From adf861aad4c12c7328282ac2a14da6e716b7b674 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Wed, 29 Sep 2021 21:22:08 +0800 Subject: [PATCH] Address kex_modes check function Signed-off-by: Jerry Yu --- library/ssl_misc.h | 20 +++++++++++++++----- 1 file changed, 15 insertions(+), 5 deletions(-) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 8074a3aee..d269e6f85 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -1441,6 +1441,16 @@ static inline int mbedtls_ssl_conf_tls13_some_psk_enabled( mbedtls_ssl_context * MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK_ALL ) ); } +/** + * Given a list of key exchange modes, check if at least one of them is + * supported. + * + * \param[in] ssl SSL context + * \param key_modes_mask Mask of the key exchange modes to check + * + * \return 0 if at least one of the key exchange modes is supported, + * <>0 otherwise. + */ static inline unsigned mbedtls_ssl_tls1_3_check_kex_modes( mbedtls_ssl_context *ssl, int kex_modes_mask ) { @@ -1449,32 +1459,32 @@ static inline unsigned mbedtls_ssl_tls1_3_check_kex_modes( mbedtls_ssl_context * static inline int mbedtls_ssl_tls1_3_psk_enabled( mbedtls_ssl_context *ssl ) { - return( mbedtls_ssl_tls1_3_check_kex_modes( ssl, + return( ! mbedtls_ssl_tls1_3_check_kex_modes( ssl, MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK ) ); } static inline int mbedtls_ssl_tls1_3_psk_ephemeral_enabled( mbedtls_ssl_context *ssl ) { - return( mbedtls_ssl_tls1_3_check_kex_modes( ssl, + return( ! mbedtls_ssl_tls1_3_check_kex_modes( ssl, MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK_EPHEMERAL ) ); } static inline int mbedtls_ssl_tls1_3_ephemeral_enabled( mbedtls_ssl_context *ssl ) { - return( mbedtls_ssl_tls1_3_check_kex_modes( ssl, + return( ! mbedtls_ssl_tls1_3_check_kex_modes( ssl, MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_EPHEMERAL ) ); } static inline int mbedtls_ssl_tls1_3_some_ephemeral_enabled( mbedtls_ssl_context *ssl ) { - return( mbedtls_ssl_tls1_3_check_kex_modes( ssl, + return( ! mbedtls_ssl_tls1_3_check_kex_modes( ssl, MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_EPHEMERAL_ALL ) ); } static inline int mbedtls_ssl_tls1_3_some_psk_enabled( mbedtls_ssl_context *ssl ) { - return( mbedtls_ssl_tls1_3_check_kex_modes( ssl, + return( ! mbedtls_ssl_tls1_3_check_kex_modes( ssl, MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK_ALL ) ); }