@@ -33224,6 +33224,79 @@ static void FreeSckeArgs(WOLFSSL* ssl, void* pArgs)
3322433224 args->input = NULL;
3322533225}
3322633226
33227+ #ifndef NO_PSK
33228+ static int AddPSKtoPreMasterSecret(WOLFSSL* ssl)
33229+ {
33230+ /* Use the PSK hint to look up the PSK and add it to the
33231+ * preMasterSecret here. */
33232+ ssl->arrays->psk_keySz = ssl->options.server_psk_cb(ssl,
33233+ ssl->arrays->client_identity, ssl->arrays->psk_key,
33234+ MAX_PSK_KEY_LEN);
33235+
33236+ if (ssl->arrays->psk_keySz == 0 ||
33237+ (ssl->arrays->psk_keySz > MAX_PSK_KEY_LEN &&
33238+ (int)ssl->arrays->psk_keySz != WC_NO_ERR_TRACE(USE_HW_PSK))) {
33239+ #if defined(WOLFSSL_EXTRA_ALERTS) || \
33240+ defined(WOLFSSL_PSK_IDENTITY_ALERT)
33241+ SendAlert(ssl, alert_fatal,
33242+ unknown_psk_identity);
33243+ #endif
33244+ return 1;
33245+ }
33246+ /* Pre-shared Key for peer authentication. */
33247+ ssl->options.peerAuthGood = 1;
33248+ return 0;
33249+ }
33250+ #endif
33251+
33252+ #if (defined(HAVE_ECC) || defined(HAVE_CURVE25519) || defined(HAVE_CURVE448) \
33253+ || !defined(NO_DH))\
33254+ && !defined(NO_PSK)
33255+ static int MakeDhePSKPreMasterSecret(WOLFSSL* ssl, byte addPSKtoPreMasterSecret)
33256+ {
33257+ Arrays* arrays = ssl->arrays;
33258+ byte* pms = arrays->preMasterSecret;
33259+ c16toa((word16)arrays->preMasterSz, pms);
33260+ arrays->preMasterSz += OPAQUE16_LEN;
33261+ pms += arrays->preMasterSz;
33262+ if (addPSKtoPreMasterSecret && AddPSKtoPreMasterSecret(ssl))
33263+ return 1;
33264+ if ((int)arrays->psk_keySz > 0) {
33265+ c16toa((word16)arrays->psk_keySz, pms);
33266+ pms += OPAQUE16_LEN;
33267+ XMEMCPY(pms, arrays->psk_key, arrays->psk_keySz);
33268+ arrays->preMasterSz += arrays->psk_keySz + OPAQUE16_LEN;
33269+ ForceZero(arrays->psk_key, arrays->psk_keySz);
33270+ }
33271+ arrays->psk_keySz = 0; /* No further need */
33272+ return 0;
33273+ }
33274+ #endif
33275+
33276+ #ifndef NO_PSK
33277+ static void MakePSKPreMasterSecret(Arrays* arrays)
33278+ {
33279+ byte* pms = arrays->preMasterSecret;
33280+ if ((int)arrays->psk_keySz > 0) {
33281+ /* length of key + length 0s + length of key + key */
33282+ c16toa((word16) arrays->psk_keySz, pms);
33283+ pms += OPAQUE16_LEN;
33284+
33285+ XMEMSET(pms, 0, arrays->psk_keySz);
33286+ pms += arrays->psk_keySz;
33287+
33288+ c16toa((word16) arrays->psk_keySz, pms);
33289+ pms += OPAQUE16_LEN;
33290+
33291+ XMEMCPY(pms, arrays->psk_key, arrays->psk_keySz);
33292+ arrays->preMasterSz = (arrays->psk_keySz * 2) +
33293+ (OPAQUE16_LEN * 2);
33294+ ForceZero(arrays->psk_key, arrays->psk_keySz);
33295+ }
33296+ arrays->psk_keySz = 0; /* no further need */
33297+ }
33298+ #endif /*NO_PSK*/
33299+
3322733300/* handle generation client_key_exchange (16) */
3322833301int SendClientKeyExchange(WOLFSSL* ssl)
3322933302{
@@ -33653,7 +33726,6 @@ int SendClientKeyExchange(WOLFSSL* ssl)
3365333726 #ifndef NO_PSK
3365433727 case psk_kea:
3365533728 {
33656- byte* pms = ssl->arrays->preMasterSecret;
3365733729 ssl->arrays->psk_keySz = ssl->options.client_psk_cb(ssl,
3365833730 ssl->arrays->server_hint, ssl->arrays->client_identity,
3365933731 MAX_PSK_ID_LEN, ssl->arrays->psk_key, MAX_PSK_KEY_LEN);
@@ -33672,24 +33744,7 @@ int SendClientKeyExchange(WOLFSSL* ssl)
3367233744 XMEMCPY(args->encSecret, ssl->arrays->client_identity,
3367333745 args->encSz);
3367433746 ssl->options.peerAuthGood = 1;
33675- if ((int)ssl->arrays->psk_keySz > 0) {
33676- /* CLIENT: Pre-shared Key for peer authentication. */
33677-
33678- /* make psk pre master secret */
33679- /* length of key + length 0s + length of key + key */
33680- c16toa((word16)ssl->arrays->psk_keySz, pms);
33681- pms += OPAQUE16_LEN;
33682- XMEMSET(pms, 0, ssl->arrays->psk_keySz);
33683- pms += ssl->arrays->psk_keySz;
33684- c16toa((word16)ssl->arrays->psk_keySz, pms);
33685- pms += OPAQUE16_LEN;
33686- XMEMCPY(pms, ssl->arrays->psk_key,
33687- ssl->arrays->psk_keySz);
33688- ssl->arrays->preMasterSz = (ssl->arrays->psk_keySz * 2)
33689- + (2 * OPAQUE16_LEN);
33690- ForceZero(ssl->arrays->psk_key, ssl->arrays->psk_keySz);
33691- }
33692- ssl->arrays->psk_keySz = 0; /* No further need */
33747+ MakePSKPreMasterSecret(ssl->arrays);
3369333748 break;
3369433749 }
3369533750 #endif /* !NO_PSK */
@@ -34187,39 +34242,22 @@ int SendClientKeyExchange(WOLFSSL* ssl)
3418734242 #if !defined(NO_DH) && !defined(NO_PSK)
3418834243 case dhe_psk_kea:
3418934244 {
34190- byte* pms = ssl->arrays->preMasterSecret;
34191-
3419234245 /* validate args */
3419334246 if (args->output == NULL || args->length == 0) {
3419434247 ERROR_OUT(BAD_FUNC_ARG, exit_scke);
3419534248 }
3419634249
3419734250 c16toa((word16)args->length, args->output);
3419834251 args->encSz += args->length + OPAQUE16_LEN;
34199- c16toa((word16)ssl->arrays->preMasterSz, pms);
34200- ssl->arrays->preMasterSz += OPAQUE16_LEN;
34201- pms += ssl->arrays->preMasterSz;
34202-
34203- /* make psk pre master secret */
34204- if ((int)ssl->arrays->psk_keySz > 0) {
34205- /* length of key + length 0s + length of key + key */
34206- c16toa((word16)ssl->arrays->psk_keySz, pms);
34207- pms += OPAQUE16_LEN;
34208- XMEMCPY(pms, ssl->arrays->psk_key, ssl->arrays->psk_keySz);
34209- ssl->arrays->preMasterSz +=
34210- ssl->arrays->psk_keySz + OPAQUE16_LEN;
34211- ForceZero(ssl->arrays->psk_key, ssl->arrays->psk_keySz);
34212- }
34213- ssl->arrays->psk_keySz = 0; /* No further need */
34252+
34253+ (void)MakeDhePSKPreMasterSecret(ssl, 0);
3421434254 break;
3421534255 }
3421634256 #endif /* !NO_DH && !NO_PSK */
3421734257 #if (defined(HAVE_ECC) || defined(HAVE_CURVE25519) || \
3421834258 defined(HAVE_CURVE448)) && !defined(NO_PSK)
3421934259 case ecdhe_psk_kea:
3422034260 {
34221- byte* pms = ssl->arrays->preMasterSecret;
34222-
3422334261 /* validate args */
3422434262 if (args->output == NULL || args->length > ENCRYPT_LEN) {
3422534263 ERROR_OUT(BAD_FUNC_ARG, exit_scke);
@@ -34231,19 +34269,7 @@ int SendClientKeyExchange(WOLFSSL* ssl)
3423134269
3423234270 /* Create pre master secret is the concatenation of
3423334271 * eccSize + eccSharedKey + pskSize + pskKey */
34234- c16toa((word16)ssl->arrays->preMasterSz, pms);
34235- ssl->arrays->preMasterSz += OPAQUE16_LEN;
34236- pms += ssl->arrays->preMasterSz;
34237-
34238- if ((int)ssl->arrays->psk_keySz > 0) {
34239- c16toa((word16)ssl->arrays->psk_keySz, pms);
34240- pms += OPAQUE16_LEN;
34241- XMEMCPY(pms, ssl->arrays->psk_key, ssl->arrays->psk_keySz);
34242- ssl->arrays->preMasterSz += ssl->arrays->psk_keySz + OPAQUE16_LEN;
34243-
34244- ForceZero(ssl->arrays->psk_key, ssl->arrays->psk_keySz);
34245- }
34246- ssl->arrays->psk_keySz = 0; /* No further need */
34272+ (void)MakeDhePSKPreMasterSecret(ssl, 0);
3424734273 break;
3424834274 }
3424934275 #endif /* (HAVE_ECC || HAVE_CURVE25519 || HAVE_CURVE448) && !NO_PSK */
@@ -41048,7 +41074,6 @@ static int DefTicketEncCb(WOLFSSL* ssl, byte key_name[WOLFSSL_TICKET_NAME_SZ],
4104841074 #ifndef NO_PSK
4104941075 case psk_kea:
4105041076 {
41051- byte* pms = ssl->arrays->preMasterSecret;
4105241077 word16 ci_sz;
4105341078
4105441079 if ((args->idx - args->begin) + OPAQUE16_LEN > size) {
@@ -41069,42 +41094,10 @@ static int DefTicketEncCb(WOLFSSL* ssl, byte key_name[WOLFSSL_TICKET_NAME_SZ],
4106941094 XMEMCPY(ssl->arrays->client_identity,
4107041095 input + args->idx, ci_sz);
4107141096 args->idx += ci_sz;
41072-
4107341097 ssl->arrays->client_identity[ci_sz] = '\0'; /* null term */
41074- ssl->arrays->psk_keySz = ssl->options.server_psk_cb(ssl,
41075- ssl->arrays->client_identity, ssl->arrays->psk_key,
41076- MAX_PSK_KEY_LEN);
41077-
41078- if (ssl->arrays->psk_keySz == 0 ||
41079- (ssl->arrays->psk_keySz > MAX_PSK_KEY_LEN &&
41080- (int)ssl->arrays->psk_keySz != WC_NO_ERR_TRACE(USE_HW_PSK))) {
41081- #if defined(WOLFSSL_EXTRA_ALERTS) || \
41082- defined(WOLFSSL_PSK_IDENTITY_ALERT)
41083- SendAlert(ssl, alert_fatal,
41084- unknown_psk_identity);
41085- #endif
41098+ if (AddPSKtoPreMasterSecret(ssl))
4108641099 ERROR_OUT(PSK_KEY_ERROR, exit_dcke);
41087- }
41088- /* SERVER: Pre-shared Key for peer authentication. */
41089- ssl->options.peerAuthGood = 1;
41090-
41091- /* make psk pre master secret */
41092- if ((int)ssl->arrays->psk_keySz > 0) {
41093- /* length of key + length 0s + length of key + key */
41094- c16toa((word16) ssl->arrays->psk_keySz, pms);
41095- pms += OPAQUE16_LEN;
41096-
41097- XMEMSET(pms, 0, ssl->arrays->psk_keySz);
41098- pms += ssl->arrays->psk_keySz;
41099-
41100- c16toa((word16) ssl->arrays->psk_keySz, pms);
41101- pms += OPAQUE16_LEN;
41102-
41103- XMEMCPY(pms, ssl->arrays->psk_key, ssl->arrays->psk_keySz);
41104- ssl->arrays->preMasterSz = (ssl->arrays->psk_keySz * 2) +
41105- (OPAQUE16_LEN * 2);
41106- }
41107- ssl->arrays->psk_keySz = 0; /* no further need */
41100+ MakePSKPreMasterSecret(ssl->arrays);
4110841101 break;
4110941102 }
4111041103 #endif /* !NO_PSK */
@@ -41903,82 +41896,33 @@ static int DefTicketEncCb(WOLFSSL* ssl, byte key_name[WOLFSSL_TICKET_NAME_SZ],
4190341896 #if !defined(NO_DH) && !defined(NO_PSK)
4190441897 case dhe_psk_kea:
4190541898 {
41906- byte* pms = ssl->arrays->preMasterSecret;
4190741899 word16 clientSz = (word16)args->sigSz;
4190841900
4190941901 args->idx += clientSz;
41910- c16toa((word16)ssl->arrays->preMasterSz, pms);
41911- ssl->arrays->preMasterSz += OPAQUE16_LEN;
41912- pms += ssl->arrays->preMasterSz;
4191341902
4191441903 /* Use the PSK hint to look up the PSK and add it to the
4191541904 * preMasterSecret here. */
41916- ssl->arrays->psk_keySz = ssl->options.server_psk_cb(ssl,
41917- ssl->arrays->client_identity, ssl->arrays->psk_key,
41918- MAX_PSK_KEY_LEN);
41919-
41920- if (ssl->arrays->psk_keySz == 0 ||
41921- (ssl->arrays->psk_keySz > MAX_PSK_KEY_LEN &&
41922- (int)ssl->arrays->psk_keySz != WC_NO_ERR_TRACE(USE_HW_PSK))) {
41923- #if defined(WOLFSSL_EXTRA_ALERTS) || \
41924- defined(WOLFSSL_PSK_IDENTITY_ALERT)
41925- SendAlert(ssl, alert_fatal,
41926- unknown_psk_identity);
41927- #endif
41905+ if (MakeDhePSKPreMasterSecret(ssl, 1))
4192841906 ERROR_OUT(PSK_KEY_ERROR, exit_dcke);
41929- }
41930- /* SERVER: Pre-shared Key for peer authentication. */
41931- ssl->options.peerAuthGood = 1;
41932-
41933- if ((int)ssl->arrays->psk_keySz > 0) {
41934- c16toa((word16) ssl->arrays->psk_keySz, pms);
41935- pms += OPAQUE16_LEN;
41936-
41937- XMEMCPY(pms, ssl->arrays->psk_key, ssl->arrays->psk_keySz);
41938- ssl->arrays->preMasterSz += ssl->arrays->psk_keySz + OPAQUE16_LEN;
41939- ForceZero(ssl->arrays->psk_key, ssl->arrays->psk_keySz);
41940- }
41941- ssl->arrays->psk_keySz = 0; /* no further need */
4194241907 break;
4194341908 }
4194441909 #endif /* !NO_DH && !NO_PSK */
4194541910 #if (defined(HAVE_ECC) || defined(HAVE_CURVE25519) || \
4194641911 defined(HAVE_CURVE448)) && !defined(NO_PSK)
4194741912 case ecdhe_psk_kea:
4194841913 {
41949- byte* pms = ssl->arrays->preMasterSecret;
4195041914 word16 clientSz = (word16)args->sigSz;
4195141915
4195241916 /* skip past the imported peer key */
4195341917 args->idx += args->length;
4195441918
4195541919 /* Add preMasterSecret */
41956- c16toa(clientSz, pms);
41957- ssl->arrays->preMasterSz = OPAQUE16_LEN + clientSz;
41958- pms += ssl->arrays->preMasterSz;
41920+ ssl->arrays->preMasterSz = clientSz;
4195941921
4196041922 /* Use the PSK hint to look up the PSK and add it to the
4196141923 * preMasterSecret here. */
41962- ssl->arrays->psk_keySz = ssl->options.server_psk_cb(ssl,
41963- ssl->arrays->client_identity, ssl->arrays->psk_key,
41964- MAX_PSK_KEY_LEN);
41965-
41966- if (ssl->arrays->psk_keySz == 0 ||
41967- (ssl->arrays->psk_keySz > MAX_PSK_KEY_LEN &&
41968- (int)ssl->arrays->psk_keySz != WC_NO_ERR_TRACE(USE_HW_PSK))) {
41924+ if (MakeDhePSKPreMasterSecret(ssl, 1))
4196941925 ERROR_OUT(PSK_KEY_ERROR, exit_dcke);
41970- }
41971- /* SERVER: Pre-shared Key for peer authentication. */
41972- ssl->options.peerAuthGood = 1;
41973- if ((int)ssl->arrays->psk_keySz > 0) {
41974- c16toa((word16) ssl->arrays->psk_keySz, pms);
41975- pms += OPAQUE16_LEN;
41976-
41977- XMEMCPY(pms, ssl->arrays->psk_key, ssl->arrays->psk_keySz);
41978- ssl->arrays->preMasterSz += ssl->arrays->psk_keySz + OPAQUE16_LEN;
41979- ForceZero(ssl->arrays->psk_key, ssl->arrays->psk_keySz);
41980- }
41981- ssl->arrays->psk_keySz = 0; /* no further need */
4198241926 break;
4198341927 }
4198441928 #endif /* (HAVE_ECC || CURVE25519 || CURVE448) && !NO_PSK */
0 commit comments