yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-05-09 19:22:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

Don't select a PSK ciphersuite if no key available

Browse source
This commit is contained in:
Manuel Pégourié-Gonnard 2013-10-27 14:47:25 +01:00 committed by Paul Bakker
parent 18dc0e2746
commit 21ef42f257
3 changed files with 26 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
include/polarssl/ssl_ciphersuites.h
View file

@ -215,6 +215,7 @@ pk_type_t ssl_get_ciphersuite_sig_pk_alg( const ssl_ciphersuite_t *info );
#endif #endif
int ssl_ciphersuite_uses_ec( const ssl_ciphersuite_t *info ); int ssl_ciphersuite_uses_ec( const ssl_ciphersuite_t *info );
int ssl_ciphersuite_uses_psk( const ssl_ciphersuite_t *info );
#ifdef __cplusplus #ifdef __cplusplus
} }

15
library/ssl_ciphersuites.c
View file

@ -1210,4 +1210,19 @@ int ssl_ciphersuite_uses_ec( const ssl_ciphersuite_t *info )
} }
} }
int ssl_ciphersuite_uses_psk( const ssl_ciphersuite_t *info )
{
switch( info->key_exchange )
{
case POLARSSL_KEY_EXCHANGE_PSK:
case POLARSSL_KEY_EXCHANGE_RSA_PSK:
case POLARSSL_KEY_EXCHANGE_DHE_PSK:
case POLARSSL_KEY_EXCHANGE_ECDHE_PSK:
return( 1 );
default:
return( 0 );
}
}
#endif #endif

10
library/ssl_srv.c
View file

@ -1394,6 +1394,16 @@ static int ssl_parse_client_hello( ssl_context *ssl )
continue; continue;
#endif #endif
#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED)
/* If the ciphersuite requires a pre-shared key and we don't
* have one, skip it now rather than failing later */
if( ssl_ciphersuite_uses_psk( ciphersuite_info ) &&
ssl->f_psk == NULL &&
( ssl->psk == NULL || ssl->psk_identity == NULL ||
ssl->psk_identity_len == 0 || ssl->psk_len == 0 ) )
continue;
#endif
#if defined(POLARSSL_X509_CRT_PARSE_C) #if defined(POLARSSL_X509_CRT_PARSE_C)
/* /*
* Final check: if ciphersuite requires us to have a * Final check: if ciphersuite requires us to have a