feedc0de/esp-idf
1
0
Fork 0
forked from espressif/esp-idf
Code Pull Requests Activity

esp_tls/wpa_supplicant: Updated deprecated mbedtls APIs

Browse Source
This commit is contained in:
Laukik Hase
2022-07-27 16:47:30 +05:30
parent aecc46df64
commit 51cbbe486c
2 changed files with 6 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
components/esp-tls/esp_tls_mbedtls.c
View File

@@ -113,11 +113,8 @@ esp_err_t esp_create_mbedtls_handle(const char *hostname, size_t hostlen, const
#endif
#ifdef CONFIG_MBEDTLS_SSL_PROTO_TLS1_3
// NOTE: Mbed TLS currently supports only client-side config with TLS 1.3
if (tls->role != ESP_TLS_SERVER) {
mbedtls_ssl_conf_min_version(&tls->conf, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_4);
mbedtls_ssl_conf_max_version(&tls->conf, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_4);
}
mbedtls_ssl_conf_min_tls_version(&tls->conf, MBEDTLS_SSL_VERSION_TLS1_3);
mbedtls_ssl_conf_max_tls_version(&tls->conf, MBEDTLS_SSL_VERSION_TLS1_3);
#endif
if ((ret = mbedtls_ssl_setup(&tls->ssl, &tls->conf)) != 0) {

8
components/wpa_supplicant/esp_supplicant/src/crypto/tls_mbedtls.c
View File

@@ -196,7 +196,7 @@ static int set_ca_cert(tls_context_t *tls, const unsigned char *cacert, size_t c
}
#ifdef CONFIG_SUITEB192
static int tls_sig_hashes_for_suiteb[] = {
static uint16_t tls_sig_algs_for_suiteb[] = {
#if defined(MBEDTLS_SHA512_C)
MBEDTLS_MD_SHA512,
MBEDTLS_MD_SHA384,
@@ -220,11 +220,11 @@ static void tls_set_suiteb_config(tls_context_t *tls)
{
const mbedtls_x509_crt_profile *crt_profile = &suiteb_mbedtls_x509_crt_profile;
mbedtls_ssl_conf_cert_profile(&tls->conf, crt_profile);
mbedtls_ssl_conf_sig_hashes(&tls->conf, tls_sig_hashes_for_suiteb);
mbedtls_ssl_conf_sig_algs(&tls->conf, tls_sig_algs_for_suiteb);
}
#endif
static int tls_sig_hashes_for_eap[] = {
static uint16_t tls_sig_algs_for_eap[] = {
#if defined(MBEDTLS_SHA512_C)
MBEDTLS_MD_SHA512,
MBEDTLS_MD_SHA384,
@@ -262,7 +262,7 @@ static void tls_enable_sha1_config(tls_context_t *tls)
{
const mbedtls_x509_crt_profile *crt_profile = &eap_mbedtls_x509_crt_profile;
mbedtls_ssl_conf_cert_profile(&tls->conf, crt_profile);
mbedtls_ssl_conf_sig_hashes(&tls->conf, tls_sig_hashes_for_eap);
mbedtls_ssl_conf_sig_algs(&tls->conf, tls_sig_algs_for_eap);
}
static const int eap_ciphersuite_preference[] =