yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-03-24 22:15:07 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix name, documentation & location of config flag

Browse source
This commit is contained in:
Manuel Pégourié-Gonnard 2017-06-08 17:27:20 +02:00
parent a9ec0cd77f
commit 48ed550b92
2 changed files with 28 additions and 26 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

48
include/polarssl/config.h
View file

@ -2062,31 +2062,6 @@
*/ */
#define POLARSSL_SHA512_C #define POLARSSL_SHA512_C
/**
* \def MINIMAL_SUPPORTED_MD_ALG
*
* minimal supported md algorithm.
* The value should be one of the enumerations in
* md_type_t defined in md.h
* typedef enum {
* POLARSSL_MD_NONE=0,
* POLARSSL_MD_MD2,
* POLARSSL_MD_MD4,
* POLARSSL_MD_MD5,
* POLARSSL_MD_SHA1,
* POLARSSL_MD_SHA224,
* POLARSSL_MD_SHA256,
* POLARSSL_MD_SHA384,
* POLARSSL_MD_SHA512,
* POLARSSL_MD_RIPEMD160,
* } md_type_t;
*
* Module: library/x509_crt.c
* Caller:
*
*/
#define POLARSSL_MINIMAL_SUPPORTED_MD_ALG POLARSSL_MD_SHA1
/** /**
* \def POLARSSL_SSL_CACHE_C * \def POLARSSL_SSL_CACHE_C
* *
@ -2391,6 +2366,29 @@
/* X509 options */ /* X509 options */
//#define POLARSSL_X509_MAX_INTERMEDIATE_CA 8 /**< Maximum number of intermediate CAs in a verification chain. */ //#define POLARSSL_X509_MAX_INTERMEDIATE_CA 8 /**< Maximum number of intermediate CAs in a verification chain. */
/**
* \def POLARSSL_X509_MIN_VERIFY_MD_ALG
*
* Minimal hash algorithm accepted in X.509 chain verification.
*
* The value should be one of the enumerations in md_type_t defined in md.h
* Only algorithms with a value equal or higher are accepted.
*
* typedef enum {
* POLARSSL_MD_NONE=0,
* POLARSSL_MD_MD2,
* POLARSSL_MD_MD4,
* POLARSSL_MD_MD5,
* POLARSSL_MD_SHA1,
* POLARSSL_MD_SHA224,
* POLARSSL_MD_SHA256,
* POLARSSL_MD_SHA384,
* POLARSSL_MD_SHA512,
* POLARSSL_MD_RIPEMD160,
* } md_type_t;
*/
//#define POLARSSL_X509_MIN_VERIFY_MD_ALG POLARSSL_MD_SHA1
/* \} name SECTION: Module configuration options */ /* \} name SECTION: Module configuration options */
#include "check_config.h" #include "check_config.h"

6
library/x509_crt.c
View file

@ -76,6 +76,10 @@
#endif /* !_WIN32 || EFIX64 || EFI32 */ #endif /* !_WIN32 || EFIX64 || EFI32 */
#endif #endif
#if !defined(POLARSSL_X509_MIN_VERIFY_MD_ALG)
#define POLARSSL_X509_MIN_VERIFY_MD_ALG POLARSSL_MD_SHA1
#endif
/* Implementation that should never be optimized out by the compiler */ /* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) { static void polarssl_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0; volatile unsigned char *p = v; while( n-- ) *p++ = 0;
@ -1440,7 +1444,7 @@ int x509_crt_verify_info( char *buf, size_t size, const char *prefix,
*/ */
static int x509_check_md_alg( md_type_t md_alg ) static int x509_check_md_alg( md_type_t md_alg )
{ {
if( md_alg >= POLARSSL_MINIMAL_SUPPORTED_MD_ALG ) if( md_alg >= POLARSSL_X509_MIN_VERIFY_MD_ALG )
return( 0 ); return( 0 );
return( -1 ); return( -1 );