#ifndef COSMOPOLITAN_THIRD_PARTY_MBEDTLS_SSL_TLS13_KEYS_H_ #define COSMOPOLITAN_THIRD_PARTY_MBEDTLS_SSL_TLS13_KEYS_H_ #include "third_party/mbedtls/md.h" #include "third_party/mbedtls/ssl_internal.h" COSMOPOLITAN_C_START_ #define MBEDTLS_SSL_TLS1_3_CONTEXT_UNHASHED 0 #define MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED 1 /* The maximum length of HKDF contexts used in the TLS 1.3 standard. * Since contexts are always hashes of message transcripts, this can * be approximated from above by the maximum hash size. */ #define MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_CONTEXT_LEN MBEDTLS_MD_MAX_SIZE /* Maximum desired length for expanded key material generated * by HKDF-Expand-Label. * * Warning: If this ever needs to be increased, the implementation * ssl_tls1_3_hkdf_encode_label() in ssl_tls13_keys.c needs to be * adjusted since it currently assumes that HKDF key expansion * is never used with more than 255 Bytes of output. */ #define MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_EXPANSION_LEN 255 /* This requires MBEDTLS_SSL_TLS1_3_LABEL( idx, name, string ) to be defined at * the point of use. See e.g. the definition of mbedtls_ssl_tls1_3_labels_union * below. */ #define MBEDTLS_SSL_TLS1_3_LABEL_LIST \ MBEDTLS_SSL_TLS1_3_LABEL(finished, "finished") \ MBEDTLS_SSL_TLS1_3_LABEL(resumption, "resumption") \ MBEDTLS_SSL_TLS1_3_LABEL(traffic_upd, "traffic upd") \ MBEDTLS_SSL_TLS1_3_LABEL(exporter, "exporter") \ MBEDTLS_SSL_TLS1_3_LABEL(key, "key") \ MBEDTLS_SSL_TLS1_3_LABEL(iv, "iv") \ MBEDTLS_SSL_TLS1_3_LABEL(c_hs_traffic, "c hs traffic") \ MBEDTLS_SSL_TLS1_3_LABEL(c_ap_traffic, "c ap traffic") \ MBEDTLS_SSL_TLS1_3_LABEL(c_e_traffic, "c e traffic") \ MBEDTLS_SSL_TLS1_3_LABEL(s_hs_traffic, "s hs traffic") \ MBEDTLS_SSL_TLS1_3_LABEL(s_ap_traffic, "s ap traffic") \ MBEDTLS_SSL_TLS1_3_LABEL(s_e_traffic, "s e traffic") \ MBEDTLS_SSL_TLS1_3_LABEL(e_exp_master, "e exp master") \ MBEDTLS_SSL_TLS1_3_LABEL(res_master, "res master") \ MBEDTLS_SSL_TLS1_3_LABEL(exp_master, "exp master") \ MBEDTLS_SSL_TLS1_3_LABEL(ext_binder, "ext binder") \ MBEDTLS_SSL_TLS1_3_LABEL(res_binder, "res binder") \ MBEDTLS_SSL_TLS1_3_LABEL(derived, "derived") #define MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN(LABEL) \ mbedtls_ssl_tls1_3_labels.LABEL, sizeof(mbedtls_ssl_tls1_3_labels.LABEL) #define MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_LABEL_LEN \ sizeof(union mbedtls_ssl_tls1_3_labels_union) #define MBEDTLS_SSL_TLS1_3_LABEL(name, string) \ const unsigned char name[sizeof(string) - 1]; union mbedtls_ssl_tls1_3_labels_union { MBEDTLS_SSL_TLS1_3_LABEL_LIST }; struct mbedtls_ssl_tls1_3_labels_struct { MBEDTLS_SSL_TLS1_3_LABEL_LIST }; #undef MBEDTLS_SSL_TLS1_3_LABEL extern const struct mbedtls_ssl_tls1_3_labels_struct mbedtls_ssl_tls1_3_labels; int mbedtls_ssl_tls1_3_hkdf_expand_label(mbedtls_md_type_t, const unsigned char *, size_t, const unsigned char *, size_t, const unsigned char *, size_t, unsigned char *, size_t); int mbedtls_ssl_tls1_3_make_traffic_keys(mbedtls_md_type_t, const unsigned char *, const unsigned char *, size_t, size_t, size_t, mbedtls_ssl_key_set *); int mbedtls_ssl_tls1_3_derive_secret(mbedtls_md_type_t, const unsigned char *, size_t, const unsigned char *, size_t, const unsigned char *, size_t, int, unsigned char *, size_t); int mbedtls_ssl_tls1_3_evolve_secret(mbedtls_md_type_t, const unsigned char *, const unsigned char *, size_t, unsigned char *); COSMOPOLITAN_C_END_ #endif /* COSMOPOLITAN_THIRD_PARTY_MBEDTLS_SSL_TLS13_KEYS_H_ */