yuzu-mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-mirror/mbedtls.git synced 2025-12-06 07:12:32 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity
mbedtls/include/mbedtls
History
Hanno Becker 7177a88a36 Introduce helper function to determine whether suite uses server CRT 
This commit introduces a static helper function

   `mbedtls_ssl_ciphersuite_uses_srv_cert()`

which determines whether a ciphersuite may make use of server-side CRTs.

This function is in turn uses in `mbedtls_ssl_parse_certificate()` to
skip certificate parsing for ciphersuites which don't involve CRTs.

Note: Ciphersuites not using server-side CRTs don't allow client-side CRTs
either, so it is safe to guard `mbedtls_ssl_{parse/write}_certificate()`
this way.

Note: Previously, the code uses a positive check over the suites

- MBEDTLS_KEY_EXCHANGE_PSK
- MBEDTLS_KEY_EXCHANGE_DHE_PSK
- MBEDTLS_KEY_EXCHANGE_ECDHE_PSK
- MBEDTLS_KEY_EXCHANGE_ECJPAKE,

while now, it uses a negative check over `mbedtls_ssl_ciphersuite_uses_srv_cert()`,
which checks for the suites

- MBEDTLS_KEY_EXCHANGE_RSA
- MBEDTLS_KEY_EXCHANGE_RSA_PSK
- MBEDTLS_KEY_EXCHANGE_DHE_RSA
- MBEDTLS_KEY_EXCHANGE_ECDH_RSA
- MBEDTLS_KEY_EXCHANGE_ECDHE_RSA
- MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA
- MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA

This is equivalent since, together, those are all ciphersuites.
Quoting ssl_ciphersuites.h:

```
typedef enum {
    MBEDTLS_KEY_EXCHANGE_NONE = 0,
    MBEDTLS_KEY_EXCHANGE_RSA,
    MBEDTLS_KEY_EXCHANGE_DHE_RSA,
    MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
    MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
    MBEDTLS_KEY_EXCHANGE_PSK,
    MBEDTLS_KEY_EXCHANGE_DHE_PSK,
    MBEDTLS_KEY_EXCHANGE_RSA_PSK,
    MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
    MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
    MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
    MBEDTLS_KEY_EXCHANGE_ECJPAKE,
} mbedtls_key_exchange_type_t;
```
2019-02-26 14:38:09 +00:00
..
aes.h Merge development commit 8e76332 into development-psa 2019-01-31 08:20:20 -05:00
aesni.h Merge development commit 8e76332 into development-psa 2019-01-31 08:20:20 -05:00
arc4.h Merge development commit 8e76332 into development-psa 2019-01-31 08:20:20 -05:00
aria.h Merge development commit 8e76332 into development-psa 2019-01-31 08:20:20 -05:00
asn1.h Merge remote-tracking branch 'upstream-restricted/pr/398' into development-restricted-proposed 2018-03-13 17:18:06 +01:00
asn1write.h Merge development commit 8e76332 into development-psa 2019-01-31 08:20:20 -05:00
base64.h Merge development commit 8e76332 into development-psa 2019-01-31 08:20:20 -05:00
bignum.h Merge development commit 8e76332 into development-psa 2019-01-31 08:20:20 -05:00
blowfish.h Merge development commit 8e76332 into development-psa 2019-01-31 08:20:20 -05:00
bn_mul.h Merge development commit 8e76332 into development-psa 2019-01-31 08:20:20 -05:00
camellia.h Merge development commit 8e76332 into development-psa 2019-01-31 08:20:20 -05:00
ccm.h Merge development commit 8e76332 into development-psa 2019-01-31 08:20:20 -05:00
certs.h Merge development commit 8e76332 into development-psa 2019-01-31 08:20:20 -05:00
chacha20.h Merge development commit 8e76332 into development-psa 2019-01-31 08:20:20 -05:00
chachapoly.h Merge development commit 8e76332 into development-psa 2019-01-31 08:20:20 -05:00
check_config.h Fix typo in check_config.h 2019-02-22 12:50:35 +00:00
cipher.h Adjust documentation of mbedtls_cipher_update_ad 2019-02-08 06:50:55 -05:00
cipher_internal.h Adapt to the new key allocation mechanism 2019-01-08 09:36:01 -05:00
cmac.h Merge development commit 8e76332 into development-psa 2019-01-31 08:20:20 -05:00
compat-1.3.h Merge development commit 8e76332 into development-psa 2019-01-31 08:20:20 -05:00
config.h Merge PSA config and check-config changes 2019-02-05 05:26:00 -05:00
ctr_drbg.h Merge development commit 8e76332 into development-psa 2019-01-31 08:20:20 -05:00
debug.h Merge development commit 8e76332 into development-psa 2019-01-31 08:20:20 -05:00
des.h Merge development commit 8e76332 into development-psa 2019-01-31 08:20:20 -05:00
dhm.h Merge development commit 8e76332 into development-psa 2019-01-31 08:20:20 -05:00
ecdh.h Merge development commit 8e76332 into development-psa 2019-01-31 08:20:20 -05:00
ecdsa.h Merge development commit 8e76332 into development-psa 2019-01-31 08:20:20 -05:00
ecjpake.h Merge development commit 8e76332 into development-psa 2019-01-31 08:20:20 -05:00
ecp.h Merge development commit 8e76332 into development-psa 2019-01-31 08:20:20 -05:00
ecp_internal.h Merge development commit 8e76332 into development-psa 2019-01-31 08:20:20 -05:00
entropy.h Allow to forward declare of public structs #1215 2018-07-24 10:02:47 +02:00
entropy_poll.h Update Doxygen file blocks to remove copyright and license information 2018-01-23 15:44:39 +00:00
error.h Merge development commit 8e76332 into development-psa 2019-01-31 08:20:20 -05:00
gcm.h Merge development commit 8e76332 into development-psa 2019-01-31 08:20:20 -05:00
havege.h Merge development commit 8e76332 into development-psa 2019-01-31 08:20:20 -05:00
hkdf.h Merge development commit 8e76332 into development-psa 2019-01-31 08:20:20 -05:00
hmac_drbg.h Merge development commit 8e76332 into development-psa 2019-01-31 08:20:20 -05:00
md.h Deprecate hardware acceleration errors 2018-11-09 15:01:07 +00:00
md2.h Merge development commit 8e76332 into development-psa 2019-01-31 08:20:20 -05:00
md4.h Merge development commit 8e76332 into development-psa 2019-01-31 08:20:20 -05:00
md5.h Merge development commit 8e76332 into development-psa 2019-01-31 08:20:20 -05:00
md_internal.h Merge remote-tracking branch 'upstream-public/pr/1294' into development 2018-01-25 14:47:39 +00:00
memory_buffer_alloc.h Update Doxygen file blocks to remove copyright and license information 2018-01-23 15:44:39 +00:00
net.h Merge development commit 8e76332 into development-psa 2019-01-31 08:20:20 -05:00
net_sockets.h Merge remote-tracking branch 'upstream-public/pr/1861' into development 2018-08-10 11:17:14 +01:00
nist_kw.h Merge development commit 8e76332 into development-psa 2019-01-31 08:20:20 -05:00
oid.h Merge remote-tracking branch 'upstream-public/pr/1861' into development 2018-08-10 11:17:14 +01:00
padlock.h Merge development commit 8e76332 into development-psa 2019-01-31 08:20:20 -05:00
pem.h Merge development commit 8e76332 into development-psa 2019-01-31 08:20:20 -05:00
pk.h Documentation fixes 2019-02-05 05:06:35 -05:00
pk_internal.h Align names to use "opaque" only everywhere 2018-11-22 09:59:34 +01:00
pkcs5.h Merge development commit 8e76332 into development-psa 2019-01-31 08:20:20 -05:00
pkcs11.h Allow to forward declare of public structs #1215 2018-07-24 10:02:47 +02:00
pkcs12.h Merge development commit 8e76332 into development-psa 2019-01-31 08:20:20 -05:00
platform.h Merge remote-tracking branch 'origin/pr/1551' into development 2019-01-30 13:24:55 +00:00
platform_time.h Update Doxygen file blocks to remove copyright and license information 2018-01-23 15:44:39 +00:00
platform_util.h Merge development commit 8e76332 into development-psa 2019-01-31 08:20:20 -05:00
poly1305.h Merge development commit 8e76332 into development-psa 2019-01-31 08:20:20 -05:00
psa_util.h Define maximum EC public key length depending on enabled curves 2019-02-18 17:04:24 +00:00
ripemd160.h Merge development commit 8e76332 into development-psa 2019-01-31 08:20:20 -05:00
rsa.h Revert "Forbid passing NULL input buffers to RSA encryption routines" 2019-02-08 08:43:31 -05:00
rsa_internal.h Merge remote-tracking branch 'upstream-public/pr/1457' into development-proposed 2018-04-04 09:19:27 +02:00
sha1.h Merge development commit 8e76332 into development-psa 2019-01-31 08:20:20 -05:00
sha256.h Merge development commit 8e76332 into development-psa 2019-01-31 08:20:20 -05:00
sha512.h Merge development commit 8e76332 into development-psa 2019-01-31 08:20:20 -05:00
ssl.h Merge development commit f352f7 into development-psa 2019-02-01 07:03:03 -05:00
ssl_cache.h Merge development commit 8e76332 into development-psa 2019-01-31 08:20:20 -05:00
ssl_ciphersuites.h Introduce helper function to determine whether suite uses server CRT 2019-02-26 14:38:09 +00:00
ssl_cookie.h Merge development commit 8e76332 into development-psa 2019-01-31 08:20:20 -05:00
ssl_internal.h Add fields for PSA-based ECDHE to handshake structure 2019-02-18 16:41:55 +00:00
ssl_ticket.h Merge development commit 8e76332 into development-psa 2019-01-31 08:20:20 -05:00
threading.h Deprecate hardware acceleration errors 2018-11-09 15:01:07 +00:00
timing.h Allow to forward declare of public structs #1215 2018-07-24 10:02:47 +02:00
version.h Merge development commit 8e76332 into development-psa 2019-01-31 08:20:20 -05:00
x509.h Merge development commit 8e76332 into development-psa 2019-01-31 08:20:20 -05:00
x509_crl.h Fix #2370, minor typos and spelling mistakes 2019-01-24 10:37:40 +01:00
x509_crt.h Add a new X.509 API call for copy-less parsing of CRTs 2019-02-08 14:24:58 +00:00
x509_csr.h Update Doxygen file blocks to remove copyright and license information 2018-01-23 15:44:39 +00:00
xtea.h Merge development commit 8e76332 into development-psa 2019-01-31 08:20:20 -05:00