Restructure incoming CliKeyExch: Move key derivation code This commit moves the generation of the master secret and session keys from the premaster secret (done in mbedtlsssl_derive_keys()) from the previous ClientKeyExchange parsing function ssl_parse_client_key_exchange() to the new postprocessing function ssl_client_key_exchange_postprocess().

commit: dc8bfb9001bd0b1acacaf80eeaf17c44d6d66773 [log] [tgz]
author: Hanno Becker <hanno.becker@arm.com> Mon May 21 17:24:27 2018 +0100
committer: Hanno Becker <hanno.becker@arm.com> Mon Aug 12 17:05:03 2019 +0100
tree: 73b4203aea000cc0107266554468e98ae664876b
parent: 7ec345d95f0babf84292aa72b11b80536339f090 [diff] [blame]
diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index 5f10e24..5737411 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c

@@ -4109,6 +4109,14 @@
 /* Update the handshake state */
 static int ssl_client_key_exchange_postprocess( mbedtls_ssl_context *ssl )
 {
+    int ret;
+
+    if( ( ret = mbedtls_ssl_derive_keys( ssl ) ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_derive_keys", ret );
+        return( ret );
+    }
+
     ssl->state = MBEDTLS_SSL_CERTIFICATE_VERIFY;
     return( 0 );
 }
@@ -4400,11 +4408,11 @@
         return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
     }
 
-    if( ( ret = mbedtls_ssl_derive_keys( ssl ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_derive_keys", ret );
-        return( ret );
-    }
+    /* if( ( ret = mbedtls_ssl_derive_keys( ssl ) ) != 0 ) */
+    /* { */
+    /*     MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_derive_keys", ret ); */
+    /*     return( ret ); */
+    /* } */
 
     ssl->state++;
commit	dc8bfb9001bd0b1acacaf80eeaf17c44d6d66773	[log] [tgz]
author	Hanno Becker <hanno.becker@arm.com>	Mon May 21 17:24:27 2018 +0100
committer	Hanno Becker <hanno.becker@arm.com>	Mon Aug 12 17:05:03 2019 +0100
tree	73b4203aea000cc0107266554468e98ae664876b
parent	7ec345d95f0babf84292aa72b11b80536339f090 [diff] [blame]