Add generic write_supported-groups_ext

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-12-20 22:22:15 +08:00 · 2021-12-20 22:22:15 +08:00 · ba07342cd6
commit ba07342cd6
parent b47d0f893e
3 changed files with 169 additions and 17 deletions
--- a/library/ssl_misc.h
+++ b/library/ssl_misc.h
@ -1626,23 +1626,6 @@ static inline int mbedtls_ssl_tls13_some_psk_enabled( mbedtls_ssl_context *ssl )
                   MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL ) );
 }

-/*
- * Helper functions for NamedGroup.
- */
-static inline int mbedtls_ssl_tls13_named_group_is_ecdhe( uint16_t named_group )
-{
-    return( named_group == MBEDTLS_SSL_IANA_TLS_GROUP_SECP256R1 ||
-            named_group == MBEDTLS_SSL_IANA_TLS_GROUP_SECP384R1 ||
-            named_group == MBEDTLS_SSL_IANA_TLS_GROUP_SECP521R1 ||
-            named_group == MBEDTLS_SSL_IANA_TLS_GROUP_X25519    ||
-            named_group == MBEDTLS_SSL_IANA_TLS_GROUP_X448 );
-}
-
-static inline int mbedtls_ssl_tls13_named_group_is_dhe( uint16_t named_group )
-{
-    return( named_group >= MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE2048 &&
-            named_group <= MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE8192 );
-}

 static inline void mbedtls_ssl_handshake_set_state( mbedtls_ssl_context *ssl,
                                                    mbedtls_ssl_states state )
@ -1743,4 +1726,39 @@ static inline const void *mbedtls_ssl_get_groups( const mbedtls_ssl_context *ssl
    #endif
 }

+/*
+ * Helper functions for NamedGroup.
+ */
+static inline int mbedtls_ssl_named_group_is_ecdhe( uint16_t named_group )
+{
+    /*
+     * RFC 4492 section 5.1.1
+     */
+    return( named_group >= MBEDTLS_SSL_IANA_TLS_GROUP_SECT163K1 &&
+            named_group <= MBEDTLS_SSL_IANA_TLS_GROUP_SECP521R1 );
+}
+
+static inline int mbedtls_ssl_tls13_named_group_is_ecdhe( uint16_t named_group )
+{
+    return( named_group == MBEDTLS_SSL_IANA_TLS_GROUP_SECP256R1 ||
+            named_group == MBEDTLS_SSL_IANA_TLS_GROUP_SECP384R1 ||
+            named_group == MBEDTLS_SSL_IANA_TLS_GROUP_SECP521R1 ||
+            named_group == MBEDTLS_SSL_IANA_TLS_GROUP_X25519    ||
+            named_group == MBEDTLS_SSL_IANA_TLS_GROUP_X448 );
+}
+
+static inline int mbedtls_ssl_tls13_named_group_is_dhe( uint16_t named_group )
+{
+    return( named_group >= MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE2048 &&
+            named_group <= MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE8192 );
+}
+
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
+int mbedtls_ssl_write_supported_groups_ext( mbedtls_ssl_context *ssl,
+                                            unsigned char *buf,
+                                            unsigned char *end,
+                                            size_t *out_len );
+
+#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
+
 #endif /* ssl_misc.h */