Some extra code defined out

This commit is contained in:
Paul Bakker 2013-08-28 16:21:34 +02:00
parent c852a68b96
commit 9659dae046
2 changed files with 29 additions and 12 deletions

View file

@ -1362,10 +1362,12 @@ static int ssl_parse_server_key_exchange( ssl_context *ssl )
{
params_len = p - ( ssl->in_msg + 4 );
#if defined(POLARSSL_SSL_PROTO_TLS1_2)
/*
* Handle the digitally-signed structure
*/
#if defined(POLARSSL_SSL_PROTO_TLS1_2)
if( ssl->minor_ver == SSL_MINOR_VERSION_3 )
{
if( ssl_parse_signature_algorithm( ssl, &p, end,
&md_alg, &pk_alg ) != 0 )
{
@ -1373,8 +1375,6 @@ static int ssl_parse_server_key_exchange( ssl_context *ssl )
return( POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
}
if( pk_alg != POLARSSL_PK_NONE )
{
if( pk_alg != ssl_get_ciphersuite_sig_pk_alg( ciphersuite_info ) )
{
SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) );
@ -1383,13 +1383,22 @@ static int ssl_parse_server_key_exchange( ssl_context *ssl )
}
else
#endif
#if defined(POLARSSL_SSL_PROTO_SSL3) || defined(POLARSSL_SSL_PROTO_TLS1) || \
defined(POLARSSL_SSL_PROTO_TLS1_1)
if( ssl->minor_ver < SSL_MINOR_VERSION_3 )
{
pk_alg = ssl_get_ciphersuite_sig_pk_alg( ciphersuite_info );
}
/* Default hash for ECDSA is SHA-1 */
if( pk_alg == POLARSSL_PK_ECDSA && md_alg == POLARSSL_MD_NONE )
md_alg = POLARSSL_MD_SHA1;
}
else
#endif
{
SSL_DEBUG_MSG( 1, ( "should never happen" ) );
return( POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE );
}
/*
* Read signature
@ -1443,6 +1452,8 @@ static int ssl_parse_server_key_exchange( ssl_context *ssl )
else
#endif /* POLARSSL_SSL_PROTO_SSL3 || POLARSSL_SSL_PROTO_TLS1 || \
POLARSSL_SSL_PROTO_TLS1_1 */
#if defined(POLARSSL_SSL_PROTO_TLS1) || defined(POLARSSL_SSL_PROTO_TLS1_1) || \
defined(POLARSSL_SSL_PROTO_TLS1_2)
if( md_alg != POLARSSL_MD_NONE )
{
md_context_t ctx;
@ -1470,6 +1481,8 @@ static int ssl_parse_server_key_exchange( ssl_context *ssl )
md_free_ctx( &ctx );
}
else
#endif /* POLARSSL_SSL_PROTO_TLS1 || POLARSSL_SSL_PROTO_TLS1_1 || \
POLARSSL_SSL_PROTO_TLS1_2 */
{
SSL_DEBUG_MSG( 1, ( "should never happen" ) );
return( POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE );

View file

@ -2027,6 +2027,8 @@ static int ssl_write_server_key_exchange( ssl_context *ssl )
else
#endif /* POLARSSL_SSL_PROTO_SSL3 || POLARSSL_SSL_PROTO_TLS1 || \
POLARSSL_SSL_PROTO_TLS1_1 */
#if defined(POLARSSL_SSL_PROTO_TLS1) || defined(POLARSSL_SSL_PROTO_TLS1_1) || \
defined(POLARSSL_SSL_PROTO_TLS1_2)
if( md_alg != POLARSSL_MD_NONE )
{
md_context_t ctx;
@ -2060,6 +2062,8 @@ static int ssl_write_server_key_exchange( ssl_context *ssl )
}
else
#endif /* POLARSSL_SSL_PROTO_TLS1 || POLARSSL_SSL_PROTO_TLS1_1 || \
POLARSSL_SSL_PROTO_TLS1_2 */
{
SSL_DEBUG_MSG( 1, ( "should never happen" ) );
return( POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE );