yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge pull request #6207 from daverodgman/ticket_time

Browse source 
Fix type used for capturing TLS ticket generation time
This commit is contained in:
Dave Rodgman 2022-08-30 10:03:06 +01:00 committed by GitHub
commit 0edfa9dd26
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 12 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
include/mbedtls/ssl_ticket.h
View file

@ -34,6 +34,10 @@
#include "mbedtls/ssl.h"
#include "mbedtls/cipher.h"
#if defined(MBEDTLS_HAVE_TIME)
#include "mbedtls/platform_time.h"
#endif
#if defined(MBEDTLS_USE_PSA_CRYPTO)
#include "psa/crypto.h"
#endif
@ -56,7 +60,9 @@ typedef struct mbedtls_ssl_ticket_key
{
unsigned char MBEDTLS_PRIVATE(name)[MBEDTLS_SSL_TICKET_KEY_NAME_BYTES];
/*!< random key identifier */
uint32_t MBEDTLS_PRIVATE(generation_time); /*!< key generation timestamp (seconds) */
#if defined(MBEDTLS_HAVE_TIME)
mbedtls_time_t MBEDTLS_PRIVATE(generation_time); /*!< key generation timestamp (seconds) */
#endif
#if !defined(MBEDTLS_USE_PSA_CRYPTO)
mbedtls_cipher_context_t MBEDTLS_PRIVATE(ctx); /*!< context for auth enc/decryption */
#else

10
library/ssl_ticket.c
View file

@ -79,7 +79,7 @@ static int ssl_ticket_gen_key( mbedtls_ssl_ticket_context *ctx,
#endif
#if defined(MBEDTLS_HAVE_TIME)
key->generation_time = (uint32_t) mbedtls_time( NULL );
key->generation_time = mbedtls_time( NULL );
#endif
if( ( ret = ctx->f_rng( ctx->p_rng, key->name, sizeof( key->name ) ) ) != 0 )
@ -122,15 +122,15 @@ static int ssl_ticket_update_keys( mbedtls_ssl_ticket_context *ctx )
#else
if( ctx->ticket_lifetime != 0 )
{
uint32_t current_time = (uint32_t) mbedtls_time( NULL );
uint32_t key_time = ctx->keys[ctx->active].generation_time;
mbedtls_time_t current_time = mbedtls_time( NULL );
mbedtls_time_t key_time = ctx->keys[ctx->active].generation_time;
#if defined(MBEDTLS_USE_PSA_CRYPTO)
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
#endif
if( current_time >= key_time &&
current_time - key_time < ctx->ticket_lifetime )
(uint64_t) ( current_time - key_time ) < ctx->ticket_lifetime )
{
return( 0 );
}
@ -204,7 +204,7 @@ int mbedtls_ssl_ticket_rotate( mbedtls_ssl_ticket_context *ctx,
ctx->ticket_lifetime = lifetime;
memcpy( key->name, name, TICKET_KEY_NAME_BYTES );
#if defined(MBEDTLS_HAVE_TIME)
key->generation_time = (uint32_t) mbedtls_time( NULL );
key->generation_time = mbedtls_time( NULL );
#endif
return 0;
}