fix compile fails with MBEDTLS_SSL_PROTO_*

It depends on MBEDTLS_SSL_PROTO_* .
Compile Status : PASS
Test Status : Fail
issues: #15

Change-Id: I4309976339e4272f297950f9a904d69245c0ea20
CustomizedGitHooks: yes
Signed-off-by: Jerry Yu <[email protected]>

include/mbedtls/config.h

@@ -1992,7 +1992,8 @@
  *
  * Comment this macro to disable support for key export
  */
-#define MBEDTLS_SSL_EXPORT_KEYS
+//#define MBEDTLS_SSL_EXPORT_KEYS // TODO: Disable it due to compile fail
+
 
 
 /**

include/mbedtls/ssl.h

@@ -2774,7 +2774,7 @@ void mbedtls_ssl_conf_cookies(mbedtls_ssl_config* conf,
     mbedtls_ssl_cookie_check_t* f_cookie_check,
     void* p_cookie,
     unsigned int rr_conf);
-#else
+#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
 /**
  * \brief           Register callbacks for DTLS cookies
  *                  (Server only. DTLS only.)
@@ -2807,7 +2807,7 @@ void mbedtls_ssl_conf_dtls_cookies( mbedtls_ssl_config *conf,
                            mbedtls_ssl_cookie_write_t *f_cookie_write,
                            mbedtls_ssl_cookie_check_t *f_cookie_check,
                            void *p_cookie );
-#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
+
 
 /**
  * \brief          Set client's transport-level identification info.

include/mbedtls/ssl_internal.h

@@ -685,7 +685,7 @@ struct mbedtls_ssl_handshake_params
 #endif
 #endif /* MBEDTLS_SSL_PROTO_TLS1_2 || MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
 
-#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
+#if 0
     void (*update_checksum)(mbedtls_ssl_context*, const unsigned char*, size_t);
     int (*calc_verify)(mbedtls_ssl_context*, unsigned char*, int);
     int(*calc_finished)(mbedtls_ssl_context*, unsigned char*, int);
@@ -839,12 +839,10 @@ struct mbedtls_ssl_handshake_params
     int early_data;
 #endif /* MBEDTLS_ZERO_RTT */
 
-#else
-    size_t pmslen;                      /*!<  premaster length        */
-
-    unsigned char premaster[MBEDTLS_PREMASTER_SIZE];
-    /*!<  premaster secret        */
 #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
+    size_t pmslen;                                          /*!<  premaster length        */
+    unsigned char premaster[MBEDTLS_PREMASTER_SIZE];        /*!<  premaster secret        */
+
 
 
     int resume;                         /*!<  session resume indicator*/
@@ -1172,6 +1170,7 @@ int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl );
 int mbedtls_ssl_handshake_client_step_tls1_3( mbedtls_ssl_context *ssl );
 int mbedtls_ssl_handshake_server_step_tls1_3( mbedtls_ssl_context *ssl );
 void mbedtls_ssl_handshake_wrapup( mbedtls_ssl_context *ssl );
+void mbedtls_ssl_handshake_wrapup_tls13( mbedtls_ssl_context *ssl );
 
 int mbedtls_ssl_handle_pending_alert( mbedtls_ssl_context *ssl );
 
@@ -1282,25 +1281,24 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl, uint8_t force_flush );
 #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
 int mbedtls_ssl_read_certificate_process(mbedtls_ssl_context* ssl);
 int mbedtls_ssl_write_certificate_process(mbedtls_ssl_context* ssl);
-#else
+#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
 int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl );
 int mbedtls_ssl_write_certificate( mbedtls_ssl_context *ssl );
-#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
+
 
 #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) && defined(MBEDTLS_SSL_TLS13_COMPATIBILITY_MODE)
 int mbedtls_ssl_write_change_cipher_spec_process( mbedtls_ssl_context* ssl );
-#else
+#endif  /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL && MBEDTLS_SSL_TLS13_COMPATIBILITY_MODE */
 int mbedtls_ssl_parse_change_cipher_spec( mbedtls_ssl_context *ssl );
 int mbedtls_ssl_write_change_cipher_spec( mbedtls_ssl_context *ssl );
-#endif  /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL && MBEDTLS_SSL_TLS13_COMPATIBILITY_MODE */
 
 #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
 int mbedtls_ssl_finished_in_process( mbedtls_ssl_context* ssl );
 int mbedtls_ssl_finished_out_process( mbedtls_ssl_context* ssl );
-#else
+#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
 int mbedtls_ssl_parse_finished( mbedtls_ssl_context *ssl );
 int mbedtls_ssl_write_finished( mbedtls_ssl_context *ssl );
-#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
+
 
 #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
 int mbedtls_ssl_new_session_ticket_process(mbedtls_ssl_context* ssl);
@@ -1666,16 +1664,15 @@ static inline mbedtls_x509_crt *mbedtls_ssl_own_cert( mbedtls_ssl_context *ssl )
  */
 
 #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
-int mbedtls_ssl_check_cert_usage(const mbedtls_x509_crt* cert,
+int mbedtls_ssl_check_cert_usage_tls13(const mbedtls_x509_crt* cert,
     const mbedtls_key_exchange_type_t key_exchange,
     int cert_endpoint,
     uint32_t* flags);
-#else
+#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
 int mbedtls_ssl_check_cert_usage( const mbedtls_x509_crt *cert,
                           const mbedtls_ssl_ciphersuite_t *ciphersuite,
                           int cert_endpoint,
                           uint32_t *flags );
-#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
 
 #endif /* MBEDTLS_X509_CRT_PARSE_C */
 

library/ssl_msg.c

@@ -412,7 +412,8 @@ static int ssl_parse_inner_plaintext( unsigned char const *content,
 
 /* `add_data` must have size 13 Bytes if the CID extension is disabled,
  * and 13 + 1 + CID-length Bytes if the CID extension is enabled. */
-static void ssl_extract_add_data_from_record( unsigned char* add_data,
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
+static void ssl_extract_add_data_from_record_tls1_3( unsigned char* add_data,
                                               size_t *add_data_len,
                                               mbedtls_record *rec,
                                               unsigned minor_ver,
@@ -453,7 +454,6 @@ static void ssl_extract_add_data_from_record( unsigned char* add_data,
     unsigned char *cur = add_data;
     size_t ad_len_field = rec->data_len;
 
-#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
     if( minor_ver == MBEDTLS_SSL_MINOR_VERSION_4 )
     {
         /* In TLS 1.3, the AAD contains the length of the TLSCiphertext,
@@ -462,7 +462,7 @@ static void ssl_extract_add_data_from_record( unsigned char* add_data,
         ad_len_field += taglen;
     }
     else
-#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
+
     {
         ((void) minor_ver);
         ((void) taglen);
@@ -499,6 +499,82 @@ static void ssl_extract_add_data_from_record( unsigned char* add_data,
 
     *add_data_len = cur - add_data;
 }
+#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
+static void ssl_extract_add_data_from_record( unsigned char* add_data,
+                                              size_t *add_data_len,
+                                              mbedtls_record *rec,
+                                              unsigned minor_ver)
+{
+    /* Quoting RFC 5246 (TLS 1.2):
+     *
+     *    additional_data = seq_num + TLSCompressed.type +
+     *                      TLSCompressed.version + TLSCompressed.length;
+     *
+     * For the CID extension, this is extended as follows
+     * (quoting draft-ietf-tls-dtls-connection-id-05,
+     *  https://tools.ietf.org/html/draft-ietf-tls-dtls-connection-id-05):
+     *
+     *       additional_data = seq_num + DTLSPlaintext.type +
+     *                         DTLSPlaintext.version +
+     *                         cid +
+     *                         cid_length +
+     *                         length_of_DTLSInnerPlaintext;
+     *
+     * For TLS 1.3, the record sequence number is dropped from the AAD
+     * and encoded within the nonce of the AEAD operation instead.
+     * Moreover, the additional data involves the length of the TLS
+     * ciphertext, not the TLS plaintext as in earlier versions.
+     * Quoting RFC 8446 (TLS 1.3):
+     *
+     *      additional_data = TLSCiphertext.opaque_type ||
+     *                        TLSCiphertext.legacy_record_version ||
+     *                        TLSCiphertext.length
+     *
+     * We pass the tag length to this function in order to compute the
+     * ciphertext length from the inner plaintext length rec->data_len via
+     *
+     *     TLSCiphertext.length = TLSInnerPlaintext.length + taglen.
+     *
+     */
+
+    unsigned char *cur = add_data;
+    size_t ad_len_field = rec->data_len;
+
+
+    ((void) minor_ver);
+    memcpy( cur, rec->ctr, sizeof( rec->ctr ) );
+    cur += sizeof( rec->ctr );
+
+    *cur = rec->type;
+    cur++;
+
+    memcpy( cur, rec->ver, sizeof( rec->ver ) );
+    cur += sizeof( rec->ver );
+
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+    if( rec->cid_len != 0 )
+    {
+        memcpy( cur, rec->cid, rec->cid_len );
+        cur += rec->cid_len;
+
+        *cur = rec->cid_len;
+        cur++;
+
+        cur[0] = ( ad_len_field >> 8 ) & 0xFF;
+        cur[1] = ( ad_len_field >> 0 ) & 0xFF;
+        cur += 2;
+    }
+    else
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+    {
+        cur[0] = ( ad_len_field >> 8 ) & 0xFF;
+        cur[1] = ( ad_len_field >> 0 ) & 0xFF;
+        cur += 2;
+    }
+
+    *add_data_len = cur - add_data;
+}
+
 
 #if defined(MBEDTLS_SSL_PROTO_SSL3)
 
@@ -998,10 +1074,14 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl,
          * Build additional data for AEAD encryption.
          * This depends on the TLS version.
          */
-        ssl_extract_add_data_from_record( add_data, &add_data_len, rec,
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
+        ssl_extract_add_data_from_record_tls1_3( add_data, &add_data_len, rec,
                                           transform->minor_ver,
                                           transform->taglen );
-
+#else
+        ssl_extract_add_data_from_record( add_data, &add_data_len, rec,
+                                          transform->minor_ver);
+#endif
         MBEDTLS_SSL_DEBUG_BUF( 4, "IV used (internal)",
                                iv, transform->ivlen );
         MBEDTLS_SSL_DEBUG_BUF( 4, "IV used (transmitted)",
@@ -1573,9 +1653,14 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl,
         }
 
         rec->data_len -= transform->taglen;
-        ssl_extract_add_data_from_record( add_data, &add_data_len, rec,
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
+        ssl_extract_add_data_from_record_tls1_3( add_data, &add_data_len, rec,
                                           transform->minor_ver,
                                           transform->taglen );
+#else
+        ssl_extract_add_data_from_record( add_data, &add_data_len, rec,
+                                          transform->minor_ver);
+#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
         MBEDTLS_SSL_DEBUG_BUF( 4, "additional data used for AEAD",
                                add_data, add_data_len );
 
@@ -2792,6 +2877,12 @@ void mbedtls_ssl_recv_flight_completed( mbedtls_ssl_context *ssl )
         ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_PREPARING;
 }
 
+static void ssl_reset_retransmit_timeout( mbedtls_ssl_context *ssl )
+{
+    ssl->handshake->retransmit_timeout = ssl->conf->hs_timeout_min;
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "update timeout value to %lu millisecs",
+                        (unsigned long) ssl->handshake->retransmit_timeout ) );
+}
 /*
  * To be called when the last message of an outgoing flight is send.
  */
@@ -5854,7 +5945,7 @@ static int ssl_handle_hs_message_post_handshake_tls12( mbedtls_ssl_context *ssl
      * - For server-side, expect CLIENT_HELLO.
      * - Fail (TLS) or silently drop record (DTLS) in other cases.
      */
-
+    int ret; // TODO: optimizied later base on SSL options
 #if defined(MBEDTLS_SSL_CLI_C)
     if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT &&
         ( ssl->in_msg[0] != MBEDTLS_SSL_HS_HELLO_REQUEST ||