mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-12-02 02:34:23 +01:00
Merge branch 'etm' into dtls
* etm: Fix some more warnings in reduced configs Fix typo causing MSVC errors
This commit is contained in:
commit
0975ad928d
@ -1149,9 +1149,16 @@ static void ssl_mac( md_context_t *md_ctx, unsigned char *secret,
|
|||||||
#define MAC_PLAINTEXT 1
|
#define MAC_PLAINTEXT 1
|
||||||
#define MAC_CIPHERTEXT 2
|
#define MAC_CIPHERTEXT 2
|
||||||
|
|
||||||
|
#if defined(POLARSSL_ARC4_C) || defined(POLARSSL_CIPHER_NULL_CIPHER) || \
|
||||||
|
( defined(POLARSSL_CIPHER_MODE_CBC) && \
|
||||||
|
( defined(POLARSSL_AES_C) || defined(POLARSSL_CAMELLIA_C) ) )
|
||||||
|
#define POLARSSL_SOME_MODES_USE_MAC
|
||||||
|
#endif
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Is MAC applied on ciphertext, cleartext or not at all?
|
* Is MAC applied on ciphertext, cleartext or not at all?
|
||||||
*/
|
*/
|
||||||
|
#if defined(POLARSSL_SOME_MODES_USE_MAC)
|
||||||
static char ssl_get_mac_order( ssl_context *ssl,
|
static char ssl_get_mac_order( ssl_context *ssl,
|
||||||
const ssl_session *session,
|
const ssl_session *session,
|
||||||
cipher_mode_t mode )
|
cipher_mode_t mode )
|
||||||
@ -1171,19 +1178,21 @@ static char ssl_get_mac_order( ssl_context *ssl,
|
|||||||
SSL_DEBUG_MSG( 3, ( "using encrypt then mac" ) );
|
SSL_DEBUG_MSG( 3, ( "using encrypt then mac" ) );
|
||||||
return( MAC_CIPHERTEXT );
|
return( MAC_CIPHERTEXT );
|
||||||
}
|
}
|
||||||
|
#else
|
||||||
|
((void) ssl);
|
||||||
|
((void) session);
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
return( MAC_PLAINTEXT );
|
return( MAC_PLAINTEXT );
|
||||||
}
|
}
|
||||||
#endif
|
#else
|
||||||
|
|
||||||
/* Unused if AEAD is the only option */
|
|
||||||
((void) ssl);
|
((void) ssl);
|
||||||
((void) session);
|
((void) session);
|
||||||
((void) mode);
|
#endif
|
||||||
|
|
||||||
return( MAC_NONE );
|
return( MAC_NONE );
|
||||||
}
|
}
|
||||||
|
#endif /* POLARSSL_SOME_MODES_USE_MAC */
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Encryption/decryption functions
|
* Encryption/decryption functions
|
||||||
@ -1192,19 +1201,14 @@ static int ssl_encrypt_buf( ssl_context *ssl )
|
|||||||
{
|
{
|
||||||
const cipher_mode_t mode = cipher_get_cipher_mode(
|
const cipher_mode_t mode = cipher_get_cipher_mode(
|
||||||
&ssl->transform_out->cipher_ctx_enc );
|
&ssl->transform_out->cipher_ctx_enc );
|
||||||
char mac_order;
|
|
||||||
|
|
||||||
SSL_DEBUG_MSG( 2, ( "=> encrypt buf" ) );
|
SSL_DEBUG_MSG( 2, ( "=> encrypt buf" ) );
|
||||||
|
|
||||||
mac_order = ssl_get_mac_order( ssl, ssl->session_out, mode );
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Add MAC before if needed
|
* Add MAC before if needed
|
||||||
*/
|
*/
|
||||||
#if defined(POLARSSL_ARC4_C) || defined(POLARSSL_CIPHER_NULL_CIPHER) || \
|
#if defined(POLARSSL_SOME_MODES_USE_MAC)
|
||||||
( defined(POLARSSL_CIPHER_MODE_CBC) && \
|
if( ssl_get_mac_order( ssl, ssl->session_out, mode ) == MAC_PLAINTEXT )
|
||||||
( defined(POLARSSL_AES_C) || defined(POLARSSL_CAMELLIA_C) ) )
|
|
||||||
if( mac_order == MAC_PLAINTEXT )
|
|
||||||
{
|
{
|
||||||
#if defined(POLARSSL_SSL_PROTO_SSL3)
|
#if defined(POLARSSL_SSL_PROTO_SSL3)
|
||||||
if( ssl->minor_ver == SSL_MINOR_VERSION_0 )
|
if( ssl->minor_ver == SSL_MINOR_VERSION_0 )
|
||||||
@ -1442,7 +1446,7 @@ static int ssl_encrypt_buf( ssl_context *ssl )
|
|||||||
#endif
|
#endif
|
||||||
|
|
||||||
#if defined(POLARSSL_SSL_ENCRYPT_THEN_MAC)
|
#if defined(POLARSSL_SSL_ENCRYPT_THEN_MAC)
|
||||||
if( mac_order == MAC_CIPHERTEXT )
|
if( ssl_get_mac_order( ssl, ssl->session_out, mode ) == MAC_CIPHERTEXT )
|
||||||
{
|
{
|
||||||
/*
|
/*
|
||||||
* MAC(MAC_write_key, seq_num +
|
* MAC(MAC_write_key, seq_num +
|
||||||
@ -1492,12 +1496,9 @@ static int ssl_decrypt_buf( ssl_context *ssl )
|
|||||||
size_t i;
|
size_t i;
|
||||||
const cipher_mode_t mode = cipher_get_cipher_mode(
|
const cipher_mode_t mode = cipher_get_cipher_mode(
|
||||||
&ssl->transform_in->cipher_ctx_dec );
|
&ssl->transform_in->cipher_ctx_dec );
|
||||||
#if defined(POLARSSL_ARC4_C) || defined(POLARSSL_CIPHER_NULL_CIPHER) || \
|
#if defined(POLARSSL_SOME_MODES_USE_MAC)
|
||||||
( defined(POLARSSL_CIPHER_MODE_CBC) && \
|
|
||||||
( defined(POLARSSL_AES_C) || defined(POLARSSL_CAMELLIA_C) ) )
|
|
||||||
size_t padlen = 0, correct = 1;
|
size_t padlen = 0, correct = 1;
|
||||||
#endif
|
#endif
|
||||||
char mac_order;
|
|
||||||
|
|
||||||
SSL_DEBUG_MSG( 2, ( "=> decrypt buf" ) );
|
SSL_DEBUG_MSG( 2, ( "=> decrypt buf" ) );
|
||||||
|
|
||||||
@ -1508,8 +1509,6 @@ static int ssl_decrypt_buf( ssl_context *ssl )
|
|||||||
return( POLARSSL_ERR_SSL_INVALID_MAC );
|
return( POLARSSL_ERR_SSL_INVALID_MAC );
|
||||||
}
|
}
|
||||||
|
|
||||||
mac_order = ssl_get_mac_order( ssl, ssl->session_in, mode );
|
|
||||||
|
|
||||||
#if defined(POLARSSL_ARC4_C) || defined(POLARSSL_CIPHER_NULL_CIPHER)
|
#if defined(POLARSSL_ARC4_C) || defined(POLARSSL_CIPHER_NULL_CIPHER)
|
||||||
if( mode == POLARSSL_MODE_STREAM )
|
if( mode == POLARSSL_MODE_STREAM )
|
||||||
{
|
{
|
||||||
@ -1648,7 +1647,7 @@ static int ssl_decrypt_buf( ssl_context *ssl )
|
|||||||
* Authenticate before decrypt if enabled
|
* Authenticate before decrypt if enabled
|
||||||
*/
|
*/
|
||||||
#if defined(POLARSSL_SSL_ENCRYPT_THEN_MAC)
|
#if defined(POLARSSL_SSL_ENCRYPT_THEN_MAC)
|
||||||
if( mac_order == MAC_CIPHERTEXT )
|
if( ssl_get_mac_order( ssl, ssl->session_in, mode ) == MAC_CIPHERTEXT )
|
||||||
{
|
{
|
||||||
unsigned char computed_mac[POLARSSL_SSL_MAX_MAC_SIZE];
|
unsigned char computed_mac[POLARSSL_SSL_MAX_MAC_SIZE];
|
||||||
unsigned char pseudo_hdr[13];
|
unsigned char pseudo_hdr[13];
|
||||||
@ -1739,7 +1738,7 @@ static int ssl_decrypt_buf( ssl_context *ssl )
|
|||||||
padlen = 1 + ssl->in_msg[ssl->in_msglen - 1];
|
padlen = 1 + ssl->in_msg[ssl->in_msglen - 1];
|
||||||
|
|
||||||
if( ssl->in_msglen < ssl->transform_in->maclen + padlen &&
|
if( ssl->in_msglen < ssl->transform_in->maclen + padlen &&
|
||||||
mac_order == MAC_PLAINTEXT )
|
ssl_get_mac_order( ssl, ssl->session_in, mode ) == MAC_PLAINTEXT )
|
||||||
{
|
{
|
||||||
#if defined(POLARSSL_SSL_DEBUG_ALL)
|
#if defined(POLARSSL_SSL_DEBUG_ALL)
|
||||||
SSL_DEBUG_MSG( 1, ( "msglen (%d) < maclen (%d) + padlen (%d)",
|
SSL_DEBUG_MSG( 1, ( "msglen (%d) < maclen (%d) + padlen (%d)",
|
||||||
@ -1834,7 +1833,7 @@ static int ssl_decrypt_buf( ssl_context *ssl )
|
|||||||
#if defined(POLARSSL_ARC4_C) || defined(POLARSSL_CIPHER_NULL_CIPHER) || \
|
#if defined(POLARSSL_ARC4_C) || defined(POLARSSL_CIPHER_NULL_CIPHER) || \
|
||||||
( defined(POLARSSL_CIPHER_MODE_CBC) && \
|
( defined(POLARSSL_CIPHER_MODE_CBC) && \
|
||||||
( defined(POLARSSL_AES_C) || defined(POLARSSL_CAMELLIA_C) ) )
|
( defined(POLARSSL_AES_C) || defined(POLARSSL_CAMELLIA_C) ) )
|
||||||
if( mac_order == MAC_PLAINTEXT )
|
if( ssl_get_mac_order( ssl, ssl->session_in, mode ) == MAC_PLAINTEXT )
|
||||||
{
|
{
|
||||||
unsigned char tmp[POLARSSL_SSL_MAX_MAC_SIZE];
|
unsigned char tmp[POLARSSL_SSL_MAX_MAC_SIZE];
|
||||||
|
|
||||||
|
@ -147,7 +147,7 @@ struct options
|
|||||||
uint32_t hs_to_max; /* Max value of DTLS handshake timer */
|
uint32_t hs_to_max; /* Max value of DTLS handshake timer */
|
||||||
int fallback; /* is this a fallback connection? */
|
int fallback; /* is this a fallback connection? */
|
||||||
char extended_ms; /* negotiate extended master secret? */
|
char extended_ms; /* negotiate extended master secret? */
|
||||||
char etm; ; /* negotiate encrypt then mac? ? */
|
char etm; /* negotiate encrypt then mac? ? */
|
||||||
} opt;
|
} opt;
|
||||||
|
|
||||||
static void my_debug( void *ctx, int level, const char *str )
|
static void my_debug( void *ctx, int level, const char *str )
|
||||||
|
Loading…
Reference in New Issue
Block a user