yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-23 02:55:41 +01:00
Code Issues Packages Projects Releases Wiki Activity

Restructure SrvKeyExchange: Move code for skipping SrvKeyExchange

Browse Source 
This commit moves the code checking whether a SrvKeyExchange message
is expected or not to the new function ssl_srv_key_exchange_coordinate().

Note that the potential static DH extraction is done prior to the
coordination step.
This commit is contained in:
Hanno Becker 2018-05-21 09:14:46 +01:00
parent fca604d355
commit eb76c20496
1 changed files with 38 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

52
library/ssl_cli.c
View File

@ -2695,8 +2695,8 @@ cleanup:
static int ssl_server_key_exchange_prepare( mbedtls_ssl_context *ssl ) static int ssl_server_key_exchange_prepare( mbedtls_ssl_context *ssl )
{ {
const mbedtls_ssl_ciphersuite_t *ciphersuite_info = mbedtls_ssl_ciphersuite_handle_t ciphersuite_info =
ssl->transform_negotiate->ciphersuite_info; mbedtls_ssl_handshake_get_ciphersuite( ssl->handshake );
((void) ciphersuite_info); ((void) ciphersuite_info);
/* If applicable, extract static DH parameters from Server CRT. */ /* If applicable, extract static DH parameters from Server CRT. */
@ -2726,7 +2726,31 @@ static int ssl_server_key_exchange_prepare( mbedtls_ssl_context *ssl )
static int ssl_server_key_exchange_coordinate( mbedtls_ssl_context *ssl ) static int ssl_server_key_exchange_coordinate( mbedtls_ssl_context *ssl )
{ {
/* TBD */ int ret;
mbedtls_ssl_ciphersuite_handle_t ciphersuite_info =
mbedtls_ssl_handshake_get_ciphersuite( ssl->handshake );
#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
if( mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) ==
MBEDTLS_KEY_EXCHANGE_RSA )
{
return( SSL_SRV_KEY_EXCHANGE_SKIP );
}
#endif
#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
if( mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) ==
MBEDTLS_KEY_EXCHANGE_ECDH_RSA ||
mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) ==
MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA )
{
return( SSL_SRV_KEY_EXCHANGE_SKIP );
}
#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED ||
MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
return( SSL_SRV_KEY_EXCHANGE_EXPECTED );
} }
static int ssl_server_key_exchange_parse( mbedtls_ssl_context *ssl, static int ssl_server_key_exchange_parse( mbedtls_ssl_context *ssl,
@ -2757,17 +2781,17 @@ static int ssl_parse_server_key_exchange( mbedtls_ssl_context *ssl )
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse server key exchange" ) ); MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse server key exchange" ) );
#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) /* #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) */
if( mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) == /* if( mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) == */
MBEDTLS_KEY_EXCHANGE_RSA ) /* MBEDTLS_KEY_EXCHANGE_RSA ) */
{ /* { */
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse server key exchange" ) ); /* MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse server key exchange" ) ); */
ssl->state++; /* ssl->state++; */
return( 0 ); /* return( 0 ); */
} /* } */
((void) p); /* ((void) p); */
((void) end); /* ((void) end); */
#endif /* #endif */
#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)