TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / aeb710fec5f9bdf6906486cea6513b7c47349af3^! / .
commitaeb710fec5f9bdf6906486cea6513b7c47349af3[log] [tgz]
authorPrzemek Stekiel <przemyslaw.stekiel@mobica.com>Wed Apr 06 11:40:30 2022 +0200
committerPrzemek Stekiel <przemyslaw.stekiel@mobica.com>Fri Apr 22 14:52:28 2022 +0200
tree5e6281cf5ee099819304442f0bfddb8d1f3648e2
parent8e0495e0f4f6645071e71ba287c89eedb2086786 [diff]
Enable support for psa opaque RSA-PSK key exchange on the server side

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>

diff --git a/library/ssl_tls12_server.c b/library/ssl_tls12_server.c
index 6fd916f..05d382b 100644
--- a/library/ssl_tls12_server.c
+++ b/library/ssl_tls12_server.c

@@ -4047,18 +4047,19 @@
             return( ret );
         }
 
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-        /* Opaque PSKs are currently only supported for PSK-only. */
-        if( ssl_use_opaque_psk( ssl ) == 1 )
-            return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
-#endif
-
         if( ( ret = ssl_parse_encrypted_pms( ssl, p, end, 2 ) ) != 0 )
         {
             MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_encrypted_pms" ), ret );
             return( ret );
         }
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+        /* For opaque PSKs, we perform the PSK-to-MS derivation automatically
+         * and skip the intermediate PMS. */
+        if( ssl_use_opaque_psk( ssl ) == 1 )
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "skip PMS generation for opaque RSA-PSK" ) );
+        else
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
         if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl,
                         ciphersuite_info->key_exchange ) ) != 0 )
         {

diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index a91af0e..13e3406 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c

@@ -2210,10 +2210,13 @@
             /* Ensure that the chosen ciphersuite is PSK-only; we must know
              * the ciphersuite in advance to set the correct policy for the
              * PSK key slot. This limitation might go away in the future. */
-            if( ciphersuite_info->key_exchange != MBEDTLS_KEY_EXCHANGE_PSK ||
-                opt.min_version != MBEDTLS_SSL_VERSION_TLS1_2 )
+            if( ( ciphersuite_info->key_exchange != MBEDTLS_KEY_EXCHANGE_PSK &&
+                  ciphersuite_info->key_exchange != MBEDTLS_KEY_EXCHANGE_RSA_PSK ) ||
+                opt.min_version != MBEDTLS_SSL_MINOR_VERSION_3 )
             {
-                mbedtls_printf( "opaque PSKs are only supported in conjunction with forcing TLS 1.2 and a PSK-only ciphersuite through the 'force_ciphersuite' option.\n" );
+                mbedtls_printf( "opaque PSKs are only supported in conjunction \
+                                 with forcing TLS 1.2 and a PSK-only, RSA-PSK \
+                                 ciphersuites through the 'force_ciphersuite' option.\n" );
                 ret = 2;
                 goto usage;
             }