ARMmbed/mbedtls
1
0
Fork 0
mirror of https://github.com/ARMmbed/mbedtls.git synced 2025-06-24 14:20:59 +08:00
Code Issues Releases Wiki Activity

Remove mbedtls_ssl_conf::curve_list

Browse Source 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
This commit is contained in:
Manuel Pégourié-Gonnard 2025-01-14 12:17:20 +01:00
parent 93d4591255
commit 6b720161ca
3 changed files with 1 additions and 70 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
include/mbedtls/ssl.h
View File

@ -1567,10 +1567,6 @@ struct mbedtls_ssl_config {
const uint16_t *MBEDTLS_PRIVATE(sig_algs); /*!< allowed signature algorithms */ const uint16_t *MBEDTLS_PRIVATE(sig_algs); /*!< allowed signature algorithms */
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */ #endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
#if defined(MBEDTLS_ECP_C) && !defined(MBEDTLS_DEPRECATED_REMOVED)
const mbedtls_ecp_group_id *MBEDTLS_PRIVATE(curve_list); /*!< allowed curves */
#endif
const uint16_t *MBEDTLS_PRIVATE(group_list); /*!< allowed IANA NamedGroups */ const uint16_t *MBEDTLS_PRIVATE(group_list); /*!< allowed IANA NamedGroups */
#if defined(MBEDTLS_DHM_C) #if defined(MBEDTLS_DHM_C)

16
library/ssl_misc.h
View File

@ -2270,25 +2270,11 @@ int mbedtls_ssl_get_handshake_transcript(mbedtls_ssl_context *ssl,
/* /*
* Return supported groups. * Return supported groups.
* *
* In future, invocations can be changed to ssl->conf->group_list * In future, invocations can be changed to ssl->conf->group_list.
* when mbedtls_ssl_conf_curves() is deleted.
*
* ssl->handshake->group_list is either a translation of curve_list to IANA TLS group
* identifiers when mbedtls_ssl_conf_curves() has been used, or a pointer to
* ssl->conf->group_list when mbedtls_ssl_conf_groups() has been more recently invoked.
*
*/ */
static inline const void *mbedtls_ssl_get_groups(const mbedtls_ssl_context *ssl) static inline const void *mbedtls_ssl_get_groups(const mbedtls_ssl_context *ssl)
{ {
#if defined(MBEDTLS_DEPRECATED_REMOVED) || !defined(MBEDTLS_ECP_C)
return ssl->conf->group_list; return ssl->conf->group_list;
#else
if ((ssl->handshake != NULL) && (ssl->handshake->group_list != NULL)) {
return ssl->handshake->group_list;
} else {
return ssl->conf->group_list;
}
#endif
} }
/* /*

51
library/ssl_tls.c
View File

@ -1154,48 +1154,6 @@ static int ssl_handshake_init(mbedtls_ssl_context *ssl)
} }
#endif #endif
/*
* curve_list is translated to IANA TLS group identifiers here because
* mbedtls_ssl_conf_curves returns void and so can't return
* any error codes.
*/
#if defined(MBEDTLS_ECP_C)
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
/* Heap allocate and translate curve_list from internal to IANA group ids */
if (ssl->conf->curve_list != NULL) {
size_t length;
const mbedtls_ecp_group_id *curve_list = ssl->conf->curve_list;
for (length = 0; (curve_list[length] != MBEDTLS_ECP_DP_NONE); length++) {
}
/* Leave room for zero termination */
uint16_t *group_list = mbedtls_calloc(length + 1, sizeof(uint16_t));
if (group_list == NULL) {
return MBEDTLS_ERR_SSL_ALLOC_FAILED;
}
for (size_t i = 0; i < length; i++) {
uint16_t tls_id = mbedtls_ssl_get_tls_id_from_ecp_group_id(
curve_list[i]);
if (tls_id == 0) {
mbedtls_free(group_list);
return MBEDTLS_ERR_SSL_BAD_CONFIG;
}
group_list[i] = tls_id;
}
group_list[length] = 0;
ssl->handshake->group_list = group_list;
ssl->handshake->group_list_heap_allocated = 1;
} else {
ssl->handshake->group_list = ssl->conf->group_list;
ssl->handshake->group_list_heap_allocated = 0;
}
#endif /* MBEDTLS_DEPRECATED_REMOVED */
#endif /* MBEDTLS_ECP_C */
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
#if !defined(MBEDTLS_DEPRECATED_REMOVED) #if !defined(MBEDTLS_DEPRECATED_REMOVED)
#if defined(MBEDTLS_SSL_PROTO_TLS1_2) #if defined(MBEDTLS_SSL_PROTO_TLS1_2)
@ -2741,9 +2699,6 @@ void mbedtls_ssl_conf_sig_algs(mbedtls_ssl_config *conf,
void mbedtls_ssl_conf_groups(mbedtls_ssl_config *conf, void mbedtls_ssl_conf_groups(mbedtls_ssl_config *conf,
const uint16_t *group_list) const uint16_t *group_list)
{ {
#if defined(MBEDTLS_ECP_C) && !defined(MBEDTLS_DEPRECATED_REMOVED)
conf->curve_list = NULL;
#endif
conf->group_list = group_list; conf->group_list = group_list;
} }
@ -5964,9 +5919,6 @@ int mbedtls_ssl_config_defaults(mbedtls_ssl_config *conf,
conf->sig_algs = ssl_preset_suiteb_sig_algs; conf->sig_algs = ssl_preset_suiteb_sig_algs;
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */ #endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
#if defined(MBEDTLS_ECP_C) && !defined(MBEDTLS_DEPRECATED_REMOVED)
conf->curve_list = NULL;
#endif
conf->group_list = ssl_preset_suiteb_groups; conf->group_list = ssl_preset_suiteb_groups;
break; break;
@ -5990,9 +5942,6 @@ int mbedtls_ssl_config_defaults(mbedtls_ssl_config *conf,
conf->sig_algs = ssl_preset_default_sig_algs; conf->sig_algs = ssl_preset_default_sig_algs;
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */ #endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
#if defined(MBEDTLS_ECP_C) && !defined(MBEDTLS_DEPRECATED_REMOVED)
conf->curve_list = NULL;
#endif
conf->group_list = ssl_preset_default_groups; conf->group_list = ssl_preset_default_groups;
#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_CLI_C) #if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_CLI_C)