mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-22 11:35:44 +01:00
Create ssl_internal.h and move some functions
This commit is contained in:
parent
50518f4195
commit
5e94ddebbc
@ -2425,144 +2425,6 @@ void mbedtls_ssl_transform_free( mbedtls_ssl_transform *transform );
|
||||
*/
|
||||
void mbedtls_ssl_handshake_free( mbedtls_ssl_handshake_params *handshake );
|
||||
|
||||
/*
|
||||
* Internal functions (do not call directly)
|
||||
*/
|
||||
int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl );
|
||||
int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl );
|
||||
void mbedtls_ssl_handshake_wrapup( mbedtls_ssl_context *ssl );
|
||||
|
||||
int mbedtls_ssl_send_fatal_handshake_failure( mbedtls_ssl_context *ssl );
|
||||
|
||||
void mbedtls_ssl_reset_checksum( mbedtls_ssl_context *ssl );
|
||||
int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl );
|
||||
|
||||
int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl );
|
||||
int mbedtls_ssl_fetch_input( mbedtls_ssl_context *ssl, size_t nb_want );
|
||||
|
||||
int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl );
|
||||
int mbedtls_ssl_flush_output( mbedtls_ssl_context *ssl );
|
||||
|
||||
int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl );
|
||||
int mbedtls_ssl_write_certificate( mbedtls_ssl_context *ssl );
|
||||
|
||||
int mbedtls_ssl_parse_change_cipher_spec( mbedtls_ssl_context *ssl );
|
||||
int mbedtls_ssl_write_change_cipher_spec( mbedtls_ssl_context *ssl );
|
||||
|
||||
int mbedtls_ssl_parse_finished( mbedtls_ssl_context *ssl );
|
||||
int mbedtls_ssl_write_finished( mbedtls_ssl_context *ssl );
|
||||
|
||||
void mbedtls_ssl_optimize_checksum( mbedtls_ssl_context *ssl,
|
||||
const mbedtls_ssl_ciphersuite_t *ciphersuite_info );
|
||||
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
|
||||
int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exchange_type_t key_ex );
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_PK_C)
|
||||
unsigned char mbedtls_ssl_sig_from_pk( mbedtls_pk_context *pk );
|
||||
mbedtls_pk_type_t mbedtls_ssl_pk_alg_from_sig( unsigned char sig );
|
||||
#endif
|
||||
|
||||
mbedtls_md_type_t mbedtls_ssl_md_alg_from_hash( unsigned char hash );
|
||||
|
||||
#if defined(MBEDTLS_SSL_SET_CURVES)
|
||||
int mbedtls_ssl_curve_is_acceptable( const mbedtls_ssl_context *ssl, mbedtls_ecp_group_id grp_id );
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_X509_CRT_PARSE_C)
|
||||
static inline mbedtls_pk_context *mbedtls_ssl_own_key( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
mbedtls_ssl_key_cert *key_cert;
|
||||
|
||||
if( ssl->handshake != NULL && ssl->handshake->key_cert != NULL )
|
||||
key_cert = ssl->handshake->key_cert;
|
||||
else
|
||||
key_cert = ssl->conf->key_cert;
|
||||
|
||||
return( key_cert == NULL ? NULL : key_cert->key );
|
||||
}
|
||||
|
||||
static inline mbedtls_x509_crt *mbedtls_ssl_own_cert( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
mbedtls_ssl_key_cert *key_cert;
|
||||
|
||||
if( ssl->handshake != NULL && ssl->handshake->key_cert != NULL )
|
||||
key_cert = ssl->handshake->key_cert;
|
||||
else
|
||||
key_cert = ssl->conf->key_cert;
|
||||
|
||||
return( key_cert == NULL ? NULL : key_cert->cert );
|
||||
}
|
||||
|
||||
/*
|
||||
* Check usage of a certificate wrt extensions:
|
||||
* keyUsage, extendedKeyUsage (later), and nSCertType (later).
|
||||
*
|
||||
* Warning: cert_endpoint is the endpoint of the cert (ie, of our peer when we
|
||||
* check a cert we received from them)!
|
||||
*
|
||||
* Return 0 if everything is OK, -1 if not.
|
||||
*/
|
||||
int mbedtls_ssl_check_cert_usage( const mbedtls_x509_crt *cert,
|
||||
const mbedtls_ssl_ciphersuite_t *ciphersuite,
|
||||
int cert_endpoint,
|
||||
uint32_t *flags );
|
||||
#endif /* MBEDTLS_X509_CRT_PARSE_C */
|
||||
|
||||
void mbedtls_ssl_write_version( int major, int minor, int transport,
|
||||
unsigned char ver[2] );
|
||||
void mbedtls_ssl_read_version( int *major, int *minor, int transport,
|
||||
const unsigned char ver[2] );
|
||||
|
||||
static inline size_t mbedtls_ssl_hdr_len( const mbedtls_ssl_context *ssl )
|
||||
{
|
||||
#if defined(MBEDTLS_SSL_PROTO_DTLS)
|
||||
if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
|
||||
return( 13 );
|
||||
#else
|
||||
((void) ssl);
|
||||
#endif
|
||||
return( 5 );
|
||||
}
|
||||
|
||||
static inline size_t mbedtls_ssl_hs_hdr_len( const mbedtls_ssl_context *ssl )
|
||||
{
|
||||
#if defined(MBEDTLS_SSL_PROTO_DTLS)
|
||||
if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
|
||||
return( 12 );
|
||||
#else
|
||||
((void) ssl);
|
||||
#endif
|
||||
return( 4 );
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_SSL_PROTO_DTLS)
|
||||
void mbedtls_ssl_send_flight_completed( mbedtls_ssl_context *ssl );
|
||||
void mbedtls_ssl_recv_flight_completed( mbedtls_ssl_context *ssl );
|
||||
int mbedtls_ssl_resend( mbedtls_ssl_context *ssl );
|
||||
#endif
|
||||
|
||||
/* Visible for testing purposes only */
|
||||
#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
|
||||
int mbedtls_ssl_dtls_replay_check( mbedtls_ssl_context *ssl );
|
||||
void mbedtls_ssl_dtls_replay_update( mbedtls_ssl_context *ssl );
|
||||
#endif
|
||||
|
||||
/* constant-time buffer comparison */
|
||||
static inline int mbedtls_ssl_safer_memcmp( const void *a, const void *b, size_t n )
|
||||
{
|
||||
size_t i;
|
||||
const unsigned char *A = (const unsigned char *) a;
|
||||
const unsigned char *B = (const unsigned char *) b;
|
||||
unsigned char diff = 0;
|
||||
|
||||
for( i = 0; i < n; i++ )
|
||||
diff |= A[i] ^ B[i];
|
||||
|
||||
return( diff );
|
||||
}
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
172
include/mbedtls/ssl_internal.h
Normal file
172
include/mbedtls/ssl_internal.h
Normal file
@ -0,0 +1,172 @@
|
||||
/**
|
||||
* \file ssl_ticket.h
|
||||
*
|
||||
* \brief Internal functions shared by the SSL modules
|
||||
*
|
||||
* Copyright (C) 2015, ARM Limited, All Rights Reserved
|
||||
*
|
||||
* This file is part of mbed TLS (https://tls.mbed.org)
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
#ifndef MBEDTLS_SSL_INTERNAL_H
|
||||
#define MBEDTLS_SSL_INTERNAL_H
|
||||
|
||||
#include "ssl.h"
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl );
|
||||
int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl );
|
||||
void mbedtls_ssl_handshake_wrapup( mbedtls_ssl_context *ssl );
|
||||
|
||||
int mbedtls_ssl_send_fatal_handshake_failure( mbedtls_ssl_context *ssl );
|
||||
|
||||
void mbedtls_ssl_reset_checksum( mbedtls_ssl_context *ssl );
|
||||
int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl );
|
||||
|
||||
int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl );
|
||||
int mbedtls_ssl_fetch_input( mbedtls_ssl_context *ssl, size_t nb_want );
|
||||
|
||||
int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl );
|
||||
int mbedtls_ssl_flush_output( mbedtls_ssl_context *ssl );
|
||||
|
||||
int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl );
|
||||
int mbedtls_ssl_write_certificate( mbedtls_ssl_context *ssl );
|
||||
|
||||
int mbedtls_ssl_parse_change_cipher_spec( mbedtls_ssl_context *ssl );
|
||||
int mbedtls_ssl_write_change_cipher_spec( mbedtls_ssl_context *ssl );
|
||||
|
||||
int mbedtls_ssl_parse_finished( mbedtls_ssl_context *ssl );
|
||||
int mbedtls_ssl_write_finished( mbedtls_ssl_context *ssl );
|
||||
|
||||
void mbedtls_ssl_optimize_checksum( mbedtls_ssl_context *ssl,
|
||||
const mbedtls_ssl_ciphersuite_t *ciphersuite_info );
|
||||
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
|
||||
int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exchange_type_t key_ex );
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_PK_C)
|
||||
unsigned char mbedtls_ssl_sig_from_pk( mbedtls_pk_context *pk );
|
||||
mbedtls_pk_type_t mbedtls_ssl_pk_alg_from_sig( unsigned char sig );
|
||||
#endif
|
||||
|
||||
mbedtls_md_type_t mbedtls_ssl_md_alg_from_hash( unsigned char hash );
|
||||
|
||||
#if defined(MBEDTLS_SSL_SET_CURVES)
|
||||
int mbedtls_ssl_curve_is_acceptable( const mbedtls_ssl_context *ssl, mbedtls_ecp_group_id grp_id );
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_X509_CRT_PARSE_C)
|
||||
static inline mbedtls_pk_context *mbedtls_ssl_own_key( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
mbedtls_ssl_key_cert *key_cert;
|
||||
|
||||
if( ssl->handshake != NULL && ssl->handshake->key_cert != NULL )
|
||||
key_cert = ssl->handshake->key_cert;
|
||||
else
|
||||
key_cert = ssl->conf->key_cert;
|
||||
|
||||
return( key_cert == NULL ? NULL : key_cert->key );
|
||||
}
|
||||
|
||||
static inline mbedtls_x509_crt *mbedtls_ssl_own_cert( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
mbedtls_ssl_key_cert *key_cert;
|
||||
|
||||
if( ssl->handshake != NULL && ssl->handshake->key_cert != NULL )
|
||||
key_cert = ssl->handshake->key_cert;
|
||||
else
|
||||
key_cert = ssl->conf->key_cert;
|
||||
|
||||
return( key_cert == NULL ? NULL : key_cert->cert );
|
||||
}
|
||||
|
||||
/*
|
||||
* Check usage of a certificate wrt extensions:
|
||||
* keyUsage, extendedKeyUsage (later), and nSCertType (later).
|
||||
*
|
||||
* Warning: cert_endpoint is the endpoint of the cert (ie, of our peer when we
|
||||
* check a cert we received from them)!
|
||||
*
|
||||
* Return 0 if everything is OK, -1 if not.
|
||||
*/
|
||||
int mbedtls_ssl_check_cert_usage( const mbedtls_x509_crt *cert,
|
||||
const mbedtls_ssl_ciphersuite_t *ciphersuite,
|
||||
int cert_endpoint,
|
||||
uint32_t *flags );
|
||||
#endif /* MBEDTLS_X509_CRT_PARSE_C */
|
||||
|
||||
void mbedtls_ssl_write_version( int major, int minor, int transport,
|
||||
unsigned char ver[2] );
|
||||
void mbedtls_ssl_read_version( int *major, int *minor, int transport,
|
||||
const unsigned char ver[2] );
|
||||
|
||||
static inline size_t mbedtls_ssl_hdr_len( const mbedtls_ssl_context *ssl )
|
||||
{
|
||||
#if defined(MBEDTLS_SSL_PROTO_DTLS)
|
||||
if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
|
||||
return( 13 );
|
||||
#else
|
||||
((void) ssl);
|
||||
#endif
|
||||
return( 5 );
|
||||
}
|
||||
|
||||
static inline size_t mbedtls_ssl_hs_hdr_len( const mbedtls_ssl_context *ssl )
|
||||
{
|
||||
#if defined(MBEDTLS_SSL_PROTO_DTLS)
|
||||
if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
|
||||
return( 12 );
|
||||
#else
|
||||
((void) ssl);
|
||||
#endif
|
||||
return( 4 );
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_SSL_PROTO_DTLS)
|
||||
void mbedtls_ssl_send_flight_completed( mbedtls_ssl_context *ssl );
|
||||
void mbedtls_ssl_recv_flight_completed( mbedtls_ssl_context *ssl );
|
||||
int mbedtls_ssl_resend( mbedtls_ssl_context *ssl );
|
||||
#endif
|
||||
|
||||
/* Visible for testing purposes only */
|
||||
#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
|
||||
int mbedtls_ssl_dtls_replay_check( mbedtls_ssl_context *ssl );
|
||||
void mbedtls_ssl_dtls_replay_update( mbedtls_ssl_context *ssl );
|
||||
#endif
|
||||
|
||||
/* constant-time buffer comparison */
|
||||
static inline int mbedtls_ssl_safer_memcmp( const void *a, const void *b, size_t n )
|
||||
{
|
||||
size_t i;
|
||||
const unsigned char *A = (const unsigned char *) a;
|
||||
const unsigned char *B = (const unsigned char *) b;
|
||||
unsigned char diff = 0;
|
||||
|
||||
for( i = 0; i < n; i++ )
|
||||
diff |= A[i] ^ B[i];
|
||||
|
||||
return( diff );
|
||||
}
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif /* ssl_internal.h */
|
@ -30,6 +30,7 @@
|
||||
|
||||
#include "mbedtls/debug.h"
|
||||
#include "mbedtls/ssl.h"
|
||||
#include "mbedtls/ssl_internal.h"
|
||||
|
||||
#include <string.h>
|
||||
|
||||
|
@ -33,6 +33,7 @@
|
||||
#if defined(MBEDTLS_SSL_COOKIE_C)
|
||||
|
||||
#include "mbedtls/ssl_cookie.h"
|
||||
#include "mbedtls/ssl_internal.h"
|
||||
|
||||
#if defined(MBEDTLS_PLATFORM_C)
|
||||
#include "mbedtls/platform.h"
|
||||
|
@ -30,6 +30,7 @@
|
||||
|
||||
#include "mbedtls/debug.h"
|
||||
#include "mbedtls/ssl.h"
|
||||
#include "mbedtls/ssl_internal.h"
|
||||
|
||||
#include <string.h>
|
||||
|
||||
|
@ -38,6 +38,7 @@
|
||||
|
||||
#include "mbedtls/debug.h"
|
||||
#include "mbedtls/ssl.h"
|
||||
#include "mbedtls/ssl_internal.h"
|
||||
|
||||
#include <string.h>
|
||||
|
||||
|
@ -1,5 +1,6 @@
|
||||
/* BEGIN_HEADER */
|
||||
#include <mbedtls/ssl.h>
|
||||
#include <mbedtls/ssl_internal.h>
|
||||
/* END_HEADER */
|
||||
|
||||
/* BEGIN_DEPENDENCIES
|
||||
|
Loading…
Reference in New Issue
Block a user