Jan Korycan
/
WNCInterface
Important changes to repositories hosted on mbed.com
Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.
To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.
It is also possible to export all your personal repositories from the account settings page.
Dependencies: WncControllerK64F
Fork of
WNCInterface
by 
Jan Korycan
Embed:
(wiki syntax)
Show/hide line numbers
ssl_internal.h
00001 /** 00002 * \file ssl_ticket.h 00003 * 00004 * \brief Internal functions shared by the SSL modules 00005 * 00006 * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved 00007 * SPDX-License-Identifier: Apache-2.0 00008 * 00009 * Licensed under the Apache License, Version 2.0 (the "License"); you may 00010 * not use this file except in compliance with the License. 00011 * You may obtain a copy of the License at 00012 * 00013 * http://www.apache.org/licenses/LICENSE-2.0 00014 * 00015 * Unless required by applicable law or agreed to in writing, software 00016 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 00017 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 00018 * See the License for the specific language governing permissions and 00019 * limitations under the License. 00020 * 00021 * This file is part of mbed TLS (https://tls.mbed.org) 00022 */ 00023 #ifndef MBEDTLS_SSL_INTERNAL_H 00024 #define MBEDTLS_SSL_INTERNAL_H 00025 00026 #include "ssl.h" 00027 00028 #if defined(MBEDTLS_MD5_C) 00029 #include "md5.h" 00030 #endif 00031 00032 #if defined(MBEDTLS_SHA1_C) 00033 #include "sha1.h" 00034 #endif 00035 00036 #if defined(MBEDTLS_SHA256_C) 00037 #include "sha256.h" 00038 #endif 00039 00040 #if defined(MBEDTLS_SHA512_C) 00041 #include "sha512.h" 00042 #endif 00043 00044 #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) 00045 #include "ecjpake.h" 00046 #endif 00047 00048 #if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \ 00049 !defined(inline) && !defined(__cplusplus) 00050 #define inline __inline 00051 #endif 00052 00053 /* Determine minimum supported version */ 00054 #define MBEDTLS_SSL_MIN_MAJOR_VERSION MBEDTLS_SSL_MAJOR_VERSION_3 00055 00056 #if defined(MBEDTLS_SSL_PROTO_SSL3) 00057 #define MBEDTLS_SSL_MIN_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_0 00058 #else 00059 #if defined(MBEDTLS_SSL_PROTO_TLS1) 00060 #define MBEDTLS_SSL_MIN_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_1 00061 #else 00062 #if defined(MBEDTLS_SSL_PROTO_TLS1_1) 00063 #define MBEDTLS_SSL_MIN_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_2 00064 #else 00065 #if defined(MBEDTLS_SSL_PROTO_TLS1_2) 00066 #define MBEDTLS_SSL_MIN_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_3 00067 #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ 00068 #endif /* MBEDTLS_SSL_PROTO_TLS1_1 */ 00069 #endif /* MBEDTLS_SSL_PROTO_TLS1 */ 00070 #endif /* MBEDTLS_SSL_PROTO_SSL3 */ 00071 00072 /* Determine maximum supported version */ 00073 #define MBEDTLS_SSL_MAX_MAJOR_VERSION MBEDTLS_SSL_MAJOR_VERSION_3 00074 00075 #if defined(MBEDTLS_SSL_PROTO_TLS1_2) 00076 #define MBEDTLS_SSL_MAX_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_3 00077 #else 00078 #if defined(MBEDTLS_SSL_PROTO_TLS1_1) 00079 #define MBEDTLS_SSL_MAX_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_2 00080 #else 00081 #if defined(MBEDTLS_SSL_PROTO_TLS1) 00082 #define MBEDTLS_SSL_MAX_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_1 00083 #else 00084 #if defined(MBEDTLS_SSL_PROTO_SSL3) 00085 #define MBEDTLS_SSL_MAX_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_0 00086 #endif /* MBEDTLS_SSL_PROTO_SSL3 */ 00087 #endif /* MBEDTLS_SSL_PROTO_TLS1 */ 00088 #endif /* MBEDTLS_SSL_PROTO_TLS1_1 */ 00089 #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ 00090 00091 #define MBEDTLS_SSL_INITIAL_HANDSHAKE 0 00092 #define MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS 1 /* In progress */ 00093 #define MBEDTLS_SSL_RENEGOTIATION_DONE 2 /* Done or aborted */ 00094 #define MBEDTLS_SSL_RENEGOTIATION_PENDING 3 /* Requested (server only) */ 00095 00096 /* 00097 * DTLS retransmission states, see RFC 6347 4.2.4 00098 * 00099 * The SENDING state is merged in PREPARING for initial sends, 00100 * but is distinct for resends. 00101 * 00102 * Note: initial state is wrong for server, but is not used anyway. 00103 */ 00104 #define MBEDTLS_SSL_RETRANS_PREPARING 0 00105 #define MBEDTLS_SSL_RETRANS_SENDING 1 00106 #define MBEDTLS_SSL_RETRANS_WAITING 2 00107 #define MBEDTLS_SSL_RETRANS_FINISHED 3 00108 00109 /* 00110 * Allow extra bytes for record, authentication and encryption overhead: 00111 * counter (8) + header (5) + IV(16) + MAC (16-48) + padding (0-256) 00112 * and allow for a maximum of 1024 of compression expansion if 00113 * enabled. 00114 */ 00115 #if defined(MBEDTLS_ZLIB_SUPPORT) 00116 #define MBEDTLS_SSL_COMPRESSION_ADD 1024 00117 #else 00118 #define MBEDTLS_SSL_COMPRESSION_ADD 0 00119 #endif 00120 00121 #if defined(MBEDTLS_ARC4_C) || defined(MBEDTLS_CIPHER_MODE_CBC) 00122 /* Ciphersuites using HMAC */ 00123 #if defined(MBEDTLS_SHA512_C) 00124 #define MBEDTLS_SSL_MAC_ADD 48 /* SHA-384 used for HMAC */ 00125 #elif defined(MBEDTLS_SHA256_C) 00126 #define MBEDTLS_SSL_MAC_ADD 32 /* SHA-256 used for HMAC */ 00127 #else 00128 #define MBEDTLS_SSL_MAC_ADD 20 /* SHA-1 used for HMAC */ 00129 #endif 00130 #else 00131 /* AEAD ciphersuites: GCM and CCM use a 128 bits tag */ 00132 #define MBEDTLS_SSL_MAC_ADD 16 00133 #endif 00134 00135 #if defined(MBEDTLS_CIPHER_MODE_CBC) 00136 #define MBEDTLS_SSL_PADDING_ADD 256 00137 #else 00138 #define MBEDTLS_SSL_PADDING_ADD 0 00139 #endif 00140 00141 #define MBEDTLS_SSL_BUFFER_LEN ( MBEDTLS_SSL_MAX_CONTENT_LEN \ 00142 + MBEDTLS_SSL_COMPRESSION_ADD \ 00143 + 29 /* counter + header + IV */ \ 00144 + MBEDTLS_SSL_MAC_ADD \ 00145 + MBEDTLS_SSL_PADDING_ADD \ 00146 ) 00147 00148 /* 00149 * TLS extension flags (for extensions with outgoing ServerHello content 00150 * that need it (e.g. for RENEGOTIATION_INFO the server already knows because 00151 * of state of the renegotiation flag, so no indicator is required) 00152 */ 00153 #define MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS_PRESENT (1 << 0) 00154 #define MBEDTLS_TLS_EXT_ECJPAKE_KKPP_OK (1 << 1) 00155 00156 #ifdef __cplusplus 00157 extern "C" { 00158 #endif 00159 00160 /* 00161 * This structure contains the parameters only needed during handshake. 00162 */ 00163 struct mbedtls_ssl_handshake_params 00164 { 00165 /* 00166 * Handshake specific crypto variables 00167 */ 00168 int sig_alg; /*!< Hash algorithm for signature */ 00169 int verify_sig_alg; /*!< Signature algorithm for verify */ 00170 #if defined(MBEDTLS_DHM_C) 00171 mbedtls_dhm_context dhm_ctx; /*!< DHM key exchange */ 00172 #endif 00173 #if defined(MBEDTLS_ECDH_C) 00174 mbedtls_ecdh_context ecdh_ctx; /*!< ECDH key exchange */ 00175 #endif 00176 #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) 00177 mbedtls_ecjpake_context ecjpake_ctx; /*!< EC J-PAKE key exchange */ 00178 #if defined(MBEDTLS_SSL_CLI_C) 00179 unsigned char *ecjpake_cache; /*!< Cache for ClientHello ext */ 00180 size_t ecjpake_cache_len; /*!< Length of cached data */ 00181 #endif 00182 #endif 00183 #if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ 00184 defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) 00185 const mbedtls_ecp_curve_info **curves; /*!< Supported elliptic curves */ 00186 #endif 00187 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) 00188 unsigned char *psk; /*!< PSK from the callback */ 00189 size_t psk_len; /*!< Length of PSK from callback */ 00190 #endif 00191 #if defined(MBEDTLS_X509_CRT_PARSE_C) 00192 mbedtls_ssl_key_cert *key_cert; /*!< chosen key/cert pair (server) */ 00193 #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) 00194 int sni_authmode; /*!< authmode from SNI callback */ 00195 mbedtls_ssl_key_cert *sni_key_cert; /*!< key/cert list from SNI */ 00196 mbedtls_x509_crt *sni_ca_chain; /*!< trusted CAs from SNI callback */ 00197 mbedtls_x509_crl *sni_ca_crl; /*!< trusted CAs CRLs from SNI */ 00198 #endif 00199 #endif /* MBEDTLS_X509_CRT_PARSE_C */ 00200 #if defined(MBEDTLS_SSL_PROTO_DTLS) 00201 unsigned int out_msg_seq; /*!< Outgoing handshake sequence number */ 00202 unsigned int in_msg_seq; /*!< Incoming handshake sequence number */ 00203 00204 unsigned char *verify_cookie; /*!< Cli: HelloVerifyRequest cookie 00205 Srv: unused */ 00206 unsigned char verify_cookie_len; /*!< Cli: cookie length 00207 Srv: flag for sending a cookie */ 00208 00209 unsigned char *hs_msg; /*!< Reassembled handshake message */ 00210 00211 uint32_t retransmit_timeout; /*!< Current value of timeout */ 00212 unsigned char retransmit_state; /*!< Retransmission state */ 00213 mbedtls_ssl_flight_item *flight; /*!< Current outgoing flight */ 00214 mbedtls_ssl_flight_item *cur_msg; /*!< Current message in flight */ 00215 unsigned int in_flight_start_seq; /*!< Minimum message sequence in the 00216 flight being received */ 00217 mbedtls_ssl_transform *alt_transform_out; /*!< Alternative transform for 00218 resending messages */ 00219 unsigned char alt_out_ctr[8]; /*!< Alternative record epoch/counter 00220 for resending messages */ 00221 #endif 00222 00223 /* 00224 * Checksum contexts 00225 */ 00226 #if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ 00227 defined(MBEDTLS_SSL_PROTO_TLS1_1) 00228 mbedtls_md5_context fin_md5; 00229 mbedtls_sha1_context fin_sha1; 00230 #endif 00231 #if defined(MBEDTLS_SSL_PROTO_TLS1_2) 00232 #if defined(MBEDTLS_SHA256_C) 00233 mbedtls_sha256_context fin_sha256; 00234 #endif 00235 #if defined(MBEDTLS_SHA512_C) 00236 mbedtls_sha512_context fin_sha512; 00237 #endif 00238 #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ 00239 00240 void (*update_checksum)(mbedtls_ssl_context *, const unsigned char *, size_t); 00241 void (*calc_verify)(mbedtls_ssl_context *, unsigned char *); 00242 void (*calc_finished)(mbedtls_ssl_context *, unsigned char *, int); 00243 int (*tls_prf)(const unsigned char *, size_t, const char *, 00244 const unsigned char *, size_t, 00245 unsigned char *, size_t); 00246 00247 size_t pmslen; /*!< premaster length */ 00248 00249 unsigned char randbytes[64]; /*!< random bytes */ 00250 unsigned char premaster[MBEDTLS_PREMASTER_SIZE]; 00251 /*!< premaster secret */ 00252 00253 int resume; /*!< session resume indicator*/ 00254 int max_major_ver; /*!< max. major version client*/ 00255 int max_minor_ver; /*!< max. minor version client*/ 00256 int cli_exts; /*!< client extension presence*/ 00257 00258 #if defined(MBEDTLS_SSL_SESSION_TICKETS) 00259 int new_session_ticket; /*!< use NewSessionTicket? */ 00260 #endif /* MBEDTLS_SSL_SESSION_TICKETS */ 00261 #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) 00262 int extended_ms; /*!< use Extended Master Secret? */ 00263 #endif 00264 }; 00265 00266 /* 00267 * This structure contains a full set of runtime transform parameters 00268 * either in negotiation or active. 00269 */ 00270 struct mbedtls_ssl_transform 00271 { 00272 /* 00273 * Session specific crypto layer 00274 */ 00275 const mbedtls_ssl_ciphersuite_t *ciphersuite_info; 00276 /*!< Chosen cipersuite_info */ 00277 unsigned int keylen; /*!< symmetric key length (bytes) */ 00278 size_t minlen; /*!< min. ciphertext length */ 00279 size_t ivlen; /*!< IV length */ 00280 size_t fixed_ivlen; /*!< Fixed part of IV (AEAD) */ 00281 size_t maclen; /*!< MAC length */ 00282 00283 unsigned char iv_enc[16]; /*!< IV (encryption) */ 00284 unsigned char iv_dec[16]; /*!< IV (decryption) */ 00285 00286 #if defined(MBEDTLS_SSL_PROTO_SSL3) 00287 /* Needed only for SSL v3.0 secret */ 00288 unsigned char mac_enc[20]; /*!< SSL v3.0 secret (enc) */ 00289 unsigned char mac_dec[20]; /*!< SSL v3.0 secret (dec) */ 00290 #endif /* MBEDTLS_SSL_PROTO_SSL3 */ 00291 00292 mbedtls_md_context_t md_ctx_enc; /*!< MAC (encryption) */ 00293 mbedtls_md_context_t md_ctx_dec; /*!< MAC (decryption) */ 00294 00295 mbedtls_cipher_context_t cipher_ctx_enc; /*!< encryption context */ 00296 mbedtls_cipher_context_t cipher_ctx_dec; /*!< decryption context */ 00297 00298 /* 00299 * Session specific compression layer 00300 */ 00301 #if defined(MBEDTLS_ZLIB_SUPPORT) 00302 z_stream ctx_deflate; /*!< compression context */ 00303 z_stream ctx_inflate; /*!< decompression context */ 00304 #endif 00305 }; 00306 00307 #if defined(MBEDTLS_X509_CRT_PARSE_C) 00308 /* 00309 * List of certificate + private key pairs 00310 */ 00311 struct mbedtls_ssl_key_cert 00312 { 00313 mbedtls_x509_crt *cert; /*!< cert */ 00314 mbedtls_pk_context *key; /*!< private key */ 00315 mbedtls_ssl_key_cert *next; /*!< next key/cert pair */ 00316 }; 00317 #endif /* MBEDTLS_X509_CRT_PARSE_C */ 00318 00319 #if defined(MBEDTLS_SSL_PROTO_DTLS) 00320 /* 00321 * List of handshake messages kept around for resending 00322 */ 00323 struct mbedtls_ssl_flight_item 00324 { 00325 unsigned char *p; /*!< message, including handshake headers */ 00326 size_t len; /*!< length of p */ 00327 unsigned char type; /*!< type of the message: handshake or CCS */ 00328 mbedtls_ssl_flight_item *next; /*!< next handshake message(s) */ 00329 }; 00330 #endif /* MBEDTLS_SSL_PROTO_DTLS */ 00331 00332 00333 /** 00334 * \brief Free referenced items in an SSL transform context and clear 00335 * memory 00336 * 00337 * \param transform SSL transform context 00338 */ 00339 void mbedtls_ssl_transform_free( mbedtls_ssl_transform *transform ); 00340 00341 /** 00342 * \brief Free referenced items in an SSL handshake context and clear 00343 * memory 00344 * 00345 * \param handshake SSL handshake context 00346 */ 00347 void mbedtls_ssl_handshake_free( mbedtls_ssl_handshake_params *handshake ); 00348 00349 int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl ); 00350 int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ); 00351 void mbedtls_ssl_handshake_wrapup( mbedtls_ssl_context *ssl ); 00352 00353 int mbedtls_ssl_send_fatal_handshake_failure( mbedtls_ssl_context *ssl ); 00354 00355 void mbedtls_ssl_reset_checksum( mbedtls_ssl_context *ssl ); 00356 int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl ); 00357 00358 int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl ); 00359 int mbedtls_ssl_fetch_input( mbedtls_ssl_context *ssl, size_t nb_want ); 00360 00361 int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl ); 00362 int mbedtls_ssl_flush_output( mbedtls_ssl_context *ssl ); 00363 00364 int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl ); 00365 int mbedtls_ssl_write_certificate( mbedtls_ssl_context *ssl ); 00366 00367 int mbedtls_ssl_parse_change_cipher_spec( mbedtls_ssl_context *ssl ); 00368 int mbedtls_ssl_write_change_cipher_spec( mbedtls_ssl_context *ssl ); 00369 00370 int mbedtls_ssl_parse_finished( mbedtls_ssl_context *ssl ); 00371 int mbedtls_ssl_write_finished( mbedtls_ssl_context *ssl ); 00372 00373 void mbedtls_ssl_optimize_checksum( mbedtls_ssl_context *ssl, 00374 const mbedtls_ssl_ciphersuite_t *ciphersuite_info ); 00375 00376 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) 00377 int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exchange_type_t key_ex ); 00378 #endif 00379 00380 #if defined(MBEDTLS_PK_C) 00381 unsigned char mbedtls_ssl_sig_from_pk( mbedtls_pk_context *pk ); 00382 mbedtls_pk_type_t mbedtls_ssl_pk_alg_from_sig( unsigned char sig ); 00383 #endif 00384 00385 mbedtls_md_type_t mbedtls_ssl_md_alg_from_hash( unsigned char hash ); 00386 unsigned char mbedtls_ssl_hash_from_md_alg( int md ); 00387 00388 #if defined(MBEDTLS_ECP_C) 00389 int mbedtls_ssl_check_curve( const mbedtls_ssl_context *ssl, mbedtls_ecp_group_id grp_id ); 00390 #endif 00391 00392 #if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) 00393 int mbedtls_ssl_check_sig_hash( const mbedtls_ssl_context *ssl, 00394 mbedtls_md_type_t md ); 00395 #endif 00396 00397 #if defined(MBEDTLS_X509_CRT_PARSE_C) 00398 static inline mbedtls_pk_context *mbedtls_ssl_own_key( mbedtls_ssl_context *ssl ) 00399 { 00400 mbedtls_ssl_key_cert *key_cert; 00401 00402 if( ssl->handshake != NULL && ssl->handshake->key_cert != NULL ) 00403 key_cert = ssl->handshake->key_cert; 00404 else 00405 key_cert = ssl->conf->key_cert; 00406 00407 return( key_cert == NULL ? NULL : key_cert->key ); 00408 } 00409 00410 static inline mbedtls_x509_crt *mbedtls_ssl_own_cert( mbedtls_ssl_context *ssl ) 00411 { 00412 mbedtls_ssl_key_cert *key_cert; 00413 00414 if( ssl->handshake != NULL && ssl->handshake->key_cert != NULL ) 00415 key_cert = ssl->handshake->key_cert; 00416 else 00417 key_cert = ssl->conf->key_cert; 00418 00419 return( key_cert == NULL ? NULL : key_cert->cert ); 00420 } 00421 00422 /* 00423 * Check usage of a certificate wrt extensions: 00424 * keyUsage, extendedKeyUsage (later), and nSCertType (later). 00425 * 00426 * Warning: cert_endpoint is the endpoint of the cert (ie, of our peer when we 00427 * check a cert we received from them)! 00428 * 00429 * Return 0 if everything is OK, -1 if not. 00430 */ 00431 int mbedtls_ssl_check_cert_usage( const mbedtls_x509_crt *cert, 00432 const mbedtls_ssl_ciphersuite_t *ciphersuite, 00433 int cert_endpoint, 00434 uint32_t *flags ); 00435 #endif /* MBEDTLS_X509_CRT_PARSE_C */ 00436 00437 void mbedtls_ssl_write_version( int major, int minor, int transport, 00438 unsigned char ver[2] ); 00439 void mbedtls_ssl_read_version( int *major, int *minor, int transport, 00440 const unsigned char ver[2] ); 00441 00442 static inline size_t mbedtls_ssl_hdr_len( const mbedtls_ssl_context *ssl ) 00443 { 00444 #if defined(MBEDTLS_SSL_PROTO_DTLS) 00445 if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) 00446 return( 13 ); 00447 #else 00448 ((void) ssl); 00449 #endif 00450 return( 5 ); 00451 } 00452 00453 static inline size_t mbedtls_ssl_hs_hdr_len( const mbedtls_ssl_context *ssl ) 00454 { 00455 #if defined(MBEDTLS_SSL_PROTO_DTLS) 00456 if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) 00457 return( 12 ); 00458 #else 00459 ((void) ssl); 00460 #endif 00461 return( 4 ); 00462 } 00463 00464 #if defined(MBEDTLS_SSL_PROTO_DTLS) 00465 void mbedtls_ssl_send_flight_completed( mbedtls_ssl_context *ssl ); 00466 void mbedtls_ssl_recv_flight_completed( mbedtls_ssl_context *ssl ); 00467 int mbedtls_ssl_resend( mbedtls_ssl_context *ssl ); 00468 #endif 00469 00470 /* Visible for testing purposes only */ 00471 #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) 00472 int mbedtls_ssl_dtls_replay_check( mbedtls_ssl_context *ssl ); 00473 void mbedtls_ssl_dtls_replay_update( mbedtls_ssl_context *ssl ); 00474 #endif 00475 00476 /* constant-time buffer comparison */ 00477 static inline int mbedtls_ssl_safer_memcmp( const void *a, const void *b, size_t n ) 00478 { 00479 size_t i; 00480 const unsigned char *A = (const unsigned char *) a; 00481 const unsigned char *B = (const unsigned char *) b; 00482 unsigned char diff = 0; 00483 00484 for( i = 0; i < n; i++ ) 00485 diff |= A[i] ^ B[i]; 00486 00487 return( diff ); 00488 } 00489 00490 #ifdef __cplusplus 00491 } 00492 #endif 00493 00494 #endif /* ssl_internal.h */
Generated on Tue Jul 12 2022 20:52:41 by
1.7.2