Create ssl_internal.h and move some functions
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index af303f2..200bc9e 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -2425,144 +2425,6 @@
*/
void mbedtls_ssl_handshake_free( mbedtls_ssl_handshake_params *handshake );
-/*
- * Internal functions (do not call directly)
- */
-int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl );
-int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl );
-void mbedtls_ssl_handshake_wrapup( mbedtls_ssl_context *ssl );
-
-int mbedtls_ssl_send_fatal_handshake_failure( mbedtls_ssl_context *ssl );
-
-void mbedtls_ssl_reset_checksum( mbedtls_ssl_context *ssl );
-int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl );
-
-int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl );
-int mbedtls_ssl_fetch_input( mbedtls_ssl_context *ssl, size_t nb_want );
-
-int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl );
-int mbedtls_ssl_flush_output( mbedtls_ssl_context *ssl );
-
-int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl );
-int mbedtls_ssl_write_certificate( mbedtls_ssl_context *ssl );
-
-int mbedtls_ssl_parse_change_cipher_spec( mbedtls_ssl_context *ssl );
-int mbedtls_ssl_write_change_cipher_spec( mbedtls_ssl_context *ssl );
-
-int mbedtls_ssl_parse_finished( mbedtls_ssl_context *ssl );
-int mbedtls_ssl_write_finished( mbedtls_ssl_context *ssl );
-
-void mbedtls_ssl_optimize_checksum( mbedtls_ssl_context *ssl,
- const mbedtls_ssl_ciphersuite_t *ciphersuite_info );
-
-#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
-int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exchange_type_t key_ex );
-#endif
-
-#if defined(MBEDTLS_PK_C)
-unsigned char mbedtls_ssl_sig_from_pk( mbedtls_pk_context *pk );
-mbedtls_pk_type_t mbedtls_ssl_pk_alg_from_sig( unsigned char sig );
-#endif
-
-mbedtls_md_type_t mbedtls_ssl_md_alg_from_hash( unsigned char hash );
-
-#if defined(MBEDTLS_SSL_SET_CURVES)
-int mbedtls_ssl_curve_is_acceptable( const mbedtls_ssl_context *ssl, mbedtls_ecp_group_id grp_id );
-#endif
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-static inline mbedtls_pk_context *mbedtls_ssl_own_key( mbedtls_ssl_context *ssl )
-{
- mbedtls_ssl_key_cert *key_cert;
-
- if( ssl->handshake != NULL && ssl->handshake->key_cert != NULL )
- key_cert = ssl->handshake->key_cert;
- else
- key_cert = ssl->conf->key_cert;
-
- return( key_cert == NULL ? NULL : key_cert->key );
-}
-
-static inline mbedtls_x509_crt *mbedtls_ssl_own_cert( mbedtls_ssl_context *ssl )
-{
- mbedtls_ssl_key_cert *key_cert;
-
- if( ssl->handshake != NULL && ssl->handshake->key_cert != NULL )
- key_cert = ssl->handshake->key_cert;
- else
- key_cert = ssl->conf->key_cert;
-
- return( key_cert == NULL ? NULL : key_cert->cert );
-}
-
-/*
- * Check usage of a certificate wrt extensions:
- * keyUsage, extendedKeyUsage (later), and nSCertType (later).
- *
- * Warning: cert_endpoint is the endpoint of the cert (ie, of our peer when we
- * check a cert we received from them)!
- *
- * Return 0 if everything is OK, -1 if not.
- */
-int mbedtls_ssl_check_cert_usage( const mbedtls_x509_crt *cert,
- const mbedtls_ssl_ciphersuite_t *ciphersuite,
- int cert_endpoint,
- uint32_t *flags );
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
-
-void mbedtls_ssl_write_version( int major, int minor, int transport,
- unsigned char ver[2] );
-void mbedtls_ssl_read_version( int *major, int *minor, int transport,
- const unsigned char ver[2] );
-
-static inline size_t mbedtls_ssl_hdr_len( const mbedtls_ssl_context *ssl )
-{
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
- if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
- return( 13 );
-#else
- ((void) ssl);
-#endif
- return( 5 );
-}
-
-static inline size_t mbedtls_ssl_hs_hdr_len( const mbedtls_ssl_context *ssl )
-{
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
- if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
- return( 12 );
-#else
- ((void) ssl);
-#endif
- return( 4 );
-}
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-void mbedtls_ssl_send_flight_completed( mbedtls_ssl_context *ssl );
-void mbedtls_ssl_recv_flight_completed( mbedtls_ssl_context *ssl );
-int mbedtls_ssl_resend( mbedtls_ssl_context *ssl );
-#endif
-
-/* Visible for testing purposes only */
-#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
-int mbedtls_ssl_dtls_replay_check( mbedtls_ssl_context *ssl );
-void mbedtls_ssl_dtls_replay_update( mbedtls_ssl_context *ssl );
-#endif
-
-/* constant-time buffer comparison */
-static inline int mbedtls_ssl_safer_memcmp( const void *a, const void *b, size_t n )
-{
- size_t i;
- const unsigned char *A = (const unsigned char *) a;
- const unsigned char *B = (const unsigned char *) b;
- unsigned char diff = 0;
-
- for( i = 0; i < n; i++ )
- diff |= A[i] ^ B[i];
-
- return( diff );
-}
-
#ifdef __cplusplus
}
#endif
diff --git a/include/mbedtls/ssl_internal.h b/include/mbedtls/ssl_internal.h
new file mode 100644
index 0000000..f868f47
--- /dev/null
+++ b/include/mbedtls/ssl_internal.h
@@ -0,0 +1,172 @@
+/**
+ * \file ssl_ticket.h
+ *
+ * \brief Internal functions shared by the SSL modules
+ *
+ * Copyright (C) 2015, ARM Limited, All Rights Reserved
+ *
+ * This file is part of mbed TLS (https://tls.mbed.org)
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ */
+#ifndef MBEDTLS_SSL_INTERNAL_H
+#define MBEDTLS_SSL_INTERNAL_H
+
+#include "ssl.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl );
+int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl );
+void mbedtls_ssl_handshake_wrapup( mbedtls_ssl_context *ssl );
+
+int mbedtls_ssl_send_fatal_handshake_failure( mbedtls_ssl_context *ssl );
+
+void mbedtls_ssl_reset_checksum( mbedtls_ssl_context *ssl );
+int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl );
+
+int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl );
+int mbedtls_ssl_fetch_input( mbedtls_ssl_context *ssl, size_t nb_want );
+
+int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl );
+int mbedtls_ssl_flush_output( mbedtls_ssl_context *ssl );
+
+int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl );
+int mbedtls_ssl_write_certificate( mbedtls_ssl_context *ssl );
+
+int mbedtls_ssl_parse_change_cipher_spec( mbedtls_ssl_context *ssl );
+int mbedtls_ssl_write_change_cipher_spec( mbedtls_ssl_context *ssl );
+
+int mbedtls_ssl_parse_finished( mbedtls_ssl_context *ssl );
+int mbedtls_ssl_write_finished( mbedtls_ssl_context *ssl );
+
+void mbedtls_ssl_optimize_checksum( mbedtls_ssl_context *ssl,
+ const mbedtls_ssl_ciphersuite_t *ciphersuite_info );
+
+#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
+int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exchange_type_t key_ex );
+#endif
+
+#if defined(MBEDTLS_PK_C)
+unsigned char mbedtls_ssl_sig_from_pk( mbedtls_pk_context *pk );
+mbedtls_pk_type_t mbedtls_ssl_pk_alg_from_sig( unsigned char sig );
+#endif
+
+mbedtls_md_type_t mbedtls_ssl_md_alg_from_hash( unsigned char hash );
+
+#if defined(MBEDTLS_SSL_SET_CURVES)
+int mbedtls_ssl_curve_is_acceptable( const mbedtls_ssl_context *ssl, mbedtls_ecp_group_id grp_id );
+#endif
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+static inline mbedtls_pk_context *mbedtls_ssl_own_key( mbedtls_ssl_context *ssl )
+{
+ mbedtls_ssl_key_cert *key_cert;
+
+ if( ssl->handshake != NULL && ssl->handshake->key_cert != NULL )
+ key_cert = ssl->handshake->key_cert;
+ else
+ key_cert = ssl->conf->key_cert;
+
+ return( key_cert == NULL ? NULL : key_cert->key );
+}
+
+static inline mbedtls_x509_crt *mbedtls_ssl_own_cert( mbedtls_ssl_context *ssl )
+{
+ mbedtls_ssl_key_cert *key_cert;
+
+ if( ssl->handshake != NULL && ssl->handshake->key_cert != NULL )
+ key_cert = ssl->handshake->key_cert;
+ else
+ key_cert = ssl->conf->key_cert;
+
+ return( key_cert == NULL ? NULL : key_cert->cert );
+}
+
+/*
+ * Check usage of a certificate wrt extensions:
+ * keyUsage, extendedKeyUsage (later), and nSCertType (later).
+ *
+ * Warning: cert_endpoint is the endpoint of the cert (ie, of our peer when we
+ * check a cert we received from them)!
+ *
+ * Return 0 if everything is OK, -1 if not.
+ */
+int mbedtls_ssl_check_cert_usage( const mbedtls_x509_crt *cert,
+ const mbedtls_ssl_ciphersuite_t *ciphersuite,
+ int cert_endpoint,
+ uint32_t *flags );
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
+
+void mbedtls_ssl_write_version( int major, int minor, int transport,
+ unsigned char ver[2] );
+void mbedtls_ssl_read_version( int *major, int *minor, int transport,
+ const unsigned char ver[2] );
+
+static inline size_t mbedtls_ssl_hdr_len( const mbedtls_ssl_context *ssl )
+{
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+ if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
+ return( 13 );
+#else
+ ((void) ssl);
+#endif
+ return( 5 );
+}
+
+static inline size_t mbedtls_ssl_hs_hdr_len( const mbedtls_ssl_context *ssl )
+{
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+ if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
+ return( 12 );
+#else
+ ((void) ssl);
+#endif
+ return( 4 );
+}
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+void mbedtls_ssl_send_flight_completed( mbedtls_ssl_context *ssl );
+void mbedtls_ssl_recv_flight_completed( mbedtls_ssl_context *ssl );
+int mbedtls_ssl_resend( mbedtls_ssl_context *ssl );
+#endif
+
+/* Visible for testing purposes only */
+#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
+int mbedtls_ssl_dtls_replay_check( mbedtls_ssl_context *ssl );
+void mbedtls_ssl_dtls_replay_update( mbedtls_ssl_context *ssl );
+#endif
+
+/* constant-time buffer comparison */
+static inline int mbedtls_ssl_safer_memcmp( const void *a, const void *b, size_t n )
+{
+ size_t i;
+ const unsigned char *A = (const unsigned char *) a;
+ const unsigned char *B = (const unsigned char *) b;
+ unsigned char diff = 0;
+
+ for( i = 0; i < n; i++ )
+ diff |= A[i] ^ B[i];
+
+ return( diff );
+}
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* ssl_internal.h */
diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index f344907..b935f59 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -30,6 +30,7 @@
#include "mbedtls/debug.h"
#include "mbedtls/ssl.h"
+#include "mbedtls/ssl_internal.h"
#include <string.h>
diff --git a/library/ssl_cookie.c b/library/ssl_cookie.c
index de0d108..7663e36 100644
--- a/library/ssl_cookie.c
+++ b/library/ssl_cookie.c
@@ -33,6 +33,7 @@
#if defined(MBEDTLS_SSL_COOKIE_C)
#include "mbedtls/ssl_cookie.h"
+#include "mbedtls/ssl_internal.h"
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index 00e590e..08f228b 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -30,6 +30,7 @@
#include "mbedtls/debug.h"
#include "mbedtls/ssl.h"
+#include "mbedtls/ssl_internal.h"
#include <string.h>
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 79d1b93..f22c561 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -38,6 +38,7 @@
#include "mbedtls/debug.h"
#include "mbedtls/ssl.h"
+#include "mbedtls/ssl_internal.h"
#include <string.h>
diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function
index c8acfea..800f6ac 100644
--- a/tests/suites/test_suite_ssl.function
+++ b/tests/suites/test_suite_ssl.function
@@ -1,5 +1,6 @@
/* BEGIN_HEADER */
#include <mbedtls/ssl.h>
+#include <mbedtls/ssl_internal.h>
/* END_HEADER */
/* BEGIN_DEPENDENCIES
