AuroraMiddleware/mbedtls
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Use cipher_info accessor functions in TLS code

Browse Source 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
Gilles Peskine 2021-07-19 17:37:46 +02:00
parent 80932fa944
commit e720dbe177
2 changed files with 14 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
library/ssl_ticket.c
View File

@ -141,13 +141,13 @@ int mbedtls_ssl_ticket_setup( mbedtls_ssl_ticket_context *ctx,
if( cipher_info == NULL )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
if( cipher_info->mode != MBEDTLS_MODE_GCM &&
cipher_info->mode != MBEDTLS_MODE_CCM )
if( mbedtls_cipher_info_get_mode( cipher_info ) != MBEDTLS_MODE_GCM &&
mbedtls_cipher_info_get_mode( cipher_info ) != MBEDTLS_MODE_CCM )
{
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
}
if( cipher_info->key_bitlen > 8 * MAX_KEY_BYTES )
if( mbedtls_cipher_info_get_key_bitlen( cipher_info ) > 8 * MAX_KEY_BYTES )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
#if defined(MBEDTLS_USE_PSA_CRYPTO)

22
library/ssl_tls.c
View File

@ -789,14 +789,14 @@ static int ssl_tls12_populate_transform( mbedtls_ssl_transform *transform,
* Determine the appropriate key, IV and MAC length.
*/
keylen = cipher_info->key_bitlen / 8;
keylen = mbedtls_cipher_info_get_key_bitlen( cipher_info ) / 8;
#if defined(MBEDTLS_GCM_C) || \
defined(MBEDTLS_CCM_C) || \
defined(MBEDTLS_CHACHAPOLY_C)
if( cipher_info->mode == MBEDTLS_MODE_GCM ||
cipher_info->mode == MBEDTLS_MODE_CCM ||
cipher_info->mode == MBEDTLS_MODE_CHACHAPOLY )
if( mbedtls_cipher_info_get_mode( cipher_info ) == MBEDTLS_MODE_GCM ||
mbedtls_cipher_info_get_mode( cipher_info ) == MBEDTLS_MODE_CCM ||
mbedtls_cipher_info_get_mode( cipher_info ) == MBEDTLS_MODE_CHACHAPOLY )
{
size_t explicit_ivlen;
@ -814,7 +814,7 @@ static int ssl_tls12_populate_transform( mbedtls_ssl_transform *transform,
* sequence number).
*/
transform->ivlen = 12;
if( cipher_info->mode == MBEDTLS_MODE_CHACHAPOLY )
if( mbedtls_cipher_info_get_mode( cipher_info ) == MBEDTLS_MODE_CHACHAPOLY )
transform->fixed_ivlen = 12;
else
transform->fixed_ivlen = 4;
@ -826,8 +826,8 @@ static int ssl_tls12_populate_transform( mbedtls_ssl_transform *transform,
else
#endif /* MBEDTLS_GCM_C || MBEDTLS_CCM_C || MBEDTLS_CHACHAPOLY_C */
#if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC)
if( cipher_info->mode == MBEDTLS_MODE_STREAM ||
cipher_info->mode == MBEDTLS_MODE_CBC )
if( mbedtls_cipher_info_get_mode( cipher_info ) == MBEDTLS_MODE_STREAM ||
mbedtls_cipher_info_get_mode( cipher_info ) == MBEDTLS_MODE_CBC )
{
/* Initialize HMAC contexts */
if( ( ret = mbedtls_md_setup( &transform->md_ctx_enc, md_info, 1 ) ) != 0 ||
@ -845,7 +845,7 @@ static int ssl_tls12_populate_transform( mbedtls_ssl_transform *transform,
transform->ivlen = cipher_info->iv_size;
/* Minimum length */
if( cipher_info->mode == MBEDTLS_MODE_STREAM )
if( mbedtls_cipher_info_get_mode( cipher_info ) == MBEDTLS_MODE_STREAM )
transform->minlen = transform->maclen;
else
{
@ -1060,7 +1060,7 @@ static int ssl_tls12_populate_transform( mbedtls_ssl_transform *transform,
}
if( ( ret = mbedtls_cipher_setkey( &transform->cipher_ctx_enc, key1,
cipher_info->key_bitlen,
mbedtls_cipher_info_get_key_bitlen( cipher_info ),
MBEDTLS_ENCRYPT ) ) != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setkey", ret );
@ -1068,7 +1068,7 @@ static int ssl_tls12_populate_transform( mbedtls_ssl_transform *transform,
}
if( ( ret = mbedtls_cipher_setkey( &transform->cipher_ctx_dec, key2,
cipher_info->key_bitlen,
mbedtls_cipher_info_get_key_bitlen( cipher_info ),
MBEDTLS_DECRYPT ) ) != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setkey", ret );
@ -1076,7 +1076,7 @@ static int ssl_tls12_populate_transform( mbedtls_ssl_transform *transform,
}
#if defined(MBEDTLS_CIPHER_MODE_CBC)
if( cipher_info->mode == MBEDTLS_MODE_CBC )
if( mbedtls_cipher_info_get_mode( cipher_info ) == MBEDTLS_MODE_CBC )
{
if( ( ret = mbedtls_cipher_set_padding_mode( &transform->cipher_ctx_enc,
MBEDTLS_PADDING_NONE ) ) != 0 )