Change the mbedtls_ssl_states values
The changed values have now the minimum hamming distance
of 16 from each other. This is to prevent changing the state
by just flipping one bit.
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index f147069..4609e73 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -564,26 +564,26 @@
*/
typedef enum
{
- MBEDTLS_SSL_HELLO_REQUEST,
- MBEDTLS_SSL_CLIENT_HELLO,
- MBEDTLS_SSL_SERVER_HELLO,
- MBEDTLS_SSL_SERVER_CERTIFICATE,
- MBEDTLS_SSL_SERVER_KEY_EXCHANGE,
- MBEDTLS_SSL_CERTIFICATE_REQUEST,
- MBEDTLS_SSL_SERVER_HELLO_DONE,
- MBEDTLS_SSL_CLIENT_CERTIFICATE,
- MBEDTLS_SSL_CLIENT_KEY_EXCHANGE,
- MBEDTLS_SSL_CERTIFICATE_VERIFY,
- MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC,
- MBEDTLS_SSL_CLIENT_FINISHED,
- MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC,
- MBEDTLS_SSL_SERVER_FINISHED,
- MBEDTLS_SSL_FLUSH_BUFFERS,
- MBEDTLS_SSL_HANDSHAKE_WRAPUP,
- MBEDTLS_SSL_HANDSHAKE_OVER,
- MBEDTLS_SSL_SERVER_NEW_SESSION_TICKET,
- MBEDTLS_SSL_SERVER_HELLO_VERIFY_REQUEST_SENT,
- MBEDTLS_SSL_INVALID
+ MBEDTLS_SSL_HELLO_REQUEST = 0x0,
+ MBEDTLS_SSL_CLIENT_HELLO = 0x0000FFFF,
+ MBEDTLS_SSL_SERVER_HELLO = 0x00FF00FF,
+ MBEDTLS_SSL_SERVER_CERTIFICATE = 0x00FFFF00,
+ MBEDTLS_SSL_SERVER_KEY_EXCHANGE = 0x0F0F0F0F,
+ MBEDTLS_SSL_CERTIFICATE_REQUEST = 0x0F0FF0F0,
+ MBEDTLS_SSL_SERVER_HELLO_DONE = 0x0FF00FF0,
+ MBEDTLS_SSL_CLIENT_CERTIFICATE = 0x0FF0F00F,
+ MBEDTLS_SSL_CLIENT_KEY_EXCHANGE = 0x33333333,
+ MBEDTLS_SSL_CERTIFICATE_VERIFY = 0x3333CCCC,
+ MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC = 0x33CC33CC,
+ MBEDTLS_SSL_CLIENT_FINISHED = 0x33CCCC33,
+ MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC = 0x3C3C3C3C,
+ MBEDTLS_SSL_SERVER_FINISHED = 0x3C3CC3C3,
+ MBEDTLS_SSL_FLUSH_BUFFERS = 0x3CC33CC3,
+ MBEDTLS_SSL_HANDSHAKE_WRAPUP = 0x3CC3C33C,
+ MBEDTLS_SSL_HANDSHAKE_OVER = 0x55555555,
+ MBEDTLS_SSL_SERVER_NEW_SESSION_TICKET = 0x5555AAAA,
+ MBEDTLS_SSL_SERVER_HELLO_VERIFY_REQUEST_SENT = 0x55AA55AA,
+ MBEDTLS_SSL_INVALID = 0x55AAAA55
}
mbedtls_ssl_states;