mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-05 18:40:01 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Rename SOME_MODES_USE_MAC -> SOME_SUITES_USE_MAC

Browse Source 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
This commit is contained in:
Hanno Becker 2020-11-30 08:54:23 +00:00
parent e0f06c624c
commit fd86ca8626
4 changed files with 27 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
library/ssl_misc.h
View File

@ -149,10 +149,10 @@
#if defined(MBEDTLS_CIPHER_NULL_CIPHER) || \ #if defined(MBEDTLS_CIPHER_NULL_CIPHER) || \
defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC) defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC)
#define MBEDTLS_SSL_SOME_MODES_USE_MAC #define MBEDTLS_SSL_SOME_SUITES_USE_MAC
#endif #endif
#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) #if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC)
/* Ciphersuites using HMAC */ /* Ciphersuites using HMAC */
#if defined(MBEDTLS_SHA512_C) #if defined(MBEDTLS_SHA512_C)
#define MBEDTLS_SSL_MAC_ADD 48 /* SHA-384 used for HMAC */ #define MBEDTLS_SSL_MAC_ADD 48 /* SHA-384 used for HMAC */
@ -161,7 +161,7 @@
#else #else
#define MBEDTLS_SSL_MAC_ADD 20 /* SHA-1 used for HMAC */ #define MBEDTLS_SSL_MAC_ADD 20 /* SHA-1 used for HMAC */
#endif #endif
#else /* MBEDTLS_SSL_SOME_MODES_USE_MAC */ #else /* MBEDTLS_SSL_SOME_SUITES_USE_MAC */
/* AEAD ciphersuites: GCM and CCM use a 128 bits tag */ /* AEAD ciphersuites: GCM and CCM use a 128 bits tag */
#define MBEDTLS_SSL_MAC_ADD 16 #define MBEDTLS_SSL_MAC_ADD 16
#endif #endif
@ -711,7 +711,7 @@ struct mbedtls_ssl_transform
unsigned char iv_enc[16]; /*!< IV (encryption) */ unsigned char iv_enc[16]; /*!< IV (encryption) */
unsigned char iv_dec[16]; /*!< IV (decryption) */ unsigned char iv_dec[16]; /*!< IV (decryption) */
#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) #if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC)
mbedtls_md_context_t md_ctx_enc; /*!< MAC (encryption) */ mbedtls_md_context_t md_ctx_enc; /*!< MAC (encryption) */
mbedtls_md_context_t md_ctx_dec; /*!< MAC (decryption) */ mbedtls_md_context_t md_ctx_dec; /*!< MAC (decryption) */
@ -720,7 +720,7 @@ struct mbedtls_ssl_transform
int encrypt_then_mac; /*!< flag for EtM activation */ int encrypt_then_mac; /*!< flag for EtM activation */
#endif #endif
#endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */ #endif /* MBEDTLS_SSL_SOME_SUITES_USE_MAC */
mbedtls_cipher_context_t cipher_ctx_enc; /*!< encryption context */ mbedtls_cipher_context_t cipher_ctx_enc; /*!< encryption context */
mbedtls_cipher_context_t cipher_ctx_dec; /*!< decryption context */ mbedtls_cipher_context_t cipher_ctx_dec; /*!< decryption context */
@ -747,7 +747,7 @@ struct mbedtls_ssl_transform
static inline int mbedtls_ssl_transform_uses_aead( static inline int mbedtls_ssl_transform_uses_aead(
const mbedtls_ssl_transform *transform ) const mbedtls_ssl_transform *transform )
{ {
#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) #if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC)
return( transform->maclen == 0 && transform->taglen != 0 ); return( transform->maclen == 0 && transform->taglen != 0 );
#else #else
(void) transform; (void) transform;

12
library/ssl_msg.c
View File

@ -633,7 +633,7 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl,
/* /*
* Add MAC before if needed * Add MAC before if needed
*/ */
#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) #if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC)
if( mode == MBEDTLS_MODE_STREAM || if( mode == MBEDTLS_MODE_STREAM ||
( mode == MBEDTLS_MODE_CBC ( mode == MBEDTLS_MODE_CBC
#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
@ -678,7 +678,7 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl,
post_avail -= transform->maclen; post_avail -= transform->maclen;
auth_done++; auth_done++;
} }
#endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */ #endif /* MBEDTLS_SSL_SOME_SUITES_USE_MAC */
/* /*
* Encrypt * Encrypt
@ -1209,7 +1209,7 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl,
size_t olen; size_t olen;
mbedtls_cipher_mode_t mode; mbedtls_cipher_mode_t mode;
int ret, auth_done = 0; int ret, auth_done = 0;
#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) #if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC)
size_t padlen = 0, correct = 1; size_t padlen = 0, correct = 1;
#endif #endif
unsigned char* data; unsigned char* data;
@ -1636,7 +1636,7 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl,
* Authenticate if not done yet. * Authenticate if not done yet.
* Compute the MAC regardless of the padding result (RFC4346, CBCTIME). * Compute the MAC regardless of the padding result (RFC4346, CBCTIME).
*/ */
#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) #if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC)
if( auth_done == 0 ) if( auth_done == 0 )
{ {
unsigned char mac_expect[MBEDTLS_SSL_MAC_ADD]; unsigned char mac_expect[MBEDTLS_SSL_MAC_ADD];
@ -1712,7 +1712,7 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl,
*/ */
if( correct == 0 ) if( correct == 0 )
return( MBEDTLS_ERR_SSL_INVALID_MAC ); return( MBEDTLS_ERR_SSL_INVALID_MAC );
#endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */ #endif /* MBEDTLS_SSL_SOME_SUITES_USE_MAC */
/* Make extra sure authentication was performed, exactly once */ /* Make extra sure authentication was performed, exactly once */
if( auth_done != 1 ) if( auth_done != 1 )
@ -5628,7 +5628,7 @@ void mbedtls_ssl_transform_free( mbedtls_ssl_transform *transform )
mbedtls_cipher_free( &transform->cipher_ctx_enc ); mbedtls_cipher_free( &transform->cipher_ctx_enc );
mbedtls_cipher_free( &transform->cipher_ctx_dec ); mbedtls_cipher_free( &transform->cipher_ctx_dec );
#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) #if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC)
mbedtls_md_free( &transform->md_ctx_enc ); mbedtls_md_free( &transform->md_ctx_enc );
mbedtls_md_free( &transform->md_ctx_dec ); mbedtls_md_free( &transform->md_ctx_dec );
#endif #endif

24
library/ssl_tls.c
View File

@ -806,14 +806,14 @@ typedef int ssl_tls_prf_t(const unsigned char *, size_t, const char *,
static int ssl_populate_transform( mbedtls_ssl_transform *transform, static int ssl_populate_transform( mbedtls_ssl_transform *transform,
int ciphersuite, int ciphersuite,
const unsigned char master[48], const unsigned char master[48],
#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) #if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC)
#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
int encrypt_then_mac, int encrypt_then_mac,
#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ #endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */
#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) #if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
int trunc_hmac, int trunc_hmac,
#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ #endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
#endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */ #endif /* MBEDTLS_SSL_SOME_SUITES_USE_MAC */
ssl_tls_prf_t tls_prf, ssl_tls_prf_t tls_prf,
const unsigned char randbytes[64], const unsigned char randbytes[64],
int minor_ver, int minor_ver,
@ -846,7 +846,7 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform,
* Some data just needs copying into the structure * Some data just needs copying into the structure
*/ */
#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) && \ #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) && \
defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC)
transform->encrypt_then_mac = encrypt_then_mac; transform->encrypt_then_mac = encrypt_then_mac;
#endif #endif
transform->minor_ver = minor_ver; transform->minor_ver = minor_ver;
@ -967,7 +967,7 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform,
} }
else else
#endif /* MBEDTLS_GCM_C || MBEDTLS_CCM_C || MBEDTLS_CHACHAPOLY_C */ #endif /* MBEDTLS_GCM_C || MBEDTLS_CCM_C || MBEDTLS_CHACHAPOLY_C */
#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) #if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC)
if( cipher_info->mode == MBEDTLS_MODE_STREAM || if( cipher_info->mode == MBEDTLS_MODE_STREAM ||
cipher_info->mode == MBEDTLS_MODE_CBC ) cipher_info->mode == MBEDTLS_MODE_CBC )
{ {
@ -1044,7 +1044,7 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform,
} }
} }
else else
#endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */ #endif /* MBEDTLS_SSL_SOME_SUITES_USE_MAC */
{ {
MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
@ -1105,7 +1105,7 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform,
goto end; goto end;
} }
#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) #if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC)
#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ #if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \
defined(MBEDTLS_SSL_PROTO_TLS1_2) defined(MBEDTLS_SSL_PROTO_TLS1_2)
if( minor_ver >= MBEDTLS_SSL_MINOR_VERSION_1 ) if( minor_ver >= MBEDTLS_SSL_MINOR_VERSION_1 )
@ -1125,7 +1125,7 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform,
ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR; ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR;
goto end; goto end;
} }
#endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */ #endif /* MBEDTLS_SSL_SOME_SUITES_USE_MAC */
((void) mac_dec); ((void) mac_dec);
((void) mac_enc); ((void) mac_enc);
@ -1518,14 +1518,14 @@ int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl )
ret = ssl_populate_transform( ssl->transform_negotiate, ret = ssl_populate_transform( ssl->transform_negotiate,
ssl->session_negotiate->ciphersuite, ssl->session_negotiate->ciphersuite,
ssl->session_negotiate->master, ssl->session_negotiate->master,
#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) #if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC)
#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
ssl->session_negotiate->encrypt_then_mac, ssl->session_negotiate->encrypt_then_mac,
#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ #endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */
#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) #if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
ssl->session_negotiate->trunc_hmac, ssl->session_negotiate->trunc_hmac,
#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ #endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
#endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */ #endif /* MBEDTLS_SSL_SOME_SUITES_USE_MAC */
ssl->handshake->tls_prf, ssl->handshake->tls_prf,
ssl->handshake->randbytes, ssl->handshake->randbytes,
ssl->minor_ver, ssl->minor_ver,
@ -3322,7 +3322,7 @@ void mbedtls_ssl_transform_init( mbedtls_ssl_transform *transform )
mbedtls_cipher_init( &transform->cipher_ctx_enc ); mbedtls_cipher_init( &transform->cipher_ctx_enc );
mbedtls_cipher_init( &transform->cipher_ctx_dec ); mbedtls_cipher_init( &transform->cipher_ctx_dec );
#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) #if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC)
mbedtls_md_init( &transform->md_ctx_enc ); mbedtls_md_init( &transform->md_ctx_enc );
mbedtls_md_init( &transform->md_ctx_dec ); mbedtls_md_init( &transform->md_ctx_dec );
#endif #endif
@ -6161,14 +6161,14 @@ static int ssl_context_load( mbedtls_ssl_context *ssl,
ret = ssl_populate_transform( ssl->transform, ret = ssl_populate_transform( ssl->transform,
ssl->session->ciphersuite, ssl->session->ciphersuite,
ssl->session->master, ssl->session->master,
#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) #if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC)
#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
ssl->session->encrypt_then_mac, ssl->session->encrypt_then_mac,
#endif #endif
#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) #if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
ssl->session->trunc_hmac, ssl->session->trunc_hmac,
#endif #endif
#endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */ #endif /* MBEDTLS_SSL_SOME_SUITES_USE_MAC */
ssl_tls12prf_from_cs( ssl->session->ciphersuite ), ssl_tls12prf_from_cs( ssl->session->ciphersuite ),
p, /* currently pointing to randbytes */ p, /* currently pointing to randbytes */
MBEDTLS_SSL_MINOR_VERSION_3, /* (D)TLS 1.2 is forced */ MBEDTLS_SSL_MINOR_VERSION_3, /* (D)TLS 1.2 is forced */

6
tests/suites/test_suite_ssl.function
View File

@ -1254,7 +1254,7 @@ static int build_transforms( mbedtls_ssl_transform *t_in,
keylen << 3, MBEDTLS_DECRYPT ) == 0 ); keylen << 3, MBEDTLS_DECRYPT ) == 0 );
/* Setup MAC contexts */ /* Setup MAC contexts */
#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) #if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC)
if( cipher_info->mode == MBEDTLS_MODE_CBC || if( cipher_info->mode == MBEDTLS_MODE_CBC ||
cipher_info->mode == MBEDTLS_MODE_STREAM ) cipher_info->mode == MBEDTLS_MODE_STREAM )
{ {
@ -1287,7 +1287,7 @@ static int build_transforms( mbedtls_ssl_transform *t_in,
} }
#else #else
((void) hash_id); ((void) hash_id);
#endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */ #endif /* MBEDTLS_SSL_SOME_SUITES_USE_MAC */
/* Pick IV's (regardless of whether they /* Pick IV's (regardless of whether they
@ -1301,7 +1301,7 @@ static int build_transforms( mbedtls_ssl_transform *t_in,
*/ */
#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) && \ #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) && \
defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC)
t_out->encrypt_then_mac = etm; t_out->encrypt_then_mac = etm;
t_in->encrypt_then_mac = etm; t_in->encrypt_then_mac = etm;
#else #else