mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2025-07-31 03:07:29 +02:00
Merge pull request #5455 from dgarske/zd14420
Fix for handling `WC_PENDING_E` from decrypt session ticket callback
This commit is contained in:
Sean Parkinson
GitHub
@ -616,9 +616,6 @@ static int ClientBenchmarkConnections(WOLFSSL_CTX* ctx, char* host, word16 port,
|
|||||||
do {
|
do {
|
||||||
err = 0; /* reset error */
|
err = 0; /* reset error */
|
||||||
ret = wolfSSL_connect(ssl);
|
ret = wolfSSL_connect(ssl);
|
||||||
#ifdef WOLFSSL_EARLY_DATA
|
|
||||||
EarlyDataStatus(ssl);
|
|
||||||
#endif
|
|
||||||
if (ret != WOLFSSL_SUCCESS) {
|
if (ret != WOLFSSL_SUCCESS) {
|
||||||
err = wolfSSL_get_error(ssl, 0);
|
err = wolfSSL_get_error(ssl, 0);
|
||||||
#ifdef WOLFSSL_ASYNC_CRYPT
|
#ifdef WOLFSSL_ASYNC_CRYPT
|
||||||
@ -630,6 +627,9 @@ static int ClientBenchmarkConnections(WOLFSSL_CTX* ctx, char* host, word16 port,
|
|||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
} while (err == WC_PENDING_E);
|
} while (err == WC_PENDING_E);
|
||||||
|
#ifdef WOLFSSL_EARLY_DATA
|
||||||
|
EarlyDataStatus(ssl);
|
||||||
|
#endif
|
||||||
if (ret != WOLFSSL_SUCCESS) {
|
if (ret != WOLFSSL_SUCCESS) {
|
||||||
err_sys("SSL_connect failed");
|
err_sys("SSL_connect failed");
|
||||||
}
|
}
|
||||||
|
|||||||
@ -3156,9 +3156,6 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
|
|||||||
do {
|
do {
|
||||||
err = 0; /* reset error */
|
err = 0; /* reset error */
|
||||||
ret = SSL_accept(ssl);
|
ret = SSL_accept(ssl);
|
||||||
#ifdef WOLFSSL_EARLY_DATA
|
|
||||||
EarlyDataStatus(ssl);
|
|
||||||
#endif
|
|
||||||
if (ret != WOLFSSL_SUCCESS) {
|
if (ret != WOLFSSL_SUCCESS) {
|
||||||
err = SSL_get_error(ssl, 0);
|
err = SSL_get_error(ssl, 0);
|
||||||
#ifdef WOLFSSL_ASYNC_CRYPT
|
#ifdef WOLFSSL_ASYNC_CRYPT
|
||||||
@ -3172,6 +3169,9 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
|
|||||||
}
|
}
|
||||||
#else
|
#else
|
||||||
ret = NonBlockingSSL_Accept(ssl);
|
ret = NonBlockingSSL_Accept(ssl);
|
||||||
|
#endif
|
||||||
|
#ifdef WOLFSSL_EARLY_DATA
|
||||||
|
EarlyDataStatus(ssl);
|
||||||
#endif
|
#endif
|
||||||
if (ret != WOLFSSL_SUCCESS) {
|
if (ret != WOLFSSL_SUCCESS) {
|
||||||
err = SSL_get_error(ssl, 0);
|
err = SSL_get_error(ssl, 0);
|
||||||
|
|||||||
38
src/tls13.c
38
src/tls13.c
@ -4577,7 +4577,8 @@ static int FindPsk(WOLFSSL* ssl, PreSharedKey* psk, byte* suite, int* err)
|
|||||||
* first Set to 1 if first in extension
|
* first Set to 1 if first in extension
|
||||||
* returns 0 on success and otherwise failure.
|
* returns 0 on success and otherwise failure.
|
||||||
*/
|
*/
|
||||||
static int DoPreSharedKeys(WOLFSSL* ssl, byte* suite, int* usingPSK, int* first)
|
static int DoPreSharedKeys(WOLFSSL* ssl, const byte* input, word32 inputSz,
|
||||||
|
byte* suite, int* usingPSK, int* first)
|
||||||
{
|
{
|
||||||
int ret = 0;
|
int ret = 0;
|
||||||
TLSX* ext;
|
TLSX* ext;
|
||||||
@ -4608,8 +4609,13 @@ static int DoPreSharedKeys(WOLFSSL* ssl, byte* suite, int* usingPSK, int* first)
|
|||||||
|
|
||||||
#ifdef HAVE_SESSION_TICKET
|
#ifdef HAVE_SESSION_TICKET
|
||||||
/* Decode the identity. */
|
/* Decode the identity. */
|
||||||
if (DoClientTicket(ssl, current->identity, current->identityLen)
|
ret = DoClientTicket(ssl, current->identity, current->identityLen);
|
||||||
== WOLFSSL_TICKET_RET_OK) {
|
#ifdef WOLFSSL_ASYNC_CRYPT
|
||||||
|
if (ret == WC_PENDING_E)
|
||||||
|
return ret;
|
||||||
|
#endif
|
||||||
|
|
||||||
|
if (ret == WOLFSSL_TICKET_RET_OK) {
|
||||||
word32 now;
|
word32 now;
|
||||||
sword64 diff;
|
sword64 diff;
|
||||||
|
|
||||||
@ -4678,6 +4684,12 @@ static int DoPreSharedKeys(WOLFSSL* ssl, byte* suite, int* usingPSK, int* first)
|
|||||||
ret = DeriveEarlySecret(ssl);
|
ret = DeriveEarlySecret(ssl);
|
||||||
if (ret != 0)
|
if (ret != 0)
|
||||||
return ret;
|
return ret;
|
||||||
|
|
||||||
|
/* Hash data up to binders for deriving binders in PSK extension. */
|
||||||
|
ret = HashInput(ssl, input, inputSz);
|
||||||
|
if (ret < 0)
|
||||||
|
return ret;
|
||||||
|
|
||||||
/* Derive the binder key to use with HMAC. */
|
/* Derive the binder key to use with HMAC. */
|
||||||
ret = DeriveBinderKeyResume(ssl, binderKey);
|
ret = DeriveBinderKeyResume(ssl, binderKey);
|
||||||
if (ret != 0)
|
if (ret != 0)
|
||||||
@ -4690,6 +4702,10 @@ static int DoPreSharedKeys(WOLFSSL* ssl, byte* suite, int* usingPSK, int* first)
|
|||||||
if (ret != 0)
|
if (ret != 0)
|
||||||
return ret;
|
return ret;
|
||||||
|
|
||||||
|
ret = HashInput(ssl, input, inputSz);
|
||||||
|
if (ret < 0)
|
||||||
|
return ret;
|
||||||
|
|
||||||
/* Derive the binder key to use with HMAC. */
|
/* Derive the binder key to use with HMAC. */
|
||||||
ret = DeriveBinderKey(ssl, binderKey);
|
ret = DeriveBinderKey(ssl, binderKey);
|
||||||
if (ret != 0)
|
if (ret != 0)
|
||||||
@ -4801,11 +4817,6 @@ static int CheckPreSharedKeys(WOLFSSL* ssl, const byte* input, word32 helloSz,
|
|||||||
if (ret < 0)
|
if (ret < 0)
|
||||||
return ret;
|
return ret;
|
||||||
|
|
||||||
/* Hash data up to binders for deriving binders in PSK extension. */
|
|
||||||
ret = HashInput(ssl, input, helloSz - bindersLen);
|
|
||||||
if (ret < 0)
|
|
||||||
return ret;
|
|
||||||
|
|
||||||
/* Refine list for PSK processing. */
|
/* Refine list for PSK processing. */
|
||||||
RefineSuites(ssl, clSuites);
|
RefineSuites(ssl, clSuites);
|
||||||
|
|
||||||
@ -4816,8 +4827,8 @@ static int CheckPreSharedKeys(WOLFSSL* ssl, const byte* input, word32 helloSz,
|
|||||||
if (!ssl->options.useClientOrder) {
|
if (!ssl->options.useClientOrder) {
|
||||||
/* Server order - server list has only common suites from refining. */
|
/* Server order - server list has only common suites from refining. */
|
||||||
for (i = 0; !(*usingPSK) && i < ssl->suites->suiteSz; i += 2) {
|
for (i = 0; !(*usingPSK) && i < ssl->suites->suiteSz; i += 2) {
|
||||||
ret = DoPreSharedKeys(ssl, ssl->suites->suites + i, usingPSK,
|
ret = DoPreSharedKeys(ssl, input, helloSz - bindersLen,
|
||||||
&first);
|
ssl->suites->suites + i, usingPSK, &first);
|
||||||
if (ret != 0) {
|
if (ret != 0) {
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
@ -4827,15 +4838,16 @@ static int CheckPreSharedKeys(WOLFSSL* ssl, const byte* input, word32 helloSz,
|
|||||||
/* Client order */
|
/* Client order */
|
||||||
for (j = 0; !(*usingPSK) && j < clSuites->suiteSz; j += 2) {
|
for (j = 0; !(*usingPSK) && j < clSuites->suiteSz; j += 2) {
|
||||||
for (i = 0; !(*usingPSK) && i < ssl->suites->suiteSz; i += 2) {
|
for (i = 0; !(*usingPSK) && i < ssl->suites->suiteSz; i += 2) {
|
||||||
ret = DoPreSharedKeys(ssl, ssl->suites->suites + i, usingPSK,
|
ret = DoPreSharedKeys(ssl, input, helloSz - bindersLen,
|
||||||
&first);
|
ssl->suites->suites + i, usingPSK, &first);
|
||||||
if (ret != 0)
|
if (ret != 0)
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
#else
|
#else
|
||||||
ret = DoPreSharedKeys(ssl, suite, usingPSK, &first);
|
ret = DoPreSharedKeys(ssl, input, helloSz - bindersLen, suite, usingPSK,
|
||||||
|
&first);
|
||||||
if (ret != 0)
|
if (ret != 0)
|
||||||
return ret;
|
return ret;
|
||||||
#endif
|
#endif
|
||||||
|
|||||||
Reference in New Issue
Block a user