dtls.c: support longer PSK secrets.

Use DTLS_KEY_LENGTH for DTLS_PSK_MAX_KEY_LEN only as default. Signed-off-by: Achim Kraus <[email protected]>
eclipse · Nov 18, 2023 · a6412a3 · a6412a3
1 parent 897a60e
commit a6412a3
Show file tree

Hide file tree

Showing 3 changed files with 5 additions and 5 deletions.
diff --git a/crypto.h b/crypto.h
@@ -92,7 +92,9 @@ typedef struct {
 #endif /* DTLS_PSK_MAX_CLIENT_IDENTITY_LEN */
 
 /* This is the maximal supported length of the pre-shared key. */
+#ifndef DTLS_PSK_MAX_KEY_LEN
 #define DTLS_PSK_MAX_KEY_LEN DTLS_KEY_LENGTH
+#endif /* DTLS_PSK_MAX_KEY_LEN */
 
 typedef struct {
   uint16_t id_length;

diff --git a/dtls.c b/dtls.c
@@ -952,7 +952,7 @@ calculate_key_block(dtls_context_t *ctx,
 		    dtls_peer_type role) {
   (void) ctx;
   (void) session;
-  unsigned char *pre_master_secret;
+  unsigned char pre_master_secret[2 * (sizeof(uint16) + DTLS_PSK_MAX_KEY_LEN)];
   int pre_master_len = 0;
   dtls_security_parameters_t *security = dtls_security_params_next(peer);
   uint8 master_secret[DTLS_MASTER_SECRET_LENGTH];
@@ -962,7 +962,6 @@ calculate_key_block(dtls_context_t *ctx,
     return dtls_alert_fatal_create(DTLS_ALERT_INTERNAL_ERROR);
   }
 
-  pre_master_secret = security->key_block;
   switch (get_key_exchange_algorithm(handshake->cipher_index)) {
   case DTLS_KEY_EXCHANGE_PSK:
 #ifdef DTLS_PSK
@@ -978,10 +977,9 @@ calculate_key_block(dtls_context_t *ctx,
         dtls_crit("no psk key for session available\n");
         return len;
       }
-    /* Temporarily use the key_block storage space for the pre master secret. */
       pre_master_len = dtls_psk_pre_master_secret(psk, len,
                         pre_master_secret,
-                        MAX_KEYBLOCK_LENGTH);
+                        sizeof(pre_master_secret));
 
       dtls_debug_hexdump("psk", psk, len);
 

diff --git a/zephyr/CMakeLists.txt b/zephyr/CMakeLists.txt
@@ -39,7 +39,7 @@ if(CONFIG_LIBTINYDTLS)
     set(DTLS_ECC Off)
   endif()
   add_subdirectory(.. build)
-  target_compile_definitions(tinydtls PUBLIC WITH_ZEPHYR)
+  target_compile_definitions(tinydtls PUBLIC WITH_ZEPHYR DTLS_PSK_MAX_KEY_LEN=32 DTLS_PSK_MAX_CLIENT_IDENTITY_LEN=48)
   target_link_libraries(tinydtls PUBLIC zephyr_interface)
   set_property(GLOBAL APPEND PROPERTY ZEPHYR_INTERFACE_LIBS tinydtls)
 endif()