abc/GmSSL
1
0
Fork 0
mirror of https://github.com/guanzhi/GmSSL.git synced 2026-06-19 11:23:38 +08:00
Code Issues Packages Projects Releases Wiki Activity

Update tlcp.c

Browse Source
This commit is contained in:
Zhi Guan
2026-06-15 14:41:54 +08:00
parent 2093f5ad4f
commit 3465d79c55
3 changed files with 50 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
CMakeLists.txt
View File

@@ -764,7 +764,7 @@ endif()
#
set(CPACK_PACKAGE_NAME "GmSSL")
set(CPACK_PACKAGE_VENDOR "GmSSL develop team")
set(CPACK_PACKAGE_VERSION "3.2.0-dev.1053")
set(CPACK_PACKAGE_VERSION "3.2.0-dev.1054")
set(CPACK_PACKAGE_DESCRIPTION_FILE ${PROJECT_SOURCE_DIR}/README.md)
set(CPACK_NSIS_MODIFY_PATH ON)
include(CPack)

2
include/gmssl/version.h
View File

@@ -18,7 +18,7 @@ extern "C" {
#define GMSSL_VERSION_NUM 30200
#define GMSSL_VERSION_STR "GmSSL 3.2.0-dev.1053"
#define GMSSL_VERSION_STR "GmSSL 3.2.0-dev.1054"
int gmssl_version_num(void);
const char *gmssl_version_str(void);

49
src/tlcp.c
View File

@@ -704,7 +704,20 @@ int tlcp_recv_server_hello(TLS_CONNECT *conn)
// supported_groups
if (supported_groups) {
// 检查cipher_suite依赖的SM2/SM9曲线是否在其中否则报错
int common_group;
size_t common_groups_cnt = 0;
if ((ret = tls_process_supported_groups(supported_groups, supported_groups_len,
tlcp_supported_groups, tlcp_supported_groups_cnt,
&common_group, &common_groups_cnt, 1)) < 0) {
error_print();
tls_send_alert(conn, TLS_alert_decode_error);
return -1;
} else if (ret == 0) {
error_print();
tls_send_alert(conn, TLS_alert_handshake_failure);
return -1;
}
}
// application_layer_protocol_negotiation
@@ -1630,6 +1643,40 @@ int tlcp_recv_client_hello(TLS_CONNECT *conn)
return -1;
}
if (supported_groups) {
int common_group;
size_t common_groups_cnt = 0;
if ((ret = tls_process_supported_groups(supported_groups, supported_groups_len,
tlcp_supported_groups, tlcp_supported_groups_cnt,
&common_group, &common_groups_cnt, 1)) < 0) {
error_print();
tls_send_alert(conn, TLS_alert_decode_error);
return -1;
} else if (ret == 0) {
error_print();
tls_send_alert(conn, TLS_alert_handshake_failure);
return -1;
}
}
if (signature_algorithms) {
int common_sig_alg;
size_t common_sig_algs_cnt = 0;
if ((ret = tls_process_signature_algorithms(signature_algorithms, signature_algorithms_len,
tlcp_signature_algorithms, tlcp_signature_algorithms_cnt,
&common_sig_alg, &common_sig_algs_cnt, 1)) < 0) {
error_print();
tls_send_alert(conn, TLS_alert_decode_error);
return -1;
} else if (ret == 0) {
error_print();
tls_send_alert(conn, TLS_alert_handshake_failure);
return -1;
}
}
if (trusted_ca_keys) {
conn->trusted_ca_keys = 1;
if (trusted_authorities_len > sizeof(conn->trusted_authorities)) {