Adapt names: dh -> xxdh
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
diff --git a/library/ssl_misc.h b/library/ssl_misc.h
index 1368929..7e12e77 100644
--- a/library/ssl_misc.h
+++ b/library/ssl_misc.h
@@ -757,24 +757,24 @@
#if defined(PSA_WANT_ALG_ECDH) && defined(PSA_WANT_ALG_FFDH)
#if (MBEDTLS_PSA_MAX_FFDH_PUBKEY_LENGTH >= MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH)
-#define DH_PSA_PEERKEY_SIZE MBEDTLS_PSA_MAX_FFDH_PUBKEY_LENGTH
+#define SSL_XXDH_PSA_PEERKEY_SIZE MBEDTLS_PSA_MAX_FFDH_PUBKEY_LENGTH
#else
-#define DH_PSA_PEERKEY_SIZE MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
+#define SSL_XXDH_PSA_PEERKEY_SIZE MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
#endif
#elif defined(PSA_WANT_ALG_ECDH)
-#define DH_PSA_PEERKEY_SIZE MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
+#define SSL_XXDH_PSA_PEERKEY_SIZE MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
#else
-#define DH_PSA_PEERKEY_SIZE MBEDTLS_PSA_MAX_FFDH_PUBKEY_LENGTH
+#define SSL_XXDH_PSA_PEERKEY_SIZE MBEDTLS_PSA_MAX_FFDH_PUBKEY_LENGTH
#endif
#if (defined(PSA_WANT_ALG_ECDH) || defined(PSA_WANT_ALG_FFDH)) && \
(defined(MBEDTLS_USE_PSA_CRYPTO) || defined(MBEDTLS_SSL_PROTO_TLS1_3))
- psa_key_type_t dh_psa_type;
- size_t dh_bits;
- mbedtls_svc_key_id_t dh_psa_privkey;
- uint8_t dh_psa_privkey_is_external;
- unsigned char dh_psa_peerkey[DH_PSA_PEERKEY_SIZE];
- size_t dh_psa_peerkey_len;
+ psa_key_type_t xxdh_psa_type;
+ size_t xxdh_bits;
+ mbedtls_svc_key_id_t xxdh_psa_privkey;
+ uint8_t xxdh_psa_privkey_is_external;
+ unsigned char xxdh_psa_peerkey[SSL_XXDH_PSA_PEERKEY_SIZE];
+ size_t xxdh_psa_peerkey_len;
#endif /* (PSA_WANT_ALG_ECDH || PSA_WANT_ALG_FFDH) &&
(MBEDTLS_USE_PSA_CRYPTO || MBEDTLS_SSL_PROTO_TLS1_3) */
@@ -2660,7 +2660,7 @@
#if defined(PSA_WANT_ALG_ECDH) || defined(PSA_WANT_ALG_FFDH)
MBEDTLS_CHECK_RETURN_CRITICAL
-int mbedtls_ssl_tls13_read_public_dhe_share(mbedtls_ssl_context *ssl,
+int mbedtls_ssl_tls13_read_public_xxdhe_share(mbedtls_ssl_context *ssl,
const unsigned char *buf,
size_t buf_len);
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 44f2db6..e4d04fb 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -4218,8 +4218,8 @@
#if (defined(PSA_WANT_ALG_ECDH) || defined(PSA_WANT_ALG_FFDH)) && \
(defined(MBEDTLS_USE_PSA_CRYPTO) || defined(MBEDTLS_SSL_PROTO_TLS1_3))
- if (handshake->dh_psa_privkey_is_external == 0) {
- psa_destroy_key(handshake->dh_psa_privkey);
+ if (handshake->xxdh_psa_privkey_is_external == 0) {
+ psa_destroy_key(handshake->xxdh_psa_privkey);
}
#endif /* (PSA_WANT_ALG_ECDH || PSA_WANT_ALG_FFDH) &&
(MBEDTLS_USE_PSA_CRYPTO || MBEDTLS_SSL_PROTO_TLS1_3) */
diff --git a/library/ssl_tls12_client.c b/library/ssl_tls12_client.c
index f77386d..c0ddfa1 100644
--- a/library/ssl_tls12_client.c
+++ b/library/ssl_tls12_client.c
@@ -1761,8 +1761,8 @@
&ec_bits) == PSA_ERROR_NOT_SUPPORTED) {
return MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE;
}
- handshake->dh_psa_type = key_type;
- handshake->dh_bits = ec_bits;
+ handshake->xxdh_psa_type = key_type;
+ handshake->xxdh_bits = ec_bits;
/* Keep a copy of the peer's public key */
ecpoint_len = *(*p)++;
@@ -1771,13 +1771,13 @@
}
#if !defined(PSA_WANT_ALG_FFDH)
- if (ecpoint_len > sizeof(handshake->dh_psa_peerkey)) {
+ if (ecpoint_len > sizeof(handshake->xxdh_psa_peerkey)) {
return MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE;
}
#endif
- memcpy(handshake->dh_psa_peerkey, *p, ecpoint_len);
- handshake->dh_psa_peerkey_len = ecpoint_len;
+ memcpy(handshake->xxdh_psa_peerkey, *p, ecpoint_len);
+ handshake->xxdh_psa_peerkey_len = ecpoint_len;
*p += ecpoint_len;
return 0;
@@ -2038,27 +2038,27 @@
/* If the above conversion to TLS ID was fine, then also this one will be,
so there is no need to check the return value here */
mbedtls_ssl_get_psa_curve_info_from_tls_id(tls_id, &key_type,
- &ssl->handshake->dh_bits);
+ &ssl->handshake->xxdh_bits);
- ssl->handshake->dh_psa_type = key_type;
+ ssl->handshake->xxdh_psa_type = key_type;
/* Store peer's public key in psa format. */
#if defined(MBEDTLS_PK_USE_PSA_EC_DATA)
- memcpy(ssl->handshake->dh_psa_peerkey, peer_pk->pub_raw, peer_pk->pub_raw_len);
- ssl->handshake->dh_psa_peerkey_len = peer_pk->pub_raw_len;
+ memcpy(ssl->handshake->xxdh_psa_peerkey, peer_pk->pub_raw, peer_pk->pub_raw_len);
+ ssl->handshake->xxdh_psa_peerkey_len = peer_pk->pub_raw_len;
ret = 0;
#else /* MBEDTLS_PK_USE_PSA_EC_DATA */
size_t olen = 0;
ret = mbedtls_ecp_point_write_binary(&peer_key->grp, &peer_key->Q,
MBEDTLS_ECP_PF_UNCOMPRESSED, &olen,
- ssl->handshake->dh_psa_peerkey,
+ ssl->handshake->xxdh_psa_peerkey,
MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH);
if (ret != 0) {
MBEDTLS_SSL_DEBUG_RET(1, ("mbedtls_ecp_point_write_binary"), ret);
return ret;
}
- ssl->handshake->dh_psa_peerkey_len = olen;
+ ssl->handshake->xxdh_psa_peerkey_len = olen;
#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */
#else /* MBEDTLS_USE_PSA_CRYPTO */
if ((ret = mbedtls_ecdh_get_params(&ssl->handshake->ecdh_ctx, peer_key,
@@ -2788,12 +2788,12 @@
key_attributes = psa_key_attributes_init();
psa_set_key_usage_flags(&key_attributes, PSA_KEY_USAGE_DERIVE);
psa_set_key_algorithm(&key_attributes, PSA_ALG_ECDH);
- psa_set_key_type(&key_attributes, handshake->dh_psa_type);
- psa_set_key_bits(&key_attributes, handshake->dh_bits);
+ psa_set_key_type(&key_attributes, handshake->xxdh_psa_type);
+ psa_set_key_bits(&key_attributes, handshake->xxdh_bits);
/* Generate ECDH private key. */
status = psa_generate_key(&key_attributes,
- &handshake->dh_psa_privkey);
+ &handshake->xxdh_psa_privkey);
if (status != PSA_SUCCESS) {
return MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
}
@@ -2806,12 +2806,12 @@
size_t own_pubkey_max_len = (size_t) (end - own_pubkey);
size_t own_pubkey_len;
- status = psa_export_public_key(handshake->dh_psa_privkey,
+ status = psa_export_public_key(handshake->xxdh_psa_privkey,
own_pubkey, own_pubkey_max_len,
&own_pubkey_len);
if (status != PSA_SUCCESS) {
- psa_destroy_key(handshake->dh_psa_privkey);
- handshake->dh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT;
+ psa_destroy_key(handshake->xxdh_psa_privkey);
+ handshake->xxdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT;
return MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
}
@@ -2822,15 +2822,15 @@
/* Compute ECDH shared secret. */
status = psa_raw_key_agreement(PSA_ALG_ECDH,
- handshake->dh_psa_privkey,
- handshake->dh_psa_peerkey,
- handshake->dh_psa_peerkey_len,
+ handshake->xxdh_psa_privkey,
+ handshake->xxdh_psa_peerkey,
+ handshake->xxdh_psa_peerkey_len,
ssl->handshake->premaster,
sizeof(ssl->handshake->premaster),
&ssl->handshake->pmslen);
- destruction_status = psa_destroy_key(handshake->dh_psa_privkey);
- handshake->dh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT;
+ destruction_status = psa_destroy_key(handshake->xxdh_psa_privkey);
+ handshake->xxdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT;
if (status != PSA_SUCCESS || destruction_status != PSA_SUCCESS) {
return MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
@@ -2960,12 +2960,12 @@
key_attributes = psa_key_attributes_init();
psa_set_key_usage_flags(&key_attributes, PSA_KEY_USAGE_DERIVE);
psa_set_key_algorithm(&key_attributes, PSA_ALG_ECDH);
- psa_set_key_type(&key_attributes, handshake->dh_psa_type);
- psa_set_key_bits(&key_attributes, handshake->dh_bits);
+ psa_set_key_type(&key_attributes, handshake->xxdh_psa_type);
+ psa_set_key_bits(&key_attributes, handshake->xxdh_bits);
/* Generate ECDH private key. */
status = psa_generate_key(&key_attributes,
- &handshake->dh_psa_privkey);
+ &handshake->xxdh_psa_privkey);
if (status != PSA_SUCCESS) {
return PSA_TO_MBEDTLS_ERR(status);
}
@@ -2978,12 +2978,12 @@
size_t own_pubkey_max_len = (size_t) (end - own_pubkey);
size_t own_pubkey_len = 0;
- status = psa_export_public_key(handshake->dh_psa_privkey,
+ status = psa_export_public_key(handshake->xxdh_psa_privkey,
own_pubkey, own_pubkey_max_len,
&own_pubkey_len);
if (status != PSA_SUCCESS) {
- psa_destroy_key(handshake->dh_psa_privkey);
- handshake->dh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT;
+ psa_destroy_key(handshake->xxdh_psa_privkey);
+ handshake->xxdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT;
return PSA_TO_MBEDTLS_ERR(status);
}
@@ -3005,15 +3005,15 @@
/* Perform ECDH computation after the uint16 reserved for the length */
status = psa_raw_key_agreement(PSA_ALG_ECDH,
- handshake->dh_psa_privkey,
- handshake->dh_psa_peerkey,
- handshake->dh_psa_peerkey_len,
+ handshake->xxdh_psa_privkey,
+ handshake->xxdh_psa_peerkey,
+ handshake->xxdh_psa_peerkey_len,
pms + zlen_size,
pms_end - (pms + zlen_size),
&zlen);
- destruction_status = psa_destroy_key(handshake->dh_psa_privkey);
- handshake->dh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT;
+ destruction_status = psa_destroy_key(handshake->xxdh_psa_privkey);
+ handshake->xxdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT;
if (status != PSA_SUCCESS) {
return PSA_TO_MBEDTLS_ERR(status);
diff --git a/library/ssl_tls12_server.c b/library/ssl_tls12_server.c
index c023d1f..9d302d6 100644
--- a/library/ssl_tls12_server.c
+++ b/library/ssl_tls12_server.c
@@ -2628,20 +2628,20 @@
return MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH;
}
- ssl->handshake->dh_psa_privkey = pk->priv_id;
+ ssl->handshake->xxdh_psa_privkey = pk->priv_id;
/* Key should not be destroyed in the TLS library */
- ssl->handshake->dh_psa_privkey_is_external = 1;
+ ssl->handshake->xxdh_psa_privkey_is_external = 1;
- status = psa_get_key_attributes(ssl->handshake->dh_psa_privkey,
+ status = psa_get_key_attributes(ssl->handshake->xxdh_psa_privkey,
&key_attributes);
if (status != PSA_SUCCESS) {
- ssl->handshake->dh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT;
+ ssl->handshake->xxdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT;
return PSA_TO_MBEDTLS_ERR(status);
}
- ssl->handshake->dh_psa_type = psa_get_key_type(&key_attributes);
- ssl->handshake->dh_bits = psa_get_key_bits(&key_attributes);
+ ssl->handshake->xxdh_psa_type = psa_get_key_type(&key_attributes);
+ ssl->handshake->xxdh_bits = psa_get_key_bits(&key_attributes);
psa_reset_key_attributes(&key_attributes);
@@ -2665,16 +2665,16 @@
/* If the above conversion to TLS ID was fine, then also this one will
be, so there is no need to check the return value here */
mbedtls_ssl_get_psa_curve_info_from_tls_id(tls_id, &key_type,
- &ssl->handshake->dh_bits);
+ &ssl->handshake->xxdh_bits);
- ssl->handshake->dh_psa_type = key_type;
+ ssl->handshake->xxdh_psa_type = key_type;
key_attributes = psa_key_attributes_init();
psa_set_key_usage_flags(&key_attributes, PSA_KEY_USAGE_DERIVE);
psa_set_key_algorithm(&key_attributes, PSA_ALG_ECDH);
psa_set_key_type(&key_attributes,
- PSA_KEY_TYPE_ECC_KEY_PAIR(ssl->handshake->dh_psa_type));
- psa_set_key_bits(&key_attributes, ssl->handshake->dh_bits);
+ PSA_KEY_TYPE_ECC_KEY_PAIR(ssl->handshake->xxdh_psa_type));
+ psa_set_key_bits(&key_attributes, ssl->handshake->xxdh_bits);
key_len = PSA_BITS_TO_BYTES(key->grp.pbits);
ret = mbedtls_ecp_write_key(key, buf, key_len);
@@ -2684,7 +2684,7 @@
}
status = psa_import_key(&key_attributes, buf, key_len,
- &ssl->handshake->dh_psa_privkey);
+ &ssl->handshake->xxdh_psa_privkey);
if (status != PSA_SUCCESS) {
ret = PSA_TO_MBEDTLS_ERR(status);
mbedtls_platform_zeroize(buf, sizeof(buf));
@@ -2981,14 +2981,14 @@
MBEDTLS_SSL_DEBUG_MSG(1, ("Invalid ecc group parse."));
return MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER;
}
- handshake->dh_psa_type = key_type;
- handshake->dh_bits = ec_bits;
+ handshake->xxdh_psa_type = key_type;
+ handshake->xxdh_bits = ec_bits;
key_attributes = psa_key_attributes_init();
psa_set_key_usage_flags(&key_attributes, PSA_KEY_USAGE_DERIVE);
psa_set_key_algorithm(&key_attributes, PSA_ALG_ECDH);
- psa_set_key_type(&key_attributes, handshake->dh_psa_type);
- psa_set_key_bits(&key_attributes, handshake->dh_bits);
+ psa_set_key_type(&key_attributes, handshake->xxdh_psa_type);
+ psa_set_key_bits(&key_attributes, handshake->xxdh_bits);
/*
* ECParameters curve_params
@@ -3005,7 +3005,7 @@
/* Generate ECDH private key. */
status = psa_generate_key(&key_attributes,
- &handshake->dh_psa_privkey);
+ &handshake->xxdh_psa_privkey);
if (status != PSA_SUCCESS) {
ret = PSA_TO_MBEDTLS_ERR(status);
MBEDTLS_SSL_DEBUG_RET(1, "psa_generate_key", ret);
@@ -3027,14 +3027,14 @@
size_t own_pubkey_max_len = (size_t) (MBEDTLS_SSL_OUT_CONTENT_LEN
- (own_pubkey - ssl->out_msg));
- status = psa_export_public_key(handshake->dh_psa_privkey,
+ status = psa_export_public_key(handshake->xxdh_psa_privkey,
own_pubkey, own_pubkey_max_len,
&len);
if (status != PSA_SUCCESS) {
ret = PSA_TO_MBEDTLS_ERR(status);
MBEDTLS_SSL_DEBUG_RET(1, "psa_export_public_key", ret);
- (void) psa_destroy_key(handshake->dh_psa_privkey);
- handshake->dh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT;
+ (void) psa_destroy_key(handshake->xxdh_psa_privkey);
+ handshake->xxdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT;
return ret;
}
@@ -3729,27 +3729,27 @@
}
/* Store peer's ECDH public key. */
- memcpy(handshake->dh_psa_peerkey, p, data_len);
- handshake->dh_psa_peerkey_len = data_len;
+ memcpy(handshake->xxdh_psa_peerkey, p, data_len);
+ handshake->xxdh_psa_peerkey_len = data_len;
/* Compute ECDH shared secret. */
status = psa_raw_key_agreement(
- PSA_ALG_ECDH, handshake->dh_psa_privkey,
- handshake->dh_psa_peerkey, handshake->dh_psa_peerkey_len,
+ PSA_ALG_ECDH, handshake->xxdh_psa_privkey,
+ handshake->xxdh_psa_peerkey, handshake->xxdh_psa_peerkey_len,
handshake->premaster, sizeof(handshake->premaster),
&handshake->pmslen);
if (status != PSA_SUCCESS) {
ret = PSA_TO_MBEDTLS_ERR(status);
MBEDTLS_SSL_DEBUG_RET(1, "psa_raw_key_agreement", ret);
- if (handshake->dh_psa_privkey_is_external == 0) {
- (void) psa_destroy_key(handshake->dh_psa_privkey);
+ if (handshake->xxdh_psa_privkey_is_external == 0) {
+ (void) psa_destroy_key(handshake->xxdh_psa_privkey);
}
- handshake->dh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT;
+ handshake->xxdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT;
return ret;
}
- if (handshake->dh_psa_privkey_is_external == 0) {
- status = psa_destroy_key(handshake->dh_psa_privkey);
+ if (handshake->xxdh_psa_privkey_is_external == 0) {
+ status = psa_destroy_key(handshake->xxdh_psa_privkey);
if (status != PSA_SUCCESS) {
ret = PSA_TO_MBEDTLS_ERR(status);
@@ -3757,7 +3757,7 @@
return ret;
}
}
- handshake->dh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT;
+ handshake->xxdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT;
#else
if ((ret = mbedtls_ecdh_read_public(&ssl->handshake->ecdh_ctx,
p, end - p)) != 0) {
@@ -3890,35 +3890,35 @@
if ((ret = ssl_parse_client_psk_identity(ssl, &p, end)) != 0) {
MBEDTLS_SSL_DEBUG_RET(1, ("ssl_parse_client_psk_identity"), ret);
- psa_destroy_key(handshake->dh_psa_privkey);
- handshake->dh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT;
+ psa_destroy_key(handshake->xxdh_psa_privkey);
+ handshake->xxdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT;
return ret;
}
/* Keep a copy of the peer's public key */
if (p >= end) {
- psa_destroy_key(handshake->dh_psa_privkey);
- handshake->dh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT;
+ psa_destroy_key(handshake->xxdh_psa_privkey);
+ handshake->xxdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT;
return MBEDTLS_ERR_SSL_DECODE_ERROR;
}
ecpoint_len = *(p++);
if ((size_t) (end - p) < ecpoint_len) {
- psa_destroy_key(handshake->dh_psa_privkey);
- handshake->dh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT;
+ psa_destroy_key(handshake->xxdh_psa_privkey);
+ handshake->xxdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT;
return MBEDTLS_ERR_SSL_DECODE_ERROR;
}
#if !defined(PSA_WANT_ALG_FFDH)
- if (ecpoint_len > sizeof(handshake->dh_psa_peerkey)) {
- psa_destroy_key(handshake->dh_psa_privkey);
- handshake->dh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT;
+ if (ecpoint_len > sizeof(handshake->xxdh_psa_peerkey)) {
+ psa_destroy_key(handshake->xxdh_psa_privkey);
+ handshake->xxdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT;
return MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE;
}
#endif
- memcpy(handshake->dh_psa_peerkey, p, ecpoint_len);
- handshake->dh_psa_peerkey_len = ecpoint_len;
+ memcpy(handshake->xxdh_psa_peerkey, p, ecpoint_len);
+ handshake->xxdh_psa_peerkey_len = ecpoint_len;
p += ecpoint_len;
/* As RFC 5489 section 2, the premaster secret is formed as follows:
@@ -3936,15 +3936,15 @@
/* Compute ECDH shared secret. */
status = psa_raw_key_agreement(PSA_ALG_ECDH,
- handshake->dh_psa_privkey,
- handshake->dh_psa_peerkey,
- handshake->dh_psa_peerkey_len,
+ handshake->xxdh_psa_privkey,
+ handshake->xxdh_psa_peerkey,
+ handshake->xxdh_psa_peerkey_len,
psm + zlen_size,
psm_end - (psm + zlen_size),
&zlen);
- destruction_status = psa_destroy_key(handshake->dh_psa_privkey);
- handshake->dh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT;
+ destruction_status = psa_destroy_key(handshake->xxdh_psa_privkey);
+ handshake->xxdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT;
if (status != PSA_SUCCESS) {
return PSA_TO_MBEDTLS_ERR(status);
diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c
index 01b0ca6..0c67c83 100644
--- a/library/ssl_tls13_client.c
+++ b/library/ssl_tls13_client.c
@@ -201,14 +201,14 @@
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
/* Destroy generated private key. */
- status = psa_destroy_key(ssl->handshake->dh_psa_privkey);
+ status = psa_destroy_key(ssl->handshake->xxdh_psa_privkey);
if (status != PSA_SUCCESS) {
ret = PSA_TO_MBEDTLS_ERR(status);
MBEDTLS_SSL_DEBUG_RET(1, "psa_destroy_key", ret);
return ret;
}
- ssl->handshake->dh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT;
+ ssl->handshake->xxdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT;
return 0;
} else
#endif /* PSA_WANT_ALG_ECDH || PSA_WANT_ALG_FFDH */
@@ -508,7 +508,7 @@
mbedtls_ssl_tls13_named_group_is_ffdh(group)) {
MBEDTLS_SSL_DEBUG_MSG(2,
("DHE group name: %s", mbedtls_ssl_named_group_to_str(group)));
- ret = mbedtls_ssl_tls13_read_public_dhe_share(ssl, p, end - p);
+ ret = mbedtls_ssl_tls13_read_public_xxdhe_share(ssl, p, end - p);
if (ret != 0) {
return ret;
}
diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c
index 1b58dce..ec94cae 100644
--- a/library/ssl_tls13_generic.c
+++ b/library/ssl_tls13_generic.c
@@ -1499,7 +1499,7 @@
#if defined(PSA_WANT_ALG_ECDH) || defined(PSA_WANT_ALG_FFDH)
-int mbedtls_ssl_tls13_read_public_dhe_share(mbedtls_ssl_context *ssl,
+int mbedtls_ssl_tls13_read_public_xxdhe_share(mbedtls_ssl_context *ssl,
const unsigned char *buf,
size_t buf_len)
{
@@ -1516,8 +1516,8 @@
MBEDTLS_SSL_CHK_BUF_READ_PTR(p, end, peerkey_len);
/* Store peer's ECDH public key. */
- memcpy(handshake->dh_psa_peerkey, p, peerkey_len);
- handshake->dh_psa_peerkey_len = peerkey_len;
+ memcpy(handshake->xxdh_psa_peerkey, p, peerkey_len);
+ handshake->xxdh_psa_peerkey_len = peerkey_len;
return 0;
}
@@ -1592,18 +1592,18 @@
return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL;
}
- handshake->dh_psa_type = key_type;
- ssl->handshake->dh_bits = bits;
+ handshake->xxdh_psa_type = key_type;
+ ssl->handshake->xxdh_bits = bits;
key_attributes = psa_key_attributes_init();
psa_set_key_usage_flags(&key_attributes, PSA_KEY_USAGE_DERIVE);
psa_set_key_algorithm(&key_attributes, alg);
- psa_set_key_type(&key_attributes, handshake->dh_psa_type);
- psa_set_key_bits(&key_attributes, handshake->dh_bits);
+ psa_set_key_type(&key_attributes, handshake->xxdh_psa_type);
+ psa_set_key_bits(&key_attributes, handshake->xxdh_bits);
/* Generate ECDH/FFDH private key. */
status = psa_generate_key(&key_attributes,
- &handshake->dh_psa_privkey);
+ &handshake->xxdh_psa_privkey);
if (status != PSA_SUCCESS) {
ret = PSA_TO_MBEDTLS_ERR(status);
MBEDTLS_SSL_DEBUG_RET(1, "psa_generate_key", ret);
@@ -1612,7 +1612,7 @@
}
/* Export the public part of the ECDH/FFDH private key from PSA. */
- status = psa_export_public_key(handshake->dh_psa_privkey,
+ status = psa_export_public_key(handshake->xxdh_psa_privkey,
buf, buf_size,
&own_pubkey_len);
diff --git a/library/ssl_tls13_keys.c b/library/ssl_tls13_keys.c
index 7d54bba..3e14782 100644
--- a/library/ssl_tls13_keys.c
+++ b/library/ssl_tls13_keys.c
@@ -1502,7 +1502,7 @@
psa_status_t status = PSA_ERROR_GENERIC_ERROR;
psa_key_attributes_t key_attributes = PSA_KEY_ATTRIBUTES_INIT;
- status = psa_get_key_attributes(handshake->dh_psa_privkey,
+ status = psa_get_key_attributes(handshake->xxdh_psa_privkey,
&key_attributes);
if (status != PSA_SUCCESS) {
ret = PSA_TO_MBEDTLS_ERR(status);
@@ -1516,8 +1516,8 @@
}
status = psa_raw_key_agreement(
- alg, handshake->dh_psa_privkey,
- handshake->dh_psa_peerkey, handshake->dh_psa_peerkey_len,
+ alg, handshake->xxdh_psa_privkey,
+ handshake->xxdh_psa_peerkey, handshake->xxdh_psa_peerkey_len,
shared_secret, shared_secret_len, &shared_secret_len);
if (status != PSA_SUCCESS) {
ret = PSA_TO_MBEDTLS_ERR(status);
@@ -1525,14 +1525,14 @@
goto cleanup;
}
- status = psa_destroy_key(handshake->dh_psa_privkey);
+ status = psa_destroy_key(handshake->xxdh_psa_privkey);
if (status != PSA_SUCCESS) {
ret = PSA_TO_MBEDTLS_ERR(status);
MBEDTLS_SSL_DEBUG_RET(1, "psa_destroy_key", ret);
goto cleanup;
}
- handshake->dh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT;
+ handshake->xxdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT;
#endif /* PSA_WANT_ALG_ECDH || PSA_WANT_ALG_FFDH */
} else {
MBEDTLS_SSL_DEBUG_MSG(1, ("Group not supported."));
diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c
index a4db5dd..053e96f 100644
--- a/library/ssl_tls13_server.c
+++ b/library/ssl_tls13_server.c
@@ -918,7 +918,7 @@
MBEDTLS_SSL_DEBUG_MSG(2, ("ECDH/FFDH group: %s (%04x)",
mbedtls_ssl_named_group_to_str(group),
group));
- ret = mbedtls_ssl_tls13_read_public_dhe_share(
+ ret = mbedtls_ssl_tls13_read_public_xxdhe_share(
ssl, key_exchange - 2, key_exchange_len + 2);
if (ret != 0) {
return ret;