From f472179d44c81de9fd54d115284b552b37a9b8bf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 15 Sep 2015 10:53:51 +0200 Subject: [PATCH] Adjust dependencies for EC extensions The Thread spec says we need those for EC J-PAKE too. However, we won't be using the information, so we can skip the parsing functions in an EC J-PAKE only config; keep the writing functions in order to comply with the spec. --- include/mbedtls/ssl_internal.h | 3 ++- library/ssl_cli.c | 10 ++++++---- library/ssl_srv.c | 8 +++++--- 3 files changed, 13 insertions(+), 8 deletions(-) diff --git a/include/mbedtls/ssl_internal.h b/include/mbedtls/ssl_internal.h index 73279a5ae..e9d06daa0 100644 --- a/include/mbedtls/ssl_internal.h +++ b/include/mbedtls/ssl_internal.h @@ -168,7 +168,8 @@ struct mbedtls_ssl_handshake_params #if defined(MBEDTLS_ECDH_C) mbedtls_ecdh_context ecdh_ctx; /*!< ECDH key exchange */ #endif -#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) +#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ + defined(MBEDTLS_ECJPAKE_C) const mbedtls_ecp_curve_info **curves; /*!< Supported elliptic curves */ #endif #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 5a9c43222..ba6a6166d 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -208,7 +208,8 @@ static void ssl_write_signature_algorithms_ext( mbedtls_ssl_context *ssl, #endif /* MBEDTLS_SSL_PROTO_TLS1_2 && MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED */ -#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) +#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ + defined(MBEDTLS_ECJPAKE_C) static void ssl_write_supported_elliptic_curves_ext( mbedtls_ssl_context *ssl, unsigned char *buf, size_t *olen ) @@ -277,7 +278,7 @@ static void ssl_write_supported_point_formats_ext( mbedtls_ssl_context *ssl, *olen = 6; } -#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C */ +#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || MBEDTLS_ECJPAKE_C */ #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) static void ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl, @@ -771,7 +772,8 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl ) ext_len += olen; #endif -#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) +#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ + defined(MBEDTLS_ECJPAKE_C) ssl_write_supported_elliptic_curves_ext( ssl, p + 2 + ext_len, &olen ); ext_len += olen; @@ -1507,7 +1509,7 @@ static int ssl_parse_server_hello( mbedtls_ssl_context *ssl ) break; #endif /* MBEDTLS_SSL_SESSION_TICKETS */ -#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) +#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ case MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS: MBEDTLS_SSL_DEBUG_MSG( 3, ( "found supported_point_formats extension" ) ); diff --git a/library/ssl_srv.c b/library/ssl_srv.c index ca1e7b804..afac3e108 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -1976,7 +1976,8 @@ static void ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl, } #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ -#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) +#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ + defined(MBEDTLS_ECJPAKE_C) static void ssl_write_supported_point_formats_ext( mbedtls_ssl_context *ssl, unsigned char *buf, size_t *olen ) @@ -2004,7 +2005,7 @@ static void ssl_write_supported_point_formats_ext( mbedtls_ssl_context *ssl, *olen = 6; } -#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C */ +#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || MBEDTLS_ECJPAKE_C */ #if defined(MBEDTLS_SSL_ALPN ) static void ssl_write_alpn_ext( mbedtls_ssl_context *ssl, @@ -2290,7 +2291,8 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl ) ext_len += olen; #endif -#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) +#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ + defined(MBEDTLS_ECJPAKE_C) ssl_write_supported_point_formats_ext( ssl, p + 2 + ext_len, &olen ); ext_len += olen; #endif