diff --git a/library/ssl_ticket.c b/library/ssl_ticket.c index bce9a1cd71..db2bb52b34 100644 --- a/library/ssl_ticket.c +++ b/library/ssl_ticket.c @@ -141,13 +141,13 @@ int mbedtls_ssl_ticket_setup( mbedtls_ssl_ticket_context *ctx, if( cipher_info == NULL ) return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - if( cipher_info->mode != MBEDTLS_MODE_GCM && - cipher_info->mode != MBEDTLS_MODE_CCM ) + if( mbedtls_cipher_info_get_mode( cipher_info ) != MBEDTLS_MODE_GCM && + mbedtls_cipher_info_get_mode( cipher_info ) != MBEDTLS_MODE_CCM ) { return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); } - if( cipher_info->key_bitlen > 8 * MAX_KEY_BYTES ) + if( mbedtls_cipher_info_get_key_bitlen( cipher_info ) > 8 * MAX_KEY_BYTES ) return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); #if defined(MBEDTLS_USE_PSA_CRYPTO) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 07b51003ab..1e81384aa7 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -789,14 +789,14 @@ static int ssl_tls12_populate_transform( mbedtls_ssl_transform *transform, * Determine the appropriate key, IV and MAC length. */ - keylen = cipher_info->key_bitlen / 8; + keylen = mbedtls_cipher_info_get_key_bitlen( cipher_info ) / 8; #if defined(MBEDTLS_GCM_C) || \ defined(MBEDTLS_CCM_C) || \ defined(MBEDTLS_CHACHAPOLY_C) - if( cipher_info->mode == MBEDTLS_MODE_GCM || - cipher_info->mode == MBEDTLS_MODE_CCM || - cipher_info->mode == MBEDTLS_MODE_CHACHAPOLY ) + if( mbedtls_cipher_info_get_mode( cipher_info ) == MBEDTLS_MODE_GCM || + mbedtls_cipher_info_get_mode( cipher_info ) == MBEDTLS_MODE_CCM || + mbedtls_cipher_info_get_mode( cipher_info ) == MBEDTLS_MODE_CHACHAPOLY ) { size_t explicit_ivlen; @@ -814,7 +814,7 @@ static int ssl_tls12_populate_transform( mbedtls_ssl_transform *transform, * sequence number). */ transform->ivlen = 12; - if( cipher_info->mode == MBEDTLS_MODE_CHACHAPOLY ) + if( mbedtls_cipher_info_get_mode( cipher_info ) == MBEDTLS_MODE_CHACHAPOLY ) transform->fixed_ivlen = 12; else transform->fixed_ivlen = 4; @@ -826,8 +826,8 @@ static int ssl_tls12_populate_transform( mbedtls_ssl_transform *transform, else #endif /* MBEDTLS_GCM_C || MBEDTLS_CCM_C || MBEDTLS_CHACHAPOLY_C */ #if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) - if( cipher_info->mode == MBEDTLS_MODE_STREAM || - cipher_info->mode == MBEDTLS_MODE_CBC ) + if( mbedtls_cipher_info_get_mode( cipher_info ) == MBEDTLS_MODE_STREAM || + mbedtls_cipher_info_get_mode( cipher_info ) == MBEDTLS_MODE_CBC ) { /* Initialize HMAC contexts */ if( ( ret = mbedtls_md_setup( &transform->md_ctx_enc, md_info, 1 ) ) != 0 || @@ -845,7 +845,7 @@ static int ssl_tls12_populate_transform( mbedtls_ssl_transform *transform, transform->ivlen = cipher_info->iv_size; /* Minimum length */ - if( cipher_info->mode == MBEDTLS_MODE_STREAM ) + if( mbedtls_cipher_info_get_mode( cipher_info ) == MBEDTLS_MODE_STREAM ) transform->minlen = transform->maclen; else { @@ -1060,7 +1060,7 @@ static int ssl_tls12_populate_transform( mbedtls_ssl_transform *transform, } if( ( ret = mbedtls_cipher_setkey( &transform->cipher_ctx_enc, key1, - cipher_info->key_bitlen, + mbedtls_cipher_info_get_key_bitlen( cipher_info ), MBEDTLS_ENCRYPT ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setkey", ret ); @@ -1068,7 +1068,7 @@ static int ssl_tls12_populate_transform( mbedtls_ssl_transform *transform, } if( ( ret = mbedtls_cipher_setkey( &transform->cipher_ctx_dec, key2, - cipher_info->key_bitlen, + mbedtls_cipher_info_get_key_bitlen( cipher_info ), MBEDTLS_DECRYPT ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setkey", ret ); @@ -1076,7 +1076,7 @@ static int ssl_tls12_populate_transform( mbedtls_ssl_transform *transform, } #if defined(MBEDTLS_CIPHER_MODE_CBC) - if( cipher_info->mode == MBEDTLS_MODE_CBC ) + if( mbedtls_cipher_info_get_mode( cipher_info ) == MBEDTLS_MODE_CBC ) { if( ( ret = mbedtls_cipher_set_padding_mode( &transform->cipher_ctx_enc, MBEDTLS_PADDING_NONE ) ) != 0 )