lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-08-05 19:35:48 +03:00
Code Activity

Fix macro-spanning ifs in ssl_ticket.c

Browse Source 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
This commit is contained in:
David Horstmann
2022-10-27 11:30:09 +01:00
parent d4f22083ba
commit 04020abfae
1 changed files with 16 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
library/ssl_ticket.c
View File

@@ -146,7 +146,10 @@ int mbedtls_ssl_ticket_setup( mbedtls_ssl_ticket_context *ctx,
if( cipher_info->key_bitlen > 8 * MAX_KEY_BYTES ) if( cipher_info->key_bitlen > 8 * MAX_KEY_BYTES )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
int do_mbedtls_cipher_setup = 1;
#if defined(MBEDTLS_USE_PSA_CRYPTO) #if defined(MBEDTLS_USE_PSA_CRYPTO)
do_mbedtls_cipher_setup = 0;
ret = mbedtls_cipher_setup_psa( &ctx->keys[0].ctx, ret = mbedtls_cipher_setup_psa( &ctx->keys[0].ctx,
cipher_info, TICKET_AUTH_TAG_BYTES ); cipher_info, TICKET_AUTH_TAG_BYTES );
if( ret != 0 && ret != MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ) if( ret != 0 && ret != MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE )
@@ -154,19 +157,28 @@ int mbedtls_ssl_ticket_setup( mbedtls_ssl_ticket_context *ctx,
/* We don't yet expect to support all ciphers through PSA, /* We don't yet expect to support all ciphers through PSA,
* so allow fallback to ordinary mbedtls_cipher_setup(). */ * so allow fallback to ordinary mbedtls_cipher_setup(). */
if( ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ) if( ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE )
do_mbedtls_cipher_setup = 1;
#endif /* MBEDTLS_USE_PSA_CRYPTO */ #endif /* MBEDTLS_USE_PSA_CRYPTO */
if( ( ret = mbedtls_cipher_setup( &ctx->keys[0].ctx, cipher_info ) ) != 0 ) if( do_mbedtls_cipher_setup )
return( ret ); if( ( ret = mbedtls_cipher_setup( &ctx->keys[0].ctx, cipher_info ) )
!= 0 )
return( ret );
do_mbedtls_cipher_setup = 1;
#if defined(MBEDTLS_USE_PSA_CRYPTO) #if defined(MBEDTLS_USE_PSA_CRYPTO)
do_mbedtls_cipher_setup = 0;
ret = mbedtls_cipher_setup_psa( &ctx->keys[1].ctx, ret = mbedtls_cipher_setup_psa( &ctx->keys[1].ctx,
cipher_info, TICKET_AUTH_TAG_BYTES ); cipher_info, TICKET_AUTH_TAG_BYTES );
if( ret != 0 && ret != MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ) if( ret != 0 && ret != MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE )
return( ret ); return( ret );
if( ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ) if( ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE )
do_mbedtls_cipher_setup = 1;
#endif /* MBEDTLS_USE_PSA_CRYPTO */ #endif /* MBEDTLS_USE_PSA_CRYPTO */
if( ( ret = mbedtls_cipher_setup( &ctx->keys[1].ctx, cipher_info ) ) != 0 ) if( do_mbedtls_cipher_setup )
return( ret ); if( ( ret = mbedtls_cipher_setup( &ctx->keys[1].ctx, cipher_info ) )
!= 0 )
return( ret );
if( ( ret = ssl_ticket_gen_key( ctx, 0 ) ) != 0 || if( ( ret = ssl_ticket_gen_key( ctx, 0 ) ) != 0 ||
( ret = ssl_ticket_gen_key( ctx, 1 ) ) != 0 ) ( ret = ssl_ticket_gen_key( ctx, 1 ) ) != 0 )