ssl_tls.c: Move mbedtls_ssl_set_calc_verify_md() to TLS 1.2 section

In ssl_tls.c, move mbedtls_ssl_set_calc_verify_md() under the
"if defined(MBEDTLS_SSL_PROTO_TLS1_2)" pre-processor directive
as it is specific to TLS 1.2.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
This commit is contained in:
Ronald Cron 2022-03-07 10:21:40 +01:00
parent 81591aa0f3
commit 4dcbca952e
2 changed files with 34 additions and 31 deletions

View File

@ -1336,7 +1336,10 @@ mbedtls_pk_type_t mbedtls_ssl_pk_alg_from_sig( unsigned char sig );
mbedtls_md_type_t mbedtls_ssl_md_alg_from_hash( unsigned char hash );
unsigned char mbedtls_ssl_hash_from_md_alg( int md );
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
int mbedtls_ssl_set_calc_verify_md( mbedtls_ssl_context *ssl, int md );
#endif
int mbedtls_ssl_check_curve_tls_id( const mbedtls_ssl_context *ssl, uint16_t tls_id );
#if defined(MBEDTLS_ECP_C)

View File

@ -4517,37 +4517,6 @@ int mbedtls_ssl_check_cert_usage( const mbedtls_x509_crt *cert,
}
#endif /* MBEDTLS_X509_CRT_PARSE_C */
int mbedtls_ssl_set_calc_verify_md( mbedtls_ssl_context *ssl, int md )
{
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
if( ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_3 )
return( -1 );
switch( md )
{
#if defined(MBEDTLS_SHA384_C)
case MBEDTLS_SSL_HASH_SHA384:
ssl->handshake->calc_verify = ssl_calc_verify_tls_sha384;
break;
#endif
#if defined(MBEDTLS_SHA256_C)
case MBEDTLS_SSL_HASH_SHA256:
ssl->handshake->calc_verify = ssl_calc_verify_tls_sha256;
break;
#endif
default:
return( -1 );
}
return 0;
#else /* !MBEDTLS_SSL_PROTO_TLS1_2 */
(void) ssl;
(void) md;
return( -1 );
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
}
#if defined(MBEDTLS_USE_PSA_CRYPTO)
int mbedtls_ssl_get_handshake_transcript( mbedtls_ssl_context *ssl,
const mbedtls_md_type_t md,
@ -5491,6 +5460,37 @@ int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl )
return( 0 );
}
int mbedtls_ssl_set_calc_verify_md( mbedtls_ssl_context *ssl, int md )
{
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
if( ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_3 )
return( -1 );
switch( md )
{
#if defined(MBEDTLS_SHA384_C)
case MBEDTLS_SSL_HASH_SHA384:
ssl->handshake->calc_verify = ssl_calc_verify_tls_sha384;
break;
#endif
#if defined(MBEDTLS_SHA256_C)
case MBEDTLS_SSL_HASH_SHA256:
ssl->handshake->calc_verify = ssl_calc_verify_tls_sha256;
break;
#endif
default:
return( -1 );
}
return 0;
#else /* !MBEDTLS_SSL_PROTO_TLS1_2 */
(void) ssl;
(void) md;
return( -1 );
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
}
#if defined(MBEDTLS_SHA256_C)
void ssl_calc_verify_tls_sha256( const mbedtls_ssl_context *ssl,
unsigned char *hash,