diff --git a/include/mbedtls/ssl_ciphersuites.h b/include/mbedtls/ssl_ciphersuites.h index b66c474f0..f12ad25e7 100644 --- a/include/mbedtls/ssl_ciphersuites.h +++ b/include/mbedtls/ssl_ciphersuites.h @@ -580,136 +580,6 @@ const int *mbedtls_ssl_list_ciphersuites( void ); * depending on whether MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE is defined. */ -static inline int mbedtls_ssl_ciphersuite_has_pfs_internal( - mbedtls_ssl_ciphersuite_handle_t info ) -{ - switch( mbedtls_ssl_suite_get_key_exchange( info ) ) - { - case MBEDTLS_KEY_EXCHANGE_DHE_RSA: - case MBEDTLS_KEY_EXCHANGE_DHE_PSK: - case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: - case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK: - case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: - case MBEDTLS_KEY_EXCHANGE_ECJPAKE: - return( 1 ); - - default: - return( 0 ); - } -} - -static inline int mbedtls_ssl_ciphersuite_no_pfs_internal( - mbedtls_ssl_ciphersuite_handle_t info ) -{ - switch( mbedtls_ssl_suite_get_key_exchange( info ) ) - { - case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: - case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: - case MBEDTLS_KEY_EXCHANGE_RSA: - case MBEDTLS_KEY_EXCHANGE_PSK: - case MBEDTLS_KEY_EXCHANGE_RSA_PSK: - return( 1 ); - - default: - return( 0 ); - } -} - -static inline int mbedtls_ssl_ciphersuite_uses_ecdh_internal( - mbedtls_ssl_ciphersuite_handle_t info ) -{ - switch( mbedtls_ssl_suite_get_key_exchange( info ) ) - { - case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: - case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: - return( 1 ); - - default: - return( 0 ); - } -} - -static inline int mbedtls_ssl_ciphersuite_cert_req_allowed_internal( - mbedtls_ssl_ciphersuite_handle_t info ) -{ - switch( mbedtls_ssl_suite_get_key_exchange( info ) ) - { - case MBEDTLS_KEY_EXCHANGE_RSA: - case MBEDTLS_KEY_EXCHANGE_DHE_RSA: - case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: - case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: - case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: - case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: - return( 1 ); - - default: - return( 0 ); - } -} - -static inline int mbedtls_ssl_ciphersuite_uses_srv_cert_internal( - mbedtls_ssl_ciphersuite_handle_t info ) -{ - switch( mbedtls_ssl_suite_get_key_exchange( info ) ) - { - case MBEDTLS_KEY_EXCHANGE_RSA: - case MBEDTLS_KEY_EXCHANGE_RSA_PSK: - case MBEDTLS_KEY_EXCHANGE_DHE_RSA: - case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: - case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: - case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: - case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: - return( 1 ); - - default: - return( 0 ); - } -} - -static inline int mbedtls_ssl_ciphersuite_uses_dhe_internal( - mbedtls_ssl_ciphersuite_handle_t info ) -{ - switch( mbedtls_ssl_suite_get_key_exchange( info ) ) - { - case MBEDTLS_KEY_EXCHANGE_DHE_RSA: - case MBEDTLS_KEY_EXCHANGE_DHE_PSK: - return( 1 ); - - default: - return( 0 ); - } -} - -static inline int mbedtls_ssl_ciphersuite_uses_ecdhe_internal( - mbedtls_ssl_ciphersuite_handle_t info ) -{ - switch( mbedtls_ssl_suite_get_key_exchange( info ) ) - { - case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: - case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: - case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK: - return( 1 ); - - default: - return( 0 ); - } -} - -static inline int mbedtls_ssl_ciphersuite_uses_server_signature_internal( - mbedtls_ssl_ciphersuite_handle_t info ) -{ - switch( mbedtls_ssl_suite_get_key_exchange( info ) ) - { - case MBEDTLS_KEY_EXCHANGE_DHE_RSA: - case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: - case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: - return( 1 ); - - default: - return( 0 ); - } -} - #if defined(MBEDTLS_PK_C) static inline mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg_internal( mbedtls_ssl_ciphersuite_handle_t info ) @@ -805,18 +675,6 @@ mbedtls_ssl_ciphersuite_handle_t mbedtls_ssl_ciphersuite_from_string( mbedtls_ssl_ciphersuite_handle_t mbedtls_ssl_ciphersuite_from_id( int ciphersuite_id ); -int mbedtls_ssl_ciphersuite_has_pfs( mbedtls_ssl_ciphersuite_handle_t info ); -int mbedtls_ssl_ciphersuite_no_pfs( mbedtls_ssl_ciphersuite_handle_t info ); -int mbedtls_ssl_ciphersuite_uses_ecdh( mbedtls_ssl_ciphersuite_handle_t info ); -int mbedtls_ssl_ciphersuite_cert_req_allowed( - mbedtls_ssl_ciphersuite_handle_t info ); -int mbedtls_ssl_ciphersuite_uses_srv_cert( - mbedtls_ssl_ciphersuite_handle_t info ); -int mbedtls_ssl_ciphersuite_uses_dhe( mbedtls_ssl_ciphersuite_handle_t info ); -int mbedtls_ssl_ciphersuite_uses_ecdhe( mbedtls_ssl_ciphersuite_handle_t info ); -int mbedtls_ssl_ciphersuite_uses_server_signature( - mbedtls_ssl_ciphersuite_handle_t info ); - #if defined(MBEDTLS_PK_C) mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg( mbedtls_ssl_ciphersuite_handle_t info ); @@ -836,54 +694,6 @@ int mbedtls_ssl_ciphersuite_uses_psk( mbedtls_ssl_ciphersuite_handle_t info ); #else /* !MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */ -static inline int mbedtls_ssl_ciphersuite_has_pfs( - mbedtls_ssl_ciphersuite_handle_t info ) -{ - return( mbedtls_ssl_ciphersuite_has_pfs_internal( info ) ); -} - -static inline int mbedtls_ssl_ciphersuite_no_pfs( - mbedtls_ssl_ciphersuite_handle_t info ) -{ - return( mbedtls_ssl_ciphersuite_no_pfs_internal( info ) ); -} - -static inline int mbedtls_ssl_ciphersuite_uses_ecdh( - mbedtls_ssl_ciphersuite_handle_t info ) -{ - return( mbedtls_ssl_ciphersuite_uses_ecdh_internal( info ) ); -} - -static inline int mbedtls_ssl_ciphersuite_cert_req_allowed( - mbedtls_ssl_ciphersuite_handle_t info ) -{ - return( mbedtls_ssl_ciphersuite_cert_req_allowed_internal( info ) ); -} - -static inline int mbedtls_ssl_ciphersuite_uses_srv_cert( - mbedtls_ssl_ciphersuite_handle_t info ) -{ - return( mbedtls_ssl_ciphersuite_uses_srv_cert_internal( info ) ); -} - -static inline int mbedtls_ssl_ciphersuite_uses_dhe( - mbedtls_ssl_ciphersuite_handle_t info ) -{ - return( mbedtls_ssl_ciphersuite_uses_dhe_internal( info ) ); -} - -static inline int mbedtls_ssl_ciphersuite_uses_ecdhe( - mbedtls_ssl_ciphersuite_handle_t info ) -{ - return( mbedtls_ssl_ciphersuite_uses_ecdhe_internal( info ) ); -} - -static inline int mbedtls_ssl_ciphersuite_uses_server_signature( - mbedtls_ssl_ciphersuite_handle_t info ) -{ - return( mbedtls_ssl_ciphersuite_uses_server_signature_internal( info ) ); -} - #if defined(MBEDTLS_PK_C) static inline mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg( mbedtls_ssl_ciphersuite_handle_t info ) @@ -942,6 +752,137 @@ static inline mbedtls_ssl_ciphersuite_handle_t mbedtls_ssl_ciphersuite_from_stri #endif /* MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */ +static inline int mbedtls_ssl_ciphersuite_has_pfs( + mbedtls_ssl_ciphersuite_handle_t info ) +{ + switch( mbedtls_ssl_suite_get_key_exchange( info ) ) + { + case MBEDTLS_KEY_EXCHANGE_DHE_RSA: + case MBEDTLS_KEY_EXCHANGE_DHE_PSK: + case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: + case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK: + case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: + case MBEDTLS_KEY_EXCHANGE_ECJPAKE: + return( 1 ); + + default: + return( 0 ); + } +} + +static inline int mbedtls_ssl_ciphersuite_no_pfs( + mbedtls_ssl_ciphersuite_handle_t info ) +{ + switch( mbedtls_ssl_suite_get_key_exchange( info ) ) + { + case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: + case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: + case MBEDTLS_KEY_EXCHANGE_RSA: + case MBEDTLS_KEY_EXCHANGE_PSK: + case MBEDTLS_KEY_EXCHANGE_RSA_PSK: + return( 1 ); + + default: + return( 0 ); + } +} + + +static inline int mbedtls_ssl_ciphersuite_uses_ecdh( + mbedtls_ssl_ciphersuite_handle_t info ) +{ + switch( mbedtls_ssl_suite_get_key_exchange( info ) ) + { + case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: + case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: + return( 1 ); + + default: + return( 0 ); + } +} + +static inline int mbedtls_ssl_ciphersuite_cert_req_allowed( + mbedtls_ssl_ciphersuite_handle_t info ) +{ + switch( mbedtls_ssl_suite_get_key_exchange( info ) ) + { + case MBEDTLS_KEY_EXCHANGE_RSA: + case MBEDTLS_KEY_EXCHANGE_DHE_RSA: + case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: + case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: + case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: + case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: + return( 1 ); + + default: + return( 0 ); + } +} + +static inline int mbedtls_ssl_ciphersuite_uses_srv_cert( + mbedtls_ssl_ciphersuite_handle_t info ) +{ + switch( mbedtls_ssl_suite_get_key_exchange( info ) ) + { + case MBEDTLS_KEY_EXCHANGE_RSA: + case MBEDTLS_KEY_EXCHANGE_RSA_PSK: + case MBEDTLS_KEY_EXCHANGE_DHE_RSA: + case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: + case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: + case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: + case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: + return( 1 ); + + default: + return( 0 ); + } +} + +static inline int mbedtls_ssl_ciphersuite_uses_dhe( + mbedtls_ssl_ciphersuite_handle_t info ) +{ + switch( mbedtls_ssl_suite_get_key_exchange( info ) ) + { + case MBEDTLS_KEY_EXCHANGE_DHE_RSA: + case MBEDTLS_KEY_EXCHANGE_DHE_PSK: + return( 1 ); + + default: + return( 0 ); + } +} + +static inline int mbedtls_ssl_ciphersuite_uses_ecdhe( + mbedtls_ssl_ciphersuite_handle_t info ) +{ + switch( mbedtls_ssl_suite_get_key_exchange( info ) ) + { + case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: + case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: + case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK: + return( 1 ); + + default: + return( 0 ); + } +} + +static inline int mbedtls_ssl_ciphersuite_uses_server_signature( + mbedtls_ssl_ciphersuite_handle_t info ) +{ + switch( mbedtls_ssl_suite_get_key_exchange( info ) ) + { + case MBEDTLS_KEY_EXCHANGE_DHE_RSA: + case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: + case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: + return( 1 ); + + default: + return( 0 ); + } +} + #ifdef __cplusplus } #endif diff --git a/library/ssl_ciphersuites.c b/library/ssl_ciphersuites.c index f03470476..ad660079a 100644 --- a/library/ssl_ciphersuites.c +++ b/library/ssl_ciphersuites.c @@ -2293,54 +2293,6 @@ int mbedtls_ssl_get_ciphersuite_id( const char *ciphersuite_name ) return( cur->id ); } -int mbedtls_ssl_ciphersuite_has_pfs( - mbedtls_ssl_ciphersuite_handle_t info ) -{ - return( mbedtls_ssl_ciphersuite_has_pfs_internal( info ) ); -} - -int mbedtls_ssl_ciphersuite_no_pfs( - mbedtls_ssl_ciphersuite_handle_t info ) -{ - return( mbedtls_ssl_ciphersuite_no_pfs_internal( info ) ); -} - -int mbedtls_ssl_ciphersuite_uses_ecdh( - mbedtls_ssl_ciphersuite_handle_t info ) -{ - return( mbedtls_ssl_ciphersuite_uses_ecdh_internal( info ) ); -} - -int mbedtls_ssl_ciphersuite_cert_req_allowed( - mbedtls_ssl_ciphersuite_handle_t info ) -{ - return( mbedtls_ssl_ciphersuite_cert_req_allowed_internal( info ) ); -} - -int mbedtls_ssl_ciphersuite_uses_srv_cert( - mbedtls_ssl_ciphersuite_handle_t info ) -{ - return( mbedtls_ssl_ciphersuite_uses_srv_cert_internal( info ) ); -} - -int mbedtls_ssl_ciphersuite_uses_dhe( - mbedtls_ssl_ciphersuite_handle_t info ) -{ - return( mbedtls_ssl_ciphersuite_uses_dhe_internal( info ) ); -} - -int mbedtls_ssl_ciphersuite_uses_ecdhe( - mbedtls_ssl_ciphersuite_handle_t info ) -{ - return( mbedtls_ssl_ciphersuite_uses_ecdhe_internal( info ) ); -} - -int mbedtls_ssl_ciphersuite_uses_server_signature( - mbedtls_ssl_ciphersuite_handle_t info ) -{ - return( mbedtls_ssl_ciphersuite_uses_server_signature_internal( info ) ); -} - #if defined(MBEDTLS_PK_C) mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg( mbedtls_ssl_ciphersuite_handle_t info )