mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-10 04:40:49 +02:00
Fixes for TLS v1.3 with crypto callbacks not offloading DeriveKeyMsg, KDF HMAC and ECH.
This commit is contained in:
+21
-6
@@ -1195,8 +1195,8 @@ int wolfSSL_GetHmacMaxSize(void)
|
||||
* out The pseudorandom key with the length that of the hash.
|
||||
* returns 0 on success, otherwise failure.
|
||||
*/
|
||||
int wc_HKDF_Extract(int type, const byte* salt, word32 saltSz,
|
||||
const byte* inKey, word32 inKeySz, byte* out)
|
||||
int wc_HKDF_Extract_ex(int type, const byte* salt, word32 saltSz,
|
||||
const byte* inKey, word32 inKeySz, byte* out, void* heap, int devId)
|
||||
{
|
||||
byte tmp[WC_MAX_DIGEST_SIZE]; /* localSalt helper */
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
@@ -1228,7 +1228,7 @@ int wolfSSL_GetHmacMaxSize(void)
|
||||
saltSz = hashSz;
|
||||
}
|
||||
|
||||
ret = wc_HmacInit(myHmac, NULL, INVALID_DEVID);
|
||||
ret = wc_HmacInit(myHmac, heap, devId);
|
||||
if (ret == 0) {
|
||||
ret = wc_HmacSetKey(myHmac, type, localSalt, saltSz);
|
||||
if (ret == 0)
|
||||
@@ -1244,6 +1244,13 @@ int wolfSSL_GetHmacMaxSize(void)
|
||||
return ret;
|
||||
}
|
||||
|
||||
int wc_HKDF_Extract(int type, const byte* salt, word32 saltSz,
|
||||
const byte* inKey, word32 inKeySz, byte* out)
|
||||
{
|
||||
return wc_HKDF_Extract_ex(type, salt, saltSz, inKey, inKeySz, out, NULL,
|
||||
INVALID_DEVID);
|
||||
}
|
||||
|
||||
/* HMAC-KDF-Expand.
|
||||
* RFC 5869 - HMAC-based Extract-and-Expand Key Derivation Function (HKDF).
|
||||
*
|
||||
@@ -1255,8 +1262,9 @@ int wolfSSL_GetHmacMaxSize(void)
|
||||
* out The output keying material.
|
||||
* returns 0 on success, otherwise failure.
|
||||
*/
|
||||
int wc_HKDF_Expand(int type, const byte* inKey, word32 inKeySz,
|
||||
const byte* info, word32 infoSz, byte* out, word32 outSz)
|
||||
int wc_HKDF_Expand_ex(int type, const byte* inKey, word32 inKeySz,
|
||||
const byte* info, word32 infoSz, byte* out, word32 outSz,
|
||||
void* heap, int devId)
|
||||
{
|
||||
byte tmp[WC_MAX_DIGEST_SIZE];
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
@@ -1289,7 +1297,7 @@ int wolfSSL_GetHmacMaxSize(void)
|
||||
}
|
||||
#endif
|
||||
|
||||
ret = wc_HmacInit(myHmac, NULL, INVALID_DEVID);
|
||||
ret = wc_HmacInit(myHmac, heap, devId);
|
||||
if (ret != 0) {
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
XFREE(myHmac, NULL, DYNAMIC_TYPE_HMAC);
|
||||
@@ -1334,6 +1342,13 @@ int wolfSSL_GetHmacMaxSize(void)
|
||||
return ret;
|
||||
}
|
||||
|
||||
int wc_HKDF_Expand(int type, const byte* inKey, word32 inKeySz,
|
||||
const byte* info, word32 infoSz, byte* out, word32 outSz)
|
||||
{
|
||||
return wc_HKDF_Expand_ex(type, inKey, inKeySz, info, infoSz, out, outSz,
|
||||
NULL, INVALID_DEVID);
|
||||
}
|
||||
|
||||
/* HMAC-KDF.
|
||||
* RFC 5869 - HMAC-based Extract-and-Expand Key Derivation Function (HKDF).
|
||||
*
|
||||
|
||||
+39
-4
@@ -362,8 +362,8 @@ int wc_PRF_TLS(byte* digest, word32 digLen, const byte* secret, word32 secLen,
|
||||
* digest The type of digest to use.
|
||||
* returns 0 on success, otherwise failure.
|
||||
*/
|
||||
int wc_Tls13_HKDF_Extract(byte* prk, const byte* salt, word32 saltLen,
|
||||
byte* ikm, word32 ikmLen, int digest)
|
||||
int wc_Tls13_HKDF_Extract_ex(byte* prk, const byte* salt, word32 saltLen,
|
||||
byte* ikm, word32 ikmLen, int digest, void* heap, int devId)
|
||||
{
|
||||
int ret;
|
||||
word32 len = 0;
|
||||
@@ -410,7 +410,15 @@ int wc_PRF_TLS(byte* digest, word32 digLen, const byte* secret, word32 secLen,
|
||||
WOLFSSL_BUFFER(ikm, ikmLen);
|
||||
#endif
|
||||
|
||||
#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
|
||||
(defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
|
||||
ret = wc_HKDF_Extract_ex(digest, salt, saltLen, ikm, ikmLen, prk, heap,
|
||||
devId);
|
||||
#else
|
||||
ret = wc_HKDF_Extract(digest, salt, saltLen, ikm, ikmLen, prk);
|
||||
(void)heap;
|
||||
(void)devId;
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_DEBUG_TLS
|
||||
WOLFSSL_MSG(" PRK");
|
||||
@@ -420,6 +428,13 @@ int wc_PRF_TLS(byte* digest, word32 digLen, const byte* secret, word32 secLen,
|
||||
return ret;
|
||||
}
|
||||
|
||||
int wc_Tls13_HKDF_Extract(byte* prk, const byte* salt, word32 saltLen,
|
||||
byte* ikm, word32 ikmLen, int digest)
|
||||
{
|
||||
return wc_Tls13_HKDF_Extract_ex(prk, salt, saltLen, ikm, ikmLen, digest,
|
||||
NULL, INVALID_DEVID);
|
||||
}
|
||||
|
||||
/* Expand data using HMAC, salt and label and info.
|
||||
* TLS v1.3 defines this function.
|
||||
*
|
||||
@@ -435,12 +450,12 @@ int wc_PRF_TLS(byte* digest, word32 digLen, const byte* secret, word32 secLen,
|
||||
* digest The type of digest to use.
|
||||
* returns 0 on success, otherwise failure.
|
||||
*/
|
||||
int wc_Tls13_HKDF_Expand_Label(byte* okm, word32 okmLen,
|
||||
int wc_Tls13_HKDF_Expand_Label_ex(byte* okm, word32 okmLen,
|
||||
const byte* prk, word32 prkLen,
|
||||
const byte* protocol, word32 protocolLen,
|
||||
const byte* label, word32 labelLen,
|
||||
const byte* info, word32 infoLen,
|
||||
int digest)
|
||||
int digest, void* heap, int devId)
|
||||
{
|
||||
int ret = 0;
|
||||
word32 idx = 0;
|
||||
@@ -494,7 +509,15 @@ int wc_PRF_TLS(byte* digest, word32 digLen, const byte* secret, word32 secLen,
|
||||
WOLFSSL_MSG_EX(" Digest %d", digest);
|
||||
#endif
|
||||
|
||||
#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
|
||||
(defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
|
||||
ret = wc_HKDF_Expand_ex(digest, prk, prkLen, data, idx, okm, okmLen,
|
||||
heap, devId);
|
||||
#else
|
||||
ret = wc_HKDF_Expand(digest, prk, prkLen, data, idx, okm, okmLen);
|
||||
(void)heap;
|
||||
(void)devId;
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_DEBUG_TLS
|
||||
WOLFSSL_MSG(" OKM");
|
||||
@@ -512,6 +535,18 @@ int wc_PRF_TLS(byte* digest, word32 digLen, const byte* secret, word32 secLen,
|
||||
return ret;
|
||||
}
|
||||
|
||||
int wc_Tls13_HKDF_Expand_Label(byte* okm, word32 okmLen,
|
||||
const byte* prk, word32 prkLen,
|
||||
const byte* protocol, word32 protocolLen,
|
||||
const byte* label, word32 labelLen,
|
||||
const byte* info, word32 infoLen,
|
||||
int digest)
|
||||
{
|
||||
return wc_Tls13_HKDF_Expand_Label_ex(okm, okmLen, prk, prkLen, protocol,
|
||||
protocolLen, label, labelLen, info, infoLen, digest,
|
||||
NULL, INVALID_DEVID);
|
||||
}
|
||||
|
||||
#if defined(WOLFSSL_TICKET_NONCE_MALLOC) && \
|
||||
(!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
|
||||
/* Expand data using HMAC, salt and label and info.
|
||||
|
||||
Reference in New Issue
Block a user