avs_commons 5.4.5

Improvements: - Added support for Mbed TLS 3.6
AVSystem · May 28, 2024 · 2885ea1 · 2885ea1
1 parent c6f8c5b
commit 2885ea1
Show file tree

Hide file tree

Showing 3 changed files with 41 additions and 3 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,11 @@
 # Changelog
 
+## avs_commons 5.4.5 (May 28th, 2024)
+
+### Improvements
+
+* Added support for Mbed TLS 3.6
+
 ## avs_commons 5.4.4 (April 12th, 2024)
 
 ### Features

diff --git a/CMakeLists.txt b/CMakeLists.txt
@@ -17,7 +17,7 @@
 cmake_minimum_required(VERSION 3.6.0)
 project(avs_commons C)
 
-set(AVS_COMMONS_VERSION "5.4.4")
+set(AVS_COMMONS_VERSION "5.4.5")
 
 ################# DISTRIBUTION #################################################
 

diff --git a/src/net/mbedtls/avs_mbedtls_socket.c b/src/net/mbedtls/avs_mbedtls_socket.c
@@ -364,8 +364,22 @@ static int ssl_version_as_on_wire(uint16_t *out_value,
 // mbedtls_ssl_ciphersuite_uses_psk() is not defined
 // if Mbed TLS is compiled without PSK support
 #        define mbedtls_ssl_ciphersuite_uses_psk(...) false
-#    endif // !defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) &&
-           // !defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
+#    elif MBEDTLS_VERSION_NUMBER >= 0x03060000
+// since in Mbed TLS 3.6.0 mbedtls_ssl_ciphersuite_uses_psk has been moved to
+// internal functions
+static inline int
+mbedtls_ssl_ciphersuite_uses_psk(const mbedtls_ssl_ciphersuite_t *ciphersuite) {
+    switch (ciphersuite->private_key_exchange) {
+    case MBEDTLS_KEY_EXCHANGE_PSK:
+    case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
+    case MBEDTLS_KEY_EXCHANGE_DHE_PSK:
+    case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
+        return 1;
+    default:
+        return 0;
+    }
+}
+#    endif // MBEDTLS_VERSION_NUMBER >= 0x03060000
 
 #    if MBEDTLS_VERSION_NUMBER < 0x02110000
 // Mbed TLS <2.17.0 do not have mbedtls_ssl_ciphersuite_uses_srv_cert().
@@ -374,6 +388,24 @@ static int ssl_version_as_on_wire(uint16_t *out_value,
 // to define "uses certificates" as "doesn't use PSK" for earlier versions.
 #        define mbedtls_ssl_ciphersuite_uses_srv_cert(...) \
             (!mbedtls_ssl_ciphersuite_uses_psk(__VA_ARGS__))
+#    elif MBEDTLS_VERSION_NUMBER >= 0x03060000
+// since in Mbed TLS 3.6.0 mbedtls_ssl_ciphersuite_uses_srv_cert has been moved
+// to internal functions
+static inline int mbedtls_ssl_ciphersuite_uses_srv_cert(
+        const mbedtls_ssl_ciphersuite_t *ciphersuite) {
+    switch (ciphersuite->private_key_exchange) {
+    case MBEDTLS_KEY_EXCHANGE_RSA:
+    case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
+    case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
+    case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
+    case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
+    case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
+    case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
+        return 1;
+    default:
+        return 0;
+    }
+}
 #    endif // MBEDTLS_VERSION_NUMBER
 
 #    if defined(AVS_COMMONS_WITH_AVS_CRYPTO_PKI) \