1 /**************************************************************************/
2 /* */
3 /* Copyright (c) Microsoft Corporation. All rights reserved. */
4 /* */
5 /* This software is licensed under the Microsoft Software License */
6 /* Terms for Microsoft Azure RTOS. Full text of the license can be */
7 /* found in the LICENSE file at https://aka.ms/AzureRTOS_EULA */
8 /* and in the root directory of this software. */
9 /* */
10 /**************************************************************************/
11
12
13 /**************************************************************************/
14 /**************************************************************************/
15 /** */
16 /** NetX Secure Component */
17 /** */
18 /** Transport Layer Security (TLS) */
19 /** */
20 /**************************************************************************/
21 /**************************************************************************/
22
23 #define NX_SECURE_SOURCE_CODE
24
25 #include "nx_secure_tls.h"
26
27 /**************************************************************************/
28 /* */
29 /* FUNCTION RELEASE */
30 /* */
31 /* _nx_secure_tls_generate_premaster_secret PORTABLE C */
32 /* 6.2.0 */
33 /* AUTHOR */
34 /* */
35 /* Timothy Stapko, Microsoft Corporation */
36 /* */
37 /* DESCRIPTION */
38 /* */
39 /* This function generates the Pre-Master Secret for TLS Client */
40 /* instances. It is sent to the remote host and used as the seed for */
41 /* session key generation. */
42 /* */
43 /* INPUT */
44 /* */
45 /* tls_session TLS control block */
46 /* id TLS or DTLS */
47 /* */
48 /* OUTPUT */
49 /* */
50 /* status Completion status */
51 /* */
52 /* CALLS */
53 /* */
54 /* _nx_secure_tls_protocol_version_get Get current TLS version to use*/
55 /* [nx_secure_generate_premaster_secret] Generate pre-master secret */
56 /* */
57 /* CALLED BY */
58 /* */
59 /* _nx_secure_dtls_client_handshake DTLS client state machine */
60 /* _nx_secure_tls_client_handshake TLS client state machine */
61 /* _nx_secure_tls_process_client_key_exchange */
62 /* Process ClientKeyExchange */
63 /* */
64 /* RELEASE HISTORY */
65 /* */
66 /* DATE NAME DESCRIPTION */
67 /* */
68 /* 05-19-2020 Timothy Stapko Initial Version 6.0 */
69 /* 09-30-2020 Timothy Stapko Modified comment(s), update */
70 /* ECC find curve method, */
71 /* verified memcpy use cases, */
72 /* resulting in version 6.1 */
73 /* 04-25-2022 Yuxin Zhou Modified comment(s), removed */
74 /* internal unreachable logic, */
75 /* resulting in version 6.1.11 */
76 /* 10-31-2022 Yanwu Cai Modified comment(s), added */
77 /* custom secret generation, */
78 /* resulting in version 6.2.0 */
79 /* */
80 /**************************************************************************/
_nx_secure_tls_generate_premaster_secret(NX_SECURE_TLS_SESSION * tls_session,UINT id)81 UINT _nx_secure_tls_generate_premaster_secret(NX_SECURE_TLS_SESSION *tls_session, UINT id)
82 {
83 UINT status;
84 USHORT protocol_version;
85
86 if (tls_session -> nx_secure_tls_session_ciphersuite == NX_NULL)
87 {
88
89 /* Likely internal error since at this point ciphersuite negotiation was theoretically completed. */
90 return(NX_SECURE_TLS_UNKNOWN_CIPHERSUITE);
91 }
92
93 _nx_secure_tls_protocol_version_get(tls_session, &protocol_version, id);
94
95 #ifdef NX_SECURE_ENABLE_ECC_CIPHERSUITE
96 status = tls_session -> nx_secure_generate_premaster_secret(tls_session -> nx_secure_tls_session_ciphersuite, protocol_version,
97 &tls_session -> nx_secure_tls_key_material, &tls_session -> nx_secure_tls_credentials,
98 tls_session -> nx_secure_tls_socket_type,
99 &tls_session -> nx_secure_tls_received_remote_credentials, tls_session -> nx_secure_public_cipher_metadata_area,
100 tls_session -> nx_secure_public_cipher_metadata_size, &tls_session -> nx_secure_tls_ecc);
101 #else
102 status = tls_session -> nx_secure_generate_premaster_secret(tls_session -> nx_secure_tls_session_ciphersuite, protocol_version,
103 &tls_session -> nx_secure_tls_key_material, &tls_session -> nx_secure_tls_credentials,
104 tls_session -> nx_secure_tls_socket_type,
105 &tls_session -> nx_secure_tls_received_remote_credentials, tls_session -> nx_secure_public_cipher_metadata_area,
106 tls_session -> nx_secure_public_cipher_metadata_size, NX_NULL);
107
108 #endif
109
110 return(status);
111 }
112
113
