mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-02-21 15:41:00 +00:00
Update signiture algorithm handling
Rename local variables and to simplify things use static_assert to determine if the default signiture algorithms are not fit into the SSL handshake structure. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
This commit is contained in:
Gabor Mezei
parent
53a3b14823
commit
86acf05b1e
@ -1628,10 +1628,10 @@ read_record_header:
|
|||||||
* Try to fall back to default hash SHA1 if the client
|
* Try to fall back to default hash SHA1 if the client
|
||||||
* hasn't provided any preferred signature-hash combinations.
|
* hasn't provided any preferred signature-hash combinations.
|
||||||
*/
|
*/
|
||||||
if( sig_hash_alg_ext_present == 0 )
|
if( ! sig_hash_alg_ext_present )
|
||||||
{
|
{
|
||||||
uint16_t *set = ssl->handshake->received_sig_algs;
|
uint16_t *received_sig_algs = ssl->handshake->received_sig_algs;
|
||||||
const uint16_t sig_algs[] = {
|
const uint16_t default_sig_algs[] = {
|
||||||
#if defined(MBEDTLS_ECDSA_C)
|
#if defined(MBEDTLS_ECDSA_C)
|
||||||
MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG( MBEDTLS_SSL_SIG_ECDSA,
|
MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG( MBEDTLS_SSL_SIG_ECDSA,
|
||||||
MBEDTLS_SSL_HASH_SHA1 ),
|
MBEDTLS_SSL_HASH_SHA1 ),
|
||||||
@ -1640,24 +1640,15 @@ read_record_header:
|
|||||||
MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG( MBEDTLS_SSL_SIG_RSA,
|
MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG( MBEDTLS_SSL_SIG_RSA,
|
||||||
MBEDTLS_SSL_HASH_SHA1 ),
|
MBEDTLS_SSL_HASH_SHA1 ),
|
||||||
#endif
|
#endif
|
||||||
|
MBEDTLS_TLS_SIG_NONE
|
||||||
};
|
};
|
||||||
const uint16_t invalid_sig_alg = MBEDTLS_TLS_SIG_NONE;
|
|
||||||
size_t count = sizeof( sig_algs ) / sizeof( sig_algs[0] );
|
|
||||||
|
|
||||||
if( count < MBEDTLS_RECEIVED_SIG_ALGS_SIZE )
|
#if defined(static_assert)
|
||||||
{
|
static_assert( sizeof( default_sig_algs ) / sizeof( default_sig_algs[0] ) <=
|
||||||
memcpy( set, sig_algs, sizeof( sig_algs ) );
|
MBEDTLS_RECEIVED_SIG_ALGS_SIZE, "default_sig_algs is too big" );
|
||||||
memcpy( &set[count], &invalid_sig_alg, sizeof( sig_algs[0] ) );
|
#endif
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
size_t size = ( MBEDTLS_RECEIVED_SIG_ALGS_SIZE - 1 ) *
|
|
||||||
sizeof( sig_algs[0] );
|
|
||||||
|
|
||||||
memcpy( set, sig_algs, size );
|
memcpy( received_sig_algs, default_sig_algs, sizeof( default_sig_algs ) );
|
||||||
memcpy( &set[MBEDTLS_RECEIVED_SIG_ALGS_SIZE - 1],
|
|
||||||
&invalid_sig_alg, sizeof( sig_algs[0] ) );
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
|
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user