@@ -1213,8 +1213,7 @@ static const byte derivedPskLabel[DERIVED_PSK_LABEL_SZ + 1] =
12131213 * (RFC 9258, Section 3.1). This core routine is independent of WOLFSSL state so
12141214 * it can be exercised directly with known-answer test vectors.
12151215 *
1216- * epsk/epskSz External PSK base key (or a pre-extracted PRK).
1217- * preExtracted Non-zero if epsk is already a PRK (skip HKDF-Extract).
1216+ * epsk/epskSz External PSK base key.
12181217 * importedIdentity Serialized ImportedIdentity (hashed as the context).
12191218 * importedIdentitySz Length of importedIdentity.
12201219 * importerHash Hash associated with the EPSK (e.g. WC_SHA256), used for
@@ -1231,10 +1230,9 @@ static const byte derivedPskLabel[DERIVED_PSK_LABEL_SZ + 1] =
12311230 * Returns 0 on success, otherwise a negative error.
12321231 */
12331232WOLFSSL_LOCAL int DeriveImportedPsk(const byte* epsk, word32 epskSz,
1234- int preExtracted, const byte* importedIdentity,
1235- word32 importedIdentitySz, int importerHash, byte targetKdfMac,
1236- byte protocolMinor, int isDtls, byte* out, word32* outSz,
1237- void* heap, int devId)
1233+ const byte* importedIdentity, word32 importedIdentitySz,
1234+ int importerHash, byte targetKdfMac, byte protocolMinor, int isDtls,
1235+ byte* out, word32* outSz, void* heap, int devId)
12381236{
12391237 int ret;
12401238 const byte* protocol;
@@ -1357,28 +1355,19 @@ WOLFSSL_LOCAL int DeriveImportedPsk(const byte* epsk, word32 epskSz,
13571355 /* okm holds ipskx; prk holds epskx. Both are dedicated buffers so the
13581356 * HKDF input may safely alias the output buffer. */
13591357 PRIVATE_KEY_UNLOCK();
1360- if (preExtracted) {
1361- /* The external PSK is already a pseudorandom key (the result of an
1362- * earlier HKDF-Extract), so derive ipskx directly with an
1363- * HKDF-Expand-Label. */
1364- ret = wc_HKDF_Expand_ex(importerHash, epsk, epskSz, hkdfLabel, idx,
1365- okm, outputLen, heap, devId);
1366- }
1367- else {
1368- /* epskx = HKDF-Extract(0, epsk) */
1369- #if !defined(HAVE_FIPS) || \
1370- (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(6,0))
1371- ret = wc_HKDF_Extract_ex(importerHash, NULL, 0, epsk, epskSz, prk,
1372- heap, devId);
1373- #else
1374- ret = wc_HKDF_Extract(importerHash, NULL, 0, epsk, epskSz, prk);
1375- #endif
1376- if (ret == 0) {
1377- /* ipskx = HKDF-Expand-Label(epskx, "derived psk",
1378- * Hash(ImportedIdentity), L) */
1379- ret = wc_HKDF_Expand_ex(importerHash, prk, (word32)hashSz,
1380- hkdfLabel, idx, okm, outputLen, heap, devId);
1381- }
1358+ /* epskx = HKDF-Extract(0, epsk) */
1359+ #if !defined(HAVE_FIPS) || \
1360+ (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(6,0))
1361+ ret = wc_HKDF_Extract_ex(importerHash, NULL, 0, epsk, epskSz, prk,
1362+ heap, devId);
1363+ #else
1364+ ret = wc_HKDF_Extract(importerHash, NULL, 0, epsk, epskSz, prk);
1365+ #endif
1366+ if (ret == 0) {
1367+ /* ipskx = HKDF-Expand-Label(epskx, "derived psk",
1368+ * Hash(ImportedIdentity), L) */
1369+ ret = wc_HKDF_Expand_ex(importerHash, prk, (word32)hashSz,
1370+ hkdfLabel, idx, okm, outputLen, heap, devId);
13821371 }
13831372 PRIVATE_KEY_LOCK();
13841373
@@ -1424,10 +1413,9 @@ static int DeriveImportedPreSharedKey(WOLFSSL* ssl, PreSharedKey* psk,
14241413
14251414 keySz = ssl->arrays->psk_keySz;
14261415 ret = DeriveImportedPsk(ssl->arrays->psk_key, ssl->arrays->psk_keySz,
1427- ssl->arrays->psk_externalKeyPreExtracted, psk->identity,
1428- psk->identityLen, importerHash, psk->hmac, ssl->version.minor,
1429- ssl->options.dtls, ssl->arrays->psk_key, &keySz, ssl->heap,
1430- ssl->devId);
1416+ psk->identity, psk->identityLen, importerHash, psk->hmac,
1417+ ssl->version.minor, ssl->options.dtls, ssl->arrays->psk_key, &keySz,
1418+ ssl->heap, ssl->devId);
14311419 if (ret == 0)
14321420 ssl->arrays->psk_keySz = keySz;
14331421
@@ -15833,29 +15821,6 @@ const char* wolfSSL_get_cipher_name_by_hash(WOLFSSL* ssl, const char* hash)
1583315821 }
1583415822 return name;
1583515823}
15836-
15837- #if defined(WOLFSSL_EXTERNAL_PSK_IMPORTER)
15838- /* Mark whether the external PSK provided by the importer callback is already a
15839- * pre-extracted pseudorandom key. When set, the imported-PSK derivation skips
15840- * the HKDF-Extract step (RFC 9258, Section 3.1).
15841- *
15842- * ssl The SSL/TLS object.
15843- * opt Non-zero to treat the external PSK as pre-extracted.
15844- * returns BAD_FUNC_ARG when ssl is NULL and 0 on success.
15845- */
15846- int wolfSSL_external_psk_pre_extracted(WOLFSSL* ssl, int opt)
15847- {
15848- if (ssl == NULL)
15849- return BAD_FUNC_ARG;
15850-
15851- if (opt)
15852- ssl->arrays->psk_externalKeyPreExtracted = 1;
15853- else
15854- ssl->arrays->psk_externalKeyPreExtracted = 0;
15855-
15856- return 0;
15857- }
15858- #endif /* WOLFSSL_EXTERNAL_PSK_IMPORTER */
1585915824#endif /* !NO_PSK */
1586015825
1586115826
0 commit comments