush_buffers( ssl );
+ ret = ssl_tls13_flush_buffers( ssl );
break;
case MBEDTLS_SSL_HANDSHAKE_WRAPUP:
- ret = ssl_tls1_3_handshake_wrapup( ssl );
+ ret = ssl_tls13_handshake_wrapup( ssl );
break;
default:
diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c
index f9ad5da..066147a 100644
--- a/library/ssl_tls13_generic.c
+++ b/library/ssl_tls13_generic.c
@@ -35,10 +35,10 @@
#include "ssl_misc.h"
#include "ssl_tls13_keys.h"
-int mbedtls_ssl_tls1_3_fetch_handshake_msg( mbedtls_ssl_context *ssl,
- unsigned hs_type,
- unsigned char **buf,
- size_t *buflen )
+int mbedtls_ssl_tls13_fetch_handshake_msg( mbedtls_ssl_context *ssl,
+ unsigned hs_type,
+ unsigned char **buf,
+ size_t *buf_len )
{
int ret;
@@ -65,8 +65,8 @@
* uint24 length;
* ...
*/
- *buf = ssl->in_msg + 4;
- *buflen = ssl->in_hslen - 4;
+ *buf = ssl->in_msg + 4;
+ *buf_len = ssl->in_hslen - 4;
cleanup:
@@ -99,22 +99,22 @@
size_t msg_len )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
- size_t msg_len_with_header;
+ size_t msg_with_header_len;
((void) buf_len);
/* Add reserved 4 bytes for handshake header */
- msg_len_with_header = msg_len + 4;
- ssl->out_msglen = msg_len_with_header;
+ msg_with_header_len = msg_len + 4;
+ ssl->out_msglen = msg_with_header_len;
MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_write_handshake_msg_ext( ssl, 0 ) );
cleanup:
return( ret );
}
-void mbedtls_ssl_tls1_3_add_hs_msg_to_checksum( mbedtls_ssl_context *ssl,
- unsigned hs_type,
- unsigned char const *msg,
- size_t msg_len )
+void mbedtls_ssl_tls13_add_hs_msg_to_checksum( mbedtls_ssl_context *ssl,
+ unsigned hs_type,
+ unsigned char const *msg,
+ size_t msg_len )
{
mbedtls_ssl_tls13_add_hs_hdr_to_checksum( ssl, hs_type, msg_len );
ssl->handshake->update_checksum( ssl, msg, msg_len );
@@ -157,13 +157,13 @@
int mbedtls_ssl_tls13_write_sig_alg_ext( mbedtls_ssl_context *ssl,
unsigned char *buf,
unsigned char *end,
- size_t *olen )
+ size_t *out_len )
{
unsigned char *p = buf;
- unsigned char *supported_sig_alg_ptr; /* Start of supported_signature_algorithms */
- size_t supported_sig_alg_len = 0; /* Length of supported_signature_algorithms */
+ unsigned char *supported_sig_alg; /* Start of supported_signature_algorithms */
+ size_t supported_sig_alg_len = 0; /* Length of supported_signature_algorithms */
- *olen = 0;
+ *out_len = 0;
/* Skip the extension on the client if all allowed key exchanges
* are PSK-based. */
@@ -188,9 +188,9 @@
/*
* Write supported_signature_algorithms
*/
- supported_sig_alg_ptr = p;
+ supported_sig_alg = p;
for( const uint16_t *sig_alg = ssl->conf->tls13_sig_algs;
- *sig_alg != MBEDTLS_TLS13_SIG_NONE; sig_alg++ )
+ *sig_alg != MBEDTLS_TLS1_3_SIG_NONE; sig_alg++ )
{
MBEDTLS_SSL_CHK_BUF_PTR( p, end, 2 );
MBEDTLS_PUT_UINT16_BE( *sig_alg, p, 0 );
@@ -199,7 +199,7 @@
}
/* Length of supported_signature_algorithms */
- supported_sig_alg_len = p - supported_sig_alg_ptr;
+ supported_sig_alg_len = p - supported_sig_alg;
if( supported_sig_alg_len == 0 )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "No signature algorithms defined." ) );
@@ -214,7 +214,7 @@
MBEDTLS_PUT_UINT16_BE( supported_sig_alg_len, buf, 4 );
/* Output the total length of signature algorithms extension. */
- *olen = p - buf;
+ *out_len = p - buf;
ssl->handshake->extensions_present |= MBEDTLS_SSL_EXT_SIG_ALG;
return( 0 );
@@ -298,7 +298,7 @@
{
const uint16_t *tls13_sig_alg = ssl->conf->tls13_sig_algs;
- for( ; *tls13_sig_alg != MBEDTLS_TLS13_SIG_NONE ; tls13_sig_alg++ )
+ for( ; *tls13_sig_alg != MBEDTLS_TLS1_3_SIG_NONE ; tls13_sig_alg++ )
{
if( *tls13_sig_alg == sig_alg )
return( 1 );
@@ -321,9 +321,9 @@
unsigned char verify_hash[MBEDTLS_MD_MAX_SIZE];
size_t verify_hash_len;
- void const *opts_ptr = NULL;
+ void const *options = NULL;
#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
- mbedtls_pk_rsassa_pss_options opts;
+ mbedtls_pk_rsassa_pss_options rsassa_pss_options;
#endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */
/*
@@ -362,20 +362,20 @@
/* We currently only support ECDSA-based signatures */
switch( algorithm )
{
- case MBEDTLS_TLS13_SIG_ECDSA_SECP256R1_SHA256:
+ case MBEDTLS_TLS1_3_SIG_ECDSA_SECP256R1_SHA256:
md_alg = MBEDTLS_MD_SHA256;
sig_alg = MBEDTLS_PK_ECDSA;
break;
- case MBEDTLS_TLS13_SIG_ECDSA_SECP384R1_SHA384:
+ case MBEDTLS_TLS1_3_SIG_ECDSA_SECP384R1_SHA384:
md_alg = MBEDTLS_MD_SHA384;
sig_alg = MBEDTLS_PK_ECDSA;
break;
- case MBEDTLS_TLS13_SIG_ECDSA_SECP521R1_SHA512:
+ case MBEDTLS_TLS1_3_SIG_ECDSA_SECP521R1_SHA512:
md_alg = MBEDTLS_MD_SHA512;
sig_alg = MBEDTLS_PK_ECDSA;
break;
#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
- case MBEDTLS_TLS13_SIG_RSA_PSS_RSAE_SHA256:
+ case MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA256:
MBEDTLS_SSL_DEBUG_MSG( 4, ( "Certificate Verify: using RSA PSS" ) );
md_alg = MBEDTLS_MD_SHA256;
sig_alg = MBEDTLS_PK_RSASSA_PSS;
@@ -443,17 +443,17 @@
if( sig_alg == MBEDTLS_PK_RSASSA_PSS )
{
const mbedtls_md_info_t* md_info;
- opts.mgf1_hash_id = md_alg;
+ rsassa_pss_options.mgf1_hash_id = md_alg;
if( ( md_info = mbedtls_md_info_from_type( md_alg ) ) == NULL )
{
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
}
- opts.expected_salt_len = mbedtls_md_get_size( md_info );
- opts_ptr = (const void*) &opts;
+ rsassa_pss_options.expected_salt_len = mbedtls_md_get_size( md_info );
+ options = (const void*) &rsassa_pss_options;
}
#endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */
- if( ( ret = mbedtls_pk_verify_ext( sig_alg, opts_ptr,
+ if( ( ret = mbedtls_pk_verify_ext( sig_alg, options,
&ssl->session_negotiate->peer_cert->pk,
md_alg, verify_hash, verify_hash_len,
p, signature_len ) ) == 0 )
@@ -490,7 +490,7 @@
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse certificate verify" ) );
MBEDTLS_SSL_PROC_CHK(
- mbedtls_ssl_tls1_3_fetch_handshake_msg( ssl,
+ mbedtls_ssl_tls13_fetch_handshake_msg( ssl,
MBEDTLS_SSL_HS_CERTIFICATE_VERIFY, &buf, &buf_len ) );
/* Need to calculate the hash of the transcript first
@@ -524,7 +524,7 @@
MBEDTLS_SSL_PROC_CHK( ssl_tls13_parse_certificate_verify( ssl, buf,
buf + buf_len, verify_buffer, verify_buffer_len ) );
- mbedtls_ssl_tls1_3_add_hs_msg_to_checksum( ssl,
+ mbedtls_ssl_tls13_add_hs_msg_to_checksum( ssl,
MBEDTLS_SSL_HS_CERTIFICATE_VERIFY, buf, buf_len );
cleanup:
@@ -850,7 +850,7 @@
unsigned char *buf;
size_t buf_len;
- MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_tls1_3_fetch_handshake_msg(
+ MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_tls13_fetch_handshake_msg(
ssl, MBEDTLS_SSL_HS_CERTIFICATE,
&buf, &buf_len ) );
@@ -859,8 +859,8 @@
/* Validate the certificate chain and set the verification results. */
MBEDTLS_SSL_PROC_CHK( ssl_tls13_validate_certificate( ssl ) );
- mbedtls_ssl_tls1_3_add_hs_msg_to_checksum( ssl, MBEDTLS_SSL_HS_CERTIFICATE,
- buf, buf_len );
+ mbedtls_ssl_tls13_add_hs_msg_to_checksum( ssl, MBEDTLS_SSL_HS_CERTIFICATE,
+ buf, buf_len );
cleanup:
@@ -1020,19 +1020,19 @@
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
unsigned char *buf;
- size_t buflen;
+ size_t buf_len;
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse finished message" ) );
/* Preprocessing step: Compute handshake digest */
MBEDTLS_SSL_PROC_CHK( ssl_tls13_preprocess_finished_message( ssl ) );
- MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_tls1_3_fetch_handshake_msg( ssl,
+ MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_tls13_fetch_handshake_msg( ssl,
MBEDTLS_SSL_HS_FINISHED,
- &buf, &buflen ) );
- MBEDTLS_SSL_PROC_CHK( ssl_tls13_parse_finished_message( ssl, buf, buf + buflen ) );
- mbedtls_ssl_tls1_3_add_hs_msg_to_checksum(
- ssl, MBEDTLS_SSL_HS_FINISHED, buf, buflen );
+ &buf, &buf_len ) );
+ MBEDTLS_SSL_PROC_CHK( ssl_tls13_parse_finished_message( ssl, buf, buf + buf_len ) );
+ mbedtls_ssl_tls13_add_hs_msg_to_checksum(
+ ssl, MBEDTLS_SSL_HS_FINISHED, buf, buf_len );
MBEDTLS_SSL_PROC_CHK( ssl_tls13_postprocess_finished_message( ssl ) );
cleanup:
@@ -1081,7 +1081,7 @@
static int ssl_tls13_write_finished_message_body( mbedtls_ssl_context *ssl,
unsigned char *buf,
unsigned char *end,
- size_t *olen )
+ size_t *out_len )
{
size_t verify_data_len = ssl->handshake->state_local.finished_out.digest_len;
/*
@@ -1094,7 +1094,7 @@
memcpy( buf, ssl->handshake->state_local.finished_out.digest,
verify_data_len );
- *olen = verify_data_len;
+ *out_len = verify_data_len;
return( 0 );
}
@@ -1115,8 +1115,8 @@
MBEDTLS_SSL_PROC_CHK( ssl_tls13_write_finished_message_body(
ssl, buf, buf + buf_len, &msg_len ) );
- mbedtls_ssl_tls1_3_add_hs_msg_to_checksum( ssl, MBEDTLS_SSL_HS_FINISHED,
- buf, msg_len );
+ mbedtls_ssl_tls13_add_hs_msg_to_checksum( ssl, MBEDTLS_SSL_HS_FINISHED,
+ buf, msg_len );
MBEDTLS_SSL_PROC_CHK( ssl_tls13_finalize_finished_message( ssl ) );
MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_tls13_finish_handshake_msg( ssl,
diff --git a/library/ssl_tls13_keys.c b/library/ssl_tls13_keys.c
index 3ca28d5..b77fc7b 100644
--- a/library/ssl_tls13_keys.c
+++ b/library/ssl_tls13_keys.c
@@ -34,7 +34,7 @@
#define MBEDTLS_SSL_TLS1_3_LABEL( name, string ) \
.name = string,
-struct mbedtls_ssl_tls1_3_labels_struct const mbedtls_ssl_tls1_3_labels =
+struct mbedtls_ssl_tls13_labels_struct const mbedtls_ssl_tls13_labels =
{
/* This seems to work in C, despite the string literal being one
* character too long due to the 0-termination. */
@@ -61,24 +61,24 @@
* 255 Bytes, so we require `desired_length` to be at most
* 255. This allows us to save a few Bytes of code by
* hardcoding the writing of the high bytes.
- * - (label, llen): label + label length, without "tls13 " prefix
- * The label length MUST be less than or equal to
- * MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_LABEL_LEN
- * It is the caller's responsibility to ensure this.
- * All (label, label length) pairs used in TLS 1.3
- * can be obtained via MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN().
- * - (ctx, clen): context + context length
- * The context length MUST be less than or equal to
- * MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_CONTEXT_LEN
- * It is the caller's responsibility to ensure this.
+ * - (label, label_len): label + label length, without "tls13 " prefix
+ * The label length MUST be less than or equal to
+ * MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_LABEL_LEN
+ * It is the caller's responsibility to ensure this.
+ * All (label, label length) pairs used in TLS 1.3
+ * can be obtained via MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN().
+ * - (ctx, ctx_len): context + context length
+ * The context length MUST be less than or equal to
+ * MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_CONTEXT_LEN
+ * It is the caller's responsibility to ensure this.
* - dst: Target buffer for HkdfLabel structure,
* This MUST be a writable buffer of size
* at least SSL_TLS1_3_KEY_SCHEDULE_MAX_HKDF_LABEL_LEN Bytes.
- * - dlen: Pointer at which to store the actual length of
- * the HkdfLabel structure on success.
+ * - dst_len: Pointer at which to store the actual length of
+ * the HkdfLabel structure on success.
*/
-static const char tls1_3_label_prefix[6] = "tls13 ";
+static const char tls13_label_prefix[6] = "tls13 ";
#define SSL_TLS1_3_KEY_SCHEDULE_HKDF_LABEL_LEN( label_len, context_len ) \
( 2 /* expansion length */ \
@@ -89,20 +89,20 @@
#define SSL_TLS1_3_KEY_SCHEDULE_MAX_HKDF_LABEL_LEN \
SSL_TLS1_3_KEY_SCHEDULE_HKDF_LABEL_LEN( \
- sizeof(tls1_3_label_prefix) + \
+ sizeof(tls13_label_prefix) + \
MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_LABEL_LEN, \
MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_CONTEXT_LEN )
-static void ssl_tls1_3_hkdf_encode_label(
+static void ssl_tls13_hkdf_encode_label(
size_t desired_length,
- const unsigned char *label, size_t llen,
- const unsigned char *ctx, size_t clen,
- unsigned char *dst, size_t *dlen )
+ const unsigned char *label, size_t label_len,
+ const unsigned char *ctx, size_t ctx_len,
+ unsigned char *dst, size_t *dst_len )
{
size_t total_label_len =
- sizeof(tls1_3_label_prefix) + llen;
+ sizeof(tls13_label_prefix) + label_len;
size_t total_hkdf_lbl_len =
- SSL_TLS1_3_KEY_SCHEDULE_HKDF_LABEL_LEN( total_label_len, clen );
+ SSL_TLS1_3_KEY_SCHEDULE_HKDF_LABEL_LEN( total_label_len, ctx_len );
unsigned char *p = dst;
@@ -110,7 +110,7 @@
* We're hardcoding the high byte to 0 here assuming that we never use
* TLS 1.3 HKDF key expansion to more than 255 Bytes. */
#if MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_EXPANSION_LEN > 255
-#error "The implementation of ssl_tls1_3_hkdf_encode_label() is not fit for the \
+#error "The implementation of ssl_tls13_hkdf_encode_label() is not fit for the \
value of MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_EXPANSION_LEN"
#endif
@@ -119,32 +119,32 @@
/* Add label incl. prefix */
*p++ = MBEDTLS_BYTE_0( total_label_len );
- memcpy( p, tls1_3_label_prefix, sizeof(tls1_3_label_prefix) );
- p += sizeof(tls1_3_label_prefix);
- memcpy( p, label, llen );
- p += llen;
+ memcpy( p, tls13_label_prefix, sizeof(tls13_label_prefix) );
+ p += sizeof(tls13_label_prefix);
+ memcpy( p, label, label_len );
+ p += label_len;
/* Add context value */
- *p++ = MBEDTLS_BYTE_0( clen );
- if( clen != 0 )
- memcpy( p, ctx, clen );
+ *p++ = MBEDTLS_BYTE_0( ctx_len );
+ if( ctx_len != 0 )
+ memcpy( p, ctx, ctx_len );
/* Return total length to the caller. */
- *dlen = total_hkdf_lbl_len;
+ *dst_len = total_hkdf_lbl_len;
}
-int mbedtls_ssl_tls1_3_hkdf_expand_label(
+int mbedtls_ssl_tls13_hkdf_expand_label(
mbedtls_md_type_t hash_alg,
- const unsigned char *secret, size_t slen,
- const unsigned char *label, size_t llen,
- const unsigned char *ctx, size_t clen,
- unsigned char *buf, size_t blen )
+ const unsigned char *secret, size_t secret_len,
+ const unsigned char *label, size_t label_len,
+ const unsigned char *ctx, size_t ctx_len,
+ unsigned char *buf, size_t buf_len )
{
- const mbedtls_md_info_t *md;
+ const mbedtls_md_info_t *md_info;
unsigned char hkdf_label[ SSL_TLS1_3_KEY_SCHEDULE_MAX_HKDF_LABEL_LEN ];
size_t hkdf_label_len;
- if( llen > MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_LABEL_LEN )
+ if( label_len > MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_LABEL_LEN )
{
/* Should never happen since this is an internal
* function, and we know statically which labels
@@ -152,32 +152,32 @@
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
}
- if( clen > MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_CONTEXT_LEN )
+ if( ctx_len > MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_CONTEXT_LEN )
{
/* Should not happen, as above. */
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
}
- if( blen > MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_EXPANSION_LEN )
+ if( buf_len > MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_EXPANSION_LEN )
{
/* Should not happen, as above. */
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
}
- md = mbedtls_md_info_from_type( hash_alg );
- if( md == NULL )
+ md_info = mbedtls_md_info_from_type( hash_alg );
+ if( md_info == NULL )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
- ssl_tls1_3_hkdf_encode_label( blen,
- label, llen,
- ctx, clen,
- hkdf_label,
- &hkdf_label_len );
+ ssl_tls13_hkdf_encode_label( buf_len,
+ label, label_len,
+ ctx, ctx_len,
+ hkdf_label,
+ &hkdf_label_len );
- return( mbedtls_hkdf_expand( md,
- secret, slen,
+ return( mbedtls_hkdf_expand( md_info,
+ secret, secret_len,
hkdf_label, hkdf_label_len,
- buf, blen ) );
+ buf, buf_len ) );
}
/*
@@ -196,41 +196,41 @@
* by the function caller. Note that we generate server and client side
* keys in a single function call.
*/
-int mbedtls_ssl_tls1_3_make_traffic_keys(
+int mbedtls_ssl_tls13_make_traffic_keys(
mbedtls_md_type_t hash_alg,
const unsigned char *client_secret,
- const unsigned char *server_secret,
- size_t slen, size_t key_len, size_t iv_len,
+ const unsigned char *server_secret, size_t secret_len,
+ size_t key_len, size_t iv_len,
mbedtls_ssl_key_set *keys )
{
int ret = 0;
- ret = mbedtls_ssl_tls1_3_hkdf_expand_label( hash_alg,
- client_secret, slen,
+ ret = mbedtls_ssl_tls13_hkdf_expand_label( hash_alg,
+ client_secret, secret_len,
MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( key ),
NULL, 0,
keys->client_write_key, key_len );
if( ret != 0 )
return( ret );
- ret = mbedtls_ssl_tls1_3_hkdf_expand_label( hash_alg,
- server_secret, slen,
+ ret = mbedtls_ssl_tls13_hkdf_expand_label( hash_alg,
+ server_secret, secret_len,
MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( key ),
NULL, 0,
keys->server_write_key, key_len );
if( ret != 0 )
return( ret );
- ret = mbedtls_ssl_tls1_3_hkdf_expand_label( hash_alg,
- client_secret, slen,
+ ret = mbedtls_ssl_tls13_hkdf_expand_label( hash_alg,
+ client_secret, secret_len,
MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( iv ),
NULL, 0,
keys->client_write_iv, iv_len );
if( ret != 0 )
return( ret );
- ret = mbedtls_ssl_tls1_3_hkdf_expand_label( hash_alg,
- server_secret, slen,
+ ret = mbedtls_ssl_tls13_hkdf_expand_label( hash_alg,
+ server_secret, secret_len,
MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( iv ),
NULL, 0,
keys->server_write_iv, iv_len );
@@ -243,32 +243,32 @@
return( 0 );
}
-int mbedtls_ssl_tls1_3_derive_secret(
+int mbedtls_ssl_tls13_derive_secret(
mbedtls_md_type_t hash_alg,
- const unsigned char *secret, size_t slen,
- const unsigned char *label, size_t llen,
- const unsigned char *ctx, size_t clen,
+ const unsigned char *secret, size_t secret_len,
+ const unsigned char *label, size_t label_len,
+ const unsigned char *ctx, size_t ctx_len,
int ctx_hashed,
- unsigned char *dstbuf, size_t buflen )
+ unsigned char *dstbuf, size_t dstbuf_len )
{
int ret;
unsigned char hashed_context[ MBEDTLS_MD_MAX_SIZE ];
- const mbedtls_md_info_t *md;
- md = mbedtls_md_info_from_type( hash_alg );
- if( md == NULL )
+ const mbedtls_md_info_t *md_info;
+ md_info = mbedtls_md_info_from_type( hash_alg );
+ if( md_info == NULL )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
if( ctx_hashed == MBEDTLS_SSL_TLS1_3_CONTEXT_UNHASHED )
{
- ret = mbedtls_md( md, ctx, clen, hashed_context );
+ ret = mbedtls_md( md_info, ctx, ctx_len, hashed_context );
if( ret != 0 )
return( ret );
- clen = mbedtls_md_get_size( md );
+ ctx_len = mbedtls_md_get_size( md_info );
}
else
{
- if( clen > sizeof(hashed_context) )
+ if( ctx_len > sizeof(hashed_context) )
{
/* This should never happen since this function is internal
* and the code sets `ctx_hashed` correctly.
@@ -277,17 +277,17 @@
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
}
- memcpy( hashed_context, ctx, clen );
+ memcpy( hashed_context, ctx, ctx_len );
}
- return( mbedtls_ssl_tls1_3_hkdf_expand_label( hash_alg,
- secret, slen,
- label, llen,
- hashed_context, clen,
- dstbuf, buflen ) );
+ return( mbedtls_ssl_tls13_hkdf_expand_label( hash_alg,
+ secret, secret_len,
+ label, label_len,
+ hashed_context, ctx_len,
+ dstbuf, dstbuf_len ) );
}
-int mbedtls_ssl_tls1_3_evolve_secret(
+int mbedtls_ssl_tls13_evolve_secret(
mbedtls_md_type_t hash_alg,
const unsigned char *secret_old,
const unsigned char *input, size_t input_len,
@@ -298,18 +298,18 @@
unsigned char tmp_secret[ MBEDTLS_MD_MAX_SIZE ] = { 0 };
unsigned char tmp_input [ MBEDTLS_MD_MAX_SIZE ] = { 0 };
- const mbedtls_md_info_t *md;
- md = mbedtls_md_info_from_type( hash_alg );
- if( md == NULL )
+ const mbedtls_md_info_t *md_info;
+ md_info = mbedtls_md_info_from_type( hash_alg );
+ if( md_info == NULL )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
- hlen = mbedtls_md_get_size( md );
+ hlen = mbedtls_md_get_size( md_info );
/* For non-initial runs, call Derive-Secret( ., "derived", "")
* on the old secret. */
if( secret_old != NULL )
{
- ret = mbedtls_ssl_tls1_3_derive_secret(
+ ret = mbedtls_ssl_tls13_derive_secret(
hash_alg,
secret_old, hlen,
MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( derived ),
@@ -333,7 +333,7 @@
/* HKDF-Extract takes a salt and input key material.
* The salt is the old secret, and the input key material
* is the input secret (PSK / ECDHE). */
- ret = mbedtls_hkdf_extract( md,
+ ret = mbedtls_hkdf_extract( md_info,
tmp_secret, hlen,
tmp_input, ilen,
secret_new );
@@ -349,11 +349,11 @@
return( ret );
}
-int mbedtls_ssl_tls1_3_derive_early_secrets(
+int mbedtls_ssl_tls13_derive_early_secrets(
mbedtls_md_type_t md_type,
unsigned char const *early_secret,
unsigned char const *transcript, size_t transcript_len,
- mbedtls_ssl_tls1_3_early_secrets *derived )
+ mbedtls_ssl_tls13_early_secrets *derived )
{
int ret;
mbedtls_md_info_t const * const md_info = mbedtls_md_info_from_type( md_type );
@@ -379,7 +379,7 @@
*/
/* Create client_early_traffic_secret */
- ret = mbedtls_ssl_tls1_3_derive_secret( md_type,
+ ret = mbedtls_ssl_tls13_derive_secret( md_type,
early_secret, md_size,
MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( c_e_traffic ),
transcript, transcript_len,
@@ -390,7 +390,7 @@
return( ret );
/* Create early exporter */
- ret = mbedtls_ssl_tls1_3_derive_secret( md_type,
+ ret = mbedtls_ssl_tls13_derive_secret( md_type,
early_secret, md_size,
MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( e_exp_master ),
transcript, transcript_len,
@@ -403,11 +403,11 @@
return( 0 );
}
-int mbedtls_ssl_tls1_3_derive_handshake_secrets(
+int mbedtls_ssl_tls13_derive_handshake_secrets(
mbedtls_md_type_t md_type,
unsigned char const *handshake_secret,
unsigned char const *transcript, size_t transcript_len,
- mbedtls_ssl_tls1_3_handshake_secrets *derived )
+ mbedtls_ssl_tls13_handshake_secrets *derived )
{
int ret;
mbedtls_md_info_t const * const md_info = mbedtls_md_info_from_type( md_type );
@@ -437,7 +437,7 @@
* Derive-Secret( ., "c hs traffic", ClientHello...ServerHello )
*/
- ret = mbedtls_ssl_tls1_3_derive_secret( md_type,
+ ret = mbedtls_ssl_tls13_derive_secret( md_type,
handshake_secret, md_size,
MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( c_hs_traffic ),
transcript, transcript_len,
@@ -452,7 +452,7 @@
* Derive-Secret( ., "s hs traffic", ClientHello...ServerHello )
*/
- ret = mbedtls_ssl_tls1_3_derive_secret( md_type,
+ ret = mbedtls_ssl_tls13_derive_secret( md_type,
handshake_secret, md_size,
MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( s_hs_traffic ),
transcript, transcript_len,
@@ -465,11 +465,11 @@
return( 0 );
}
-int mbedtls_ssl_tls1_3_derive_application_secrets(
+int mbedtls_ssl_tls13_derive_application_secrets(
mbedtls_md_type_t md_type,
unsigned char const *application_secret,
unsigned char const *transcript, size_t transcript_len,
- mbedtls_ssl_tls1_3_application_secrets *derived )
+ mbedtls_ssl_tls13_application_secrets *derived )
{
int ret;
mbedtls_md_info_t const * const md_info = mbedtls_md_info_from_type( md_type );
@@ -498,7 +498,7 @@
*
*/
- ret = mbedtls_ssl_tls1_3_derive_secret( md_type,
+ ret = mbedtls_ssl_tls13_derive_secret( md_type,
application_secret, md_size,
MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( c_ap_traffic ),
transcript, transcript_len,
@@ -508,7 +508,7 @@
if( ret != 0 )
return( ret );
- ret = mbedtls_ssl_tls1_3_derive_secret( md_type,
+ ret = mbedtls_ssl_tls13_derive_secret( md_type,
application_secret, md_size,
MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( s_ap_traffic ),
transcript, transcript_len,
@@ -518,7 +518,7 @@
if( ret != 0 )
return( ret );
- ret = mbedtls_ssl_tls1_3_derive_secret( md_type,
+ ret = mbedtls_ssl_tls13_derive_secret( md_type,
application_secret, md_size,
MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( exp_master ),
transcript, transcript_len,
@@ -533,13 +533,13 @@
/* Generate resumption_master_secret for use with the ticket exchange.
*
- * This is not integrated with mbedtls_ssl_tls1_3_derive_application_secrets()
+ * This is not integrated with mbedtls_ssl_tls13_derive_application_secrets()
* because it uses the transcript hash up to and including ClientFinished. */
-int mbedtls_ssl_tls1_3_derive_resumption_master_secret(
+int mbedtls_ssl_tls13_derive_resumption_master_secret(
mbedtls_md_type_t md_type,
unsigned char const *application_secret,
unsigned char const *transcript, size_t transcript_len,
- mbedtls_ssl_tls1_3_application_secrets *derived )
+ mbedtls_ssl_tls13_application_secrets *derived )
{
int ret;
mbedtls_md_info_t const * const md_info = mbedtls_md_info_from_type( md_type );
@@ -550,7 +550,7 @@
if( md_info == 0 )
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
- ret = mbedtls_ssl_tls1_3_derive_secret( md_type,
+ ret = mbedtls_ssl_tls13_derive_secret( md_type,
application_secret, md_size,
MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( res_master ),
transcript, transcript_len,
@@ -577,26 +577,26 @@
/*
* Compute MasterSecret
*/
- ret = mbedtls_ssl_tls1_3_evolve_secret( md_type,
- handshake->tls1_3_master_secrets.handshake,
+ ret = mbedtls_ssl_tls13_evolve_secret( md_type,
+ handshake->tls13_master_secrets.handshake,
NULL, 0,
- handshake->tls1_3_master_secrets.app );
+ handshake->tls13_master_secrets.app );
if( ret != 0 )
{
- MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_tls1_3_evolve_secret", ret );
+ MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_tls13_evolve_secret", ret );
return( ret );
}
MBEDTLS_SSL_DEBUG_BUF( 4, "Master secret",
- handshake->tls1_3_master_secrets.app, md_size );
+ handshake->tls13_master_secrets.app, md_size );
return( 0 );
}
-static int ssl_tls1_3_calc_finished_core( mbedtls_md_type_t md_type,
- unsigned char const *base_key,
- unsigned char const *transcript,
- unsigned char *dst )
+static int ssl_tls13_calc_finished_core( mbedtls_md_type_t md_type,
+ unsigned char const *base_key,
+ unsigned char const *transcript,
+ unsigned char *dst )
{
const mbedtls_md_info_t* const md_info = mbedtls_md_info_from_type( md_type );
size_t const md_size = mbedtls_md_get_size( md_info );
@@ -625,7 +625,7 @@
* HKDF-Expand-Label( BaseKey, "finished", "", Hash.length )
*/
- ret = mbedtls_ssl_tls1_3_hkdf_expand_label(
+ ret = mbedtls_ssl_tls13_hkdf_expand_label(
md_type, base_key, md_size,
MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( finished ),
NULL, 0,
@@ -657,8 +657,9 @@
unsigned char const *base_key = NULL;
mbedtls_md_type_t const md_type = ssl->handshake->ciphersuite_info->mac;
- const mbedtls_md_info_t* const md = mbedtls_md_info_from_type( md_type );
- size_t const md_size = mbedtls_md_get_size( md );
+ const mbedtls_md_info_t* const md_info =
+ mbedtls_md_info_from_type( md_type );
+ size_t const md_size = mbedtls_md_get_size( md_info );
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> mbedtls_ssl_tls13_calculate_verify_data" ) );
@@ -680,7 +681,7 @@
else
base_key = ssl->handshake->tls13_hs_secrets.server_handshake_traffic_secret;
- ret = ssl_tls1_3_calc_finished_core( md_type, base_key, transcript, dst );
+ ret = ssl_tls13_calc_finished_core( md_type, base_key, transcript, dst );
if( ret != 0 )
goto exit;
*actual_len = md_size;
@@ -694,7 +695,7 @@
return( ret );
}
-int mbedtls_ssl_tls1_3_create_psk_binder( mbedtls_ssl_context *ssl,
+int mbedtls_ssl_tls13_create_psk_binder( mbedtls_ssl_context *ssl,
const mbedtls_md_type_t md_type,
unsigned char const *psk, size_t psk_len,
int psk_type,
@@ -728,19 +729,19 @@
* v
*/
- ret = mbedtls_ssl_tls1_3_evolve_secret( md_type,
- NULL, /* Old secret */
- psk, psk_len, /* Input */
- early_secret );
+ ret = mbedtls_ssl_tls13_evolve_secret( md_type,
+ NULL, /* Old secret */
+ psk, psk_len, /* Input */
+ early_secret );
if( ret != 0 )
{
- MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_tls1_3_evolve_secret", ret );
+ MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_tls13_evolve_secret", ret );
goto exit;
}
if( psk_type == MBEDTLS_SSL_TLS1_3_PSK_RESUMPTION )
{
- ret = mbedtls_ssl_tls1_3_derive_secret( md_type,
+ ret = mbedtls_ssl_tls13_derive_secret( md_type,
early_secret, md_size,
MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( res_binder ),
NULL, 0, MBEDTLS_SSL_TLS1_3_CONTEXT_UNHASHED,
@@ -749,7 +750,7 @@
}
else
{
- ret = mbedtls_ssl_tls1_3_derive_secret( md_type,
+ ret = mbedtls_ssl_tls13_derive_secret( md_type,
early_secret, md_size,
MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( ext_binder ),
NULL, 0, MBEDTLS_SSL_TLS1_3_CONTEXT_UNHASHED,
@@ -759,7 +760,7 @@
if( ret != 0 )
{
- MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_tls1_3_derive_secret", ret );
+ MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_tls13_derive_secret", ret );
goto exit;
}
@@ -768,7 +769,7 @@
* but with the BaseKey being the binder_key.
*/
- ret = ssl_tls1_3_calc_finished_core( md_type, binder_key, transcript, result );
+ ret = ssl_tls13_calc_finished_core( md_type, binder_key, transcript, result );
if( ret != 0 )
goto exit;
@@ -902,7 +903,7 @@
return( 0 );
}
-int mbedtls_ssl_tls1_3_key_schedule_stage_early( mbedtls_ssl_context *ssl )
+int mbedtls_ssl_tls13_key_schedule_stage_early( mbedtls_ssl_context *ssl )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
mbedtls_md_type_t md_type;
@@ -916,11 +917,11 @@
md_type = handshake->ciphersuite_info->mac;
- ret = mbedtls_ssl_tls1_3_evolve_secret( md_type, NULL, NULL, 0,
- handshake->tls1_3_master_secrets.early );
+ ret = mbedtls_ssl_tls13_evolve_secret( md_type, NULL, NULL, 0,
+ handshake->tls13_master_secrets.early );
if( ret != 0 )
{
- MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_tls1_3_evolve_secret", ret );
+ MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_tls13_evolve_secret", ret );
return( ret );
}
@@ -942,17 +943,17 @@
size_t transcript_len;
mbedtls_cipher_info_t const *cipher_info;
- size_t keylen, ivlen;
+ size_t key_len, iv_len;
mbedtls_ssl_handshake_params *handshake = ssl->handshake;
const mbedtls_ssl_ciphersuite_t *ciphersuite_info = handshake->ciphersuite_info;
- mbedtls_ssl_tls1_3_handshake_secrets *tls13_hs_secrets = &handshake->tls13_hs_secrets;
+ mbedtls_ssl_tls13_handshake_secrets *tls13_hs_secrets = &handshake->tls13_hs_secrets;
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> mbedtls_ssl_tls13_generate_handshake_keys" ) );
cipher_info = mbedtls_cipher_info_from_type( ciphersuite_info->cipher );
- keylen = cipher_info->key_bitlen >> 3;
- ivlen = cipher_info->iv_size;
+ key_len = cipher_info->key_bitlen >> 3;
+ iv_len = cipher_info->iv_size;
md_type = ciphersuite_info->mac;
md_info = mbedtls_md_info_from_type( md_type );
@@ -970,12 +971,12 @@
return( ret );
}
- ret = mbedtls_ssl_tls1_3_derive_handshake_secrets( md_type,
- handshake->tls1_3_master_secrets.handshake,
+ ret = mbedtls_ssl_tls13_derive_handshake_secrets( md_type,
+ handshake->tls13_master_secrets.handshake,
transcript, transcript_len, tls13_hs_secrets );
if( ret != 0 )
{
- MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_tls1_3_derive_handshake_secrets",
+ MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_tls13_derive_handshake_secrets",
ret );
return( ret );
}
@@ -993,7 +994,7 @@
if( ssl->f_export_keys != NULL )
{
ssl->f_export_keys( ssl->p_export_keys,
- MBEDTLS_SSL_KEY_EXPORT_TLS13_CLIENT_HANDSHAKE_TRAFFIC_SECRET,
+ MBEDTLS_SSL_KEY_EXPORT_TLS1_3_CLIENT_HANDSHAKE_TRAFFIC_SECRET,
tls13_hs_secrets->client_handshake_traffic_secret,
md_size,
handshake->randbytes + 32,
@@ -1001,7 +1002,7 @@
MBEDTLS_SSL_TLS_PRF_NONE /* TODO: FIX! */ );
ssl->f_export_keys( ssl->p_export_keys,
- MBEDTLS_SSL_KEY_EXPORT_TLS13_SERVER_HANDSHAKE_TRAFFIC_SECRET,
+ MBEDTLS_SSL_KEY_EXPORT_TLS1_3_SERVER_HANDSHAKE_TRAFFIC_SECRET,
tls13_hs_secrets->server_handshake_traffic_secret,
md_size,
handshake->randbytes + 32,
@@ -1009,13 +1010,13 @@
MBEDTLS_SSL_TLS_PRF_NONE /* TODO: FIX! */ );
}
- ret = mbedtls_ssl_tls1_3_make_traffic_keys( md_type,
+ ret = mbedtls_ssl_tls13_make_traffic_keys( md_type,
tls13_hs_secrets->client_handshake_traffic_secret,
tls13_hs_secrets->server_handshake_traffic_secret,
- md_size, keylen, ivlen, traffic_keys );
+ md_size, key_len, iv_len, traffic_keys );
if( ret != 0 )
{
- MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_tls1_3_make_traffic_keys", ret );
+ MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_tls13_make_traffic_keys", ret );
goto exit;
}
@@ -1060,7 +1061,7 @@
* client_handshake_traffic_secret and server_handshake_traffic_secret
* are derived in the handshake secret derivation stage.
*/
- if( mbedtls_ssl_tls1_3_ephemeral_enabled( ssl ) )
+ if( mbedtls_ssl_tls13_ephemeral_enabled( ssl ) )
{
if( mbedtls_ssl_tls13_named_group_is_ecdhe( handshake->offered_group_id ) )
{
@@ -1089,18 +1090,18 @@
/*
* Compute the Handshake Secret
*/
- ret = mbedtls_ssl_tls1_3_evolve_secret( md_type,
- handshake->tls1_3_master_secrets.early,
- ecdhe, ephemeral_len,
- handshake->tls1_3_master_secrets.handshake );
+ ret = mbedtls_ssl_tls13_evolve_secret( md_type,
+ handshake->tls13_master_secrets.early,
+ ecdhe, ephemeral_len,
+ handshake->tls13_master_secrets.handshake );
if( ret != 0 )
{
- MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_tls1_3_evolve_secret", ret );
+ MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_tls13_evolve_secret", ret );
return( ret );
}
MBEDTLS_SSL_DEBUG_BUF( 4, "Handshake secret",
- handshake->tls1_3_master_secrets.handshake, md_size );
+ handshake->tls13_master_secrets.handshake, md_size );
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDHE_ENABLED)
mbedtls_platform_zeroize( ecdhe, sizeof( ecdhe ) );
@@ -1119,7 +1120,7 @@
mbedtls_ssl_handshake_params *handshake = ssl->handshake;
/* Address at which to store the application secrets */
- mbedtls_ssl_tls1_3_application_secrets * const app_secrets =
+ mbedtls_ssl_tls13_application_secrets * const app_secrets =
&ssl->session_negotiate->app_secrets;
/* Holding the transcript up to and including the ServerFinished */
@@ -1133,7 +1134,7 @@
/* Variables relating to the cipher for the chosen ciphersuite. */
mbedtls_cipher_info_t const *cipher_info;
- size_t keylen, ivlen;
+ size_t key_len, iv_len;
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> derive application traffic keys" ) );
@@ -1141,8 +1142,8 @@
cipher_info = mbedtls_cipher_info_from_type(
handshake->ciphersuite_info->cipher );
- keylen = cipher_info->key_bitlen / 8;
- ivlen = cipher_info->iv_size;
+ key_len = cipher_info->key_bitlen / 8;
+ iv_len = cipher_info->iv_size;
md_type = handshake->ciphersuite_info->mac;
md_info = mbedtls_md_info_from_type( md_type );
@@ -1159,26 +1160,26 @@
/* Compute application secrets from master secret and transcript hash. */
- ret = mbedtls_ssl_tls1_3_derive_application_secrets( md_type,
- handshake->tls1_3_master_secrets.app,
+ ret = mbedtls_ssl_tls13_derive_application_secrets( md_type,
+ handshake->tls13_master_secrets.app,
transcript, transcript_len,
app_secrets );
if( ret != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1,
- "mbedtls_ssl_tls1_3_derive_application_secrets", ret );
+ "mbedtls_ssl_tls13_derive_application_secrets", ret );
goto cleanup;
}
/* Derive first epoch of IV + Key for application traffic. */
- ret = mbedtls_ssl_tls1_3_make_traffic_keys( md_type,
+ ret = mbedtls_ssl_tls13_make_traffic_keys( md_type,
app_secrets->client_application_traffic_secret_N,
app_secrets->server_application_traffic_secret_N,
- md_size, keylen, ivlen, traffic_keys );
+ md_size, key_len, iv_len, traffic_keys );
if( ret != 0 )
{
- MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_tls1_3_make_traffic_keys", ret );
+ MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_tls13_make_traffic_keys", ret );
goto cleanup;
}
@@ -1196,7 +1197,7 @@
if( ssl->f_export_keys != NULL )
{
ssl->f_export_keys( ssl->p_export_keys,
- MBEDTLS_SSL_KEY_EXPORT_TLS13_CLIENT_APPLICATION_TRAFFIC_SECRET,
+ MBEDTLS_SSL_KEY_EXPORT_TLS1_3_CLIENT_APPLICATION_TRAFFIC_SECRET,
app_secrets->client_application_traffic_secret_N, md_size,
handshake->randbytes + 32,
handshake->randbytes,
@@ -1204,7 +1205,7 @@
a new constant for TLS 1.3! */ );
ssl->f_export_keys( ssl->p_export_keys,
- MBEDTLS_SSL_KEY_EXPORT_TLS13_SERVER_APPLICATION_TRAFFIC_SECRET,
+ MBEDTLS_SSL_KEY_EXPORT_TLS1_3_SERVER_APPLICATION_TRAFFIC_SECRET,
app_secrets->server_application_traffic_secret_N, md_size,
handshake->randbytes + 32,
handshake->randbytes,
@@ -1213,13 +1214,13 @@
}
MBEDTLS_SSL_DEBUG_BUF( 4, "client application_write_key:",
- traffic_keys->client_write_key, keylen );
+ traffic_keys->client_write_key, key_len );
MBEDTLS_SSL_DEBUG_BUF( 4, "server application write key",
- traffic_keys->server_write_key, keylen );
+ traffic_keys->server_write_key, key_len );
MBEDTLS_SSL_DEBUG_BUF( 4, "client application write IV",
- traffic_keys->client_write_iv, ivlen );
+ traffic_keys->client_write_iv, iv_len );
MBEDTLS_SSL_DEBUG_BUF( 4, "server application write IV",
- traffic_keys->server_write_iv, ivlen );
+ traffic_keys->server_write_iv, iv_len );
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= derive application traffic keys" ) );
diff --git a/library/ssl_tls13_keys.h b/library/ssl_tls13_keys.h
index d598448..da967c3 100644
--- a/library/ssl_tls13_keys.h
+++ b/library/ssl_tls13_keys.h
@@ -20,7 +20,7 @@
#define MBEDTLS_SSL_TLS1_3_KEYS_H
/* This requires MBEDTLS_SSL_TLS1_3_LABEL( idx, name, string ) to be defined at
- * the point of use. See e.g. the definition of mbedtls_ssl_tls1_3_labels_union
+ * the point of use. See e.g. the definition of mbedtls_ssl_tls13_labels_union
* below. */
#define MBEDTLS_SSL_TLS1_3_LABEL_LIST \
MBEDTLS_SSL_TLS1_3_LABEL( finished , "finished" ) \
@@ -47,27 +47,27 @@
#define MBEDTLS_SSL_TLS1_3_LABEL( name, string ) \
const unsigned char name [ sizeof(string) - 1 ];
-union mbedtls_ssl_tls1_3_labels_union
+union mbedtls_ssl_tls13_labels_union
{
MBEDTLS_SSL_TLS1_3_LABEL_LIST
};
-struct mbedtls_ssl_tls1_3_labels_struct
+struct mbedtls_ssl_tls13_labels_struct
{
MBEDTLS_SSL_TLS1_3_LABEL_LIST
};
#undef MBEDTLS_SSL_TLS1_3_LABEL
-extern const struct mbedtls_ssl_tls1_3_labels_struct mbedtls_ssl_tls1_3_labels;
+extern const struct mbedtls_ssl_tls13_labels_struct mbedtls_ssl_tls13_labels;
#define MBEDTLS_SSL_TLS1_3_LBL_LEN( LABEL ) \
- sizeof(mbedtls_ssl_tls1_3_labels.LABEL)
+ sizeof(mbedtls_ssl_tls13_labels.LABEL)
#define MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( LABEL ) \
- mbedtls_ssl_tls1_3_labels.LABEL, \
+ mbedtls_ssl_tls13_labels.LABEL, \
MBEDTLS_SSL_TLS1_3_LBL_LEN( LABEL )
#define MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_LABEL_LEN \
- sizeof( union mbedtls_ssl_tls1_3_labels_union )
+ sizeof( union mbedtls_ssl_tls13_labels_union )
/* The maximum length of HKDF contexts used in the TLS 1.3 standard.
* Since contexts are always hashes of message transcripts, this can
@@ -79,44 +79,46 @@
* by HKDF-Expand-Label.
*
* Warning: If this ever needs to be increased, the implementation
- * ssl_tls1_3_hkdf_encode_label() in ssl_tls13_keys.c needs to be
+ * ssl_tls13_hkdf_encode_label() in ssl_tls13_keys.c needs to be
* adjusted since it currently assumes that HKDF key expansion
* is never used with more than 255 Bytes of output. */
#define MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_EXPANSION_LEN 255
/**
- * \brief The \c HKDF-Expand-Label function from
- * the TLS 1.3 standard RFC 8446.
+ * \brief The \c HKDF-Expand-Label function from
+ * the TLS 1.3 standard RFC 8446.
*
* <tt>
- * HKDF-Expand-Label( Secret, Label, Context, Length ) =
+ * HKDF-Expand-Label( Secret, Label, Context, Length ) =
* HKDF-Expand( Secret, HkdfLabel, Length )
* </tt>
*
- * \param hash_alg The identifier for the hash algorithm to use.
- * \param secret The \c Secret argument to \c HKDF-Expand-Label.
- * This must be a readable buffer of length \p slen Bytes.
- * \param slen The length of \p secret in Bytes.
- * \param label The \c Label argument to \c HKDF-Expand-Label.
- * This must be a readable buffer of length \p llen Bytes.
- * \param llen The length of \p label in Bytes.
- * \param ctx The \c Context argument to \c HKDF-Expand-Label.
- * This must be a readable buffer of length \p clen Bytes.
- * \param clen The length of \p context in Bytes.
- * \param buf The destination buffer to hold the expanded secret.
- * This must be a writable buffer of length \p blen Bytes.
- * \param blen The desired size of the expanded secret in Bytes.
+ * \param hash_alg The identifier for the hash algorithm to use.
+ * \param secret The \c Secret argument to \c HKDF-Expand-Label.
+ * This must be a readable buffer of length
+ * \p secret_len Bytes.
+ * \param secret_len The length of \p secret in Bytes.
+ * \param label The \c Label argument to \c HKDF-Expand-Label.
+ * This must be a readable buffer of length
+ * \p label_len Bytes.
+ * \param label_len The length of \p label in Bytes.
+ * \param ctx The \c Context argument to \c HKDF-Expand-Label.
+ * This must be a readable buffer of length \p ctx_len Bytes.
+ * \param ctx_len The length of \p context in Bytes.
+ * \param buf The destination buffer to hold the expanded secret.
+ * This must be a writable buffer of length \p buf_len Bytes.
+ * \param buf_len The desired size of the expanded secret in Bytes.
*
- * \returns \c 0 on success.
- * \return A negative error code on failure.
+ * \returns \c 0 on success.
+ * \return A negative error code on failure.
*/
-int mbedtls_ssl_tls1_3_hkdf_expand_label(
+int mbedtls_ssl_tls13_hkdf_expand_label(
mbedtls_md_type_t hash_alg,
- const unsigned char *secret, size_t slen,
- const unsigned char *label, size_t llen,
- const unsigned char *ctx, size_t clen,
- unsigned char *buf, size_t blen );
+ const unsigned char *secret, size_t secret_len,
+ const unsigned char *label, size_t label_len,
+ const unsigned char *ctx, size_t ctx_len,
+ unsigned char *buf, size_t buf_len );
/**
* \brief This function is part of the TLS 1.3 key schedule.
@@ -133,10 +135,12 @@
* \param hash_alg The identifier for the hash algorithm to be used
* for the HKDF-based expansion of the secret.
* \param client_secret The client traffic secret.
- * This must be a readable buffer of size \p slen Bytes
+ * This must be a readable buffer of size
+ * \p secret_len Bytes
* \param server_secret The server traffic secret.
- * This must be a readable buffer of size \p slen Bytes
- * \param slen Length of the secrets \p client_secret and
+ * This must be a readable buffer of size
+ * \p secret_len Bytes
+ * \param secret_len Length of the secrets \p client_secret and
* \p server_secret in Bytes.
* \param key_len The desired length of the key to be extracted in Bytes.
* \param iv_len The desired length of the IV to be extracted in Bytes.
@@ -147,11 +151,11 @@
* \returns A negative error code on failure.
*/
-int mbedtls_ssl_tls1_3_make_traffic_keys(
+int mbedtls_ssl_tls13_make_traffic_keys(
mbedtls_md_type_t hash_alg,
const unsigned char *client_secret,
- const unsigned char *server_secret,
- size_t slen, size_t key_len, size_t iv_len,
+ const unsigned char *server_secret, size_t secret_len,
+ size_t key_len, size_t iv_len,
mbedtls_ssl_key_set *keys );
@@ -171,15 +175,17 @@
* \param hash_alg The identifier for the hash function used for the
* applications of HKDF.
* \param secret The \c Secret argument to the \c Derive-Secret function.
- * This must be a readable buffer of length \p slen Bytes.
- * \param slen The length of \p secret in Bytes.
+ * This must be a readable buffer of length
+ * \p secret_len Bytes.
+ * \param secret_len The length of \p secret in Bytes.
* \param label The \c Label argument to the \c Derive-Secret function.
- * This must be a readable buffer of length \p llen Bytes.
- * \param llen The length of \p label in Bytes.
+ * This must be a readable buffer of length
+ * \p label_len Bytes.
+ * \param label_len The length of \p label in Bytes.
* \param ctx The hash of the \c Messages argument to the
* \c Derive-Secret function, or the \c Messages argument
- * itself, depending on \p context_already_hashed.
- * \param clen The length of \p hash.
+ * itself, depending on \p ctx_hashed.
+ * \param ctx_len The length of \p ctx in Bytes.
* \param ctx_hashed This indicates whether the \p ctx contains the hash of
* the \c Messages argument in the application of the
* \c Derive-Secret function
@@ -189,24 +195,24 @@
* (value MBEDTLS_SSL_TLS1_3_CONTEXT_UNHASHED).
* \param dstbuf The target buffer to write the output of
* \c Derive-Secret to. This must be a writable buffer of
- * size \p buflen Bytes.
- * \param buflen The length of \p dstbuf in Bytes.
+ * size \p dtsbuf_len Bytes.
+ * \param dstbuf_len The length of \p dstbuf in Bytes.
*
* \returns \c 0 on success.
* \returns A negative error code on failure.
*/
-int mbedtls_ssl_tls1_3_derive_secret(
+int mbedtls_ssl_tls13_derive_secret(
mbedtls_md_type_t hash_alg,
- const unsigned char *secret, size_t slen,
- const unsigned char *label, size_t llen,
- const unsigned char *ctx, size_t clen,
+ const unsigned char *secret, size_t secret_len,
+ const unsigned char *label, size_t label_len,
+ const unsigned char *ctx, size_t ctx_len,
int ctx_hashed,
- unsigned char *dstbuf, size_t buflen );
+ unsigned char *dstbuf, size_t dstbuf_len );
/**
* \brief Derive TLS 1.3 early data key material from early secret.
*
- * This is a small wrapper invoking mbedtls_ssl_tls1_3_derive_secret()
+ * This is a small wrapper invoking mbedtls_ssl_tls13_derive_secret()
* with the appropriate labels.
*
* <tt>
@@ -223,11 +229,11 @@
*
* \note To obtain the actual key and IV for the early data traffic,
* the client secret derived by this function need to be
- * further processed by mbedtls_ssl_tls1_3_make_traffic_keys().
+ * further processed by mbedtls_ssl_tls13_make_traffic_keys().
*
* \note The binder key, which is also generated from the early secret,
* is omitted here. Its calculation is part of the separate routine
- * mbedtls_ssl_tls1_3_create_psk_binder().
+ * mbedtls_ssl_tls13_create_psk_binder().
*
* \param md_type The hash algorithm associated with the PSK for which
* early data key material is being derived.
@@ -245,16 +251,16 @@
* \returns \c 0 on success.
* \returns A negative error code on failure.
*/
-int mbedtls_ssl_tls1_3_derive_early_secrets(
+int mbedtls_ssl_tls13_derive_early_secrets(
mbedtls_md_type_t md_type,
unsigned char const *early_secret,
unsigned char const *transcript, size_t transcript_len,
- mbedtls_ssl_tls1_3_early_secrets *derived );
+ mbedtls_ssl_tls13_early_secrets *derived );
/**
* \brief Derive TLS 1.3 handshake key material from the handshake secret.
*
- * This is a small wrapper invoking mbedtls_ssl_tls1_3_derive_secret()
+ * This is a small wrapper invoking mbedtls_ssl_tls13_derive_secret()
* with the appropriate labels from the standard.
*
* <tt>
@@ -272,7 +278,7 @@
*
* \note To obtain the actual key and IV for the encrypted handshake traffic,
* the client and server secret derived by this function need to be
- * further processed by mbedtls_ssl_tls1_3_make_traffic_keys().
+ * further processed by mbedtls_ssl_tls13_make_traffic_keys().
*
* \param md_type The hash algorithm associated with the ciphersuite
* that's being used for the connection.
@@ -290,16 +296,16 @@
* \returns \c 0 on success.
* \returns A negative error code on failure.
*/
-int mbedtls_ssl_tls1_3_derive_handshake_secrets(
+int mbedtls_ssl_tls13_derive_handshake_secrets(
mbedtls_md_type_t md_type,
unsigned char const *handshake_secret,
unsigned char const *transcript, size_t transcript_len,
- mbedtls_ssl_tls1_3_handshake_secrets *derived );
+ mbedtls_ssl_tls13_handshake_secrets *derived );
/**
* \brief Derive TLS 1.3 application key material from the master secret.
*
- * This is a small wrapper invoking mbedtls_ssl_tls1_3_derive_secret()
+ * This is a small wrapper invoking mbedtls_ssl_tls13_derive_secret()
* with the appropriate labels from the standard.
*
* <tt>
@@ -321,7 +327,7 @@
*
* \note To obtain the actual key and IV for the (0-th) application traffic,
* the client and server secret derived by this function need to be
- * further processed by mbedtls_ssl_tls1_3_make_traffic_keys().
+ * further processed by mbedtls_ssl_tls13_make_traffic_keys().
*
* \param md_type The hash algorithm associated with the ciphersuite
* that's being used for the connection.
@@ -340,16 +346,16 @@
* \returns \c 0 on success.
* \returns A negative error code on failure.
*/
-int mbedtls_ssl_tls1_3_derive_application_secrets(
+int mbedtls_ssl_tls13_derive_application_secrets(
mbedtls_md_type_t md_type,
unsigned char const *master_secret,
unsigned char const *transcript, size_t transcript_len,
- mbedtls_ssl_tls1_3_application_secrets *derived );
+ mbedtls_ssl_tls13_application_secrets *derived );
/**
* \brief Derive TLS 1.3 resumption master secret from the master secret.
*
- * This is a small wrapper invoking mbedtls_ssl_tls1_3_derive_secret()
+ * This is a small wrapper invoking mbedtls_ssl_tls13_derive_secret()
* with the appropriate labels from the standard.
*
* \param md_type The hash algorithm used in the application for which
@@ -370,11 +376,11 @@
* \returns \c 0 on success.
* \returns A negative error code on failure.
*/
-int mbedtls_ssl_tls1_3_derive_resumption_master_secret(
+int mbedtls_ssl_tls13_derive_resumption_master_secret(
mbedtls_md_type_t md_type,
unsigned char const *application_secret,
unsigned char const *transcript, size_t transcript_len,
- mbedtls_ssl_tls1_3_application_secrets *derived );
+ mbedtls_ssl_tls13_application_secrets *derived );
/**
* \brief Compute the next secret in the TLS 1.3 key schedule
@@ -406,7 +412,7 @@
*
* Each of the three secrets in turn is the basis for further
* key derivations, such as the derivation of traffic keys and IVs;
- * see e.g. mbedtls_ssl_tls1_3_make_traffic_keys().
+ * see e.g. mbedtls_ssl_tls13_make_traffic_keys().
*
* This function implements one step in this evolution of secrets:
*
@@ -443,7 +449,7 @@
* \returns A negative error code on failure.
*/
-int mbedtls_ssl_tls1_3_evolve_secret(
+int mbedtls_ssl_tls13_evolve_secret(
mbedtls_md_type_t hash_alg,
const unsigned char *secret_old,
const unsigned char *input, size_t input_len,
@@ -475,7 +481,7 @@
* \returns \c 0 on success.
* \returns A negative error code on failure.
*/
-int mbedtls_ssl_tls1_3_create_psk_binder( mbedtls_ssl_context *ssl,
+int mbedtls_ssl_tls13_create_psk_binder( mbedtls_ssl_context *ssl,
const mbedtls_md_type_t md_type,
unsigned char const *psk, size_t psk_len,
int psk_type,
@@ -520,7 +526,7 @@
*
* Early -> Handshake -> Application
*
- * Small wrappers around mbedtls_ssl_tls1_3_evolve_secret().
+ * Small wrappers around mbedtls_ssl_tls13_evolve_secret().
*/
/**
@@ -535,7 +541,7 @@
* \returns \c 0 on success.
* \returns A negative error code on failure.
*/
-int mbedtls_ssl_tls1_3_key_schedule_stage_early( mbedtls_ssl_context *ssl );
+int mbedtls_ssl_tls13_key_schedule_stage_early( mbedtls_ssl_context *ssl );
/**
* \brief Transition into handshake stage of TLS 1.3 key schedule.
diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c
index 86f44cb..3018ecb 100644
--- a/library/ssl_tls13_server.c
+++ b/library/ssl_tls13_server.c
@@ -30,7 +30,7 @@
int mbedtls_ssl_tls13_handshake_server_step( mbedtls_ssl_context *ssl )
{
((void) ssl);
- MBEDTLS_SSL_DEBUG_MSG( 2, ( "tls1_3 server state: %d", ssl->state ) );
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "tls13 server state: %d", ssl->state ) );
return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
}
diff --git a/programs/fuzz/common.c b/programs/fuzz/common.c
index ac39ee2..e12ee3b 100644
--- a/programs/fuzz/common.c
+++ b/programs/fuzz/common.c
@@ -1,4 +1,5 @@
#include "common.h"
+#include <limits.h>
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index 214f471..776d77d 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -69,7 +69,7 @@
#define DFL_ECJPAKE_PW NULL
#define DFL_EC_MAX_OPS -1
#define DFL_FORCE_CIPHER 0
-#define DFL_TLS13_KEX_MODES MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_ALL
+#define DFL_TLS1_3_KEX_MODES MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_ALL
#define DFL_RENEGOTIATION MBEDTLS_SSL_RENEGOTIATION_DISABLED
#define DFL_ALLOW_LEGACY -2
#define DFL_RENEGOTIATE 0
@@ -344,11 +344,11 @@
#endif
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
-#define USAGE_TLS13_KEY_EXCHANGE_MODES \
+#define USAGE_TLS1_3_KEY_EXCHANGE_MODES \
" tls13_kex_modes=%%s default: all\n" \
" options: psk, psk_ephemeral, ephemeral, ephemeral_all, psk_all, all\n"
#else
-#define USAGE_TLS13_KEY_EXCHANGE_MODES ""
+#define USAGE_TLS1_3_KEY_EXCHANGE_MODES ""
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
/* USAGE is arbitrarily split to stay under the portable string literal
@@ -409,25 +409,25 @@
USAGE_ETM \
USAGE_REPRODUCIBLE \
USAGE_CURVES \
- USAGE_SIG_ALGS \
+ USAGE_SIG_ALGS \
USAGE_DHMLEN \
"\n"
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
-#define TLS1_3_VERSION_OPTIONS ", tls1_3"
+#define TLS1_3_VERSION_OPTIONS ", tls13"
#else /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#define TLS1_3_VERSION_OPTIONS ""
#endif /* !MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#define USAGE4 \
" allow_sha1=%%d default: 0\n" \
- " min_version=%%s default: (library default: tls1_2)\n" \
- " max_version=%%s default: (library default: tls1_2)\n" \
+ " min_version=%%s default: (library default: tls12)\n" \
+ " max_version=%%s default: (library default: tls12)\n" \
" force_version=%%s default: \"\" (none)\n" \
- " options: tls1_2, dtls1_2" TLS1_3_VERSION_OPTIONS \
+ " options: tls12, dtls12" TLS1_3_VERSION_OPTIONS \
"\n\n" \
" force_ciphersuite=<name> default: all enabled\n" \
- USAGE_TLS13_KEY_EXCHANGE_MODES \
+ USAGE_TLS1_3_KEY_EXCHANGE_MODES \
" query_config=<name> return 0 if the specified\n" \
" configuration macro is defined and 1\n" \
" otherwise. The expansion of the macro\n" \
@@ -841,7 +841,7 @@
opt.ec_max_ops = DFL_EC_MAX_OPS;
opt.force_ciphersuite[0]= DFL_FORCE_CIPHER;
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
- opt.tls13_kex_modes = DFL_TLS13_KEX_MODES;
+ opt.tls13_kex_modes = DFL_TLS1_3_KEX_MODES;
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
opt.renegotiation = DFL_RENEGOTIATION;
opt.allow_legacy = DFL_ALLOW_LEGACY;
@@ -1112,27 +1112,27 @@
else if( strcmp( p, "tls13_kex_modes" ) == 0 )
{
if( strcmp( q, "psk" ) == 0 )
- opt.tls13_kex_modes = MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK;
+ opt.tls13_kex_modes = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK;
else if( strcmp(q, "psk_ephemeral" ) == 0 )
- opt.tls13_kex_modes = MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK_EPHEMERAL;
+ opt.tls13_kex_modes = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL;
else if( strcmp(q, "ephemeral" ) == 0 )
- opt.tls13_kex_modes = MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_EPHEMERAL;
+ opt.tls13_kex_modes = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL;
else if( strcmp(q, "ephemeral_all" ) == 0 )
- opt.tls13_kex_modes = MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_EPHEMERAL_ALL;
+ opt.tls13_kex_modes = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ALL;
else if( strcmp( q, "psk_all" ) == 0 )
- opt.tls13_kex_modes = MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK_ALL;
+ opt.tls13_kex_modes = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL;
else if( strcmp( q, "all" ) == 0 )
- opt.tls13_kex_modes = MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_ALL;
+ opt.tls13_kex_modes = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_ALL;
else goto usage;
}
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
else if( strcmp( p, "min_version" ) == 0 )
{
- if( strcmp( q, "tls1_2" ) == 0 ||
- strcmp( q, "dtls1_2" ) == 0 )
+ if( strcmp( q, "tls12" ) == 0 ||
+ strcmp( q, "dtls12" ) == 0 )
opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3;
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
- else if( strcmp( q, "tls1_3" ) == 0 )
+ else if( strcmp( q, "tls13" ) == 0 )
opt.min_version = MBEDTLS_SSL_MINOR_VERSION_4;
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
else
@@ -1140,11 +1140,11 @@
}
else if( strcmp( p, "max_version" ) == 0 )
{
- if( strcmp( q, "tls1_2" ) == 0 ||
- strcmp( q, "dtls1_2" ) == 0 )
+ if( strcmp( q, "tls12" ) == 0 ||
+ strcmp( q, "dtls12" ) == 0 )
opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3;
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
- else if( strcmp( q, "tls1_3" ) == 0 )
+ else if( strcmp( q, "tls13" ) == 0 )
opt.max_version = MBEDTLS_SSL_MINOR_VERSION_4;
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
else
@@ -1161,19 +1161,19 @@
}
else if( strcmp( p, "force_version" ) == 0 )
{
- if( strcmp( q, "tls1_2" ) == 0 )
+ if( strcmp( q, "tls12" ) == 0 )
{
opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3;
opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3;
}
- else if( strcmp( q, "dtls1_2" ) == 0 )
+ else if( strcmp( q, "dtls12" ) == 0 )
{
opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3;
opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3;
opt.transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM;
}
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
- else if( strcmp( q, "tls1_3" ) == 0 )
+ else if( strcmp( q, "tls13" ) == 0 )
{
opt.min_version = MBEDTLS_SSL_MINOR_VERSION_4;
opt.max_version = MBEDTLS_SSL_MINOR_VERSION_4;
@@ -1511,7 +1511,7 @@
p = (char *) opt.sig_algs;
i = 0;
- /* Leave room for a final MBEDTLS_TLS13_SIG_NONE in signature algorithm list (sig_alg_list). */
+ /* Leave room for a final MBEDTLS_TLS1_3_SIG_NONE in signature algorithm list (sig_alg_list). */
while( i < SIG_ALG_LIST_SIZE - 1 && *p != '\0' )
{
q = p;
@@ -1524,23 +1524,23 @@
if( strcmp( q, "ecdsa_secp256r1_sha256" ) == 0 )
{
- sig_alg_list[i++] = MBEDTLS_TLS13_SIG_ECDSA_SECP256R1_SHA256;
+ sig_alg_list[i++] = MBEDTLS_TLS1_3_SIG_ECDSA_SECP256R1_SHA256;
}
else if( strcmp( q, "ecdsa_secp384r1_sha384" ) == 0 )
{
- sig_alg_list[i++] = MBEDTLS_TLS13_SIG_ECDSA_SECP384R1_SHA384;
+ sig_alg_list[i++] = MBEDTLS_TLS1_3_SIG_ECDSA_SECP384R1_SHA384;
}
else if( strcmp( q, "ecdsa_secp521r1_sha512" ) == 0 )
{
- sig_alg_list[i++] = MBEDTLS_TLS13_SIG_ECDSA_SECP521R1_SHA512;
+ sig_alg_list[i++] = MBEDTLS_TLS1_3_SIG_ECDSA_SECP521R1_SHA512;
}
else if( strcmp( q, "rsa_pss_rsae_sha256" ) == 0 )
{
- sig_alg_list[i++] = MBEDTLS_TLS13_SIG_RSA_PSS_RSAE_SHA256;
+ sig_alg_list[i++] = MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA256;
}
else if( strcmp( q, "rsa_pkcs1_sha256" ) == 0 )
{
- sig_alg_list[i++] = MBEDTLS_TLS13_SIG_RSA_PKCS1_SHA256;
+ sig_alg_list[i++] = MBEDTLS_TLS1_3_SIG_RSA_PKCS1_SHA256;
}
else
{
@@ -1563,7 +1563,7 @@
goto exit;
}
- sig_alg_list[i] = MBEDTLS_TLS13_SIG_NONE;
+ sig_alg_list[i] = MBEDTLS_TLS1_3_SIG_NONE;
}
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL &&
MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index 0e6f78b..5bad4a6 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@@ -100,7 +100,7 @@
#define DFL_ECJPAKE_PW NULL
#define DFL_PSK_LIST NULL
#define DFL_FORCE_CIPHER 0
-#define DFL_TLS13_KEX_MODES MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_ALL
+#define DFL_TLS1_3_KEX_MODES MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_ALL
#define DFL_RENEGOTIATION MBEDTLS_SSL_RENEGOTIATION_DISABLED
#define DFL_ALLOW_LEGACY -2
#define DFL_RENEGOTIATE 0
@@ -449,11 +449,11 @@
#endif
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
-#define USAGE_TLS13_KEY_EXCHANGE_MODES \
+#define USAGE_TLS1_3_KEY_EXCHANGE_MODES \
" tls13_kex_modes=%%s default: all\n" \
" options: psk, psk_ephemeral, ephemeral, ephemeral_all, psk_all, all\n"
#else
-#define USAGE_TLS13_KEY_EXCHANGE_MODES ""
+#define USAGE_TLS1_3_KEY_EXCHANGE_MODES ""
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
@@ -514,7 +514,7 @@
"\n"
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
-#define TLS1_3_VERSION_OPTIONS ", tls1_3"
+#define TLS1_3_VERSION_OPTIONS ", tls13"
#else /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#define TLS1_3_VERSION_OPTIONS ""
#endif /* !MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
@@ -523,13 +523,13 @@
USAGE_SSL_ASYNC \
USAGE_SNI \
" allow_sha1=%%d default: 0\n" \
- " min_version=%%s default: (library default: tls1_2)\n" \
- " max_version=%%s default: (library default: tls1_2)\n" \
+ " min_version=%%s default: (library default: tls12)\n" \
+ " max_version=%%s default: (library default: tls12)\n" \
" force_version=%%s default: \"\" (none)\n" \
- " options: tls1_2, dtls1_2" TLS1_3_VERSION_OPTIONS \
+ " options: tls12, dtls12" TLS1_3_VERSION_OPTIONS \
"\n\n" \
" force_ciphersuite=<name> default: all enabled\n" \
- USAGE_TLS13_KEY_EXCHANGE_MODES \
+ USAGE_TLS1_3_KEY_EXCHANGE_MODES \
" query_config=<name> return 0 if the specified\n" \
" configuration macro is defined and 1\n" \
" otherwise. The expansion of the macro\n" \
@@ -1522,7 +1522,7 @@
opt.ecjpake_pw = DFL_ECJPAKE_PW;
opt.force_ciphersuite[0]= DFL_FORCE_CIPHER;
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
- opt.tls13_kex_modes = DFL_TLS13_KEX_MODES;
+ opt.tls13_kex_modes = DFL_TLS1_3_KEX_MODES;
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
opt.renegotiation = DFL_RENEGOTIATION;
opt.allow_legacy = DFL_ALLOW_LEGACY;
@@ -1775,28 +1775,28 @@
else if( strcmp( p, "tls13_kex_modes" ) == 0 )
{
if( strcmp( q, "psk" ) == 0 )
- opt.tls13_kex_modes = MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK;
+ opt.tls13_kex_modes = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK;
else if( strcmp(q, "psk_ephemeral" ) == 0 )
- opt.tls13_kex_modes = MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK_EPHEMERAL;
+ opt.tls13_kex_modes = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL;
else if( strcmp(q, "ephemeral" ) == 0 )
- opt.tls13_kex_modes = MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_EPHEMERAL;
+ opt.tls13_kex_modes = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL;
else if( strcmp(q, "ephemeral_all" ) == 0 )
- opt.tls13_kex_modes = MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_EPHEMERAL_ALL;
+ opt.tls13_kex_modes = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ALL;
else if( strcmp( q, "psk_all" ) == 0 )
- opt.tls13_kex_modes = MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK_ALL;
+ opt.tls13_kex_modes = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL;
else if( strcmp( q, "all" ) == 0 )
- opt.tls13_kex_modes = MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_ALL;
+ opt.tls13_kex_modes = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_ALL;
else goto usage;
}
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
else if( strcmp( p, "min_version" ) == 0 )
{
- if( strcmp( q, "tls1_2" ) == 0 ||
- strcmp( q, "dtls1_2" ) == 0 )
+ if( strcmp( q, "tls12" ) == 0 ||
+ strcmp( q, "dtls12" ) == 0 )
opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3;
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
- else if( strcmp( q, "tls1_3" ) == 0 )
+ else if( strcmp( q, "tls13" ) == 0 )
opt.min_version = MBEDTLS_SSL_MINOR_VERSION_4;
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
else
@@ -1804,11 +1804,11 @@
}
else if( strcmp( p, "max_version" ) == 0 )
{
- if( strcmp( q, "tls1_2" ) == 0 ||
- strcmp( q, "dtls1_2" ) == 0 )
+ if( strcmp( q, "tls12" ) == 0 ||
+ strcmp( q, "dtls12" ) == 0 )
opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3;
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
- else if( strcmp( q, "tls1_3" ) == 0 )
+ else if( strcmp( q, "tls13" ) == 0 )
opt.max_version = MBEDTLS_SSL_MINOR_VERSION_4;
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
else
@@ -1825,19 +1825,19 @@
}
else if( strcmp( p, "force_version" ) == 0 )
{
- if( strcmp( q, "tls1_2" ) == 0 )
+ if( strcmp( q, "tls12" ) == 0 )
{
opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3;
opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3;
}
- else if( strcmp( q, "dtls1_2" ) == 0 )
+ else if( strcmp( q, "dtls12" ) == 0 )
{
opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3;
opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3;
opt.transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM;
}
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
- else if( strcmp( q, "tls1_3" ) == 0 )
+ else if( strcmp( q, "tls13" ) == 0 )
{
opt.min_version = MBEDTLS_SSL_MINOR_VERSION_4;
opt.max_version = MBEDTLS_SSL_MINOR_VERSION_4;
@@ -2255,7 +2255,7 @@
p = (char *) opt.sig_algs;
i = 0;
- /* Leave room for a final MBEDTLS_TLS13_SIG_NONE in signature algorithm list (sig_alg_list). */
+ /* Leave room for a final MBEDTLS_TLS1_3_SIG_NONE in signature algorithm list (sig_alg_list). */
while( i < SIG_ALG_LIST_SIZE - 1 && *p != '\0' )
{
q = p;
@@ -2268,15 +2268,15 @@
if( strcmp( q, "ecdsa_secp256r1_sha256" ) == 0 )
{
- sig_alg_list[i++] = MBEDTLS_TLS13_SIG_ECDSA_SECP256R1_SHA256;
+ sig_alg_list[i++] = MBEDTLS_TLS1_3_SIG_ECDSA_SECP256R1_SHA256;
}
else if( strcmp( q, "ecdsa_secp384r1_sha384" ) == 0 )
{
- sig_alg_list[i++] = MBEDTLS_TLS13_SIG_ECDSA_SECP384R1_SHA384;
+ sig_alg_list[i++] = MBEDTLS_TLS1_3_SIG_ECDSA_SECP384R1_SHA384;
}
else if( strcmp( q, "ecdsa_secp521r1_sha512" ) == 0 )
{
- sig_alg_list[i++] = MBEDTLS_TLS13_SIG_ECDSA_SECP521R1_SHA512;
+ sig_alg_list[i++] = MBEDTLS_TLS1_3_SIG_ECDSA_SECP521R1_SHA512;
}
else
{
@@ -2297,7 +2297,7 @@
goto exit;
}
- sig_alg_list[i] = MBEDTLS_TLS13_SIG_NONE;
+ sig_alg_list[i] = MBEDTLS_TLS1_3_SIG_NONE;
}
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL &&
MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
diff --git a/scripts/basic.requirements.txt b/scripts/basic.requirements.txt
new file mode 100644
index 0000000..1be3d0c
--- /dev/null
+++ b/scripts/basic.requirements.txt
@@ -0,0 +1,5 @@
+# Python modules required to build Mbed TLS in ordinary conditions.
+
+# Required to (re-)generate source files. Not needed if the generated source
+# files are already present and up-to-date.
+-r driver.requirements.txt
diff --git a/scripts/ci.requirements.txt b/scripts/ci.requirements.txt
new file mode 100644
index 0000000..209ae3d
--- /dev/null
+++ b/scripts/ci.requirements.txt
@@ -0,0 +1,12 @@
+# Python package requirements for Mbed TLS testing.
+
+-r driver.requirements.txt
+
+# Use a known version of Pylint, because new versions tend to add warnings
+# that could start rejecting our code.
+# 2.4.4 is the version in Ubuntu 20.04. It supports Python >=3.5.
+pylint == 2.4.4
+
+# Use the earliest version of mypy that works with our code base.
+# See https://github.com/ARMmbed/mbedtls/pull/3953 .
+mypy >= 0.780
diff --git a/scripts/driver.requirements.txt b/scripts/driver.requirements.txt
new file mode 100644
index 0000000..17569bb
--- /dev/null
+++ b/scripts/driver.requirements.txt
@@ -0,0 +1,10 @@
+# Python package requirements for driver implementers.
+
+# Use the version of Jinja that's in Ubuntu 20.04.
+# See https://github.com/ARMmbed/mbedtls/pull/5067#discussion_r738794607 .
+# Note that Jinja 3.0 drops support for Python 3.5, so we need to support
+# Jinja 2.x as long as we're still using Python 3.5 anywhere.
+Jinja2 >= 2.10.1
+# Jinja2 >=2.10, <<3.0 needs a separate package for type annotations
+types-Jinja2
+
diff --git a/scripts/maintainer.requirements.txt b/scripts/maintainer.requirements.txt
new file mode 100644
index 0000000..b149921
--- /dev/null
+++ b/scripts/maintainer.requirements.txt
@@ -0,0 +1,10 @@
+# Python packages that are only useful to Mbed TLS maintainers.
+
+-r ci.requirements.txt
+
+# For source code analyses
+clang
+
+# For building some test vectors
+pycryptodomex
+pycryptodome-test-vectors
diff --git a/scripts/min_requirements.py b/scripts/min_requirements.py
new file mode 100755
index 0000000..eecab1c
--- /dev/null
+++ b/scripts/min_requirements.py
@@ -0,0 +1,138 @@
+#!/usr/bin/env python3
+"""Install all the required Python packages, with the minimum Python version.
+"""
+
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import argparse
+import os
+import re
+import subprocess
+import sys
+import tempfile
+import typing
+
+from typing import List, Optional
+from mbedtls_dev import typing_util
+
+def pylint_doesn_t_notice_that_certain_types_are_used_in_annotations(
+ _list: List[typing.Any],
+) -> None:
+ pass
+
+
+class Requirements:
+ """Collect and massage Python requirements."""
+
+ def __init__(self) -> None:
+ self.requirements = [] #type: List[str]
+
+ def adjust_requirement(self, req: str) -> str:
+ """Adjust a requirement to the minimum specified version."""
+ # allow inheritance #pylint: disable=no-self-use
+ # If a requirement specifies a minimum version, impose that version.
+ req = re.sub(r'>=|~=', r'==', req)
+ return req
+
+ def add_file(self, filename: str) -> None:
+ """Add requirements from the specified file.
+
+ This method supports a subset of pip's requirement file syntax:
+ * One requirement specifier per line, which is passed to
+ `adjust_requirement`.
+ * Comments (``#`` at the beginning of the line or after whitespace).
+ * ``-r FILENAME`` to include another file.
+ """
+ for line in open(filename):
+ line = line.strip()
+ line = re.sub(r'(\A|\s+)#.*', r'', line)
+ if not line:
+ continue
+ m = re.match(r'-r\s+', line)
+ if m:
+ nested_file = os.path.join(os.path.dirname(filename),
+ line[m.end(0):])
+ self.add_file(nested_file)
+ continue
+ self.requirements.append(self.adjust_requirement(line))
+
+ def write(self, out: typing_util.Writable) -> None:
+ """List the gathered requirements."""
+ for req in self.requirements:
+ out.write(req + '\n')
+
+ def install(
+ self,
+ pip_general_options: Optional[List[str]] = None,
+ pip_install_options: Optional[List[str]] = None,
+ ) -> None:
+ """Call pip to install the requirements."""
+ if pip_general_options is None:
+ pip_general_options = []
+ if pip_install_options is None:
+ pip_install_options = []
+ with tempfile.TemporaryDirectory() as temp_dir:
+ # This is more complicated than it needs to be for the sake
+ # of Windows. Use a temporary file rather than the command line
+ # to avoid quoting issues. Use a temporary directory rather
+ # than NamedTemporaryFile because with a NamedTemporaryFile on
+ # Windows, the subprocess can't open the file because this process
+ # has an exclusive lock on it.
+ req_file_name = os.path.join(temp_dir, 'requirements.txt')
+ with open(req_file_name, 'w') as req_file:
+ self.write(req_file)
+ subprocess.check_call([sys.executable, '-m', 'pip'] +
+ pip_general_options +
+ ['install'] + pip_install_options +
+ ['-r', req_file_name])
+
+DEFAULT_REQUIREMENTS_FILE = 'ci.requirements.txt'
+
+def main() -> None:
+ """Command line entry point."""
+ parser = argparse.ArgumentParser(description=__doc__)
+ parser.add_argument('--no-act', '-n',
+ action='store_true',
+ help="Don't act, just print what will be done")
+ parser.add_argument('--pip-install-option',
+ action='append', dest='pip_install_options',
+ help="Pass this option to pip install")
+ parser.add_argument('--pip-option',
+ action='append', dest='pip_general_options',
+ help="Pass this general option to pip")
+ parser.add_argument('--user',
+ action='append_const', dest='pip_install_options',
+ const='--user',
+ help="Install to the Python user install directory"
+ " (short for --pip-install-option --user)")
+ parser.add_argument('files', nargs='*', metavar='FILE',
+ help="Requirement files"
+ " (default: {} in the script's directory)" \
+ .format(DEFAULT_REQUIREMENTS_FILE))
+ options = parser.parse_args()
+ if not options.files:
+ options.files = [os.path.join(os.path.dirname(__file__),
+ DEFAULT_REQUIREMENTS_FILE)]
+ reqs = Requirements()
+ for filename in options.files:
+ reqs.add_file(filename)
+ reqs.write(sys.stdout)
+ if not options.no_act:
+ reqs.install(pip_general_options=options.pip_general_options,
+ pip_install_options=options.pip_install_options)
+
+if __name__ == '__main__':
+ main()
diff --git a/tests/compat.sh b/tests/compat.sh
index f4c611a..ce77658 100755
--- a/tests/compat.sh
+++ b/tests/compat.sh
@@ -67,7 +67,7 @@
fi
# default values for options
-MODES="tls1_2 dtls1_2"
+MODES="tls12 dtls12"
VERIFIES="NO YES"
TYPES="ECDSA RSA PSK"
FILTER=""
@@ -155,14 +155,14 @@
# is_dtls <mode>
is_dtls()
{
- test "$1" = "dtls1_2"
+ test "$1" = "dtls12"
}
# minor_ver <mode>
minor_ver()
{
case "$1" in
- tls1_2|dtls1_2)
+ tls12|dtls12)
echo 3
;;
*)
@@ -633,10 +633,10 @@
{
G_MODE=""
case "$MODE" in
- "tls1_2")
+ "tls12")
G_PRIO_MODE="+VERS-TLS1.2"
;;
- "dtls1_2")
+ "dtls12")
G_PRIO_MODE="+VERS-DTLS1.2"
G_MODE="-u"
;;
diff --git a/tests/docker/bionic/Dockerfile b/tests/docker/bionic/Dockerfile
index 41789c6..50f5a7f 100644
--- a/tests/docker/bionic/Dockerfile
+++ b/tests/docker/bionic/Dockerfile
@@ -160,7 +160,3 @@
ENV GNUTLS_NEXT_CLI=/usr/local/gnutls-3.7.2/bin/gnutls-cli
ENV GNUTLS_NEXT_SERV=/usr/local/gnutls-3.7.2/bin/gnutls-serv
-
-RUN pip3 install --no-cache-dir \
- mbed-host-tests \
- mock
diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index 27b86dc..9235be7 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -1079,7 +1079,7 @@
tests/ssl-opt.sh -f 'Default\|SSL async private.*delay=\|tickets enabled on server'
msg "test: Full minus CTR_DRBG, classic crypto - compat.sh (subset)"
- tests/compat.sh -m tls1_2 -t 'ECDSA PSK' -V NO -p OpenSSL
+ tests/compat.sh -m tls12 -t 'ECDSA PSK' -V NO -p OpenSSL
}
component_test_no_ctr_drbg_use_psa () {
@@ -1101,7 +1101,7 @@
tests/ssl-opt.sh -f 'Default\|SSL async private.*delay=\|tickets enabled on server'
msg "test: Full minus CTR_DRBG, USE_PSA_CRYPTO - compat.sh (subset)"
- tests/compat.sh -m tls1_2 -t 'ECDSA PSK' -V NO -p OpenSSL
+ tests/compat.sh -m tls12 -t 'ECDSA PSK' -V NO -p OpenSSL
}
component_test_no_hmac_drbg_classic () {
@@ -1128,7 +1128,7 @@
# To save time, only test one protocol version, since this part of
# the protocol is identical in (D)TLS up to 1.2.
msg "test: Full minus HMAC_DRBG, classic crypto - compat.sh (ECDSA)"
- tests/compat.sh -m tls1_2 -t 'ECDSA'
+ tests/compat.sh -m tls12 -t 'ECDSA'
}
component_test_no_hmac_drbg_use_psa () {
@@ -1155,7 +1155,7 @@
# To save time, only test one protocol version, since this part of
# the protocol is identical in (D)TLS up to 1.2.
msg "test: Full minus HMAC_DRBG, USE_PSA_CRYPTO - compat.sh (ECDSA)"
- tests/compat.sh -m tls1_2 -t 'ECDSA'
+ tests/compat.sh -m tls12 -t 'ECDSA'
}
component_test_psa_external_rng_no_drbg_classic () {
diff --git a/tests/scripts/test-ref-configs.pl b/tests/scripts/test-ref-configs.pl
index dd24db7..c63b511 100755
--- a/tests/scripts/test-ref-configs.pl
+++ b/tests/scripts/test-ref-configs.pl
@@ -29,12 +29,12 @@
my %configs = (
'config-ccm-psk-tls1_2.h' => {
- 'compat' => '-m tls1_2 -f \'^TLS-PSK-WITH-AES-...-CCM-8\'',
+ 'compat' => '-m tls12 -f \'^TLS-PSK-WITH-AES-...-CCM-8\'',
},
'config-no-entropy.h' => {
},
'config-suite-b.h' => {
- 'compat' => "-m tls1_2 -f 'ECDHE-ECDSA.*AES.*GCM' -p mbedTLS",
+ 'compat' => "-m tls12 -f 'ECDHE-ECDSA.*AES.*GCM' -p mbedTLS",
},
'config-symmetric-only.h' => {
},
diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index d43d662..33e2777 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -1194,8 +1194,8 @@
run_test_psa() {
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSA-supported ciphersuite: $1" \
- "$P_SRV debug_level=3 force_version=tls1_2" \
- "$P_CLI debug_level=3 force_version=tls1_2 force_ciphersuite=$1" \
+ "$P_SRV debug_level=3 force_version=tls12" \
+ "$P_CLI debug_level=3 force_version=tls12 force_ciphersuite=$1" \
0 \
-c "Successfully setup PSA-based decryption cipher context" \
-c "Successfully setup PSA-based encryption cipher context" \
@@ -1217,8 +1217,8 @@
run_test_psa_force_curve() {
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSA - ECDH with $1" \
- "$P_SRV debug_level=4 force_version=tls1_2 curves=$1" \
- "$P_CLI debug_level=4 force_version=tls1_2 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256 curves=$1" \
+ "$P_SRV debug_level=4 force_version=tls12 curves=$1" \
+ "$P_CLI debug_level=4 force_version=tls12 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256 curves=$1" \
0 \
-c "Successfully setup PSA-based decryption cipher context" \
-c "Successfully setup PSA-based encryption cipher context" \
@@ -1250,8 +1250,8 @@
MEMORY_USAGE_LIMIT="$(( ( MEMORY_USAGE_LIMIT * 110 ) / 100 ))"
run_test "Handshake memory usage (MFL $1)" \
- "$P_SRV debug_level=3 auth_mode=required force_version=tls1_2" \
- "$P_CLI debug_level=3 force_version=tls1_2 \
+ "$P_SRV debug_level=3 auth_mode=required force_version=tls12" \
+ "$P_CLI debug_level=3 force_version=tls12 \
crt_file=data_files/server5.crt key_file=data_files/server5.key \
force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM max_frag_len=$1" \
0 \
@@ -1269,8 +1269,8 @@
# first test with default MFU is to get reference memory usage
MEMORY_USAGE_MFL_16K=0
run_test "Handshake memory usage initial (MFL 16384 - default)" \
- "$P_SRV debug_level=3 auth_mode=required force_version=tls1_2" \
- "$P_CLI debug_level=3 force_version=tls1_2 \
+ "$P_SRV debug_level=3 auth_mode=required force_version=tls12" \
+ "$P_CLI debug_level=3 force_version=tls12 \
crt_file=data_files/server5.crt key_file=data_files/server5.key \
force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM" \
0 \
@@ -2681,7 +2681,7 @@
run_test "CBC Record splitting: TLS 1.2, no splitting" \
"$P_SRV" \
"$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \
- request_size=123 force_version=tls1_2" \
+ request_size=123 force_version=tls12" \
0 \
-s "Read from client: 123 bytes read" \
-S "Read from client: 1 bytes read" \
@@ -4517,7 +4517,7 @@
key_file=data_files/server5.key \
crt_file2=data_files/server5-sha1.crt \
key_file2=data_files/server5.key" \
- "$P_CLI force_version=tls1_2" \
+ "$P_CLI force_version=tls12" \
0 \
-c "signed using.*ECDSA with SHA256" \
-C "signed using.*ECDSA with SHA1"
@@ -5490,7 +5490,7 @@
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: opaque psk on client, no callback" \
"$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo" \
- "$P_CLI extended_ms=0 debug_level=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
+ "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
psk_identity=foo psk=abc123 psk_opaque=1" \
0 \
-c "skip PMS generation for opaque PSK"\
@@ -5504,7 +5504,7 @@
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: opaque psk on client, no callback, SHA-384" \
"$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo" \
- "$P_CLI extended_ms=0 debug_level=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
+ "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
psk_identity=foo psk=abc123 psk_opaque=1" \
0 \
-c "skip PMS generation for opaque PSK"\
@@ -5518,7 +5518,7 @@
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: opaque psk on client, no callback, EMS" \
"$P_SRV extended_ms=1 debug_level=3 psk=abc123 psk_identity=foo" \
- "$P_CLI extended_ms=1 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
+ "$P_CLI extended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
psk_identity=foo psk=abc123 psk_opaque=1" \
0 \
-c "skip PMS generation for opaque PSK"\
@@ -5532,7 +5532,7 @@
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: opaque psk on client, no callback, SHA-384, EMS" \
"$P_SRV extended_ms=1 debug_level=3 psk=abc123 psk_identity=foo" \
- "$P_CLI extended_ms=1 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
+ "$P_CLI extended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
psk_identity=foo psk=abc123 psk_opaque=1" \
0 \
-c "skip PMS generation for opaque PSK"\
@@ -5545,8 +5545,8 @@
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: raw psk on client, static opaque on server, no callback" \
- "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
- "$P_CLI extended_ms=0 debug_level=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
+ "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
+ "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
psk_identity=foo psk=abc123" \
0 \
-C "skip PMS generation for opaque PSK"\
@@ -5559,8 +5559,8 @@
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: raw psk on client, static opaque on server, no callback, SHA-384" \
- "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384" \
- "$P_CLI extended_ms=0 debug_level=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
+ "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384" \
+ "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
psk_identity=foo psk=abc123" \
0 \
-C "skip PMS generation for opaque PSK"\
@@ -5573,9 +5573,9 @@
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: raw psk on client, static opaque on server, no callback, EMS" \
- "$P_SRV debug_level=3 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls1_2 \
+ "$P_SRV debug_level=3 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls12 \
force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \
- "$P_CLI debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
+ "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
psk_identity=foo psk=abc123 extended_ms=1" \
0 \
-c "session hash for extended master secret"\
@@ -5588,9 +5588,9 @@
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: raw psk on client, static opaque on server, no callback, EMS, SHA384" \
- "$P_SRV debug_level=3 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls1_2 \
+ "$P_SRV debug_level=3 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls12 \
force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \
- "$P_CLI debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
+ "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
psk_identity=foo psk=abc123 extended_ms=1" \
0 \
-c "session hash for extended master secret"\
@@ -5603,8 +5603,8 @@
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback" \
- "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
- "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
+ "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
+ "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
psk_identity=def psk=beef" \
0 \
-C "skip PMS generation for opaque PSK"\
@@ -5617,8 +5617,8 @@
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback, SHA-384" \
- "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384" \
- "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
+ "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384" \
+ "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
psk_identity=def psk=beef" \
0 \
-C "skip PMS generation for opaque PSK"\
@@ -5631,9 +5631,9 @@
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback, EMS" \
- "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls1_2 \
+ "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 \
force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \
- "$P_CLI debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
+ "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
psk_identity=abc psk=dead extended_ms=1" \
0 \
-c "session hash for extended master secret"\
@@ -5646,9 +5646,9 @@
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback, EMS, SHA384" \
- "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls1_2 \
+ "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 \
force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \
- "$P_CLI debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
+ "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
psk_identity=abc psk=dead extended_ms=1" \
0 \
-c "session hash for extended master secret"\
@@ -5661,8 +5661,8 @@
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: raw psk on client, mismatching static raw PSK on server, opaque PSK from callback" \
- "$P_SRV extended_ms=0 psk_identity=foo psk=abc123 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
- "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
+ "$P_SRV extended_ms=0 psk_identity=foo psk=abc123 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
+ "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
psk_identity=def psk=beef" \
0 \
-C "skip PMS generation for opaque PSK"\
@@ -5675,8 +5675,8 @@
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: raw psk on client, mismatching static opaque PSK on server, opaque PSK from callback" \
- "$P_SRV extended_ms=0 psk_opaque=1 psk_identity=foo psk=abc123 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
- "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
+ "$P_SRV extended_ms=0 psk_opaque=1 psk_identity=foo psk=abc123 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
+ "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
psk_identity=def psk=beef" \
0 \
-C "skip PMS generation for opaque PSK"\
@@ -5689,8 +5689,8 @@
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: raw psk on client, mismatching static opaque PSK on server, raw PSK from callback" \
- "$P_SRV extended_ms=0 psk_opaque=1 psk_identity=foo psk=abc123 debug_level=3 psk_list=abc,dead,def,beef min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
- "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
+ "$P_SRV extended_ms=0 psk_opaque=1 psk_identity=foo psk=abc123 debug_level=3 psk_list=abc,dead,def,beef min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
+ "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
psk_identity=def psk=beef" \
0 \
-C "skip PMS generation for opaque PSK"\
@@ -5702,8 +5702,8 @@
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: raw psk on client, id-matching but wrong raw PSK on server, opaque PSK from callback" \
- "$P_SRV extended_ms=0 psk_opaque=1 psk_identity=def psk=abc123 debug_level=3 psk_list=abc,dead,def,beef min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
- "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
+ "$P_SRV extended_ms=0 psk_opaque=1 psk_identity=def psk=abc123 debug_level=3 psk_list=abc,dead,def,beef min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
+ "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
psk_identity=def psk=beef" \
0 \
-C "skip PMS generation for opaque PSK"\
@@ -5715,8 +5715,8 @@
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: raw psk on client, matching opaque PSK on server, wrong opaque PSK from callback" \
- "$P_SRV extended_ms=0 psk_opaque=1 psk_identity=def psk=beef debug_level=3 psk_list=abc,dead,def,abc123 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
- "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
+ "$P_SRV extended_ms=0 psk_opaque=1 psk_identity=def psk=beef debug_level=3 psk_list=abc,dead,def,abc123 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
+ "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
psk_identity=def psk=beef" \
1 \
-s "SSL - Verification of the message MAC failed"
@@ -5896,35 +5896,35 @@
run_test "Small client packet TLS 1.2 BlockCipher" \
"$P_SRV" \
- "$P_CLI request_size=1 force_version=tls1_2 \
+ "$P_CLI request_size=1 force_version=tls12 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
0 \
-s "Read from client: 1 bytes read"
run_test "Small client packet TLS 1.2 BlockCipher, without EtM" \
"$P_SRV" \
- "$P_CLI request_size=1 force_version=tls1_2 \
+ "$P_CLI request_size=1 force_version=tls12 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA etm=0" \
0 \
-s "Read from client: 1 bytes read"
run_test "Small client packet TLS 1.2 BlockCipher larger MAC" \
"$P_SRV" \
- "$P_CLI request_size=1 force_version=tls1_2 \
+ "$P_CLI request_size=1 force_version=tls12 \
force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" \
0 \
-s "Read from client: 1 bytes read"
run_test "Small client packet TLS 1.2 AEAD" \
"$P_SRV" \
- "$P_CLI request_size=1 force_version=tls1_2 \
+ "$P_CLI request_size=1 force_version=tls12 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \
0 \
-s "Read from client: 1 bytes read"
run_test "Small client packet TLS 1.2 AEAD shorter tag" \
"$P_SRV" \
- "$P_CLI request_size=1 force_version=tls1_2 \
+ "$P_CLI request_size=1 force_version=tls12 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \
0 \
-s "Read from client: 1 bytes read"
@@ -5933,7 +5933,7 @@
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
run_test "Small client packet DTLS 1.2" \
- "$P_SRV dtls=1 force_version=dtls1_2" \
+ "$P_SRV dtls=1 force_version=dtls12" \
"$P_CLI dtls=1 request_size=1 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
0 \
@@ -5941,7 +5941,7 @@
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
run_test "Small client packet DTLS 1.2, without EtM" \
- "$P_SRV dtls=1 force_version=dtls1_2 etm=0" \
+ "$P_SRV dtls=1 force_version=dtls12 etm=0" \
"$P_CLI dtls=1 request_size=1 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
0 \
@@ -5951,35 +5951,35 @@
run_test "Small server packet TLS 1.2 BlockCipher" \
"$P_SRV response_size=1" \
- "$P_CLI force_version=tls1_2 \
+ "$P_CLI force_version=tls12 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
0 \
-c "Read from server: 1 bytes read"
run_test "Small server packet TLS 1.2 BlockCipher, without EtM" \
"$P_SRV response_size=1" \
- "$P_CLI force_version=tls1_2 \
+ "$P_CLI force_version=tls12 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA etm=0" \
0 \
-c "Read from server: 1 bytes read"
run_test "Small server packet TLS 1.2 BlockCipher larger MAC" \
"$P_SRV response_size=1" \
- "$P_CLI force_version=tls1_2 \
+ "$P_CLI force_version=tls12 \
force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" \
0 \
-c "Read from server: 1 bytes read"
run_test "Small server packet TLS 1.2 AEAD" \
"$P_SRV response_size=1" \
- "$P_CLI force_version=tls1_2 \
+ "$P_CLI force_version=tls12 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \
0 \
-c "Read from server: 1 bytes read"
run_test "Small server packet TLS 1.2 AEAD shorter tag" \
"$P_SRV response_size=1" \
- "$P_CLI force_version=tls1_2 \
+ "$P_CLI force_version=tls12 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \
0 \
-c "Read from server: 1 bytes read"
@@ -5988,7 +5988,7 @@
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
run_test "Small server packet DTLS 1.2" \
- "$P_SRV dtls=1 response_size=1 force_version=dtls1_2" \
+ "$P_SRV dtls=1 response_size=1 force_version=dtls12" \
"$P_CLI dtls=1 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
0 \
@@ -5996,7 +5996,7 @@
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
run_test "Small server packet DTLS 1.2, without EtM" \
- "$P_SRV dtls=1 response_size=1 force_version=dtls1_2 etm=0" \
+ "$P_SRV dtls=1 response_size=1 force_version=dtls12 etm=0" \
"$P_CLI dtls=1 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
0 \
@@ -6011,7 +6011,7 @@
run_test "Large client packet TLS 1.2 BlockCipher" \
"$P_SRV" \
- "$P_CLI request_size=16384 force_version=tls1_2 \
+ "$P_CLI request_size=16384 force_version=tls12 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
0 \
-c "16384 bytes written in $(fragments_for_write 16384) fragments" \
@@ -6019,14 +6019,14 @@
run_test "Large client packet TLS 1.2 BlockCipher, without EtM" \
"$P_SRV" \
- "$P_CLI request_size=16384 force_version=tls1_2 etm=0 \
+ "$P_CLI request_size=16384 force_version=tls12 etm=0 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
0 \
-s "Read from client: $MAX_CONTENT_LEN bytes read"
run_test "Large client packet TLS 1.2 BlockCipher larger MAC" \
"$P_SRV" \
- "$P_CLI request_size=16384 force_version=tls1_2 \
+ "$P_CLI request_size=16384 force_version=tls12 \
force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" \
0 \
-c "16384 bytes written in $(fragments_for_write 16384) fragments" \
@@ -6034,7 +6034,7 @@
run_test "Large client packet TLS 1.2 AEAD" \
"$P_SRV" \
- "$P_CLI request_size=16384 force_version=tls1_2 \
+ "$P_CLI request_size=16384 force_version=tls12 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \
0 \
-c "16384 bytes written in $(fragments_for_write 16384) fragments" \
@@ -6042,7 +6042,7 @@
run_test "Large client packet TLS 1.2 AEAD shorter tag" \
"$P_SRV" \
- "$P_CLI request_size=16384 force_version=tls1_2 \
+ "$P_CLI request_size=16384 force_version=tls12 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \
0 \
-c "16384 bytes written in $(fragments_for_write 16384) fragments" \
@@ -6051,14 +6051,14 @@
# The tests below fail when the server's OUT_CONTENT_LEN is less than 16384.
run_test "Large server packet TLS 1.2 BlockCipher" \
"$P_SRV response_size=16384" \
- "$P_CLI force_version=tls1_2 \
+ "$P_CLI force_version=tls12 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
0 \
-c "Read from server: 16384 bytes read"
run_test "Large server packet TLS 1.2 BlockCipher, without EtM" \
"$P_SRV response_size=16384" \
- "$P_CLI force_version=tls1_2 etm=0 \
+ "$P_CLI force_version=tls12 etm=0 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
0 \
-s "16384 bytes written in 1 fragments" \
@@ -6066,14 +6066,14 @@
run_test "Large server packet TLS 1.2 BlockCipher larger MAC" \
"$P_SRV response_size=16384" \
- "$P_CLI force_version=tls1_2 \
+ "$P_CLI force_version=tls12 \
force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" \
0 \
-c "Read from server: 16384 bytes read"
run_test "Large server packet TLS 1.2 BlockCipher, without EtM, truncated MAC" \
"$P_SRV response_size=16384 trunc_hmac=1" \
- "$P_CLI force_version=tls1_2 \
+ "$P_CLI force_version=tls12 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
0 \
-s "16384 bytes written in 1 fragments" \
@@ -6081,14 +6081,14 @@
run_test "Large server packet TLS 1.2 AEAD" \
"$P_SRV response_size=16384" \
- "$P_CLI force_version=tls1_2 \
+ "$P_CLI force_version=tls12 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \
0 \
-c "Read from server: 16384 bytes read"
run_test "Large server packet TLS 1.2 AEAD shorter tag" \
"$P_SRV response_size=16384" \
- "$P_CLI force_version=tls1_2 \
+ "$P_CLI force_version=tls12 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \
0 \
-c "Read from server: 16384 bytes read"
@@ -7572,7 +7572,7 @@
"$P_CLI dtls=1 debug_level=2 \
crt_file=data_files/server8_int-ca2.crt \
key_file=data_files/server8.key \
- mtu=512 force_version=dtls1_2" \
+ mtu=512 force_version=dtls12" \
0 \
-c "fragmenting handshake message" \
-C "error"
@@ -7595,7 +7595,7 @@
"$P_SRV dtls=1 debug_level=2 \
crt_file=data_files/server7_int-ca.crt \
key_file=data_files/server7.key \
- mtu=512 force_version=dtls1_2" \
+ mtu=512 force_version=dtls12" \
"$G_CLI -u --insecure 127.0.0.1" \
0 \
-s "fragmenting handshake message"
@@ -7610,7 +7610,7 @@
"$P_CLI dtls=1 debug_level=2 \
crt_file=data_files/server8_int-ca2.crt \
key_file=data_files/server8.key \
- mtu=512 force_version=dtls1_2" \
+ mtu=512 force_version=dtls12" \
0 \
-c "fragmenting handshake message" \
-C "error"
@@ -7624,7 +7624,7 @@
"$P_SRV dtls=1 debug_level=2 \
crt_file=data_files/server7_int-ca.crt \
key_file=data_files/server7.key \
- mtu=512 force_version=dtls1_2" \
+ mtu=512 force_version=dtls12" \
"$O_CLI -dtls1_2" \
0 \
-s "fragmenting handshake message"
@@ -7646,7 +7646,7 @@
"$P_CLI dgram_packing=0 dtls=1 debug_level=2 \
crt_file=data_files/server8_int-ca2.crt \
key_file=data_files/server8.key \
- hs_timeout=250-60000 mtu=512 force_version=dtls1_2" \
+ hs_timeout=250-60000 mtu=512 force_version=dtls12" \
0 \
-c "fragmenting handshake message" \
-C "error"
@@ -7663,7 +7663,7 @@
"$P_SRV dtls=1 debug_level=2 \
crt_file=data_files/server7_int-ca.crt \
key_file=data_files/server7.key \
- hs_timeout=250-60000 mtu=512 force_version=dtls1_2" \
+ hs_timeout=250-60000 mtu=512 force_version=dtls12" \
"$G_NEXT_CLI -u --insecure 127.0.0.1" \
0 \
-s "fragmenting handshake message"
@@ -7686,7 +7686,7 @@
"$P_CLI dtls=1 debug_level=2 \
crt_file=data_files/server8_int-ca2.crt \
key_file=data_files/server8.key \
- hs_timeout=250-60000 mtu=512 force_version=dtls1_2" \
+ hs_timeout=250-60000 mtu=512 force_version=dtls12" \
0 \
-c "fragmenting handshake message" \
-C "error"
@@ -7703,7 +7703,7 @@
"$P_SRV dtls=1 debug_level=2 \
crt_file=data_files/server7_int-ca.crt \
key_file=data_files/server7.key \
- hs_timeout=250-60000 mtu=512 force_version=dtls1_2" \
+ hs_timeout=250-60000 mtu=512 force_version=dtls12" \
"$O_CLI -dtls1_2" \
0 \
-s "fragmenting handshake message"
@@ -8794,9 +8794,9 @@
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
skip_handshake_stage_check
-run_test "TLS1.3: Not supported version check: tls1_2 and tls1_3" \
- "$P_SRV debug_level=1 min_version=tls1_2 max_version=tls1_3" \
- "$P_CLI debug_level=1 min_version=tls1_2 max_version=tls1_3" \
+run_test "TLS1.3: Not supported version check: tls12 and tls13" \
+ "$P_SRV debug_level=1 min_version=tls12 max_version=tls13" \
+ "$P_CLI debug_level=1 min_version=tls12 max_version=tls13" \
1 \
-s "SSL - The requested feature is not available" \
-c "SSL - The requested feature is not available" \
@@ -8805,34 +8805,34 @@
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
-run_test "TLS1.3: handshake dispatch test: tls1_3 only" \
- "$P_SRV debug_level=2 min_version=tls1_3 max_version=tls1_3" \
- "$P_CLI debug_level=2 min_version=tls1_3 max_version=tls1_3" \
+run_test "TLS1.3: handshake dispatch test: tls13 only" \
+ "$P_SRV debug_level=2 min_version=tls13 max_version=tls13" \
+ "$P_CLI debug_level=2 min_version=tls13 max_version=tls13" \
1 \
- -s "tls1_3 server state: 0" \
- -c "tls1_3 client state: 0"
+ -s "tls13 server state: 0" \
+ -c "tls13 client state: 0"
requires_openssl_tls1_3
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
run_test "TLS1.3: minimal feature sets - openssl" \
"$O_NEXT_SRV -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
- "$P_CLI debug_level=3 min_version=tls1_3 max_version=tls1_3" \
+ "$P_CLI debug_level=3 min_version=tls13 max_version=tls13" \
0 \
- -c "tls1_3 client state: 0" \
- -c "tls1_3 client state: 2" \
- -c "tls1_3 client state: 19" \
- -c "tls1_3 client state: 5" \
- -c "tls1_3 client state: 3" \
- -c "tls1_3 client state: 9" \
- -c "tls1_3 client state: 13" \
- -c "tls1_3 client state: 11" \
- -c "tls1_3 client state: 14" \
- -c "tls1_3 client state: 15" \
- -c "<= ssl_tls1_3_process_server_hello" \
+ -c "tls13 client state: 0" \
+ -c "tls13 client state: 2" \
+ -c "tls13 client state: 19" \
+ -c "tls13 client state: 5" \
+ -c "tls13 client state: 3" \
+ -c "tls13 client state: 9" \
+ -c "tls13 client state: 13" \
+ -c "tls13 client state: 11" \
+ -c "tls13 client state: 14" \
+ -c "tls13 client state: 15" \
+ -c "<= ssl_tls13_process_server_hello" \
-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
-c "ECDH curve: x25519" \
- -c "=> ssl_tls1_3_process_server_hello" \
+ -c "=> ssl_tls13_process_server_hello" \
-c "<= parse encrypted extensions" \
-c "Certificate verification flags clear" \
-c "=> parse certificate verify" \
@@ -8849,7 +8849,7 @@
requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
run_test "TLS 1.3 m->O AES_128_GCM_SHA256 , RSA_PSS_RSAE_SHA256" \
"$O_NEXT_SRV_RSA -ciphersuites TLS_AES_128_GCM_SHA256 -tls1_3 -msg -no_middlebox -num_tickets 0" \
- "$P_CLI debug_level=4 force_version=tls1_3 server_name=localhost force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 allow_sha1=0" \
+ "$P_CLI debug_level=4 force_version=tls13 server_name=localhost force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 allow_sha1=0" \
0 \
-c "ECDH curve: x25519" \
-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
@@ -8864,23 +8864,23 @@
requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
run_test "TLS1.3: minimal feature sets - gnutls" \
"$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE --disable-client-cert" \
- "$P_CLI debug_level=3 min_version=tls1_3 max_version=tls1_3" \
+ "$P_CLI debug_level=3 min_version=tls13 max_version=tls13" \
0 \
- -s "SERVER HELLO was queued" \
- -c "tls1_3 client state: 0" \
- -c "tls1_3 client state: 2" \
- -c "tls1_3 client state: 19" \
- -c "tls1_3 client state: 5" \
- -c "tls1_3 client state: 3" \
- -c "tls1_3 client state: 9" \
- -c "tls1_3 client state: 13" \
- -c "tls1_3 client state: 11" \
- -c "tls1_3 client state: 14" \
- -c "tls1_3 client state: 15" \
- -c "<= ssl_tls1_3_process_server_hello" \
+ -s "SERVER HELLO was queued" \
+ -c "tls13 client state: 0" \
+ -c "tls13 client state: 2" \
+ -c "tls13 client state: 19" \
+ -c "tls13 client state: 5" \
+ -c "tls13 client state: 3" \
+ -c "tls13 client state: 9" \
+ -c "tls13 client state: 13" \
+ -c "tls13 client state: 11" \
+ -c "tls13 client state: 14" \
+ -c "tls13 client state: 15" \
+ -c "<= ssl_tls13_process_server_hello" \
-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
-c "ECDH curve: x25519" \
- -c "=> ssl_tls1_3_process_server_hello" \
+ -c "=> ssl_tls13_process_server_hello" \
-c "<= parse encrypted extensions" \
-c "Certificate verification flags clear" \
-c "=> parse certificate verify" \
@@ -8899,7 +8899,7 @@
requires_gnutls_next
run_test "TLS 1.3 m->G AES_128_GCM_SHA256 , RSA_PSS_RSAE_SHA256" \
"$G_NEXT_SRV_RSA --disable-client-cert --priority=NORMAL:+CIPHER-ALL:+SHA256:+GROUP-SECP256R1:+ECDHE-ECDSA:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:-VERS-ALL:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
- "$P_CLI debug_level=4 force_version=tls1_3 server_name=localhost force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 allow_sha1=0" \
+ "$P_CLI debug_level=4 force_version=tls13 server_name=localhost force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 allow_sha1=0" \
0 \
-c "ECDH curve: x25519" \
-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
diff --git a/tests/suites/test_suite_cipher.function b/tests/suites/test_suite_cipher.function
index e496856..2efc434 100644
--- a/tests/suites/test_suite_cipher.function
+++ b/tests/suites/test_suite_cipher.function
@@ -18,7 +18,7 @@
static int check_cipher_info( mbedtls_cipher_type_t type,
const mbedtls_cipher_info_t *info )
{
- size_t key_bitlen;
+ size_t key_bitlen, block_size, iv_size;
TEST_ASSERT( info != NULL );
TEST_EQUAL( type, mbedtls_cipher_info_get_type( info ) );
@@ -33,8 +33,14 @@
TEST_ASSERT( mbedtls_cipher_info_from_string( info->name ) == info );
key_bitlen = mbedtls_cipher_info_get_key_bitlen( info );
+ block_size = mbedtls_cipher_info_get_block_size( info );
+ iv_size = mbedtls_cipher_info_get_iv_size( info );
if( info->type == MBEDTLS_CIPHER_NULL )
+ {
TEST_ASSERT( key_bitlen == 0 );
+ TEST_ASSERT( block_size == 1 );
+ TEST_ASSERT( iv_size == 0 );
+ }
else if( info->mode == MBEDTLS_MODE_XTS )
{
TEST_ASSERT( key_bitlen == 256 ||
@@ -44,14 +50,28 @@
else if( ! strncmp( info->name, "DES-EDE3-", 9 ) )
{
TEST_ASSERT( key_bitlen == 192 );
+ TEST_ASSERT( ! mbedtls_cipher_info_has_variable_key_bitlen( info ) );
+ TEST_ASSERT( block_size == 8 );
}
else if( ! strncmp( info->name, "DES-EDE-", 8 ) )
{
TEST_ASSERT( key_bitlen == 128 );
+ TEST_ASSERT( ! mbedtls_cipher_info_has_variable_key_bitlen( info ) );
+ TEST_ASSERT( block_size == 8 );
}
else if( ! strncmp( info->name, "DES-", 4 ) )
{
TEST_ASSERT( key_bitlen == 64 );
+ TEST_ASSERT( ! mbedtls_cipher_info_has_variable_key_bitlen( info ) );
+ TEST_ASSERT( block_size == 8 );
+ }
+ else if( ! strncmp( info->name, "AES", 3 ) )
+ {
+ TEST_ASSERT( key_bitlen == 128 ||
+ key_bitlen == 192 ||
+ key_bitlen == 256 );
+ TEST_ASSERT( ! mbedtls_cipher_info_has_variable_key_bitlen( info ) );
+ TEST_ASSERT( block_size == 16 );
}
else
{
@@ -60,6 +80,23 @@
key_bitlen == 256 );
}
+ if( strstr( info->name, "-ECB" ) != NULL )
+ {
+ TEST_ASSERT( iv_size == 0 );
+ TEST_ASSERT( ! mbedtls_cipher_info_has_variable_iv_size( info ) );
+ }
+ else if( strstr( info->name, "-CBC" ) != NULL ||
+ strstr( info->name, "-CTR" ) != NULL )
+ {
+ TEST_ASSERT( iv_size == block_size );
+ TEST_ASSERT( ! mbedtls_cipher_info_has_variable_iv_size( info ) );
+ }
+ else if( strstr( info->name, "-GCM" ) != NULL )
+ {
+ TEST_ASSERT( iv_size == block_size - 4 );
+ TEST_ASSERT( mbedtls_cipher_info_has_variable_iv_size( info ) );
+ }
+
return( 1 );
exit:
diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data
index 43c8eef..10171eb 100644
--- a/tests/suites/test_suite_ssl.data
+++ b/tests/suites/test_suite_ssl.data
@@ -5890,136 +5890,136 @@
# Vector from TLS 1.3 Byte by Byte (https://tls13.ulfheim.net/)
# Initial secret to Early Secret
depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
-ssl_tls1_3_key_evolution:MBEDTLS_MD_SHA256:"":"":"33ad0a1c607ec03b09e6cd9893680ce210adf300aa1f2660e1b22e10f170f92a"
+ssl_tls13_key_evolution:MBEDTLS_MD_SHA256:"":"":"33ad0a1c607ec03b09e6cd9893680ce210adf300aa1f2660e1b22e10f170f92a"
SSL TLS 1.3 Key schedule: Secret evolution #2
# Vector from TLS 1.3 Byte by Byte (https://tls13.ulfheim.net/)
# Early secret to Handshake Secret
-ssl_tls1_3_key_evolution:MBEDTLS_MD_SHA256:"33ad0a1c607ec03b09e6cd9893680ce210adf300aa1f2660e1b22e10f170f92a":"df4a291baa1eb7cfa6934b29b474baad2697e29f1f920dcc77c8a0a088447624":"fb9fc80689b3a5d02c33243bf69a1b1b20705588a794304a6e7120155edf149a"
+ssl_tls13_key_evolution:MBEDTLS_MD_SHA256:"33ad0a1c607ec03b09e6cd9893680ce210adf300aa1f2660e1b22e10f170f92a":"df4a291baa1eb7cfa6934b29b474baad2697e29f1f920dcc77c8a0a088447624":"fb9fc80689b3a5d02c33243bf69a1b1b20705588a794304a6e7120155edf149a"
SSL TLS 1.3 Key schedule: Secret evolution #3
# Vector from TLS 1.3 Byte by Byte (https://tls13.ulfheim.net/)
# Handshake secret to Master Secret
-ssl_tls1_3_key_evolution:MBEDTLS_MD_SHA256:"fb9fc80689b3a5d02c33243bf69a1b1b20705588a794304a6e7120155edf149a":"":"7f2882bb9b9a46265941653e9c2f19067118151e21d12e57a7b6aca1f8150c8d"
+ssl_tls13_key_evolution:MBEDTLS_MD_SHA256:"fb9fc80689b3a5d02c33243bf69a1b1b20705588a794304a6e7120155edf149a":"":"7f2882bb9b9a46265941653e9c2f19067118151e21d12e57a7b6aca1f8150c8d"
SSL TLS 1.3 Key schedule: HKDF Expand Label #1
# Vector from TLS 1.3 Byte by Byte (https://tls13.ulfheim.net/)
# Server handshake traffic secret -> Server traffic key
# HKDF-Expand-Label(server_handshake_secret, "key", "", 16)
-ssl_tls1_3_hkdf_expand_label:MBEDTLS_MD_SHA256:"a2067265e7f0652a923d5d72ab0467c46132eeb968b6a32d311c805868548814":tls1_3_label_key:"":16:"844780a7acad9f980fa25c114e43402a"
+ssl_tls13_hkdf_expand_label:MBEDTLS_MD_SHA256:"a2067265e7f0652a923d5d72ab0467c46132eeb968b6a32d311c805868548814":tls13_label_key:"":16:"844780a7acad9f980fa25c114e43402a"
SSL TLS 1.3 Key schedule: HKDF Expand Label #2
# Vector from TLS 1.3 Byte by Byte (https://tls13.ulfheim.net/)
# Server handshake traffic secret -> Server traffic IV
# HKDF-Expand-Label(server_handshake_secret, "iv", "", 12)
-ssl_tls1_3_hkdf_expand_label:MBEDTLS_MD_SHA256:"a2067265e7f0652a923d5d72ab0467c46132eeb968b6a32d311c805868548814":tls1_3_label_iv:"":12:"4c042ddc120a38d1417fc815"
+ssl_tls13_hkdf_expand_label:MBEDTLS_MD_SHA256:"a2067265e7f0652a923d5d72ab0467c46132eeb968b6a32d311c805868548814":tls13_label_iv:"":12:"4c042ddc120a38d1417fc815"
SSL TLS 1.3 Key schedule: HKDF Expand Label #3
# Vector from TLS 1.3 Byte by Byte (https://tls13.ulfheim.net/)
# Client handshake traffic secret -> Client traffic key
# HKDF-Expand-Label(client_handshake_secret, "key", "", 16)
-ssl_tls1_3_hkdf_expand_label:MBEDTLS_MD_SHA256:"ff0e5b965291c608c1e8cd267eefc0afcc5e98a2786373f0db47b04786d72aea":tls1_3_label_key:"":16:"7154f314e6be7dc008df2c832baa1d39"
+ssl_tls13_hkdf_expand_label:MBEDTLS_MD_SHA256:"ff0e5b965291c608c1e8cd267eefc0afcc5e98a2786373f0db47b04786d72aea":tls13_label_key:"":16:"7154f314e6be7dc008df2c832baa1d39"
SSL TLS 1.3 Key schedule: HKDF Expand Label #4
# Vector from TLS 1.3 Byte by Byte (https://tls13.ulfheim.net/)
# Client handshake traffic secret -> Client traffic IV
# HKDF-Expand-Label(client_handshake_secret, "iv", "", 12)
-ssl_tls1_3_hkdf_expand_label:MBEDTLS_MD_SHA256:"ff0e5b965291c608c1e8cd267eefc0afcc5e98a2786373f0db47b04786d72aea":tls1_3_label_iv:"":12:"71abc2cae4c699d47c600268"
+ssl_tls13_hkdf_expand_label:MBEDTLS_MD_SHA256:"ff0e5b965291c608c1e8cd267eefc0afcc5e98a2786373f0db47b04786d72aea":tls13_label_iv:"":12:"71abc2cae4c699d47c600268"
SSL TLS 1.3 Key schedule: HKDF Expand Label #5 (RFC 8448)
# Vector from RFC 8448
# Server handshake traffic secret -> Server traffic IV
# HKDF-Expand-Label(server_handshake_secret, "iv", "", 12)
-ssl_tls1_3_hkdf_expand_label:MBEDTLS_MD_SHA256:"b67b7d690cc16c4e75e54213cb2d37b4e9c912bcded9105d42befd59d391ad38":tls1_3_label_iv:"":12:"5d313eb2671276ee13000b30"
+ssl_tls13_hkdf_expand_label:MBEDTLS_MD_SHA256:"b67b7d690cc16c4e75e54213cb2d37b4e9c912bcded9105d42befd59d391ad38":tls13_label_iv:"":12:"5d313eb2671276ee13000b30"
SSL TLS 1.3 Key schedule: HKDF Expand Label #6 (RFC 8448)
# Vector from RFC 8448
# Server handshake traffic secret -> Server traffic Key
# HKDF-Expand-Label(server_handshake_secret, "key", "", 16)
-ssl_tls1_3_hkdf_expand_label:MBEDTLS_MD_SHA256:"b67b7d690cc16c4e75e54213cb2d37b4e9c912bcded9105d42befd59d391ad38":tls1_3_label_key:"":16:"3fce516009c21727d0f2e4e86ee403bc"
+ssl_tls13_hkdf_expand_label:MBEDTLS_MD_SHA256:"b67b7d690cc16c4e75e54213cb2d37b4e9c912bcded9105d42befd59d391ad38":tls13_label_key:"":16:"3fce516009c21727d0f2e4e86ee403bc"
SSL TLS 1.3 Key schedule: HKDF Expand Label #7 (RFC 8448)
# Vector from RFC 8448
# Client handshake traffic secret -> Client traffic IV
# HKDF-Expand-Label(client_handshake_secret, "iv", "", 12)
-ssl_tls1_3_hkdf_expand_label:MBEDTLS_MD_SHA256:"b3eddb126e067f35a780b3abf45e2d8f3b1a950738f52e9600746a0e27a55a21":tls1_3_label_iv:"":12:"5bd3c71b836e0b76bb73265f"
+ssl_tls13_hkdf_expand_label:MBEDTLS_MD_SHA256:"b3eddb126e067f35a780b3abf45e2d8f3b1a950738f52e9600746a0e27a55a21":tls13_label_iv:"":12:"5bd3c71b836e0b76bb73265f"
SSL TLS 1.3 Key schedule: HKDF Expand Label #8 (RFC 8448)
# Vector from RFC 8448
# Client handshake traffic secret -> Client traffic Key
# HKDF-Expand-Label(client_handshake_secret, "key", "", 16)
-ssl_tls1_3_hkdf_expand_label:MBEDTLS_MD_SHA256:"b3eddb126e067f35a780b3abf45e2d8f3b1a950738f52e9600746a0e27a55a21":tls1_3_label_key:"":16:"dbfaa693d1762c5b666af5d950258d01"
+ssl_tls13_hkdf_expand_label:MBEDTLS_MD_SHA256:"b3eddb126e067f35a780b3abf45e2d8f3b1a950738f52e9600746a0e27a55a21":tls13_label_key:"":16:"dbfaa693d1762c5b666af5d950258d01"
SSL TLS 1.3 Key schedule: HKDF Expand Label #9 (RFC 8448)
# Calculation of finished_key
-ssl_tls1_3_hkdf_expand_label:MBEDTLS_MD_SHA256:"2faac08f851d35fea3604fcb4de82dc62c9b164a70974d0462e27f1ab278700f":tls1_3_label_finished:"":32:"5ace394c26980d581243f627d1150ae27e37fa52364e0a7f20ac686d09cd0e8e"
+ssl_tls13_hkdf_expand_label:MBEDTLS_MD_SHA256:"2faac08f851d35fea3604fcb4de82dc62c9b164a70974d0462e27f1ab278700f":tls13_label_finished:"":32:"5ace394c26980d581243f627d1150ae27e37fa52364e0a7f20ac686d09cd0e8e"
SSL TLS 1.3 Key schedule: HKDF Expand Label #10 (RFC 8448)
# Calculation of resumption key
-ssl_tls1_3_hkdf_expand_label:MBEDTLS_MD_SHA256:"7df235f2031d2a051287d02b0241b0bfdaf86cc856231f2d5aba46c434ec196c":tls1_3_label_resumption:"0000":32:"4ecd0eb6ec3b4d87f5d6028f922ca4c5851a277fd41311c9e62d2c9492e1c4f3"
+ssl_tls13_hkdf_expand_label:MBEDTLS_MD_SHA256:"7df235f2031d2a051287d02b0241b0bfdaf86cc856231f2d5aba46c434ec196c":tls13_label_resumption:"0000":32:"4ecd0eb6ec3b4d87f5d6028f922ca4c5851a277fd41311c9e62d2c9492e1c4f3"
SSL TLS 1.3 Key schedule: Traffic key generation #1
# Vector from TLS 1.3 Byte by Byte (https://tls13.ulfheim.net/)
# Client/Server handshake traffic secrets -> Client/Server traffic {Key,IV}
-ssl_tls1_3_traffic_key_generation:MBEDTLS_MD_SHA256:"a2067265e7f0652a923d5d72ab0467c46132eeb968b6a32d311c805868548814":"ff0e5b965291c608c1e8cd267eefc0afcc5e98a2786373f0db47b04786d72aea":12:16:"844780a7acad9f980fa25c114e43402a":"4c042ddc120a38d1417fc815":"7154f314e6be7dc008df2c832baa1d39":"71abc2cae4c699d47c600268"
+ssl_tls13_traffic_key_generation:MBEDTLS_MD_SHA256:"a2067265e7f0652a923d5d72ab0467c46132eeb968b6a32d311c805868548814":"ff0e5b965291c608c1e8cd267eefc0afcc5e98a2786373f0db47b04786d72aea":12:16:"844780a7acad9f980fa25c114e43402a":"4c042ddc120a38d1417fc815":"7154f314e6be7dc008df2c832baa1d39":"71abc2cae4c699d47c600268"
SSL TLS 1.3 Key schedule: Traffic key generation #2 (RFC 8448)
# Vector RFC 8448
# Client/Server handshake traffic secrets -> Client/Server traffic {Key,IV}
-ssl_tls1_3_traffic_key_generation:MBEDTLS_MD_SHA256:"a2067265e7f0652a923d5d72ab0467c46132eeb968b6a32d311c805868548814":"ff0e5b965291c608c1e8cd267eefc0afcc5e98a2786373f0db47b04786d72aea":12:16:"844780a7acad9f980fa25c114e43402a":"4c042ddc120a38d1417fc815":"7154f314e6be7dc008df2c832baa1d39":"71abc2cae4c699d47c600268"
+ssl_tls13_traffic_key_generation:MBEDTLS_MD_SHA256:"a2067265e7f0652a923d5d72ab0467c46132eeb968b6a32d311c805868548814":"ff0e5b965291c608c1e8cd267eefc0afcc5e98a2786373f0db47b04786d72aea":12:16:"844780a7acad9f980fa25c114e43402a":"4c042ddc120a38d1417fc815":"7154f314e6be7dc008df2c832baa1d39":"71abc2cae4c699d47c600268"
SSL TLS 1.3 Key schedule: Derive-Secret( ., "derived", "")
# Vector from TLS 1.3 Byte by Byte (https://tls13.ulfheim.net/)
# Derive-Secret( Early-Secret, "derived", "")
# Tests the case where context isn't yet hashed (empty string here,
# but still needs to be hashed)
-ssl_tls1_3_derive_secret:MBEDTLS_MD_SHA256:"33ad0a1c607ec03b09e6cd9893680ce210adf300aa1f2660e1b22e10f170f92a":tls1_3_label_derived:"":32:MBEDTLS_SSL_TLS1_3_CONTEXT_UNHASHED:"6f2615a108c702c5678f54fc9dbab69716c076189c48250cebeac3576c3611ba"
+ssl_tls13_derive_secret:MBEDTLS_MD_SHA256:"33ad0a1c607ec03b09e6cd9893680ce210adf300aa1f2660e1b22e10f170f92a":tls13_label_derived:"":32:MBEDTLS_SSL_TLS1_3_CONTEXT_UNHASHED:"6f2615a108c702c5678f54fc9dbab69716c076189c48250cebeac3576c3611ba"
SSL TLS 1.3 Key schedule: Derive-Secret( ., "s ap traffic", hash) #1
# Vector from TLS 1.3 Byte by Byte (https://tls13.ulfheim.net/)
# Derive-Secret( MasterSecret, "s ap traffic", hash)
# Tests the case where context is already hashed
-ssl_tls1_3_derive_secret:MBEDTLS_MD_SHA256:"7f2882bb9b9a46265941653e9c2f19067118151e21d12e57a7b6aca1f8150c8d":tls1_3_label_s_ap_traffic:"22844b930e5e0a59a09d5ac35fc032fc91163b193874a265236e568077378d8b":32:MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED:"3fc35ea70693069a277956afa23b8f4543ce68ac595f2aace05cd7a1c92023d5"
+ssl_tls13_derive_secret:MBEDTLS_MD_SHA256:"7f2882bb9b9a46265941653e9c2f19067118151e21d12e57a7b6aca1f8150c8d":tls13_label_s_ap_traffic:"22844b930e5e0a59a09d5ac35fc032fc91163b193874a265236e568077378d8b":32:MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED:"3fc35ea70693069a277956afa23b8f4543ce68ac595f2aace05cd7a1c92023d5"
SSL TLS 1.3 Key schedule: Derive-Secret( ., "c e traffic", hash)
# Vector from RFC 8448
-ssl_tls1_3_derive_secret:MBEDTLS_MD_SHA256:"9b2188e9b2fc6d64d71dc329900e20bb41915000f678aa839cbb797cb7d8332c":tls1_3_label_c_e_traffic:"08ad0fa05d7c7233b1775ba2ff9f4c5b8b59276b7f227f13a976245f5d960913":32:MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED:"3fbbe6a60deb66c30a32795aba0eff7eaa10105586e7be5c09678d63b6caab62"
+ssl_tls13_derive_secret:MBEDTLS_MD_SHA256:"9b2188e9b2fc6d64d71dc329900e20bb41915000f678aa839cbb797cb7d8332c":tls13_label_c_e_traffic:"08ad0fa05d7c7233b1775ba2ff9f4c5b8b59276b7f227f13a976245f5d960913":32:MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED:"3fbbe6a60deb66c30a32795aba0eff7eaa10105586e7be5c09678d63b6caab62"
SSL TLS 1.3 Key schedule: Derive-Secret( ., "e exp master", hash)
# Vector from RFC 8448
-ssl_tls1_3_derive_secret:MBEDTLS_MD_SHA256:"9b2188e9b2fc6d64d71dc329900e20bb41915000f678aa839cbb797cb7d8332c":tls1_3_label_e_exp_master:"08ad0fa05d7c7233b1775ba2ff9f4c5b8b59276b7f227f13a976245f5d960913":32:MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED:"b2026866610937d7423e5be90862ccf24c0e6091186d34f812089ff5be2ef7df"
+ssl_tls13_derive_secret:MBEDTLS_MD_SHA256:"9b2188e9b2fc6d64d71dc329900e20bb41915000f678aa839cbb797cb7d8332c":tls13_label_e_exp_master:"08ad0fa05d7c7233b1775ba2ff9f4c5b8b59276b7f227f13a976245f5d960913":32:MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED:"b2026866610937d7423e5be90862ccf24c0e6091186d34f812089ff5be2ef7df"
SSL TLS 1.3 Key schedule: Derive-Secret( ., "c hs traffic", hash)
# Vector from RFC 8448
-ssl_tls1_3_derive_secret:MBEDTLS_MD_SHA256:"005cb112fd8eb4ccc623bb88a07c64b3ede1605363fc7d0df8c7ce4ff0fb4ae6":tls1_3_label_c_hs_traffic:"f736cb34fe25e701551bee6fd24c1cc7102a7daf9405cb15d97aafe16f757d03":32:MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED:"2faac08f851d35fea3604fcb4de82dc62c9b164a70974d0462e27f1ab278700f"
+ssl_tls13_derive_secret:MBEDTLS_MD_SHA256:"005cb112fd8eb4ccc623bb88a07c64b3ede1605363fc7d0df8c7ce4ff0fb4ae6":tls13_label_c_hs_traffic:"f736cb34fe25e701551bee6fd24c1cc7102a7daf9405cb15d97aafe16f757d03":32:MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED:"2faac08f851d35fea3604fcb4de82dc62c9b164a70974d0462e27f1ab278700f"
SSL TLS 1.3 Key schedule: Derive-Secret( ., "s hs traffic", hash)
# Vector from RFC 8448
-ssl_tls1_3_derive_secret:MBEDTLS_MD_SHA256:"005cb112fd8eb4ccc623bb88a07c64b3ede1605363fc7d0df8c7ce4ff0fb4ae6":tls1_3_label_s_hs_traffic:"f736cb34fe25e701551bee6fd24c1cc7102a7daf9405cb15d97aafe16f757d03":32:MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED:"fe927ae271312e8bf0275b581c54eef020450dc4ecffaa05a1a35d27518e7803"
+ssl_tls13_derive_secret:MBEDTLS_MD_SHA256:"005cb112fd8eb4ccc623bb88a07c64b3ede1605363fc7d0df8c7ce4ff0fb4ae6":tls13_label_s_hs_traffic:"f736cb34fe25e701551bee6fd24c1cc7102a7daf9405cb15d97aafe16f757d03":32:MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED:"fe927ae271312e8bf0275b581c54eef020450dc4ecffaa05a1a35d27518e7803"
SSL TLS 1.3 Key schedule: Derive-Secret( ., "c ap traffic", hash)
# Vector from RFC 8448
-ssl_tls1_3_derive_secret:MBEDTLS_MD_SHA256:"e2d32d4ed66dd37897a0e80c84107503ce58bf8aad4cb55a5002d77ecb890ece":tls1_3_label_c_ap_traffic:"b0aeffc46a2cfe33114e6fd7d51f9f04b1ca3c497dab08934a774a9d9ad7dbf3":32:MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED:"2abbf2b8e381d23dbebe1dd2a7d16a8bf484cb4950d23fb7fb7fa8547062d9a1"
+ssl_tls13_derive_secret:MBEDTLS_MD_SHA256:"e2d32d4ed66dd37897a0e80c84107503ce58bf8aad4cb55a5002d77ecb890ece":tls13_label_c_ap_traffic:"b0aeffc46a2cfe33114e6fd7d51f9f04b1ca3c497dab08934a774a9d9ad7dbf3":32:MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED:"2abbf2b8e381d23dbebe1dd2a7d16a8bf484cb4950d23fb7fb7fa8547062d9a1"
SSL TLS 1.3 Key schedule: Derive-Secret( ., "s ap traffic", hash) #2
# Vector from RFC 8448
-ssl_tls1_3_derive_secret:MBEDTLS_MD_SHA256:"e2d32d4ed66dd37897a0e80c84107503ce58bf8aad4cb55a5002d77ecb890ece":tls1_3_label_s_ap_traffic:"b0aeffc46a2cfe33114e6fd7d51f9f04b1ca3c497dab08934a774a9d9ad7dbf3":32:MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED:"cc21f1bf8feb7dd5fa505bd9c4b468a9984d554a993dc49e6d285598fb672691"
+ssl_tls13_derive_secret:MBEDTLS_MD_SHA256:"e2d32d4ed66dd37897a0e80c84107503ce58bf8aad4cb55a5002d77ecb890ece":tls13_label_s_ap_traffic:"b0aeffc46a2cfe33114e6fd7d51f9f04b1ca3c497dab08934a774a9d9ad7dbf3":32:MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED:"cc21f1bf8feb7dd5fa505bd9c4b468a9984d554a993dc49e6d285598fb672691"
SSL TLS 1.3 Key schedule: Derive-Secret( ., "exp master", hash)
# Vector from RFC 8448
-ssl_tls1_3_derive_secret:MBEDTLS_MD_SHA256:"e2d32d4ed66dd37897a0e80c84107503ce58bf8aad4cb55a5002d77ecb890ece":tls1_3_label_exp_master:"b0aeffc46a2cfe33114e6fd7d51f9f04b1ca3c497dab08934a774a9d9ad7dbf3":32:MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED:"3fd93d4ffddc98e64b14dd107aedf8ee4add23f4510f58a4592d0b201bee56b4"
+ssl_tls13_derive_secret:MBEDTLS_MD_SHA256:"e2d32d4ed66dd37897a0e80c84107503ce58bf8aad4cb55a5002d77ecb890ece":tls13_label_exp_master:"b0aeffc46a2cfe33114e6fd7d51f9f04b1ca3c497dab08934a774a9d9ad7dbf3":32:MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED:"3fd93d4ffddc98e64b14dd107aedf8ee4add23f4510f58a4592d0b201bee56b4"
SSL TLS 1.3 Key schedule: Derive-Secret( ., "res master", hash)
# Vector from RFC 8448
-ssl_tls1_3_derive_secret:MBEDTLS_MD_SHA256:"e2d32d4ed66dd37897a0e80c84107503ce58bf8aad4cb55a5002d77ecb890ece":tls1_3_label_res_master:"c3c122e0bd907a4a3ff6112d8fd53dbf89c773d9552e8b6b9d56d361b3a97bf6":32:MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED:"5e95bdf1f89005ea2e9aa0ba85e728e3c19c5fe0c699e3f5bee59faebd0b5406"
+ssl_tls13_derive_secret:MBEDTLS_MD_SHA256:"e2d32d4ed66dd37897a0e80c84107503ce58bf8aad4cb55a5002d77ecb890ece":tls13_label_res_master:"c3c122e0bd907a4a3ff6112d8fd53dbf89c773d9552e8b6b9d56d361b3a97bf6":32:MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED:"5e95bdf1f89005ea2e9aa0ba85e728e3c19c5fe0c699e3f5bee59faebd0b5406"
SSL TLS 1.3 Key schedule: Early secrets derivation helper
# Vector from RFC 8448
-ssl_tls1_3_derive_early_secrets:MBEDTLS_MD_SHA256:"9b2188e9b2fc6d64d71dc329900e20bb41915000f678aa839cbb797cb7d8332c":"08ad0fa05d7c7233b1775ba2ff9f4c5b8b59276b7f227f13a976245f5d960913":"3fbbe6a60deb66c30a32795aba0eff7eaa10105586e7be5c09678d63b6caab62":"b2026866610937d7423e5be90862ccf24c0e6091186d34f812089ff5be2ef7df"
+ssl_tls13_derive_early_secrets:MBEDTLS_MD_SHA256:"9b2188e9b2fc6d64d71dc329900e20bb41915000f678aa839cbb797cb7d8332c":"08ad0fa05d7c7233b1775ba2ff9f4c5b8b59276b7f227f13a976245f5d960913":"3fbbe6a60deb66c30a32795aba0eff7eaa10105586e7be5c09678d63b6caab62":"b2026866610937d7423e5be90862ccf24c0e6091186d34f812089ff5be2ef7df"
SSL TLS 1.3 Key schedule: Handshake secrets derivation helper
# Vector from RFC 8448
-ssl_tls1_3_derive_handshake_secrets:MBEDTLS_MD_SHA256:"005cb112fd8eb4ccc623bb88a07c64b3ede1605363fc7d0df8c7ce4ff0fb4ae6":"f736cb34fe25e701551bee6fd24c1cc7102a7daf9405cb15d97aafe16f757d03":"2faac08f851d35fea3604fcb4de82dc62c9b164a70974d0462e27f1ab278700f":"fe927ae271312e8bf0275b581c54eef020450dc4ecffaa05a1a35d27518e7803"
+ssl_tls13_derive_handshake_secrets:MBEDTLS_MD_SHA256:"005cb112fd8eb4ccc623bb88a07c64b3ede1605363fc7d0df8c7ce4ff0fb4ae6":"f736cb34fe25e701551bee6fd24c1cc7102a7daf9405cb15d97aafe16f757d03":"2faac08f851d35fea3604fcb4de82dc62c9b164a70974d0462e27f1ab278700f":"fe927ae271312e8bf0275b581c54eef020450dc4ecffaa05a1a35d27518e7803"
SSL TLS 1.3 Record Encryption, tls13.ulfheim.net Example #1
# - Server App Key: 0b6d22c8ff68097ea871c672073773bf
@@ -6029,7 +6029,7 @@
# - App data payload: 70696e67
# - Complete record: 1703030015c74061535eb12f5f25a781957874742ab7fb305dd5
# - Padding used: No (== granularity 1)
-ssl_tls1_3_record_protection:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:MBEDTLS_SSL_IS_CLIENT:0:1:"0b6d22c8ff68097ea871c672073773bf":"1b13dd9f8d8f17091d34b349":"49134b95328f279f0183860589ac6707":"bc4dd5f7b98acff85466261d":"70696e67":"c74061535eb12f5f25a781957874742ab7fb305dd5"
+ssl_tls13_record_protection:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:MBEDTLS_SSL_IS_CLIENT:0:1:"0b6d22c8ff68097ea871c672073773bf":"1b13dd9f8d8f17091d34b349":"49134b95328f279f0183860589ac6707":"bc4dd5f7b98acff85466261d":"70696e67":"c74061535eb12f5f25a781957874742ab7fb305dd5"
SSL TLS 1.3 Record Encryption, tls13.ulfheim.net Example #2
# - Server App Key: 0b6d22c8ff68097ea871c672073773bf
@@ -6039,7 +6039,7 @@
# - App data payload: 706f6e67
# - Complete record: 1703030015370e5f168afa7fb16b663ecdfca3dbb81931a90ca7
# - Padding used: No (== granularity 1)
-ssl_tls1_3_record_protection:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:MBEDTLS_SSL_IS_SERVER:1:1:"0b6d22c8ff68097ea871c672073773bf":"1b13dd9f8d8f17091d34b349":"49134b95328f279f0183860589ac6707":"bc4dd5f7b98acff85466261d":"706f6e67":"370e5f168afa7fb16b663ecdfca3dbb81931a90ca7"
+ssl_tls13_record_protection:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:MBEDTLS_SSL_IS_SERVER:1:1:"0b6d22c8ff68097ea871c672073773bf":"1b13dd9f8d8f17091d34b349":"49134b95328f279f0183860589ac6707":"bc4dd5f7b98acff85466261d":"706f6e67":"370e5f168afa7fb16b663ecdfca3dbb81931a90ca7"
SSL TLS 1.3 Record Encryption RFC 8448 Example #1
# Application Data record sent by Client in 1-RTT example of RFC 8448, Section 3
@@ -6057,7 +6057,7 @@
# 62 97 4e 1f 5a 62 92 a2 97 70 14 bd 1e 3d ea e6
# 3a ee bb 21 69 49 15 e4
# - Padding used: No (== granularity 1)
-ssl_tls1_3_record_protection:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:MBEDTLS_SSL_IS_CLIENT:0:1:"9f02283b6c9c07efc26bb9f2ac92e356":"cf782b88dd83549aadf1e984":"17422dda596ed5d9acd890e3c63f5051":"5b78923dee08579033e523d9":"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f3031":"a23f7054b62c94d0affafe8228ba55cbefacea42f914aa66bcab3f2b9819a8a5b46b395bd54a9a20441e2b62974e1f5a6292a2977014bd1e3deae63aeebb21694915e4"
+ssl_tls13_record_protection:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:MBEDTLS_SSL_IS_CLIENT:0:1:"9f02283b6c9c07efc26bb9f2ac92e356":"cf782b88dd83549aadf1e984":"17422dda596ed5d9acd890e3c63f5051":"5b78923dee08579033e523d9":"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f3031":"a23f7054b62c94d0affafe8228ba55cbefacea42f914aa66bcab3f2b9819a8a5b46b395bd54a9a20441e2b62974e1f5a6292a2977014bd1e3deae63aeebb21694915e4"
SSL TLS 1.3 Record Encryption RFC 8448 Example #2
# Application Data record sent by Server in 1-RTT example of RFC 8448, Section 3
@@ -6075,21 +6075,21 @@
# fc c4 9c 4b f2 e5 f0 a2 1c 00 47 c2 ab f3 32 54
# 0d d0 32 e1 67 c2 95 5d
# - Padding used: No (== granularity 1)
-ssl_tls1_3_record_protection:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:MBEDTLS_SSL_IS_SERVER:1:1:"9f02283b6c9c07efc26bb9f2ac92e356":"cf782b88dd83549aadf1e984":"17422dda596ed5d9acd890e3c63f5051":"5b78923dee08579033e523d9":"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f3031":"2e937e11ef4ac740e538ad36005fc4a46932fc3225d05f82aa1b36e30efaf97d90e6dffc602dcb501a59a8fcc49c4bf2e5f0a21c0047c2abf332540dd032e167c2955d"
+ssl_tls13_record_protection:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:MBEDTLS_SSL_IS_SERVER:1:1:"9f02283b6c9c07efc26bb9f2ac92e356":"cf782b88dd83549aadf1e984":"17422dda596ed5d9acd890e3c63f5051":"5b78923dee08579033e523d9":"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f3031":"2e937e11ef4ac740e538ad36005fc4a46932fc3225d05f82aa1b36e30efaf97d90e6dffc602dcb501a59a8fcc49c4bf2e5f0a21c0047c2abf332540dd032e167c2955d"
SSL TLS 1.3 Key schedule: Application secrets derivation helper
# Vector from RFC 8448
-ssl_tls1_3_derive_application_secrets:MBEDTLS_MD_SHA256:"e2d32d4ed66dd37897a0e80c84107503ce58bf8aad4cb55a5002d77ecb890ece":"b0aeffc46a2cfe33114e6fd7d51f9f04b1ca3c497dab08934a774a9d9ad7dbf3":"2abbf2b8e381d23dbebe1dd2a7d16a8bf484cb4950d23fb7fb7fa8547062d9a1":"cc21f1bf8feb7dd5fa505bd9c4b468a9984d554a993dc49e6d285598fb672691":"3fd93d4ffddc98e64b14dd107aedf8ee4add23f4510f58a4592d0b201bee56b4"
+ssl_tls13_derive_application_secrets:MBEDTLS_MD_SHA256:"e2d32d4ed66dd37897a0e80c84107503ce58bf8aad4cb55a5002d77ecb890ece":"b0aeffc46a2cfe33114e6fd7d51f9f04b1ca3c497dab08934a774a9d9ad7dbf3":"2abbf2b8e381d23dbebe1dd2a7d16a8bf484cb4950d23fb7fb7fa8547062d9a1":"cc21f1bf8feb7dd5fa505bd9c4b468a9984d554a993dc49e6d285598fb672691":"3fd93d4ffddc98e64b14dd107aedf8ee4add23f4510f58a4592d0b201bee56b4"
SSL TLS 1.3 Key schedule: Resumption secrets derivation helper
# Vector from RFC 8448
-ssl_tls1_3_derive_resumption_secrets:MBEDTLS_MD_SHA256:"e2d32d4ed66dd37897a0e80c84107503ce58bf8aad4cb55a5002d77ecb890ece":"c3c122e0bd907a4a3ff6112d8fd53dbf89c773d9552e8b6b9d56d361b3a97bf6":"5e95bdf1f89005ea2e9aa0ba85e728e3c19c5fe0c699e3f5bee59faebd0b5406"
+ssl_tls13_derive_resumption_secrets:MBEDTLS_MD_SHA256:"e2d32d4ed66dd37897a0e80c84107503ce58bf8aad4cb55a5002d77ecb890ece":"c3c122e0bd907a4a3ff6112d8fd53dbf89c773d9552e8b6b9d56d361b3a97bf6":"5e95bdf1f89005ea2e9aa0ba85e728e3c19c5fe0c699e3f5bee59faebd0b5406"
SSL TLS 1.3 Key schedule: PSK binder
# Vector from RFC 8448
# For the resumption PSK, see Section 3, 'generate resumption secret "tls13 resumption"'
# For all other data, see Section 4, 'construct a ClientHello handshake message:'
-ssl_tls1_3_create_psk_binder:MBEDTLS_MD_SHA256:"4ecd0eb6ec3b4d87f5d6028f922ca4c5851a277fd41311c9e62d2c9492e1c4f3":MBEDTLS_SSL_TLS1_3_PSK_RESUMPTION:"63224b2e4573f2d3454ca84b9d009a04f6be9e05711a8396473aefa01e924a14":"3add4fb2d8fdf822a0ca3cf7678ef5e88dae990141c5924d57bb6fa31b9e5f9d"
+ssl_tls13_create_psk_binder:MBEDTLS_MD_SHA256:"4ecd0eb6ec3b4d87f5d6028f922ca4c5851a277fd41311c9e62d2c9492e1c4f3":MBEDTLS_SSL_TLS1_3_PSK_RESUMPTION:"63224b2e4573f2d3454ca84b9d009a04f6be9e05711a8396473aefa01e924a14":"3add4fb2d8fdf822a0ca3cf7678ef5e88dae990141c5924d57bb6fa31b9e5f9d"
SSL TLS_PRF MBEDTLS_SSL_TLS_PRF_NONE
ssl_tls_prf:MBEDTLS_SSL_TLS_PRF_NONE:"":"":"test tls_prf label":"":MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE
diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function
index ee36a66..c1bc17c 100644
--- a/tests/suites/test_suite_ssl.function
+++ b/tests/suites/test_suite_ssl.function
@@ -17,7 +17,7 @@
enum
{
#define MBEDTLS_SSL_TLS1_3_LABEL( name, string ) \
- tls1_3_label_ ## name,
+ tls13_label_ ## name,
MBEDTLS_SSL_TLS1_3_LABEL_LIST
#undef MBEDTLS_SSL_TLS1_3_LABEL
};
@@ -3670,22 +3670,22 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
-void ssl_tls1_3_hkdf_expand_label( int hash_alg,
- data_t *secret,
- int label_idx,
- data_t *ctx,
- int desired_length,
- data_t *expected )
+void ssl_tls13_hkdf_expand_label( int hash_alg,
+ data_t *secret,
+ int label_idx,
+ data_t *ctx,
+ int desired_length,
+ data_t *expected )
{
unsigned char dst[ 100 ];
unsigned char const *lbl = NULL;
size_t lbl_len;
-#define MBEDTLS_SSL_TLS1_3_LABEL( name, string ) \
- if( label_idx == (int) tls1_3_label_ ## name ) \
- { \
- lbl = mbedtls_ssl_tls1_3_labels.name; \
- lbl_len = sizeof( mbedtls_ssl_tls1_3_labels.name ); \
+#define MBEDTLS_SSL_TLS1_3_LABEL( name, string ) \
+ if( label_idx == (int) tls13_label_ ## name ) \
+ { \
+ lbl = mbedtls_ssl_tls13_labels.name; \
+ lbl_len = sizeof( mbedtls_ssl_tls13_labels.name ); \
}
MBEDTLS_SSL_TLS1_3_LABEL_LIST
#undef MBEDTLS_SSL_TLS1_3_LABEL
@@ -3695,7 +3695,7 @@
TEST_ASSERT( (size_t) desired_length <= sizeof(dst) );
TEST_ASSERT( (size_t) desired_length == expected->len );
- TEST_ASSERT( mbedtls_ssl_tls1_3_hkdf_expand_label(
+ TEST_ASSERT( mbedtls_ssl_tls13_hkdf_expand_label(
(mbedtls_md_type_t) hash_alg,
secret->x, secret->len,
lbl, lbl_len,
@@ -3708,15 +3708,15 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
-void ssl_tls1_3_traffic_key_generation( int hash_alg,
- data_t *server_secret,
- data_t *client_secret,
- int desired_iv_len,
- int desired_key_len,
- data_t *expected_server_write_key,
- data_t *expected_server_write_iv,
- data_t *expected_client_write_key,
- data_t *expected_client_write_iv )
+void ssl_tls13_traffic_key_generation( int hash_alg,
+ data_t *server_secret,
+ data_t *client_secret,
+ int desired_iv_len,
+ int desired_key_len,
+ data_t *expected_server_write_key,
+ data_t *expected_server_write_iv,
+ data_t *expected_client_write_key,
+ data_t *expected_client_write_iv )
{
mbedtls_ssl_key_set keys;
@@ -3727,7 +3727,7 @@
TEST_ASSERT( expected_client_write_key->len == expected_server_write_key->len &&
expected_client_write_key->len == (size_t) desired_key_len );
- TEST_ASSERT( mbedtls_ssl_tls1_3_make_traffic_keys(
+ TEST_ASSERT( mbedtls_ssl_tls13_make_traffic_keys(
(mbedtls_md_type_t) hash_alg,
client_secret->x,
server_secret->x,
@@ -3755,23 +3755,23 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
-void ssl_tls1_3_derive_secret( int hash_alg,
- data_t *secret,
- int label_idx,
- data_t *ctx,
- int desired_length,
- int already_hashed,
- data_t *expected )
+void ssl_tls13_derive_secret( int hash_alg,
+ data_t *secret,
+ int label_idx,
+ data_t *ctx,
+ int desired_length,
+ int already_hashed,
+ data_t *expected )
{
unsigned char dst[ 100 ];
unsigned char const *lbl = NULL;
size_t lbl_len;
-#define MBEDTLS_SSL_TLS1_3_LABEL( name, string ) \
- if( label_idx == (int) tls1_3_label_ ## name ) \
- { \
- lbl = mbedtls_ssl_tls1_3_labels.name; \
- lbl_len = sizeof( mbedtls_ssl_tls1_3_labels.name ); \
+#define MBEDTLS_SSL_TLS1_3_LABEL( name, string ) \
+ if( label_idx == (int) tls13_label_ ## name ) \
+ { \
+ lbl = mbedtls_ssl_tls13_labels.name; \
+ lbl_len = sizeof( mbedtls_ssl_tls13_labels.name ); \
}
MBEDTLS_SSL_TLS1_3_LABEL_LIST
#undef MBEDTLS_SSL_TLS1_3_LABEL
@@ -3781,7 +3781,7 @@
TEST_ASSERT( (size_t) desired_length <= sizeof(dst) );
TEST_ASSERT( (size_t) desired_length == expected->len );
- TEST_ASSERT( mbedtls_ssl_tls1_3_derive_secret(
+ TEST_ASSERT( mbedtls_ssl_tls13_derive_secret(
(mbedtls_md_type_t) hash_alg,
secret->x, secret->len,
lbl, lbl_len,
@@ -3795,13 +3795,13 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
-void ssl_tls1_3_derive_early_secrets( int hash_alg,
- data_t *secret,
- data_t *transcript,
- data_t *traffic_expected,
- data_t *exporter_expected )
+void ssl_tls13_derive_early_secrets( int hash_alg,
+ data_t *secret,
+ data_t *transcript,
+ data_t *traffic_expected,
+ data_t *exporter_expected )
{
- mbedtls_ssl_tls1_3_early_secrets secrets;
+ mbedtls_ssl_tls13_early_secrets secrets;
/* Double-check that we've passed sane parameters. */
mbedtls_md_type_t md_type = (mbedtls_md_type_t) hash_alg;
@@ -3813,7 +3813,7 @@
traffic_expected->len == md_size &&
exporter_expected->len == md_size );
- TEST_ASSERT( mbedtls_ssl_tls1_3_derive_early_secrets(
+ TEST_ASSERT( mbedtls_ssl_tls13_derive_early_secrets(
md_type, secret->x, transcript->x, transcript->len,
&secrets ) == 0 );
@@ -3825,13 +3825,13 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
-void ssl_tls1_3_derive_handshake_secrets( int hash_alg,
- data_t *secret,
- data_t *transcript,
- data_t *client_expected,
- data_t *server_expected )
+void ssl_tls13_derive_handshake_secrets( int hash_alg,
+ data_t *secret,
+ data_t *transcript,
+ data_t *client_expected,
+ data_t *server_expected )
{
- mbedtls_ssl_tls1_3_handshake_secrets secrets;
+ mbedtls_ssl_tls13_handshake_secrets secrets;
/* Double-check that we've passed sane parameters. */
mbedtls_md_type_t md_type = (mbedtls_md_type_t) hash_alg;
@@ -3843,7 +3843,7 @@
client_expected->len == md_size &&
server_expected->len == md_size );
- TEST_ASSERT( mbedtls_ssl_tls1_3_derive_handshake_secrets(
+ TEST_ASSERT( mbedtls_ssl_tls13_derive_handshake_secrets(
md_type, secret->x, transcript->x, transcript->len,
&secrets ) == 0 );
@@ -3855,14 +3855,14 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
-void ssl_tls1_3_derive_application_secrets( int hash_alg,
- data_t *secret,
- data_t *transcript,
- data_t *client_expected,
- data_t *server_expected,
- data_t *exporter_expected )
+void ssl_tls13_derive_application_secrets( int hash_alg,
+ data_t *secret,
+ data_t *transcript,
+ data_t *client_expected,
+ data_t *server_expected,
+ data_t *exporter_expected )
{
- mbedtls_ssl_tls1_3_application_secrets secrets;
+ mbedtls_ssl_tls13_application_secrets secrets;
/* Double-check that we've passed sane parameters. */
mbedtls_md_type_t md_type = (mbedtls_md_type_t) hash_alg;
@@ -3875,7 +3875,7 @@
server_expected->len == md_size &&
exporter_expected->len == md_size );
- TEST_ASSERT( mbedtls_ssl_tls1_3_derive_application_secrets(
+ TEST_ASSERT( mbedtls_ssl_tls13_derive_application_secrets(
md_type, secret->x, transcript->x, transcript->len,
&secrets ) == 0 );
@@ -3889,12 +3889,12 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
-void ssl_tls1_3_derive_resumption_secrets( int hash_alg,
- data_t *secret,
- data_t *transcript,
- data_t *resumption_expected )
+void ssl_tls13_derive_resumption_secrets( int hash_alg,
+ data_t *secret,
+ data_t *transcript,
+ data_t *resumption_expected )
{
- mbedtls_ssl_tls1_3_application_secrets secrets;
+ mbedtls_ssl_tls13_application_secrets secrets;
/* Double-check that we've passed sane parameters. */
mbedtls_md_type_t md_type = (mbedtls_md_type_t) hash_alg;
@@ -3905,7 +3905,7 @@
transcript->len == md_size &&
resumption_expected->len == md_size );
- TEST_ASSERT( mbedtls_ssl_tls1_3_derive_resumption_master_secret(
+ TEST_ASSERT( mbedtls_ssl_tls13_derive_resumption_master_secret(
md_type, secret->x, transcript->x, transcript->len,
&secrets ) == 0 );
@@ -3915,11 +3915,11 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
-void ssl_tls1_3_create_psk_binder( int hash_alg,
- data_t *psk,
- int psk_type,
- data_t *transcript,
- data_t *binder_expected )
+void ssl_tls13_create_psk_binder( int hash_alg,
+ data_t *psk,
+ int psk_type,
+ data_t *transcript,
+ data_t *binder_expected )
{
unsigned char binder[ MBEDTLS_MD_MAX_SIZE ];
@@ -3931,7 +3931,7 @@
transcript->len == md_size &&
binder_expected->len == md_size );
- TEST_ASSERT( mbedtls_ssl_tls1_3_create_psk_binder(
+ TEST_ASSERT( mbedtls_ssl_tls13_create_psk_binder(
NULL, /* SSL context for debugging only */
md_type,
psk->x, psk->len,
@@ -3945,16 +3945,16 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
-void ssl_tls1_3_record_protection( int ciphersuite,
- int endpoint,
- int ctr,
- int padding_used,
- data_t *server_write_key,
- data_t *server_write_iv,
- data_t *client_write_key,
- data_t *client_write_iv,
- data_t *plaintext,
- data_t *ciphertext )
+void ssl_tls13_record_protection( int ciphersuite,
+ int endpoint,
+ int ctr,
+ int padding_used,
+ data_t *server_write_key,
+ data_t *server_write_iv,
+ data_t *client_write_key,
+ data_t *client_write_iv,
+ data_t *plaintext,
+ data_t *ciphertext )
{
mbedtls_ssl_key_set keys;
mbedtls_ssl_transform transform_send;
@@ -4043,14 +4043,14 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
-void ssl_tls1_3_key_evolution( int hash_alg,
- data_t *secret,
- data_t *input,
- data_t *expected )
+void ssl_tls13_key_evolution( int hash_alg,
+ data_t *secret,
+ data_t *input,
+ data_t *expected )
{
unsigned char secret_new[ MBEDTLS_MD_MAX_SIZE ];
- TEST_ASSERT( mbedtls_ssl_tls1_3_evolve_secret(
+ TEST_ASSERT( mbedtls_ssl_tls13_evolve_secret(
(mbedtls_md_type_t) hash_alg,
secret->len ? secret->x : NULL,
input->len ? input->x : NULL, input->len,