commit 6b9503a32d8495b39491d40a2a30bbdefa31cae9
author Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Tue Feb 14 09:31:07 2023 +0100
committer GitHub <noreply@github.com> Tue Feb 14 09:31:07 2023 +0100
tree 69a668cf142af0033b0aedd6243b3bf924bf97ef
parent 70341c17b75fbfeaff15e906cf4754ac799aec96
parent 1b08d421a70d44bfc4a7f6e307a538d1d184a028

Merge pull request #7064 from valeriosetti/issue6860

driver-only ECDSA: get testing parity in SSL

library/ssl_misc.h

diff --git a/library/ssl_misc.h b/library/ssl_misc.h
index ef05dca..2668a05 100644
--- a/library/ssl_misc.h
+++ b/library/ssl_misc.h
@@ -986,7 +986,6 @@
 
     mbedtls_ssl_tls13_handshake_secrets tls13_hs_secrets;
 #if defined(MBEDTLS_SSL_EARLY_DATA)
-    mbedtls_ssl_tls13_early_secrets tls13_early_secrets;
     /** TLS 1.3 transform for early data and handshake messages. */
     mbedtls_ssl_transform *transform_earlydata;
 #endif

library/ssl_tls13_keys.c

diff --git a/library/ssl_tls13_keys.c b/library/ssl_tls13_keys.c
index 2e34ee8..a95d2fd 100644
--- a/library/ssl_tls13_keys.c
+++ b/library/ssl_tls13_keys.c
@@ -1127,10 +1127,10 @@
     size_t transcript_len;
     size_t key_len;
     size_t iv_len;
+    mbedtls_ssl_tls13_early_secrets tls13_early_secrets;
 
     mbedtls_ssl_handshake_params *handshake = ssl->handshake;
     const mbedtls_ssl_ciphersuite_t *ciphersuite_info = handshake->ciphersuite_info;
-    mbedtls_ssl_tls13_early_secrets *tls13_early_secrets = &handshake->tls13_early_secrets;
 
     MBEDTLS_SSL_DEBUG_MSG(2, ("=> ssl_tls13_generate_early_key"));
 
@@ -1158,7 +1158,7 @@
 
     ret = mbedtls_ssl_tls13_derive_early_secrets(
         hash_alg, handshake->tls13_master_secrets.early,
-        transcript, transcript_len, tls13_early_secrets);
+        transcript, transcript_len, &tls13_early_secrets);
     if (ret != 0) {
         MBEDTLS_SSL_DEBUG_RET(
             1, "mbedtls_ssl_tls13_derive_early_secrets", ret);
@@ -1167,7 +1167,7 @@
 
     MBEDTLS_SSL_DEBUG_BUF(
         4, "Client early traffic secret",
-        tls13_early_secrets->client_early_traffic_secret, hash_len);
+        tls13_early_secrets.client_early_traffic_secret, hash_len);
 
     /*
      * Export client handshake traffic secret
@@ -1176,7 +1176,7 @@
         ssl->f_export_keys(
             ssl->p_export_keys,
             MBEDTLS_SSL_KEY_EXPORT_TLS1_3_CLIENT_EARLY_SECRET,
-            tls13_early_secrets->client_early_traffic_secret,
+            tls13_early_secrets.client_early_traffic_secret,
             hash_len,
             handshake->randbytes,
             handshake->randbytes + MBEDTLS_CLIENT_HELLO_RANDOM_LEN,
@@ -1185,7 +1185,7 @@
 
     ret = ssl_tls13_make_traffic_key(
         hash_alg,
-        tls13_early_secrets->client_early_traffic_secret,
+        tls13_early_secrets.client_early_traffic_secret,
         hash_len, traffic_keys->client_write_key, key_len,
         traffic_keys->client_write_iv, iv_len);
     if (ret != 0) {
@@ -1206,9 +1206,9 @@
     MBEDTLS_SSL_DEBUG_MSG(2, ("<= ssl_tls13_generate_early_key"));
 
 cleanup:
-    /* Erase secret and transcript */
+    /* Erase early secrets and transcript */
     mbedtls_platform_zeroize(
-        tls13_early_secrets, sizeof(mbedtls_ssl_tls13_early_secrets));
+        &tls13_early_secrets, sizeof(mbedtls_ssl_tls13_early_secrets));
     mbedtls_platform_zeroize(transcript, sizeof(transcript));
     return ret;
 }