lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-08-01 10:06:53 +03:00
Code Activity

programs: ssl: Remove dependency on TLS 1.3 for "sig_algs" option

Browse Source 
Signature algorithms can be specified through
the sig_algs option for TLS 1.2 as well.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
This commit is contained in:
Ronald Cron
2022-10-05 09:18:01 +02:00
parent 20a8e63b23
commit 81378b72e8
2 changed files with 14 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
programs/ssl/ssl_client2.c
View File

@ -269,8 +269,7 @@ int main( void )
#define USAGE_CURVES "" #define USAGE_CURVES ""
#endif #endif
#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && \ #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#define USAGE_SIG_ALGS \ #define USAGE_SIG_ALGS \
" sig_algs=a,b,c,d default: \"default\" (library default)\n" \ " sig_algs=a,b,c,d default: \"default\" (library default)\n" \
" example: \"ecdsa_secp256r1_sha256,ecdsa_secp384r1_sha384\"\n" " example: \"ecdsa_secp256r1_sha256,ecdsa_secp384r1_sha384\"\n"
@ -719,10 +718,9 @@ int main( int argc, char *argv[] )
mbedtls_net_context server_fd; mbedtls_net_context server_fd;
io_ctx_t io_ctx; io_ctx_t io_ctx;
#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && \ #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
uint16_t sig_alg_list[SIG_ALG_LIST_SIZE]; uint16_t sig_alg_list[SIG_ALG_LIST_SIZE];
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 && MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ #endif
unsigned char buf[MAX_REQUEST_SIZE + 1]; unsigned char buf[MAX_REQUEST_SIZE + 1];
@ -1165,11 +1163,10 @@ int main( int argc, char *argv[] )
} }
else if( strcmp( p, "curves" ) == 0 ) else if( strcmp( p, "curves" ) == 0 )
opt.curves = q; opt.curves = q;
#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && \ #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
else if( strcmp( p, "sig_algs" ) == 0 ) else if( strcmp( p, "sig_algs" ) == 0 )
opt.sig_algs = q; opt.sig_algs = q;
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 && MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ #endif
else if( strcmp( p, "etm" ) == 0 ) else if( strcmp( p, "etm" ) == 0 )
{ {
switch( atoi( q ) ) switch( atoi( q ) )
@ -1572,8 +1569,7 @@ int main( int argc, char *argv[] )
} }
#endif /* MBEDTLS_ECP_C */ #endif /* MBEDTLS_ECP_C */
#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && \ #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
if( opt.sig_algs != NULL ) if( opt.sig_algs != NULL )
{ {
p = (char *) opt.sig_algs; p = (char *) opt.sig_algs;
@ -1672,7 +1668,7 @@ int main( int argc, char *argv[] )
sig_alg_list[i] = MBEDTLS_TLS1_3_SIG_NONE; sig_alg_list[i] = MBEDTLS_TLS1_3_SIG_NONE;
} }
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 && MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ #endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#if defined(MBEDTLS_SSL_ALPN) #if defined(MBEDTLS_SSL_ALPN)
if( opt.alpn_string != NULL ) if( opt.alpn_string != NULL )

18
programs/ssl/ssl_server2.c
View File

@ -435,8 +435,7 @@ int main( void )
#define USAGE_CURVES "" #define USAGE_CURVES ""
#endif #endif
#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && \ #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#define USAGE_SIG_ALGS \ #define USAGE_SIG_ALGS \
" sig_algs=a,b,c,d default: \"default\" (library default)\n" \ " sig_algs=a,b,c,d default: \"default\" (library default)\n" \
" example: \"ecdsa_secp256r1_sha256,ecdsa_secp384r1_sha384\"\n" " example: \"ecdsa_secp256r1_sha256,ecdsa_secp384r1_sha384\"\n"
@ -1506,10 +1505,9 @@ int main( int argc, char *argv[] )
size_t context_buf_len = 0; size_t context_buf_len = 0;
#endif #endif
#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && \ #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
uint16_t sig_alg_list[SIG_ALG_LIST_SIZE]; uint16_t sig_alg_list[SIG_ALG_LIST_SIZE];
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 && MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ #endif
int i; int i;
char *p, *q; char *p, *q;
@ -1867,11 +1865,10 @@ int main( int argc, char *argv[] )
} }
else if( strcmp( p, "curves" ) == 0 ) else if( strcmp( p, "curves" ) == 0 )
opt.curves = q; opt.curves = q;
#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && \ #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
else if( strcmp( p, "sig_algs" ) == 0 ) else if( strcmp( p, "sig_algs" ) == 0 )
opt.sig_algs = q; opt.sig_algs = q;
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 && MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ #endif
else if( strcmp( p, "renegotiation" ) == 0 ) else if( strcmp( p, "renegotiation" ) == 0 )
{ {
opt.renegotiation = (atoi( q )) ? opt.renegotiation = (atoi( q )) ?
@ -2454,8 +2451,7 @@ int main( int argc, char *argv[] )
} }
#endif /* MBEDTLS_ECP_C */ #endif /* MBEDTLS_ECP_C */
#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && \ #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
if( opt.sig_algs != NULL ) if( opt.sig_algs != NULL )
{ {
p = (char *) opt.sig_algs; p = (char *) opt.sig_algs;
@ -2554,7 +2550,7 @@ int main( int argc, char *argv[] )
sig_alg_list[i] = MBEDTLS_TLS1_3_SIG_NONE; sig_alg_list[i] = MBEDTLS_TLS1_3_SIG_NONE;
} }
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 && MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ #endif
#if defined(MBEDTLS_SSL_ALPN) #if defined(MBEDTLS_SSL_ALPN)
if( opt.alpn_string != NULL ) if( opt.alpn_string != NULL )