commit d9e068e10b4b6aa7134af9667c035462e2cd2de5
author XiaokangQian <xiaokang.qian@arm.com> Tue Jan 18 06:23:32 2022 +0000
committer XiaokangQian <xiaokang.qian@arm.com> Wed Jan 26 10:51:13 2022 +0000
tree cc4ca9e5fc654afaae876dda982e9b1680548f20
parent 8945db36ab6ddc132e5ca44ca9cda8da8c9dbe11

Change code based on comments

Align coding styles
Add hrr parameter for ssl_tls13_parse_server_hello
Add reset steps for SHA384 in HRR

Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>

library/ssl_tls13_client.c

diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c
index 40748e9..e259b4d 100644
--- a/library/ssl_tls13_client.c
+++ b/library/ssl_tls13_client.c
@@ -136,7 +136,7 @@
  */
 
 #if defined(MBEDTLS_ECDH_C)
-static int ssl_reset_ecdhe_share( mbedtls_ssl_context *ssl )
+static int ssl_tls13_reset_ecdhe_share( mbedtls_ssl_context *ssl )
 {
     mbedtls_ecdh_free( &ssl->handshake->ecdh_ctx );
     return( 0 );
@@ -149,7 +149,7 @@
         return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
 
     if( mbedtls_ssl_tls13_named_group_is_ecdhe( group_id ) )
-        return( ssl_reset_ecdhe_share( ssl ) );
+        return( ssl_tls13_reset_ecdhe_share( ssl ) );
     else if( 0 /* other KEMs? */ )
     {
         /* Do something */
@@ -421,7 +421,7 @@
 }
 #endif /* MBEDTLS_ECDH_C */
 
-static int ssl_tls13_hrr_check_key_share_ext( mbedtls_ssl_context *ssl,
+static int ssl_tls13_parse_hrr_key_share_ext( mbedtls_ssl_context *ssl,
                                               const unsigned char *buf,
                                               const unsigned char *end )
 {
@@ -451,7 +451,7 @@
      * If the server provided a key share that was not sent in the ClientHello
      * then the client MUST abort the handshake with an "illegal_parameter" alert.
      */
-    for ( ; *group_list != 0; group_list++ )
+    for( ; *group_list != 0; group_list++ )
     {
         curve_info = mbedtls_ecp_curve_info_from_tls_id( *group_list );
         if( curve_info == NULL || curve_info->tls_id != tls_id )
@@ -938,7 +938,7 @@
               * was itself in response to a HelloRetryRequest), it MUST abort the
               * handshake with an "unexpected_message" alert.
               */
-            if( ssl->handshake->hello_retry_requests_received > 0 )
+            if( ssl->handshake->hello_retry_request_count > 0 )
             {
                 MBEDTLS_SSL_DEBUG_MSG( 1, ( "Multiple HRRs received" ) );
                 MBEDTLS_SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE,
@@ -946,7 +946,7 @@
                 return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE );
             }
 
-            ssl->handshake->hello_retry_requests_received++;
+            ssl->handshake->hello_retry_request_count++;
 
             break;
     }
@@ -1021,7 +1021,8 @@
  */
 static int ssl_tls13_parse_server_hello( mbedtls_ssl_context *ssl,
                                          const unsigned char *buf,
-                                         const unsigned char *end)
+                                         const unsigned char *end,
+                                         int is_hrr )
 {
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
     const unsigned char *p = buf;
@@ -1165,9 +1166,6 @@
     {
         unsigned int extension_type;
         size_t extension_data_len;
-#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
-        int hrr;
-#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
 
         MBEDTLS_SSL_CHK_BUF_READ_PTR( p, extensions_end, 4 );
         extension_type = MBEDTLS_GET_UINT16_BE( p, 0 );
@@ -1181,6 +1179,14 @@
 #if defined(MBEDTLS_SSL_COOKIE_C)
             case MBEDTLS_TLS_EXT_COOKIE:
 
+                if( !is_hrr )
+                {
+                    MBEDTLS_SSL_PEND_FATAL_ALERT(
+                        MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT,
+                        MBEDTLS_ERR_SSL_UNSUPPORTED_EXTENSION );
+                    return( MBEDTLS_ERR_SSL_UNSUPPORTED_EXTENSION );
+                }
+
                 /* Retrieve length field of cookie */
                 MBEDTLS_SSL_CHK_BUF_READ_PTR( p, extensions_end, 2 );
                 cookie_len = MBEDTLS_GET_UINT16_BE( p, 0 );
@@ -1226,16 +1232,15 @@
 
 #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
             case MBEDTLS_TLS_EXT_KEY_SHARE:
-                hrr = ssl_server_hello_is_hrr( ssl, buf, end );
                 MBEDTLS_SSL_DEBUG_MSG( 3, ( "found key_shares extension" ) );
-                if( hrr == SSL_SERVER_HELLO_COORDINATE_HRR )
-                    ret = ssl_tls13_hrr_check_key_share_ext( ssl,
+                if( is_hrr == SSL_SERVER_HELLO_COORDINATE_HRR )
+                    ret = ssl_tls13_parse_hrr_key_share_ext( ssl,
                                             p, p + extension_data_len );
-                else if( hrr == SSL_SERVER_HELLO_COORDINATE_HELLO )
+                else if( is_hrr == SSL_SERVER_HELLO_COORDINATE_HELLO )
                     ret = ssl_tls13_parse_key_share_ext( ssl,
                                             p, p + extension_data_len );
                 else
-                    ret = hrr;
+                    ret = is_hrr;
                 if( ret != 0 )
                 {
                     MBEDTLS_SSL_DEBUG_RET( 1,
@@ -1422,7 +1427,7 @@
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
     unsigned char *buf = NULL;
     size_t buf_len = 0;
-    int hrr = -1;
+    int is_hrr = -1;
 
     MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> %s", __func__ ) );
 
@@ -1435,32 +1440,28 @@
     ssl->handshake->extensions_present = MBEDTLS_SSL_EXT_NONE;
 
     ret = ssl_tls13_server_hello_coordinate( ssl, &buf, &buf_len );
-    if( ret != SSL_SERVER_HELLO_COORDINATE_HELLO &&
-        ret != SSL_SERVER_HELLO_COORDINATE_HRR )
+    if( ret < 0 )
         goto cleanup;
     else
-        hrr = ret;
+        is_hrr = ( ret == SSL_SERVER_HELLO_COORDINATE_HRR );
     /* Parsing step
      * We know what message to expect by now and call
      * the respective parsing function.
      */
     MBEDTLS_SSL_PROC_CHK( ssl_tls13_parse_server_hello( ssl, buf,
-                                                        buf + buf_len ) );
-    if( hrr == SSL_SERVER_HELLO_COORDINATE_HRR )
+                                                        buf + buf_len,
+                                                        is_hrr ) );
+    if( is_hrr )
         MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_reset_transcript_for_hrr( ssl ) );
 
     mbedtls_ssl_tls13_add_hs_msg_to_checksum( ssl,
                                               MBEDTLS_SSL_HS_SERVER_HELLO,
                                               buf, buf_len );
 
-    if( hrr == SSL_SERVER_HELLO_COORDINATE_HELLO )
-    {
-        MBEDTLS_SSL_PROC_CHK( ssl_tls13_finalize_server_hello( ssl ) );
-    }
-    else if( hrr == SSL_SERVER_HELLO_COORDINATE_HRR )
-    {
+    if( is_hrr )
         MBEDTLS_SSL_PROC_CHK( ssl_tls13_finalize_hrr( ssl ) );
-    }
+    else
+        MBEDTLS_SSL_PROC_CHK( ssl_tls13_finalize_server_hello( ssl ) );
 
 cleanup:
     MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= %s", __func__ ) );