From 758685173409be4d9f1512c6a9c6eb67a5a3b93d Mon Sep 17 00:00:00 2001 From: Marco Oliverio Date: Fri, 20 May 2022 09:59:26 +0200 Subject: [PATCH] dtls13: export functions They will be used by DTLSv1.3 code --- src/internal.c | 13 ++++++------- src/tls13.c | 36 ++++++++++++++++++------------------ wolfssl/internal.h | 10 ++++++++++ 3 files changed, 34 insertions(+), 25 deletions(-) diff --git a/src/internal.c b/src/internal.c index 19100f04e..1b2c4ee56 100644 --- a/src/internal.c +++ b/src/internal.c @@ -189,7 +189,6 @@ WOLFSSL_CALLBACKS needs LARGE_STATIC_BUFFERS, please add LARGE_STATIC_BUFFERS #endif #endif - static int cipherExtraData(WOLFSSL* ssl); #ifdef WOLFSSL_DTLS static WC_INLINE int DtlsCheckWindow(WOLFSSL* ssl); @@ -9575,10 +9574,10 @@ static int GetHandShakeHeader(WOLFSSL* ssl, const byte* input, word32* inOutIdx, #endif #ifdef WOLFSSL_DTLS -static int GetDtlsHandShakeHeader(WOLFSSL* ssl, const byte* input, - word32* inOutIdx, byte *type, word32 *size, - word32 *fragOffset, word32 *fragSz, - word32 totalSz) +int GetDtlsHandShakeHeader(WOLFSSL* ssl, const byte* input, + word32* inOutIdx, byte *type, word32 *size, + word32 *fragOffset, word32 *fragSz, + word32 totalSz) { word32 idx = *inOutIdx; @@ -14960,7 +14959,7 @@ static WC_INLINE int DtlsUpdateWindow(WOLFSSL* ssl) } -static int DtlsMsgDrain(WOLFSSL* ssl) +int DtlsMsgDrain(WOLFSSL* ssl) { DtlsMsg* item = ssl->dtls_rx_msg_list; int ret = 0; @@ -19413,7 +19412,7 @@ int CreateOcspResponse(WOLFSSL* ssl, OcspRequest** ocspRequest, #endif #endif /* !NO_WOLFSSL_SERVER */ -static int cipherExtraData(WOLFSSL* ssl) +int cipherExtraData(WOLFSSL* ssl) { int cipherExtra; /* Cipher data that may be added by BuildMessage */ diff --git a/src/tls13.c b/src/tls13.c index 7e6b15729..e0d9a97a9 100644 --- a/src/tls13.c +++ b/src/tls13.c @@ -261,9 +261,9 @@ static int DeriveKeyMsg(WOLFSSL* ssl, byte* output, int outputLen, * includeMsgs Whether to include a hash of the handshake messages so far. * returns 0 on success, otherwise failure. */ -static int DeriveKey(WOLFSSL* ssl, byte* output, int outputLen, - const byte* secret, const byte* label, word32 labelLen, - int hashAlgo, int includeMsgs) +int Tls13DeriveKey(WOLFSSL* ssl, byte* output, int outputLen, + const byte* secret, const byte* label, word32 labelLen, + int hashAlgo, int includeMsgs) { int ret = 0; byte hash[WC_MAX_DIGEST_SIZE]; @@ -441,7 +441,7 @@ static int DeriveEarlyTrafficSecret(WOLFSSL* ssl, byte* key) if (ssl == NULL || ssl->arrays == NULL) { return BAD_FUNC_ARG; } - ret = DeriveKey(ssl, key, -1, ssl->arrays->secret, + ret = Tls13DeriveKey(ssl, key, -1, ssl->arrays->secret, earlyTrafficLabel, EARLY_TRAFFIC_LABEL_SZ, ssl->specs.mac_algorithm, 1); #ifdef HAVE_SECRET_CALLBACK @@ -486,7 +486,7 @@ static int DeriveClientHandshakeSecret(WOLFSSL* ssl, byte* key) if (ssl == NULL || ssl->arrays == NULL) { return BAD_FUNC_ARG; } - ret = DeriveKey(ssl, key, -1, ssl->arrays->preMasterSecret, + ret = Tls13DeriveKey(ssl, key, -1, ssl->arrays->preMasterSecret, clientHandshakeLabel, CLIENT_HANDSHAKE_LABEL_SZ, ssl->specs.mac_algorithm, 1); #ifdef HAVE_SECRET_CALLBACK @@ -529,7 +529,7 @@ static int DeriveServerHandshakeSecret(WOLFSSL* ssl, byte* key) if (ssl == NULL || ssl->arrays == NULL) { return BAD_FUNC_ARG; } - ret = DeriveKey(ssl, key, -1, ssl->arrays->preMasterSecret, + ret = Tls13DeriveKey(ssl, key, -1, ssl->arrays->preMasterSecret, serverHandshakeLabel, SERVER_HANDSHAKE_LABEL_SZ, ssl->specs.mac_algorithm, 1); #ifdef HAVE_SECRET_CALLBACK @@ -572,7 +572,7 @@ static int DeriveClientTrafficSecret(WOLFSSL* ssl, byte* key) if (ssl == NULL || ssl->arrays == NULL) { return BAD_FUNC_ARG; } - ret = DeriveKey(ssl, key, -1, ssl->arrays->masterSecret, + ret = Tls13DeriveKey(ssl, key, -1, ssl->arrays->masterSecret, clientAppLabel, CLIENT_APP_LABEL_SZ, ssl->specs.mac_algorithm, 1); #ifdef HAVE_SECRET_CALLBACK @@ -615,7 +615,7 @@ static int DeriveServerTrafficSecret(WOLFSSL* ssl, byte* key) if (ssl == NULL || ssl->arrays == NULL) { return BAD_FUNC_ARG; } - ret = DeriveKey(ssl, key, -1, ssl->arrays->masterSecret, + ret = Tls13DeriveKey(ssl, key, -1, ssl->arrays->masterSecret, serverAppLabel, SERVER_APP_LABEL_SZ, ssl->specs.mac_algorithm, 1); #ifdef HAVE_SECRET_CALLBACK @@ -659,9 +659,9 @@ static int DeriveExporterSecret(WOLFSSL* ssl, byte* key) if (ssl == NULL || ssl->arrays == NULL) { return BAD_FUNC_ARG; } - ret = DeriveKey(ssl, key, -1, ssl->arrays->masterSecret, - exporterMasterLabel, EXPORTER_MASTER_LABEL_SZ, - ssl->specs.mac_algorithm, 1); + ret = Tls13DeriveKey(ssl, key, -1, ssl->arrays->masterSecret, + exporterMasterLabel, EXPORTER_MASTER_LABEL_SZ, + ssl->specs.mac_algorithm, 1); #ifdef HAVE_SECRET_CALLBACK if (ret == 0 && ssl->tls13SecretCb != NULL) { ret = ssl->tls13SecretCb(ssl, EXPORTER_SECRET, key, @@ -813,7 +813,7 @@ int DeriveResumptionSecret(WOLFSSL* ssl, byte* key) else { masterSecret = ssl->session->masterSecret; } - return DeriveKey(ssl, key, -1, masterSecret, resumeMasterLabel, + return Tls13DeriveKey(ssl, key, -1, masterSecret, resumeMasterLabel, RESUME_MASTER_LABEL_SZ, ssl->specs.mac_algorithm, 1); } #endif @@ -832,7 +832,7 @@ static const byte finishedLabel[FINISHED_LABEL_SZ+1] = "finished"; static int DeriveFinishedSecret(WOLFSSL* ssl, byte* key, byte* secret) { WOLFSSL_MSG("Derive Finished Secret"); - return DeriveKey(ssl, secret, -1, key, finishedLabel, FINISHED_LABEL_SZ, + return Tls13DeriveKey(ssl, secret, -1, key, finishedLabel, FINISHED_LABEL_SZ, ssl->specs.mac_algorithm, 0); } @@ -851,7 +851,7 @@ static const byte appTrafficLabel[APP_TRAFFIC_LABEL_SZ + 1] = static int DeriveTrafficSecret(WOLFSSL* ssl, byte* secret) { WOLFSSL_MSG("Derive New Application Traffic Secret"); - return DeriveKey(ssl, secret, -1, secret, + return Tls13DeriveKey(ssl, secret, -1, secret, appTrafficLabel, APP_TRAFFIC_LABEL_SZ, ssl->specs.mac_algorithm, 0); } @@ -1220,7 +1220,7 @@ int DeriveTls13Keys(WOLFSSL* ssl, int secret, int side, int store) if (provision & PROVISION_CLIENT) { /* Derive the client key. */ WOLFSSL_MSG("Derive Client Key"); - ret = DeriveKey(ssl, &key_dig[i], ssl->specs.key_size, + ret = Tls13DeriveKey(ssl, &key_dig[i], ssl->specs.key_size, ssl->clientSecret, writeKeyLabel, WRITE_KEY_LABEL_SZ, ssl->specs.mac_algorithm, 0); if (ret != 0) @@ -1231,7 +1231,7 @@ int DeriveTls13Keys(WOLFSSL* ssl, int secret, int side, int store) if (provision & PROVISION_SERVER) { /* Derive the server key. */ WOLFSSL_MSG("Derive Server Key"); - ret = DeriveKey(ssl, &key_dig[i], ssl->specs.key_size, + ret = Tls13DeriveKey(ssl, &key_dig[i], ssl->specs.key_size, ssl->serverSecret, writeKeyLabel, WRITE_KEY_LABEL_SZ, ssl->specs.mac_algorithm, 0); if (ret != 0) @@ -1242,7 +1242,7 @@ int DeriveTls13Keys(WOLFSSL* ssl, int secret, int side, int store) if (provision & PROVISION_CLIENT) { /* Derive the client IV. */ WOLFSSL_MSG("Derive Client IV"); - ret = DeriveKey(ssl, &key_dig[i], ssl->specs.iv_size, + ret = Tls13DeriveKey(ssl, &key_dig[i], ssl->specs.iv_size, ssl->clientSecret, writeIVLabel, WRITE_IV_LABEL_SZ, ssl->specs.mac_algorithm, 0); if (ret != 0) @@ -1253,7 +1253,7 @@ int DeriveTls13Keys(WOLFSSL* ssl, int secret, int side, int store) if (provision & PROVISION_SERVER) { /* Derive the server IV. */ WOLFSSL_MSG("Derive Server IV"); - ret = DeriveKey(ssl, &key_dig[i], ssl->specs.iv_size, + ret = Tls13DeriveKey(ssl, &key_dig[i], ssl->specs.iv_size, ssl->serverSecret, writeIVLabel, WRITE_IV_LABEL_SZ, ssl->specs.mac_algorithm, 0); if (ret != 0) diff --git a/wolfssl/internal.h b/wolfssl/internal.h index 7cc28a0d4..ccf27b81f 100644 --- a/wolfssl/internal.h +++ b/wolfssl/internal.h @@ -1799,6 +1799,10 @@ WOLFSSL_LOCAL int DoTls13ServerHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx, word32 helloSz, byte* extMsgType); WOLFSSL_LOCAL int RestartHandshakeHash(WOLFSSL* ssl); + +WOLFSSL_LOCAL int Tls13DeriveKey(WOLFSSL *ssl, byte *output, int outputLen, + const byte *secret, const byte *label, word32 labelLen, int hashAlgo, + int includeMsgs); #endif int TimingPadVerify(WOLFSSL* ssl, const byte* input, int padLen, int macSz, int pLen, int content); @@ -4989,6 +4993,8 @@ WOLFSSL_LOCAL void DoCertFatalAlert(WOLFSSL* ssl, int ret); #endif #endif +WOLFSSL_LOCAL int cipherExtraData(WOLFSSL* ssl); + #ifndef NO_WOLFSSL_CLIENT WOLFSSL_LOCAL int SendClientHello(WOLFSSL* ssl); #ifdef WOLFSSL_TLS13 @@ -5027,6 +5033,10 @@ WOLFSSL_LOCAL void DoCertFatalAlert(WOLFSSL* ssl, int ret); WOLFSSL_LOCAL int VerifyForTxDtlsMsgDelete(WOLFSSL* ssl, DtlsMsg* item); WOLFSSL_LOCAL void DtlsMsgPoolReset(WOLFSSL* ssl); WOLFSSL_LOCAL int DtlsMsgPoolSend(WOLFSSL* ssl, int sendOnlyFirstPacket); + WOLFSSL_LOCAL int GetDtlsHandShakeHeader(WOLFSSL *ssl, const byte *input, + word32 *inOutIdx, byte *type, word32 *size, word32 *fragOffset, + word32 *fragSz, word32 totalSz); + WOLFSSL_LOCAL int DtlsMsgDrain(WOLFSSL *ssl); #endif /* WOLFSSL_DTLS */ #if defined(HAVE_SECURE_RENEGOTIATION) && defined(WOLFSSL_DTLS)