yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-27 05:14:14 +01:00
Code Issues Packages Projects Releases Wiki Activity
5097cba93c
mbedtls/library
History
Hanno Becker 5097cba93c Introduce helper function to determine whether suite uses server CRT 
This commit introduces a static helper function

   `mbedtls_ssl_ciphersuite_uses_srv_cert()`

which determines whether a ciphersuite may make use of server-side CRTs.

This function is in turn uses in `mbedtls_ssl_parse_certificate()` to
skip certificate parsing for ciphersuites which don't involve CRTs.

Note: Ciphersuites not using server-side CRTs don't allow client-side CRTs
either, so it is safe to guard `mbedtls_ssl_{parse/write}_certificate()`
this way.

Note: Previously, the code uses a positive check over the suites

- MBEDTLS_KEY_EXCHANGE_PSK
- MBEDTLS_KEY_EXCHANGE_DHE_PSK
- MBEDTLS_KEY_EXCHANGE_ECDHE_PSK
- MBEDTLS_KEY_EXCHANGE_ECJPAKE,

while now, it uses a negative check over `mbedtls_ssl_ciphersuite_uses_srv_cert()`,
which checks for the suites

- MBEDTLS_KEY_EXCHANGE_RSA
- MBEDTLS_KEY_EXCHANGE_RSA_PSK
- MBEDTLS_KEY_EXCHANGE_DHE_RSA
- MBEDTLS_KEY_EXCHANGE_ECDH_RSA
- MBEDTLS_KEY_EXCHANGE_ECDHE_RSA
- MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA
- MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA

This is equivalent since, together, those are all ciphersuites.
Quoting ssl_ciphersuites.h:

```
typedef enum {
    MBEDTLS_KEY_EXCHANGE_NONE = 0,
    MBEDTLS_KEY_EXCHANGE_RSA,
    MBEDTLS_KEY_EXCHANGE_DHE_RSA,
    MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
    MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
    MBEDTLS_KEY_EXCHANGE_PSK,
    MBEDTLS_KEY_EXCHANGE_DHE_PSK,
    MBEDTLS_KEY_EXCHANGE_RSA_PSK,
    MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
    MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
    MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
    MBEDTLS_KEY_EXCHANGE_ECJPAKE,
} mbedtls_key_exchange_type_t;
```
2019-06-19 10:25:01 +01:00
..
.gitignore
aes.c Add further missing brackets around macro parameters 2019-04-24 10:52:45 +02:00
aesni.c
arc4.c
aria.c Implement parameter validation for ARIA module 2018-12-19 12:51:00 +00:00
asn1parse.c
asn1write.c Fix ASN1 bitstring writing 2019-02-11 21:13:33 +00:00
base64.c
bignum.c Fix typo 2019-03-06 13:51:30 +00:00
blowfish.c Implement parameter validation for Blowfish module 2018-12-19 12:52:59 +00:00
camellia.c Minor improvements to Camellia module and documentation 2018-12-19 13:42:05 +00:00
ccm.c Improve macro hygiene 2019-04-24 10:51:54 +02:00
certs.c Re-generate library/certs.c from script 2019-05-30 10:58:12 +01:00
chacha20.c Improve macro hygiene 2019-04-24 10:51:54 +02:00
chachapoly.c Fix wrong conditional in free() functions 2018-12-18 15:30:30 +00:00
cipher_wrap.c Fix after PR comments 2018-07-23 18:18:32 +01:00
cipher.c Remove unnecessary parameter validation from the Cipher module 2018-12-19 17:34:58 +01:00
cmac.c Merge remote-tracking branch 'public/pr/1390' into development 2018-06-27 10:51:47 +01:00
CMakeLists.txt Merge remote-tracking branch 'origin/pr/566' into baremetal 2019-05-09 16:59:02 +01:00
ctr_drbg.c Streamline mbedtls_xxx_drbg_update_seed_file 2018-11-26 19:26:22 +01:00
debug.c Rename MBEDTLS_X509_INFO to !MBEDTLS_X509_REMOVE_INFO 2019-06-18 11:05:44 +01:00
des.c Improve macro hygiene 2019-04-24 10:51:54 +02:00
dhm.c Allow DHM self test to run without MBEDTLS_PEM_PARSE_C 2019-05-30 10:58:12 +01:00
ecdh.c Fix mbedtls_ecdh_get_params with new ECDH context 2019-02-22 12:51:51 +01:00
ecdsa.c Return error code of underlying function. 2019-01-10 10:52:08 +02:00
ecjpake.c Minor fixes to ECJPAKE parameter validation 2018-12-19 09:48:50 +00:00
ecp_curves.c Improve macro hygiene 2019-04-24 10:51:54 +02:00
ecp.c Improve macro hygiene 2019-04-24 10:51:54 +02:00
entropy_poll.c Add missing bracket 2018-11-06 13:12:47 +00:00
entropy.c
error.c Introduce specific error for ver/cfg mismatch on deserialization 2019-06-03 13:01:21 +01:00
gcm.c Improve parameter validation in mbedtls_gcm_free() 2018-12-19 17:32:19 +01:00
havege.c Improve macro hygiene 2019-04-24 10:51:54 +02:00
hkdf.c Fix issue if salt = NULL and salt_len !=0 in mbedtls_hkdf_extract() 2018-07-23 10:34:47 -07:00
hmac_drbg.c Streamline mbedtls_xxx_drbg_update_seed_file 2018-11-26 19:26:22 +01:00
Makefile Tinycrypt support for makefile builds 2019-04-25 11:00:41 +03:00
md2.c
md4.c Add more missing parentheses around macro parameters 2019-04-24 10:52:53 +02:00
md5.c Add further missing brackets around macro parameters 2019-04-24 10:52:45 +02:00
md_wrap.c
md.c
memory_buffer_alloc.c
net_sockets.c Merge remote-tracking branch 'public/pr/1198' into development 2018-07-24 17:20:17 +01:00
nist_kw.c Remove faulty cipher_finish calls from nist_kw 2018-12-20 12:15:40 +01:00
oid.c Address review comments 2019-06-18 11:05:44 +01:00
padlock.c
pem.c
pk_wrap.c Fix or improve some comments (and whitespace) 2018-10-15 15:27:49 +02:00
pk.c Merge remote-tracking branch 'public/pr/1721' into development-restricted 2018-12-20 12:37:13 +00:00
pkcs5.c Guard mbedtls_pkcs5_pbes2() by MBEDTLS_ASN1_PARSE_C 2018-10-16 13:39:40 +01:00
pkcs11.c
pkcs12.c Make PBE-related parts of PKCS12 depend on MBEDTLS_ASN1_PARSE_C 2018-10-16 13:39:40 +01:00
pkparse.c Fix unused variable warnings in pkparse.c 2019-06-18 11:31:59 +02:00
pkwrite.c PK parse/write: support keylen=0 correctly 2018-12-19 17:03:28 +01:00
platform_util.c Remove the library provided function of MBEDTLS_PARAM_FAILED 2018-12-11 12:28:56 +01:00
platform.c Omit runtime configuration of calloc/free if macro config enabled 2018-10-11 11:04:20 +01:00
poly1305.c Improve macro hygiene 2019-04-24 10:51:54 +02:00
ripemd160.c Improve macro hygiene 2019-04-24 10:51:54 +02:00
rsa_internal.c Bignum: Deprecate mbedtls_mpi_is_prime() 2018-10-09 16:36:53 +01:00
rsa.c Merge remote-tracking branch 'public/pr/1721' into development-restricted 2018-12-20 12:37:13 +00:00
sha1.c Add further missing brackets around macro parameters 2019-04-24 10:52:45 +02:00
sha256.c Add further missing brackets around macro parameters 2019-04-24 10:52:45 +02:00
sha512.c Add more missing parentheses around macro parameters 2019-04-24 10:52:53 +02:00
ssl_cache.c
ssl_ciphersuites.c Reduce priority of 3DES ciphersuites 2019-03-01 10:29:13 +01:00
ssl_cli.c Merge remote-tracking branch 'origin/pr/590' into baremetal 2019-06-17 17:57:26 +01:00
ssl_cookie.c
ssl_srv.c Merge remote-tracking branch 'origin/pr/590' into baremetal 2019-06-17 17:57:26 +01:00
ssl_ticket.c Move session save/load function to ssl_tls.c 2019-06-03 09:51:08 +02:00
ssl_tls.c Introduce helper function to determine whether suite uses server CRT 2019-06-19 10:25:01 +01:00
threading.c Don't declare and define gmtime()-mutex on Windows platforms 2018-09-06 12:09:56 +01:00
timing.c Merge remote-tracking branch 'public/pr/1777' into development-proposed 2018-11-04 18:51:36 +00:00
version_features.c Merge remote-tracking branch 'origin/pr/591' into baremetal 2019-06-18 17:36:45 +01:00
version.c
x509_create.c Break overly long line in library/x509_create.c 2018-11-02 10:52:38 +00:00
x509_crl.c Rename MBEDTLS_X509_INFO to !MBEDTLS_X509_REMOVE_INFO 2019-06-18 11:05:44 +01:00
x509_crt.c Rename MBEDTLS_X509_INFO to !MBEDTLS_X509_REMOVE_INFO 2019-06-18 11:05:44 +01:00
x509_csr.c Rename MBEDTLS_X509_INFO to !MBEDTLS_X509_REMOVE_INFO 2019-06-18 11:05:44 +01:00
x509.c Rename MBEDTLS_X509_INFO to !MBEDTLS_X509_REMOVE_INFO 2019-06-18 11:05:44 +01:00
x509write_crt.c Fix ASN1 bitstring writing 2019-02-11 21:13:33 +00:00
x509write_csr.c Fix ASN1 bitstring writing 2019-02-11 21:13:33 +00:00
xtea.c