mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-12-25 02:25:40 +00:00
Remove mbedtls_ssl_transform::minor_ver if the version is hardcoded
This commit is contained in:
parent
0f902b71a8
commit
0a92b8156d
|
@ -709,7 +709,10 @@ struct mbedtls_ssl_transform
|
||||||
|
|
||||||
mbedtls_cipher_context_t cipher_ctx_enc; /*!< encryption context */
|
mbedtls_cipher_context_t cipher_ctx_enc; /*!< encryption context */
|
||||||
mbedtls_cipher_context_t cipher_ctx_dec; /*!< decryption context */
|
mbedtls_cipher_context_t cipher_ctx_dec; /*!< decryption context */
|
||||||
|
|
||||||
|
#if !defined(MBEDTLS_SSL_CONF_FIXED_MINOR_VER)
|
||||||
int minor_ver;
|
int minor_ver;
|
||||||
|
#endif
|
||||||
|
|
||||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||||
uint8_t in_cid_len;
|
uint8_t in_cid_len;
|
||||||
|
@ -727,6 +730,16 @@ struct mbedtls_ssl_transform
|
||||||
#endif
|
#endif
|
||||||
};
|
};
|
||||||
|
|
||||||
|
static inline int mbedtls_ssl_transform_get_minor_ver( mbedtls_ssl_transform const *transform )
|
||||||
|
{
|
||||||
|
#if !defined(MBEDTLS_SSL_CONF_FIXED_MINOR_VER)
|
||||||
|
return( transform->minor_ver );
|
||||||
|
#else
|
||||||
|
((void) transform);
|
||||||
|
return( MBEDTLS_SSL_CONF_FIXED_MINOR_VER );
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Internal representation of record frames
|
* Internal representation of record frames
|
||||||
*
|
*
|
||||||
|
|
|
@ -817,7 +817,12 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform,
|
||||||
defined(MBEDTLS_SSL_SOME_MODES_USE_MAC)
|
defined(MBEDTLS_SSL_SOME_MODES_USE_MAC)
|
||||||
transform->encrypt_then_mac = encrypt_then_mac;
|
transform->encrypt_then_mac = encrypt_then_mac;
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
#if !defined(MBEDTLS_SSL_CONF_FIXED_MINOR_VER)
|
||||||
transform->minor_ver = minor_ver;
|
transform->minor_ver = minor_ver;
|
||||||
|
#else
|
||||||
|
((void) minor_ver);
|
||||||
|
#endif /* !MBEDTLS_SSL_CONF_FIXED_MINOR_VER */
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Get various info structures
|
* Get various info structures
|
||||||
|
@ -1994,7 +1999,8 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl,
|
||||||
}
|
}
|
||||||
|
|
||||||
#if defined(MBEDTLS_SSL_PROTO_SSL3)
|
#if defined(MBEDTLS_SSL_PROTO_SSL3)
|
||||||
if( transform->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 )
|
if( mbedtls_ssl_transform_get_minor_ver( transform ) ==
|
||||||
|
MBEDTLS_SSL_MINOR_VERSION_0 )
|
||||||
{
|
{
|
||||||
unsigned char mac[SSL_MAC_MAX_BYTES];
|
unsigned char mac[SSL_MAC_MAX_BYTES];
|
||||||
ssl_mac( &transform->md_ctx_enc, transform->mac_enc,
|
ssl_mac( &transform->md_ctx_enc, transform->mac_enc,
|
||||||
|
@ -2005,7 +2011,8 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl,
|
||||||
#endif
|
#endif
|
||||||
#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \
|
#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \
|
||||||
defined(MBEDTLS_SSL_PROTO_TLS1_2)
|
defined(MBEDTLS_SSL_PROTO_TLS1_2)
|
||||||
if( transform->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_1 )
|
if( mbedtls_ssl_transform_get_minor_ver( transform ) >=
|
||||||
|
MBEDTLS_SSL_MINOR_VERSION_1 )
|
||||||
{
|
{
|
||||||
unsigned char mac[MBEDTLS_SSL_MAC_ADD];
|
unsigned char mac[MBEDTLS_SSL_MAC_ADD];
|
||||||
|
|
||||||
|
@ -2184,7 +2191,8 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl,
|
||||||
* Prepend per-record IV for block cipher in TLS v1.1 and up as per
|
* Prepend per-record IV for block cipher in TLS v1.1 and up as per
|
||||||
* Method 1 (6.2.3.2. in RFC4346 and RFC5246)
|
* Method 1 (6.2.3.2. in RFC4346 and RFC5246)
|
||||||
*/
|
*/
|
||||||
if( transform->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2 )
|
if( mbedtls_ssl_transform_get_minor_ver( transform ) >=
|
||||||
|
MBEDTLS_SSL_MINOR_VERSION_2 )
|
||||||
{
|
{
|
||||||
if( f_rng == NULL )
|
if( f_rng == NULL )
|
||||||
{
|
{
|
||||||
|
@ -2233,7 +2241,8 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl,
|
||||||
}
|
}
|
||||||
|
|
||||||
#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1)
|
#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1)
|
||||||
if( transform->minor_ver < MBEDTLS_SSL_MINOR_VERSION_2 )
|
if( mbedtls_ssl_transform_get_minor_ver( transform ) <
|
||||||
|
MBEDTLS_SSL_MINOR_VERSION_2 )
|
||||||
{
|
{
|
||||||
/*
|
/*
|
||||||
* Save IV in SSL3 and TLS1
|
* Save IV in SSL3 and TLS1
|
||||||
|
@ -2482,7 +2491,8 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context *ssl,
|
||||||
* Check immediate ciphertext sanity
|
* Check immediate ciphertext sanity
|
||||||
*/
|
*/
|
||||||
#if defined(MBEDTLS_SSL_PROTO_TLS1_1) || defined(MBEDTLS_SSL_PROTO_TLS1_2)
|
#if defined(MBEDTLS_SSL_PROTO_TLS1_1) || defined(MBEDTLS_SSL_PROTO_TLS1_2)
|
||||||
if( transform->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2 )
|
if( mbedtls_ssl_transform_get_minor_ver( transform ) >=
|
||||||
|
MBEDTLS_SSL_MINOR_VERSION_2 )
|
||||||
{
|
{
|
||||||
/* The ciphertext is prefixed with the CBC IV. */
|
/* The ciphertext is prefixed with the CBC IV. */
|
||||||
minlen += transform->ivlen;
|
minlen += transform->ivlen;
|
||||||
|
@ -2573,7 +2583,8 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context *ssl,
|
||||||
/*
|
/*
|
||||||
* Initialize for prepended IV for block cipher in TLS v1.1 and up
|
* Initialize for prepended IV for block cipher in TLS v1.1 and up
|
||||||
*/
|
*/
|
||||||
if( transform->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2 )
|
if( mbedtls_ssl_transform_get_minor_ver( transform ) >=
|
||||||
|
MBEDTLS_SSL_MINOR_VERSION_2 )
|
||||||
{
|
{
|
||||||
/* This is safe because data_len >= minlen + maclen + 1 initially,
|
/* This is safe because data_len >= minlen + maclen + 1 initially,
|
||||||
* and at this point we have at most subtracted maclen (note that
|
* and at this point we have at most subtracted maclen (note that
|
||||||
|
@ -2601,7 +2612,8 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context *ssl,
|
||||||
}
|
}
|
||||||
|
|
||||||
#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1)
|
#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1)
|
||||||
if( transform->minor_ver < MBEDTLS_SSL_MINOR_VERSION_2 )
|
if( mbedtls_ssl_transform_get_minor_ver( transform ) <
|
||||||
|
MBEDTLS_SSL_MINOR_VERSION_2 )
|
||||||
{
|
{
|
||||||
/*
|
/*
|
||||||
* Save IV in SSL3 and TLS1
|
* Save IV in SSL3 and TLS1
|
||||||
|
@ -2643,7 +2655,8 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context *ssl,
|
||||||
* we have data_len >= padlen here. */
|
* we have data_len >= padlen here. */
|
||||||
|
|
||||||
#if defined(MBEDTLS_SSL_PROTO_SSL3)
|
#if defined(MBEDTLS_SSL_PROTO_SSL3)
|
||||||
if( transform->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 )
|
if( mbedtls_ssl_transform_get_minor_ver( transform ) ==
|
||||||
|
MBEDTLS_SSL_MINOR_VERSION_0 )
|
||||||
{
|
{
|
||||||
if( padlen > transform->ivlen )
|
if( padlen > transform->ivlen )
|
||||||
{
|
{
|
||||||
|
@ -2659,7 +2672,8 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context *ssl,
|
||||||
#endif /* MBEDTLS_SSL_PROTO_SSL3 */
|
#endif /* MBEDTLS_SSL_PROTO_SSL3 */
|
||||||
#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \
|
#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \
|
||||||
defined(MBEDTLS_SSL_PROTO_TLS1_2)
|
defined(MBEDTLS_SSL_PROTO_TLS1_2)
|
||||||
if( transform->minor_ver > MBEDTLS_SSL_MINOR_VERSION_0 )
|
if( mbedtls_ssl_transform_get_minor_ver( transform ) >
|
||||||
|
MBEDTLS_SSL_MINOR_VERSION_0 )
|
||||||
{
|
{
|
||||||
/* The padding check involves a series of up to 256
|
/* The padding check involves a series of up to 256
|
||||||
* consecutive memory reads at the end of the record
|
* consecutive memory reads at the end of the record
|
||||||
|
@ -2745,7 +2759,8 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context *ssl,
|
||||||
ssl_extract_add_data_from_record( add_data, &add_data_len, rec );
|
ssl_extract_add_data_from_record( add_data, &add_data_len, rec );
|
||||||
|
|
||||||
#if defined(MBEDTLS_SSL_PROTO_SSL3)
|
#if defined(MBEDTLS_SSL_PROTO_SSL3)
|
||||||
if( transform->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 )
|
if( mbedtls_ssl_transform_get_minor_ver( transform ) ==
|
||||||
|
MBEDTLS_SSL_MINOR_VERSION_0 )
|
||||||
{
|
{
|
||||||
ssl_mac( &transform->md_ctx_dec,
|
ssl_mac( &transform->md_ctx_dec,
|
||||||
transform->mac_dec,
|
transform->mac_dec,
|
||||||
|
@ -2757,7 +2772,8 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context *ssl,
|
||||||
#endif /* MBEDTLS_SSL_PROTO_SSL3 */
|
#endif /* MBEDTLS_SSL_PROTO_SSL3 */
|
||||||
#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \
|
#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \
|
||||||
defined(MBEDTLS_SSL_PROTO_TLS1_2)
|
defined(MBEDTLS_SSL_PROTO_TLS1_2)
|
||||||
if( transform->minor_ver > MBEDTLS_SSL_MINOR_VERSION_0 )
|
if( mbedtls_ssl_transform_get_minor_ver( transform ) >
|
||||||
|
MBEDTLS_SSL_MINOR_VERSION_0 )
|
||||||
{
|
{
|
||||||
/*
|
/*
|
||||||
* Process MAC and always update for padlen afterwards to make
|
* Process MAC and always update for padlen afterwards to make
|
||||||
|
|
Loading…
Reference in a new issue