ssl_client.c: Extend and export ciphersuite validation function Extend and export ciphersuite validation function to be able to use it in TLS 1.2/3 specific code. Signed-off-by: Ronald Cron <ronald.cron@arm.com>

commit: 757a2abfe26698888d1d0ae3840824583ae5275c [log] [tgz]
author: Ronald Cron <ronald.cron@arm.com> Wed Mar 30 13:57:40 2022 +0200
committer: Ronald Cron <ronald.cron@arm.com> Thu Mar 31 09:35:33 2022 +0200
tree: a1f0b6166109fa5bd28b469b13b002989cef7d68
parent: f735cf1f0fc3df98957b52cbd9ef6d512b6f34eb [diff] [blame]
diff --git a/library/ssl_client.h b/library/ssl_client.h
index 8e0c216..3c01bbf 100644
--- a/library/ssl_client.h
+++ b/library/ssl_client.h

@@ -28,6 +28,21 @@
 
 #include <stddef.h>
 
+/**
+ * \brief Validate cipher suite against config in SSL context.
+ *
+ * \param ssl            SSL context
+ * \param suite_info     Cipher suite to validate
+ * \param min_minor_ver  Minimal minor version to accept a cipher suite
+ * \param max_minor_ver  Maximal minor version to accept a cipher suite
+ *
+ * \return 0 if valid, negative value otherwise.
+ */
+int mbedtls_ssl_validate_ciphersuite(
+    const mbedtls_ssl_context *ssl,
+    const mbedtls_ssl_ciphersuite_t *suite_info,
+    int min_minor_ver, int max_minor_ver );
+
 int mbedtls_ssl_write_client_hello( mbedtls_ssl_context *ssl );
 
 #endif /* MBEDTLS_SSL_CLIENT_H */
commit	757a2abfe26698888d1d0ae3840824583ae5275c	[log] [tgz]
author	Ronald Cron <ronald.cron@arm.com>	Wed Mar 30 13:57:40 2022 +0200
committer	Ronald Cron <ronald.cron@arm.com>	Thu Mar 31 09:35:33 2022 +0200
tree	a1f0b6166109fa5bd28b469b13b002989cef7d68
parent	f735cf1f0fc3df98957b52cbd9ef6d512b6f34eb [diff] [blame]