commit 9b5d04b078de4acd8471eb0bfb7db28fea000720
author XiaokangQian <xiaokang.qian@arm.com> Sun Apr 10 10:20:43 2022 +0000
committer XiaokangQian <xiaokang.qian@arm.com> Wed Apr 20 07:43:48 2022 +0000
tree 93b9638818e885087da557c6aabe1bf532826bc1
parent c4b8c99a38e2201598c839483c307ba5073fe1e8

Share parse_key_share() between client and server

Change-Id: I3fd2604296dc0e1e8380f5405429a6b0feb6e981
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>

library/ssl_tls13_generic.c

diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c
index 18a66ec..a6bcac3 100644
--- a/library/ssl_tls13_generic.c
+++ b/library/ssl_tls13_generic.c
@@ -30,7 +30,6 @@
 #include "mbedtls/constant_time.h"
 #include <string.h>
 
-#include "ecp_internal.h"
 #include "ssl_misc.h"
 #include "ssl_tls13_keys.h"
 #include "ssl_debug_helpers.h"
@@ -1512,59 +1511,29 @@
     return( ret );
 }
 
-#define ECDH_VALIDATE_RET( cond )    \
-    MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_ECP_BAD_INPUT_DATA )
+#if defined(MBEDTLS_ECDH_C)
 
-#if !defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
-static int ecdh_import_public_raw( mbedtls_ecdh_context_mbed *ctx,
-                                   const unsigned char *buf,
-                                   const unsigned char *end )
+int mbedtls_ssl_tls13_read_public_ecdhe_share( mbedtls_ssl_context *ssl,
+                                               const unsigned char *buf,
+                                               size_t buf_len )
 {
-    return( mbedtls_ecp_point_read_binary( &ctx->grp, &ctx->Qp,
-                                           buf, end - buf ) );
-}
-#endif /* MBEDTLS_ECDH_LEGACY_CONTEXT */
+    uint8_t *p = (uint8_t*)buf;
+    mbedtls_ssl_handshake_params *handshake = ssl->handshake;
 
-#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
-static int everest_import_public_raw( mbedtls_x25519_context *ctx,
-                                      const unsigned char *buf,
-                                      const unsigned char *end )
-{
-    if( end - buf != MBEDTLS_X25519_KEY_SIZE_BYTES )
-        return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
+    /* Get size of the TLS opaque key_exchange field of the KeyShareEntry struct. */
+    uint16_t peerkey_len = MBEDTLS_GET_UINT16_BE( p, 0 );
+    p += 2;
 
-    memcpy( ctx->peer_point, buf, MBEDTLS_X25519_KEY_SIZE_BYTES );
+    /* Check if key size is consistent with given buffer length. */
+    if ( peerkey_len > ( buf_len - 2 ) )
+        return( MBEDTLS_ERR_SSL_DECODE_ERROR );
+
+    /* Store peer's ECDH public key. */
+    memcpy( handshake->ecdh_psa_peerkey, p, peerkey_len );
+    handshake->ecdh_psa_peerkey_len = peerkey_len;
+
     return( 0 );
 }
-#endif /* MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED */
-
-int mbedtls_ecdh_import_public_raw( mbedtls_ecdh_context *ctx,
-                                    const unsigned char *buf,
-                                    const unsigned char *end )
-{
-    ECDH_VALIDATE_RET( ctx != NULL );
-    ECDH_VALIDATE_RET( buf != NULL );
-    ECDH_VALIDATE_RET( end != NULL );
-#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
-    ((void) ctx);
-    ((void) buf);
-    ((void) end);
-    return ( 0 );
-#else
-    switch( ctx->var )
-    {
-#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
-        case MBEDTLS_ECDH_VARIANT_EVEREST:
-            return( everest_import_public_raw( &ctx->ctx.everest_ecdh.ctx,
-                                               buf, end) );
-#endif /* MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED */
-        case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0:
-            return( ecdh_import_public_raw( &ctx->ctx.mbed_ecdh,
-                                            buf, end ) );
-        default:
-            return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
-    }
-#endif /* MBEDTLS_ECDH_LEGACY_CONTEXT */
-}
+#endif /* MBEDTLS_ECDH_C */
 
 #endif /* MBEDTLS_SSL_TLS_C && MBEDTLS_SSL_PROTO_TLS1_3 */