lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-29 11:41:15 +03:00
Code Activity

Merge branch 'development' into safer-ct5

Browse Source 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
This commit is contained in:
Dave Rodgman
2023-08-07 11:47:35 +01:00
committed by GitHub
parent 56e5d6887f 3b5e8aa05c
commit c98f8d996a
257 changed files with 20700 additions and 8475 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
library/ssl_msg.c
View File

@ -40,7 +40,7 @@
#include <string.h>
#if defined(MBEDTLS_USE_PSA_CRYPTO)
#include "mbedtls/psa_util.h"
#include "psa_util_internal.h"
#include "psa/crypto.h"
#endif
@ -3830,8 +3830,9 @@ static int ssl_parse_record_header(mbedtls_ssl_context const *ssl,
*/
rec->ver[0] = buf[rec_hdr_version_offset + 0];
rec->ver[1] = buf[rec_hdr_version_offset + 1];
tls_version = mbedtls_ssl_read_version(buf + rec_hdr_version_offset,
ssl->conf->transport);
tls_version = (mbedtls_ssl_protocol_version) mbedtls_ssl_read_version(
buf + rec_hdr_version_offset,
ssl->conf->transport);
if (tls_version > ssl->conf->max_tls_version) {
MBEDTLS_SSL_DEBUG_MSG(1, ("TLS version mismatch: got %u, expected max %u",
@ -6057,8 +6058,7 @@ static void ssl_buffering_free_slot(mbedtls_ssl_context *ssl,
if (hs_buf->is_valid == 1) {
hs->buffering.total_bytes_buffered -= hs_buf->data_len;
mbedtls_platform_zeroize(hs_buf->data, hs_buf->data_len);
mbedtls_free(hs_buf->data);
mbedtls_zeroize_and_free(hs_buf->data, hs_buf->data_len);
memset(hs_buf, 0, sizeof(mbedtls_ssl_hs_buffer));
}
}
@ -6077,15 +6077,19 @@ static void ssl_buffering_free_slot(mbedtls_ssl_context *ssl,
void mbedtls_ssl_write_version(unsigned char version[2], int transport,
mbedtls_ssl_protocol_version tls_version)
{
uint16_t tls_version_formatted;
#if defined(MBEDTLS_SSL_PROTO_DTLS)
if (transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
tls_version =
tls_version_formatted =
~(tls_version - (tls_version == 0x0302 ? 0x0202 : 0x0201));
}
} else
#else
((void) transport);
#endif
MBEDTLS_PUT_UINT16_BE(tls_version, version, 0);
{
tls_version_formatted = (uint16_t) tls_version;
}
MBEDTLS_PUT_UINT16_BE(tls_version_formatted, version, 0);
}
uint16_t mbedtls_ssl_read_version(const unsigned char version[2],