Skip to content

Commit

Permalink
fix issue without psk
Browse files Browse the repository at this point in the history
Signed-off-by: Jerry Yu <[email protected]>
  • Loading branch information
yuhaoth committed Sep 4, 2021
1 parent 04b2c04 commit 542616a
Show file tree
Hide file tree
Showing 3 changed files with 13 additions and 6 deletions.
5 changes: 3 additions & 2 deletions library/ssl_tls13_client.c
Original file line number Diff line number Diff line change
Expand Up @@ -341,9 +341,10 @@ static int ssl_write_early_data_coordinate( mbedtls_ssl_context* ssl )

static int ssl_write_early_data_postprocess( mbedtls_ssl_context* ssl )
{
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
/* Clear PSK we've used for the 0-RTT. */
mbedtls_ssl_remove_hs_psk( ssl );

#endif
mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SERVER_HELLO );
return ( 0 );
}
Expand Down Expand Up @@ -2466,7 +2467,7 @@ static int ssl_encrypted_extensions_process( mbedtls_ssl_context* ssl )
MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_fetch_handshake_msg( ssl,
MBEDTLS_SSL_HS_ENCRYPTED_EXTENSION,
&buf, &buflen ) );

MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse encrypted extensions" ) );
/* Process the message contents */
MBEDTLS_SSL_PROC_CHK( ssl_encrypted_extensions_parse( ssl, buf, buflen ) );

Expand Down
11 changes: 8 additions & 3 deletions library/ssl_tls13_keys.c
Original file line number Diff line number Diff line change
Expand Up @@ -1254,11 +1254,16 @@ int mbedtls_ssl_tls1_3_key_schedule_stage_early_data(
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
}
mbedtls_md_type_t const md_type = ssl->handshake->ciphersuite_info->mac;

const unsigned char *input = NULL;
size_t input_len = 0;
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
input = ssl->handshake->psk;
input_len = ssl->handshake->psk_len;
#endif
ret = mbedtls_ssl_tls1_3_evolve_secret( md_type,
NULL, /* Old secret */
ssl->handshake->psk,
ssl->handshake->psk_len,
input,
input_len,
ssl->handshake->tls1_3_master_secrets.early );
if( ret != 0 )
{
Expand Down
3 changes: 2 additions & 1 deletion library/ssl_tls13_server.c
Original file line number Diff line number Diff line change
Expand Up @@ -2733,6 +2733,7 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl,
return( ret );
#endif /* MBEDTLS_ZERO_RTT */

#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
/* If we've settled on a PSK-based exchange, parse PSK identity ext */
if( mbedtls_ssl_tls13_kex_with_psk( ssl ) )
{
Expand All @@ -2746,7 +2747,7 @@ static int ssl_client_hello_parse( mbedtls_ssl_context* ssl,
return( ret );
}
}

#endif
#if defined(MBEDTLS_SSL_COOKIE_C)
/* If we failed to see a cookie extension, and we required it through the
* configuration settings ( rr_config ), then we need to send a HRR msg.
Expand Down

0 comments on commit 542616a

Please sign in to comment.