From 716b973fb75e74e67f6ae2b1a171617f9d859129 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 1 Jul 2021 11:10:15 +0200 Subject: [PATCH 01/81] Stop on errors Signed-off-by: Gilles Peskine --- scripts/bump_version.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/scripts/bump_version.sh b/scripts/bump_version.sh index df629e924..56270e768 100755 --- a/scripts/bump_version.sh +++ b/scripts/bump_version.sh @@ -24,6 +24,8 @@ # [ -v | --verbose ] [ -h | --help ] # +set -e + VERSION="" SOVERSION="" From aa4862a5e63dedbd26a1bcc32f25dc3d70a92d08 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 1 Jul 2021 11:10:29 +0200 Subject: [PATCH 02/81] Bump the version number in CMakeLists.txt Added in d259e347e6e3a630acfc1a811709ca05e5d3b92e (#4259) Signed-off-by: Gilles Peskine --- scripts/bump_version.sh | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/scripts/bump_version.sh b/scripts/bump_version.sh index 56270e768..d139251b6 100755 --- a/scripts/bump_version.sh +++ b/scripts/bump_version.sh @@ -81,6 +81,10 @@ then exit 1 fi +[ $VERBOSE ] && echo "Bumping VERSION in CMakeLists.txt" +sed -e "s/ VERSION [0-9.]\{1,\}/ VERSION $VERSION/g" < CMakeLists.txt > tmp +mv tmp CMakeLists.txt + [ $VERBOSE ] && echo "Bumping VERSION in library/CMakeLists.txt" sed -e "s/ VERSION [0-9.]\{1,\}/ VERSION $VERSION/g" < library/CMakeLists.txt > tmp mv tmp library/CMakeLists.txt From 494678a405c08da3e4dd5f184a622360c590efb2 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 1 Jul 2021 11:11:30 +0200 Subject: [PATCH 03/81] The version was moved from version.h to build_info.h Moved in 04982f7b6bacc7ef552dc5afafc3c3adb980813e (#4589) Signed-off-by: Gilles Peskine --- scripts/bump_version.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/scripts/bump_version.sh b/scripts/bump_version.sh index d139251b6..6a4a69d8d 100755 --- a/scripts/bump_version.sh +++ b/scripts/bump_version.sh @@ -122,10 +122,10 @@ then mv tmp library/Makefile fi -[ $VERBOSE ] && echo "Bumping VERSION in include/mbedtls/version.h" +[ $VERBOSE ] && echo "Bumping VERSION in include/mbedtls/build_info.h" read MAJOR MINOR PATCH <<<$(IFS="."; echo $VERSION) VERSION_NR="$( printf "0x%02X%02X%02X00" $MAJOR $MINOR $PATCH )" -cat include/mbedtls/version.h | \ +cat include/mbedtls/build_info.h | \ sed -e "s/_VERSION_MAJOR .\{1,\}/_VERSION_MAJOR $MAJOR/" | \ sed -e "s/_VERSION_MINOR .\{1,\}/_VERSION_MINOR $MINOR/" | \ sed -e "s/_VERSION_PATCH .\{1,\}/_VERSION_PATCH $PATCH/" | \ @@ -133,7 +133,7 @@ cat include/mbedtls/version.h | \ sed -e "s/_VERSION_STRING .\{1,\}/_VERSION_STRING \"$VERSION\"/" | \ sed -e "s/_VERSION_STRING_FULL .\{1,\}/_VERSION_STRING_FULL \"mbed TLS $VERSION\"/" \ > tmp -mv tmp include/mbedtls/version.h +mv tmp include/mbedtls/build_info.h [ $VERBOSE ] && echo "Bumping version in tests/suites/test_suite_version.data" sed -e "s/version:\".\{1,\}/version:\"$VERSION\"/g" < tests/suites/test_suite_version.data > tmp From 1fe01acfc38abde8bd24d83ff5ee54c0530cf6d4 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 1 Jul 2021 11:13:29 +0200 Subject: [PATCH 04/81] Add option to list the generated files and exit This is useful during the release process, when we want to commit the generated files. Signed-off-by: Gilles Peskine --- tests/scripts/check-generated-files.sh | 19 ++++++++++++++----- 1 file changed, 14 insertions(+), 5 deletions(-) diff --git a/tests/scripts/check-generated-files.sh b/tests/scripts/check-generated-files.sh index a2c285fad..0399484d5 100755 --- a/tests/scripts/check-generated-files.sh +++ b/tests/scripts/check-generated-files.sh @@ -23,12 +23,13 @@ set -eu if [ $# -ne 0 ] && [ "$1" = "--help" ]; then cat < Date: Fri, 23 Jul 2021 07:23:47 +0100 Subject: [PATCH 05/81] Document that returning 0 from the recv callback means EOF Signed-off-by: Hanno Becker --- include/mbedtls/ssl.h | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 3a14a5830..bf44975c3 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -493,10 +493,11 @@ typedef int mbedtls_ssl_send_t( void *ctx, * \param buf Buffer to write the received data to * \param len Length of the receive buffer * - * \return The callback must return the number of bytes received, - * or a non-zero error code. - * If performing non-blocking I/O, \c MBEDTLS_ERR_SSL_WANT_READ + * \returns If data has been received, the positive number of bytes received. + * \returns \c 0 if the connection has been closed. + * \returns If performing non-blocking I/O, \c MBEDTLS_ERR_SSL_WANT_READ * must be returned when the operation would block. + * \returns Another negative error code on other kinds of failures. * * \note The callback may receive fewer bytes than the length of the * buffer. It must always return the number of bytes actually From bd25755d2a6f72961e4dd8925e324596978c4f6a Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 22 Mar 2021 06:59:27 +0000 Subject: [PATCH 06/81] Rename ssl_populate_transform() -> ssl_tls12_populate_transform() In TLS 1.2 specific code, the internal helper functions ssl_populate_transform() builds an SSL transform structure, representing a specific record protection mechanism. In preparation for a subsequent commit which will introduce a similar helper function specific to TLS 1.3, this commmit renames ssl_populate_transform() to ssl_tls12_populate_transform(). Signed-off-by: Hanno Becker --- library/ssl_misc.h | 3 ++- library/ssl_tls.c | 48 +++++++++++++++++++++++----------------------- 2 files changed, 26 insertions(+), 25 deletions(-) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index cc19f4723..ca92d6893 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -740,7 +740,8 @@ struct mbedtls_ssl_transform #if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) /* We need the Hello random bytes in order to re-derive keys from the - * Master Secret and other session info, see ssl_populate_transform() */ + * Master Secret and other session info, + * see ssl_tls12_populate_transform() */ unsigned char randbytes[64]; /*!< ServerHello.random+ClientHello.random */ #endif /* MBEDTLS_SSL_CONTEXT_SERIALIZATION */ }; diff --git a/library/ssl_tls.c b/library/ssl_tls.c index fe3b5e2e6..33f4e601c 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -665,14 +665,14 @@ typedef int ssl_tls_prf_t(const unsigned char *, size_t, const char *, * - MBEDTLS_SSL_EXPORT_KEYS: ssl->conf->{f,p}_export_keys * - MBEDTLS_DEBUG_C: ssl->conf->{f,p}_dbg */ -static int ssl_populate_transform( mbedtls_ssl_transform *transform, +static int ssl_tls12_populate_transform( mbedtls_ssl_transform *transform, int ciphersuite, const unsigned char master[48], -#if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) -#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) +#if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) && \ + defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) int encrypt_then_mac, -#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ -#endif /* MBEDTLS_SSL_SOME_SUITES_USE_MAC */ +#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC && + MBEDTLS_SSL_SOME_SUITES_USE_MAC */ ssl_tls_prf_t tls_prf, const unsigned char randbytes[64], int minor_ver, @@ -1328,22 +1328,22 @@ int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl ) } /* Populate transform structure */ - ret = ssl_populate_transform( ssl->transform_negotiate, - ssl->session_negotiate->ciphersuite, - ssl->session_negotiate->master, -#if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) -#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) - ssl->session_negotiate->encrypt_then_mac, -#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ -#endif /* MBEDTLS_SSL_SOME_SUITES_USE_MAC */ - ssl->handshake->tls_prf, - ssl->handshake->randbytes, - ssl->minor_ver, - ssl->conf->endpoint, - ssl ); + ret = ssl_tls12_populate_transform( ssl->transform_negotiate, + ssl->session_negotiate->ciphersuite, + ssl->session_negotiate->master, +#if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) && \ + defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) + ssl->session_negotiate->encrypt_then_mac, +#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC && + MBEDTLS_SSL_SOME_SUITES_USE_MAC */ + ssl->handshake->tls_prf, + ssl->handshake->randbytes, + ssl->minor_ver, + ssl->conf->endpoint, + ssl ); if( ret != 0 ) { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_populate_transform", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_tls12_populate_transform", ret ); return( ret ); } @@ -5775,14 +5775,14 @@ static int ssl_context_load( mbedtls_ssl_context *ssl, if( (size_t)( end - p ) < sizeof( ssl->transform->randbytes ) ) return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - ret = ssl_populate_transform( ssl->transform, + ret = ssl_tls12_populate_transform( ssl->transform, ssl->session->ciphersuite, ssl->session->master, -#if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) -#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) +#if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) && \ + defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) ssl->session->encrypt_then_mac, -#endif -#endif /* MBEDTLS_SSL_SOME_SUITES_USE_MAC */ +#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC && + MBEDTLS_SSL_SOME_SUITES_USE_MAC */ ssl_tls12prf_from_cs( ssl->session->ciphersuite ), p, /* currently pointing to randbytes */ MBEDTLS_SSL_MINOR_VERSION_3, /* (D)TLS 1.2 is forced */ From c94060c6417468bd0c5fd091f3a3aa4217bbb4bd Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 22 Mar 2021 07:50:44 +0000 Subject: [PATCH 07/81] Add TLS 1.3 specific key to SSL transform conversion function This commit adds the TLS 1.3 specific internal function ``` mbedtls_ssl_tls13_populate_transform() ``` which creates an instance of the SSL transform structure `mbedtls_ssl_transform` representing a TLS 1.3 record protection mechanism. It is analogous to the existing internal helper function ``` ssl_tls12_populate_transform() ``` which creates transform structures representing record protection mechanisms in TLS 1.2 and earlier. Signed-off-by: Hanno Becker --- library/ssl_tls13_keys.c | 108 +++++++++++++++++++++++++++++++++++++++ library/ssl_tls13_keys.h | 33 ++++++++++++ 2 files changed, 141 insertions(+) diff --git a/library/ssl_tls13_keys.c b/library/ssl_tls13_keys.c index f1c8a12d8..28313130f 100644 --- a/library/ssl_tls13_keys.c +++ b/library/ssl_tls13_keys.c @@ -699,4 +699,112 @@ exit: return( ret ); } +int mbedtls_ssl_tls13_populate_transform( mbedtls_ssl_transform *transform, + int endpoint, + int ciphersuite, + mbedtls_ssl_key_set const *traffic_keys, + mbedtls_ssl_context *ssl /* DEBUG ONLY */ ) +{ + int ret; + mbedtls_cipher_info_t const *cipher_info; + const mbedtls_ssl_ciphersuite_t *ciphersuite_info; + unsigned char const *key_enc; + unsigned char const *iv_enc; + unsigned char const *key_dec; + unsigned char const *iv_dec; + +#if !defined(MBEDTLS_DEBUG_C) + ssl = NULL; /* make sure we don't use it except for those cases */ + (void) ssl; +#endif + + ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( ciphersuite ); + + cipher_info = mbedtls_cipher_info_from_type( ciphersuite_info->cipher ); + if( cipher_info == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + + /* + * Setup cipher contexts in target transform + */ + + if( ( ret = mbedtls_cipher_setup( &transform->cipher_ctx_enc, + cipher_info ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setup", ret ); + return( ret ); + } + + if( ( ret = mbedtls_cipher_setup( &transform->cipher_ctx_dec, + cipher_info ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setup", ret ); + return( ret ); + } + +#if defined(MBEDTLS_SSL_SRV_C) + if( endpoint == MBEDTLS_SSL_IS_SERVER ) + { + key_enc = traffic_keys->server_write_key; + key_dec = traffic_keys->client_write_key; + iv_enc = traffic_keys->server_write_iv; + iv_dec = traffic_keys->client_write_iv; + } + else +#endif /* MBEDTLS_SSL_SRV_C */ +#if defined(MBEDTLS_SSL_CLI_C) + if( endpoint == MBEDTLS_SSL_IS_CLIENT ) + { + key_enc = traffic_keys->client_write_key; + key_dec = traffic_keys->server_write_key; + iv_enc = traffic_keys->client_write_iv; + iv_dec = traffic_keys->server_write_iv; + } + else +#endif /* MBEDTLS_SSL_CLI_C */ + { + /* should not happen */ + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + + memcpy( transform->iv_enc, iv_enc, traffic_keys->iv_len ); + memcpy( transform->iv_dec, iv_dec, traffic_keys->iv_len ); + + if( ( ret = mbedtls_cipher_setkey( &transform->cipher_ctx_enc, + key_enc, cipher_info->key_bitlen, + MBEDTLS_ENCRYPT ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setkey", ret ); + return( ret ); + } + + if( ( ret = mbedtls_cipher_setkey( &transform->cipher_ctx_dec, + key_dec, cipher_info->key_bitlen, + MBEDTLS_DECRYPT ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setkey", ret ); + return( ret ); + } + + /* + * Setup other fields in SSL transform + */ + + if( ( ciphersuite_info->flags & MBEDTLS_CIPHERSUITE_SHORT_TAG ) != 0 ) + transform->taglen = 8; + else + transform->taglen = 16; + + transform->ivlen = traffic_keys->iv_len; + transform->maclen = 0; + transform->fixed_ivlen = transform->ivlen; + transform->minlen = transform->taglen + 1; + transform->minor_ver = MBEDTLS_SSL_MINOR_VERSION_4; + + return( 0 ); +} + #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ diff --git a/library/ssl_tls13_keys.h b/library/ssl_tls13_keys.h index 3b96998ae..ca892b166 100644 --- a/library/ssl_tls13_keys.h +++ b/library/ssl_tls13_keys.h @@ -498,4 +498,37 @@ int mbedtls_ssl_tls1_3_create_psk_binder( mbedtls_ssl_context *ssl, unsigned char const *transcript, unsigned char *result ); +/** + * \bref Setup an SSL transform structure representing the + * record protection mechanism used by TLS 1.3 + * + * \param transform The SSL transform structure to be created. This must have + * been initialized through mbedtls_ssl_transform_init() and + * not used in any other way prior to calling this function. + * In particular, this function does not clean up the + * transform structure prior to installing the new keys. + * \param endpoint Indicates whether the transform is for the client + * (value #MBEDTLS_SSL_IS_CLIENT) or the server + * (value #MBEDTLS_SSL_IS_SERVER). + * \param ciphersuite The numerical identifier for the ciphersuite to use. + * This must be one of the identifiers listed in + * ssl_ciphersuites.h. + * \param traffic_keys The key material to use. No reference is stored in + * the SSL transform being generated, and the caller + * should destroy the key material afterwards. + * \param ssl (Debug-only) The SSL context to use for debug output + * in case of failure. This parameter is only needed if + * #MBEDTLS_DEBUG_C is set, and is ignored otherwise. + * + * \return \c 0 on success. In this case, \p transform is ready to + * be used with mbedtls_ssl_transform_decrypt() and + * mbedtls_ssl_transform_encrypt(). + * \return A negative error code on failure. + */ +int mbedtls_ssl_tls13_populate_transform( mbedtls_ssl_transform *transform, + int endpoint, + int ciphersuite, + mbedtls_ssl_key_set const *traffic_keys, + mbedtls_ssl_context *ssl ); + #endif /* MBEDTLS_SSL_TLS1_3_KEYS_H */ From 79e2d1b6f6eb5c07370afe20c20af00a727a190b Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 22 Mar 2021 11:42:19 +0000 Subject: [PATCH 08/81] Fix AEAD additional data computation for TLS 1.3 The AEAD additional data (AAD) is computed differently in TLS 1.3 compared to TLS 1.2, but this change hasn't yet been reflected in the codee, rendering the current implementation of ``` mbedtls_ssl_{encrypt,decrypt}_buf() ``` not standard compliant. This commit fixes this by adjusting the AAD extraction function ssl_extract_add_data_from_record() and its call-sites. Please see the documentation of the code for an explanation of how the AAD has changed from TLS 1.2 to TLS 1.3. Signed-off-by: Hanno Becker --- library/ssl_msg.c | 53 ++++++++++++++++++++++++++++++++++++----------- 1 file changed, 41 insertions(+), 12 deletions(-) diff --git a/library/ssl_msg.c b/library/ssl_msg.c index 76cc2b17d..cf2eab56b 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -384,7 +384,8 @@ static int ssl_parse_inner_plaintext( unsigned char const *content, static void ssl_extract_add_data_from_record( unsigned char* add_data, size_t *add_data_len, mbedtls_record *rec, - unsigned minor_ver ) + unsigned minor_ver, + size_t taglen ) { /* Quoting RFC 5246 (TLS 1.2): * @@ -403,15 +404,37 @@ static void ssl_extract_add_data_from_record( unsigned char* add_data, * * For TLS 1.3, the record sequence number is dropped from the AAD * and encoded within the nonce of the AEAD operation instead. + * Moreover, the additional data involves the length of the TLS + * ciphertext, not the TLS plaintext as in earlier versions. + * Quoting RFC 8446 (TLS 1.3): + * + * additional_data = TLSCiphertext.opaque_type || + * TLSCiphertext.legacy_record_version || + * TLSCiphertext.length + * + * We pass the tag length to this function in order to compute the + * ciphertext length from the inner plaintext length rec->data_len via + * + * TLSCiphertext.length = TLSInnerPlaintext.length + taglen. + * */ unsigned char *cur = add_data; + size_t ad_len_field = rec->data_len; #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) - if( minor_ver != MBEDTLS_SSL_MINOR_VERSION_4 ) + if( minor_ver == MBEDTLS_SSL_MINOR_VERSION_4 ) + { + /* In TLS 1.3, the AAD contains the length of the TLSCiphertext, + * which differs from the length of the TLSInnerPlaintext + * by the length of the authentication tag. */ + ad_len_field += taglen; + } + else #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ { ((void) minor_ver); + ((void) taglen); memcpy( cur, rec->ctr, sizeof( rec->ctr ) ); cur += sizeof( rec->ctr ); } @@ -431,15 +454,15 @@ static void ssl_extract_add_data_from_record( unsigned char* add_data, *cur = rec->cid_len; cur++; - cur[0] = ( rec->data_len >> 8 ) & 0xFF; - cur[1] = ( rec->data_len >> 0 ) & 0xFF; + cur[0] = ( ad_len_field >> 8 ) & 0xFF; + cur[1] = ( ad_len_field >> 0 ) & 0xFF; cur += 2; } else #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ { - cur[0] = ( rec->data_len >> 8 ) & 0xFF; - cur[1] = ( rec->data_len >> 0 ) & 0xFF; + cur[0] = ( ad_len_field >> 8 ) & 0xFF; + cur[1] = ( ad_len_field >> 0 ) & 0xFF; cur += 2; } @@ -646,7 +669,8 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl, unsigned char mac[MBEDTLS_SSL_MAC_ADD]; ssl_extract_add_data_from_record( add_data, &add_data_len, rec, - transform->minor_ver ); + transform->minor_ver, + transform->taglen ); mbedtls_md_hmac_update( &transform->md_ctx_enc, add_data, add_data_len ); @@ -743,7 +767,8 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl, * This depends on the TLS version. */ ssl_extract_add_data_from_record( add_data, &add_data_len, rec, - transform->minor_ver ); + transform->minor_ver, + transform->taglen ); MBEDTLS_SSL_DEBUG_BUF( 4, "IV used (internal)", iv, transform->ivlen ); @@ -897,7 +922,8 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl, } ssl_extract_add_data_from_record( add_data, &add_data_len, - rec, transform->minor_ver ); + rec, transform->minor_ver, + transform->taglen ); MBEDTLS_SSL_DEBUG_MSG( 3, ( "using encrypt then mac" ) ); MBEDTLS_SSL_DEBUG_BUF( 4, "MAC'd meta-data", add_data, @@ -1304,7 +1330,8 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, * This depends on the TLS version. */ ssl_extract_add_data_from_record( add_data, &add_data_len, rec, - transform->minor_ver ); + transform->minor_ver, + transform->taglen ); MBEDTLS_SSL_DEBUG_BUF( 4, "additional data used for AEAD", add_data, add_data_len ); @@ -1414,7 +1441,8 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, * Further, we still know that data_len > minlen */ rec->data_len -= transform->maclen; ssl_extract_add_data_from_record( add_data, &add_data_len, rec, - transform->minor_ver ); + transform->minor_ver, + transform->taglen ); /* Calculate expected MAC. */ MBEDTLS_SSL_DEBUG_BUF( 4, "MAC'd meta-data", add_data, @@ -1606,7 +1634,8 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, */ rec->data_len -= transform->maclen; ssl_extract_add_data_from_record( add_data, &add_data_len, rec, - transform->minor_ver ); + transform->minor_ver, + transform->taglen ); #if defined(MBEDTLS_SSL_PROTO_TLS1_2) /* From a77d005d39e78b55231311d034f2187eae8d5929 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 22 Mar 2021 15:16:33 +0000 Subject: [PATCH 09/81] Add known answer tests for TLS 1.3 record protection This commit adds four known answer tests for TLS 1.3 record protection from the following sources: - RFC 8448 "Example Handshake Traces for TLS 1.3" - tls13.ulfheim.net "The New Illustrated TLS Connection" It extends the test coverage of the existing record protection tests in the following ways: - The existing record protection tests hand-craft record transform structures; the new tests use the function mbedtls_ssl_tls13_populate_transform() from library source to create an TLS 1.3 transform from raw key material and connection information. - The existing record protection tests only check that encryption and decryption are inverse to each other; as such, they don't catch non-compliant implementations of encryption and decryption which happen to be inverse to each other. By adding a known answer test for TLS 1.3 record protection, can gain confidence that our implementation is indeed standards-compliant. Signed-off-by: Hanno Becker --- tests/suites/test_suite_ssl.data | 55 ++++++++++++++++++ tests/suites/test_suite_ssl.function | 86 ++++++++++++++++++++++++++++ 2 files changed, 141 insertions(+) diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data index 5d92469ad..efedd0615 100644 --- a/tests/suites/test_suite_ssl.data +++ b/tests/suites/test_suite_ssl.data @@ -6021,6 +6021,61 @@ SSL TLS 1.3 Key schedule: Handshake secrets derivation helper # Vector from RFC 8448 ssl_tls1_3_derive_handshake_secrets:MBEDTLS_MD_SHA256:"005cb112fd8eb4ccc623bb88a07c64b3ede1605363fc7d0df8c7ce4ff0fb4ae6":"f736cb34fe25e701551bee6fd24c1cc7102a7daf9405cb15d97aafe16f757d03":"2faac08f851d35fea3604fcb4de82dc62c9b164a70974d0462e27f1ab278700f":"fe927ae271312e8bf0275b581c54eef020450dc4ecffaa05a1a35d27518e7803" +SSL TLS 1.3 Record Encryption, tls13.ulfheim.net Example #1 +# - Server App Key: 0b6d22c8ff68097ea871c672073773bf +# - Server App IV: 1b13dd9f8d8f17091d34b349 +# - Client App Key: 49134b95328f279f0183860589ac6707 +# - Client App IV: bc4dd5f7b98acff85466261d +# - App data payload: 70696e67 +# - Complete record: 1703030015c74061535eb12f5f25a781957874742ab7fb305dd5 +ssl_tls1_3_record_protection:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:MBEDTLS_SSL_IS_CLIENT:0:"0b6d22c8ff68097ea871c672073773bf":"1b13dd9f8d8f17091d34b349":"49134b95328f279f0183860589ac6707":"bc4dd5f7b98acff85466261d":"70696e67":"c74061535eb12f5f25a781957874742ab7fb305dd5" + +SSL TLS 1.3 Record Encryption, tls13.ulfheim.net Example #2 +# - Server App Key: 0b6d22c8ff68097ea871c672073773bf +# - Server App IV: 1b13dd9f8d8f17091d34b349 +# - Client App Key: 49134b95328f279f0183860589ac6707 +# - Client App IV: bc4dd5f7b98acff85466261d +# - App data payload: 706f6e67 +# - Complete record: 1703030015370e5f168afa7fb16b663ecdfca3dbb81931a90ca7 +ssl_tls1_3_record_protection:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:MBEDTLS_SSL_IS_SERVER:1:"0b6d22c8ff68097ea871c672073773bf":"1b13dd9f8d8f17091d34b349":"49134b95328f279f0183860589ac6707":"bc4dd5f7b98acff85466261d":"706f6e67":"370e5f168afa7fb16b663ecdfca3dbb81931a90ca7" + +SSL TLS 1.3 Record Encryption RFC 8448 Example #1 +# Application Data record sent by Client in 1-RTT example of RFC 8448, Section 3 +# - Server App Key: 9f 02 28 3b 6c 9c 07 ef c2 6b b9 f2 ac 92 e3 56 +# - Server App IV: cf 78 2b 88 dd 83 54 9a ad f1 e9 84 +# - Client App Key: 17 42 2d da 59 6e d5 d9 ac d8 90 e3 c6 3f 50 51 +# - Client App IV: 5b 78 92 3d ee 08 57 90 33 e5 23 d9 +# - App data payload: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f +# 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f +# 20 21 22 23 24 25 26 27 28 29 2a 2b 2c 2d 2e 2f +# 30 31 +# - Complete record: 17 03 03 00 43 a2 3f 70 54 b6 2c 94 d0 af fa fe +# 82 28 ba 55 cb ef ac ea 42 f9 14 aa 66 bc ab 3f +# 2b 98 19 a8 a5 b4 6b 39 5b d5 4a 9a 20 44 1e 2b +# 62 97 4e 1f 5a 62 92 a2 97 70 14 bd 1e 3d ea e6 +# 3a ee bb 21 69 49 15 e4 +ssl_tls1_3_record_protection:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:MBEDTLS_SSL_IS_CLIENT:0:"9f02283b6c9c07efc26bb9f2ac92e356":"cf782b88dd83549aadf1e984":"17422dda596ed5d9acd890e3c63f5051":"5b78923dee08579033e523d9":"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f3031":"a23f7054b62c94d0affafe8228ba55cbefacea42f914aa66bcab3f2b9819a8a5b46b395bd54a9a20441e2b62974e1f5a6292a2977014bd1e3deae63aeebb21694915e4" + +SSL TLS 1.3 Record Encryption RFC 8448 Example #2 +# Application Data record sent by Server in 1-RTT example of RFC 8448, Section 3 +# - Server App Key: 9f 02 28 3b 6c 9c 07 ef c2 6b b9 f2 ac 92 e3 56 +# - Server App IV: cf 78 2b 88 dd 83 54 9a ad f1 e9 84 +# - Client App Key: 17 42 2d da 59 6e d5 d9 ac d8 90 e3 c6 3f 50 51 +# - Client App IV: 5b 78 92 3d ee 08 57 90 33 e5 23 d9 +# - App data payload: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f +# 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f +# 20 21 22 23 24 25 26 27 28 29 2a 2b 2c 2d 2e 2f +# 30 31 +# - Complete record: 17 03 03 00 43 2e 93 7e 11 ef 4a c7 40 e5 38 ad +# 36 00 5f c4 a4 69 32 fc 32 25 d0 5f 82 aa 1b 36 +# e3 0e fa f9 7d 90 e6 df fc 60 2d cb 50 1a 59 a8 +# fc c4 9c 4b f2 e5 f0 a2 1c 00 47 c2 ab f3 32 54 +# 0d d0 32 e1 67 c2 95 5d +ssl_tls1_3_record_protection:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:MBEDTLS_SSL_IS_SERVER:1:"9f02283b6c9c07efc26bb9f2ac92e356":"cf782b88dd83549aadf1e984":"17422dda596ed5d9acd890e3c63f5051":"5b78923dee08579033e523d9":"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f3031":"2e937e11ef4ac740e538ad36005fc4a46932fc3225d05f82aa1b36e30efaf97d90e6dffc602dcb501a59a8fcc49c4bf2e5f0a21c0047c2abf332540dd032e167c2955d" + +SSL TLS_PRF MBEDTLS_SSL_TLS_PRF_NONE +ssl_tls_prf:MBEDTLS_SSL_TLS_PRF_NONE:"":"":"test tls_prf label":"":MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE + SSL TLS 1.3 Key schedule: Application secrets derivation helper # Vector from RFC 8448 ssl_tls1_3_derive_application_secrets:MBEDTLS_MD_SHA256:"e2d32d4ed66dd37897a0e80c84107503ce58bf8aad4cb55a5002d77ecb890ece":"b0aeffc46a2cfe33114e6fd7d51f9f04b1ca3c497dab08934a774a9d9ad7dbf3":"2abbf2b8e381d23dbebe1dd2a7d16a8bf484cb4950d23fb7fb7fa8547062d9a1":"cc21f1bf8feb7dd5fa505bd9c4b468a9984d554a993dc49e6d285598fb672691":"3fd93d4ffddc98e64b14dd107aedf8ee4add23f4510f58a4592d0b201bee56b4" diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index 081e8a45a..a83d6e2be 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -3943,6 +3943,92 @@ void ssl_tls1_3_create_psk_binder( int hash_alg, } /* END_CASE */ +/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ +void ssl_tls1_3_record_protection( int ciphersuite, + int endpoint, + int ctr, + data_t *server_write_key, + data_t *server_write_iv, + data_t *client_write_key, + data_t *client_write_iv, + data_t *plaintext, + data_t *ciphertext ) +{ + mbedtls_ssl_key_set keys; + mbedtls_ssl_transform transform_send; + mbedtls_ssl_transform transform_recv; + mbedtls_record rec; + unsigned char *buf = NULL; + int other_endpoint; + + TEST_ASSERT( endpoint == MBEDTLS_SSL_IS_CLIENT || + endpoint == MBEDTLS_SSL_IS_SERVER ); + + if( endpoint == MBEDTLS_SSL_IS_SERVER ) + other_endpoint = MBEDTLS_SSL_IS_CLIENT; + if( endpoint == MBEDTLS_SSL_IS_CLIENT ) + other_endpoint = MBEDTLS_SSL_IS_SERVER; + + TEST_ASSERT( server_write_key->len == client_write_key->len ); + TEST_ASSERT( server_write_iv->len == client_write_iv->len ); + + memcpy( keys.client_write_key, + client_write_key->x, client_write_key->len ); + memcpy( keys.client_write_iv, + client_write_iv->x, client_write_iv->len ); + memcpy( keys.server_write_key, + server_write_key->x, server_write_key->len ); + memcpy( keys.server_write_iv, + server_write_iv->x, server_write_iv->len ); + + keys.key_len = server_write_key->len; + keys.iv_len = server_write_iv->len; + + mbedtls_ssl_transform_init( &transform_recv ); + mbedtls_ssl_transform_init( &transform_send ); + + TEST_ASSERT( mbedtls_ssl_tls13_populate_transform( + &transform_send, endpoint, + ciphersuite, &keys, NULL ) == 0 ); + TEST_ASSERT( mbedtls_ssl_tls13_populate_transform( + &transform_recv, other_endpoint, + ciphersuite, &keys, NULL ) == 0 ); + + ASSERT_ALLOC( buf, ciphertext->len ); + rec.type = MBEDTLS_SSL_MSG_APPLICATION_DATA; + mbedtls_ssl_write_version( MBEDTLS_SSL_MAJOR_VERSION_3, + MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_TRANSPORT_STREAM, + rec.ver ); + + /* Copy plaintext into record structure */ + rec.buf = buf; + rec.buf_len = ciphertext->len; + rec.data_offset = 0; + TEST_ASSERT( plaintext->len <= ciphertext->len ); + memcpy( rec.buf + rec.data_offset, plaintext->x, plaintext->len ); + rec.data_len = plaintext->len; +#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) + rec.cid_len = 0; +#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ + + memset( &rec.ctr[0], 0, 8 ); + rec.ctr[7] = ctr; + + TEST_ASSERT( mbedtls_ssl_encrypt_buf( NULL, &transform_send, &rec, + NULL, NULL ) == 0 ); + ASSERT_COMPARE( rec.buf + rec.data_offset, rec.data_len, + ciphertext->x, ciphertext->len ); + + TEST_ASSERT( mbedtls_ssl_decrypt_buf( NULL, &transform_recv, &rec ) == 0 ); + ASSERT_COMPARE( rec.buf + rec.data_offset, rec.data_len, + plaintext->x, plaintext->len ); + + mbedtls_ssl_transform_free( &transform_send ); + mbedtls_ssl_transform_free( &transform_recv ); +} +/* END_CASE */ + /* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ void ssl_tls1_3_key_evolution( int hash_alg, data_t *secret, From 80e760e00642836a19e7c05efad3ac34a57230be Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 23 Mar 2021 06:00:21 +0000 Subject: [PATCH 10/81] Fix memory leak in TLS 1.3 record protection unit test Signed-off-by: Hanno Becker --- tests/suites/test_suite_ssl.function | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index a83d6e2be..554e7b86e 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -4024,6 +4024,7 @@ void ssl_tls1_3_record_protection( int ciphersuite, ASSERT_COMPARE( rec.buf + rec.data_offset, rec.data_len, plaintext->x, plaintext->len ); + mbedtls_free( buf ); mbedtls_ssl_transform_free( &transform_send ); mbedtls_ssl_transform_free( &transform_recv ); } From 7887a77c2507bfbddd2238a0a1a06f9b19d7f64e Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 20 Apr 2021 05:27:57 +0100 Subject: [PATCH 11/81] Match parameter check in TLS 1.3 populate transform to 1.2 version Signed-off-by: Hanno Becker --- library/ssl_tls13_keys.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/library/ssl_tls13_keys.c b/library/ssl_tls13_keys.c index 28313130f..0977cabb3 100644 --- a/library/ssl_tls13_keys.c +++ b/library/ssl_tls13_keys.c @@ -719,12 +719,19 @@ int mbedtls_ssl_tls13_populate_transform( mbedtls_ssl_transform *transform, #endif ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( ciphersuite ); + if( ciphersuite_info == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "ciphersuite info for %d not found", + ciphersuite ) ); + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + } cipher_info = mbedtls_cipher_info_from_type( ciphersuite_info->cipher ); if( cipher_info == NULL ) { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "cipher info for %u not found", + ciphersuite_info->cipher ) ); + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ) } /* From edd5bf0a95d05d72c405be84011ea9638d2b966d Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 20 Apr 2021 05:32:16 +0100 Subject: [PATCH 12/81] Fix and document minimum length of record ciphertext in TLS 1.3 Signed-off-by: Hanno Becker --- library/ssl_tls13_keys.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/library/ssl_tls13_keys.c b/library/ssl_tls13_keys.c index 0977cabb3..8270009c7 100644 --- a/library/ssl_tls13_keys.c +++ b/library/ssl_tls13_keys.c @@ -808,9 +808,15 @@ int mbedtls_ssl_tls13_populate_transform( mbedtls_ssl_transform *transform, transform->ivlen = traffic_keys->iv_len; transform->maclen = 0; transform->fixed_ivlen = transform->ivlen; - transform->minlen = transform->taglen + 1; transform->minor_ver = MBEDTLS_SSL_MINOR_VERSION_4; + /* We add the true record content type (1 Byte) to the plaintext and + * then pad to the configured granularity. The mimimum length of the + * type-extended and padded plaintext is therefore the padding + * granularity. */ + transform->minlen = + transform->taglen + MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY; + return( 0 ); } From 41537452f495a7ee448a7bd4d0d5f566341263d6 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 20 Apr 2021 05:35:28 +0100 Subject: [PATCH 13/81] Add comment regarding the wire-version used in TLS 1.3 records Signed-off-by: Hanno Becker --- tests/suites/test_suite_ssl.function | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index 554e7b86e..2e0990722 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -3996,6 +3996,8 @@ void ssl_tls1_3_record_protection( int ciphersuite, ASSERT_ALLOC( buf, ciphertext->len ); rec.type = MBEDTLS_SSL_MSG_APPLICATION_DATA; + + /* TLS 1.3 uses the version identifier from TLS 1.2 on the wire. */ mbedtls_ssl_write_version( MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_TRANSPORT_STREAM, From f62a730e80ebdc976d32b1d0f52078273ee1fb7f Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Wed, 21 Apr 2021 05:21:28 +0100 Subject: [PATCH 14/81] Add missing semicolon in TLS 1.3 transform generation code Signed-off-by: Hanno Becker --- library/ssl_tls13_keys.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/ssl_tls13_keys.c b/library/ssl_tls13_keys.c index 8270009c7..91384f281 100644 --- a/library/ssl_tls13_keys.c +++ b/library/ssl_tls13_keys.c @@ -731,7 +731,7 @@ int mbedtls_ssl_tls13_populate_transform( mbedtls_ssl_transform *transform, { MBEDTLS_SSL_DEBUG_MSG( 1, ( "cipher info for %u not found", ciphersuite_info->cipher ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); } /* From c0da10dc3a491a4aab41503c12921e11fe7b9fb7 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Wed, 21 Apr 2021 05:32:23 +0100 Subject: [PATCH 15/81] Remove TLS 1.3 specific code from TLS <= 1.2 transform generator Signed-off-by: Hanno Becker --- library/ssl_tls.c | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 33f4e601c..88a3e745e 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -714,6 +714,15 @@ static int ssl_tls12_populate_transform( mbedtls_ssl_transform *transform, memcpy( transform->randbytes, randbytes, sizeof( transform->randbytes ) ); #endif +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + if( minor_ver == MBEDTLS_SSL_MINOR_VERSION_4 ) + { + /* At the moment, we keep TLS <= 1.2 and TLS 1.3 transform + * generation separate. This should never happen. */ + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ + /* * Get various info structures */ @@ -806,19 +815,10 @@ static int ssl_tls12_populate_transform( mbedtls_ssl_transform *transform, * sequence number). */ transform->ivlen = 12; -#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) - if( minor_ver == MBEDTLS_SSL_MINOR_VERSION_4 ) - { + if( cipher_info->mode == MBEDTLS_MODE_CHACHAPOLY ) transform->fixed_ivlen = 12; - } else -#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ - { - if( cipher_info->mode == MBEDTLS_MODE_CHACHAPOLY ) - transform->fixed_ivlen = 12; - else - transform->fixed_ivlen = 4; - } + transform->fixed_ivlen = 4; /* Minimum length of encrypted record */ explicit_ivlen = transform->ivlen - transform->fixed_ivlen; From dfba065d80adc007e81288e3655de82dfefb56d5 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Sun, 1 Aug 2021 19:16:57 +0100 Subject: [PATCH 16/81] Adjust ssl_tls13_keys.c to consolidated CID/1.3 padding granularity Signed-off-by: Hanno Becker --- library/ssl_tls13_keys.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/ssl_tls13_keys.c b/library/ssl_tls13_keys.c index 91384f281..902f99ea8 100644 --- a/library/ssl_tls13_keys.c +++ b/library/ssl_tls13_keys.c @@ -815,7 +815,7 @@ int mbedtls_ssl_tls13_populate_transform( mbedtls_ssl_transform *transform, * type-extended and padded plaintext is therefore the padding * granularity. */ transform->minlen = - transform->taglen + MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY; + transform->taglen + MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY; return( 0 ); } From 1f91878281cdb680c98f33a3312d1fce56f45eba Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Sun, 1 Aug 2021 19:18:28 +0100 Subject: [PATCH 17/81] Specify padding granularity in TLS 1.3 record protection KATs Still check that encryption and decryption are inverse to each other if the granularity does not match the one used in the KAT. Signed-off-by: Hanno Becker --- tests/suites/test_suite_ssl.data | 12 ++++++++---- tests/suites/test_suite_ssl.function | 17 +++++++++++++---- 2 files changed, 21 insertions(+), 8 deletions(-) diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data index efedd0615..04f6e1d34 100644 --- a/tests/suites/test_suite_ssl.data +++ b/tests/suites/test_suite_ssl.data @@ -6028,7 +6028,8 @@ SSL TLS 1.3 Record Encryption, tls13.ulfheim.net Example #1 # - Client App IV: bc4dd5f7b98acff85466261d # - App data payload: 70696e67 # - Complete record: 1703030015c74061535eb12f5f25a781957874742ab7fb305dd5 -ssl_tls1_3_record_protection:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:MBEDTLS_SSL_IS_CLIENT:0:"0b6d22c8ff68097ea871c672073773bf":"1b13dd9f8d8f17091d34b349":"49134b95328f279f0183860589ac6707":"bc4dd5f7b98acff85466261d":"70696e67":"c74061535eb12f5f25a781957874742ab7fb305dd5" +# - Padding used: No (== granularity 1) +ssl_tls1_3_record_protection:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:MBEDTLS_SSL_IS_CLIENT:0:1:"0b6d22c8ff68097ea871c672073773bf":"1b13dd9f8d8f17091d34b349":"49134b95328f279f0183860589ac6707":"bc4dd5f7b98acff85466261d":"70696e67":"c74061535eb12f5f25a781957874742ab7fb305dd5" SSL TLS 1.3 Record Encryption, tls13.ulfheim.net Example #2 # - Server App Key: 0b6d22c8ff68097ea871c672073773bf @@ -6037,7 +6038,8 @@ SSL TLS 1.3 Record Encryption, tls13.ulfheim.net Example #2 # - Client App IV: bc4dd5f7b98acff85466261d # - App data payload: 706f6e67 # - Complete record: 1703030015370e5f168afa7fb16b663ecdfca3dbb81931a90ca7 -ssl_tls1_3_record_protection:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:MBEDTLS_SSL_IS_SERVER:1:"0b6d22c8ff68097ea871c672073773bf":"1b13dd9f8d8f17091d34b349":"49134b95328f279f0183860589ac6707":"bc4dd5f7b98acff85466261d":"706f6e67":"370e5f168afa7fb16b663ecdfca3dbb81931a90ca7" +# - Padding used: No (== granularity 1) +ssl_tls1_3_record_protection:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:MBEDTLS_SSL_IS_SERVER:1:1:"0b6d22c8ff68097ea871c672073773bf":"1b13dd9f8d8f17091d34b349":"49134b95328f279f0183860589ac6707":"bc4dd5f7b98acff85466261d":"706f6e67":"370e5f168afa7fb16b663ecdfca3dbb81931a90ca7" SSL TLS 1.3 Record Encryption RFC 8448 Example #1 # Application Data record sent by Client in 1-RTT example of RFC 8448, Section 3 @@ -6054,7 +6056,8 @@ SSL TLS 1.3 Record Encryption RFC 8448 Example #1 # 2b 98 19 a8 a5 b4 6b 39 5b d5 4a 9a 20 44 1e 2b # 62 97 4e 1f 5a 62 92 a2 97 70 14 bd 1e 3d ea e6 # 3a ee bb 21 69 49 15 e4 -ssl_tls1_3_record_protection:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:MBEDTLS_SSL_IS_CLIENT:0:"9f02283b6c9c07efc26bb9f2ac92e356":"cf782b88dd83549aadf1e984":"17422dda596ed5d9acd890e3c63f5051":"5b78923dee08579033e523d9":"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f3031":"a23f7054b62c94d0affafe8228ba55cbefacea42f914aa66bcab3f2b9819a8a5b46b395bd54a9a20441e2b62974e1f5a6292a2977014bd1e3deae63aeebb21694915e4" +# - Padding used: No (== granularity 1) +ssl_tls1_3_record_protection:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:MBEDTLS_SSL_IS_CLIENT:0:1:"9f02283b6c9c07efc26bb9f2ac92e356":"cf782b88dd83549aadf1e984":"17422dda596ed5d9acd890e3c63f5051":"5b78923dee08579033e523d9":"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f3031":"a23f7054b62c94d0affafe8228ba55cbefacea42f914aa66bcab3f2b9819a8a5b46b395bd54a9a20441e2b62974e1f5a6292a2977014bd1e3deae63aeebb21694915e4" SSL TLS 1.3 Record Encryption RFC 8448 Example #2 # Application Data record sent by Server in 1-RTT example of RFC 8448, Section 3 @@ -6071,7 +6074,8 @@ SSL TLS 1.3 Record Encryption RFC 8448 Example #2 # e3 0e fa f9 7d 90 e6 df fc 60 2d cb 50 1a 59 a8 # fc c4 9c 4b f2 e5 f0 a2 1c 00 47 c2 ab f3 32 54 # 0d d0 32 e1 67 c2 95 5d -ssl_tls1_3_record_protection:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:MBEDTLS_SSL_IS_SERVER:1:"9f02283b6c9c07efc26bb9f2ac92e356":"cf782b88dd83549aadf1e984":"17422dda596ed5d9acd890e3c63f5051":"5b78923dee08579033e523d9":"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f3031":"2e937e11ef4ac740e538ad36005fc4a46932fc3225d05f82aa1b36e30efaf97d90e6dffc602dcb501a59a8fcc49c4bf2e5f0a21c0047c2abf332540dd032e167c2955d" +# - Padding used: No (== granularity 1) +ssl_tls1_3_record_protection:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:MBEDTLS_SSL_IS_SERVER:1:1:"9f02283b6c9c07efc26bb9f2ac92e356":"cf782b88dd83549aadf1e984":"17422dda596ed5d9acd890e3c63f5051":"5b78923dee08579033e523d9":"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f3031":"2e937e11ef4ac740e538ad36005fc4a46932fc3225d05f82aa1b36e30efaf97d90e6dffc602dcb501a59a8fcc49c4bf2e5f0a21c0047c2abf332540dd032e167c2955d" SSL TLS_PRF MBEDTLS_SSL_TLS_PRF_NONE ssl_tls_prf:MBEDTLS_SSL_TLS_PRF_NONE:"":"":"test tls_prf label":"":MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index 2e0990722..6d8a9e867 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -3947,6 +3947,7 @@ void ssl_tls1_3_create_psk_binder( int hash_alg, void ssl_tls1_3_record_protection( int ciphersuite, int endpoint, int ctr, + int padding_used, data_t *server_write_key, data_t *server_write_iv, data_t *client_write_key, @@ -3959,6 +3960,7 @@ void ssl_tls1_3_record_protection( int ciphersuite, mbedtls_ssl_transform transform_recv; mbedtls_record rec; unsigned char *buf = NULL; + size_t buf_len; int other_endpoint; TEST_ASSERT( endpoint == MBEDTLS_SSL_IS_CLIENT || @@ -3994,7 +3996,10 @@ void ssl_tls1_3_record_protection( int ciphersuite, &transform_recv, other_endpoint, ciphersuite, &keys, NULL ) == 0 ); - ASSERT_ALLOC( buf, ciphertext->len ); + /* Make sure we have enough space in the buffer even if + * we use more padding than the KAT. */ + buf_len = ciphertext->len + MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY; + ASSERT_ALLOC( buf, buf_len ); rec.type = MBEDTLS_SSL_MSG_APPLICATION_DATA; /* TLS 1.3 uses the version identifier from TLS 1.2 on the wire. */ @@ -4005,7 +4010,7 @@ void ssl_tls1_3_record_protection( int ciphersuite, /* Copy plaintext into record structure */ rec.buf = buf; - rec.buf_len = ciphertext->len; + rec.buf_len = buf_len; rec.data_offset = 0; TEST_ASSERT( plaintext->len <= ciphertext->len ); memcpy( rec.buf + rec.data_offset, plaintext->x, plaintext->len ); @@ -4019,8 +4024,12 @@ void ssl_tls1_3_record_protection( int ciphersuite, TEST_ASSERT( mbedtls_ssl_encrypt_buf( NULL, &transform_send, &rec, NULL, NULL ) == 0 ); - ASSERT_COMPARE( rec.buf + rec.data_offset, rec.data_len, - ciphertext->x, ciphertext->len ); + + if( padding_used == MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY ) + { + ASSERT_COMPARE( rec.buf + rec.data_offset, rec.data_len, + ciphertext->x, ciphertext->len ); + } TEST_ASSERT( mbedtls_ssl_decrypt_buf( NULL, &transform_recv, &rec ) == 0 ); ASSERT_COMPARE( rec.buf + rec.data_offset, rec.data_len, From 6c53ecc01db4212da1a8715afe1abc599a9c6f0d Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Sun, 1 Aug 2021 19:20:10 +0100 Subject: [PATCH 18/81] all.sh: Run basic TLS 1.3 with and without record padding Signed-off-by: Hanno Becker --- tests/scripts/all.sh | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index f8e43c871..5d2710cad 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -2437,11 +2437,22 @@ component_build_armcc () { } component_test_tls13_experimental () { - msg "build: default config with MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL enabled" + msg "build: default config with MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL enabled, without padding" scripts/config.pl set MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL + scripts/config.pl set MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 1 CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . make - msg "test: default config with MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL enabled" + msg "test: default config with MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL enabled, without padding" + make test +} + +component_test_tls13_experimental_with_padding () { + msg "build: default config with MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL enabled, with padding" + scripts/config.pl set MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL + scripts/config.pl set MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 16 + CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . + make + msg "test: default config with MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL enabled, with padding" make test } From d7e4b2ce4267c681a72e31faa2611b3250ee1541 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Sun, 1 Aug 2021 20:13:06 +0100 Subject: [PATCH 19/81] Remove duplicated test from SSL test suite Signed-off-by: Hanno Becker --- tests/suites/test_suite_ssl.data | 3 --- 1 file changed, 3 deletions(-) diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data index 04f6e1d34..25eefb3ab 100644 --- a/tests/suites/test_suite_ssl.data +++ b/tests/suites/test_suite_ssl.data @@ -6077,9 +6077,6 @@ SSL TLS 1.3 Record Encryption RFC 8448 Example #2 # - Padding used: No (== granularity 1) ssl_tls1_3_record_protection:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:MBEDTLS_SSL_IS_SERVER:1:1:"9f02283b6c9c07efc26bb9f2ac92e356":"cf782b88dd83549aadf1e984":"17422dda596ed5d9acd890e3c63f5051":"5b78923dee08579033e523d9":"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f3031":"2e937e11ef4ac740e538ad36005fc4a46932fc3225d05f82aa1b36e30efaf97d90e6dffc602dcb501a59a8fcc49c4bf2e5f0a21c0047c2abf332540dd032e167c2955d" -SSL TLS_PRF MBEDTLS_SSL_TLS_PRF_NONE -ssl_tls_prf:MBEDTLS_SSL_TLS_PRF_NONE:"":"":"test tls_prf label":"":MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE - SSL TLS 1.3 Key schedule: Application secrets derivation helper # Vector from RFC 8448 ssl_tls1_3_derive_application_secrets:MBEDTLS_MD_SHA256:"e2d32d4ed66dd37897a0e80c84107503ce58bf8aad4cb55a5002d77ecb890ece":"b0aeffc46a2cfe33114e6fd7d51f9f04b1ca3c497dab08934a774a9d9ad7dbf3":"2abbf2b8e381d23dbebe1dd2a7d16a8bf484cb4950d23fb7fb7fa8547062d9a1":"cc21f1bf8feb7dd5fa505bd9c4b468a9984d554a993dc49e6d285598fb672691":"3fd93d4ffddc98e64b14dd107aedf8ee4add23f4510f58a4592d0b201bee56b4" From b0302c4c7bdc684c5307040e9e8d8c314e245c48 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 3 Aug 2021 09:39:42 +0100 Subject: [PATCH 20/81] Move messaging related session reset into separate helper function - Improves readability - Will be useful when we introduce MPS as an alternative msg layer. - Will be useful when we need to reset the messaging layer upon receipt of a HelloRetryRequest in TLS 1.3. Signed-off-by: Hanno Becker --- library/ssl_tls.c | 110 ++++++++++++++++++++++++---------------------- 1 file changed, 57 insertions(+), 53 deletions(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index fe3b5e2e6..c43f92a37 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -3231,9 +3231,9 @@ error: * If partial is non-zero, keep data in the input buffer and client ID. * (Use when a DTLS client reconnects from the same port.) */ -int mbedtls_ssl_session_reset_int( mbedtls_ssl_context *ssl, int partial ) +static void ssl_session_reset_msg_layer( mbedtls_ssl_context *ssl, + int partial ) { - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) size_t in_buf_len = ssl->in_buf_len; size_t out_buf_len = ssl->out_buf_len; @@ -3242,16 +3242,65 @@ int mbedtls_ssl_session_reset_int( mbedtls_ssl_context *ssl, int partial ) size_t out_buf_len = MBEDTLS_SSL_OUT_BUFFER_LEN; #endif -#if !defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) || \ - !defined(MBEDTLS_SSL_SRV_C) - ((void) partial); +#if !defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) || !defined(MBEDTLS_SSL_SRV_C) + partial = 0; #endif - ssl->state = MBEDTLS_SSL_HELLO_REQUEST; - /* Cancel any possibly running timer */ mbedtls_ssl_set_timer( ssl, 0 ); + mbedtls_ssl_reset_in_out_pointers( ssl ); + + /* Reset incoming message parsing */ + ssl->in_offt = NULL; + ssl->nb_zero = 0; + ssl->in_msgtype = 0; + ssl->in_msglen = 0; + ssl->in_hslen = 0; + ssl->keep_current_message = 0; + ssl->transform_in = NULL; + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + ssl->next_record_offset = 0; + ssl->in_epoch = 0; +#endif + + /* Keep current datagram if partial == 1 */ + if( partial == 0 ) + { + ssl->in_left = 0; + memset( ssl->in_buf, 0, in_buf_len ); + } + + /* Reset outgoing message writing */ + ssl->out_msgtype = 0; + ssl->out_msglen = 0; + ssl->out_left = 0; + memset( ssl->out_buf, 0, out_buf_len ); + memset( ssl->cur_out_ctr, 0, sizeof( ssl->cur_out_ctr ) ); + ssl->transform_out = NULL; + +#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) + mbedtls_ssl_dtls_replay_reset( ssl ); +#endif + + if( ssl->transform ) + { + mbedtls_ssl_transform_free( ssl->transform ); + mbedtls_free( ssl->transform ); + ssl->transform = NULL; + } +} + +int mbedtls_ssl_session_reset_int( mbedtls_ssl_context *ssl, int partial ) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + + ssl->state = MBEDTLS_SSL_HELLO_REQUEST; + + ssl_session_reset_msg_layer( ssl, partial ); + + /* Reset renegotiation state */ #if defined(MBEDTLS_SSL_RENEGOTIATION) ssl->renego_status = MBEDTLS_SSL_INITIAL_HANDSHAKE; ssl->renego_records_seen = 0; @@ -3262,53 +3311,8 @@ int mbedtls_ssl_session_reset_int( mbedtls_ssl_context *ssl, int partial ) #endif ssl->secure_renegotiation = MBEDTLS_SSL_LEGACY_RENEGOTIATION; - ssl->in_offt = NULL; - mbedtls_ssl_reset_in_out_pointers( ssl ); - - ssl->in_msgtype = 0; - ssl->in_msglen = 0; -#if defined(MBEDTLS_SSL_PROTO_DTLS) - ssl->next_record_offset = 0; - ssl->in_epoch = 0; -#endif -#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) - mbedtls_ssl_dtls_replay_reset( ssl ); -#endif - - ssl->in_hslen = 0; - ssl->nb_zero = 0; - - ssl->keep_current_message = 0; - - ssl->out_msgtype = 0; - ssl->out_msglen = 0; - ssl->out_left = 0; - - memset( ssl->cur_out_ctr, 0, sizeof( ssl->cur_out_ctr ) ); - - ssl->transform_in = NULL; - ssl->transform_out = NULL; - - ssl->session_in = NULL; + ssl->session_in = NULL; ssl->session_out = NULL; - - memset( ssl->out_buf, 0, out_buf_len ); - -#if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) && defined(MBEDTLS_SSL_SRV_C) - if( partial == 0 ) -#endif /* MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE && MBEDTLS_SSL_SRV_C */ - { - ssl->in_left = 0; - memset( ssl->in_buf, 0, in_buf_len ); - } - - if( ssl->transform ) - { - mbedtls_ssl_transform_free( ssl->transform ); - mbedtls_free( ssl->transform ); - ssl->transform = NULL; - } - if( ssl->session ) { mbedtls_ssl_session_free( ssl->session ); From 3a6c76937adce329cbc85fe5001cc7e533545b8d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 18 Aug 2020 10:28:51 +0200 Subject: [PATCH 21/81] Add arm-linux-gnueabi-gcc build to all.sh MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Currently it can't be mandatory, since we can't install the required toolchain on Jenkins right away. Also, while at it, remove `SHELL='sh -x'` from the other arm5vte component; it was a leftover from debugging. Signed-off-by: Manuel Pégourié-Gonnard --- tests/scripts/all.sh | 28 ++++++++++++++++++++++++---- 1 file changed, 24 insertions(+), 4 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index f8e43c871..7570b1128 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -161,6 +161,7 @@ pre_initialize_variables () { : ${ARMC5_BIN_DIR:=/usr/bin} : ${ARMC6_BIN_DIR:=/usr/bin} : ${ARM_NONE_EABI_GCC_PREFIX:=arm-none-eabi-} + : ${ARM_LINUX_GNUEABI_GCC_PREFIX:=arm-linux-gnueabi-} # if MAKEFLAGS is not set add the -j option to speed up invocations of make if [ -z "${MAKEFLAGS+set}" ]; then @@ -230,6 +231,9 @@ General options: --arm-none-eabi-gcc-prefix= Prefix for a cross-compiler for arm-none-eabi (default: "${ARM_NONE_EABI_GCC_PREFIX}") + --arm-linux-gnueabi-gcc-prefix= + Prefix for a cross-compiler for arm-linux-gnueabi + (default: "${ARM_LINUX_GNUEABI_GCC_PREFIX}") --armcc Run ARM Compiler builds (on by default). --except Exclude the COMPONENTs listed on the command line, instead of running only those. @@ -387,6 +391,7 @@ pre_parse_command_line () { case "$1" in --append-outcome) append_outcome=1;; --arm-none-eabi-gcc-prefix) shift; ARM_NONE_EABI_GCC_PREFIX="$1";; + --arm-linux-gnueabi-gcc-prefix) shift; ARM_LINUX_GNUEABI_GCC_PREFIX="$1";; --armcc) no_armcc=;; --armc5-bin-dir) shift; ARMC5_BIN_DIR="$1";; --armc6-bin-dir) shift; ARMC6_BIN_DIR="$1";; @@ -2369,14 +2374,29 @@ component_build_arm_none_eabi_gcc () { ${ARM_NONE_EABI_GCC_PREFIX}size library/*.o } -component_build_arm_none_eabi_gcc_arm5vte () { - msg "build: ${ARM_NONE_EABI_GCC_PREFIX}gcc -march=arm5vte" # ~ 10s +component_build_arm_linux_gnueabi_gcc_arm5vte () { + msg "build: ${ARM_LINUX_GNUEABI_GCC_PREFIX}gcc -march=arm5vte" # ~ 10s scripts/config.py baremetal # Build for a target platform that's close to what Debian uses # for its "armel" distribution (https://wiki.debian.org/ArmEabiPort). # See https://github.com/ARMmbed/mbedtls/pull/2169 and comments. - # It would be better to build with arm-linux-gnueabi-gcc but - # we don't have that on our CI at this time. + # Build everything including programs, see for example + # https://github.com/ARMmbed/mbedtls/pull/3449#issuecomment-675313720 + make CC="${ARM_LINUX_GNUEABI_GCC_PREFIX}gcc" AR="${ARM_LINUX_GNUEABI_GCC_PREFIX}ar" CFLAGS='-Werror -Wall -Wextra -march=armv5te -O1' LDFLAGS='-march=armv5te' + + msg "size: ${ARM_LINUX_GNUEABI_GCC_PREFIX}gcc -march=armv5te -O1" + ${ARM_LINUX_GNUEABI_GCC_PREFIX}size library/*.o +} +support_build_arm_linux_gnueabi_gcc_arm5vte () { + type ${ARM_LINUX_GNUEABI_GCC_PREFIX}gcc >/dev/null 2>&1 +} + +component_build_arm_none_eabi_gcc_arm5vte () { + msg "build: ${ARM_NONE_EABI_GCC_PREFIX}gcc -march=arm5vte" # ~ 10s + scripts/config.py baremetal + # This is an imperfect substitute for + # component_build_arm_linux_gnueabi_gcc_arm5vte + # in case the gcc-arm-linux-gnueabihf toolchain is not available make CC="${ARM_NONE_EABI_GCC_PREFIX}gcc" AR="${ARM_NONE_EABI_GCC_PREFIX}ar" CFLAGS='-std=c99 -Werror -Wall -Wextra -march=armv5te -O1' LDFLAGS='-march=armv5te' SHELL='sh -x' lib msg "size: ${ARM_NONE_EABI_GCC_PREFIX}gcc -march=armv5te -O1" From efd14bf9bd5bfa686d6f422a317f946ad472f5bf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 18 Aug 2020 10:31:36 +0200 Subject: [PATCH 22/81] Enable arm-linux-gnueabi-gcc build on Travis MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- .travis.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 48faa4846..8fa0b343e 100644 --- a/.travis.yml +++ b/.travis.yml @@ -14,6 +14,7 @@ jobs: - graphviz - gcc-arm-none-eabi - libnewlib-arm-none-eabi + - gcc-arm-linux-gnueabi language: python # Needed to get pip for Python 3 python: 3.5 # version from Ubuntu 16.04 install: @@ -22,7 +23,7 @@ jobs: - tests/scripts/all.sh -k 'check_*' - tests/scripts/all.sh -k test_default_out_of_box - tests/scripts/all.sh -k test_ref_configs - - tests/scripts/all.sh -k build_arm_none_eabi_gcc_arm5vte build_arm_none_eabi_gcc_m0plus + - tests/scripts/all.sh -k build_arm_linux_gnueabi_gcc_arm5vte build_arm_none_eabi_gcc_m0plus - name: full configuration script: From ae505eeeed006c907bf05697eac8c7e8fd38aee4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 6 Jul 2021 09:44:59 +0200 Subject: [PATCH 23/81] Fix missing dependency on Travis MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Was getting errors like: In file included from /usr/include/limits.h:25:0, from /usr/lib/gcc-cross/arm-linux-gnueabi/5/include-fixed/limits.h:168, from /usr/lib/gcc-cross/arm-linux-gnueabi/5/include-fixed/syslimits.h:7, from /usr/lib/gcc-cross/arm-linux-gnueabi/5/include-fixed/limits.h:34, from ../include/mbedtls/check_config.h:30, from ../include/mbedtls/build_info.h:81, from common.h:26, from asn1write.c:20: /usr/include/features.h:367:25: fatal error: sys/cdefs.h: No such file or directory There are two packages to choose from: armhf or armel. Since the comment in all.sh says we're trying to be close to Debian's "armel" architecture, choose that, and fix a comment that was mentioning gnueabihf for no apparent reason. Signed-off-by: Manuel Pégourié-Gonnard --- .travis.yml | 1 + tests/scripts/all.sh | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 8fa0b343e..39ae19c19 100644 --- a/.travis.yml +++ b/.travis.yml @@ -15,6 +15,7 @@ jobs: - gcc-arm-none-eabi - libnewlib-arm-none-eabi - gcc-arm-linux-gnueabi + - libc6-dev-armel-cross language: python # Needed to get pip for Python 3 python: 3.5 # version from Ubuntu 16.04 install: diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 7570b1128..e103c9a3d 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -2396,7 +2396,7 @@ component_build_arm_none_eabi_gcc_arm5vte () { scripts/config.py baremetal # This is an imperfect substitute for # component_build_arm_linux_gnueabi_gcc_arm5vte - # in case the gcc-arm-linux-gnueabihf toolchain is not available + # in case the gcc-arm-linux-gnueabi toolchain is not available make CC="${ARM_NONE_EABI_GCC_PREFIX}gcc" AR="${ARM_NONE_EABI_GCC_PREFIX}ar" CFLAGS='-std=c99 -Werror -Wall -Wextra -march=armv5te -O1' LDFLAGS='-march=armv5te' SHELL='sh -x' lib msg "size: ${ARM_NONE_EABI_GCC_PREFIX}gcc -march=armv5te -O1" From f3cce8b0e1bb5df423e4c4bf46ac1cd5d5387300 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Sat, 7 Aug 2021 14:29:49 +0100 Subject: [PATCH 24/81] Add handshake message writing variant that doesn't update checksum The helper `mbedtls_ssl_write_handshake_msg` writes a handshake message and updates the handshake transcript. With TLS 1.3, we need finer control over the checksum: updating at message granularity is not sufficient. To allow for manual maintenance of the checksum in those cases, refine `mbedtls_ssl_write_handshake_msg()` into `mbedtls_ssl_write_handshake_msg_ext()` which takes a parameter determining whether the checksum should be updated. Signed-off-by: Hanno Becker --- library/ssl_misc.h | 8 +++++++- library/ssl_msg.c | 5 +++-- 2 files changed, 10 insertions(+), 3 deletions(-) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index cc19f4723..e4966f019 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -971,7 +971,13 @@ int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl, unsigned update_hs_digest ); int mbedtls_ssl_fetch_input( mbedtls_ssl_context *ssl, size_t nb_want ); -int mbedtls_ssl_write_handshake_msg( mbedtls_ssl_context *ssl ); +int mbedtls_ssl_write_handshake_msg_ext( mbedtls_ssl_context *ssl, + int update_checksum ); +static inline int mbedtls_ssl_write_handshake_msg( mbedtls_ssl_context *ssl ) +{ + return( mbedtls_ssl_write_handshake_msg_ext( ssl, 1 /* update checksum */ ) ); +} + int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl, uint8_t force_flush ); int mbedtls_ssl_flush_output( mbedtls_ssl_context *ssl ); diff --git a/library/ssl_msg.c b/library/ssl_msg.c index 76cc2b17d..fe26eaaf2 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -2360,7 +2360,8 @@ void mbedtls_ssl_send_flight_completed( mbedtls_ssl_context *ssl ) * (including handshake headers but excluding record headers) * - ssl->out_msg: the record contents (handshake headers + content) */ -int mbedtls_ssl_write_handshake_msg( mbedtls_ssl_context *ssl ) +int mbedtls_ssl_write_handshake_msg_ext( mbedtls_ssl_context *ssl, + int update_checksum ) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const size_t hs_len = ssl->out_msglen - 4; @@ -2469,7 +2470,7 @@ int mbedtls_ssl_write_handshake_msg( mbedtls_ssl_context *ssl ) #endif /* MBEDTLS_SSL_PROTO_DTLS */ /* Update running hashes of handshake messages seen */ - if( hs_type != MBEDTLS_SSL_HS_HELLO_REQUEST ) + if( hs_type != MBEDTLS_SSL_HS_HELLO_REQUEST && update_checksum != 0 ) ssl->handshake->update_checksum( ssl, ssl->out_msg, ssl->out_msglen ); } From 41934dd20a71fc474f0bd4f6cb754b09b48bd52f Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Sat, 7 Aug 2021 19:13:43 +0100 Subject: [PATCH 25/81] Share preparatory code between client and server handshake steps Signed-off-by: Hanno Becker --- library/ssl_cli.c | 15 --------------- library/ssl_srv.c | 15 --------------- library/ssl_tls.c | 32 ++++++++++++++++++++++++++++++-- 3 files changed, 30 insertions(+), 32 deletions(-) diff --git a/library/ssl_cli.c b/library/ssl_cli.c index e0a1c24ec..59c546042 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -4210,23 +4210,8 @@ int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl ) { int ret = 0; - if( ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER || ssl->handshake == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "client state: %d", ssl->state ) ); - if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 ) - return( ret ); - -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING ) - { - if( ( ret = mbedtls_ssl_flight_transmit( ssl ) ) != 0 ) - return( ret ); - } -#endif /* MBEDTLS_SSL_PROTO_DTLS */ - /* Change state now, so that it is right in mbedtls_ssl_read_record(), used * by DTLS for dropping out-of-sequence ChangeCipherSpec records */ #if defined(MBEDTLS_SSL_SESSION_TICKETS) diff --git a/library/ssl_srv.c b/library/ssl_srv.c index d82ec0471..3d6739342 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -4258,23 +4258,8 @@ int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ) { int ret = 0; - if( ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER || ssl->handshake == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "server state: %d", ssl->state ) ); - if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 ) - return( ret ); - -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING ) - { - if( ( ret = mbedtls_ssl_flight_transmit( ssl ) ) != 0 ) - return( ret ); - } -#endif /* MBEDTLS_SSL_PROTO_DTLS */ - switch( ssl->state ) { case MBEDTLS_SSL_HELLO_REQUEST: diff --git a/library/ssl_tls.c b/library/ssl_tls.c index bb5ddc470..bf87fe56d 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -5076,12 +5076,40 @@ int mbedtls_ssl_session_load( mbedtls_ssl_session *session, /* * Perform a single step of the SSL handshake */ +static int ssl_prepare_handshake_step( mbedtls_ssl_context *ssl ) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + + if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 ) + return( ret ); + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING ) + { + if( ( ret = mbedtls_ssl_flight_transmit( ssl ) ) != 0 ) + return( ret ); + } +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + + return( ret ); +} + int mbedtls_ssl_handshake_step( mbedtls_ssl_context *ssl ) { - int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( ssl == NULL || ssl->conf == NULL ) + if( ssl == NULL || + ssl->conf == NULL || + ssl->handshake == NULL || + ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER ) + { return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + } + + ret = ssl_prepare_handshake_step( ssl ); + if( ret != 0 ) + return( ret ); #if defined(MBEDTLS_SSL_CLI_C) if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) From b1dc59a125982ce6bebbb91db44ce6106b0b604b Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Thu, 5 Aug 2021 15:58:09 +0800 Subject: [PATCH 26/81] Add tls1.3 parameters to ssl_{client,server2} To support tls1.3 relative tests, add `tls1_3` parameter for `{min,max}_version` and `force_version` issues: #4844 Change-Id: I1b22a076582374b8aabc733086562e9d03a94a2a Signed-off-by: Jerry Yu --- programs/ssl/ssl_client2.c | 26 ++++++++++++++++++++++++-- programs/ssl/ssl_server2.c | 26 ++++++++++++++++++++++++-- 2 files changed, 48 insertions(+), 4 deletions(-) diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 25fe21bd9..d967bcf96 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -395,13 +395,20 @@ int main( void ) USAGE_CURVES \ USAGE_DHMLEN \ "\n" + +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) +#define TLS1_3_VERSION_OPTIONS ", tls1_3" +#else /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ +#define TLS1_3_VERSION_OPTIONS "" +#endif /* !MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ + #define USAGE4 \ " allow_sha1=%%d default: 0\n" \ " min_version=%%s default: (library default: tls1_2)\n" \ " max_version=%%s default: (library default: tls1_2)\n" \ " force_version=%%s default: \"\" (none)\n" \ - " options: tls1_2, dtls1_2\n" \ - "\n" \ + " options: tls1_2, dtls1_2" TLS1_3_VERSION_OPTIONS \ + "\n\n" \ " force_ciphersuite= default: all enabled\n"\ " query_config= return 0 if the specified\n" \ " configuration macro is defined and 1\n" \ @@ -1070,6 +1077,10 @@ int main( int argc, char *argv[] ) if( strcmp( q, "tls1_2" ) == 0 || strcmp( q, "dtls1_2" ) == 0 ) opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3; +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + else if( strcmp( q, "tls1_3" ) == 0 ) + opt.min_version = MBEDTLS_SSL_MINOR_VERSION_4; +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ else goto usage; } @@ -1078,6 +1089,10 @@ int main( int argc, char *argv[] ) if( strcmp( q, "tls1_2" ) == 0 || strcmp( q, "dtls1_2" ) == 0 ) opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3; +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + else if( strcmp( q, "tls1_3" ) == 0 ) + opt.max_version = MBEDTLS_SSL_MINOR_VERSION_4; +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ else goto usage; } @@ -1103,6 +1118,13 @@ int main( int argc, char *argv[] ) opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3; opt.transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM; } +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + else if( strcmp( q, "tls1_3" ) == 0 ) + { + opt.min_version = MBEDTLS_SSL_MINOR_VERSION_4; + opt.max_version = MBEDTLS_SSL_MINOR_VERSION_4; + } +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ else goto usage; } diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index d2aa48a05..264325e07 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -485,6 +485,13 @@ int main( void ) USAGE_ETM \ USAGE_CURVES \ "\n" + +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) +#define TLS1_3_VERSION_OPTIONS ", tls1_3" +#else /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ +#define TLS1_3_VERSION_OPTIONS "" +#endif /* !MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ + #define USAGE4 \ USAGE_SSL_ASYNC \ USAGE_SNI \ @@ -492,8 +499,8 @@ int main( void ) " min_version=%%s default: (library default: tls1_2)\n" \ " max_version=%%s default: (library default: tls1_2)\n" \ " force_version=%%s default: \"\" (none)\n" \ - " options: tls1_2, dtls1_2\n" \ - "\n" \ + " options: tls1_2, dtls1_2" TLS1_3_VERSION_OPTIONS \ + "\n\n" \ " force_ciphersuite= default: all enabled\n" \ " query_config= return 0 if the specified\n" \ " configuration macro is defined and 1\n" \ @@ -1712,6 +1719,10 @@ int main( int argc, char *argv[] ) if( strcmp( q, "tls1_2" ) == 0 || strcmp( q, "dtls1_2" ) == 0 ) opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3; +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + else if( strcmp( q, "tls1_3" ) == 0 ) + opt.min_version = MBEDTLS_SSL_MINOR_VERSION_4; +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ else goto usage; } @@ -1720,6 +1731,10 @@ int main( int argc, char *argv[] ) if( strcmp( q, "tls1_2" ) == 0 || strcmp( q, "dtls1_2" ) == 0 ) opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3; +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + else if( strcmp( q, "tls1_3" ) == 0 ) + opt.max_version = MBEDTLS_SSL_MINOR_VERSION_4; +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ else goto usage; } @@ -1745,6 +1760,13 @@ int main( int argc, char *argv[] ) opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3; opt.transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM; } +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + else if( strcmp( q, "tls1_3" ) == 0 ) + { + opt.min_version = MBEDTLS_SSL_MINOR_VERSION_4; + opt.max_version = MBEDTLS_SSL_MINOR_VERSION_4; + } +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ else goto usage; } From 2a572cf376137a6d67d459d825b0ca4855592dfe Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Fri, 6 Aug 2021 11:21:08 +0800 Subject: [PATCH 27/81] Move socket setup behind ssl structure setup. If socket setup fail, ssl structure setup won't be called. And the order of them do not affect final result, but it will break ssl setup negative tests. Change the order can fix that. issue: #4844 Change-Id: I2488ed5f74773421eb1eac0cfd7f1ce4fbb0b32d Signed-off-by: Jerry Yu --- programs/ssl/ssl_client2.c | 70 +++++++++++++++++++------------------- programs/ssl/ssl_server2.c | 39 +++++++++++---------- 2 files changed, 54 insertions(+), 55 deletions(-) diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index d967bcf96..86c314c35 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -1592,41 +1592,7 @@ int main( int argc, char *argv[] ) #endif /* MBEDTLS_X509_CRT_PARSE_C */ /* - * 2. Start the connection - */ - if( opt.server_addr == NULL) - opt.server_addr = opt.server_name; - - mbedtls_printf( " . Connecting to %s/%s/%s...", - opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? "tcp" : "udp", - opt.server_addr, opt.server_port ); - fflush( stdout ); - - if( ( ret = mbedtls_net_connect( &server_fd, - opt.server_addr, opt.server_port, - opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? - MBEDTLS_NET_PROTO_TCP : MBEDTLS_NET_PROTO_UDP ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_connect returned -0x%x\n\n", - (unsigned int) -ret ); - goto exit; - } - - if( opt.nbio > 0 ) - ret = mbedtls_net_set_nonblock( &server_fd ); - else - ret = mbedtls_net_set_block( &server_fd ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! net_set_(non)block() returned -0x%x\n\n", - (unsigned int) -ret ); - goto exit; - } - - mbedtls_printf( " ok\n" ); - - /* - * 3. Setup stuff + * 2. Setup stuff */ mbedtls_printf( " . Setting up the SSL/TLS structure..." ); fflush( stdout ); @@ -1978,6 +1944,40 @@ int main( int argc, char *argv[] ) mbedtls_printf( " ok\n" ); + /* + * 3. Start the connection + */ + if( opt.server_addr == NULL) + opt.server_addr = opt.server_name; + + mbedtls_printf( " . Connecting to %s/%s/%s...", + opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? "tcp" : "udp", + opt.server_addr, opt.server_port ); + fflush( stdout ); + + if( ( ret = mbedtls_net_connect( &server_fd, + opt.server_addr, opt.server_port, + opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? + MBEDTLS_NET_PROTO_TCP : MBEDTLS_NET_PROTO_UDP ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_net_connect returned -0x%x\n\n", + (unsigned int) -ret ); + goto exit; + } + + if( opt.nbio > 0 ) + ret = mbedtls_net_set_nonblock( &server_fd ); + else + ret = mbedtls_net_set_block( &server_fd ); + if( ret != 0 ) + { + mbedtls_printf( " failed\n ! net_set_(non)block() returned -0x%x\n\n", + (unsigned int) -ret ); + goto exit; + } + + mbedtls_printf( " ok\n" ); + /* * 4. Handshake */ diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 264325e07..83bd617c6 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -2398,26 +2398,7 @@ int main( int argc, char *argv[] ) #endif /* SNI_OPTION */ /* - * 2. Setup the listening TCP socket - */ - mbedtls_printf( " . Bind on %s://%s:%s/ ...", - opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? "tcp" : "udp", - opt.server_addr ? opt.server_addr : "*", - opt.server_port ); - fflush( stdout ); - - if( ( ret = mbedtls_net_bind( &listen_fd, opt.server_addr, opt.server_port, - opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? - MBEDTLS_NET_PROTO_TCP : MBEDTLS_NET_PROTO_UDP ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_bind returned -0x%x\n\n", (unsigned int) -ret ); - goto exit; - } - - mbedtls_printf( " ok\n" ); - - /* - * 3. Setup stuff + * 2. Setup stuff */ mbedtls_printf( " . Setting up the SSL/TLS structure..." ); fflush( stdout ); @@ -2911,6 +2892,24 @@ int main( int argc, char *argv[] ) mbedtls_printf( " ok\n" ); + /* + * 3. Setup the listening TCP socket + */ + mbedtls_printf( " . Bind on %s://%s:%s/ ...", + opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? "tcp" : "udp", + opt.server_addr ? opt.server_addr : "*", + opt.server_port ); + fflush( stdout ); + + if( ( ret = mbedtls_net_bind( &listen_fd, opt.server_addr, opt.server_port, + opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? + MBEDTLS_NET_PROTO_TCP : MBEDTLS_NET_PROTO_UDP ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_net_bind returned -0x%x\n\n", (unsigned int) -ret ); + goto exit; + } + mbedtls_printf( " ok\n" ); + reset: #if !defined(_WIN32) if( received_sigterm ) From 60835a88c3249e266d0a1aac69a955f2a1ac26f4 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Wed, 4 Aug 2021 10:13:52 +0800 Subject: [PATCH 28/81] Add config check utils functions Check configuration parameter in structure setup function to make sure the config data is available and valid. Current implementation checks the version config. Available version configs are - tls1_3 only - tls1_2 only issues: #4844 Change-Id: Ia762bd3d817440ae130b45f19b80a2868afae924 Signed-off-by: Jerry Yu --- library/ssl_misc.h | 46 ++++++++++++++++++++++++++++++++++++++++++ library/ssl_tls.c | 50 ++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 96 insertions(+) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index cc19f4723..879e0e07b 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -1259,4 +1259,50 @@ void mbedtls_ssl_buffering_free( mbedtls_ssl_context *ssl ); void mbedtls_ssl_flight_free( mbedtls_ssl_flight_item *flight ); #endif /* MBEDTLS_SSL_PROTO_DTLS */ +/** + * ssl utils functions for checking configuration. + */ + +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) +static inline int mbedtls_ssl_conf_is_tls13_only( const mbedtls_ssl_config *conf ) +{ + if( conf->min_major_ver == MBEDTLS_SSL_MAJOR_VERSION_3 && + conf->max_major_ver == MBEDTLS_SSL_MAJOR_VERSION_3 && + conf->min_minor_ver == MBEDTLS_SSL_MINOR_VERSION_4 && + conf->max_minor_ver == MBEDTLS_SSL_MINOR_VERSION_4 ) + { + return( 1 ); + } + return( 0 ); +} +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ + +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) +static inline int mbedtls_ssl_conf_is_tls12_only( const mbedtls_ssl_config *conf ) +{ + if( conf->min_major_ver == MBEDTLS_SSL_MAJOR_VERSION_3 && + conf->max_major_ver == MBEDTLS_SSL_MAJOR_VERSION_3 && + conf->min_minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 && + conf->max_minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) + { + return( 1 ); + } + return( 0 ); +} +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ + +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) +static inline int mbedtls_ssl_conf_is_hybrid_tls12_tls13( const mbedtls_ssl_config *conf ) +{ + if( conf->min_major_ver == MBEDTLS_SSL_MAJOR_VERSION_3 && + conf->max_major_ver == MBEDTLS_SSL_MAJOR_VERSION_3 && + conf->min_minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 && + conf->max_minor_ver == MBEDTLS_SSL_MINOR_VERSION_4 ) + { + return( 1 ); + } + return( 0 ); +} +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 && MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL*/ + #endif /* ssl_misc.h */ diff --git a/library/ssl_tls.c b/library/ssl_tls.c index bb5ddc470..911a80c64 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -3142,6 +3142,53 @@ void mbedtls_ssl_init( mbedtls_ssl_context *ssl ) memset( ssl, 0, sizeof( mbedtls_ssl_context ) ); } +static int ssl_conf_version_check( const mbedtls_ssl_context *ssl ) +{ +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + if( mbedtls_ssl_conf_is_tls13_only( ssl->conf ) ) + { + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "DTLS 1.3 is not yet supported" ) ); + return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); + } + MBEDTLS_SSL_DEBUG_MSG( 4, ( "The SSL configuration is tls13 only." ) ); + return( 0 ); + } +#endif + +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) + if( mbedtls_ssl_conf_is_tls12_only( ssl->conf ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 4, ( "The SSL configuration is tls12 only." ) ); + return( 0 ); + } +#endif + +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + if( mbedtls_ssl_conf_is_hybrid_tls12_tls13( ssl->conf ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "Hybrid TLS 1.2 + TLS 1.3 configurations are not yet supported" ) ); + return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); + } +#endif + + MBEDTLS_SSL_DEBUG_MSG( 1, ( "The SSL configuration is invalid." ) ); + return( MBEDTLS_ERR_SSL_BAD_CONFIG ); +} + +static int ssl_conf_check(const mbedtls_ssl_context *ssl) +{ + int ret; + ret = ssl_conf_version_check( ssl ); + if( ret != 0 ) + return( ret ); + + /* Space for further checks */ + + return( 0 ); +} + /* * Setup an SSL context */ @@ -3155,6 +3202,9 @@ int mbedtls_ssl_setup( mbedtls_ssl_context *ssl, ssl->conf = conf; + if( ( ret = ssl_conf_check( ssl ) ) != 0 ) + return( ret ); + /* * Prepare base structures */ From c46e9b4091fd3d682a4128c2111e339ced186ab4 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Fri, 6 Aug 2021 11:22:24 +0800 Subject: [PATCH 29/81] tests: Add negative version config tests. tls1.3 and tls1.2 can not be enabled at same time before #4832 resolved. And the test won't run into `handshake` stage, add `skip_handshak_check` function to skip it. Change-Id: I13f3b06b2f33b9c9beb8cac90f5fda41a4ed53f3 Signed-off-by: Jerry Yu --- tests/ssl-opt.sh | 45 ++++++++++++++++++++++++++++++++++----------- 1 file changed, 34 insertions(+), 11 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index ba5a21779..ecead5791 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -693,6 +693,11 @@ find_in_both() { fi } +SKIP_HANDSHAKE_CHECK="NO" +skip_handshake_stage_check() { + SKIP_HANDSHAKE_CHECK="YES" +} + # Usage: run_test name [-p proxy_cmd] srv_cmd cli_cmd cli_exit [option [...]] # Options: -s pattern pattern that must be present in server output # -c pattern pattern that must be present in client output @@ -855,21 +860,25 @@ run_test() { # (useful to avoid tests with only negative assertions and non-zero # expected client exit to incorrectly succeed in case of catastrophic # failure) - if is_polar "$SRV_CMD"; then - if grep "Performing the SSL/TLS handshake" $SRV_OUT >/dev/null; then :; - else - fail "server or client failed to reach handshake stage" - return + if [ "X$SKIP_HANDSHAKE_CHECK" != "XYES" ] + then + if is_polar "$SRV_CMD"; then + if grep "Performing the SSL/TLS handshake" $SRV_OUT >/dev/null; then :; + else + fail "server or client failed to reach handshake stage" + return + fi fi - fi - if is_polar "$CLI_CMD"; then - if grep "Performing the SSL/TLS handshake" $CLI_OUT >/dev/null; then :; - else - fail "server or client failed to reach handshake stage" - return + if is_polar "$CLI_CMD"; then + if grep "Performing the SSL/TLS handshake" $CLI_OUT >/dev/null; then :; + else + fail "server or client failed to reach handshake stage" + return + fi fi fi + SKIP_HANDSHAKE_CHECK="NO" # Check server exit code (only for Mbed TLS: GnuTLS and OpenSSL don't # exit with status 0 when interrupted by a signal, and we don't really # care anyway), in case e.g. the server reports a memory leak. @@ -8478,6 +8487,20 @@ run_test "export keys functionality" \ -c "EAP-TLS IV is:" \ -s "EAP-TLS IV is:" +# TLS1.3 test cases +# TODO: remove or rewrite this test case if #4832 is resolved. +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL +skip_handshake_stage_check +run_test "TLS1.3: Not supported version check: tls1_2 and tls1_3" \ + "$P_SRV debug_level=1 min_version=tls1_2 max_version=tls1_3" \ + "$P_CLI debug_level=1 min_version=tls1_2 max_version=tls1_3" \ + 1 \ + -s "SSL - The requested feature is not available" \ + -c "SSL - The requested feature is not available" \ + -s "Hybrid TLS 1.2 + TLS 1.3 configurations are not yet supported" \ + -c "Hybrid TLS 1.2 + TLS 1.3 configurations are not yet supported" + # Test heap memory usage after handshake requires_config_enabled MBEDTLS_MEMORY_DEBUG requires_config_enabled MBEDTLS_MEMORY_BUFFER_ALLOC_C From b19ccc3998d40d0463e0e92bb8c1e18669de2d40 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Mon, 9 Aug 2021 17:44:56 +0800 Subject: [PATCH 30/81] fix test_suite_debug test fail Before `mbedtls_ssl_setup`, config functions should be called. Without it, `mbedtls_ssl_setup` will raise invalid value error. Change-Id: I46fdaa5e8eb83d06c620087a9e1e7e14e1c5d9b5 Signed-off-by: Jerry Yu --- tests/suites/test_suite_debug.function | 39 +++++++++++++++++++++----- 1 file changed, 32 insertions(+), 7 deletions(-) diff --git a/tests/suites/test_suite_debug.function b/tests/suites/test_suite_debug.function index 197a7ef31..c51be4d0b 100644 --- a/tests/suites/test_suite_debug.function +++ b/tests/suites/test_suite_debug.function @@ -60,10 +60,16 @@ void debug_print_msg_threshold( int threshold, int level, char * file, memset( buffer.buf, 0, 2000 ); buffer.ptr = buffer.buf; + mbedtls_ssl_config_defaults( &conf, + MBEDTLS_SSL_IS_CLIENT, + MBEDTLS_SSL_TRANSPORT_STREAM, + MBEDTLS_SSL_PRESET_DEFAULT ); + + mbedtls_ssl_conf_dbg( &conf, string_debug, &buffer); + TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 ); mbedtls_debug_set_threshold( threshold ); - mbedtls_ssl_conf_dbg( &conf, string_debug, &buffer); mbedtls_debug_print_msg( &ssl, level, file, line, "Text message, 2 == %d", 2 ); @@ -89,10 +95,15 @@ void mbedtls_debug_print_ret( char * file, int line, char * text, int value, memset( buffer.buf, 0, 2000 ); buffer.ptr = buffer.buf; - TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 ); + mbedtls_ssl_config_defaults( &conf, + MBEDTLS_SSL_IS_CLIENT, + MBEDTLS_SSL_TRANSPORT_STREAM, + MBEDTLS_SSL_PRESET_DEFAULT ); mbedtls_ssl_conf_dbg( &conf, string_debug, &buffer); + TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 ); + mbedtls_debug_print_ret( &ssl, 0, file, line, text, value); TEST_ASSERT( strcmp( buffer.buf, result_str ) == 0 ); @@ -116,11 +127,15 @@ void mbedtls_debug_print_buf( char * file, int line, char * text, memset( buffer.buf, 0, 2000 ); buffer.ptr = buffer.buf; - - TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 ); + mbedtls_ssl_config_defaults( &conf, + MBEDTLS_SSL_IS_CLIENT, + MBEDTLS_SSL_TRANSPORT_STREAM, + MBEDTLS_SSL_PRESET_DEFAULT ); mbedtls_ssl_conf_dbg( &conf, string_debug, &buffer); + TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 ); + mbedtls_debug_print_buf( &ssl, 0, file, line, text, data->x, data->len ); TEST_ASSERT( strcmp( buffer.buf, result_str ) == 0 ); @@ -146,10 +161,15 @@ void mbedtls_debug_print_crt( char * crt_file, char * file, int line, memset( buffer.buf, 0, 2000 ); buffer.ptr = buffer.buf; - TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 ); + mbedtls_ssl_config_defaults( &conf, + MBEDTLS_SSL_IS_CLIENT, + MBEDTLS_SSL_TRANSPORT_STREAM, + MBEDTLS_SSL_PRESET_DEFAULT ); mbedtls_ssl_conf_dbg( &conf, string_debug, &buffer); + TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 ); + TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 ); mbedtls_debug_print_crt( &ssl, 0, file, line, prefix, &crt); @@ -177,12 +197,17 @@ void mbedtls_debug_print_mpi( int radix, char * value, char * file, int line, memset( buffer.buf, 0, 2000 ); buffer.ptr = buffer.buf; + mbedtls_ssl_config_defaults( &conf, + MBEDTLS_SSL_IS_CLIENT, + MBEDTLS_SSL_TRANSPORT_STREAM, + MBEDTLS_SSL_PRESET_DEFAULT ); + + mbedtls_ssl_conf_dbg( &conf, string_debug, &buffer); + TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 ); TEST_ASSERT( mbedtls_test_read_mpi( &val, radix, value ) == 0 ); - mbedtls_ssl_conf_dbg( &conf, string_debug, &buffer); - mbedtls_debug_print_mpi( &ssl, 0, file, line, prefix, &val); TEST_ASSERT( strcmp( buffer.buf, result_str ) == 0 ); From 3cc4c2a50698006726ee19679fc8339176363540 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Fri, 6 Aug 2021 16:29:08 +0800 Subject: [PATCH 31/81] Add dummy ssl_tls13_{client,server}.c Change-Id: Ic1cd1d55b097f5a31c9f48e9d55733d75ab49982 Signed-off-by: Jerry Yu --- library/CMakeLists.txt | 2 ++ library/Makefile | 2 ++ library/ssl_tls13_client.c | 34 ++++++++++++++++++++++++++++++++++ library/ssl_tls13_server.c | 32 ++++++++++++++++++++++++++++++++ 4 files changed, 70 insertions(+) create mode 100644 library/ssl_tls13_client.c create mode 100644 library/ssl_tls13_server.c diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index 1cd5589cd..5adc128c9 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -104,6 +104,8 @@ set(src_tls ssl_ticket.c ssl_tls.c ssl_tls13_keys.c + ssl_tls13_server.c + ssl_tls13_client.c ) if(CMAKE_COMPILER_IS_GNUCC) diff --git a/library/Makefile b/library/Makefile index 0ee6e4f36..8c58fb850 100644 --- a/library/Makefile +++ b/library/Makefile @@ -167,6 +167,8 @@ OBJS_TLS= \ ssl_ticket.o \ ssl_tls.o \ ssl_tls13_keys.o \ + ssl_tls13_client.o \ + ssl_tls13_server.o \ # This line is intentionally left blank .SILENT: diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c new file mode 100644 index 000000000..c35fedc57 --- /dev/null +++ b/library/ssl_tls13_client.c @@ -0,0 +1,34 @@ +/* + * TLS 1.3 client-side functions + * + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS ( https://tls.mbed.org ) + */ + +#include "common.h" + +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + +#if defined(MBEDTLS_SSL_CLI_C) + +#include "ssl_misc.h" + + + +#endif /* MBEDTLS_SSL_CLI_C */ + +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c new file mode 100644 index 000000000..370f11920 --- /dev/null +++ b/library/ssl_tls13_server.c @@ -0,0 +1,32 @@ +/* + * TLSv1.3 server-side functions + * + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. +*/ + +#include "common.h" + +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + + +#if defined(MBEDTLS_SSL_SRV_C) + +#include "ssl_misc.h" + + +#endif /* MBEDTLS_SSL_SRV_C */ + +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ From b9930e7d7053197649cbe0723658f9bd0b7c442e Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Fri, 6 Aug 2021 17:11:51 +0800 Subject: [PATCH 32/81] Add dummy tls1.3 handshake dispatch functions Base on version config, `handshack_{clinet,server}_step` will call different step function. TLS1.3 features will be gradully added base on it. And a new test cases is added to make sure it reports `feature is not available`. Change-Id: I4f0e36cb610f5aa59f97910fb8204bfbf2825949 Signed-off-by: Jerry Yu --- library/ssl_misc.h | 4 ++++ library/ssl_tls.c | 24 ++++++++++++++++++++++-- library/ssl_tls13_client.c | 6 +++++- library/ssl_tls13_server.c | 8 ++++++-- tests/ssl-opt.sh | 9 +++++++++ 5 files changed, 46 insertions(+), 5 deletions(-) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 879e0e07b..c8e2f4c88 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -881,6 +881,10 @@ void mbedtls_ssl_handshake_free( mbedtls_ssl_context *ssl ); int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl ); int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ); void mbedtls_ssl_handshake_wrapup( mbedtls_ssl_context *ssl ); +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) +int mbedtls_ssl_handshake_client_step_tls1_3( mbedtls_ssl_context *ssl ); +int mbedtls_ssl_handshake_server_step_tls1_3( mbedtls_ssl_context *ssl ); +#endif int mbedtls_ssl_send_fatal_handshake_failure( mbedtls_ssl_context *ssl ); diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 911a80c64..923c671a7 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -5135,11 +5135,31 @@ int mbedtls_ssl_handshake_step( mbedtls_ssl_context *ssl ) #if defined(MBEDTLS_SSL_CLI_C) if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) - ret = mbedtls_ssl_handshake_client_step( ssl ); + { +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + if( mbedtls_ssl_conf_is_tls13_only( ssl->conf ) ) + ret = mbedtls_ssl_handshake_client_step_tls1_3( ssl ); +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ + +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) + if( mbedtls_ssl_conf_is_tls12_only( ssl->conf ) ) + ret = mbedtls_ssl_handshake_client_step( ssl ); +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ + } #endif #if defined(MBEDTLS_SSL_SRV_C) if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) - ret = mbedtls_ssl_handshake_server_step( ssl ); + { +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + if( mbedtls_ssl_conf_is_tls13_only( ssl->conf ) ) + ret = mbedtls_ssl_handshake_server_step_tls1_3( ssl ); +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ + +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) + if( mbedtls_ssl_conf_is_tls12_only( ssl->conf ) ) + ret = mbedtls_ssl_handshake_server_step( ssl ); +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ + } #endif return( ret ); diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index c35fedc57..368b5572d 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -27,7 +27,11 @@ #include "ssl_misc.h" - +int mbedtls_ssl_handshake_client_step_tls1_3( mbedtls_ssl_context *ssl ) +{ + ((void) ssl); + return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); +} #endif /* MBEDTLS_SSL_CLI_C */ diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 370f11920..a56727741 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -1,5 +1,5 @@ /* - * TLSv1.3 server-side functions + * TLS 1.3 server-side functions * * Copyright The Mbed TLS Contributors * SPDX-License-Identifier: Apache-2.0 @@ -21,11 +21,15 @@ #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) - #if defined(MBEDTLS_SSL_SRV_C) #include "ssl_misc.h" +int mbedtls_ssl_handshake_server_step_tls1_3( mbedtls_ssl_context *ssl ) +{ + ((void) ssl); + return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); +} #endif /* MBEDTLS_SSL_SRV_C */ diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index ecead5791..01265ae9b 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -8501,6 +8501,15 @@ run_test "TLS1.3: Not supported version check: tls1_2 and tls1_3" \ -s "Hybrid TLS 1.2 + TLS 1.3 configurations are not yet supported" \ -c "Hybrid TLS 1.2 + TLS 1.3 configurations are not yet supported" +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL +run_test "TLS1.3: handshake dispatch test: tls1_3 only" \ + "$P_SRV min_version=tls1_3 max_version=tls1_3" \ + "$P_CLI min_version=tls1_3 max_version=tls1_3" \ + 1 \ + -s "SSL - The requested feature is not available" \ + -c "SSL - The requested feature is not available" + # Test heap memory usage after handshake requires_config_enabled MBEDTLS_MEMORY_DEBUG requires_config_enabled MBEDTLS_MEMORY_BUFFER_ALLOC_C From b6bbbb174da33a860b5556e989e334f8d7eee7b3 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 10 Aug 2021 09:00:14 +0100 Subject: [PATCH 33/81] Fix typo in documentation of ssl->transform_out Signed-off-by: Hanno Becker --- include/mbedtls/ssl.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 221cee337..639e3d962 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -1329,7 +1329,7 @@ struct mbedtls_ssl_context * Record layer transformations */ mbedtls_ssl_transform *MBEDTLS_PRIVATE(transform_in); /*!< current transform params (in) */ - mbedtls_ssl_transform *MBEDTLS_PRIVATE(transform_out); /*!< current transform params (in) */ + mbedtls_ssl_transform *MBEDTLS_PRIVATE(transform_out); /*!< current transform params (out) */ mbedtls_ssl_transform *MBEDTLS_PRIVATE(transform); /*!< negotiated transform params */ mbedtls_ssl_transform *MBEDTLS_PRIVATE(transform_negotiate); /*!< transform params in negotiation */ From 0e719ff34144a71d60e1c4e14d63565cb15673bf Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 10 Aug 2021 09:24:08 +0100 Subject: [PATCH 34/81] Improve the documentation of legacy msg layer transforms Signed-off-by: Hanno Becker --- include/mbedtls/ssl.h | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 639e3d962..dc4782e65 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -1328,10 +1328,18 @@ struct mbedtls_ssl_context /* * Record layer transformations */ - mbedtls_ssl_transform *MBEDTLS_PRIVATE(transform_in); /*!< current transform params (in) */ - mbedtls_ssl_transform *MBEDTLS_PRIVATE(transform_out); /*!< current transform params (out) */ - mbedtls_ssl_transform *MBEDTLS_PRIVATE(transform); /*!< negotiated transform params */ - mbedtls_ssl_transform *MBEDTLS_PRIVATE(transform_negotiate); /*!< transform params in negotiation */ + mbedtls_ssl_transform *MBEDTLS_PRIVATE(transform_in); /*!< current transform params (in) + * This is always a reference, + * never an owning pointer. */ + mbedtls_ssl_transform *MBEDTLS_PRIVATE(transform_out); /*!< current transform params (out) + * This is always a reference, + * never an owning pointer. */ + mbedtls_ssl_transform *MBEDTLS_PRIVATE(transform); /*!< negotiated transform params + * This pointer owns the transform + * it references. */ + mbedtls_ssl_transform *MBEDTLS_PRIVATE(transform_negotiate); /*!< transform params in negotiation + * This pointer owns the transform + * it references. */ /* * Timers From 3aa186f9462f6afd2943980863f37d8a608dbaa5 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 10 Aug 2021 09:24:19 +0100 Subject: [PATCH 35/81] Add transforms to be used for TLS 1.3 Signed-off-by: Hanno Becker --- include/mbedtls/ssl.h | 6 ++++++ library/ssl_misc.h | 7 +++++++ library/ssl_tls.c | 12 ++++++++++++ 3 files changed, 25 insertions(+) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index dc4782e65..34353daff 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -1341,6 +1341,12 @@ struct mbedtls_ssl_context * This pointer owns the transform * it references. */ +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + /* The application data transform in TLS 1.3. + * This pointer owns the transform it references. */ + mbedtls_ssl_transform *MBEDTLS_PRIVATE(transform_application); +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ + /* * Timers */ diff --git a/library/ssl_misc.h b/library/ssl_misc.h index cc19f4723..174bad88b 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -562,6 +562,13 @@ struct mbedtls_ssl_handshake_params uint16_t mtu; /*!< Handshake mtu, used to fragment outgoing messages */ #endif /* MBEDTLS_SSL_PROTO_DTLS */ +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + /* TLS 1.3 transforms for 0-RTT and encrypted handshake messages. + * Those pointers own the transforms they reference. */ + mbedtls_ssl_transform *transform_handshake; + mbedtls_ssl_transform *transform_earlydata; +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ + /* * Checksum contexts */ diff --git a/library/ssl_tls.c b/library/ssl_tls.c index bb5ddc470..8316d252b 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -5393,6 +5393,13 @@ void mbedtls_ssl_handshake_free( mbedtls_ssl_context *ssl ) handle_buffer_resizing( ssl, 1, mbedtls_ssl_get_input_buflen( ssl ), mbedtls_ssl_get_output_buflen( ssl ) ); #endif + +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + mbedtls_free( handshake->transform_earlydata ); + mbedtls_free( handshake->transform_handshake ); + handshake->transform_earlydata = NULL; + handshake->transform_handshake = NULL; +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ } void mbedtls_ssl_session_free( mbedtls_ssl_session *session ) @@ -6091,6 +6098,11 @@ void mbedtls_ssl_free( mbedtls_ssl_context *ssl ) mbedtls_free( ssl->session_negotiate ); } +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + mbedtls_ssl_transform_free( ssl->transform_application ); + mbedtls_free( ssl->transform_application ); +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ + if( ssl->session ) { mbedtls_ssl_session_free( ssl->session ); From 551265f8798eb843ee61063b34d42add44dd9bb7 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 10 Aug 2021 13:03:48 +0100 Subject: [PATCH 36/81] Add TLS 1.3 IANA signature-algorithm values Signed-off-by: Hanno Becker --- include/mbedtls/ssl.h | 35 +++++++++++++++++++++++++++++++++++ 1 file changed, 35 insertions(+) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 221cee337..3090f9313 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -337,6 +337,41 @@ #define MBEDTLS_SSL_SIG_RSA 1 #define MBEDTLS_SSL_SIG_ECDSA 3 +/* + * TLS 1.3 signature algorithms + * RFC 8446, Section 4.2.2 + */ + +/* RSASSA-PKCS1-v1_5 algorithms */ +#define MBEDTLS_TLS13_SIG_RSA_PKCS1_SHA256 0x0401 +#define MBEDTLS_TLS13_SIG_RSA_PKCS1_SHA384 0x0501 +#define MBEDTLS_TLS13_SIG_RSA_PKCS1_SHA512 0x0601 + +/* ECDSA algorithms */ +#define MBEDTLS_TLS13_SIG_ECDSA_SECP256R1_SHA256 0x0403 +#define MBEDTLS_TLS13_SIG_ECDSA_SECP384R1_SHA384 0x0503 +#define MBEDTLS_TLS13_SIG_ECDSA_SECP521R1_SHA512 0x0603 + +/* RSASSA-PSS algorithms with public key OID rsaEncryption */ +#define MBEDTLS_TLS13_SIG_RSA_PSS_RSAE_SHA256 0x0804 +#define MBEDTLS_TLS13_SIG_RSA_PSS_RSAE_SHA384 0x0805 +#define MBEDTLS_TLS13_SIG_RSA_PSS_RSAE_SHA512 0x0806 + +/* EdDSA algorithms */ +#define MBEDTLS_TLS13_SIG_ED25519 0x0807 +#define MBEDTLS_TLS13_SIG_ED448 0x0808 + +/* RSASSA-PSS algorithms with public key OID RSASSA-PSS */ +#define MBEDTLS_TLS13_SIG_RSA_PSS_PSS_SHA256 0x0809 +#define MBEDTLS_TLS13_SIG_RSA_PSS_PSS_SHA384 0x080A +#define MBEDTLS_TLS13_SIG_RSA_PSS_PSS_SHA512 0x080B + +/* LEGACY ALGORITHMS */ +#define MBEDTLS_TLS13_SIG_RSA_PKCS1_SHA1 0x0201 +#define MBEDTLS_TLS13_SIG_ECDSA_SHA1 0x0203 + +#define MBEDTLS_TLS13_SIG_NONE 0x0 + /* * Client Certificate Types * RFC 5246 section 7.4.4 plus RFC 4492 section 5.5 From 1cd6e0021f14d9f1b5015c8851781a0e07ffabec Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 10 Aug 2021 13:27:10 +0100 Subject: [PATCH 37/81] Add experimental API for configuration of TLS 1.3 sig algs Signed-off-by: Hanno Becker --- include/mbedtls/ssl.h | 17 +++++++++++++++++ library/ssl_tls.c | 16 ++++++++++++++++ 2 files changed, 33 insertions(+) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 3090f9313..c62f730b3 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -1182,6 +1182,10 @@ struct mbedtls_ssl_config #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) const int *MBEDTLS_PRIVATE(sig_hashes); /*!< allowed signature hashes */ + +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + const uint16_t* MBEDTLS_PRIVATE(tls13_sig_algs); /*!< allowed signature algorithms in TLS 1.3 */ +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ #endif #if defined(MBEDTLS_ECP_C) @@ -3026,6 +3030,19 @@ void mbedtls_ssl_conf_curves( mbedtls_ssl_config *conf, */ void mbedtls_ssl_conf_sig_hashes( mbedtls_ssl_config *conf, const int *hashes ); + +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) +/** + * \brief Configure allowed signature algorithms for use in TLS 1.3 + * + * \param conf The SSL configuration to use. + * \param sig_algs A 0-terminated list of IANA values for TLS 1.3 signature algorithms, + * with the most preferred algorithm listed first. Supported values + * are available as \c MBEDTLS_TLS13_SIG_XXX. + */ +void mbedtls_ssl_conf_sig_algs( mbedtls_ssl_config *conf, + const uint16_t* sig_algs ); +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ #endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ #if defined(MBEDTLS_X509_CRT_PARSE_C) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 923c671a7..e2fb9b66f 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -3933,6 +3933,22 @@ void mbedtls_ssl_conf_sig_hashes( mbedtls_ssl_config *conf, { conf->sig_hashes = hashes; } + +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) +/** + * \brief Configure allowed signature algorithms for use in TLS 1.3 + * + * \param conf The SSL configuration to use. + * \param sig_algs A 0-terminated list of IANA values for TLS 1.3 signature algorithms, + * with the most preferred algorithm listed first. Supported values + * are available as \c MBEDTLS_TLS13_SIG_XXX. + */ +void mbedtls_ssl_conf_sig_algs( mbedtls_ssl_config *conf, + const uint16_t* sig_algs ) +{ + conf->tls13_sig_algs = sig_algs; +} +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ #endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ #if defined(MBEDTLS_ECP_C) From 11ceadd382b1edb83031b4fcb10af3fcd11997fd Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 10 Aug 2021 13:36:41 +0100 Subject: [PATCH 38/81] Add cmdline param for TLS 1.3 sig alg config to ssl_{client,server}2 Signed-off-by: Hanno Becker --- programs/ssl/ssl_client2.c | 90 ++++++++++++++++++++++++++++++++++++-- programs/ssl/ssl_server2.c | 89 ++++++++++++++++++++++++++++++++++++- 2 files changed, 174 insertions(+), 5 deletions(-) diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 86c314c35..17b1ccf93 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -88,6 +88,7 @@ int main( void ) #define DFL_TICKETS MBEDTLS_SSL_SESSION_TICKETS_ENABLED #define DFL_ALPN_STRING NULL #define DFL_CURVES NULL +#define DFL_SIG_ALGS NULL #define DFL_TRANSPORT MBEDTLS_SSL_TRANSPORT_STREAM #define DFL_HS_TO_MIN 0 #define DFL_HS_TO_MAX 0 @@ -269,6 +270,15 @@ int main( void ) #define USAGE_CURVES "" #endif +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) && \ + defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) +#define USAGE_SIG_ALGS \ + " sig_algs=a,b,c,d default: \"default\" (library default)\n" \ + " example: \"ecdsa_secp256r1_sha256,ecdsa_secp384r1_sha384\"\n" +#else +#define USAGE_SIG_ALGS "" +#endif + #if defined(MBEDTLS_SSL_PROTO_DTLS) #define USAGE_DTLS \ " dtls=%%d default: 0 (TLS)\n" \ @@ -393,6 +403,7 @@ int main( void ) USAGE_ETM \ USAGE_REPRODUCIBLE \ USAGE_CURVES \ + USAGE_SIG_ALGS \ USAGE_DHMLEN \ "\n" @@ -417,9 +428,9 @@ int main( void ) USAGE_SERIALIZATION \ " acceptable ciphersuite names:\n" -#define ALPN_LIST_SIZE 10 -#define CURVE_LIST_SIZE 20 - +#define ALPN_LIST_SIZE 10 +#define CURVE_LIST_SIZE 20 +#define SIG_ALG_LIST_SIZE 5 /* * global options @@ -472,6 +483,7 @@ struct options int reconnect_hard; /* unexpectedly reconnect from the same port */ int tickets; /* enable / disable session tickets */ const char *curves; /* list of supported elliptic curves */ + const char *sig_algs; /* supported TLS 1.3 signature algorithms */ const char *alpn_string; /* ALPN supported protocols */ int transport; /* TLS or DTLS? */ uint32_t hs_to_min; /* Initial value of DTLS handshake timer */ @@ -631,6 +643,12 @@ int main( int argc, char *argv[] ) mbedtls_net_context server_fd; io_ctx_t io_ctx; +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) && \ + defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) + uint16_t sig_alg_list[SIG_ALG_LIST_SIZE]; +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL && + MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ + unsigned char buf[MAX_REQUEST_SIZE + 1]; #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) @@ -833,6 +851,7 @@ int main( int argc, char *argv[] ) opt.tickets = DFL_TICKETS; opt.alpn_string = DFL_ALPN_STRING; opt.curves = DFL_CURVES; + opt.sig_algs = DFL_SIG_ALGS; opt.transport = DFL_TRANSPORT; opt.hs_to_min = DFL_HS_TO_MIN; opt.hs_to_max = DFL_HS_TO_MAX; @@ -1063,6 +1082,12 @@ int main( int argc, char *argv[] ) } else if( strcmp( p, "curves" ) == 0 ) opt.curves = q; +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) && \ + defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) + else if( strcmp( p, "sig_algs" ) == 0 ) + opt.sig_algs = q; +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL && + MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ else if( strcmp( p, "etm" ) == 0 ) { switch( atoi( q ) ) @@ -1450,6 +1475,60 @@ int main( int argc, char *argv[] ) } #endif /* MBEDTLS_ECP_C */ +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) && \ + defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) + if( opt.sig_algs != NULL ) + { + p = (char *) opt.sig_algs; + i = 0; + + /* Leave room for a final NULL in signature algorithm list */ + while( i < SIG_ALG_LIST_SIZE - 1 && *p != '\0' ) + { + q = p; + + /* Terminate the current string */ + while( *p != ',' && *p != '\0' ) + p++; + if( *p == ',' ) + *p++ = '\0'; + + if( strcmp( q, "ecdsa_secp256r1_sha256" ) == 0 ) + { + sig_alg_list[i++] = MBEDTLS_TLS13_SIG_ECDSA_SECP256R1_SHA256; + } + else if( strcmp( q, "ecdsa_secp384r1_sha384" ) == 0 ) + { + sig_alg_list[i++] = MBEDTLS_TLS13_SIG_ECDSA_SECP384R1_SHA384; + } + else if( strcmp( q, "ecdsa_secp521r1_sha512" ) == 0 ) + { + sig_alg_list[i++] = MBEDTLS_TLS13_SIG_ECDSA_SECP521R1_SHA512; + } + else + { + mbedtls_printf( "unknown signature algorithm %s\n", q ); + mbedtls_printf( "supported signature algorithms: " ); + mbedtls_printf( "ecdsa_secp256r1_sha256 " ); + mbedtls_printf( "ecdsa_secp384r1_sha384 " ); + mbedtls_printf( "ecdsa_secp521r1_sha512 " ); + mbedtls_printf( "\n" ); + goto exit; + } + } + + if( i == ( SIG_ALG_LIST_SIZE - 1 ) && *p != '\0' ) + { + mbedtls_printf( "signature algorithm list too long, maximum %d", + SIG_ALG_LIST_SIZE - 1 ); + goto exit; + } + + sig_alg_list[i] = MBEDTLS_TLS13_SIG_NONE; + } +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL && + MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ + #if defined(MBEDTLS_SSL_ALPN) if( opt.alpn_string != NULL ) { @@ -1785,6 +1864,11 @@ int main( int argc, char *argv[] ) } #endif +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + if( opt.sig_algs != NULL ) + mbedtls_ssl_conf_sig_algs( &conf, sig_alg_list ); +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ + #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) #if defined(MBEDTLS_USE_PSA_CRYPTO) if( opt.psk_opaque != 0 ) diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 83bd617c6..c7110e850 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -119,6 +119,7 @@ int main( void ) #define DFL_SNI NULL #define DFL_ALPN_STRING NULL #define DFL_CURVES NULL +#define DFL_SIG_ALGS NULL #define DFL_DHM_FILE NULL #define DFL_TRANSPORT MBEDTLS_SSL_TRANSPORT_STREAM #define DFL_COOKIES 1 @@ -418,6 +419,15 @@ int main( void ) #define USAGE_CURVES "" #endif +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) && \ + defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) +#define USAGE_SIG_ALGS \ + " sig_algs=a,b,c,d default: \"default\" (library default)\n" \ + " example: \"ecdsa_secp256r1_sha256,ecdsa_secp384r1_sha384\"\n" +#else +#define USAGE_SIG_ALGS "" +#endif + #if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) #define USAGE_SERIALIZATION \ " serialize=%%d default: 0 (do not serialize/deserialize)\n" \ @@ -484,6 +494,7 @@ int main( void ) USAGE_EMS \ USAGE_ETM \ USAGE_CURVES \ + USAGE_SIG_ALGS \ "\n" #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) @@ -509,8 +520,9 @@ int main( void ) USAGE_SERIALIZATION \ " acceptable ciphersuite names:\n" -#define ALPN_LIST_SIZE 10 -#define CURVE_LIST_SIZE 20 +#define ALPN_LIST_SIZE 10 +#define CURVE_LIST_SIZE 20 +#define SIG_ALG_LIST_SIZE 5 #define PUT_UINT64_BE(out_be,in_le,i) \ { \ @@ -583,6 +595,7 @@ struct options int cache_timeout; /* expiration delay of session cache entries */ char *sni; /* string describing sni information */ const char *curves; /* list of supported elliptic curves */ + const char *sig_algs; /* supported TLS 1.3 signature algorithms */ const char *alpn_string; /* ALPN supported protocols */ const char *dhm_file; /* the file with the DH parameters */ int extended_ms; /* allow negotiation of extended MS? */ @@ -1326,6 +1339,12 @@ int main( int argc, char *argv[] ) size_t context_buf_len = 0; #endif +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) && \ + defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) + uint16_t sig_alg_list[SIG_ALG_LIST_SIZE]; +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL && + MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ + int i; char *p, *q; const int *list; @@ -1498,6 +1517,7 @@ int main( int argc, char *argv[] ) opt.sni = DFL_SNI; opt.alpn_string = DFL_ALPN_STRING; opt.curves = DFL_CURVES; + opt.sig_algs = DFL_SIG_ALGS; opt.dhm_file = DFL_DHM_FILE; opt.transport = DFL_TRANSPORT; opt.cookies = DFL_COOKIES; @@ -1665,6 +1685,12 @@ int main( int argc, char *argv[] ) } else if( strcmp( p, "curves" ) == 0 ) opt.curves = q; +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) && \ + defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) + else if( strcmp( p, "sig_algs" ) == 0 ) + opt.sig_algs = q; +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL && && \ + MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ else if( strcmp( p, "renegotiation" ) == 0 ) { opt.renegotiation = (atoi( q )) ? @@ -2172,6 +2198,60 @@ int main( int argc, char *argv[] ) } #endif /* MBEDTLS_ECP_C */ +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) && \ + defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) + if( opt.sig_algs != NULL ) + { + p = (char *) opt.sig_algs; + i = 0; + + /* Leave room for a final NULL in signature algorithm list */ + while( i < SIG_ALG_LIST_SIZE - 1 && *p != '\0' ) + { + q = p; + + /* Terminate the current string */ + while( *p != ',' && *p != '\0' ) + p++; + if( *p == ',' ) + *p++ = '\0'; + + if( strcmp( q, "ecdsa_secp256r1_sha256" ) == 0 ) + { + sig_alg_list[i++] = MBEDTLS_TLS13_SIG_ECDSA_SECP256R1_SHA256; + } + else if( strcmp( q, "ecdsa_secp384r1_sha384" ) == 0 ) + { + sig_alg_list[i++] = MBEDTLS_TLS13_SIG_ECDSA_SECP384R1_SHA384; + } + else if( strcmp( q, "ecdsa_secp521r1_sha512" ) == 0 ) + { + sig_alg_list[i++] = MBEDTLS_TLS13_SIG_ECDSA_SECP521R1_SHA512; + } + else + { + mbedtls_printf( "unknown signature algorithm %s\n", q ); + mbedtls_printf( "supported signature algorithms: " ); + mbedtls_printf( "ecdsa_secp256r1_sha256 " ); + mbedtls_printf( "ecdsa_secp384r1_sha384 " ); + mbedtls_printf( "ecdsa_secp521r1_sha512 " ); + mbedtls_printf( "\n" ); + goto exit; + } + } + + if( i == ( SIG_ALG_LIST_SIZE - 1 ) && *p != '\0' ) + { + mbedtls_printf( "signature algorithm list too long, maximum %d", + SIG_ALG_LIST_SIZE - 1 ); + goto exit; + } + + sig_alg_list[i] = MBEDTLS_TLS13_SIG_NONE; + } +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL && + MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ + #if defined(MBEDTLS_SSL_ALPN) if( opt.alpn_string != NULL ) { @@ -2750,6 +2830,11 @@ int main( int argc, char *argv[] ) } #endif +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + if( opt.sig_algs != NULL ) + mbedtls_ssl_conf_sig_algs( &conf, sig_alg_list ); +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ + #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) if( strlen( opt.psk ) != 0 && strlen( opt.psk_identity ) != 0 ) From 9c6aa7bb9a37ad694de9493941b422f8d4e85887 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 10 Aug 2021 13:50:43 +0100 Subject: [PATCH 39/81] Add default values for TLS 1.3 SigAlg configuration Signed-off-by: Hanno Becker --- library/ssl_tls.c | 42 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 42 insertions(+) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index e2fb9b66f..4843e423d 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -6277,6 +6277,41 @@ static int ssl_preset_suiteb_hashes[] = { MBEDTLS_MD_SHA384, MBEDTLS_MD_NONE }; + +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) +static uint16_t ssl_preset_default_sig_algs[] = { + /* ECDSA algorithms */ +#if defined(MBEDTLS_ECDSA_C) +#if defined(MBEDTLS_SHA256_C) && defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) + MBEDTLS_TLS13_SIG_ECDSA_SECP256R1_SHA256, +#endif /* MBEDTLS_SHA256_C && MBEDTLS_ECP_DP_SECP256R1_ENABLED */ +#if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) + MBEDTLS_TLS13_SIG_ECDSA_SECP384R1_SHA384, +#endif /* MBEDTLS_SHA512_C && MBEDTLS_ECP_DP_SECP384R1_ENABLED */ +#if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) + MBEDTLS_TLS13_SIG_ECDSA_SECP521R1_SHA512, +#endif /* MBEDTLS_SHA512_C && MBEDTLS_ECP_DP_SECP521R1_ENABLED */ +#endif /* MBEDTLS_ECDSA_C */ + /* RSA algorithms */ +#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) + MBEDTLS_TLS13_SIG_RSA_PSS_RSAE_SHA256, +#endif + MBEDTLS_TLS13_SIG_NONE +}; + +static uint16_t ssl_preset_suiteb_sig_algs[] = { + /* ECDSA algorithms */ +#if defined(MBEDTLS_ECDSA_C) +#if defined(MBEDTLS_SHA256_C) && defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) + MBEDTLS_TLS13_SIG_ECDSA_SECP256R1_SHA256, +#endif /* MBEDTLS_SHA256_C && MBEDTLS_ECP_DP_SECP256R1_ENABLED */ +#if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) + MBEDTLS_TLS13_SIG_ECDSA_SECP384R1_SHA384, +#endif /* MBEDTLS_SHA512_C && MBEDTLS_ECP_DP_SECP384R1_ENABLED */ +#endif /* MBEDTLS_ECDSA_C */ + MBEDTLS_TLS13_SIG_NONE +}; +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ #endif #if defined(MBEDTLS_ECP_C) @@ -6391,6 +6426,9 @@ int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf, #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) conf->sig_hashes = ssl_preset_suiteb_hashes; +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + conf->tls13_sig_algs = ssl_preset_suiteb_sig_algs; +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ #endif #if defined(MBEDTLS_ECP_C) @@ -6427,6 +6465,10 @@ int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf, conf->sig_hashes = ssl_preset_default_hashes; #endif +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + conf->tls13_sig_algs = ssl_preset_default_sig_algs; +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ + #if defined(MBEDTLS_ECP_C) conf->curve_list = ssl_preset_default_curves; #endif From deb68ce2d1935024d24cf85e1ef78528143b917f Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 10 Aug 2021 16:04:05 +0100 Subject: [PATCH 40/81] Fix guard around TLS 1.3 SigAlg configuration Signed-off-by: Hanno Becker --- library/ssl_tls.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 4843e423d..07d468ca7 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -6463,11 +6463,10 @@ int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf, #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) conf->sig_hashes = ssl_preset_default_hashes; -#endif - #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) conf->tls13_sig_algs = ssl_preset_default_sig_algs; #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ +#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ #if defined(MBEDTLS_ECP_C) conf->curve_list = ssl_preset_default_curves; From 0402979ed39530a894812d9b9361de943bd8530f Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Tue, 10 Aug 2021 16:45:37 +0800 Subject: [PATCH 41/81] Add openssl/gnutls tls1.3 feature tests. Add functions and test cases to make sure tls1.3 is available in openssl/gnutls Change-Id: I797d15117a8de96614f392e6bb2ed16b6d71ba69 Signed-off-by: Jerry Yu --- tests/ssl-opt.sh | 77 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 77 insertions(+) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 01265ae9b..9ee6b761d 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -77,6 +77,14 @@ else O_LEGACY_CLI=false fi +if [ -n "${OPENSSL_NEXT:-}" ]; then + O_NEXT_SRV="$OPENSSL_NEXT s_server -www -cert data_files/server5.crt -key data_files/server5.key" + O_NEXT_CLI="echo 'GET / HTTP/1.0' | $OPENSSL_NEXT s_client" +else + O_NEXT_SRV=false + O_NEXT_CLI=false +fi + if [ -n "${GNUTLS_NEXT_SERV:-}" ]; then G_NEXT_SRV="$GNUTLS_NEXT_SERV --x509certfile data_files/server5.crt --x509keyfile data_files/server5.key" else @@ -346,6 +354,57 @@ requires_openssl_legacy() { fi } +requires_openssl_next() { + if [ -z "${OPENSSL_NEXT_AVAILABLE:-}" ]; then + if which "${OPENSSL_NEXT:-}" >/dev/null 2>&1; then + OPENSSL_NEXT_AVAILABLE="YES" + else + OPENSSL_NEXT_AVAILABLE="NO" + fi + fi + if [ "$OPENSSL_NEXT_AVAILABLE" = "NO" ]; then + SKIP_NEXT="YES" + fi +} + +# skip next test if tls1_3 is not available +requires_openssl_tls1_3() { + requires_openssl_next + if [ "$OPENSSL_NEXT_AVAILABLE" = "NO" ]; then + OPENSSL_TLS1_3_AVAILABLE="NO" + fi + if [ -z "${OPENSSL_TLS1_3_AVAILABLE:-}" ]; then + if $OPENSSL_NEXT s_client -help 2>&1 | grep tls1_3 >/dev/null + then + OPENSSL_TLS1_3_AVAILABLE="YES" + else + OPENSSL_TLS1_3_AVAILABLE="NO" + fi + fi + if [ "$OPENSSL_TLS1_3_AVAILABLE" = "NO" ]; then + SKIP_NEXT="YES" + fi +} + +# skip next test if tls1_3 is not available +requires_gnutls_tls1_3() { + requires_gnutls_next + if [ "$GNUTLS_NEXT_AVAILABLE" = "NO" ]; then + GNUTLS_TLS1_3_AVAILABLE="NO" + fi + if [ -z "${GNUTLS_TLS1_3_AVAILABLE:-}" ]; then + if $GNUTLS_NEXT_CLI -l 2>&1 | grep VERS-TLS1.3 >/dev/null + then + GNUTLS_TLS1_3_AVAILABLE="YES" + else + GNUTLS_TLS1_3_AVAILABLE="NO" + fi + fi + if [ "$GNUTLS_TLS1_3_AVAILABLE" = "NO" ]; then + SKIP_NEXT="YES" + fi +} + # skip next test if IPv6 isn't available on this host requires_ipv6() { if [ -z "${HAS_IPV6:-}" ]; then @@ -8487,6 +8546,24 @@ run_test "export keys functionality" \ -c "EAP-TLS IV is:" \ -s "EAP-TLS IV is:" +# openssl feature tests: check if tls1.3 exists. +requires_openssl_tls1_3 +run_test "TLS1.3: Test openssl tls1_3 feature" \ + "$O_NEXT_SRV -tls1_3 -msg" \ + "$O_NEXT_CLI -tls1_3 -msg" \ + 0 \ + -c "TLS 1.3" \ + -s "TLS 1.3" + +# gnutls feature tests: check if tls1.3 exists. +requires_gnutls_tls1_3 +run_test "TLS1.3: Test gnutls tls1_3 feature" \ + "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3" \ + "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V" \ + 0 \ + -s "Version: TLS1.3" \ + -c "Version: TLS1.3" + # TLS1.3 test cases # TODO: remove or rewrite this test case if #4832 is resolved. requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 From e043d15d75e81fef9c93aba0639a7dba165b4062 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 12 Aug 2021 06:22:32 +0100 Subject: [PATCH 42/81] Turn comments of 1.3 record transforms into Doxygen documentation Signed-off-by: Hanno Becker --- include/mbedtls/ssl.h | 4 ++-- library/ssl_misc.h | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 34353daff..960a262e4 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -1342,8 +1342,8 @@ struct mbedtls_ssl_context * it references. */ #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) - /* The application data transform in TLS 1.3. - * This pointer owns the transform it references. */ + /*! The application data transform in TLS 1.3. + * This pointer owns the transform it references. */ mbedtls_ssl_transform *MBEDTLS_PRIVATE(transform_application); #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 174bad88b..0b64e010b 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -563,8 +563,8 @@ struct mbedtls_ssl_handshake_params #endif /* MBEDTLS_SSL_PROTO_DTLS */ #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) - /* TLS 1.3 transforms for 0-RTT and encrypted handshake messages. - * Those pointers own the transforms they reference. */ + /*! TLS 1.3 transforms for 0-RTT and encrypted handshake messages. + * Those pointers own the transforms they reference. */ mbedtls_ssl_transform *transform_handshake; mbedtls_ssl_transform *transform_earlydata; #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ From 7dd2f504b3ebeda92cdf7e80135db2026b0356bd Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sat, 24 Apr 2021 13:35:41 +0200 Subject: [PATCH 43/81] Allow configuring MBEDTLS_TLS_EXT_CID at compile time The numerical identifier of the CID extension hasn't been settled yet and different implementations use values from different drafts. Allow configuring the value at compile time. Signed-off-by: Gilles Peskine --- ChangeLog.d/tls_ext_cid-config.txt | 3 +++ include/mbedtls/mbedtls_config.h | 11 +++++++++++ include/mbedtls/ssl.h | 8 +++++++- 3 files changed, 21 insertions(+), 1 deletion(-) create mode 100644 ChangeLog.d/tls_ext_cid-config.txt diff --git a/ChangeLog.d/tls_ext_cid-config.txt b/ChangeLog.d/tls_ext_cid-config.txt new file mode 100644 index 000000000..b7b1e7244 --- /dev/null +++ b/ChangeLog.d/tls_ext_cid-config.txt @@ -0,0 +1,3 @@ +Features + * The identifier of the CID TLS extension can be configured by defining + MBEDTLS_TLS_EXT_CID at compile time. diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index a60db7e93..d470c0054 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -3194,6 +3194,17 @@ //#define MBEDTLS_PSK_MAX_LEN 32 /**< Max size of TLS pre-shared keys, in bytes (default 256 bits) */ //#define MBEDTLS_SSL_COOKIE_TIMEOUT 60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */ +/** \def MBEDTLS_TLS_EXT_CID + * + * At the time of writing, the CID extension has not been assigned its + * final value. Set this configuration option to make Mbed TLS use a + * different value. + * + * A future minor revision of Mbed TLS may change the default value of + * this option to match evolving standards and usage. + */ +//#define MBEDTLS_TLS_EXT_CID 254 + /** * Complete list of ciphersuites to use, in order of preference. * diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 221cee337..167d741a0 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -425,8 +425,14 @@ /* The value of the CID extension is still TBD as of * draft-ietf-tls-dtls-connection-id-05 - * (https://tools.ietf.org/html/draft-ietf-tls-dtls-connection-id-05) */ + * (https://tools.ietf.org/html/draft-ietf-tls-dtls-connection-id-05). + * + * A future minor revision of Mbed TLS may change the default value of + * this option to match evolving standards and usage. + */ +#if !defined(MBEDTLS_TLS_EXT_CID) #define MBEDTLS_TLS_EXT_CID 254 /* TBD */ +#endif #define MBEDTLS_TLS_EXT_ECJPAKE_KKPP 256 /* experimental */ From f7fce9200c73bbbfc92116a94f8d1d856422096e Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Tue, 17 Aug 2021 13:16:08 +0800 Subject: [PATCH 44/81] Remove rsa_pss_rsae_sha256 from preset_sig_algs. To keep consistent with ssl_{clien2t,server2}. Change-Id: I08dbe47a3d9b778ba3acad283f608fef4e63c626 CustomizedGitHooks: yes Signed-off-by: Jerry Yu --- library/ssl_tls.c | 4 ---- 1 file changed, 4 deletions(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 07d468ca7..f97b47376 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -6292,10 +6292,6 @@ static uint16_t ssl_preset_default_sig_algs[] = { MBEDTLS_TLS13_SIG_ECDSA_SECP521R1_SHA512, #endif /* MBEDTLS_SHA512_C && MBEDTLS_ECP_DP_SECP521R1_ENABLED */ #endif /* MBEDTLS_ECDSA_C */ - /* RSA algorithms */ -#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) - MBEDTLS_TLS13_SIG_RSA_PSS_RSAE_SHA256, -#endif MBEDTLS_TLS13_SIG_NONE }; From 7899de839cf26941be5525402078752839cdf6d7 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Tue, 17 Aug 2021 13:09:23 +0800 Subject: [PATCH 45/81] fix comments and format issues Change-Id: I927d97f9d788389d6abb9edbda0f7c3e2f8e9b63 CustomizedGitHooks: yes Signed-off-by: Jerry Yu --- include/mbedtls/ssl.h | 9 +++++---- library/ssl_tls.c | 9 +-------- 2 files changed, 6 insertions(+), 12 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index c62f730b3..c867e025c 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -1184,7 +1184,7 @@ struct mbedtls_ssl_config const int *MBEDTLS_PRIVATE(sig_hashes); /*!< allowed signature hashes */ #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) - const uint16_t* MBEDTLS_PRIVATE(tls13_sig_algs); /*!< allowed signature algorithms in TLS 1.3 */ + const uint16_t *MBEDTLS_PRIVATE(tls13_sig_algs); /*!< allowed signature algorithms for TLS 1.3 */ #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ #endif @@ -3036,9 +3036,10 @@ void mbedtls_ssl_conf_sig_hashes( mbedtls_ssl_config *conf, * \brief Configure allowed signature algorithms for use in TLS 1.3 * * \param conf The SSL configuration to use. - * \param sig_algs A 0-terminated list of IANA values for TLS 1.3 signature algorithms, - * with the most preferred algorithm listed first. Supported values - * are available as \c MBEDTLS_TLS13_SIG_XXX. + * \param sig_algs List of allowed IANA values for TLS 1.3 signature algorithms, + * terminated by \c MBEDTLS_TLS13_SIG_NONE. The list must remain + * available throughout the liftime of the conf object. Supported + * values are available as \c MBEDTLS_TLS13_SIG_XXXX */ void mbedtls_ssl_conf_sig_algs( mbedtls_ssl_config *conf, const uint16_t* sig_algs ); diff --git a/library/ssl_tls.c b/library/ssl_tls.c index f97b47376..909a32a59 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -3935,14 +3935,7 @@ void mbedtls_ssl_conf_sig_hashes( mbedtls_ssl_config *conf, } #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) -/** - * \brief Configure allowed signature algorithms for use in TLS 1.3 - * - * \param conf The SSL configuration to use. - * \param sig_algs A 0-terminated list of IANA values for TLS 1.3 signature algorithms, - * with the most preferred algorithm listed first. Supported values - * are available as \c MBEDTLS_TLS13_SIG_XXX. - */ +/* Configure allowed signature algorithms for use in TLS 1.3 */ void mbedtls_ssl_conf_sig_algs( mbedtls_ssl_config *conf, const uint16_t* sig_algs ) { From 7276f13c9385fdaba52be47a6a528a9e7217dd35 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Tue, 17 Aug 2021 18:25:48 +0800 Subject: [PATCH 46/81] fix comments for sig_algs parser Change-Id: I68bd691c4b67fb18ff9d55ead34f5517b1b981de Signed-off-by: Jerry Yu --- programs/ssl/ssl_client2.c | 2 +- programs/ssl/ssl_server2.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 17b1ccf93..08f993466 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -1482,7 +1482,7 @@ int main( int argc, char *argv[] ) p = (char *) opt.sig_algs; i = 0; - /* Leave room for a final NULL in signature algorithm list */ + /* Leave room for a final MBEDTLS_TLS13_SIG_NONE in signature algorithm list(sig_alg_list) */ while( i < SIG_ALG_LIST_SIZE - 1 && *p != '\0' ) { q = p; diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index c7110e850..d5ec6a7cd 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -2205,7 +2205,7 @@ int main( int argc, char *argv[] ) p = (char *) opt.sig_algs; i = 0; - /* Leave room for a final NULL in signature algorithm list */ + /* Leave room for a final MBEDTLS_TLS13_SIG_NONE in signature algorithm list(sig_alg_list) */ while( i < SIG_ALG_LIST_SIZE - 1 && *p != '\0' ) { q = p; From 8c51b73c86beca145271acdfa400631e5456fd7d Mon Sep 17 00:00:00 2001 From: lhuang04 Date: Sat, 14 Aug 2021 05:56:07 -0700 Subject: [PATCH 47/81] Update CMake version for CMP0090 Summary: [CMP0090](https://cmake.org/cmake/help/latest/policy/CMP0090.html) was introduced in CMake version 3.15. The CMake version guard should be greater or equal to 3.15. My cmake version is 3.14.5, and run into the following error. ``` cmake --version cmake version 3.14.5 ``` ``` CMake Error at CMakeLists.txt:338 (cmake_policy): Policy "CMP0090" is not known to this version of CMake. -- Configuring incomplete, errors occurred! Test Plan: ``` cmake ``` Signed-off-by: lhuang04 --- CMakeLists.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index cf74af53c..210aba489 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -330,7 +330,7 @@ install( DESTINATION "cmake" FILE "MbedTLSTargets.cmake") -if(CMAKE_VERSION VERSION_GREATER 3.14) +if(CMAKE_VERSION VERSION_GREATER 3.15 OR CMAKE_VERSION VERSION_EQUAL 3.15) # Do not export the package by default cmake_policy(SET CMP0090 NEW) From 447a3bee1774e260d53dd3df47ebbe00f9a26f82 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Wed, 18 Aug 2021 09:55:32 +0800 Subject: [PATCH 48/81] fix wrong typo and format issues Change-Id: I99a4c7d28c26bfcc43bc8947485d1dfafb6974dc Signed-off-by: Jerry Yu --- include/mbedtls/ssl.h | 2 +- programs/ssl/ssl_client2.c | 2 +- programs/ssl/ssl_server2.c | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index c867e025c..f537e864a 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -3038,7 +3038,7 @@ void mbedtls_ssl_conf_sig_hashes( mbedtls_ssl_config *conf, * \param conf The SSL configuration to use. * \param sig_algs List of allowed IANA values for TLS 1.3 signature algorithms, * terminated by \c MBEDTLS_TLS13_SIG_NONE. The list must remain - * available throughout the liftime of the conf object. Supported + * available throughout the lifetime of the conf object. Supported * values are available as \c MBEDTLS_TLS13_SIG_XXXX */ void mbedtls_ssl_conf_sig_algs( mbedtls_ssl_config *conf, diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 08f993466..1400961b8 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -1482,7 +1482,7 @@ int main( int argc, char *argv[] ) p = (char *) opt.sig_algs; i = 0; - /* Leave room for a final MBEDTLS_TLS13_SIG_NONE in signature algorithm list(sig_alg_list) */ + /* Leave room for a final MBEDTLS_TLS13_SIG_NONE in signature algorithm list (sig_alg_list). */ while( i < SIG_ALG_LIST_SIZE - 1 && *p != '\0' ) { q = p; diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index d5ec6a7cd..b9a789e72 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -2205,7 +2205,7 @@ int main( int argc, char *argv[] ) p = (char *) opt.sig_algs; i = 0; - /* Leave room for a final MBEDTLS_TLS13_SIG_NONE in signature algorithm list(sig_alg_list) */ + /* Leave room for a final MBEDTLS_TLS13_SIG_NONE in signature algorithm list (sig_alg_list). */ while( i < SIG_ALG_LIST_SIZE - 1 && *p != '\0' ) { q = p; From 50dde56543f28fe138f55afea72ce161f61ddf27 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Tue, 22 Jun 2021 15:51:53 +0100 Subject: [PATCH 49/81] Implement byte reading macros into library/ To improve readability by saving horizontal and vertical space. Removed unecessary & 0xFF. Byte reading macros implemented in library/common.h, All files containing "& 0xff" were modified. Comments/Documentation not yet added to the macro definitions. Fixes #4274 Signed-off-by: Joe Subbiani --- library/common.h | 10 ++++++++++ library/ctr_drbg.c | 8 ++++---- library/nist_kw.c | 2 +- library/psa_crypto.c | 4 ++-- library/psa_its_file.c | 16 ++++++++-------- library/ssl_msg.c | 14 +++++++------- library/ssl_ticket.c | 4 ++-- 7 files changed, 34 insertions(+), 24 deletions(-) diff --git a/library/common.h b/library/common.h index 9e4b0312b..baef72d48 100644 --- a/library/common.h +++ b/library/common.h @@ -66,4 +66,14 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c */ #define MBEDTLS_ALLOW_PRIVATE_ACCESS +/** Byte Reading Macros + * + * To tidy up code and save horizontal and vertical space, use byte + * reading macros to cast + */ +#define BYTE_0( x ) ( (uint8_t) ( ( x ) & 0xff ) ) +#define BYTE_1( x ) ( (uint8_t) ( ( ( x ) >> 8 ) & 0xff ) ) +#define BYTE_2( x ) ( (uint8_t) ( ( ( x ) >> 16 ) & 0xff ) ) +#define BYTE_3( x ) ( (uint8_t) ( ( ( x ) >> 24 ) & 0xff ) ) + #endif /* MBEDTLS_LIBRARY_COMMON_H */ diff --git a/library/ctr_drbg.c b/library/ctr_drbg.c index b664fb0fc..d52d9ef25 100644 --- a/library/ctr_drbg.c +++ b/library/ctr_drbg.c @@ -152,10 +152,10 @@ static int block_cipher_df( unsigned char *output, * (Total is padded to a multiple of 16-bytes with zeroes) */ p = buf + MBEDTLS_CTR_DRBG_BLOCKSIZE; - *p++ = ( data_len >> 24 ) & 0xff; - *p++ = ( data_len >> 16 ) & 0xff; - *p++ = ( data_len >> 8 ) & 0xff; - *p++ = ( data_len ) & 0xff; + *p++ = BYTE_3( data_len ); + *p++ = BYTE_2( data_len ); + *p++ = BYTE_1( data_len ); + *p++ = BYTE_0( data_len ); p += 3; *p++ = MBEDTLS_CTR_DRBG_SEEDLEN; memcpy( p, data, data_len ); diff --git a/library/nist_kw.c b/library/nist_kw.c index 5054ca206..3fff2b7f8 100644 --- a/library/nist_kw.c +++ b/library/nist_kw.c @@ -169,7 +169,7 @@ static void calc_a_xor_t( unsigned char A[KW_SEMIBLOCK_LENGTH], uint64_t t ) size_t i = 0; for( i = 0; i < sizeof( t ); i++ ) { - A[i] ^= ( t >> ( ( sizeof( t ) - 1 - i ) * 8 ) ) & 0xff; + A[i] ^= BYTE_0( t >> ( ( sizeof( t ) - 1 - i ) * 8 ) ); } } diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 3574b9842..b46e023e5 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -4506,8 +4506,8 @@ static psa_status_t psa_tls12_prf_psk_to_ms_set_key( * uint16 with the value N, and the PSK itself. */ - *cur++ = ( data_length >> 8 ) & 0xff; - *cur++ = ( data_length >> 0 ) & 0xff; + *cur++ = BYTE_1( data_length ); + *cur++ = BYTE_0( data_length ); memset( cur, 0, data_length ); cur += data_length; *cur++ = pms[0]; diff --git a/library/psa_its_file.c b/library/psa_its_file.c index 492be1c71..66043b502 100644 --- a/library/psa_its_file.c +++ b/library/psa_its_file.c @@ -191,14 +191,14 @@ psa_status_t psa_its_set( psa_storage_uid_t uid, size_t n; memcpy( header.magic, PSA_ITS_MAGIC_STRING, PSA_ITS_MAGIC_LENGTH ); - header.size[0] = data_length & 0xff; - header.size[1] = ( data_length >> 8 ) & 0xff; - header.size[2] = ( data_length >> 16 ) & 0xff; - header.size[3] = ( data_length >> 24 ) & 0xff; - header.flags[0] = create_flags & 0xff; - header.flags[1] = ( create_flags >> 8 ) & 0xff; - header.flags[2] = ( create_flags >> 16 ) & 0xff; - header.flags[3] = ( create_flags >> 24 ) & 0xff; + header.size[0] = BYTE_0( data_length ); + header.size[1] = BYTE_1( data_length ); + header.size[2] = BYTE_2( data_length ); + header.size[3] = BYTE_3( data_length ); + header.flags[0] = BYTE_0( create_flags ); + header.flags[1] = BYTE_1( create_flags ); + header.flags[2] = BYTE_2( create_flags ); + header.flags[3] = BYTE_3( create_flags ); psa_its_fill_filename( uid, filename ); stream = fopen( PSA_ITS_STORAGE_TEMP, "wb" ); diff --git a/library/ssl_msg.c b/library/ssl_msg.c index a03f19251..1fd9420c2 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -2254,14 +2254,14 @@ int mbedtls_ssl_flight_transmit( mbedtls_ssl_context *ssl ) * copy beginning of headers then fill fragmentation fields. * Handshake headers: type(1) len(3) seq(2) f_off(3) f_len(3) */ memcpy( ssl->out_msg, cur->p, 6 ); + + ssl->out_msg[6] = BYTE_2( frag_off ); + ssl->out_msg[7] = BYTE_1( frag_off ); + ssl->out_msg[8] = BYTE_0( frag_off ); - ssl->out_msg[6] = ( ( frag_off >> 16 ) & 0xff ); - ssl->out_msg[7] = ( ( frag_off >> 8 ) & 0xff ); - ssl->out_msg[8] = ( ( frag_off ) & 0xff ); - - ssl->out_msg[ 9] = ( ( cur_hs_frag_len >> 16 ) & 0xff ); - ssl->out_msg[10] = ( ( cur_hs_frag_len >> 8 ) & 0xff ); - ssl->out_msg[11] = ( ( cur_hs_frag_len ) & 0xff ); + ssl->out_msg[ 9] = BYTE_2( cur_hs_frag_len ); + ssl->out_msg[10] = BYTE_1( cur_hs_frag_len ); + ssl->out_msg[11] = BYTE_0( cur_hs_frag_len ); MBEDTLS_SSL_DEBUG_BUF( 3, "handshake header", ssl->out_msg, 12 ); diff --git a/library/ssl_ticket.c b/library/ssl_ticket.c index 940e1a67a..29d834575 100644 --- a/library/ssl_ticket.c +++ b/library/ssl_ticket.c @@ -245,8 +245,8 @@ int mbedtls_ssl_ticket_write( void *p_ticket, { goto cleanup; } - state_len_bytes[0] = ( clear_len >> 8 ) & 0xff; - state_len_bytes[1] = ( clear_len ) & 0xff; + state_len_bytes[0] = BYTE_1( clear_len ); + state_len_bytes[1] = BYTE_0( clear_len ); /* Encrypt and authenticate */ if( ( ret = mbedtls_cipher_auth_encrypt_ext( &key->ctx, From 3b394509da07fd7b78a9d9396d838bd588c6ba59 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Wed, 23 Jun 2021 11:23:44 +0100 Subject: [PATCH 50/81] Move BYTES_TO_U32_LE to common.h The macro BYTES_TO_U32_LE appears in poly1305.c and chacha20.c. Removes duplicate code and save vertical space the macro has been moved to common.h. Improves maintainability. Signed-off-by: Joe Subbiani --- library/chacha20.c | 7 ------- library/common.h | 14 ++++++++++++-- library/poly1305.c | 7 ------- 3 files changed, 12 insertions(+), 16 deletions(-) diff --git a/library/chacha20.c b/library/chacha20.c index 78467d3fc..9862ea535 100644 --- a/library/chacha20.c +++ b/library/chacha20.c @@ -54,13 +54,6 @@ #define CHACHA20_VALIDATE( cond ) \ MBEDTLS_INTERNAL_VALIDATE( cond ) -#define BYTES_TO_U32_LE( data, offset ) \ - ( (uint32_t) (data)[offset] \ - | (uint32_t) ( (uint32_t) (data)[( offset ) + 1] << 8 ) \ - | (uint32_t) ( (uint32_t) (data)[( offset ) + 2] << 16 ) \ - | (uint32_t) ( (uint32_t) (data)[( offset ) + 3] << 24 ) \ - ) - #define ROTL32( value, amount ) \ ( (uint32_t) ( (value) << (amount) ) | ( (value) >> ( 32 - (amount) ) ) ) diff --git a/library/common.h b/library/common.h index baef72d48..500e5d4c7 100644 --- a/library/common.h +++ b/library/common.h @@ -71,9 +71,19 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c * To tidy up code and save horizontal and vertical space, use byte * reading macros to cast */ -#define BYTE_0( x ) ( (uint8_t) ( ( x ) & 0xff ) ) -#define BYTE_1( x ) ( (uint8_t) ( ( ( x ) >> 8 ) & 0xff ) ) +#define BYTE_0( x ) ( (uint8_t) ( ( x ) & 0xff ) ) +#define BYTE_1( x ) ( (uint8_t) ( ( ( x ) >> 8 ) & 0xff ) ) #define BYTE_2( x ) ( (uint8_t) ( ( ( x ) >> 16 ) & 0xff ) ) #define BYTE_3( x ) ( (uint8_t) ( ( ( x ) >> 24 ) & 0xff ) ) +/** + * + */ +#define BYTES_TO_U32_LE( data, offset ) \ + ( (uint32_t) (data)[offset] \ + | (uint32_t) ( (uint32_t) (data)[( offset ) + 1] << 8 ) \ + | (uint32_t) ( (uint32_t) (data)[( offset ) + 2] << 16 ) \ + | (uint32_t) ( (uint32_t) (data)[( offset ) + 3] << 24 ) \ + ) + #endif /* MBEDTLS_LIBRARY_COMMON_H */ diff --git a/library/poly1305.c b/library/poly1305.c index 492d1457d..a30b1707e 100644 --- a/library/poly1305.c +++ b/library/poly1305.c @@ -52,13 +52,6 @@ #define POLY1305_BLOCK_SIZE_BYTES ( 16U ) -#define BYTES_TO_U32_LE( data, offset ) \ - ( (uint32_t) (data)[offset] \ - | (uint32_t) ( (uint32_t) (data)[( offset ) + 1] << 8 ) \ - | (uint32_t) ( (uint32_t) (data)[( offset ) + 2] << 16 ) \ - | (uint32_t) ( (uint32_t) (data)[( offset ) + 3] << 24 ) \ - ) - /* * Our implementation is tuned for 32-bit platforms with a 64-bit multiplier. * However we provided an alternative for platforms without such a multiplier. From 30d974c232cfdff6b91856c99ac8c11de3135915 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Wed, 23 Jun 2021 11:49:03 +0100 Subject: [PATCH 51/81] Move UINT32_BE macros to common.h 32-bit integer manipulation macros (big edian): GET_UINT32_BE and PUT_UINT32_BE appear in several files in library/. Removes duplicate code and save vertical space the macro has been moved to common.h. Improves maintainability. Signed-off-by: Joe Subbiani --- library/camellia.c | 23 ----------------------- library/common.h | 23 +++++++++++++++++++++++ library/des.c | 23 ----------------------- library/gcm.c | 23 ----------------------- library/nist_kw.c | 20 -------------------- library/sha1.c | 23 ----------------------- library/sha256.c | 23 ----------------------- 7 files changed, 23 insertions(+), 135 deletions(-) diff --git a/library/camellia.c b/library/camellia.c index f7e013611..0817b1d29 100644 --- a/library/camellia.c +++ b/library/camellia.c @@ -49,29 +49,6 @@ #define CAMELLIA_VALIDATE( cond ) \ MBEDTLS_INTERNAL_VALIDATE( cond ) -/* - * 32-bit integer manipulation macros (big endian) - */ -#ifndef GET_UINT32_BE -#define GET_UINT32_BE(n,b,i) \ -{ \ - (n) = ( (uint32_t) (b)[(i) ] << 24 ) \ - | ( (uint32_t) (b)[(i) + 1] << 16 ) \ - | ( (uint32_t) (b)[(i) + 2] << 8 ) \ - | ( (uint32_t) (b)[(i) + 3] ); \ -} -#endif - -#ifndef PUT_UINT32_BE -#define PUT_UINT32_BE(n,b,i) \ -{ \ - (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \ - (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \ - (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \ - (b)[(i) + 3] = (unsigned char) ( (n) ); \ -} -#endif - static const unsigned char SIGMA_CHARS[6][8] = { { 0xa0, 0x9e, 0x66, 0x7f, 0x3b, 0xcc, 0x90, 0x8b }, diff --git a/library/common.h b/library/common.h index 500e5d4c7..b3b70dc62 100644 --- a/library/common.h +++ b/library/common.h @@ -76,6 +76,29 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c #define BYTE_2( x ) ( (uint8_t) ( ( ( x ) >> 16 ) & 0xff ) ) #define BYTE_3( x ) ( (uint8_t) ( ( ( x ) >> 24 ) & 0xff ) ) +/* + * 32-bit integer manipulation macros (big endian) + */ +#ifndef GET_UINT32_BE +#define GET_UINT32_BE(n,b,i) \ +{ \ + (n) = ( (uint32_t) (b)[(i) ] << 24 ) \ + | ( (uint32_t) (b)[(i) + 1] << 16 ) \ + | ( (uint32_t) (b)[(i) + 2] << 8 ) \ + | ( (uint32_t) (b)[(i) + 3] ); \ +} +#endif + +#ifndef PUT_UINT32_BE +#define PUT_UINT32_BE(n,b,i) \ +{ \ + (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \ + (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \ + (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \ + (b)[(i) + 3] = (unsigned char) ( (n) ); \ +} +#endif + /** * */ diff --git a/library/des.c b/library/des.c index eddf55e78..36ea27776 100644 --- a/library/des.c +++ b/library/des.c @@ -43,29 +43,6 @@ #if !defined(MBEDTLS_DES_ALT) -/* - * 32-bit integer manipulation macros (big endian) - */ -#ifndef GET_UINT32_BE -#define GET_UINT32_BE(n,b,i) \ -{ \ - (n) = ( (uint32_t) (b)[(i) ] << 24 ) \ - | ( (uint32_t) (b)[(i) + 1] << 16 ) \ - | ( (uint32_t) (b)[(i) + 2] << 8 ) \ - | ( (uint32_t) (b)[(i) + 3] ); \ -} -#endif - -#ifndef PUT_UINT32_BE -#define PUT_UINT32_BE(n,b,i) \ -{ \ - (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \ - (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \ - (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \ - (b)[(i) + 3] = (unsigned char) ( (n) ); \ -} -#endif - /* * Expanded DES S-boxes */ diff --git a/library/gcm.c b/library/gcm.c index 835b1b285..c8254876d 100644 --- a/library/gcm.c +++ b/library/gcm.c @@ -58,29 +58,6 @@ #define GCM_VALIDATE( cond ) \ MBEDTLS_INTERNAL_VALIDATE( cond ) -/* - * 32-bit integer manipulation macros (big endian) - */ -#ifndef GET_UINT32_BE -#define GET_UINT32_BE(n,b,i) \ -{ \ - (n) = ( (uint32_t) (b)[(i) ] << 24 ) \ - | ( (uint32_t) (b)[(i) + 1] << 16 ) \ - | ( (uint32_t) (b)[(i) + 2] << 8 ) \ - | ( (uint32_t) (b)[(i) + 3] ); \ -} -#endif - -#ifndef PUT_UINT32_BE -#define PUT_UINT32_BE(n,b,i) \ -{ \ - (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \ - (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \ - (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \ - (b)[(i) + 3] = (unsigned char) ( (n) ); \ -} -#endif - /* * Initialize a context */ diff --git a/library/nist_kw.c b/library/nist_kw.c index 3fff2b7f8..c0eed674c 100644 --- a/library/nist_kw.c +++ b/library/nist_kw.c @@ -77,26 +77,6 @@ static const unsigned char NIST_KW_ICV1[] = {0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, /*! The 32-bit default integrity check value (ICV) for KWP mode. */ static const unsigned char NIST_KW_ICV2[] = {0xA6, 0x59, 0x59, 0xA6}; -#ifndef GET_UINT32_BE -#define GET_UINT32_BE(n,b,i) \ -do { \ - (n) = ( (uint32_t) (b)[(i) ] << 24 ) \ - | ( (uint32_t) (b)[(i) + 1] << 16 ) \ - | ( (uint32_t) (b)[(i) + 2] << 8 ) \ - | ( (uint32_t) (b)[(i) + 3] ); \ -} while( 0 ) -#endif - -#ifndef PUT_UINT32_BE -#define PUT_UINT32_BE(n,b,i) \ -do { \ - (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \ - (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \ - (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \ - (b)[(i) + 3] = (unsigned char) ( (n) ); \ -} while( 0 ) -#endif - /* * Initialize context */ diff --git a/library/sha1.c b/library/sha1.c index 545d09310..9beaee5a5 100644 --- a/library/sha1.c +++ b/library/sha1.c @@ -48,29 +48,6 @@ #if !defined(MBEDTLS_SHA1_ALT) -/* - * 32-bit integer manipulation macros (big endian) - */ -#ifndef GET_UINT32_BE -#define GET_UINT32_BE(n,b,i) \ -{ \ - (n) = ( (uint32_t) (b)[(i) ] << 24 ) \ - | ( (uint32_t) (b)[(i) + 1] << 16 ) \ - | ( (uint32_t) (b)[(i) + 2] << 8 ) \ - | ( (uint32_t) (b)[(i) + 3] ); \ -} -#endif - -#ifndef PUT_UINT32_BE -#define PUT_UINT32_BE(n,b,i) \ -{ \ - (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \ - (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \ - (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \ - (b)[(i) + 3] = (unsigned char) ( (n) ); \ -} -#endif - void mbedtls_sha1_init( mbedtls_sha1_context *ctx ) { SHA1_VALIDATE( ctx != NULL ); diff --git a/library/sha256.c b/library/sha256.c index 6ec6da296..f548c672e 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -50,29 +50,6 @@ #if !defined(MBEDTLS_SHA256_ALT) -/* - * 32-bit integer manipulation macros (big endian) - */ -#ifndef GET_UINT32_BE -#define GET_UINT32_BE(n,b,i) \ -do { \ - (n) = ( (uint32_t) (b)[(i) ] << 24 ) \ - | ( (uint32_t) (b)[(i) + 1] << 16 ) \ - | ( (uint32_t) (b)[(i) + 2] << 8 ) \ - | ( (uint32_t) (b)[(i) + 3] ); \ -} while( 0 ) -#endif - -#ifndef PUT_UINT32_BE -#define PUT_UINT32_BE(n,b,i) \ -do { \ - (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \ - (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \ - (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \ - (b)[(i) + 3] = (unsigned char) ( (n) ); \ -} while( 0 ) -#endif - void mbedtls_sha256_init( mbedtls_sha256_context *ctx ) { SHA256_VALIDATE( ctx != NULL ); From 54c6134ff7de2ccc5d5cc2ef55f766d9a3a1fbdb Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Wed, 23 Jun 2021 12:16:47 +0100 Subject: [PATCH 52/81] Move UINT32_LE macros to common.h 32-bit integer manipulation macros (little edian): GET_UINT32_LE and PUT_UINT32_LE appear in several files in library/. Removes duplicate code and save vertical space the macro has been moved to common.h. Improves maintainability. Also provided brief comment in common.h for BYTES_TO_U32_LE. comment/documentation will probably need to be edited further for all recent additions to library/common.h Signed-off-by: Joe Subbiani --- library/aes.c | 23 ----------------------- library/aria.c | 23 ----------------------- library/common.h | 25 ++++++++++++++++++++++++- library/md5.c | 23 ----------------------- library/psa_crypto_storage.c | 23 ----------------------- library/ripemd160.c | 23 ----------------------- 6 files changed, 24 insertions(+), 116 deletions(-) diff --git a/library/aes.c b/library/aes.c index a15a80924..7b4fb869e 100644 --- a/library/aes.c +++ b/library/aes.c @@ -57,29 +57,6 @@ #define AES_VALIDATE( cond ) \ MBEDTLS_INTERNAL_VALIDATE( cond ) -/* - * 32-bit integer manipulation macros (little endian) - */ -#ifndef GET_UINT32_LE -#define GET_UINT32_LE(n,b,i) \ -{ \ - (n) = ( (uint32_t) (b)[(i) ] ) \ - | ( (uint32_t) (b)[(i) + 1] << 8 ) \ - | ( (uint32_t) (b)[(i) + 2] << 16 ) \ - | ( (uint32_t) (b)[(i) + 3] << 24 ); \ -} -#endif - -#ifndef PUT_UINT32_LE -#define PUT_UINT32_LE(n,b,i) \ -{ \ - (b)[(i) ] = (unsigned char) ( ( (n) ) & 0xFF ); \ - (b)[(i) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \ - (b)[(i) + 2] = (unsigned char) ( ( (n) >> 16 ) & 0xFF ); \ - (b)[(i) + 3] = (unsigned char) ( ( (n) >> 24 ) & 0xFF ); \ -} -#endif - #if defined(MBEDTLS_PADLOCK_C) && \ ( defined(MBEDTLS_HAVE_X86) || defined(MBEDTLS_PADLOCK_ALIGN16) ) static int aes_padlock_ace = -1; diff --git a/library/aria.c b/library/aria.c index a5786b37a..d7d2bea7c 100644 --- a/library/aria.c +++ b/library/aria.c @@ -55,29 +55,6 @@ #define ARIA_VALIDATE( cond ) \ MBEDTLS_INTERNAL_VALIDATE( cond ) -/* - * 32-bit integer manipulation macros (little endian) - */ -#ifndef GET_UINT32_LE -#define GET_UINT32_LE( n, b, i ) \ -{ \ - (n) = ( (uint32_t) (b)[(i) ] ) \ - | ( (uint32_t) (b)[(i) + 1] << 8 ) \ - | ( (uint32_t) (b)[(i) + 2] << 16 ) \ - | ( (uint32_t) (b)[(i) + 3] << 24 ); \ -} -#endif - -#ifndef PUT_UINT32_LE -#define PUT_UINT32_LE( n, b, i ) \ -{ \ - (b)[(i) ] = (unsigned char) ( ( (n) ) & 0xFF ); \ - (b)[(i) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \ - (b)[(i) + 2] = (unsigned char) ( ( (n) >> 16 ) & 0xFF ); \ - (b)[(i) + 3] = (unsigned char) ( ( (n) >> 24 ) & 0xFF ); \ -} -#endif - /* * modify byte order: ( A B C D ) -> ( B A D C ), i.e. swap pairs of bytes * diff --git a/library/common.h b/library/common.h index b3b70dc62..c2cf633c9 100644 --- a/library/common.h +++ b/library/common.h @@ -99,8 +99,31 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c } #endif +/* + * 32-bit integer manipulation macros (little endian) + */ +#ifndef GET_UINT32_LE +#define GET_UINT32_LE(n,b,i) \ +{ \ + (n) = ( (uint32_t) (b)[(i) ] ) \ + | ( (uint32_t) (b)[(i) + 1] << 8 ) \ + | ( (uint32_t) (b)[(i) + 2] << 16 ) \ + | ( (uint32_t) (b)[(i) + 3] << 24 ); \ +} +#endif + +#ifndef PUT_UINT32_LE +#define PUT_UINT32_LE(n,b,i) \ +{ \ + (b)[(i) ] = (unsigned char) ( ( (n) ) & 0xFF ); \ + (b)[(i) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \ + (b)[(i) + 2] = (unsigned char) ( ( (n) >> 16 ) & 0xFF ); \ + (b)[(i) + 3] = (unsigned char) ( ( (n) >> 24 ) & 0xFF ); \ +} +#endif + /** - * + * 32-bit integer conversion from bytes (little endian) */ #define BYTES_TO_U32_LE( data, offset ) \ ( (uint32_t) (data)[offset] \ diff --git a/library/md5.c b/library/md5.c index d7f8cee46..d8f637da8 100644 --- a/library/md5.c +++ b/library/md5.c @@ -43,29 +43,6 @@ #if !defined(MBEDTLS_MD5_ALT) -/* - * 32-bit integer manipulation macros (little endian) - */ -#ifndef GET_UINT32_LE -#define GET_UINT32_LE(n,b,i) \ -{ \ - (n) = ( (uint32_t) (b)[(i) ] ) \ - | ( (uint32_t) (b)[(i) + 1] << 8 ) \ - | ( (uint32_t) (b)[(i) + 2] << 16 ) \ - | ( (uint32_t) (b)[(i) + 3] << 24 ); \ -} -#endif - -#ifndef PUT_UINT32_LE -#define PUT_UINT32_LE(n,b,i) \ -{ \ - (b)[(i) ] = (unsigned char) ( ( (n) ) & 0xFF ); \ - (b)[(i) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \ - (b)[(i) + 2] = (unsigned char) ( ( (n) >> 16 ) & 0xFF ); \ - (b)[(i) + 3] = (unsigned char) ( ( (n) >> 24 ) & 0xFF ); \ -} -#endif - void mbedtls_md5_init( mbedtls_md5_context *ctx ) { memset( ctx, 0, sizeof( mbedtls_md5_context ) ); diff --git a/library/psa_crypto_storage.c b/library/psa_crypto_storage.c index 09cbab4c4..36b518350 100644 --- a/library/psa_crypto_storage.c +++ b/library/psa_crypto_storage.c @@ -230,29 +230,6 @@ static psa_status_t psa_crypto_storage_get_data_length( return( PSA_SUCCESS ); } -/* - * 32-bit integer manipulation macros (little endian) - */ -#ifndef GET_UINT32_LE -#define GET_UINT32_LE( n, b, i ) \ -{ \ - (n) = ( (uint32_t) (b)[(i) ] ) \ - | ( (uint32_t) (b)[(i) + 1] << 8 ) \ - | ( (uint32_t) (b)[(i) + 2] << 16 ) \ - | ( (uint32_t) (b)[(i) + 3] << 24 ); \ -} -#endif - -#ifndef PUT_UINT32_LE -#define PUT_UINT32_LE( n, b, i ) \ -{ \ - (b)[(i) ] = (unsigned char) ( ( (n) ) & 0xFF ); \ - (b)[(i) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \ - (b)[(i) + 2] = (unsigned char) ( ( (n) >> 16 ) & 0xFF ); \ - (b)[(i) + 3] = (unsigned char) ( ( (n) >> 24 ) & 0xFF ); \ -} -#endif - /* * 16-bit integer manipulation macros (little endian) */ diff --git a/library/ripemd160.c b/library/ripemd160.c index d2ccbbec4..d60654e95 100644 --- a/library/ripemd160.c +++ b/library/ripemd160.c @@ -44,29 +44,6 @@ #if !defined(MBEDTLS_RIPEMD160_ALT) -/* - * 32-bit integer manipulation macros (little endian) - */ -#ifndef GET_UINT32_LE -#define GET_UINT32_LE(n,b,i) \ -{ \ - (n) = ( (uint32_t) (b)[(i) ] ) \ - | ( (uint32_t) (b)[(i) + 1] << 8 ) \ - | ( (uint32_t) (b)[(i) + 2] << 16 ) \ - | ( (uint32_t) (b)[(i) + 3] << 24 ); \ -} -#endif - -#ifndef PUT_UINT32_LE -#define PUT_UINT32_LE(n,b,i) \ -{ \ - (b)[(i) ] = (unsigned char) ( ( (n) ) & 0xFF ); \ - (b)[(i) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \ - (b)[(i) + 2] = (unsigned char) ( ( (n) >> 16 ) & 0xFF ); \ - (b)[(i) + 3] = (unsigned char) ( ( (n) >> 24 ) & 0xFF ); \ -} -#endif - void mbedtls_ripemd160_init( mbedtls_ripemd160_context *ctx ) { memset( ctx, 0, sizeof( mbedtls_ripemd160_context ) ); From c4f3d5b38e4e1e88237f67380246c5f2fdeec7fd Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Wed, 23 Jun 2021 17:58:41 +0100 Subject: [PATCH 53/81] Add do-while protection to macros missed do-while around function-like macros (UINT32_BE and UINT_LE macros) originally present in the indivdual files, before being moved to common.h. Signed-off-by: Joe Subbiani --- library/common.h | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/library/common.h b/library/common.h index c2cf633c9..56514b343 100644 --- a/library/common.h +++ b/library/common.h @@ -81,22 +81,22 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c */ #ifndef GET_UINT32_BE #define GET_UINT32_BE(n,b,i) \ -{ \ +do { \ (n) = ( (uint32_t) (b)[(i) ] << 24 ) \ | ( (uint32_t) (b)[(i) + 1] << 16 ) \ | ( (uint32_t) (b)[(i) + 2] << 8 ) \ | ( (uint32_t) (b)[(i) + 3] ); \ -} +} while( 0 ) #endif #ifndef PUT_UINT32_BE #define PUT_UINT32_BE(n,b,i) \ -{ \ +do { \ (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \ (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \ (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \ (b)[(i) + 3] = (unsigned char) ( (n) ); \ -} +} while( 0 ) #endif /* @@ -104,22 +104,22 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c */ #ifndef GET_UINT32_LE #define GET_UINT32_LE(n,b,i) \ -{ \ +do { \ (n) = ( (uint32_t) (b)[(i) ] ) \ | ( (uint32_t) (b)[(i) + 1] << 8 ) \ | ( (uint32_t) (b)[(i) + 2] << 16 ) \ | ( (uint32_t) (b)[(i) + 3] << 24 ); \ -} +} while( 0 ) #endif #ifndef PUT_UINT32_LE #define PUT_UINT32_LE(n,b,i) \ -{ \ +do { \ (b)[(i) ] = (unsigned char) ( ( (n) ) & 0xFF ); \ (b)[(i) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \ (b)[(i) + 2] = (unsigned char) ( ( (n) >> 16 ) & 0xFF ); \ (b)[(i) + 3] = (unsigned char) ( ( (n) >> 24 ) & 0xFF ); \ -} +} while( 0 ) #endif /** From 6f2bb0c8efd7fb3a74ececd00b9ca507f5494efe Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Thu, 24 Jun 2021 09:06:23 +0100 Subject: [PATCH 54/81] Remove trailing whitespace Trailing white spaces causing check_files.py to fail Signed-off-by: Joe Subbiani --- library/common.h | 6 +++--- library/ssl_msg.c | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/library/common.h b/library/common.h index 56514b343..b6b7d01d9 100644 --- a/library/common.h +++ b/library/common.h @@ -67,8 +67,8 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c #define MBEDTLS_ALLOW_PRIVATE_ACCESS /** Byte Reading Macros - * - * To tidy up code and save horizontal and vertical space, use byte + * + * To tidy up code and save horizontal and vertical space, use byte * reading macros to cast */ #define BYTE_0( x ) ( (uint8_t) ( ( x ) & 0xff ) ) @@ -122,7 +122,7 @@ do { \ } while( 0 ) #endif -/** +/** * 32-bit integer conversion from bytes (little endian) */ #define BYTES_TO_U32_LE( data, offset ) \ diff --git a/library/ssl_msg.c b/library/ssl_msg.c index 1fd9420c2..f3dbba82b 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -2254,7 +2254,7 @@ int mbedtls_ssl_flight_transmit( mbedtls_ssl_context *ssl ) * copy beginning of headers then fill fragmentation fields. * Handshake headers: type(1) len(3) seq(2) f_off(3) f_len(3) */ memcpy( ssl->out_msg, cur->p, 6 ); - + ssl->out_msg[6] = BYTE_2( frag_off ); ssl->out_msg[7] = BYTE_1( frag_off ); ssl->out_msg[8] = BYTE_0( frag_off ); From 9aaec54e57e3ec869ad47ed0f6b67761b74f17fd Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Thu, 24 Jun 2021 11:00:08 +0100 Subject: [PATCH 55/81] Undo use of BYTE_x macro The use of the BYTE_x macro in nist_kw did not seem appropriate in hind sight as it is working with a character array not an int Signed-off-by: Joe Subbiani --- library/nist_kw.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/nist_kw.c b/library/nist_kw.c index c0eed674c..174a1eef1 100644 --- a/library/nist_kw.c +++ b/library/nist_kw.c @@ -149,7 +149,7 @@ static void calc_a_xor_t( unsigned char A[KW_SEMIBLOCK_LENGTH], uint64_t t ) size_t i = 0; for( i = 0; i < sizeof( t ); i++ ) { - A[i] ^= BYTE_0( t >> ( ( sizeof( t ) - 1 - i ) * 8 ) ); + A[i] ^= ( t >> ( ( sizeof( t ) - 1 - i ) * 8 ) ) & 0xff; } } From 5ecac217f01aee0f73cffcb30e8b32f00921299f Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Thu, 24 Jun 2021 13:00:03 +0100 Subject: [PATCH 56/81] Prefixed macros with MBEDTLS As per tests/scripts/check-names.sh, macros in library/ header files should be prefixed with MBEDTLS_ The macro functions in common.h where also indented to comply with the same test Signed-off-by: Joe Subbiani --- library/aes.c | 34 ++++++++--------- library/aria.c | 34 ++++++++--------- library/camellia.c | 22 +++++------ library/chacha20.c | 22 +++++------ library/common.h | 74 ++++++++++++++++++------------------ library/ctr_drbg.c | 8 ++-- library/des.c | 20 +++++----- library/gcm.c | 34 ++++++++--------- library/md5.c | 44 ++++++++++----------- library/nist_kw.c | 4 +- library/poly1305.c | 24 ++++++------ library/psa_crypto.c | 4 +- library/psa_crypto_storage.c | 24 ++++++------ library/psa_its_file.c | 16 ++++---- library/ripemd160.c | 46 +++++++++++----------- library/sha1.c | 46 +++++++++++----------- library/sha256.c | 24 ++++++------ library/ssl_msg.c | 12 +++--- library/ssl_ticket.c | 4 +- 19 files changed, 248 insertions(+), 248 deletions(-) diff --git a/library/aes.c b/library/aes.c index 7b4fb869e..db726fe36 100644 --- a/library/aes.c +++ b/library/aes.c @@ -567,7 +567,7 @@ int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key, for( i = 0; i < ( keybits >> 5 ); i++ ) { - GET_UINT32_LE( RK[i], key, i << 2 ); + MBEDTLS_GET_UINT32_LE( RK[i], key, i << 2 ); } switch( ctx->nr ) @@ -850,10 +850,10 @@ int mbedtls_internal_aes_encrypt( mbedtls_aes_context *ctx, uint32_t Y[4]; } t; - GET_UINT32_LE( t.X[0], input, 0 ); t.X[0] ^= *RK++; - GET_UINT32_LE( t.X[1], input, 4 ); t.X[1] ^= *RK++; - GET_UINT32_LE( t.X[2], input, 8 ); t.X[2] ^= *RK++; - GET_UINT32_LE( t.X[3], input, 12 ); t.X[3] ^= *RK++; + MBEDTLS_GET_UINT32_LE( t.X[0], input, 0 ); t.X[0] ^= *RK++; + MBEDTLS_GET_UINT32_LE( t.X[1], input, 4 ); t.X[1] ^= *RK++; + MBEDTLS_GET_UINT32_LE( t.X[2], input, 8 ); t.X[2] ^= *RK++; + MBEDTLS_GET_UINT32_LE( t.X[3], input, 12 ); t.X[3] ^= *RK++; for( i = ( ctx->nr >> 1 ) - 1; i > 0; i-- ) { @@ -887,10 +887,10 @@ int mbedtls_internal_aes_encrypt( mbedtls_aes_context *ctx, ( (uint32_t) FSb[ ( t.Y[1] >> 16 ) & 0xFF ] << 16 ) ^ ( (uint32_t) FSb[ ( t.Y[2] >> 24 ) & 0xFF ] << 24 ); - PUT_UINT32_LE( t.X[0], output, 0 ); - PUT_UINT32_LE( t.X[1], output, 4 ); - PUT_UINT32_LE( t.X[2], output, 8 ); - PUT_UINT32_LE( t.X[3], output, 12 ); + MBEDTLS_PUT_UINT32_LE( t.X[0], output, 0 ); + MBEDTLS_PUT_UINT32_LE( t.X[1], output, 4 ); + MBEDTLS_PUT_UINT32_LE( t.X[2], output, 8 ); + MBEDTLS_PUT_UINT32_LE( t.X[3], output, 12 ); mbedtls_platform_zeroize( &t, sizeof( t ) ); @@ -914,10 +914,10 @@ int mbedtls_internal_aes_decrypt( mbedtls_aes_context *ctx, uint32_t Y[4]; } t; - GET_UINT32_LE( t.X[0], input, 0 ); t.X[0] ^= *RK++; - GET_UINT32_LE( t.X[1], input, 4 ); t.X[1] ^= *RK++; - GET_UINT32_LE( t.X[2], input, 8 ); t.X[2] ^= *RK++; - GET_UINT32_LE( t.X[3], input, 12 ); t.X[3] ^= *RK++; + MBEDTLS_GET_UINT32_LE( t.X[0], input, 0 ); t.X[0] ^= *RK++; + MBEDTLS_GET_UINT32_LE( t.X[1], input, 4 ); t.X[1] ^= *RK++; + MBEDTLS_GET_UINT32_LE( t.X[2], input, 8 ); t.X[2] ^= *RK++; + MBEDTLS_GET_UINT32_LE( t.X[3], input, 12 ); t.X[3] ^= *RK++; for( i = ( ctx->nr >> 1 ) - 1; i > 0; i-- ) { @@ -951,10 +951,10 @@ int mbedtls_internal_aes_decrypt( mbedtls_aes_context *ctx, ( (uint32_t) RSb[ ( t.Y[1] >> 16 ) & 0xFF ] << 16 ) ^ ( (uint32_t) RSb[ ( t.Y[0] >> 24 ) & 0xFF ] << 24 ); - PUT_UINT32_LE( t.X[0], output, 0 ); - PUT_UINT32_LE( t.X[1], output, 4 ); - PUT_UINT32_LE( t.X[2], output, 8 ); - PUT_UINT32_LE( t.X[3], output, 12 ); + MBEDTLS_PUT_UINT32_LE( t.X[0], output, 0 ); + MBEDTLS_PUT_UINT32_LE( t.X[1], output, 4 ); + MBEDTLS_PUT_UINT32_LE( t.X[2], output, 8 ); + MBEDTLS_PUT_UINT32_LE( t.X[3], output, 12 ); mbedtls_platform_zeroize( &t, sizeof( t ) ); diff --git a/library/aria.c b/library/aria.c index d7d2bea7c..a6319d3e2 100644 --- a/library/aria.c +++ b/library/aria.c @@ -385,7 +385,7 @@ static void aria_fe_xor( uint32_t r[4], const uint32_t p[4], * Big endian 128-bit rotation: r = a ^ (b <<< n), used only in key setup. * * We chose to store bytes into 32-bit words in little-endian format (see - * GET/PUT_UINT32_LE) so we need to reverse bytes here. + * GET/MBEDTLS_PUT_UINT32_LE) so we need to reverse bytes here. */ static void aria_rot128( uint32_t r[4], const uint32_t a[4], const uint32_t b[4], uint8_t n ) @@ -433,21 +433,21 @@ int mbedtls_aria_setkey_enc( mbedtls_aria_context *ctx, return( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA ); /* Copy key to W0 (and potential remainder to W1) */ - GET_UINT32_LE( w[0][0], key, 0 ); - GET_UINT32_LE( w[0][1], key, 4 ); - GET_UINT32_LE( w[0][2], key, 8 ); - GET_UINT32_LE( w[0][3], key, 12 ); + MBEDTLS_GET_UINT32_LE( w[0][0], key, 0 ); + MBEDTLS_GET_UINT32_LE( w[0][1], key, 4 ); + MBEDTLS_GET_UINT32_LE( w[0][2], key, 8 ); + MBEDTLS_GET_UINT32_LE( w[0][3], key, 12 ); memset( w[1], 0, 16 ); if( keybits >= 192 ) { - GET_UINT32_LE( w[1][0], key, 16 ); // 192 bit key - GET_UINT32_LE( w[1][1], key, 20 ); + MBEDTLS_GET_UINT32_LE( w[1][0], key, 16 ); // 192 bit key + MBEDTLS_GET_UINT32_LE( w[1][1], key, 20 ); } if( keybits == 256 ) { - GET_UINT32_LE( w[1][2], key, 24 ); // 256 bit key - GET_UINT32_LE( w[1][3], key, 28 ); + MBEDTLS_GET_UINT32_LE( w[1][2], key, 24 ); // 256 bit key + MBEDTLS_GET_UINT32_LE( w[1][3], key, 28 ); } i = ( keybits - 128 ) >> 6; // index: 0, 1, 2 @@ -524,10 +524,10 @@ int mbedtls_aria_crypt_ecb( mbedtls_aria_context *ctx, ARIA_VALIDATE_RET( input != NULL ); ARIA_VALIDATE_RET( output != NULL ); - GET_UINT32_LE( a, input, 0 ); - GET_UINT32_LE( b, input, 4 ); - GET_UINT32_LE( c, input, 8 ); - GET_UINT32_LE( d, input, 12 ); + MBEDTLS_GET_UINT32_LE( a, input, 0 ); + MBEDTLS_GET_UINT32_LE( b, input, 4 ); + MBEDTLS_GET_UINT32_LE( c, input, 8 ); + MBEDTLS_GET_UINT32_LE( d, input, 12 ); i = 0; while( 1 ) @@ -559,10 +559,10 @@ int mbedtls_aria_crypt_ecb( mbedtls_aria_context *ctx, c ^= ctx->rk[i][2]; d ^= ctx->rk[i][3]; - PUT_UINT32_LE( a, output, 0 ); - PUT_UINT32_LE( b, output, 4 ); - PUT_UINT32_LE( c, output, 8 ); - PUT_UINT32_LE( d, output, 12 ); + MBEDTLS_PUT_UINT32_LE( a, output, 0 ); + MBEDTLS_PUT_UINT32_LE( b, output, 4 ); + MBEDTLS_PUT_UINT32_LE( c, output, 8 ); + MBEDTLS_PUT_UINT32_LE( d, output, 12 ); return( 0 ); } diff --git a/library/camellia.c b/library/camellia.c index 0817b1d29..9aab7ab67 100644 --- a/library/camellia.c +++ b/library/camellia.c @@ -353,8 +353,8 @@ int mbedtls_camellia_setkey_enc( mbedtls_camellia_context *ctx, * Prepare SIGMA values */ for( i = 0; i < 6; i++ ) { - GET_UINT32_BE( SIGMA[i][0], SIGMA_CHARS[i], 0 ); - GET_UINT32_BE( SIGMA[i][1], SIGMA_CHARS[i], 4 ); + MBEDTLS_GET_UINT32_BE( SIGMA[i][0], SIGMA_CHARS[i], 0 ); + MBEDTLS_GET_UINT32_BE( SIGMA[i][1], SIGMA_CHARS[i], 4 ); } /* @@ -365,7 +365,7 @@ int mbedtls_camellia_setkey_enc( mbedtls_camellia_context *ctx, /* Store KL, KR */ for( i = 0; i < 8; i++ ) - GET_UINT32_BE( KC[i], t, i * 4 ); + MBEDTLS_GET_UINT32_BE( KC[i], t, i * 4 ); /* Generate KA */ for( i = 0; i < 4; ++i ) @@ -491,10 +491,10 @@ int mbedtls_camellia_crypt_ecb( mbedtls_camellia_context *ctx, NR = ctx->nr; RK = ctx->rk; - GET_UINT32_BE( X[0], input, 0 ); - GET_UINT32_BE( X[1], input, 4 ); - GET_UINT32_BE( X[2], input, 8 ); - GET_UINT32_BE( X[3], input, 12 ); + MBEDTLS_GET_UINT32_BE( X[0], input, 0 ); + MBEDTLS_GET_UINT32_BE( X[1], input, 4 ); + MBEDTLS_GET_UINT32_BE( X[2], input, 8 ); + MBEDTLS_GET_UINT32_BE( X[3], input, 12 ); X[0] ^= *RK++; X[1] ^= *RK++; @@ -529,10 +529,10 @@ int mbedtls_camellia_crypt_ecb( mbedtls_camellia_context *ctx, X[0] ^= *RK++; X[1] ^= *RK++; - PUT_UINT32_BE( X[2], output, 0 ); - PUT_UINT32_BE( X[3], output, 4 ); - PUT_UINT32_BE( X[0], output, 8 ); - PUT_UINT32_BE( X[1], output, 12 ); + MBEDTLS_PUT_UINT32_BE( X[2], output, 0 ); + MBEDTLS_PUT_UINT32_BE( X[3], output, 4 ); + MBEDTLS_PUT_UINT32_BE( X[0], output, 8 ); + MBEDTLS_PUT_UINT32_BE( X[1], output, 12 ); return( 0 ); } diff --git a/library/chacha20.c b/library/chacha20.c index 9862ea535..d0d5741c7 100644 --- a/library/chacha20.c +++ b/library/chacha20.c @@ -205,14 +205,14 @@ int mbedtls_chacha20_setkey( mbedtls_chacha20_context *ctx, ctx->state[3] = 0x6b206574; /* Set key */ - ctx->state[4] = BYTES_TO_U32_LE( key, 0 ); - ctx->state[5] = BYTES_TO_U32_LE( key, 4 ); - ctx->state[6] = BYTES_TO_U32_LE( key, 8 ); - ctx->state[7] = BYTES_TO_U32_LE( key, 12 ); - ctx->state[8] = BYTES_TO_U32_LE( key, 16 ); - ctx->state[9] = BYTES_TO_U32_LE( key, 20 ); - ctx->state[10] = BYTES_TO_U32_LE( key, 24 ); - ctx->state[11] = BYTES_TO_U32_LE( key, 28 ); + ctx->state[4] = MBEDTLS_BYTES_TO_U32_LE( key, 0 ); + ctx->state[5] = MBEDTLS_BYTES_TO_U32_LE( key, 4 ); + ctx->state[6] = MBEDTLS_BYTES_TO_U32_LE( key, 8 ); + ctx->state[7] = MBEDTLS_BYTES_TO_U32_LE( key, 12 ); + ctx->state[8] = MBEDTLS_BYTES_TO_U32_LE( key, 16 ); + ctx->state[9] = MBEDTLS_BYTES_TO_U32_LE( key, 20 ); + ctx->state[10] = MBEDTLS_BYTES_TO_U32_LE( key, 24 ); + ctx->state[11] = MBEDTLS_BYTES_TO_U32_LE( key, 28 ); return( 0 ); } @@ -228,9 +228,9 @@ int mbedtls_chacha20_starts( mbedtls_chacha20_context* ctx, ctx->state[12] = counter; /* Nonce */ - ctx->state[13] = BYTES_TO_U32_LE( nonce, 0 ); - ctx->state[14] = BYTES_TO_U32_LE( nonce, 4 ); - ctx->state[15] = BYTES_TO_U32_LE( nonce, 8 ); + ctx->state[13] = MBEDTLS_BYTES_TO_U32_LE( nonce, 0 ); + ctx->state[14] = MBEDTLS_BYTES_TO_U32_LE( nonce, 4 ); + ctx->state[15] = MBEDTLS_BYTES_TO_U32_LE( nonce, 8 ); mbedtls_platform_zeroize( ctx->keystream8, sizeof( ctx->keystream8 ) ); diff --git a/library/common.h b/library/common.h index b6b7d01d9..6dbc808d3 100644 --- a/library/common.h +++ b/library/common.h @@ -71,61 +71,61 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c * To tidy up code and save horizontal and vertical space, use byte * reading macros to cast */ -#define BYTE_0( x ) ( (uint8_t) ( ( x ) & 0xff ) ) -#define BYTE_1( x ) ( (uint8_t) ( ( ( x ) >> 8 ) & 0xff ) ) -#define BYTE_2( x ) ( (uint8_t) ( ( ( x ) >> 16 ) & 0xff ) ) -#define BYTE_3( x ) ( (uint8_t) ( ( ( x ) >> 24 ) & 0xff ) ) +#define MBEDTLS_BYTE_0( x ) ( (uint8_t) ( ( x ) & 0xff ) ) +#define MBEDTLS_BYTE_1( x ) ( (uint8_t) ( ( ( x ) >> 8 ) & 0xff ) ) +#define MBEDTLS_BYTE_2( x ) ( (uint8_t) ( ( ( x ) >> 16 ) & 0xff ) ) +#define MBEDTLS_BYTE_3( x ) ( (uint8_t) ( ( ( x ) >> 24 ) & 0xff ) ) /* * 32-bit integer manipulation macros (big endian) */ -#ifndef GET_UINT32_BE -#define GET_UINT32_BE(n,b,i) \ -do { \ - (n) = ( (uint32_t) (b)[(i) ] << 24 ) \ - | ( (uint32_t) (b)[(i) + 1] << 16 ) \ - | ( (uint32_t) (b)[(i) + 2] << 8 ) \ - | ( (uint32_t) (b)[(i) + 3] ); \ -} while( 0 ) +#ifndef MBEDTLS_GET_UINT32_BE +#define MBEDTLS_GET_UINT32_BE(n,b,i) \ + do { \ + (n) = ( (uint32_t) (b)[(i) ] << 24 ) \ + | ( (uint32_t) (b)[(i) + 1] << 16 ) \ + | ( (uint32_t) (b)[(i) + 2] << 8 ) \ + | ( (uint32_t) (b)[(i) + 3] ); \ + } while( 0 ) #endif -#ifndef PUT_UINT32_BE -#define PUT_UINT32_BE(n,b,i) \ -do { \ - (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \ - (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \ - (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \ - (b)[(i) + 3] = (unsigned char) ( (n) ); \ -} while( 0 ) +#ifndef MBEDTLS_PUT_UINT32_BE +#define MBEDTLS_PUT_UINT32_BE(n,b,i) \ + do { \ + (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \ + (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \ + (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \ + (b)[(i) + 3] = (unsigned char) ( (n) ); \ + } while( 0 ) #endif /* * 32-bit integer manipulation macros (little endian) */ -#ifndef GET_UINT32_LE -#define GET_UINT32_LE(n,b,i) \ -do { \ - (n) = ( (uint32_t) (b)[(i) ] ) \ - | ( (uint32_t) (b)[(i) + 1] << 8 ) \ - | ( (uint32_t) (b)[(i) + 2] << 16 ) \ - | ( (uint32_t) (b)[(i) + 3] << 24 ); \ -} while( 0 ) +#ifndef MBEDTLS_GET_UINT32_LE +#define MBEDTLS_GET_UINT32_LE(n,b,i) \ + do { \ + (n) = ( (uint32_t) (b)[(i) ] ) \ + | ( (uint32_t) (b)[(i) + 1] << 8 ) \ + | ( (uint32_t) (b)[(i) + 2] << 16 ) \ + | ( (uint32_t) (b)[(i) + 3] << 24 ); \ + } while( 0 ) #endif -#ifndef PUT_UINT32_LE -#define PUT_UINT32_LE(n,b,i) \ -do { \ - (b)[(i) ] = (unsigned char) ( ( (n) ) & 0xFF ); \ - (b)[(i) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \ - (b)[(i) + 2] = (unsigned char) ( ( (n) >> 16 ) & 0xFF ); \ - (b)[(i) + 3] = (unsigned char) ( ( (n) >> 24 ) & 0xFF ); \ -} while( 0 ) +#ifndef MBEDTLS_PUT_UINT32_LE +#define MBEDTLS_PUT_UINT32_LE(n,b,i) \ + do { \ + (b)[(i) ] = (unsigned char) ( ( (n) ) & 0xFF ); \ + (b)[(i) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \ + (b)[(i) + 2] = (unsigned char) ( ( (n) >> 16 ) & 0xFF ); \ + (b)[(i) + 3] = (unsigned char) ( ( (n) >> 24 ) & 0xFF ); \ + } while( 0 ) #endif /** * 32-bit integer conversion from bytes (little endian) */ -#define BYTES_TO_U32_LE( data, offset ) \ +#define MBEDTLS_BYTES_TO_U32_LE( data, offset ) \ ( (uint32_t) (data)[offset] \ | (uint32_t) ( (uint32_t) (data)[( offset ) + 1] << 8 ) \ | (uint32_t) ( (uint32_t) (data)[( offset ) + 2] << 16 ) \ diff --git a/library/ctr_drbg.c b/library/ctr_drbg.c index d52d9ef25..68b32a366 100644 --- a/library/ctr_drbg.c +++ b/library/ctr_drbg.c @@ -152,10 +152,10 @@ static int block_cipher_df( unsigned char *output, * (Total is padded to a multiple of 16-bytes with zeroes) */ p = buf + MBEDTLS_CTR_DRBG_BLOCKSIZE; - *p++ = BYTE_3( data_len ); - *p++ = BYTE_2( data_len ); - *p++ = BYTE_1( data_len ); - *p++ = BYTE_0( data_len ); + *p++ = MBEDTLS_BYTE_3( data_len ); + *p++ = MBEDTLS_BYTE_2( data_len ); + *p++ = MBEDTLS_BYTE_1( data_len ); + *p++ = MBEDTLS_BYTE_0( data_len ); p += 3; *p++ = MBEDTLS_CTR_DRBG_SEEDLEN; memcpy( p, data, data_len ); diff --git a/library/des.c b/library/des.c index 36ea27776..9281747de 100644 --- a/library/des.c +++ b/library/des.c @@ -400,8 +400,8 @@ void mbedtls_des_setkey( uint32_t SK[32], const unsigned char key[MBEDTLS_DES_KE int i; uint32_t X, Y, T; - GET_UINT32_BE( X, key, 0 ); - GET_UINT32_BE( Y, key, 4 ); + MBEDTLS_GET_UINT32_BE( X, key, 0 ); + MBEDTLS_GET_UINT32_BE( Y, key, 4 ); /* * Permuted Choice 1 @@ -610,8 +610,8 @@ int mbedtls_des_crypt_ecb( mbedtls_des_context *ctx, SK = ctx->sk; - GET_UINT32_BE( X, input, 0 ); - GET_UINT32_BE( Y, input, 4 ); + MBEDTLS_GET_UINT32_BE( X, input, 0 ); + MBEDTLS_GET_UINT32_BE( Y, input, 4 ); DES_IP( X, Y ); @@ -623,8 +623,8 @@ int mbedtls_des_crypt_ecb( mbedtls_des_context *ctx, DES_FP( Y, X ); - PUT_UINT32_BE( Y, output, 0 ); - PUT_UINT32_BE( X, output, 4 ); + MBEDTLS_PUT_UINT32_BE( Y, output, 0 ); + MBEDTLS_PUT_UINT32_BE( X, output, 4 ); return( 0 ); } @@ -697,8 +697,8 @@ int mbedtls_des3_crypt_ecb( mbedtls_des3_context *ctx, SK = ctx->sk; - GET_UINT32_BE( X, input, 0 ); - GET_UINT32_BE( Y, input, 4 ); + MBEDTLS_GET_UINT32_BE( X, input, 0 ); + MBEDTLS_GET_UINT32_BE( Y, input, 4 ); DES_IP( X, Y ); @@ -722,8 +722,8 @@ int mbedtls_des3_crypt_ecb( mbedtls_des3_context *ctx, DES_FP( Y, X ); - PUT_UINT32_BE( Y, output, 0 ); - PUT_UINT32_BE( X, output, 4 ); + MBEDTLS_PUT_UINT32_BE( Y, output, 0 ); + MBEDTLS_PUT_UINT32_BE( X, output, 4 ); return( 0 ); } diff --git a/library/gcm.c b/library/gcm.c index c8254876d..3caeed26d 100644 --- a/library/gcm.c +++ b/library/gcm.c @@ -88,12 +88,12 @@ static int gcm_gen_table( mbedtls_gcm_context *ctx ) return( ret ); /* pack h as two 64-bits ints, big-endian */ - GET_UINT32_BE( hi, h, 0 ); - GET_UINT32_BE( lo, h, 4 ); + MBEDTLS_GET_UINT32_BE( hi, h, 0 ); + MBEDTLS_GET_UINT32_BE( lo, h, 4 ); vh = (uint64_t) hi << 32 | lo; - GET_UINT32_BE( hi, h, 8 ); - GET_UINT32_BE( lo, h, 12 ); + MBEDTLS_GET_UINT32_BE( hi, h, 8 ); + MBEDTLS_GET_UINT32_BE( lo, h, 12 ); vl = (uint64_t) hi << 32 | lo; /* 8 = 1000 corresponds to 1 in GF(2^128) */ @@ -200,10 +200,10 @@ static void gcm_mult( mbedtls_gcm_context *ctx, const unsigned char x[16], if( mbedtls_aesni_has_support( MBEDTLS_AESNI_CLMUL ) ) { unsigned char h[16]; - PUT_UINT32_BE( ctx->HH[8] >> 32, h, 0 ); - PUT_UINT32_BE( ctx->HH[8], h, 4 ); - PUT_UINT32_BE( ctx->HL[8] >> 32, h, 8 ); - PUT_UINT32_BE( ctx->HL[8], h, 12 ); + MBEDTLS_PUT_UINT32_BE( ctx->HH[8] >> 32, h, 0 ); + MBEDTLS_PUT_UINT32_BE( ctx->HH[8], h, 4 ); + MBEDTLS_PUT_UINT32_BE( ctx->HL[8] >> 32, h, 8 ); + MBEDTLS_PUT_UINT32_BE( ctx->HL[8], h, 12 ); mbedtls_aesni_gcm_mult( output, x, h ); return; @@ -239,10 +239,10 @@ static void gcm_mult( mbedtls_gcm_context *ctx, const unsigned char x[16], zl ^= ctx->HL[hi]; } - PUT_UINT32_BE( zh >> 32, output, 0 ); - PUT_UINT32_BE( zh, output, 4 ); - PUT_UINT32_BE( zl >> 32, output, 8 ); - PUT_UINT32_BE( zl, output, 12 ); + MBEDTLS_PUT_UINT32_BE( zh >> 32, output, 0 ); + MBEDTLS_PUT_UINT32_BE( zh, output, 4 ); + MBEDTLS_PUT_UINT32_BE( zl >> 32, output, 8 ); + MBEDTLS_PUT_UINT32_BE( zl, output, 12 ); } int mbedtls_gcm_starts( mbedtls_gcm_context *ctx, @@ -278,7 +278,7 @@ int mbedtls_gcm_starts( mbedtls_gcm_context *ctx, else { memset( work_buf, 0x00, 16 ); - PUT_UINT32_BE( iv_len * 8, work_buf, 12 ); + MBEDTLS_PUT_UINT32_BE( iv_len * 8, work_buf, 12 ); p = iv; while( iv_len > 0 ) @@ -546,10 +546,10 @@ int mbedtls_gcm_finish( mbedtls_gcm_context *ctx, { memset( work_buf, 0x00, 16 ); - PUT_UINT32_BE( ( orig_add_len >> 32 ), work_buf, 0 ); - PUT_UINT32_BE( ( orig_add_len ), work_buf, 4 ); - PUT_UINT32_BE( ( orig_len >> 32 ), work_buf, 8 ); - PUT_UINT32_BE( ( orig_len ), work_buf, 12 ); + MBEDTLS_PUT_UINT32_BE( ( orig_add_len >> 32 ), work_buf, 0 ); + MBEDTLS_PUT_UINT32_BE( ( orig_add_len ), work_buf, 4 ); + MBEDTLS_PUT_UINT32_BE( ( orig_len >> 32 ), work_buf, 8 ); + MBEDTLS_PUT_UINT32_BE( ( orig_len ), work_buf, 12 ); for( i = 0; i < 16; i++ ) ctx->buf[i] ^= work_buf[i]; diff --git a/library/md5.c b/library/md5.c index d8f637da8..e8d00216f 100644 --- a/library/md5.c +++ b/library/md5.c @@ -87,22 +87,22 @@ int mbedtls_internal_md5_process( mbedtls_md5_context *ctx, uint32_t X[16], A, B, C, D; } local; - GET_UINT32_LE( local.X[ 0], data, 0 ); - GET_UINT32_LE( local.X[ 1], data, 4 ); - GET_UINT32_LE( local.X[ 2], data, 8 ); - GET_UINT32_LE( local.X[ 3], data, 12 ); - GET_UINT32_LE( local.X[ 4], data, 16 ); - GET_UINT32_LE( local.X[ 5], data, 20 ); - GET_UINT32_LE( local.X[ 6], data, 24 ); - GET_UINT32_LE( local.X[ 7], data, 28 ); - GET_UINT32_LE( local.X[ 8], data, 32 ); - GET_UINT32_LE( local.X[ 9], data, 36 ); - GET_UINT32_LE( local.X[10], data, 40 ); - GET_UINT32_LE( local.X[11], data, 44 ); - GET_UINT32_LE( local.X[12], data, 48 ); - GET_UINT32_LE( local.X[13], data, 52 ); - GET_UINT32_LE( local.X[14], data, 56 ); - GET_UINT32_LE( local.X[15], data, 60 ); + MBEDTLS_GET_UINT32_LE( local.X[ 0], data, 0 ); + MBEDTLS_GET_UINT32_LE( local.X[ 1], data, 4 ); + MBEDTLS_GET_UINT32_LE( local.X[ 2], data, 8 ); + MBEDTLS_GET_UINT32_LE( local.X[ 3], data, 12 ); + MBEDTLS_GET_UINT32_LE( local.X[ 4], data, 16 ); + MBEDTLS_GET_UINT32_LE( local.X[ 5], data, 20 ); + MBEDTLS_GET_UINT32_LE( local.X[ 6], data, 24 ); + MBEDTLS_GET_UINT32_LE( local.X[ 7], data, 28 ); + MBEDTLS_GET_UINT32_LE( local.X[ 8], data, 32 ); + MBEDTLS_GET_UINT32_LE( local.X[ 9], data, 36 ); + MBEDTLS_GET_UINT32_LE( local.X[10], data, 40 ); + MBEDTLS_GET_UINT32_LE( local.X[11], data, 44 ); + MBEDTLS_GET_UINT32_LE( local.X[12], data, 48 ); + MBEDTLS_GET_UINT32_LE( local.X[13], data, 52 ); + MBEDTLS_GET_UINT32_LE( local.X[14], data, 56 ); + MBEDTLS_GET_UINT32_LE( local.X[15], data, 60 ); #define S(x,n) \ ( ( (x) << (n) ) | ( ( (x) & 0xFFFFFFFF) >> ( 32 - (n) ) ) ) @@ -307,8 +307,8 @@ int mbedtls_md5_finish( mbedtls_md5_context *ctx, | ( ctx->total[1] << 3 ); low = ( ctx->total[0] << 3 ); - PUT_UINT32_LE( low, ctx->buffer, 56 ); - PUT_UINT32_LE( high, ctx->buffer, 60 ); + MBEDTLS_PUT_UINT32_LE( low, ctx->buffer, 56 ); + MBEDTLS_PUT_UINT32_LE( high, ctx->buffer, 60 ); if( ( ret = mbedtls_internal_md5_process( ctx, ctx->buffer ) ) != 0 ) return( ret ); @@ -316,10 +316,10 @@ int mbedtls_md5_finish( mbedtls_md5_context *ctx, /* * Output final state */ - PUT_UINT32_LE( ctx->state[0], output, 0 ); - PUT_UINT32_LE( ctx->state[1], output, 4 ); - PUT_UINT32_LE( ctx->state[2], output, 8 ); - PUT_UINT32_LE( ctx->state[3], output, 12 ); + MBEDTLS_PUT_UINT32_LE( ctx->state[0], output, 0 ); + MBEDTLS_PUT_UINT32_LE( ctx->state[1], output, 4 ); + MBEDTLS_PUT_UINT32_LE( ctx->state[2], output, 8 ); + MBEDTLS_PUT_UINT32_LE( ctx->state[3], output, 12 ); return( 0 ); } diff --git a/library/nist_kw.c b/library/nist_kw.c index 174a1eef1..b8f923999 100644 --- a/library/nist_kw.c +++ b/library/nist_kw.c @@ -223,7 +223,7 @@ int mbedtls_nist_kw_wrap( mbedtls_nist_kw_context *ctx, } memcpy( output, NIST_KW_ICV2, KW_SEMIBLOCK_LENGTH / 2 ); - PUT_UINT32_BE( ( in_len & 0xffffffff ), output, + MBEDTLS_PUT_UINT32_BE( ( in_len & 0xffffffff ), output, KW_SEMIBLOCK_LENGTH / 2 ); memcpy( output + KW_SEMIBLOCK_LENGTH, input, in_len ); @@ -454,7 +454,7 @@ int mbedtls_nist_kw_unwrap( mbedtls_nist_kw_context *ctx, ret = MBEDTLS_ERR_CIPHER_AUTH_FAILED; } - GET_UINT32_BE( Plen, A, KW_SEMIBLOCK_LENGTH / 2 ); + MBEDTLS_GET_UINT32_BE( Plen, A, KW_SEMIBLOCK_LENGTH / 2 ); /* * Plen is the length of the plaintext, when the input is valid. diff --git a/library/poly1305.c b/library/poly1305.c index a30b1707e..3c0b7c6aa 100644 --- a/library/poly1305.c +++ b/library/poly1305.c @@ -122,10 +122,10 @@ static void poly1305_process( mbedtls_poly1305_context *ctx, for( i = 0U; i < nblocks; i++ ) { /* The input block is treated as a 128-bit little-endian integer */ - d0 = BYTES_TO_U32_LE( input, offset + 0 ); - d1 = BYTES_TO_U32_LE( input, offset + 4 ); - d2 = BYTES_TO_U32_LE( input, offset + 8 ); - d3 = BYTES_TO_U32_LE( input, offset + 12 ); + d0 = MBEDTLS_BYTES_TO_U32_LE( input, offset + 0 ); + d1 = MBEDTLS_BYTES_TO_U32_LE( input, offset + 4 ); + d2 = MBEDTLS_BYTES_TO_U32_LE( input, offset + 8 ); + d3 = MBEDTLS_BYTES_TO_U32_LE( input, offset + 12 ); /* Compute: acc += (padded) block as a 130-bit integer */ d0 += (uint64_t) acc0; @@ -290,15 +290,15 @@ int mbedtls_poly1305_starts( mbedtls_poly1305_context *ctx, POLY1305_VALIDATE_RET( key != NULL ); /* r &= 0x0ffffffc0ffffffc0ffffffc0fffffff */ - ctx->r[0] = BYTES_TO_U32_LE( key, 0 ) & 0x0FFFFFFFU; - ctx->r[1] = BYTES_TO_U32_LE( key, 4 ) & 0x0FFFFFFCU; - ctx->r[2] = BYTES_TO_U32_LE( key, 8 ) & 0x0FFFFFFCU; - ctx->r[3] = BYTES_TO_U32_LE( key, 12 ) & 0x0FFFFFFCU; + ctx->r[0] = MBEDTLS_BYTES_TO_U32_LE( key, 0 ) & 0x0FFFFFFFU; + ctx->r[1] = MBEDTLS_BYTES_TO_U32_LE( key, 4 ) & 0x0FFFFFFCU; + ctx->r[2] = MBEDTLS_BYTES_TO_U32_LE( key, 8 ) & 0x0FFFFFFCU; + ctx->r[3] = MBEDTLS_BYTES_TO_U32_LE( key, 12 ) & 0x0FFFFFFCU; - ctx->s[0] = BYTES_TO_U32_LE( key, 16 ); - ctx->s[1] = BYTES_TO_U32_LE( key, 20 ); - ctx->s[2] = BYTES_TO_U32_LE( key, 24 ); - ctx->s[3] = BYTES_TO_U32_LE( key, 28 ); + ctx->s[0] = MBEDTLS_BYTES_TO_U32_LE( key, 16 ); + ctx->s[1] = MBEDTLS_BYTES_TO_U32_LE( key, 20 ); + ctx->s[2] = MBEDTLS_BYTES_TO_U32_LE( key, 24 ); + ctx->s[3] = MBEDTLS_BYTES_TO_U32_LE( key, 28 ); /* Initial accumulator state */ ctx->acc[0] = 0U; diff --git a/library/psa_crypto.c b/library/psa_crypto.c index b46e023e5..95aa0d531 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -4506,8 +4506,8 @@ static psa_status_t psa_tls12_prf_psk_to_ms_set_key( * uint16 with the value N, and the PSK itself. */ - *cur++ = BYTE_1( data_length ); - *cur++ = BYTE_0( data_length ); + *cur++ = MBEDTLS_BYTE_1( data_length ); + *cur++ = MBEDTLS_BYTE_0( data_length ); memset( cur, 0, data_length ); cur += data_length; *cur++ = pms[0]; diff --git a/library/psa_crypto_storage.c b/library/psa_crypto_storage.c index 36b518350..3646953a5 100644 --- a/library/psa_crypto_storage.c +++ b/library/psa_crypto_storage.c @@ -275,14 +275,14 @@ void psa_format_key_data_for_storage( const uint8_t *data, (psa_persistent_key_storage_format *) storage_data; memcpy( storage_format->magic, PSA_KEY_STORAGE_MAGIC_HEADER, PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH ); - PUT_UINT32_LE( 0, storage_format->version, 0 ); - PUT_UINT32_LE( attr->lifetime, storage_format->lifetime, 0 ); + MBEDTLS_PUT_UINT32_LE( 0, storage_format->version, 0 ); + MBEDTLS_PUT_UINT32_LE( attr->lifetime, storage_format->lifetime, 0 ); PUT_UINT16_LE( (uint16_t) attr->type, storage_format->type, 0 ); PUT_UINT16_LE( (uint16_t) attr->bits, storage_format->bits, 0 ); - PUT_UINT32_LE( attr->policy.usage, storage_format->policy, 0 ); - PUT_UINT32_LE( attr->policy.alg, storage_format->policy, sizeof( uint32_t ) ); - PUT_UINT32_LE( attr->policy.alg2, storage_format->policy, 2 * sizeof( uint32_t ) ); - PUT_UINT32_LE( data_length, storage_format->data_len, 0 ); + MBEDTLS_PUT_UINT32_LE( attr->policy.usage, storage_format->policy, 0 ); + MBEDTLS_PUT_UINT32_LE( attr->policy.alg, storage_format->policy, sizeof( uint32_t ) ); + MBEDTLS_PUT_UINT32_LE( attr->policy.alg2, storage_format->policy, 2 * sizeof( uint32_t ) ); + MBEDTLS_PUT_UINT32_LE( data_length, storage_format->data_len, 0 ); memcpy( storage_format->key_data, data, data_length ); } @@ -312,11 +312,11 @@ psa_status_t psa_parse_key_data_from_storage( const uint8_t *storage_data, if( status != PSA_SUCCESS ) return( status ); - GET_UINT32_LE( version, storage_format->version, 0 ); + MBEDTLS_GET_UINT32_LE( version, storage_format->version, 0 ); if( version != 0 ) return( PSA_ERROR_DATA_INVALID ); - GET_UINT32_LE( *key_data_length, storage_format->data_len, 0 ); + MBEDTLS_GET_UINT32_LE( *key_data_length, storage_format->data_len, 0 ); if( *key_data_length > ( storage_data_length - sizeof(*storage_format) ) || *key_data_length > PSA_CRYPTO_MAX_STORAGE_SIZE ) return( PSA_ERROR_DATA_INVALID ); @@ -333,12 +333,12 @@ psa_status_t psa_parse_key_data_from_storage( const uint8_t *storage_data, memcpy( *key_data, storage_format->key_data, *key_data_length ); } - GET_UINT32_LE( attr->lifetime, storage_format->lifetime, 0 ); + MBEDTLS_GET_UINT32_LE( attr->lifetime, storage_format->lifetime, 0 ); GET_UINT16_LE( attr->type, storage_format->type, 0 ); GET_UINT16_LE( attr->bits, storage_format->bits, 0 ); - GET_UINT32_LE( attr->policy.usage, storage_format->policy, 0 ); - GET_UINT32_LE( attr->policy.alg, storage_format->policy, sizeof( uint32_t ) ); - GET_UINT32_LE( attr->policy.alg2, storage_format->policy, 2 * sizeof( uint32_t ) ); + MBEDTLS_GET_UINT32_LE( attr->policy.usage, storage_format->policy, 0 ); + MBEDTLS_GET_UINT32_LE( attr->policy.alg, storage_format->policy, sizeof( uint32_t ) ); + MBEDTLS_GET_UINT32_LE( attr->policy.alg2, storage_format->policy, 2 * sizeof( uint32_t ) ); return( PSA_SUCCESS ); } diff --git a/library/psa_its_file.c b/library/psa_its_file.c index 66043b502..c3b19a74a 100644 --- a/library/psa_its_file.c +++ b/library/psa_its_file.c @@ -191,14 +191,14 @@ psa_status_t psa_its_set( psa_storage_uid_t uid, size_t n; memcpy( header.magic, PSA_ITS_MAGIC_STRING, PSA_ITS_MAGIC_LENGTH ); - header.size[0] = BYTE_0( data_length ); - header.size[1] = BYTE_1( data_length ); - header.size[2] = BYTE_2( data_length ); - header.size[3] = BYTE_3( data_length ); - header.flags[0] = BYTE_0( create_flags ); - header.flags[1] = BYTE_1( create_flags ); - header.flags[2] = BYTE_2( create_flags ); - header.flags[3] = BYTE_3( create_flags ); + header.size[0] = MBEDTLS_BYTE_0( data_length ); + header.size[1] = MBEDTLS_BYTE_1( data_length ); + header.size[2] = MBEDTLS_BYTE_2( data_length ); + header.size[3] = MBEDTLS_BYTE_3( data_length ); + header.flags[0] = MBEDTLS_BYTE_0( create_flags ); + header.flags[1] = MBEDTLS_BYTE_1( create_flags ); + header.flags[2] = MBEDTLS_BYTE_2( create_flags ); + header.flags[3] = MBEDTLS_BYTE_3( create_flags ); psa_its_fill_filename( uid, filename ); stream = fopen( PSA_ITS_STORAGE_TEMP, "wb" ); diff --git a/library/ripemd160.c b/library/ripemd160.c index d60654e95..2bed10723 100644 --- a/library/ripemd160.c +++ b/library/ripemd160.c @@ -92,22 +92,22 @@ int mbedtls_internal_ripemd160_process( mbedtls_ripemd160_context *ctx, uint32_t A, B, C, D, E, Ap, Bp, Cp, Dp, Ep, X[16]; } local; - GET_UINT32_LE( local.X[ 0], data, 0 ); - GET_UINT32_LE( local.X[ 1], data, 4 ); - GET_UINT32_LE( local.X[ 2], data, 8 ); - GET_UINT32_LE( local.X[ 3], data, 12 ); - GET_UINT32_LE( local.X[ 4], data, 16 ); - GET_UINT32_LE( local.X[ 5], data, 20 ); - GET_UINT32_LE( local.X[ 6], data, 24 ); - GET_UINT32_LE( local.X[ 7], data, 28 ); - GET_UINT32_LE( local.X[ 8], data, 32 ); - GET_UINT32_LE( local.X[ 9], data, 36 ); - GET_UINT32_LE( local.X[10], data, 40 ); - GET_UINT32_LE( local.X[11], data, 44 ); - GET_UINT32_LE( local.X[12], data, 48 ); - GET_UINT32_LE( local.X[13], data, 52 ); - GET_UINT32_LE( local.X[14], data, 56 ); - GET_UINT32_LE( local.X[15], data, 60 ); + MBEDTLS_GET_UINT32_LE( local.X[ 0], data, 0 ); + MBEDTLS_GET_UINT32_LE( local.X[ 1], data, 4 ); + MBEDTLS_GET_UINT32_LE( local.X[ 2], data, 8 ); + MBEDTLS_GET_UINT32_LE( local.X[ 3], data, 12 ); + MBEDTLS_GET_UINT32_LE( local.X[ 4], data, 16 ); + MBEDTLS_GET_UINT32_LE( local.X[ 5], data, 20 ); + MBEDTLS_GET_UINT32_LE( local.X[ 6], data, 24 ); + MBEDTLS_GET_UINT32_LE( local.X[ 7], data, 28 ); + MBEDTLS_GET_UINT32_LE( local.X[ 8], data, 32 ); + MBEDTLS_GET_UINT32_LE( local.X[ 9], data, 36 ); + MBEDTLS_GET_UINT32_LE( local.X[10], data, 40 ); + MBEDTLS_GET_UINT32_LE( local.X[11], data, 44 ); + MBEDTLS_GET_UINT32_LE( local.X[12], data, 48 ); + MBEDTLS_GET_UINT32_LE( local.X[13], data, 52 ); + MBEDTLS_GET_UINT32_LE( local.X[14], data, 56 ); + MBEDTLS_GET_UINT32_LE( local.X[15], data, 60 ); local.A = local.Ap = ctx->state[0]; local.B = local.Bp = ctx->state[1]; @@ -354,8 +354,8 @@ int mbedtls_ripemd160_finish( mbedtls_ripemd160_context *ctx, | ( ctx->total[1] << 3 ); low = ( ctx->total[0] << 3 ); - PUT_UINT32_LE( low, msglen, 0 ); - PUT_UINT32_LE( high, msglen, 4 ); + MBEDTLS_PUT_UINT32_LE( low, msglen, 0 ); + MBEDTLS_PUT_UINT32_LE( high, msglen, 4 ); last = ctx->total[0] & 0x3F; padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last ); @@ -368,11 +368,11 @@ int mbedtls_ripemd160_finish( mbedtls_ripemd160_context *ctx, if( ret != 0 ) return( ret ); - PUT_UINT32_LE( ctx->state[0], output, 0 ); - PUT_UINT32_LE( ctx->state[1], output, 4 ); - PUT_UINT32_LE( ctx->state[2], output, 8 ); - PUT_UINT32_LE( ctx->state[3], output, 12 ); - PUT_UINT32_LE( ctx->state[4], output, 16 ); + MBEDTLS_PUT_UINT32_LE( ctx->state[0], output, 0 ); + MBEDTLS_PUT_UINT32_LE( ctx->state[1], output, 4 ); + MBEDTLS_PUT_UINT32_LE( ctx->state[2], output, 8 ); + MBEDTLS_PUT_UINT32_LE( ctx->state[3], output, 12 ); + MBEDTLS_PUT_UINT32_LE( ctx->state[4], output, 16 ); return( 0 ); } diff --git a/library/sha1.c b/library/sha1.c index 9beaee5a5..da61f65fc 100644 --- a/library/sha1.c +++ b/library/sha1.c @@ -103,22 +103,22 @@ int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx, SHA1_VALIDATE_RET( ctx != NULL ); SHA1_VALIDATE_RET( (const unsigned char *)data != NULL ); - GET_UINT32_BE( local.W[ 0], data, 0 ); - GET_UINT32_BE( local.W[ 1], data, 4 ); - GET_UINT32_BE( local.W[ 2], data, 8 ); - GET_UINT32_BE( local.W[ 3], data, 12 ); - GET_UINT32_BE( local.W[ 4], data, 16 ); - GET_UINT32_BE( local.W[ 5], data, 20 ); - GET_UINT32_BE( local.W[ 6], data, 24 ); - GET_UINT32_BE( local.W[ 7], data, 28 ); - GET_UINT32_BE( local.W[ 8], data, 32 ); - GET_UINT32_BE( local.W[ 9], data, 36 ); - GET_UINT32_BE( local.W[10], data, 40 ); - GET_UINT32_BE( local.W[11], data, 44 ); - GET_UINT32_BE( local.W[12], data, 48 ); - GET_UINT32_BE( local.W[13], data, 52 ); - GET_UINT32_BE( local.W[14], data, 56 ); - GET_UINT32_BE( local.W[15], data, 60 ); + MBEDTLS_GET_UINT32_BE( local.W[ 0], data, 0 ); + MBEDTLS_GET_UINT32_BE( local.W[ 1], data, 4 ); + MBEDTLS_GET_UINT32_BE( local.W[ 2], data, 8 ); + MBEDTLS_GET_UINT32_BE( local.W[ 3], data, 12 ); + MBEDTLS_GET_UINT32_BE( local.W[ 4], data, 16 ); + MBEDTLS_GET_UINT32_BE( local.W[ 5], data, 20 ); + MBEDTLS_GET_UINT32_BE( local.W[ 6], data, 24 ); + MBEDTLS_GET_UINT32_BE( local.W[ 7], data, 28 ); + MBEDTLS_GET_UINT32_BE( local.W[ 8], data, 32 ); + MBEDTLS_GET_UINT32_BE( local.W[ 9], data, 36 ); + MBEDTLS_GET_UINT32_BE( local.W[10], data, 40 ); + MBEDTLS_GET_UINT32_BE( local.W[11], data, 44 ); + MBEDTLS_GET_UINT32_BE( local.W[12], data, 48 ); + MBEDTLS_GET_UINT32_BE( local.W[13], data, 52 ); + MBEDTLS_GET_UINT32_BE( local.W[14], data, 56 ); + MBEDTLS_GET_UINT32_BE( local.W[15], data, 60 ); #define S(x,n) (((x) << (n)) | (((x) & 0xFFFFFFFF) >> (32 - (n)))) @@ -362,8 +362,8 @@ int mbedtls_sha1_finish( mbedtls_sha1_context *ctx, | ( ctx->total[1] << 3 ); low = ( ctx->total[0] << 3 ); - PUT_UINT32_BE( high, ctx->buffer, 56 ); - PUT_UINT32_BE( low, ctx->buffer, 60 ); + MBEDTLS_PUT_UINT32_BE( high, ctx->buffer, 56 ); + MBEDTLS_PUT_UINT32_BE( low, ctx->buffer, 60 ); if( ( ret = mbedtls_internal_sha1_process( ctx, ctx->buffer ) ) != 0 ) return( ret ); @@ -371,11 +371,11 @@ int mbedtls_sha1_finish( mbedtls_sha1_context *ctx, /* * Output final state */ - PUT_UINT32_BE( ctx->state[0], output, 0 ); - PUT_UINT32_BE( ctx->state[1], output, 4 ); - PUT_UINT32_BE( ctx->state[2], output, 8 ); - PUT_UINT32_BE( ctx->state[3], output, 12 ); - PUT_UINT32_BE( ctx->state[4], output, 16 ); + MBEDTLS_PUT_UINT32_BE( ctx->state[0], output, 0 ); + MBEDTLS_PUT_UINT32_BE( ctx->state[1], output, 4 ); + MBEDTLS_PUT_UINT32_BE( ctx->state[2], output, 8 ); + MBEDTLS_PUT_UINT32_BE( ctx->state[3], output, 12 ); + MBEDTLS_PUT_UINT32_BE( ctx->state[4], output, 16 ); return( 0 ); } diff --git a/library/sha256.c b/library/sha256.c index f548c672e..fb66340b2 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -190,7 +190,7 @@ int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx, for( i = 0; i < 64; i++ ) { if( i < 16 ) - GET_UINT32_BE( local.W[i], data, 4 * i ); + MBEDTLS_GET_UINT32_BE( local.W[i], data, 4 * i ); else R( i ); @@ -205,7 +205,7 @@ int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx, } #else /* MBEDTLS_SHA256_SMALLER */ for( i = 0; i < 16; i++ ) - GET_UINT32_BE( local.W[i], data, 4 * i ); + MBEDTLS_GET_UINT32_BE( local.W[i], data, 4 * i ); for( i = 0; i < 16; i += 8 ) { @@ -355,8 +355,8 @@ int mbedtls_sha256_finish( mbedtls_sha256_context *ctx, | ( ctx->total[1] << 3 ); low = ( ctx->total[0] << 3 ); - PUT_UINT32_BE( high, ctx->buffer, 56 ); - PUT_UINT32_BE( low, ctx->buffer, 60 ); + MBEDTLS_PUT_UINT32_BE( high, ctx->buffer, 56 ); + MBEDTLS_PUT_UINT32_BE( low, ctx->buffer, 60 ); if( ( ret = mbedtls_internal_sha256_process( ctx, ctx->buffer ) ) != 0 ) return( ret ); @@ -364,18 +364,18 @@ int mbedtls_sha256_finish( mbedtls_sha256_context *ctx, /* * Output final state */ - PUT_UINT32_BE( ctx->state[0], output, 0 ); - PUT_UINT32_BE( ctx->state[1], output, 4 ); - PUT_UINT32_BE( ctx->state[2], output, 8 ); - PUT_UINT32_BE( ctx->state[3], output, 12 ); - PUT_UINT32_BE( ctx->state[4], output, 16 ); - PUT_UINT32_BE( ctx->state[5], output, 20 ); - PUT_UINT32_BE( ctx->state[6], output, 24 ); + MBEDTLS_PUT_UINT32_BE( ctx->state[0], output, 0 ); + MBEDTLS_PUT_UINT32_BE( ctx->state[1], output, 4 ); + MBEDTLS_PUT_UINT32_BE( ctx->state[2], output, 8 ); + MBEDTLS_PUT_UINT32_BE( ctx->state[3], output, 12 ); + MBEDTLS_PUT_UINT32_BE( ctx->state[4], output, 16 ); + MBEDTLS_PUT_UINT32_BE( ctx->state[5], output, 20 ); + MBEDTLS_PUT_UINT32_BE( ctx->state[6], output, 24 ); #if defined(MBEDTLS_SHA224_C) if( ctx->is224 == 0 ) #endif - PUT_UINT32_BE( ctx->state[7], output, 28 ); + MBEDTLS_PUT_UINT32_BE( ctx->state[7], output, 28 ); return( 0 ); } diff --git a/library/ssl_msg.c b/library/ssl_msg.c index f3dbba82b..77904e0a1 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -2255,13 +2255,13 @@ int mbedtls_ssl_flight_transmit( mbedtls_ssl_context *ssl ) * Handshake headers: type(1) len(3) seq(2) f_off(3) f_len(3) */ memcpy( ssl->out_msg, cur->p, 6 ); - ssl->out_msg[6] = BYTE_2( frag_off ); - ssl->out_msg[7] = BYTE_1( frag_off ); - ssl->out_msg[8] = BYTE_0( frag_off ); + ssl->out_msg[6] = MBEDTLS_BYTE_2( frag_off ); + ssl->out_msg[7] = MBEDTLS_BYTE_1( frag_off ); + ssl->out_msg[8] = MBEDTLS_BYTE_0( frag_off ); - ssl->out_msg[ 9] = BYTE_2( cur_hs_frag_len ); - ssl->out_msg[10] = BYTE_1( cur_hs_frag_len ); - ssl->out_msg[11] = BYTE_0( cur_hs_frag_len ); + ssl->out_msg[ 9] = MBEDTLS_BYTE_2( cur_hs_frag_len ); + ssl->out_msg[10] = MBEDTLS_BYTE_1( cur_hs_frag_len ); + ssl->out_msg[11] = MBEDTLS_BYTE_0( cur_hs_frag_len ); MBEDTLS_SSL_DEBUG_BUF( 3, "handshake header", ssl->out_msg, 12 ); diff --git a/library/ssl_ticket.c b/library/ssl_ticket.c index 29d834575..a7a55f1a7 100644 --- a/library/ssl_ticket.c +++ b/library/ssl_ticket.c @@ -245,8 +245,8 @@ int mbedtls_ssl_ticket_write( void *p_ticket, { goto cleanup; } - state_len_bytes[0] = BYTE_1( clear_len ); - state_len_bytes[1] = BYTE_0( clear_len ); + state_len_bytes[0] = MBEDTLS_BYTE_1( clear_len ); + state_len_bytes[1] = MBEDTLS_BYTE_0( clear_len ); /* Encrypt and authenticate */ if( ( ret = mbedtls_cipher_auth_encrypt_ext( &key->ctx, From 33f953d8104bd0a069fb77d0ecbc13d33d927fe5 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Thu, 24 Jun 2021 16:49:38 +0100 Subject: [PATCH 57/81] Byte Reading Macros Changelog Signed-off-by: Joe Subbiani --- ChangeLog.d/issue4274.txt | 9 +++++++++ 1 file changed, 9 insertions(+) create mode 100644 ChangeLog.d/issue4274.txt diff --git a/ChangeLog.d/issue4274.txt b/ChangeLog.d/issue4274.txt new file mode 100644 index 000000000..3e59ca5be --- /dev/null +++ b/ChangeLog.d/issue4274.txt @@ -0,0 +1,9 @@ +Changes + * Create 4 byte reading macros in library/common.h, used in files + within the same directory: MBEDTLS_BYTE_0... MBEDTLS_BYTE_3. + * Move the (PUT and GET) UINT32_ (BE and LE) macro functions into + library/common.h. Rename with the prefix MBEDTLS_ to satisfy + test/scripts/check-names.sh (e.g MBEDTLS_PUT_UINT32_LE). + * Move BYTES_TO_U32_LE macro function to library/common.h, also given + the prefix MBEDTLS_. + Fixes #4274. \ No newline at end of file From c46997377afb35a2fc4881cd202c8c4fe5667479 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Fri, 25 Jun 2021 09:20:07 +0100 Subject: [PATCH 58/81] Fix formatting - Byte reading macros changelog Missing newline at the end of changelog.d/issue4274 Signed-off-by: Joe Subbiani --- ChangeLog.d/issue4274.txt | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/ChangeLog.d/issue4274.txt b/ChangeLog.d/issue4274.txt index 3e59ca5be..f0952f430 100644 --- a/ChangeLog.d/issue4274.txt +++ b/ChangeLog.d/issue4274.txt @@ -1,9 +1,9 @@ -Changes - * Create 4 byte reading macros in library/common.h, used in files - within the same directory: MBEDTLS_BYTE_0... MBEDTLS_BYTE_3. - * Move the (PUT and GET) UINT32_ (BE and LE) macro functions into - library/common.h. Rename with the prefix MBEDTLS_ to satisfy - test/scripts/check-names.sh (e.g MBEDTLS_PUT_UINT32_LE). - * Move BYTES_TO_U32_LE macro function to library/common.h, also given - the prefix MBEDTLS_. - Fixes #4274. \ No newline at end of file +Changes + * Create 4 byte reading macros in library/common.h, used in files + within the same directory: MBEDTLS_BYTE_0... MBEDTLS_BYTE_3. + * Move the (PUT and GET) UINT32_ (BE and LE) macro functions into + library/common.h. Rename with the prefix MBEDTLS_ to satisfy + test/scripts/check-names.sh (e.g MBEDTLS_PUT_UINT32_LE). + * Move BYTES_TO_U32_LE macro function to library/common.h, also given + the prefix MBEDTLS_. + Fixes #4274. From 9fa9ac3612c0c542fa91c0fae003dcb37c1586a8 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Mon, 5 Jul 2021 15:37:39 +0100 Subject: [PATCH 59/81] Move GET/PUT_UINT16_LE macros to common.h Although these only appear in one file: psa_crypto_storage.c it is tidy to give it the same prefix as the UINT32 macros and to store them in the fame file Signed-off-by: Joe Subbiani --- library/common.h | 31 ++++++++++++++++++++++++++----- library/psa_crypto_storage.c | 27 ++++----------------------- 2 files changed, 30 insertions(+), 28 deletions(-) diff --git a/library/common.h b/library/common.h index 6dbc808d3..e85cbf28d 100644 --- a/library/common.h +++ b/library/common.h @@ -80,7 +80,7 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c * 32-bit integer manipulation macros (big endian) */ #ifndef MBEDTLS_GET_UINT32_BE -#define MBEDTLS_GET_UINT32_BE(n,b,i) \ +#define MBEDTLS_GET_UINT32_BE(n,b,i) \ do { \ (n) = ( (uint32_t) (b)[(i) ] << 24 ) \ | ( (uint32_t) (b)[(i) + 1] << 16 ) \ @@ -90,7 +90,7 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c #endif #ifndef MBEDTLS_PUT_UINT32_BE -#define MBEDTLS_PUT_UINT32_BE(n,b,i) \ +#define MBEDTLS_PUT_UINT32_BE(n,b,i) \ do { \ (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \ (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \ @@ -103,7 +103,7 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c * 32-bit integer manipulation macros (little endian) */ #ifndef MBEDTLS_GET_UINT32_LE -#define MBEDTLS_GET_UINT32_LE(n,b,i) \ +#define MBEDTLS_GET_UINT32_LE(n,b,i) \ do { \ (n) = ( (uint32_t) (b)[(i) ] ) \ | ( (uint32_t) (b)[(i) + 1] << 8 ) \ @@ -113,7 +113,7 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c #endif #ifndef MBEDTLS_PUT_UINT32_LE -#define MBEDTLS_PUT_UINT32_LE(n,b,i) \ +#define MBEDTLS_PUT_UINT32_LE(n,b,i) \ do { \ (b)[(i) ] = (unsigned char) ( ( (n) ) & 0xFF ); \ (b)[(i) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \ @@ -125,11 +125,32 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c /** * 32-bit integer conversion from bytes (little endian) */ -#define MBEDTLS_BYTES_TO_U32_LE( data, offset ) \ +#define MBEDTLS_BYTES_TO_U32_LE( data, offset ) \ ( (uint32_t) (data)[offset] \ | (uint32_t) ( (uint32_t) (data)[( offset ) + 1] << 8 ) \ | (uint32_t) ( (uint32_t) (data)[( offset ) + 2] << 16 ) \ | (uint32_t) ( (uint32_t) (data)[( offset ) + 3] << 24 ) \ ) + +/* + * 16-bit integer manipulation macros (little endian) + */ +#ifndef MBEDTLS_GET_UINT16_LE +#define MBEDTLS_GET_UINT16_LE( n, b, i ) \ +{ \ + (n) = ( (uint16_t) (b)[(i) ] ) \ + | ( (uint16_t) (b)[(i) + 1] << 8 ); \ +} +#endif + +#ifndef MBEDTLS_PUT_UINT16_LE +#define MBEDTLS_PUT_UINT16_LE( n, b, i ) \ +{ \ + (b)[(i) ] = (unsigned char) ( ( (n) ) & 0xFF ); \ + (b)[(i) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \ +} +#endif + + #endif /* MBEDTLS_LIBRARY_COMMON_H */ diff --git a/library/psa_crypto_storage.c b/library/psa_crypto_storage.c index 3646953a5..07c2cdf60 100644 --- a/library/psa_crypto_storage.c +++ b/library/psa_crypto_storage.c @@ -230,25 +230,6 @@ static psa_status_t psa_crypto_storage_get_data_length( return( PSA_SUCCESS ); } -/* - * 16-bit integer manipulation macros (little endian) - */ -#ifndef GET_UINT16_LE -#define GET_UINT16_LE( n, b, i ) \ -{ \ - (n) = ( (uint16_t) (b)[(i) ] ) \ - | ( (uint16_t) (b)[(i) + 1] << 8 ); \ -} -#endif - -#ifndef PUT_UINT16_LE -#define PUT_UINT16_LE( n, b, i ) \ -{ \ - (b)[(i) ] = (unsigned char) ( ( (n) ) & 0xFF ); \ - (b)[(i) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \ -} -#endif - /** * Persistent key storage magic header. */ @@ -277,8 +258,8 @@ void psa_format_key_data_for_storage( const uint8_t *data, memcpy( storage_format->magic, PSA_KEY_STORAGE_MAGIC_HEADER, PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH ); MBEDTLS_PUT_UINT32_LE( 0, storage_format->version, 0 ); MBEDTLS_PUT_UINT32_LE( attr->lifetime, storage_format->lifetime, 0 ); - PUT_UINT16_LE( (uint16_t) attr->type, storage_format->type, 0 ); - PUT_UINT16_LE( (uint16_t) attr->bits, storage_format->bits, 0 ); + MBEDTLS_PUT_UINT16_LE( (uint16_t) attr->type, storage_format->type, 0 ); + MBEDTLS_PUT_UINT16_LE( (uint16_t) attr->bits, storage_format->bits, 0 ); MBEDTLS_PUT_UINT32_LE( attr->policy.usage, storage_format->policy, 0 ); MBEDTLS_PUT_UINT32_LE( attr->policy.alg, storage_format->policy, sizeof( uint32_t ) ); MBEDTLS_PUT_UINT32_LE( attr->policy.alg2, storage_format->policy, 2 * sizeof( uint32_t ) ); @@ -334,8 +315,8 @@ psa_status_t psa_parse_key_data_from_storage( const uint8_t *storage_data, } MBEDTLS_GET_UINT32_LE( attr->lifetime, storage_format->lifetime, 0 ); - GET_UINT16_LE( attr->type, storage_format->type, 0 ); - GET_UINT16_LE( attr->bits, storage_format->bits, 0 ); + MBEDTLS_GET_UINT16_LE( attr->type, storage_format->type, 0 ); + MBEDTLS_GET_UINT16_LE( attr->bits, storage_format->bits, 0 ); MBEDTLS_GET_UINT32_LE( attr->policy.usage, storage_format->policy, 0 ); MBEDTLS_GET_UINT32_LE( attr->policy.alg, storage_format->policy, sizeof( uint32_t ) ); MBEDTLS_GET_UINT32_LE( attr->policy.alg2, storage_format->policy, 2 * sizeof( uint32_t ) ); From 394bdd662b7facd32cfbb8ccd24cc0593f38ac0d Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Wed, 7 Jul 2021 15:16:56 +0100 Subject: [PATCH 60/81] Document common.h and remove changelog Added documenttion comments to common.h and removed the changelog as it is not really necessary for refactoring. Also modified a comment in aria.c to be clearer Signed-off-by: Joe Subbiani --- ChangeLog.d/issue4274.txt | 9 ------- library/aria.c | 3 ++- library/common.h | 50 +++++++++++++++++++++++++++++++++++---- 3 files changed, 47 insertions(+), 15 deletions(-) delete mode 100644 ChangeLog.d/issue4274.txt diff --git a/ChangeLog.d/issue4274.txt b/ChangeLog.d/issue4274.txt deleted file mode 100644 index f0952f430..000000000 --- a/ChangeLog.d/issue4274.txt +++ /dev/null @@ -1,9 +0,0 @@ -Changes - * Create 4 byte reading macros in library/common.h, used in files - within the same directory: MBEDTLS_BYTE_0... MBEDTLS_BYTE_3. - * Move the (PUT and GET) UINT32_ (BE and LE) macro functions into - library/common.h. Rename with the prefix MBEDTLS_ to satisfy - test/scripts/check-names.sh (e.g MBEDTLS_PUT_UINT32_LE). - * Move BYTES_TO_U32_LE macro function to library/common.h, also given - the prefix MBEDTLS_. - Fixes #4274. diff --git a/library/aria.c b/library/aria.c index a6319d3e2..f4aa64107 100644 --- a/library/aria.c +++ b/library/aria.c @@ -385,7 +385,8 @@ static void aria_fe_xor( uint32_t r[4], const uint32_t p[4], * Big endian 128-bit rotation: r = a ^ (b <<< n), used only in key setup. * * We chose to store bytes into 32-bit words in little-endian format (see - * GET/MBEDTLS_PUT_UINT32_LE) so we need to reverse bytes here. + * MBEDTLS_GET_UINT32_LE / MBEDTLS_PUT_UINT32_LE ) so we need to reverse + * bytes here. */ static void aria_rot128( uint32_t r[4], const uint32_t a[4], const uint32_t b[4], uint8_t n ) diff --git a/library/common.h b/library/common.h index e85cbf28d..5115465e8 100644 --- a/library/common.h +++ b/library/common.h @@ -68,15 +68,36 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c /** Byte Reading Macros * - * To tidy up code and save horizontal and vertical space, use byte - * reading macros to cast + * Obtain the most significant byte of x using 0xff + * Using MBEDTLS_BYTE_a will shift a*8 bits + * to retrieve the next byte of information */ #define MBEDTLS_BYTE_0( x ) ( (uint8_t) ( ( x ) & 0xff ) ) #define MBEDTLS_BYTE_1( x ) ( (uint8_t) ( ( ( x ) >> 8 ) & 0xff ) ) #define MBEDTLS_BYTE_2( x ) ( (uint8_t) ( ( ( x ) >> 16 ) & 0xff ) ) #define MBEDTLS_BYTE_3( x ) ( (uint8_t) ( ( ( x ) >> 24 ) & 0xff ) ) -/* +/** + * 32-bit integer manipulation macros + * + * \brief Using GET- + * From input data, take the most significant bytes + * and concatonate them as you shift along + * Using PUT- + * Read from a 32 bit integer and store each byte + * in memory, offset by a byte each, resulting in + * each byte being adjacent in memory. + * + * \param n 32 bit integer where data is accessed via + * PUT or stored using GET + * \param b const unsigned char array of data to be + * manipulated + * \param i offset in bytes, In the case of UINT32, i + * would increment by 4 every use assuming + * the data is being stored in the same location + */ + +/** * 32-bit integer manipulation macros (big endian) */ #ifndef MBEDTLS_GET_UINT32_BE @@ -99,7 +120,7 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c } while( 0 ) #endif -/* +/** * 32-bit integer manipulation macros (little endian) */ #ifndef MBEDTLS_GET_UINT32_LE @@ -132,8 +153,27 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c | (uint32_t) ( (uint32_t) (data)[( offset ) + 3] << 24 ) \ ) +/** + * 16-bit integer manipulation macros + * + * \brief Using GET- + * From input data, take the most significant bytes + * and concatonate them as you shift along + * Using PUT- + * Read from a 16 bit integer and store each byte + * in memory, offset by a byte each, resulting in + * each byte being adjacent in memory. + * + * \param n 16 bit integer where data is accessed via + * PUT or stored using GET + * \param b const unsigned char array of data to be + * manipulated + * \param i offset in bytes, In the case of UINT16, i + * would increment by 2 every use assuming + * the data is being stored in the same location + */ -/* +/** * 16-bit integer manipulation macros (little endian) */ #ifndef MBEDTLS_GET_UINT16_LE From 6a5063149756e1d5d12b0497867f5c22aaa8100e Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Wed, 7 Jul 2021 16:56:29 +0100 Subject: [PATCH 61/81] GET macros use a target variable The GET macros used to write to a macro parameter, but now they can be used to assign a value to the desired variable rather than pass it in as an argument and have it modified in the macro function. Due to this MBEDTLS_BYTES_TO_U32_LE is the same as MBEDTLS_GET_UINT32_LE and was there for replaced in the appropriate files and removed from common.h Signed-off-by: Joe Subbiani --- library/aes.c | 18 ++--- library/aria.c | 24 +++--- library/camellia.c | 14 ++-- library/chacha20.c | 22 ++--- library/common.h | 151 +++++++++++++++++++++-------------- library/des.c | 12 +-- library/gcm.c | 8 +- library/md5.c | 32 ++++---- library/nist_kw.c | 2 +- library/poly1305.c | 24 +++--- library/psa_crypto_storage.c | 16 ++-- library/ripemd160.c | 32 ++++---- library/sha1.c | 32 ++++---- library/sha256.c | 4 +- 14 files changed, 211 insertions(+), 180 deletions(-) diff --git a/library/aes.c b/library/aes.c index db726fe36..7a44a7840 100644 --- a/library/aes.c +++ b/library/aes.c @@ -567,7 +567,7 @@ int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key, for( i = 0; i < ( keybits >> 5 ); i++ ) { - MBEDTLS_GET_UINT32_LE( RK[i], key, i << 2 ); + RK[i] = MBEDTLS_GET_UINT32_LE( key, i << 2 ); } switch( ctx->nr ) @@ -850,10 +850,10 @@ int mbedtls_internal_aes_encrypt( mbedtls_aes_context *ctx, uint32_t Y[4]; } t; - MBEDTLS_GET_UINT32_LE( t.X[0], input, 0 ); t.X[0] ^= *RK++; - MBEDTLS_GET_UINT32_LE( t.X[1], input, 4 ); t.X[1] ^= *RK++; - MBEDTLS_GET_UINT32_LE( t.X[2], input, 8 ); t.X[2] ^= *RK++; - MBEDTLS_GET_UINT32_LE( t.X[3], input, 12 ); t.X[3] ^= *RK++; + t.X[0] = MBEDTLS_GET_UINT32_LE( input, 0 ); t.X[0] ^= *RK++; + t.X[1] = MBEDTLS_GET_UINT32_LE( input, 4 ); t.X[1] ^= *RK++; + t.X[2] = MBEDTLS_GET_UINT32_LE( input, 8 ); t.X[2] ^= *RK++; + t.X[3] = MBEDTLS_GET_UINT32_LE( input, 12 ); t.X[3] ^= *RK++; for( i = ( ctx->nr >> 1 ) - 1; i > 0; i-- ) { @@ -914,10 +914,10 @@ int mbedtls_internal_aes_decrypt( mbedtls_aes_context *ctx, uint32_t Y[4]; } t; - MBEDTLS_GET_UINT32_LE( t.X[0], input, 0 ); t.X[0] ^= *RK++; - MBEDTLS_GET_UINT32_LE( t.X[1], input, 4 ); t.X[1] ^= *RK++; - MBEDTLS_GET_UINT32_LE( t.X[2], input, 8 ); t.X[2] ^= *RK++; - MBEDTLS_GET_UINT32_LE( t.X[3], input, 12 ); t.X[3] ^= *RK++; + t.X[0] = MBEDTLS_GET_UINT32_LE( input, 0 ); t.X[0] ^= *RK++; + t.X[1] = MBEDTLS_GET_UINT32_LE( input, 4 ); t.X[1] ^= *RK++; + t.X[2] = MBEDTLS_GET_UINT32_LE( input, 8 ); t.X[2] ^= *RK++; + t.X[3] = MBEDTLS_GET_UINT32_LE( input, 12 ); t.X[3] ^= *RK++; for( i = ( ctx->nr >> 1 ) - 1; i > 0; i-- ) { diff --git a/library/aria.c b/library/aria.c index f4aa64107..320f7758a 100644 --- a/library/aria.c +++ b/library/aria.c @@ -434,21 +434,21 @@ int mbedtls_aria_setkey_enc( mbedtls_aria_context *ctx, return( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA ); /* Copy key to W0 (and potential remainder to W1) */ - MBEDTLS_GET_UINT32_LE( w[0][0], key, 0 ); - MBEDTLS_GET_UINT32_LE( w[0][1], key, 4 ); - MBEDTLS_GET_UINT32_LE( w[0][2], key, 8 ); - MBEDTLS_GET_UINT32_LE( w[0][3], key, 12 ); + w[0][0] = MBEDTLS_GET_UINT32_LE( key, 0 ); + w[0][1] = MBEDTLS_GET_UINT32_LE( key, 4 ); + w[0][2] = MBEDTLS_GET_UINT32_LE( key, 8 ); + w[0][3] = MBEDTLS_GET_UINT32_LE( key, 12 ); memset( w[1], 0, 16 ); if( keybits >= 192 ) { - MBEDTLS_GET_UINT32_LE( w[1][0], key, 16 ); // 192 bit key - MBEDTLS_GET_UINT32_LE( w[1][1], key, 20 ); + w[1][0] = MBEDTLS_GET_UINT32_LE( key, 16 ); // 192 bit key + w[1][1] = MBEDTLS_GET_UINT32_LE( key, 20 ); } if( keybits == 256 ) { - MBEDTLS_GET_UINT32_LE( w[1][2], key, 24 ); // 256 bit key - MBEDTLS_GET_UINT32_LE( w[1][3], key, 28 ); + w[1][2] = MBEDTLS_GET_UINT32_LE( key, 24 ); // 256 bit key + w[1][3] = MBEDTLS_GET_UINT32_LE( key, 28 ); } i = ( keybits - 128 ) >> 6; // index: 0, 1, 2 @@ -525,10 +525,10 @@ int mbedtls_aria_crypt_ecb( mbedtls_aria_context *ctx, ARIA_VALIDATE_RET( input != NULL ); ARIA_VALIDATE_RET( output != NULL ); - MBEDTLS_GET_UINT32_LE( a, input, 0 ); - MBEDTLS_GET_UINT32_LE( b, input, 4 ); - MBEDTLS_GET_UINT32_LE( c, input, 8 ); - MBEDTLS_GET_UINT32_LE( d, input, 12 ); + a = MBEDTLS_GET_UINT32_LE( input, 0 ); + b = MBEDTLS_GET_UINT32_LE( input, 4 ); + c = MBEDTLS_GET_UINT32_LE( input, 8 ); + d = MBEDTLS_GET_UINT32_LE( input, 12 ); i = 0; while( 1 ) diff --git a/library/camellia.c b/library/camellia.c index 9aab7ab67..4d6b468e5 100644 --- a/library/camellia.c +++ b/library/camellia.c @@ -353,8 +353,8 @@ int mbedtls_camellia_setkey_enc( mbedtls_camellia_context *ctx, * Prepare SIGMA values */ for( i = 0; i < 6; i++ ) { - MBEDTLS_GET_UINT32_BE( SIGMA[i][0], SIGMA_CHARS[i], 0 ); - MBEDTLS_GET_UINT32_BE( SIGMA[i][1], SIGMA_CHARS[i], 4 ); + SIGMA[i][0] = MBEDTLS_GET_UINT32_BE( SIGMA_CHARS[i], 0 ); + SIGMA[i][1] = MBEDTLS_GET_UINT32_BE( SIGMA_CHARS[i], 4 ); } /* @@ -365,7 +365,7 @@ int mbedtls_camellia_setkey_enc( mbedtls_camellia_context *ctx, /* Store KL, KR */ for( i = 0; i < 8; i++ ) - MBEDTLS_GET_UINT32_BE( KC[i], t, i * 4 ); + KC[i] = MBEDTLS_GET_UINT32_BE( t, i * 4 ); /* Generate KA */ for( i = 0; i < 4; ++i ) @@ -491,10 +491,10 @@ int mbedtls_camellia_crypt_ecb( mbedtls_camellia_context *ctx, NR = ctx->nr; RK = ctx->rk; - MBEDTLS_GET_UINT32_BE( X[0], input, 0 ); - MBEDTLS_GET_UINT32_BE( X[1], input, 4 ); - MBEDTLS_GET_UINT32_BE( X[2], input, 8 ); - MBEDTLS_GET_UINT32_BE( X[3], input, 12 ); + X[0] = MBEDTLS_GET_UINT32_BE( input, 0 ); + X[1] = MBEDTLS_GET_UINT32_BE( input, 4 ); + X[2] = MBEDTLS_GET_UINT32_BE( input, 8 ); + X[3] = MBEDTLS_GET_UINT32_BE( input, 12 ); X[0] ^= *RK++; X[1] ^= *RK++; diff --git a/library/chacha20.c b/library/chacha20.c index d0d5741c7..7015f99d5 100644 --- a/library/chacha20.c +++ b/library/chacha20.c @@ -205,14 +205,14 @@ int mbedtls_chacha20_setkey( mbedtls_chacha20_context *ctx, ctx->state[3] = 0x6b206574; /* Set key */ - ctx->state[4] = MBEDTLS_BYTES_TO_U32_LE( key, 0 ); - ctx->state[5] = MBEDTLS_BYTES_TO_U32_LE( key, 4 ); - ctx->state[6] = MBEDTLS_BYTES_TO_U32_LE( key, 8 ); - ctx->state[7] = MBEDTLS_BYTES_TO_U32_LE( key, 12 ); - ctx->state[8] = MBEDTLS_BYTES_TO_U32_LE( key, 16 ); - ctx->state[9] = MBEDTLS_BYTES_TO_U32_LE( key, 20 ); - ctx->state[10] = MBEDTLS_BYTES_TO_U32_LE( key, 24 ); - ctx->state[11] = MBEDTLS_BYTES_TO_U32_LE( key, 28 ); + ctx->state[4] = MBEDTLS_GET_UINT32_LE( key, 0 ); + ctx->state[5] = MBEDTLS_GET_UINT32_LE( key, 4 ); + ctx->state[6] = MBEDTLS_GET_UINT32_LE( key, 8 ); + ctx->state[7] = MBEDTLS_GET_UINT32_LE( key, 12 ); + ctx->state[8] = MBEDTLS_GET_UINT32_LE( key, 16 ); + ctx->state[9] = MBEDTLS_GET_UINT32_LE( key, 20 ); + ctx->state[10] = MBEDTLS_GET_UINT32_LE( key, 24 ); + ctx->state[11] = MBEDTLS_GET_UINT32_LE( key, 28 ); return( 0 ); } @@ -228,9 +228,9 @@ int mbedtls_chacha20_starts( mbedtls_chacha20_context* ctx, ctx->state[12] = counter; /* Nonce */ - ctx->state[13] = MBEDTLS_BYTES_TO_U32_LE( nonce, 0 ); - ctx->state[14] = MBEDTLS_BYTES_TO_U32_LE( nonce, 4 ); - ctx->state[15] = MBEDTLS_BYTES_TO_U32_LE( nonce, 8 ); + ctx->state[13] = MBEDTLS_GET_UINT32_LE( nonce, 0 ); + ctx->state[14] = MBEDTLS_GET_UINT32_LE( nonce, 4 ); + ctx->state[15] = MBEDTLS_GET_UINT32_LE( nonce, 8 ); mbedtls_platform_zeroize( ctx->keystream8, sizeof( ctx->keystream8 ) ); diff --git a/library/common.h b/library/common.h index 5115465e8..4ecc0162b 100644 --- a/library/common.h +++ b/library/common.h @@ -78,38 +78,45 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c #define MBEDTLS_BYTE_3( x ) ( (uint8_t) ( ( ( x ) >> 24 ) & 0xff ) ) /** - * 32-bit integer manipulation macros + * 32-bit integer manipulation GET macros (big endian) * - * \brief Using GET- - * From input data, take the most significant bytes - * and concatonate them as you shift along - * Using PUT- - * Read from a 32 bit integer and store each byte - * in memory, offset by a byte each, resulting in - * each byte being adjacent in memory. + * \brief Use this to assign an unsigned 32 bit integer + * by taking data stored adjacent in memory that + * can be accessed via on offset + * Big Endian is used when wanting to + * transmit the most signifcant bits first * - * \param n 32 bit integer where data is accessed via - * PUT or stored using GET + * \param data The data used to translate to a 32 bit + * integer + * \param offset the shift in bytes to access the next byte + * of data + */ +#ifndef MBEDTLS_GET_UINT32_BE +#define MBEDTLS_GET_UINT32_BE( data , offset ) \ + ( \ + ( (uint32_t) ( data )[( offset ) ] << 24 ) \ + | ( (uint32_t) ( data )[( offset ) + 1] << 16 ) \ + | ( (uint32_t) ( data )[( offset ) + 2] << 8 ) \ + | ( (uint32_t) ( data )[( offset ) + 3] ) \ + ) +#endif + +/** + * 32-bit integer manipulation PUT macros (big endian) + * + * \brief Read from a 32 bit integer and store each byte + * in memory, offset by a specified amount, resulting + * in each byte being adjacent in memory. + * Big Endian is used when wanting to + * transmit the most signifcant bits first + * + * \param n 32 bit integer where data is accessed * \param b const unsigned char array of data to be * manipulated * \param i offset in bytes, In the case of UINT32, i * would increment by 4 every use assuming * the data is being stored in the same location */ - -/** - * 32-bit integer manipulation macros (big endian) - */ -#ifndef MBEDTLS_GET_UINT32_BE -#define MBEDTLS_GET_UINT32_BE(n,b,i) \ - do { \ - (n) = ( (uint32_t) (b)[(i) ] << 24 ) \ - | ( (uint32_t) (b)[(i) + 1] << 16 ) \ - | ( (uint32_t) (b)[(i) + 2] << 8 ) \ - | ( (uint32_t) (b)[(i) + 3] ); \ - } while( 0 ) -#endif - #ifndef MBEDTLS_PUT_UINT32_BE #define MBEDTLS_PUT_UINT32_BE(n,b,i) \ do { \ @@ -121,18 +128,45 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c #endif /** - * 32-bit integer manipulation macros (little endian) + * 32-bit integer manipulation GET macros (little endian) + * + * \brief Use this to assign an unsigned 32 bit integer + * by taking data stored adjacent in memory that + * can be accessed via on offset + * Little Endian is used when wanting to + * transmit the least signifcant bits first + * + * \param data The data used to translate to a 32 bit + * integer + * \param offset the shift in bytes to access the next byte + * of data */ #ifndef MBEDTLS_GET_UINT32_LE -#define MBEDTLS_GET_UINT32_LE(n,b,i) \ - do { \ - (n) = ( (uint32_t) (b)[(i) ] ) \ - | ( (uint32_t) (b)[(i) + 1] << 8 ) \ - | ( (uint32_t) (b)[(i) + 2] << 16 ) \ - | ( (uint32_t) (b)[(i) + 3] << 24 ); \ - } while( 0 ) +#define MBEDTLS_GET_UINT32_LE( data, offset ) \ + ( \ + ( (uint32_t) ( data )[( offset ) ] ) \ + | ( (uint32_t) ( data )[( offset ) + 1] << 8 ) \ + | ( (uint32_t) ( data )[( offset ) + 2] << 16 ) \ + | ( (uint32_t) ( data )[( offset ) + 3] << 24 ) \ + ) #endif +/** + * 32-bit integer manipulation PUT macros (little endian) + * + * \brief Read from a 32 bit integer and store each byte + * in memory, offset by a specified amount, resulting + * in each byte being adjacent in memory. + * Little Endian is used when wanting to + * transmit the least signifcant bits first + * + * \param n 32 bit integer where data is accessed + * \param b const unsigned char array of data to be + * manipulated + * \param i offset in bytes, In the case of UINT32, i + * would increment by 4 every use assuming + * the data is being stored in the same location + */ #ifndef MBEDTLS_PUT_UINT32_LE #define MBEDTLS_PUT_UINT32_LE(n,b,i) \ do { \ @@ -144,46 +178,43 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c #endif /** - * 32-bit integer conversion from bytes (little endian) + * 16-bit integer manipulation GET macros (little endian) + * + * \brief Use this to assign an unsigned 16 bit integer + * by taking data stored adjacent in memory that + * can be accessed via on offset + * Little Endian is used when wanting to + * transmit the least signifcant bits first + * + * \param data The data used to translate to a 16 bit + * integer + * \param offset the shit in bytes to access the next byte + * of data */ -#define MBEDTLS_BYTES_TO_U32_LE( data, offset ) \ - ( (uint32_t) (data)[offset] \ - | (uint32_t) ( (uint32_t) (data)[( offset ) + 1] << 8 ) \ - | (uint32_t) ( (uint32_t) (data)[( offset ) + 2] << 16 ) \ - | (uint32_t) ( (uint32_t) (data)[( offset ) + 3] << 24 ) \ +#ifndef MBEDTLS_GET_UINT16_LE +#define MBEDTLS_GET_UINT16_LE( data, offset ) \ + ( \ + ( (uint16_t) ( data )[( offset ) ] ) \ + | ( (uint16_t) ( data )[( offset ) + 1] << 8 ) \ ) +#endif /** - * 16-bit integer manipulation macros + * 16-bit integer manipulation PUT macros (little endian) * - * \brief Using GET- - * From input data, take the most significant bytes - * and concatonate them as you shift along - * Using PUT- - * Read from a 16 bit integer and store each byte - * in memory, offset by a byte each, resulting in - * each byte being adjacent in memory. + * \brief Read from a 16 bit integer and store each byte + * in memory, offset by a specified amount, resulting + * in each byte being adjacent in memory. + * Little Endian is used when wanting to + * transmit the least signifcant bits first * - * \param n 16 bit integer where data is accessed via - * PUT or stored using GET + * \param n 16 bit integer where data is accessed * \param b const unsigned char array of data to be * manipulated * \param i offset in bytes, In the case of UINT16, i * would increment by 2 every use assuming * the data is being stored in the same location */ - -/** - * 16-bit integer manipulation macros (little endian) - */ -#ifndef MBEDTLS_GET_UINT16_LE -#define MBEDTLS_GET_UINT16_LE( n, b, i ) \ -{ \ - (n) = ( (uint16_t) (b)[(i) ] ) \ - | ( (uint16_t) (b)[(i) + 1] << 8 ); \ -} -#endif - #ifndef MBEDTLS_PUT_UINT16_LE #define MBEDTLS_PUT_UINT16_LE( n, b, i ) \ { \ diff --git a/library/des.c b/library/des.c index 9281747de..7f90faa04 100644 --- a/library/des.c +++ b/library/des.c @@ -400,8 +400,8 @@ void mbedtls_des_setkey( uint32_t SK[32], const unsigned char key[MBEDTLS_DES_KE int i; uint32_t X, Y, T; - MBEDTLS_GET_UINT32_BE( X, key, 0 ); - MBEDTLS_GET_UINT32_BE( Y, key, 4 ); + X = MBEDTLS_GET_UINT32_BE( key, 0 ); + Y = MBEDTLS_GET_UINT32_BE( key, 4 ); /* * Permuted Choice 1 @@ -610,8 +610,8 @@ int mbedtls_des_crypt_ecb( mbedtls_des_context *ctx, SK = ctx->sk; - MBEDTLS_GET_UINT32_BE( X, input, 0 ); - MBEDTLS_GET_UINT32_BE( Y, input, 4 ); + X = MBEDTLS_GET_UINT32_BE( input, 0 ); + Y = MBEDTLS_GET_UINT32_BE( input, 4 ); DES_IP( X, Y ); @@ -697,8 +697,8 @@ int mbedtls_des3_crypt_ecb( mbedtls_des3_context *ctx, SK = ctx->sk; - MBEDTLS_GET_UINT32_BE( X, input, 0 ); - MBEDTLS_GET_UINT32_BE( Y, input, 4 ); + X = MBEDTLS_GET_UINT32_BE( input, 0 ); + Y = MBEDTLS_GET_UINT32_BE( input, 4 ); DES_IP( X, Y ); diff --git a/library/gcm.c b/library/gcm.c index 3caeed26d..910646b28 100644 --- a/library/gcm.c +++ b/library/gcm.c @@ -88,12 +88,12 @@ static int gcm_gen_table( mbedtls_gcm_context *ctx ) return( ret ); /* pack h as two 64-bits ints, big-endian */ - MBEDTLS_GET_UINT32_BE( hi, h, 0 ); - MBEDTLS_GET_UINT32_BE( lo, h, 4 ); + hi = MBEDTLS_GET_UINT32_BE( h, 0 ); + lo = MBEDTLS_GET_UINT32_BE( h, 4 ); vh = (uint64_t) hi << 32 | lo; - MBEDTLS_GET_UINT32_BE( hi, h, 8 ); - MBEDTLS_GET_UINT32_BE( lo, h, 12 ); + hi = MBEDTLS_GET_UINT32_BE( h, 8 ); + lo = MBEDTLS_GET_UINT32_BE( h, 12 ); vl = (uint64_t) hi << 32 | lo; /* 8 = 1000 corresponds to 1 in GF(2^128) */ diff --git a/library/md5.c b/library/md5.c index e8d00216f..a9bbcb488 100644 --- a/library/md5.c +++ b/library/md5.c @@ -87,22 +87,22 @@ int mbedtls_internal_md5_process( mbedtls_md5_context *ctx, uint32_t X[16], A, B, C, D; } local; - MBEDTLS_GET_UINT32_LE( local.X[ 0], data, 0 ); - MBEDTLS_GET_UINT32_LE( local.X[ 1], data, 4 ); - MBEDTLS_GET_UINT32_LE( local.X[ 2], data, 8 ); - MBEDTLS_GET_UINT32_LE( local.X[ 3], data, 12 ); - MBEDTLS_GET_UINT32_LE( local.X[ 4], data, 16 ); - MBEDTLS_GET_UINT32_LE( local.X[ 5], data, 20 ); - MBEDTLS_GET_UINT32_LE( local.X[ 6], data, 24 ); - MBEDTLS_GET_UINT32_LE( local.X[ 7], data, 28 ); - MBEDTLS_GET_UINT32_LE( local.X[ 8], data, 32 ); - MBEDTLS_GET_UINT32_LE( local.X[ 9], data, 36 ); - MBEDTLS_GET_UINT32_LE( local.X[10], data, 40 ); - MBEDTLS_GET_UINT32_LE( local.X[11], data, 44 ); - MBEDTLS_GET_UINT32_LE( local.X[12], data, 48 ); - MBEDTLS_GET_UINT32_LE( local.X[13], data, 52 ); - MBEDTLS_GET_UINT32_LE( local.X[14], data, 56 ); - MBEDTLS_GET_UINT32_LE( local.X[15], data, 60 ); + local.X[ 0] = MBEDTLS_GET_UINT32_LE( data, 0 ); + local.X[ 1] = MBEDTLS_GET_UINT32_LE( data, 4 ); + local.X[ 2] = MBEDTLS_GET_UINT32_LE( data, 8 ); + local.X[ 3] = MBEDTLS_GET_UINT32_LE( data, 12 ); + local.X[ 4] = MBEDTLS_GET_UINT32_LE( data, 16 ); + local.X[ 5] = MBEDTLS_GET_UINT32_LE( data, 20 ); + local.X[ 6] = MBEDTLS_GET_UINT32_LE( data, 24 ); + local.X[ 7] = MBEDTLS_GET_UINT32_LE( data, 28 ); + local.X[ 8] = MBEDTLS_GET_UINT32_LE( data, 32 ); + local.X[ 9] = MBEDTLS_GET_UINT32_LE( data, 36 ); + local.X[10] = MBEDTLS_GET_UINT32_LE( data, 40 ); + local.X[11] = MBEDTLS_GET_UINT32_LE( data, 44 ); + local.X[12] = MBEDTLS_GET_UINT32_LE( data, 48 ); + local.X[13] = MBEDTLS_GET_UINT32_LE( data, 52 ); + local.X[14] = MBEDTLS_GET_UINT32_LE( data, 56 ); + local.X[15] = MBEDTLS_GET_UINT32_LE( data, 60 ); #define S(x,n) \ ( ( (x) << (n) ) | ( ( (x) & 0xFFFFFFFF) >> ( 32 - (n) ) ) ) diff --git a/library/nist_kw.c b/library/nist_kw.c index b8f923999..e2ab2566f 100644 --- a/library/nist_kw.c +++ b/library/nist_kw.c @@ -454,7 +454,7 @@ int mbedtls_nist_kw_unwrap( mbedtls_nist_kw_context *ctx, ret = MBEDTLS_ERR_CIPHER_AUTH_FAILED; } - MBEDTLS_GET_UINT32_BE( Plen, A, KW_SEMIBLOCK_LENGTH / 2 ); + Plen = MBEDTLS_GET_UINT32_BE( A, KW_SEMIBLOCK_LENGTH / 2 ); /* * Plen is the length of the plaintext, when the input is valid. diff --git a/library/poly1305.c b/library/poly1305.c index 3c0b7c6aa..f19574253 100644 --- a/library/poly1305.c +++ b/library/poly1305.c @@ -122,10 +122,10 @@ static void poly1305_process( mbedtls_poly1305_context *ctx, for( i = 0U; i < nblocks; i++ ) { /* The input block is treated as a 128-bit little-endian integer */ - d0 = MBEDTLS_BYTES_TO_U32_LE( input, offset + 0 ); - d1 = MBEDTLS_BYTES_TO_U32_LE( input, offset + 4 ); - d2 = MBEDTLS_BYTES_TO_U32_LE( input, offset + 8 ); - d3 = MBEDTLS_BYTES_TO_U32_LE( input, offset + 12 ); + d0 = MBEDTLS_GET_UINT32_LE( input, offset + 0 ); + d1 = MBEDTLS_GET_UINT32_LE( input, offset + 4 ); + d2 = MBEDTLS_GET_UINT32_LE( input, offset + 8 ); + d3 = MBEDTLS_GET_UINT32_LE( input, offset + 12 ); /* Compute: acc += (padded) block as a 130-bit integer */ d0 += (uint64_t) acc0; @@ -290,15 +290,15 @@ int mbedtls_poly1305_starts( mbedtls_poly1305_context *ctx, POLY1305_VALIDATE_RET( key != NULL ); /* r &= 0x0ffffffc0ffffffc0ffffffc0fffffff */ - ctx->r[0] = MBEDTLS_BYTES_TO_U32_LE( key, 0 ) & 0x0FFFFFFFU; - ctx->r[1] = MBEDTLS_BYTES_TO_U32_LE( key, 4 ) & 0x0FFFFFFCU; - ctx->r[2] = MBEDTLS_BYTES_TO_U32_LE( key, 8 ) & 0x0FFFFFFCU; - ctx->r[3] = MBEDTLS_BYTES_TO_U32_LE( key, 12 ) & 0x0FFFFFFCU; + ctx->r[0] = MBEDTLS_GET_UINT32_LE( key, 0 ) & 0x0FFFFFFFU; + ctx->r[1] = MBEDTLS_GET_UINT32_LE( key, 4 ) & 0x0FFFFFFCU; + ctx->r[2] = MBEDTLS_GET_UINT32_LE( key, 8 ) & 0x0FFFFFFCU; + ctx->r[3] = MBEDTLS_GET_UINT32_LE( key, 12 ) & 0x0FFFFFFCU; - ctx->s[0] = MBEDTLS_BYTES_TO_U32_LE( key, 16 ); - ctx->s[1] = MBEDTLS_BYTES_TO_U32_LE( key, 20 ); - ctx->s[2] = MBEDTLS_BYTES_TO_U32_LE( key, 24 ); - ctx->s[3] = MBEDTLS_BYTES_TO_U32_LE( key, 28 ); + ctx->s[0] = MBEDTLS_GET_UINT32_LE( key, 16 ); + ctx->s[1] = MBEDTLS_GET_UINT32_LE( key, 20 ); + ctx->s[2] = MBEDTLS_GET_UINT32_LE( key, 24 ); + ctx->s[3] = MBEDTLS_GET_UINT32_LE( key, 28 ); /* Initial accumulator state */ ctx->acc[0] = 0U; diff --git a/library/psa_crypto_storage.c b/library/psa_crypto_storage.c index 07c2cdf60..c6660b955 100644 --- a/library/psa_crypto_storage.c +++ b/library/psa_crypto_storage.c @@ -293,11 +293,11 @@ psa_status_t psa_parse_key_data_from_storage( const uint8_t *storage_data, if( status != PSA_SUCCESS ) return( status ); - MBEDTLS_GET_UINT32_LE( version, storage_format->version, 0 ); + version = MBEDTLS_GET_UINT32_LE( storage_format->version, 0 ); if( version != 0 ) return( PSA_ERROR_DATA_INVALID ); - MBEDTLS_GET_UINT32_LE( *key_data_length, storage_format->data_len, 0 ); + *key_data_length = MBEDTLS_GET_UINT32_LE( storage_format->data_len, 0 ); if( *key_data_length > ( storage_data_length - sizeof(*storage_format) ) || *key_data_length > PSA_CRYPTO_MAX_STORAGE_SIZE ) return( PSA_ERROR_DATA_INVALID ); @@ -314,12 +314,12 @@ psa_status_t psa_parse_key_data_from_storage( const uint8_t *storage_data, memcpy( *key_data, storage_format->key_data, *key_data_length ); } - MBEDTLS_GET_UINT32_LE( attr->lifetime, storage_format->lifetime, 0 ); - MBEDTLS_GET_UINT16_LE( attr->type, storage_format->type, 0 ); - MBEDTLS_GET_UINT16_LE( attr->bits, storage_format->bits, 0 ); - MBEDTLS_GET_UINT32_LE( attr->policy.usage, storage_format->policy, 0 ); - MBEDTLS_GET_UINT32_LE( attr->policy.alg, storage_format->policy, sizeof( uint32_t ) ); - MBEDTLS_GET_UINT32_LE( attr->policy.alg2, storage_format->policy, 2 * sizeof( uint32_t ) ); + attr->lifetime = MBEDTLS_GET_UINT32_LE( storage_format->lifetime, 0 ); + attr->type = MBEDTLS_GET_UINT16_LE( storage_format->type, 0 ); + attr->bits = MBEDTLS_GET_UINT16_LE( storage_format->bits, 0 ); + attr->policy.usage = MBEDTLS_GET_UINT32_LE( storage_format->policy, 0 ); + attr->policy.alg = MBEDTLS_GET_UINT32_LE( storage_format->policy, sizeof( uint32_t ) ); + attr->policy.alg2 = MBEDTLS_GET_UINT32_LE( storage_format->policy, 2 * sizeof( uint32_t ) ); return( PSA_SUCCESS ); } diff --git a/library/ripemd160.c b/library/ripemd160.c index 2bed10723..41d838722 100644 --- a/library/ripemd160.c +++ b/library/ripemd160.c @@ -92,22 +92,22 @@ int mbedtls_internal_ripemd160_process( mbedtls_ripemd160_context *ctx, uint32_t A, B, C, D, E, Ap, Bp, Cp, Dp, Ep, X[16]; } local; - MBEDTLS_GET_UINT32_LE( local.X[ 0], data, 0 ); - MBEDTLS_GET_UINT32_LE( local.X[ 1], data, 4 ); - MBEDTLS_GET_UINT32_LE( local.X[ 2], data, 8 ); - MBEDTLS_GET_UINT32_LE( local.X[ 3], data, 12 ); - MBEDTLS_GET_UINT32_LE( local.X[ 4], data, 16 ); - MBEDTLS_GET_UINT32_LE( local.X[ 5], data, 20 ); - MBEDTLS_GET_UINT32_LE( local.X[ 6], data, 24 ); - MBEDTLS_GET_UINT32_LE( local.X[ 7], data, 28 ); - MBEDTLS_GET_UINT32_LE( local.X[ 8], data, 32 ); - MBEDTLS_GET_UINT32_LE( local.X[ 9], data, 36 ); - MBEDTLS_GET_UINT32_LE( local.X[10], data, 40 ); - MBEDTLS_GET_UINT32_LE( local.X[11], data, 44 ); - MBEDTLS_GET_UINT32_LE( local.X[12], data, 48 ); - MBEDTLS_GET_UINT32_LE( local.X[13], data, 52 ); - MBEDTLS_GET_UINT32_LE( local.X[14], data, 56 ); - MBEDTLS_GET_UINT32_LE( local.X[15], data, 60 ); + local.X[ 0] = MBEDTLS_GET_UINT32_LE( data, 0 ); + local.X[ 1] = MBEDTLS_GET_UINT32_LE( data, 4 ); + local.X[ 2] = MBEDTLS_GET_UINT32_LE( data, 8 ); + local.X[ 3] = MBEDTLS_GET_UINT32_LE( data, 12 ); + local.X[ 4] = MBEDTLS_GET_UINT32_LE( data, 16 ); + local.X[ 5] = MBEDTLS_GET_UINT32_LE( data, 20 ); + local.X[ 6] = MBEDTLS_GET_UINT32_LE( data, 24 ); + local.X[ 7] = MBEDTLS_GET_UINT32_LE( data, 28 ); + local.X[ 8] = MBEDTLS_GET_UINT32_LE( data, 32 ); + local.X[ 9] = MBEDTLS_GET_UINT32_LE( data, 36 ); + local.X[10] = MBEDTLS_GET_UINT32_LE( data, 40 ); + local.X[11] = MBEDTLS_GET_UINT32_LE( data, 44 ); + local.X[12] = MBEDTLS_GET_UINT32_LE( data, 48 ); + local.X[13] = MBEDTLS_GET_UINT32_LE( data, 52 ); + local.X[14] = MBEDTLS_GET_UINT32_LE( data, 56 ); + local.X[15] = MBEDTLS_GET_UINT32_LE( data, 60 ); local.A = local.Ap = ctx->state[0]; local.B = local.Bp = ctx->state[1]; diff --git a/library/sha1.c b/library/sha1.c index da61f65fc..6fc937123 100644 --- a/library/sha1.c +++ b/library/sha1.c @@ -103,22 +103,22 @@ int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx, SHA1_VALIDATE_RET( ctx != NULL ); SHA1_VALIDATE_RET( (const unsigned char *)data != NULL ); - MBEDTLS_GET_UINT32_BE( local.W[ 0], data, 0 ); - MBEDTLS_GET_UINT32_BE( local.W[ 1], data, 4 ); - MBEDTLS_GET_UINT32_BE( local.W[ 2], data, 8 ); - MBEDTLS_GET_UINT32_BE( local.W[ 3], data, 12 ); - MBEDTLS_GET_UINT32_BE( local.W[ 4], data, 16 ); - MBEDTLS_GET_UINT32_BE( local.W[ 5], data, 20 ); - MBEDTLS_GET_UINT32_BE( local.W[ 6], data, 24 ); - MBEDTLS_GET_UINT32_BE( local.W[ 7], data, 28 ); - MBEDTLS_GET_UINT32_BE( local.W[ 8], data, 32 ); - MBEDTLS_GET_UINT32_BE( local.W[ 9], data, 36 ); - MBEDTLS_GET_UINT32_BE( local.W[10], data, 40 ); - MBEDTLS_GET_UINT32_BE( local.W[11], data, 44 ); - MBEDTLS_GET_UINT32_BE( local.W[12], data, 48 ); - MBEDTLS_GET_UINT32_BE( local.W[13], data, 52 ); - MBEDTLS_GET_UINT32_BE( local.W[14], data, 56 ); - MBEDTLS_GET_UINT32_BE( local.W[15], data, 60 ); + local.W[ 0] = MBEDTLS_GET_UINT32_BE( data, 0 ); + local.W[ 1] = MBEDTLS_GET_UINT32_BE( data, 4 ); + local.W[ 2] = MBEDTLS_GET_UINT32_BE( data, 8 ); + local.W[ 3] = MBEDTLS_GET_UINT32_BE( data, 12 ); + local.W[ 4] = MBEDTLS_GET_UINT32_BE( data, 16 ); + local.W[ 5] = MBEDTLS_GET_UINT32_BE( data, 20 ); + local.W[ 6] = MBEDTLS_GET_UINT32_BE( data, 24 ); + local.W[ 7] = MBEDTLS_GET_UINT32_BE( data, 28 ); + local.W[ 8] = MBEDTLS_GET_UINT32_BE( data, 32 ); + local.W[ 9] = MBEDTLS_GET_UINT32_BE( data, 36 ); + local.W[10] = MBEDTLS_GET_UINT32_BE( data, 40 ); + local.W[11] = MBEDTLS_GET_UINT32_BE( data, 44 ); + local.W[12] = MBEDTLS_GET_UINT32_BE( data, 48 ); + local.W[13] = MBEDTLS_GET_UINT32_BE( data, 52 ); + local.W[14] = MBEDTLS_GET_UINT32_BE( data, 56 ); + local.W[15] = MBEDTLS_GET_UINT32_BE( data, 60 ); #define S(x,n) (((x) << (n)) | (((x) & 0xFFFFFFFF) >> (32 - (n)))) diff --git a/library/sha256.c b/library/sha256.c index fb66340b2..c3573f85f 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -190,7 +190,7 @@ int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx, for( i = 0; i < 64; i++ ) { if( i < 16 ) - MBEDTLS_GET_UINT32_BE( local.W[i], data, 4 * i ); + local.W[i] = MBEDTLS_GET_UINT32_BE( data, 4 * i ); else R( i ); @@ -205,7 +205,7 @@ int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx, } #else /* MBEDTLS_SHA256_SMALLER */ for( i = 0; i < 16; i++ ) - MBEDTLS_GET_UINT32_BE( local.W[i], data, 4 * i ); + local.W[i] = MBEDTLS_GET_UINT32_BE( data, 4 * i ); for( i = 0; i < 16; i += 8 ) { From cd84d76e9b1a3b2c82d5975561aea493777abd51 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Thu, 8 Jul 2021 14:59:52 +0100 Subject: [PATCH 62/81] Add Character byte reading macros These cast to an unsigned char rather than a uint8_t like with MBEDTLS_BYTE_x These save alot of space and will improve maintence by replacing the appropriate code with MBEDTLS_CHAR_x Signed-off-by: Joe Subbiani --- library/aes.c | 196 +++++++++++++++++++-------------------- library/aria.c | 32 +++---- library/asn1write.c | 18 ++-- library/camellia.c | 16 ++-- library/ccm.c | 6 +- library/common.h | 9 ++ library/ecjpake.c | 18 ++-- library/ssl_cli.c | 131 ++++++++++++-------------- library/ssl_msg.c | 12 +-- library/ssl_srv.c | 94 +++++++++---------- library/ssl_tls.c | 120 ++++++++++++------------ library/ssl_tls13_keys.c | 6 +- 12 files changed, 328 insertions(+), 330 deletions(-) diff --git a/library/aes.c b/library/aes.c index 7a44a7840..1eb3e204d 100644 --- a/library/aes.c +++ b/library/aes.c @@ -386,7 +386,7 @@ static void aes_gen_tables( void ) { pow[i] = x; log[x] = i; - x = ( x ^ XTIME( x ) ) & 0xFF; + x = MBEDTLS_BYTE_0( x ^ XTIME( x ) ); } /* @@ -395,7 +395,7 @@ static void aes_gen_tables( void ) for( i = 0, x = 1; i < 10; i++ ) { RCON[i] = (uint32_t) x; - x = XTIME( x ) & 0xFF; + x = MBEDTLS_BYTE_0( XTIME( x ) ); } /* @@ -408,10 +408,10 @@ static void aes_gen_tables( void ) { x = pow[255 - log[i]]; - y = x; y = ( ( y << 1 ) | ( y >> 7 ) ) & 0xFF; - x ^= y; y = ( ( y << 1 ) | ( y >> 7 ) ) & 0xFF; - x ^= y; y = ( ( y << 1 ) | ( y >> 7 ) ) & 0xFF; - x ^= y; y = ( ( y << 1 ) | ( y >> 7 ) ) & 0xFF; + y = x; y = MBEDTLS_BYTE_0( ( y << 1 ) | ( y >> 7 ) ); + x ^= y; y = MBEDTLS_BYTE_0( ( y << 1 ) | ( y >> 7 ) ); + x ^= y; y = MBEDTLS_BYTE_0( ( y << 1 ) | ( y >> 7 ) ); + x ^= y; y = MBEDTLS_BYTE_0( ( y << 1 ) | ( y >> 7 ) ); x ^= y ^ 0x63; FSb[i] = (unsigned char) x; @@ -424,8 +424,8 @@ static void aes_gen_tables( void ) for( i = 0; i < 256; i++ ) { x = FSb[i]; - y = XTIME( x ) & 0xFF; - z = ( y ^ x ) & 0xFF; + y = MBEDTLS_BYTE_0( XTIME( x ) ); + z = MBEDTLS_BYTE_0( y ^ x ); FT0[i] = ( (uint32_t) y ) ^ ( (uint32_t) x << 8 ) ^ @@ -577,10 +577,10 @@ int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key, for( i = 0; i < 10; i++, RK += 4 ) { RK[4] = RK[0] ^ RCON[i] ^ - ( (uint32_t) FSb[ ( RK[3] >> 8 ) & 0xFF ] ) ^ - ( (uint32_t) FSb[ ( RK[3] >> 16 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) FSb[ ( RK[3] >> 24 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) FSb[ ( RK[3] ) & 0xFF ] << 24 ); + ( (uint32_t) FSb[ MBEDTLS_BYTE_1( RK[3] ) ] ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_2( RK[3] ) ] << 8 ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_3( RK[3] ) ] << 16 ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_0( RK[3] ) ] << 24 ); RK[5] = RK[1] ^ RK[4]; RK[6] = RK[2] ^ RK[5]; @@ -593,10 +593,10 @@ int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key, for( i = 0; i < 8; i++, RK += 6 ) { RK[6] = RK[0] ^ RCON[i] ^ - ( (uint32_t) FSb[ ( RK[5] >> 8 ) & 0xFF ] ) ^ - ( (uint32_t) FSb[ ( RK[5] >> 16 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) FSb[ ( RK[5] >> 24 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) FSb[ ( RK[5] ) & 0xFF ] << 24 ); + ( (uint32_t) FSb[ MBEDTLS_BYTE_1( RK[5] ) ] ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_2( RK[5] ) ] << 8 ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_3( RK[5] ) ] << 16 ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_0( RK[5] ) ] << 24 ); RK[7] = RK[1] ^ RK[6]; RK[8] = RK[2] ^ RK[7]; @@ -611,20 +611,20 @@ int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key, for( i = 0; i < 7; i++, RK += 8 ) { RK[8] = RK[0] ^ RCON[i] ^ - ( (uint32_t) FSb[ ( RK[7] >> 8 ) & 0xFF ] ) ^ - ( (uint32_t) FSb[ ( RK[7] >> 16 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) FSb[ ( RK[7] >> 24 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) FSb[ ( RK[7] ) & 0xFF ] << 24 ); + ( (uint32_t) FSb[ MBEDTLS_BYTE_1( RK[7] ) ] ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_2( RK[7] ) ] << 8 ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_3( RK[7] ) ] << 16 ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_0( RK[7] ) ] << 24 ); RK[9] = RK[1] ^ RK[8]; RK[10] = RK[2] ^ RK[9]; RK[11] = RK[3] ^ RK[10]; RK[12] = RK[4] ^ - ( (uint32_t) FSb[ ( RK[11] ) & 0xFF ] ) ^ - ( (uint32_t) FSb[ ( RK[11] >> 8 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) FSb[ ( RK[11] >> 16 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) FSb[ ( RK[11] >> 24 ) & 0xFF ] << 24 ); + ( (uint32_t) FSb[ MBEDTLS_BYTE_0( RK[11] ) ] ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_1( RK[11] ) ] << 8 ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_2( RK[11] ) ] << 16 ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_3( RK[11] ) ] << 24 ); RK[13] = RK[5] ^ RK[12]; RK[14] = RK[6] ^ RK[13]; @@ -690,10 +690,10 @@ int mbedtls_aes_setkey_dec( mbedtls_aes_context *ctx, const unsigned char *key, { for( j = 0; j < 4; j++, SK++ ) { - *RK++ = AES_RT0( FSb[ ( *SK ) & 0xFF ] ) ^ - AES_RT1( FSb[ ( *SK >> 8 ) & 0xFF ] ) ^ - AES_RT2( FSb[ ( *SK >> 16 ) & 0xFF ] ) ^ - AES_RT3( FSb[ ( *SK >> 24 ) & 0xFF ] ); + *RK++ = AES_RT0( FSb[ MBEDTLS_BYTE_0( *SK ) ] ) ^ + AES_RT1( FSb[ MBEDTLS_BYTE_1( *SK ) ] ) ^ + AES_RT2( FSb[ MBEDTLS_BYTE_2( *SK ) ] ) ^ + AES_RT3( FSb[ MBEDTLS_BYTE_3( *SK ) ] ); } } @@ -786,52 +786,52 @@ int mbedtls_aes_xts_setkey_dec( mbedtls_aes_xts_context *ctx, } #endif /* MBEDTLS_CIPHER_MODE_XTS */ -#define AES_FROUND(X0,X1,X2,X3,Y0,Y1,Y2,Y3) \ - do \ - { \ - (X0) = *RK++ ^ AES_FT0( ( (Y0) ) & 0xFF ) ^ \ - AES_FT1( ( (Y1) >> 8 ) & 0xFF ) ^ \ - AES_FT2( ( (Y2) >> 16 ) & 0xFF ) ^ \ - AES_FT3( ( (Y3) >> 24 ) & 0xFF ); \ - \ - (X1) = *RK++ ^ AES_FT0( ( (Y1) ) & 0xFF ) ^ \ - AES_FT1( ( (Y2) >> 8 ) & 0xFF ) ^ \ - AES_FT2( ( (Y3) >> 16 ) & 0xFF ) ^ \ - AES_FT3( ( (Y0) >> 24 ) & 0xFF ); \ - \ - (X2) = *RK++ ^ AES_FT0( ( (Y2) ) & 0xFF ) ^ \ - AES_FT1( ( (Y3) >> 8 ) & 0xFF ) ^ \ - AES_FT2( ( (Y0) >> 16 ) & 0xFF ) ^ \ - AES_FT3( ( (Y1) >> 24 ) & 0xFF ); \ - \ - (X3) = *RK++ ^ AES_FT0( ( (Y3) ) & 0xFF ) ^ \ - AES_FT1( ( (Y0) >> 8 ) & 0xFF ) ^ \ - AES_FT2( ( (Y1) >> 16 ) & 0xFF ) ^ \ - AES_FT3( ( (Y2) >> 24 ) & 0xFF ); \ +#define AES_FROUND(X0,X1,X2,X3,Y0,Y1,Y2,Y3) \ + do \ + { \ + (X0) = *RK++ ^ AES_FT0( MBEDTLS_BYTE_0( Y0 ) ) ^ \ + AES_FT1( MBEDTLS_BYTE_1( Y1 ) ) ^ \ + AES_FT2( MBEDTLS_BYTE_2( Y2 ) ) ^ \ + AES_FT3( MBEDTLS_BYTE_3( Y3 ) ); \ + \ + (X1) = *RK++ ^ AES_FT0( MBEDTLS_BYTE_0( Y1 ) ) ^ \ + AES_FT1( MBEDTLS_BYTE_1( Y2 ) ) ^ \ + AES_FT2( MBEDTLS_BYTE_2( Y3 ) ) ^ \ + AES_FT3( MBEDTLS_BYTE_3( Y0 ) ); \ + \ + (X2) = *RK++ ^ AES_FT0( MBEDTLS_BYTE_0( Y2 ) ) ^ \ + AES_FT1( MBEDTLS_BYTE_1( Y3 ) ) ^ \ + AES_FT2( MBEDTLS_BYTE_2( Y0 ) ) ^ \ + AES_FT3( MBEDTLS_BYTE_3( Y1 ) ); \ + \ + (X3) = *RK++ ^ AES_FT0( MBEDTLS_BYTE_0( Y3 ) ) ^ \ + AES_FT1( MBEDTLS_BYTE_1( Y0 ) ) ^ \ + AES_FT2( MBEDTLS_BYTE_2( Y1 ) ) ^ \ + AES_FT3( MBEDTLS_BYTE_3( Y2 ) ); \ } while( 0 ) #define AES_RROUND(X0,X1,X2,X3,Y0,Y1,Y2,Y3) \ do \ { \ - (X0) = *RK++ ^ AES_RT0( ( (Y0) ) & 0xFF ) ^ \ - AES_RT1( ( (Y3) >> 8 ) & 0xFF ) ^ \ - AES_RT2( ( (Y2) >> 16 ) & 0xFF ) ^ \ - AES_RT3( ( (Y1) >> 24 ) & 0xFF ); \ + (X0) = *RK++ ^ AES_RT0( MBEDTLS_BYTE_0( Y0 ) ) ^ \ + AES_RT1( MBEDTLS_BYTE_1( Y3 ) ) ^ \ + AES_RT2( MBEDTLS_BYTE_2( Y2 ) ) ^ \ + AES_RT3( MBEDTLS_BYTE_3( Y1 ) ); \ \ - (X1) = *RK++ ^ AES_RT0( ( (Y1) ) & 0xFF ) ^ \ - AES_RT1( ( (Y0) >> 8 ) & 0xFF ) ^ \ - AES_RT2( ( (Y3) >> 16 ) & 0xFF ) ^ \ - AES_RT3( ( (Y2) >> 24 ) & 0xFF ); \ + (X1) = *RK++ ^ AES_RT0( MBEDTLS_BYTE_0( Y1 ) ) ^ \ + AES_RT1( MBEDTLS_BYTE_1( Y0 ) ) ^ \ + AES_RT2( MBEDTLS_BYTE_2( Y3 ) ) ^ \ + AES_RT3( MBEDTLS_BYTE_3( Y2 ) ); \ \ - (X2) = *RK++ ^ AES_RT0( ( (Y2) ) & 0xFF ) ^ \ - AES_RT1( ( (Y1) >> 8 ) & 0xFF ) ^ \ - AES_RT2( ( (Y0) >> 16 ) & 0xFF ) ^ \ - AES_RT3( ( (Y3) >> 24 ) & 0xFF ); \ + (X2) = *RK++ ^ AES_RT0( MBEDTLS_BYTE_0( Y2 ) ) ^ \ + AES_RT1( MBEDTLS_BYTE_1( Y1 ) ) ^ \ + AES_RT2( MBEDTLS_BYTE_2( Y0 ) ) ^ \ + AES_RT3( MBEDTLS_BYTE_3( Y3 ) ); \ \ - (X3) = *RK++ ^ AES_RT0( ( (Y3) ) & 0xFF ) ^ \ - AES_RT1( ( (Y2) >> 8 ) & 0xFF ) ^ \ - AES_RT2( ( (Y1) >> 16 ) & 0xFF ) ^ \ - AES_RT3( ( (Y0) >> 24 ) & 0xFF ); \ + (X3) = *RK++ ^ AES_RT0( MBEDTLS_BYTE_0( Y3 ) ) ^ \ + AES_RT1( MBEDTLS_BYTE_1( Y2 ) ) ^ \ + AES_RT2( MBEDTLS_BYTE_2( Y1 ) ) ^ \ + AES_RT3( MBEDTLS_BYTE_3( Y0 ) ); \ } while( 0 ) /* @@ -864,28 +864,28 @@ int mbedtls_internal_aes_encrypt( mbedtls_aes_context *ctx, AES_FROUND( t.Y[0], t.Y[1], t.Y[2], t.Y[3], t.X[0], t.X[1], t.X[2], t.X[3] ); t.X[0] = *RK++ ^ \ - ( (uint32_t) FSb[ ( t.Y[0] ) & 0xFF ] ) ^ - ( (uint32_t) FSb[ ( t.Y[1] >> 8 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) FSb[ ( t.Y[2] >> 16 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) FSb[ ( t.Y[3] >> 24 ) & 0xFF ] << 24 ); + ( (uint32_t) FSb[ MBEDTLS_BYTE_0( t.Y[0] ) ] ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_1( t.Y[1] ) ] << 8 ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_2( t.Y[2] ) ] << 16 ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_3( t.Y[3] ) ] << 24 ); t.X[1] = *RK++ ^ \ - ( (uint32_t) FSb[ ( t.Y[1] ) & 0xFF ] ) ^ - ( (uint32_t) FSb[ ( t.Y[2] >> 8 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) FSb[ ( t.Y[3] >> 16 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) FSb[ ( t.Y[0] >> 24 ) & 0xFF ] << 24 ); + ( (uint32_t) FSb[ MBEDTLS_BYTE_0( t.Y[1] ) ] ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_1( t.Y[2] ) ] << 8 ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_2( t.Y[3] ) ] << 16 ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_3( t.Y[0] ) ] << 24 ); t.X[2] = *RK++ ^ \ - ( (uint32_t) FSb[ ( t.Y[2] ) & 0xFF ] ) ^ - ( (uint32_t) FSb[ ( t.Y[3] >> 8 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) FSb[ ( t.Y[0] >> 16 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) FSb[ ( t.Y[1] >> 24 ) & 0xFF ] << 24 ); + ( (uint32_t) FSb[ MBEDTLS_BYTE_0( t.Y[2] ) ] ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_1( t.Y[3] ) ] << 8 ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_2( t.Y[0] ) ] << 16 ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_3( t.Y[1] ) ] << 24 ); t.X[3] = *RK++ ^ \ - ( (uint32_t) FSb[ ( t.Y[3] ) & 0xFF ] ) ^ - ( (uint32_t) FSb[ ( t.Y[0] >> 8 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) FSb[ ( t.Y[1] >> 16 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) FSb[ ( t.Y[2] >> 24 ) & 0xFF ] << 24 ); + ( (uint32_t) FSb[ MBEDTLS_BYTE_0( t.Y[3] ) ] ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_1( t.Y[0] ) ] << 8 ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_2( t.Y[1] ) ] << 16 ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_3( t.Y[2] ) ] << 24 ); MBEDTLS_PUT_UINT32_LE( t.X[0], output, 0 ); MBEDTLS_PUT_UINT32_LE( t.X[1], output, 4 ); @@ -928,28 +928,28 @@ int mbedtls_internal_aes_decrypt( mbedtls_aes_context *ctx, AES_RROUND( t.Y[0], t.Y[1], t.Y[2], t.Y[3], t.X[0], t.X[1], t.X[2], t.X[3] ); t.X[0] = *RK++ ^ \ - ( (uint32_t) RSb[ ( t.Y[0] ) & 0xFF ] ) ^ - ( (uint32_t) RSb[ ( t.Y[3] >> 8 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) RSb[ ( t.Y[2] >> 16 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) RSb[ ( t.Y[1] >> 24 ) & 0xFF ] << 24 ); + ( (uint32_t) RSb[ MBEDTLS_BYTE_0( t.Y[0] ) ] ) ^ + ( (uint32_t) RSb[ MBEDTLS_BYTE_1( t.Y[3] ) ] << 8 ) ^ + ( (uint32_t) RSb[ MBEDTLS_BYTE_2( t.Y[2] ) ] << 16 ) ^ + ( (uint32_t) RSb[ MBEDTLS_BYTE_3( t.Y[1] ) ] << 24 ); t.X[1] = *RK++ ^ \ - ( (uint32_t) RSb[ ( t.Y[1] ) & 0xFF ] ) ^ - ( (uint32_t) RSb[ ( t.Y[0] >> 8 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) RSb[ ( t.Y[3] >> 16 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) RSb[ ( t.Y[2] >> 24 ) & 0xFF ] << 24 ); + ( (uint32_t) RSb[ MBEDTLS_BYTE_0( t.Y[1] ) ] ) ^ + ( (uint32_t) RSb[ MBEDTLS_BYTE_1( t.Y[0] ) ] << 8 ) ^ + ( (uint32_t) RSb[ MBEDTLS_BYTE_2( t.Y[3] ) ] << 16 ) ^ + ( (uint32_t) RSb[ MBEDTLS_BYTE_3( t.Y[2] ) ] << 24 ); t.X[2] = *RK++ ^ \ - ( (uint32_t) RSb[ ( t.Y[2] ) & 0xFF ] ) ^ - ( (uint32_t) RSb[ ( t.Y[1] >> 8 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) RSb[ ( t.Y[0] >> 16 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) RSb[ ( t.Y[3] >> 24 ) & 0xFF ] << 24 ); + ( (uint32_t) RSb[ MBEDTLS_BYTE_0( t.Y[2] ) ] ) ^ + ( (uint32_t) RSb[ MBEDTLS_BYTE_1( t.Y[1] ) ] << 8 ) ^ + ( (uint32_t) RSb[ MBEDTLS_BYTE_2( t.Y[0] ) ] << 16 ) ^ + ( (uint32_t) RSb[ MBEDTLS_BYTE_3( t.Y[3] ) ] << 24 ); t.X[3] = *RK++ ^ \ - ( (uint32_t) RSb[ ( t.Y[3] ) & 0xFF ] ) ^ - ( (uint32_t) RSb[ ( t.Y[2] >> 8 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) RSb[ ( t.Y[1] >> 16 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) RSb[ ( t.Y[0] >> 24 ) & 0xFF ] << 24 ); + ( (uint32_t) RSb[ MBEDTLS_BYTE_0( t.Y[3] ) ] ) ^ + ( (uint32_t) RSb[ MBEDTLS_BYTE_1( t.Y[2] ) ] << 8 ) ^ + ( (uint32_t) RSb[ MBEDTLS_BYTE_2( t.Y[1] ) ] << 16 ) ^ + ( (uint32_t) RSb[ MBEDTLS_BYTE_3( t.Y[0] ) ] << 24 ); MBEDTLS_PUT_UINT32_LE( t.X[0], output, 0 ); MBEDTLS_PUT_UINT32_LE( t.X[1], output, 4 ); diff --git a/library/aria.c b/library/aria.c index 320f7758a..6bfdfbdce 100644 --- a/library/aria.c +++ b/library/aria.c @@ -212,22 +212,22 @@ static inline void aria_sl( uint32_t *a, uint32_t *b, const uint8_t sa[256], const uint8_t sb[256], const uint8_t sc[256], const uint8_t sd[256] ) { - *a = ( (uint32_t) sa[ *a & 0xFF] ) ^ - (((uint32_t) sb[(*a >> 8) & 0xFF]) << 8) ^ - (((uint32_t) sc[(*a >> 16) & 0xFF]) << 16) ^ - (((uint32_t) sd[ *a >> 24 ]) << 24); - *b = ( (uint32_t) sa[ *b & 0xFF] ) ^ - (((uint32_t) sb[(*b >> 8) & 0xFF]) << 8) ^ - (((uint32_t) sc[(*b >> 16) & 0xFF]) << 16) ^ - (((uint32_t) sd[ *b >> 24 ]) << 24); - *c = ( (uint32_t) sa[ *c & 0xFF] ) ^ - (((uint32_t) sb[(*c >> 8) & 0xFF]) << 8) ^ - (((uint32_t) sc[(*c >> 16) & 0xFF]) << 16) ^ - (((uint32_t) sd[ *c >> 24 ]) << 24); - *d = ( (uint32_t) sa[ *d & 0xFF] ) ^ - (((uint32_t) sb[(*d >> 8) & 0xFF]) << 8) ^ - (((uint32_t) sc[(*d >> 16) & 0xFF]) << 16) ^ - (((uint32_t) sd[ *d >> 24 ]) << 24); + *a = ( (uint32_t) sa[ MBEDTLS_BYTE_0( *a ) ] ) ^ + (((uint32_t) sb[ MBEDTLS_BYTE_1( *a ) ]) << 8) ^ + (((uint32_t) sc[ MBEDTLS_BYTE_2( *a ) ]) << 16) ^ + (((uint32_t) sd[ *a >> 24 ]) << 24); + *b = ( (uint32_t) sa[ MBEDTLS_BYTE_0( *b ) ] ) ^ + (((uint32_t) sb[ MBEDTLS_BYTE_1( *b ) ]) << 8) ^ + (((uint32_t) sc[ MBEDTLS_BYTE_2( *b ) ]) << 16) ^ + (((uint32_t) sd[ *b >> 24 ]) << 24); + *c = ( (uint32_t) sa[ MBEDTLS_BYTE_0( *c ) ] ) ^ + (((uint32_t) sb[ MBEDTLS_BYTE_1( *c ) ]) << 8) ^ + (((uint32_t) sc[ MBEDTLS_BYTE_2( *c ) ]) << 16) ^ + (((uint32_t) sd[ *c >> 24 ]) << 24); + *d = ( (uint32_t) sa[ MBEDTLS_BYTE_0( *d ) ] ) ^ + (((uint32_t) sb[ MBEDTLS_BYTE_1( *d ) ]) << 8) ^ + (((uint32_t) sc[ MBEDTLS_BYTE_2( *d ) ]) << 16) ^ + (((uint32_t) sd[ *d >> 24 ]) << 24); } /* diff --git a/library/asn1write.c b/library/asn1write.c index 0289e8949..8555767fe 100644 --- a/library/asn1write.c +++ b/library/asn1write.c @@ -60,8 +60,8 @@ int mbedtls_asn1_write_len( unsigned char **p, const unsigned char *start, size_ if( *p - start < 3 ) return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); - *--(*p) = ( len ) & 0xFF; - *--(*p) = ( len >> 8 ) & 0xFF; + *--(*p) = MBEDTLS_CHAR_0( len ); + *--(*p) = MBEDTLS_CHAR_1( len ); *--(*p) = 0x82; return( 3 ); } @@ -71,9 +71,9 @@ int mbedtls_asn1_write_len( unsigned char **p, const unsigned char *start, size_ if( *p - start < 4 ) return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); - *--(*p) = ( len ) & 0xFF; - *--(*p) = ( len >> 8 ) & 0xFF; - *--(*p) = ( len >> 16 ) & 0xFF; + *--(*p) = MBEDTLS_CHAR_0( len ); + *--(*p) = MBEDTLS_CHAR_1( len ); + *--(*p) = MBEDTLS_CHAR_2( len ); *--(*p) = 0x83; return( 4 ); } @@ -85,10 +85,10 @@ int mbedtls_asn1_write_len( unsigned char **p, const unsigned char *start, size_ if( *p - start < 5 ) return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); - *--(*p) = ( len ) & 0xFF; - *--(*p) = ( len >> 8 ) & 0xFF; - *--(*p) = ( len >> 16 ) & 0xFF; - *--(*p) = ( len >> 24 ) & 0xFF; + *--(*p) = MBEDTLS_CHAR_0( len ); + *--(*p) = MBEDTLS_CHAR_1( len ); + *--(*p) = MBEDTLS_CHAR_2( len ); + *--(*p) = MBEDTLS_CHAR_3( len ); *--(*p) = 0x84; return( 5 ); } diff --git a/library/camellia.c b/library/camellia.c index 4d6b468e5..29d730ab5 100644 --- a/library/camellia.c +++ b/library/camellia.c @@ -278,14 +278,14 @@ static void camellia_feistel( const uint32_t x[2], const uint32_t k[2], I0 = x[0] ^ k[0]; I1 = x[1] ^ k[1]; - I0 = ((uint32_t) SBOX1((I0 >> 24) & 0xFF) << 24) | - ((uint32_t) SBOX2((I0 >> 16) & 0xFF) << 16) | - ((uint32_t) SBOX3((I0 >> 8) & 0xFF) << 8) | - ((uint32_t) SBOX4((I0 ) & 0xFF) ); - I1 = ((uint32_t) SBOX2((I1 >> 24) & 0xFF) << 24) | - ((uint32_t) SBOX3((I1 >> 16) & 0xFF) << 16) | - ((uint32_t) SBOX4((I1 >> 8) & 0xFF) << 8) | - ((uint32_t) SBOX1((I1 ) & 0xFF) ); + I0 = ((uint32_t) SBOX1( MBEDTLS_BYTE_3( I0 )) << 24) | + ((uint32_t) SBOX2( MBEDTLS_BYTE_2( I0 )) << 16) | + ((uint32_t) SBOX3( MBEDTLS_BYTE_1( I0 )) << 8) | + ((uint32_t) SBOX4( MBEDTLS_BYTE_0( I0 )) ); + I1 = ((uint32_t) SBOX2( MBEDTLS_BYTE_3( I1 )) << 24) | + ((uint32_t) SBOX3( MBEDTLS_BYTE_2( I1 )) << 16) | + ((uint32_t) SBOX4( MBEDTLS_BYTE_1( I1 )) << 8) | + ((uint32_t) SBOX1( MBEDTLS_BYTE_0( I1 )) ); I0 ^= (I1 << 8) | (I1 >> 24); I1 ^= (I0 << 16) | (I0 >> 16); diff --git a/library/ccm.c b/library/ccm.c index 424ee77b6..95d90dc61 100644 --- a/library/ccm.c +++ b/library/ccm.c @@ -200,7 +200,7 @@ static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length, memcpy( b + 1, iv, iv_len ); for( i = 0, len_left = length; i < q; i++, len_left >>= 8 ) - b[15-i] = (unsigned char)( len_left & 0xFF ); + b[15-i] = MBEDTLS_CHAR_0( len_left ); if( len_left > 0 ) return( MBEDTLS_ERR_CCM_BAD_INPUT ); @@ -221,8 +221,8 @@ static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length, src = add; memset( b, 0, 16 ); - b[0] = (unsigned char)( ( add_len >> 8 ) & 0xFF ); - b[1] = (unsigned char)( ( add_len ) & 0xFF ); + b[0] = MBEDTLS_CHAR_1( add_len ); + b[1] = MBEDTLS_CHAR_0( add_len ); use_len = len_left < 16 - 2 ? len_left : 16 - 2; memcpy( b + 2, src, use_len ); diff --git a/library/common.h b/library/common.h index 4ecc0162b..56c300265 100644 --- a/library/common.h +++ b/library/common.h @@ -77,6 +77,15 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c #define MBEDTLS_BYTE_2( x ) ( (uint8_t) ( ( ( x ) >> 16 ) & 0xff ) ) #define MBEDTLS_BYTE_3( x ) ( (uint8_t) ( ( ( x ) >> 24 ) & 0xff ) ) +#define MBEDTLS_CHAR_0( x ) ( (unsigned char) ( ( x ) & 0xff ) ) +#define MBEDTLS_CHAR_1( x ) ( (unsigned char) ( ( ( x ) >> 8 ) & 0xff ) ) +#define MBEDTLS_CHAR_2( x ) ( (unsigned char) ( ( ( x ) >> 16 ) & 0xff ) ) +#define MBEDTLS_CHAR_3( x ) ( (unsigned char) ( ( ( x ) >> 24 ) & 0xff ) ) +#define MBEDTLS_CHAR_4( x ) ( (unsigned char) ( ( ( x ) >> 32 ) & 0xff ) ) +#define MBEDTLS_CHAR_5( x ) ( (unsigned char) ( ( ( x ) >> 40 ) & 0xff ) ) +#define MBEDTLS_CHAR_6( x ) ( (unsigned char) ( ( ( x ) >> 48 ) & 0xff ) ) +#define MBEDTLS_CHAR_7( x ) ( (unsigned char) ( ( ( x ) >> 56 ) & 0xff ) ) + /** * 32-bit integer manipulation GET macros (big endian) * diff --git a/library/ecjpake.c b/library/ecjpake.c index d22931142..7305dfeee 100644 --- a/library/ecjpake.c +++ b/library/ecjpake.c @@ -180,10 +180,10 @@ static int ecjpake_write_len_point( unsigned char **p, if( ret != 0 ) return( ret ); - (*p)[0] = (unsigned char)( ( len >> 24 ) & 0xFF ); - (*p)[1] = (unsigned char)( ( len >> 16 ) & 0xFF ); - (*p)[2] = (unsigned char)( ( len >> 8 ) & 0xFF ); - (*p)[3] = (unsigned char)( ( len ) & 0xFF ); + (*p)[0] = MBEDTLS_CHAR_3( len ); + (*p)[1] = MBEDTLS_CHAR_2( len ); + (*p)[2] = MBEDTLS_CHAR_1( len ); + (*p)[3] = MBEDTLS_CHAR_0( len ); *p += 4 + len; @@ -223,10 +223,10 @@ static int ecjpake_hash( const mbedtls_md_info_t *md_info, if( end - p < 4 ) return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL ); - *p++ = (unsigned char)( ( id_len >> 24 ) & 0xFF ); - *p++ = (unsigned char)( ( id_len >> 16 ) & 0xFF ); - *p++ = (unsigned char)( ( id_len >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( id_len ) & 0xFF ); + *p++ = MBEDTLS_CHAR_3( id_len ); + *p++ = MBEDTLS_CHAR_2( id_len ); + *p++ = MBEDTLS_CHAR_1( id_len ); + *p++ = MBEDTLS_CHAR_0( id_len ); if( end < p || (size_t)( end - p ) < id_len ) return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL ); @@ -366,7 +366,7 @@ static int ecjpake_zkp_write( const mbedtls_md_info_t *md_info, goto cleanup; } - *(*p)++ = (unsigned char)( len & 0xFF ); + *(*p)++ = MBEDTLS_CHAR_0( len ); MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &h, *p, len ) ); /* r */ *p += len; diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 59c546042..7d65479ef 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -136,18 +136,18 @@ static int ssl_write_hostname_ext( mbedtls_ssl_context *ssl, * } ServerNameList; * */ - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SERVERNAME >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SERVERNAME ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_SERVERNAME ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_SERVERNAME ); - *p++ = (unsigned char)( ( (hostname_len + 5) >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( (hostname_len + 5) ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( hostname_len + 5); + *p++ = MBEDTLS_CHAR_0( hostname_len + 5); - *p++ = (unsigned char)( ( (hostname_len + 3) >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( (hostname_len + 3) ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( hostname_len + 3 ); + *p++ = MBEDTLS_CHAR_0( hostname_len + 3 ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SERVERNAME_HOSTNAME ) & 0xFF ); - *p++ = (unsigned char)( ( hostname_len >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( hostname_len ) & 0xFF ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_SERVERNAME_HOSTNAME ); + *p++ = MBEDTLS_CHAR_1( hostname_len ); + *p++ = MBEDTLS_CHAR_0( hostname_len ); memcpy( p, ssl->hostname, hostname_len ); @@ -181,14 +181,12 @@ static int ssl_write_renegotiation_ext( mbedtls_ssl_context *ssl, /* * Secure renegotiation */ - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO >> 8 ) - & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ) - & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ); *p++ = 0x00; - *p++ = ( ssl->verify_data_len + 1 ) & 0xFF; - *p++ = ssl->verify_data_len & 0xFF; + *p++ = MBEDTLS_CHAR_0( ssl->verify_data_len + 1 ); + *p++ = MBEDTLS_CHAR_0( ssl->verify_data_len ); memcpy( p, ssl->own_verify_data, ssl->verify_data_len ); @@ -283,14 +281,14 @@ static int ssl_write_signature_algorithms_ext( mbedtls_ssl_context *ssl, * SignatureAndHashAlgorithm * supported_signature_algorithms<2..2^16-2>; */ - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SIG_ALG >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SIG_ALG ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_SIG_ALG ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_SIG_ALG ); - *p++ = (unsigned char)( ( ( sig_alg_len + 2 ) >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( ( sig_alg_len + 2 ) ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( sig_alg_len + 2 ); + *p++ = MBEDTLS_CHAR_0( sig_alg_len + 2 ); - *p++ = (unsigned char)( ( sig_alg_len >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( sig_alg_len ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( sig_alg_len ); + *p++ = MBEDTLS_CHAR_0( sig_alg_len ); *olen = 6 + sig_alg_len; @@ -358,16 +356,14 @@ static int ssl_write_supported_elliptic_curves_ext( mbedtls_ssl_context *ssl, elliptic_curve_list[elliptic_curve_len++] = info->tls_id & 0xFF; } - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES >> 8 ) - & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES ) - & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES ); - *p++ = (unsigned char)( ( ( elliptic_curve_len + 2 ) >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( ( elliptic_curve_len + 2 ) ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( elliptic_curve_len + 2 ); + *p++ = MBEDTLS_CHAR_0( elliptic_curve_len + 2 ); - *p++ = (unsigned char)( ( ( elliptic_curve_len ) >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( ( elliptic_curve_len ) ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( elliptic_curve_len ); + *p++ = MBEDTLS_CHAR_0( elliptic_curve_len ); *olen = 6 + elliptic_curve_len; @@ -388,10 +384,8 @@ static int ssl_write_supported_point_formats_ext( mbedtls_ssl_context *ssl, ( "client hello, adding supported_point_formats extension" ) ); MBEDTLS_SSL_CHK_BUF_PTR( p, end, 6 ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS >> 8 ) - & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ) - & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ); *p++ = 0x00; *p++ = 2; @@ -427,8 +421,8 @@ static int ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_CHK_BUF_PTR( p, end, 4 ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ECJPAKE_KKPP >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ); /* * We may need to send ClientHello multiple times for Hello verification. @@ -470,8 +464,8 @@ static int ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl, memcpy( p + 2, ssl->handshake->ecjpake_cache, kkpp_len ); } - *p++ = (unsigned char)( ( kkpp_len >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( kkpp_len ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( kkpp_len ); + *p++ = MBEDTLS_CHAR_0( kkpp_len ); *olen = kkpp_len + 4; @@ -510,11 +504,11 @@ static int ssl_write_cid_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_CHK_BUF_PTR( p, end, (unsigned)( ssl->own_cid_len + 5 ) ); /* Add extension ID + size */ - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_CID >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_CID ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_CID ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_CID ); ext_len = (size_t) ssl->own_cid_len + 1; - *p++ = (unsigned char)( ( ext_len >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( ext_len ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( ext_len ); + *p++ = MBEDTLS_CHAR_0( ext_len ); *p++ = (uint8_t) ssl->own_cid_len; memcpy( p, ssl->own_cid, ssl->own_cid_len ); @@ -543,10 +537,8 @@ static int ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_CHK_BUF_PTR( p, end, 5 ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH >> 8 ) - & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ) - & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ); *p++ = 0x00; *p++ = 1; @@ -577,8 +569,8 @@ static int ssl_write_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_CHK_BUF_PTR( p, end, 4 ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ); *p++ = 0x00; *p++ = 0x00; @@ -607,10 +599,8 @@ static int ssl_write_extended_ms_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_CHK_BUF_PTR( p, end, 4 ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET >> 8 ) - & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ) - & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ); *p++ = 0x00; *p++ = 0x00; @@ -641,11 +631,11 @@ static int ssl_write_session_ticket_ext( mbedtls_ssl_context *ssl, /* The addition is safe here since the ticket length is 16 bit. */ MBEDTLS_SSL_CHK_BUF_PTR( p, end, 4 + tlen ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SESSION_TICKET >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SESSION_TICKET ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_SESSION_TICKET ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_SESSION_TICKET ); - *p++ = (unsigned char)( ( tlen >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( tlen ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( tlen ); + *p++ = MBEDTLS_CHAR_0( tlen ); *olen = 4; @@ -685,8 +675,8 @@ static int ssl_write_alpn_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_CHK_BUF_PTR( p, end, 6 + alpnlen ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ALPN >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ALPN ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_ALPN ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_ALPN ); /* * opaque ProtocolName<1..2^8-1>; @@ -713,12 +703,12 @@ static int ssl_write_alpn_ext( mbedtls_ssl_context *ssl, *olen = p - buf; /* List length = olen - 2 (ext_type) - 2 (ext_len) - 2 (list_len) */ - buf[4] = (unsigned char)( ( ( *olen - 6 ) >> 8 ) & 0xFF ); - buf[5] = (unsigned char)( ( ( *olen - 6 ) ) & 0xFF ); + buf[4] = MBEDTLS_CHAR_1( *olen - 6 ); + buf[5] = MBEDTLS_CHAR_0( *olen - 6 ); /* Extension length = olen - 2 (ext_type) - 2 (ext_len) */ - buf[2] = (unsigned char)( ( ( *olen - 4 ) >> 8 ) & 0xFF ); - buf[3] = (unsigned char)( ( ( *olen - 4 ) ) & 0xFF ); + buf[2] = MBEDTLS_CHAR_1( *olen - 4 ); + buf[3] = MBEDTLS_CHAR_0( *olen - 4 ); return( 0 ); } @@ -770,12 +760,12 @@ static int ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, */ MBEDTLS_SSL_CHK_BUF_PTR( p, end, ext_len + 4 ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_USE_SRTP >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_USE_SRTP ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_USE_SRTP ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_USE_SRTP ); - *p++ = (unsigned char)( ( ( ext_len & 0xFF00 ) >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ext_len & 0xFF ); + *p++ = MBEDTLS_CHAR_1( ext_len & 0xFF00 ); + *p++ = MBEDTLS_CHAR_0( ext_len ); /* protection profile length: 2*(ssl->conf->dtls_srtp_profile_list_len) */ /* micro-optimization: @@ -786,8 +776,7 @@ static int ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, * >> 8 ) & 0xFF ); */ *p++ = 0; - *p++ = (unsigned char)( ( 2 * ssl->conf->dtls_srtp_profile_list_len ) - & 0xFF ); + *p++ = MBEDTLS_CHAR_0( 2 * ssl->conf->dtls_srtp_profile_list_len ); for( protection_profiles_index=0; protection_profiles_index < ssl->conf->dtls_srtp_profile_list_len; @@ -799,8 +788,8 @@ static int ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, { MBEDTLS_SSL_DEBUG_MSG( 3, ( "ssl_write_use_srtp_ext, add profile: %04x", profile_value ) ); - *p++ = ( ( profile_value >> 8 ) & 0xFF ); - *p++ = ( profile_value & 0xFF ); + *p++ = MBEDTLS_BYTE_1( profile_value ); + *p++ = MBEDTLS_BYTE_0( profile_value ); } else { @@ -1334,8 +1323,8 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl ) { /* No need to check for space here, because the extension * writing functions already took care of that. */ - *p++ = (unsigned char)( ( ext_len >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( ext_len ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( ext_len ); + *p++ = MBEDTLS_CHAR_0( ext_len ); p += ext_len; } diff --git a/library/ssl_msg.c b/library/ssl_msg.c index 77904e0a1..e0c50bcce 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -454,15 +454,15 @@ static void ssl_extract_add_data_from_record( unsigned char* add_data, *cur = rec->cid_len; cur++; - cur[0] = ( ad_len_field >> 8 ) & 0xFF; - cur[1] = ( ad_len_field >> 0 ) & 0xFF; + cur[0] = MBEDTLS_CHAR_1( ad_len_field ); + cur[1] = MBEDTLS_CHAR_0( ad_len_field ); cur += 2; } else #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ { - cur[0] = ( ad_len_field >> 8 ) & 0xFF; - cur[1] = ( ad_len_field >> 0 ) & 0xFF; + cur[0] = MBEDTLS_CHAR_1( ad_len_field ); + cur[1] = MBEDTLS_CHAR_0( ad_len_field ); cur += 2; } @@ -2481,8 +2481,8 @@ int mbedtls_ssl_write_handshake_msg_ext( mbedtls_ssl_context *ssl, /* Write message_seq and update it, except for HelloRequest */ if( hs_type != MBEDTLS_SSL_HS_HELLO_REQUEST ) { - ssl->out_msg[4] = ( ssl->handshake->out_msg_seq >> 8 ) & 0xFF; - ssl->out_msg[5] = ( ssl->handshake->out_msg_seq ) & 0xFF; + ssl->out_msg[4] = MBEDTLS_CHAR_1( ssl->handshake->out_msg_seq ); + ssl->out_msg[5] = MBEDTLS_CHAR_0( ssl->handshake->out_msg_seq ); ++( ssl->handshake->out_msg_seq ); } else diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 3d6739342..253ab5695 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -1848,8 +1848,8 @@ read_record_header: for( j = 0, p = buf + ciph_offset + 2; j < ciph_len; j += 2, p += 2 ) for( i = 0; ciphersuites[i] != 0; i++ ) { - if( p[0] != ( ( ciphersuites[i] >> 8 ) & 0xFF ) || - p[1] != ( ( ciphersuites[i] ) & 0xFF ) ) + if( p[0] != MBEDTLS_BYTE_1( ciphersuites[i] ) || + p[1] != MBEDTLS_BYTE_0( ciphersuites[i] )) continue; got_common_suite = 1; @@ -1865,8 +1865,8 @@ read_record_header: for( i = 0; ciphersuites[i] != 0; i++ ) for( j = 0, p = buf + ciph_offset + 2; j < ciph_len; j += 2, p += 2 ) { - if( p[0] != ( ( ciphersuites[i] >> 8 ) & 0xFF ) || - p[1] != ( ( ciphersuites[i] ) & 0xFF ) ) + if( p[0] != MBEDTLS_BYTE_1( ciphersuites[i] ) || + p[1] != MBEDTLS_BYTE_0( ciphersuites[i] )) continue; got_common_suite = 1; @@ -1971,11 +1971,11 @@ static void ssl_write_cid_ext( mbedtls_ssl_context *ssl, * } ConnectionId; */ - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_CID >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_CID ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_CID ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_CID ); ext_len = (size_t) ssl->own_cid_len + 1; - *p++ = (unsigned char)( ( ext_len >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( ext_len ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( ext_len ); + *p++ = MBEDTLS_CHAR_0( ext_len ); *p++ = (uint8_t) ssl->own_cid_len; memcpy( p, ssl->own_cid, ssl->own_cid_len ); @@ -2016,8 +2016,8 @@ static void ssl_write_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding encrypt then mac extension" ) ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ); *p++ = 0x00; *p++ = 0x00; @@ -2042,8 +2042,8 @@ static void ssl_write_extended_ms_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding extended master secret " "extension" ) ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ); *p++ = 0x00; *p++ = 0x00; @@ -2067,8 +2067,8 @@ static void ssl_write_session_ticket_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding session ticket extension" ) ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SESSION_TICKET >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SESSION_TICKET ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_SESSION_TICKET ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_SESSION_TICKET ); *p++ = 0x00; *p++ = 0x00; @@ -2091,8 +2091,8 @@ static void ssl_write_renegotiation_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, secure renegotiation extension" ) ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ); #if defined(MBEDTLS_SSL_RENEGOTIATION) if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE ) @@ -2132,8 +2132,8 @@ static void ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, max_fragment_length extension" ) ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ); *p++ = 0x00; *p++ = 1; @@ -2162,8 +2162,8 @@ static void ssl_write_supported_point_formats_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, supported_point_formats extension" ) ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ); *p++ = 0x00; *p++ = 2; @@ -2200,8 +2200,8 @@ static void ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl, return; } - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ECJPAKE_KKPP >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ); ret = mbedtls_ecjpake_write_round_one( &ssl->handshake->ecjpake_ctx, p + 2, end - p - 2, &kkpp_len, @@ -2212,8 +2212,8 @@ static void ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl, return; } - *p++ = (unsigned char)( ( kkpp_len >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( kkpp_len ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( kkpp_len ); + *p++ = MBEDTLS_CHAR_0( kkpp_len ); *olen = kkpp_len + 4; } @@ -2238,18 +2238,18 @@ static void ssl_write_alpn_ext( mbedtls_ssl_context *ssl, * 6 . 6 protocol name length * 7 . 7+n protocol name */ - buf[0] = (unsigned char)( ( MBEDTLS_TLS_EXT_ALPN >> 8 ) & 0xFF ); - buf[1] = (unsigned char)( ( MBEDTLS_TLS_EXT_ALPN ) & 0xFF ); + buf[0] = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_ALPN ); + buf[1] = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_ALPN ); *olen = 7 + strlen( ssl->alpn_chosen ); - buf[2] = (unsigned char)( ( ( *olen - 4 ) >> 8 ) & 0xFF ); - buf[3] = (unsigned char)( ( ( *olen - 4 ) ) & 0xFF ); + buf[2] = MBEDTLS_CHAR_1( *olen - 4 ); + buf[3] = MBEDTLS_CHAR_0( *olen - 4 ); - buf[4] = (unsigned char)( ( ( *olen - 6 ) >> 8 ) & 0xFF ); - buf[5] = (unsigned char)( ( ( *olen - 6 ) ) & 0xFF ); + buf[4] = MBEDTLS_CHAR_1( *olen - 6 ); + buf[5] = MBEDTLS_CHAR_0( *olen - 6 ); - buf[6] = (unsigned char)( ( ( *olen - 7 ) ) & 0xFF ); + buf[6] = MBEDTLS_CHAR_0( *olen - 7 ); memcpy( buf + 7, ssl->alpn_chosen, *olen - 7 ); } @@ -2294,15 +2294,15 @@ static void ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, } /* extension */ - buf[0] = (unsigned char)( ( MBEDTLS_TLS_EXT_USE_SRTP >> 8 ) & 0xFF ); - buf[1] = (unsigned char)( ( MBEDTLS_TLS_EXT_USE_SRTP ) & 0xFF ); + buf[0] = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_USE_SRTP ); + buf[1] = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_USE_SRTP ); /* * total length 5 and mki value: only one profile(2 bytes) * and length(2 bytes) and srtp_mki ) */ ext_len = 5 + mki_len; - buf[2] = (unsigned char)( ( ext_len >> 8 ) & 0xFF ); - buf[3] = (unsigned char)( ext_len & 0xFF ); + buf[2] = MBEDTLS_CHAR_1( ext_len ); + buf[3] = MBEDTLS_CHAR_0( ext_len ); /* protection profile length: 2 */ buf[4] = 0x00; @@ -2311,8 +2311,8 @@ static void ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, ssl->dtls_srtp_info.chosen_dtls_srtp_profile ); if( profile_value != MBEDTLS_TLS_SRTP_UNSET ) { - buf[6] = (unsigned char)( ( profile_value >> 8 ) & 0xFF ); - buf[7] = (unsigned char)( profile_value & 0xFF ); + buf[6] = MBEDTLS_CHAR_1( profile_value ); + buf[7] = MBEDTLS_CHAR_0( profile_value ); } else { @@ -2648,8 +2648,8 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl ) if( ext_len > 0 ) { - *p++ = (unsigned char)( ( ext_len >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( ext_len ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( ext_len ); + *p++ = MBEDTLS_CHAR_0( ext_len ); p += ext_len; } @@ -3478,8 +3478,8 @@ static int ssl_decrypt_encrypted_pms( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } - if( *p++ != ( ( len >> 8 ) & 0xFF ) || - *p++ != ( ( len ) & 0xFF ) ) + if( *p++ != MBEDTLS_CHAR_1( len ) || + *p++ != MBEDTLS_CHAR_0( len ) ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); return( MBEDTLS_ERR_SSL_DECODE_ERROR ); @@ -4223,13 +4223,13 @@ static int ssl_write_new_session_ticket( mbedtls_ssl_context *ssl ) tlen = 0; } - ssl->out_msg[4] = ( lifetime >> 24 ) & 0xFF; - ssl->out_msg[5] = ( lifetime >> 16 ) & 0xFF; - ssl->out_msg[6] = ( lifetime >> 8 ) & 0xFF; - ssl->out_msg[7] = ( lifetime ) & 0xFF; + ssl->out_msg[4] = MBEDTLS_CHAR_3( lifetime ); + ssl->out_msg[5] = MBEDTLS_CHAR_2( lifetime ); + ssl->out_msg[6] = MBEDTLS_CHAR_1( lifetime ); + ssl->out_msg[7] = MBEDTLS_CHAR_0( lifetime ); - ssl->out_msg[8] = (unsigned char)( ( tlen >> 8 ) & 0xFF ); - ssl->out_msg[9] = (unsigned char)( ( tlen ) & 0xFF ); + ssl->out_msg[8] = MBEDTLS_CHAR_1( tlen ); + ssl->out_msg[9] = MBEDTLS_CHAR_0( tlen ); ssl->out_msglen = 10 + tlen; diff --git a/library/ssl_tls.c b/library/ssl_tls.c index f8cad4aec..0655dc57e 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -4582,8 +4582,8 @@ static unsigned char ssl_serialized_session_header[] = { MBEDTLS_VERSION_MAJOR, MBEDTLS_VERSION_MINOR, MBEDTLS_VERSION_PATCH, - ( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG >> 8 ) & 0xFF, - ( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG >> 0 ) & 0xFF, + MBEDTLS_CHAR_1( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG ), + MBEDTLS_CHAR_0( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG ), }; /* @@ -4664,14 +4664,14 @@ static size_t ssl_session_save_tls12( const mbedtls_ssl_session *session, { start = (uint64_t) session->start; - *p++ = (unsigned char)( ( start >> 56 ) & 0xFF ); - *p++ = (unsigned char)( ( start >> 48 ) & 0xFF ); - *p++ = (unsigned char)( ( start >> 40 ) & 0xFF ); - *p++ = (unsigned char)( ( start >> 32 ) & 0xFF ); - *p++ = (unsigned char)( ( start >> 24 ) & 0xFF ); - *p++ = (unsigned char)( ( start >> 16 ) & 0xFF ); - *p++ = (unsigned char)( ( start >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( start ) & 0xFF ); + *p++ = MBEDTLS_CHAR_7( start ); + *p++ = MBEDTLS_CHAR_6( start ); + *p++ = MBEDTLS_CHAR_5( start ); + *p++ = MBEDTLS_CHAR_4( start ); + *p++ = MBEDTLS_CHAR_3( start ); + *p++ = MBEDTLS_CHAR_2( start ); + *p++ = MBEDTLS_CHAR_1( start ); + *p++ = MBEDTLS_CHAR_0( start ); } #endif /* MBEDTLS_HAVE_TIME */ @@ -4687,22 +4687,22 @@ static size_t ssl_session_save_tls12( const mbedtls_ssl_session *session, if( used <= buf_len ) { - *p++ = (unsigned char)( ( session->ciphersuite >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( session->ciphersuite ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( session->ciphersuite ); + *p++ = MBEDTLS_CHAR_0( session->ciphersuite ); - *p++ = (unsigned char)( session->compression & 0xFF ); + *p++ = MBEDTLS_CHAR_0( session->compression ); - *p++ = (unsigned char)( session->id_len & 0xFF ); + *p++ = MBEDTLS_CHAR_0( session->id_len ); memcpy( p, session->id, 32 ); p += 32; memcpy( p, session->master, 48 ); p += 48; - *p++ = (unsigned char)( ( session->verify_result >> 24 ) & 0xFF ); - *p++ = (unsigned char)( ( session->verify_result >> 16 ) & 0xFF ); - *p++ = (unsigned char)( ( session->verify_result >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( session->verify_result ) & 0xFF ); + *p++ = MBEDTLS_CHAR_3( session->verify_result ); + *p++ = MBEDTLS_CHAR_2( session->verify_result ); + *p++ = MBEDTLS_CHAR_1( session->verify_result ); + *p++ = MBEDTLS_CHAR_0( session->verify_result ); } /* @@ -4719,9 +4719,9 @@ static size_t ssl_session_save_tls12( const mbedtls_ssl_session *session, if( used <= buf_len ) { - *p++ = (unsigned char)( ( cert_len >> 16 ) & 0xFF ); - *p++ = (unsigned char)( ( cert_len >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( cert_len ) & 0xFF ); + *p++ = MBEDTLS_CHAR_2( cert_len ); + *p++ = MBEDTLS_CHAR_1( cert_len ); + *p++ = MBEDTLS_CHAR_0( cert_len ); if( session->peer_cert != NULL ) { @@ -4762,9 +4762,9 @@ static size_t ssl_session_save_tls12( const mbedtls_ssl_session *session, if( used <= buf_len ) { - *p++ = (unsigned char)( ( session->ticket_len >> 16 ) & 0xFF ); - *p++ = (unsigned char)( ( session->ticket_len >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( session->ticket_len ) & 0xFF ); + *p++ = MBEDTLS_CHAR_2( session->ticket_len ); + *p++ = MBEDTLS_CHAR_1( session->ticket_len ); + *p++ = MBEDTLS_CHAR_0( session->ticket_len ); if( session->ticket != NULL ) { @@ -4772,10 +4772,10 @@ static size_t ssl_session_save_tls12( const mbedtls_ssl_session *session, p += session->ticket_len; } - *p++ = (unsigned char)( ( session->ticket_lifetime >> 24 ) & 0xFF ); - *p++ = (unsigned char)( ( session->ticket_lifetime >> 16 ) & 0xFF ); - *p++ = (unsigned char)( ( session->ticket_lifetime >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( session->ticket_lifetime ) & 0xFF ); + *p++ = MBEDTLS_CHAR_3( session->ticket_lifetime ); + *p++ = MBEDTLS_CHAR_2( session->ticket_lifetime ); + *p++ = MBEDTLS_CHAR_1( session->ticket_lifetime ); + *p++ = MBEDTLS_CHAR_0( session->ticket_lifetime ); } #endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */ @@ -4793,7 +4793,7 @@ static size_t ssl_session_save_tls12( const mbedtls_ssl_session *session, used += 1; if( used <= buf_len ) - *p++ = (unsigned char)( ( session->encrypt_then_mac ) & 0xFF ); + *p++ = MBEDTLS_CHAR_0( session->encrypt_then_mac ); #endif return( used ); @@ -5568,11 +5568,11 @@ static unsigned char ssl_serialized_context_header[] = { MBEDTLS_VERSION_MAJOR, MBEDTLS_VERSION_MINOR, MBEDTLS_VERSION_PATCH, - ( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG >> 8 ) & 0xFF, - ( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG >> 0 ) & 0xFF, - ( SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG >> 16 ) & 0xFF, - ( SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG >> 8 ) & 0xFF, - ( SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG >> 0 ) & 0xFF, + MBEDTLS_CHAR_1( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG ), + MBEDTLS_CHAR_0( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG ), + MBEDTLS_CHAR_2( SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG ), + MBEDTLS_CHAR_1( SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG ), + MBEDTLS_CHAR_0( SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG ), }; /* @@ -5713,10 +5713,10 @@ int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl, used += 4 + session_len; if( used <= buf_len ) { - *p++ = (unsigned char)( ( session_len >> 24 ) & 0xFF ); - *p++ = (unsigned char)( ( session_len >> 16 ) & 0xFF ); - *p++ = (unsigned char)( ( session_len >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( session_len ) & 0xFF ); + *p++ = MBEDTLS_CHAR_3( session_len ); + *p++ = MBEDTLS_CHAR_2( session_len ); + *p++ = MBEDTLS_CHAR_1( session_len ); + *p++ = MBEDTLS_CHAR_0( session_len ); ret = ssl_session_save( ssl->session, 1, p, session_len, &session_len ); @@ -5757,33 +5757,33 @@ int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl, used += 4; if( used <= buf_len ) { - *p++ = (unsigned char)( ( ssl->badmac_seen >> 24 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->badmac_seen >> 16 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->badmac_seen >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->badmac_seen ) & 0xFF ); + *p++ = MBEDTLS_CHAR_3( ssl->badmac_seen ); + *p++ = MBEDTLS_CHAR_2( ssl->badmac_seen ); + *p++ = MBEDTLS_CHAR_1( ssl->badmac_seen ); + *p++ = MBEDTLS_CHAR_0( ssl->badmac_seen ); } #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) used += 16; if( used <= buf_len ) { - *p++ = (unsigned char)( ( ssl->in_window_top >> 56 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->in_window_top >> 48 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->in_window_top >> 40 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->in_window_top >> 32 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->in_window_top >> 24 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->in_window_top >> 16 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->in_window_top >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->in_window_top ) & 0xFF ); + *p++ = MBEDTLS_CHAR_7( ssl->in_window_top ); + *p++ = MBEDTLS_CHAR_6( ssl->in_window_top ); + *p++ = MBEDTLS_CHAR_5( ssl->in_window_top ); + *p++ = MBEDTLS_CHAR_4( ssl->in_window_top ); + *p++ = MBEDTLS_CHAR_3( ssl->in_window_top ); + *p++ = MBEDTLS_CHAR_2( ssl->in_window_top ); + *p++ = MBEDTLS_CHAR_1( ssl->in_window_top ); + *p++ = MBEDTLS_CHAR_0( ssl->in_window_top ); - *p++ = (unsigned char)( ( ssl->in_window >> 56 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->in_window >> 48 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->in_window >> 40 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->in_window >> 32 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->in_window >> 24 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->in_window >> 16 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->in_window >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->in_window ) & 0xFF ); + *p++ = MBEDTLS_CHAR_7( ssl->in_window ); + *p++ = MBEDTLS_CHAR_6( ssl->in_window ); + *p++ = MBEDTLS_CHAR_5( ssl->in_window ); + *p++ = MBEDTLS_CHAR_4( ssl->in_window ); + *p++ = MBEDTLS_CHAR_3( ssl->in_window ); + *p++ = MBEDTLS_CHAR_2( ssl->in_window ); + *p++ = MBEDTLS_CHAR_1( ssl->in_window ); + *p++ = MBEDTLS_CHAR_0( ssl->in_window ); } #endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */ @@ -5806,8 +5806,8 @@ int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl, used += 2; if( used <= buf_len ) { - *p++ = (unsigned char)( ( ssl->mtu >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->mtu ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( ssl->mtu ); + *p++ = MBEDTLS_CHAR_0( ssl->mtu ); } #endif /* MBEDTLS_SSL_PROTO_DTLS */ diff --git a/library/ssl_tls13_keys.c b/library/ssl_tls13_keys.c index 902f99ea8..9e629cb0b 100644 --- a/library/ssl_tls13_keys.c +++ b/library/ssl_tls13_keys.c @@ -113,17 +113,17 @@ static void ssl_tls1_3_hkdf_encode_label( #endif *p++ = 0; - *p++ = (unsigned char)( ( desired_length >> 0 ) & 0xFF ); + *p++ = MBEDTLS_CHAR_0( desired_length ); /* Add label incl. prefix */ - *p++ = (unsigned char)( total_label_len & 0xFF ); + *p++ = MBEDTLS_CHAR_0( total_label_len ); memcpy( p, tls1_3_label_prefix, sizeof(tls1_3_label_prefix) ); p += sizeof(tls1_3_label_prefix); memcpy( p, label, llen ); p += llen; /* Add context value */ - *p++ = (unsigned char)( clen & 0xFF ); + *p++ = MBEDTLS_CHAR_0( clen ); if( clen != 0 ) memcpy( p, ctx, clen ); From 635231a71ef0a055bad5dd46e66bfdcff1027c98 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Wed, 14 Jul 2021 11:53:07 +0100 Subject: [PATCH 63/81] Improve common.h macro documentation Imrpoved the descriptions of the macros and parameters and changing the name of the MBEDTLS_PUT_UINT... macro parameters to be more descriptive Signed-off-by: Joe Subbiani --- library/common.h | 140 ++++++++++++++++++----------------------------- 1 file changed, 52 insertions(+), 88 deletions(-) diff --git a/library/common.h b/library/common.h index 56c300265..f7a9c9da6 100644 --- a/library/common.h +++ b/library/common.h @@ -87,18 +87,13 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c #define MBEDTLS_CHAR_7( x ) ( (unsigned char) ( ( ( x ) >> 56 ) & 0xff ) ) /** - * 32-bit integer manipulation GET macros (big endian) + * Get the unsigned 32 bits integer corresponding to four bytes in + * big-endian order (MSB first). * - * \brief Use this to assign an unsigned 32 bit integer - * by taking data stored adjacent in memory that - * can be accessed via on offset - * Big Endian is used when wanting to - * transmit the most signifcant bits first - * - * \param data The data used to translate to a 32 bit - * integer - * \param offset the shift in bytes to access the next byte - * of data + * \param data Base address of the memory to get the four bytes from. + * \param offset Offset from \p base of the first and most significant + * byte of the four bytes to build the 32 bits unsigned + * integer from. */ #ifndef MBEDTLS_GET_UINT32_BE #define MBEDTLS_GET_UINT32_BE( data , offset ) \ @@ -111,44 +106,32 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c #endif /** - * 32-bit integer manipulation PUT macros (big endian) + * Put in memory a 32 bits unsigned integer in big-endian order. * - * \brief Read from a 32 bit integer and store each byte - * in memory, offset by a specified amount, resulting - * in each byte being adjacent in memory. - * Big Endian is used when wanting to - * transmit the most signifcant bits first - * - * \param n 32 bit integer where data is accessed - * \param b const unsigned char array of data to be - * manipulated - * \param i offset in bytes, In the case of UINT32, i - * would increment by 4 every use assuming - * the data is being stored in the same location + * \param n 32 bits unsigned integer to put in memory + * \param data Base address of the memory where to put the 32 + * bits unsigned integer in. + * \param offset Offset from \p base where to put the most significant + * byte of the 32 bits unsigned integer \p n. */ #ifndef MBEDTLS_PUT_UINT32_BE -#define MBEDTLS_PUT_UINT32_BE(n,b,i) \ - do { \ - (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \ - (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \ - (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \ - (b)[(i) + 3] = (unsigned char) ( (n) ); \ +#define MBEDTLS_PUT_UINT32_BE( n, data, offset ) \ + do { \ + ( data )[( offset ) ] = (unsigned char) ( (n) >> 24 ); \ + ( data )[( offset ) + 1] = (unsigned char) ( (n) >> 16 ); \ + ( data )[( offset ) + 2] = (unsigned char) ( (n) >> 8 ); \ + ( data )[( offset ) + 3] = (unsigned char) ( (n) ); \ } while( 0 ) #endif /** - * 32-bit integer manipulation GET macros (little endian) + * Get the unsigned 32 bits integer corresponding to four bytes in + * little-endian order (LSB first). * - * \brief Use this to assign an unsigned 32 bit integer - * by taking data stored adjacent in memory that - * can be accessed via on offset - * Little Endian is used when wanting to - * transmit the least signifcant bits first - * - * \param data The data used to translate to a 32 bit - * integer - * \param offset the shift in bytes to access the next byte - * of data + * \param data Base address of the memory to get the four bytes from. + * \param offset Offset from \p base of the first and least significant + * byte of the four bytes to build the 32 bits unsigned + * integer from. */ #ifndef MBEDTLS_GET_UINT32_LE #define MBEDTLS_GET_UINT32_LE( data, offset ) \ @@ -161,44 +144,32 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c #endif /** - * 32-bit integer manipulation PUT macros (little endian) + * Put in memory a 32 bits unsigned integer in little-endian order. * - * \brief Read from a 32 bit integer and store each byte - * in memory, offset by a specified amount, resulting - * in each byte being adjacent in memory. - * Little Endian is used when wanting to - * transmit the least signifcant bits first - * - * \param n 32 bit integer where data is accessed - * \param b const unsigned char array of data to be - * manipulated - * \param i offset in bytes, In the case of UINT32, i - * would increment by 4 every use assuming - * the data is being stored in the same location + * \param n 32 bits unsigned integer to put in memory + * \param data Base address of the memory where to put the 32 + * bits unsigned integer in. + * \param offset Offset from \p base where to put the least significant + * byte of the 32 bits unsigned integer \p n. */ #ifndef MBEDTLS_PUT_UINT32_LE -#define MBEDTLS_PUT_UINT32_LE(n,b,i) \ - do { \ - (b)[(i) ] = (unsigned char) ( ( (n) ) & 0xFF ); \ - (b)[(i) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \ - (b)[(i) + 2] = (unsigned char) ( ( (n) >> 16 ) & 0xFF ); \ - (b)[(i) + 3] = (unsigned char) ( ( (n) >> 24 ) & 0xFF ); \ +#define MBEDTLS_PUT_UINT32_LE( n, data, offset ) \ + do { \ + ( data )[( offset ) ] = (unsigned char) ( ( (n) ) & 0xFF ); \ + ( data )[( offset ) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \ + ( data )[( offset ) + 2] = (unsigned char) ( ( (n) >> 16 ) & 0xFF ); \ + ( data )[( offset ) + 3] = (unsigned char) ( ( (n) >> 24 ) & 0xFF ); \ } while( 0 ) #endif /** - * 16-bit integer manipulation GET macros (little endian) + * Get the unsigned 16 bits integer corresponding to four bytes in + * little-endian order (LSB first). * - * \brief Use this to assign an unsigned 16 bit integer - * by taking data stored adjacent in memory that - * can be accessed via on offset - * Little Endian is used when wanting to - * transmit the least signifcant bits first - * - * \param data The data used to translate to a 16 bit - * integer - * \param offset the shit in bytes to access the next byte - * of data + * \param data Base address of the memory to get the four bytes from. + * \param offset Offset from \p base of the first and least significant + * byte of the four bytes to build the 16 bits unsigned + * integer from. */ #ifndef MBEDTLS_GET_UINT16_LE #define MBEDTLS_GET_UINT16_LE( data, offset ) \ @@ -209,26 +180,19 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c #endif /** - * 16-bit integer manipulation PUT macros (little endian) + * Put in memory a 16 bits unsigned integer in little-endian order. * - * \brief Read from a 16 bit integer and store each byte - * in memory, offset by a specified amount, resulting - * in each byte being adjacent in memory. - * Little Endian is used when wanting to - * transmit the least signifcant bits first - * - * \param n 16 bit integer where data is accessed - * \param b const unsigned char array of data to be - * manipulated - * \param i offset in bytes, In the case of UINT16, i - * would increment by 2 every use assuming - * the data is being stored in the same location + * \param n 16 bits unsigned integer to put in memory + * \param data Base address of the memory where to put the 16 + * bits unsigned integer in. + * \param offset Offset from \p base where to put the least significant + * byte of the 16 bits unsigned integer \p n. */ #ifndef MBEDTLS_PUT_UINT16_LE -#define MBEDTLS_PUT_UINT16_LE( n, b, i ) \ -{ \ - (b)[(i) ] = (unsigned char) ( ( (n) ) & 0xFF ); \ - (b)[(i) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \ +#define MBEDTLS_PUT_UINT16_LE( n, data, offset ) \ +{ \ + ( data )[( offset ) ] = (unsigned char) ( ( (n) ) & 0xFF ); \ + ( data )[( offset ) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \ } #endif From 54550f7fca255769c4a2d9f5e089caddde4b0c6c Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Wed, 14 Jul 2021 11:59:48 +0100 Subject: [PATCH 64/81] Replace 3 byte shift with appropriate macro aria.c has a shift by 3 bytes, but does not use the 0xff masking. aparently this is not a problem and it is tidier to use the maco. Signed-off-by: Joe Subbiani --- library/aria.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/library/aria.c b/library/aria.c index 6bfdfbdce..bc05c4a31 100644 --- a/library/aria.c +++ b/library/aria.c @@ -215,19 +215,19 @@ static inline void aria_sl( uint32_t *a, uint32_t *b, *a = ( (uint32_t) sa[ MBEDTLS_BYTE_0( *a ) ] ) ^ (((uint32_t) sb[ MBEDTLS_BYTE_1( *a ) ]) << 8) ^ (((uint32_t) sc[ MBEDTLS_BYTE_2( *a ) ]) << 16) ^ - (((uint32_t) sd[ *a >> 24 ]) << 24); + (((uint32_t) sd[ MBEDTLS_BYTE_3( *a ) ]) << 24); *b = ( (uint32_t) sa[ MBEDTLS_BYTE_0( *b ) ] ) ^ (((uint32_t) sb[ MBEDTLS_BYTE_1( *b ) ]) << 8) ^ (((uint32_t) sc[ MBEDTLS_BYTE_2( *b ) ]) << 16) ^ - (((uint32_t) sd[ *b >> 24 ]) << 24); + (((uint32_t) sd[ MBEDTLS_BYTE_3( *b ) ]) << 24); *c = ( (uint32_t) sa[ MBEDTLS_BYTE_0( *c ) ] ) ^ (((uint32_t) sb[ MBEDTLS_BYTE_1( *c ) ]) << 8) ^ (((uint32_t) sc[ MBEDTLS_BYTE_2( *c ) ]) << 16) ^ - (((uint32_t) sd[ *c >> 24 ]) << 24); + (((uint32_t) sd[ MBEDTLS_BYTE_3( *c ) ]) << 24); *d = ( (uint32_t) sa[ MBEDTLS_BYTE_0( *d ) ] ) ^ (((uint32_t) sb[ MBEDTLS_BYTE_1( *d ) ]) << 8) ^ (((uint32_t) sc[ MBEDTLS_BYTE_2( *d ) ]) << 16) ^ - (((uint32_t) sd[ *d >> 24 ]) << 24); + (((uint32_t) sd[ MBEDTLS_BYTE_3( *d ) ]) << 24); } /* From f5462d989c8674805d3566cf4d85029da0f18717 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Tue, 13 Jul 2021 12:13:19 +0100 Subject: [PATCH 65/81] Remove trailing whitespaces Signed-off-by: Joe Subbiani --- library/common.h | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/library/common.h b/library/common.h index f7a9c9da6..87f0d66bc 100644 --- a/library/common.h +++ b/library/common.h @@ -87,12 +87,12 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c #define MBEDTLS_CHAR_7( x ) ( (unsigned char) ( ( ( x ) >> 56 ) & 0xff ) ) /** - * Get the unsigned 32 bits integer corresponding to four bytes in + * Get the unsigned 32 bits integer corresponding to four bytes in * big-endian order (MSB first). * * \param data Base address of the memory to get the four bytes from. - * \param offset Offset from \p base of the first and most significant - * byte of the four bytes to build the 32 bits unsigned + * \param offset Offset from \p base of the first and most significant + * byte of the four bytes to build the 32 bits unsigned * integer from. */ #ifndef MBEDTLS_GET_UINT32_BE @@ -108,10 +108,10 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c /** * Put in memory a 32 bits unsigned integer in big-endian order. * - * \param n 32 bits unsigned integer to put in memory - * \param data Base address of the memory where to put the 32 + * \param n 32 bits unsigned integer to put in memory. + * \param data Base address of the memory where to put the 32 * bits unsigned integer in. - * \param offset Offset from \p base where to put the most significant + * \param offset Offset from \p base where to put the most significant * byte of the 32 bits unsigned integer \p n. */ #ifndef MBEDTLS_PUT_UINT32_BE @@ -125,12 +125,12 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c #endif /** - * Get the unsigned 32 bits integer corresponding to four bytes in + * Get the unsigned 32 bits integer corresponding to four bytes in * little-endian order (LSB first). * * \param data Base address of the memory to get the four bytes from. - * \param offset Offset from \p base of the first and least significant - * byte of the four bytes to build the 32 bits unsigned + * \param offset Offset from \p base of the first and least significant + * byte of the four bytes to build the 32 bits unsigned * integer from. */ #ifndef MBEDTLS_GET_UINT32_LE @@ -146,10 +146,10 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c /** * Put in memory a 32 bits unsigned integer in little-endian order. * - * \param n 32 bits unsigned integer to put in memory - * \param data Base address of the memory where to put the 32 + * \param n 32 bits unsigned integer to put in memory. + * \param data Base address of the memory where to put the 32 * bits unsigned integer in. - * \param offset Offset from \p base where to put the least significant + * \param offset Offset from \p base where to put the least significant * byte of the 32 bits unsigned integer \p n. */ #ifndef MBEDTLS_PUT_UINT32_LE @@ -163,12 +163,12 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c #endif /** - * Get the unsigned 16 bits integer corresponding to four bytes in + * Get the unsigned 16 bits integer corresponding to four bytes in * little-endian order (LSB first). * * \param data Base address of the memory to get the four bytes from. - * \param offset Offset from \p base of the first and least significant - * byte of the four bytes to build the 16 bits unsigned + * \param offset Offset from \p base of the first and least significant + * byte of the four bytes to build the 16 bits unsigned * integer from. */ #ifndef MBEDTLS_GET_UINT16_LE @@ -182,10 +182,10 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c /** * Put in memory a 16 bits unsigned integer in little-endian order. * - * \param n 16 bits unsigned integer to put in memory - * \param data Base address of the memory where to put the 16 + * \param n 16 bits unsigned integer to put in memory. + * \param data Base address of the memory where to put the 16 * bits unsigned integer in. - * \param offset Offset from \p base where to put the least significant + * \param offset Offset from \p base where to put the least significant * byte of the 16 bits unsigned integer \p n. */ #ifndef MBEDTLS_PUT_UINT16_LE From bf7ea84f83d7fbef2103cae2564fe7258e6847c9 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Wed, 14 Jul 2021 12:05:51 +0100 Subject: [PATCH 66/81] Replace "four bytes" with "two bytes" in macro documentation When writing the documentation 4 bytes was written instead of 2 for MBEDTLS_UINT16_LE Signed-off-by: Joe Subbiani --- library/common.h | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/library/common.h b/library/common.h index 87f0d66bc..28017f974 100644 --- a/library/common.h +++ b/library/common.h @@ -163,12 +163,12 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c #endif /** - * Get the unsigned 16 bits integer corresponding to four bytes in + * Get the unsigned 16 bits integer corresponding to two bytes in * little-endian order (LSB first). * - * \param data Base address of the memory to get the four bytes from. + * \param data Base address of the memory to get the two bytes from. * \param offset Offset from \p base of the first and least significant - * byte of the four bytes to build the 16 bits unsigned + * byte of the two bytes to build the 16 bits unsigned * integer from. */ #ifndef MBEDTLS_GET_UINT16_LE From 2194dc477a65c0c18f592168b5e5f765c475bc9c Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Wed, 14 Jul 2021 12:31:31 +0100 Subject: [PATCH 67/81] Replace MBEDTLS_CHAR_x with MBEDTLS_BYTE_x The CHAR macros casted to an unsigned char which in this project is garunteed to be 8 bits - the same as uint8_t (which BYTE casts to) therefore, instances of CHAR have been swapped with BYTE and the number of macros have been cut down Signed-off-by: Joe Subbiani --- library/asn1write.c | 18 +++--- library/ccm.c | 6 +- library/common.h | 17 +++--- library/ecjpake.c | 18 +++--- library/ssl_cli.c | 116 ++++++++++++++++++------------------- library/ssl_msg.c | 4 +- library/ssl_srv.c | 86 ++++++++++++++-------------- library/ssl_tls.c | 120 +++++++++++++++++++-------------------- library/ssl_tls13_keys.c | 6 +- 9 files changed, 194 insertions(+), 197 deletions(-) diff --git a/library/asn1write.c b/library/asn1write.c index 8555767fe..dc6185413 100644 --- a/library/asn1write.c +++ b/library/asn1write.c @@ -60,8 +60,8 @@ int mbedtls_asn1_write_len( unsigned char **p, const unsigned char *start, size_ if( *p - start < 3 ) return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); - *--(*p) = MBEDTLS_CHAR_0( len ); - *--(*p) = MBEDTLS_CHAR_1( len ); + *--(*p) = MBEDTLS_BYTE_0( len ); + *--(*p) = MBEDTLS_BYTE_1( len ); *--(*p) = 0x82; return( 3 ); } @@ -71,9 +71,9 @@ int mbedtls_asn1_write_len( unsigned char **p, const unsigned char *start, size_ if( *p - start < 4 ) return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); - *--(*p) = MBEDTLS_CHAR_0( len ); - *--(*p) = MBEDTLS_CHAR_1( len ); - *--(*p) = MBEDTLS_CHAR_2( len ); + *--(*p) = MBEDTLS_BYTE_0( len ); + *--(*p) = MBEDTLS_BYTE_1( len ); + *--(*p) = MBEDTLS_BYTE_2( len ); *--(*p) = 0x83; return( 4 ); } @@ -85,10 +85,10 @@ int mbedtls_asn1_write_len( unsigned char **p, const unsigned char *start, size_ if( *p - start < 5 ) return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); - *--(*p) = MBEDTLS_CHAR_0( len ); - *--(*p) = MBEDTLS_CHAR_1( len ); - *--(*p) = MBEDTLS_CHAR_2( len ); - *--(*p) = MBEDTLS_CHAR_3( len ); + *--(*p) = MBEDTLS_BYTE_0( len ); + *--(*p) = MBEDTLS_BYTE_1( len ); + *--(*p) = MBEDTLS_BYTE_2( len ); + *--(*p) = MBEDTLS_BYTE_3( len ); *--(*p) = 0x84; return( 5 ); } diff --git a/library/ccm.c b/library/ccm.c index 95d90dc61..0188075f5 100644 --- a/library/ccm.c +++ b/library/ccm.c @@ -200,7 +200,7 @@ static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length, memcpy( b + 1, iv, iv_len ); for( i = 0, len_left = length; i < q; i++, len_left >>= 8 ) - b[15-i] = MBEDTLS_CHAR_0( len_left ); + b[15-i] = MBEDTLS_BYTE_0( len_left ); if( len_left > 0 ) return( MBEDTLS_ERR_CCM_BAD_INPUT ); @@ -221,8 +221,8 @@ static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length, src = add; memset( b, 0, 16 ); - b[0] = MBEDTLS_CHAR_1( add_len ); - b[1] = MBEDTLS_CHAR_0( add_len ); + b[0] = MBEDTLS_BYTE_1( add_len ); + b[1] = MBEDTLS_BYTE_0( add_len ); use_len = len_left < 16 - 2 ? len_left : 16 - 2; memcpy( b + 2, src, use_len ); diff --git a/library/common.h b/library/common.h index 28017f974..e0f8b99ba 100644 --- a/library/common.h +++ b/library/common.h @@ -25,6 +25,8 @@ #include "mbedtls/build_info.h" +#include + /** Helper to define a function as static except when building invasive tests. * * If a function is only used inside its own source file and should be @@ -72,19 +74,14 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c * Using MBEDTLS_BYTE_a will shift a*8 bits * to retrieve the next byte of information */ -#define MBEDTLS_BYTE_0( x ) ( (uint8_t) ( ( x ) & 0xff ) ) +#define MBEDTLS_BYTE_0( x ) ( (uint8_t) ( ( x ) & 0xff ) ) #define MBEDTLS_BYTE_1( x ) ( (uint8_t) ( ( ( x ) >> 8 ) & 0xff ) ) #define MBEDTLS_BYTE_2( x ) ( (uint8_t) ( ( ( x ) >> 16 ) & 0xff ) ) #define MBEDTLS_BYTE_3( x ) ( (uint8_t) ( ( ( x ) >> 24 ) & 0xff ) ) - -#define MBEDTLS_CHAR_0( x ) ( (unsigned char) ( ( x ) & 0xff ) ) -#define MBEDTLS_CHAR_1( x ) ( (unsigned char) ( ( ( x ) >> 8 ) & 0xff ) ) -#define MBEDTLS_CHAR_2( x ) ( (unsigned char) ( ( ( x ) >> 16 ) & 0xff ) ) -#define MBEDTLS_CHAR_3( x ) ( (unsigned char) ( ( ( x ) >> 24 ) & 0xff ) ) -#define MBEDTLS_CHAR_4( x ) ( (unsigned char) ( ( ( x ) >> 32 ) & 0xff ) ) -#define MBEDTLS_CHAR_5( x ) ( (unsigned char) ( ( ( x ) >> 40 ) & 0xff ) ) -#define MBEDTLS_CHAR_6( x ) ( (unsigned char) ( ( ( x ) >> 48 ) & 0xff ) ) -#define MBEDTLS_CHAR_7( x ) ( (unsigned char) ( ( ( x ) >> 56 ) & 0xff ) ) +#define MBEDTLS_BYTE_4( x ) ( (uint8_t) ( ( ( x ) >> 32 ) & 0xff ) ) +#define MBEDTLS_BYTE_5( x ) ( (uint8_t) ( ( ( x ) >> 40 ) & 0xff ) ) +#define MBEDTLS_BYTE_6( x ) ( (uint8_t) ( ( ( x ) >> 48 ) & 0xff ) ) +#define MBEDTLS_BYTE_7( x ) ( (uint8_t) ( ( ( x ) >> 56 ) & 0xff ) ) /** * Get the unsigned 32 bits integer corresponding to four bytes in diff --git a/library/ecjpake.c b/library/ecjpake.c index 7305dfeee..a599b1ba4 100644 --- a/library/ecjpake.c +++ b/library/ecjpake.c @@ -180,10 +180,10 @@ static int ecjpake_write_len_point( unsigned char **p, if( ret != 0 ) return( ret ); - (*p)[0] = MBEDTLS_CHAR_3( len ); - (*p)[1] = MBEDTLS_CHAR_2( len ); - (*p)[2] = MBEDTLS_CHAR_1( len ); - (*p)[3] = MBEDTLS_CHAR_0( len ); + (*p)[0] = MBEDTLS_BYTE_3( len ); + (*p)[1] = MBEDTLS_BYTE_2( len ); + (*p)[2] = MBEDTLS_BYTE_1( len ); + (*p)[3] = MBEDTLS_BYTE_0( len ); *p += 4 + len; @@ -223,10 +223,10 @@ static int ecjpake_hash( const mbedtls_md_info_t *md_info, if( end - p < 4 ) return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL ); - *p++ = MBEDTLS_CHAR_3( id_len ); - *p++ = MBEDTLS_CHAR_2( id_len ); - *p++ = MBEDTLS_CHAR_1( id_len ); - *p++ = MBEDTLS_CHAR_0( id_len ); + *p++ = MBEDTLS_BYTE_3( id_len ); + *p++ = MBEDTLS_BYTE_2( id_len ); + *p++ = MBEDTLS_BYTE_1( id_len ); + *p++ = MBEDTLS_BYTE_0( id_len ); if( end < p || (size_t)( end - p ) < id_len ) return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL ); @@ -366,7 +366,7 @@ static int ecjpake_zkp_write( const mbedtls_md_info_t *md_info, goto cleanup; } - *(*p)++ = MBEDTLS_CHAR_0( len ); + *(*p)++ = MBEDTLS_BYTE_0( len ); MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &h, *p, len ) ); /* r */ *p += len; diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 7d65479ef..9e0db96c4 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -136,18 +136,18 @@ static int ssl_write_hostname_ext( mbedtls_ssl_context *ssl, * } ServerNameList; * */ - *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_SERVERNAME ); - *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_SERVERNAME ); + *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_SERVERNAME ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_SERVERNAME ); - *p++ = MBEDTLS_CHAR_1( hostname_len + 5); - *p++ = MBEDTLS_CHAR_0( hostname_len + 5); + *p++ = MBEDTLS_BYTE_1( hostname_len + 5); + *p++ = MBEDTLS_BYTE_0( hostname_len + 5); - *p++ = MBEDTLS_CHAR_1( hostname_len + 3 ); - *p++ = MBEDTLS_CHAR_0( hostname_len + 3 ); + *p++ = MBEDTLS_BYTE_1( hostname_len + 3 ); + *p++ = MBEDTLS_BYTE_0( hostname_len + 3 ); - *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_SERVERNAME_HOSTNAME ); - *p++ = MBEDTLS_CHAR_1( hostname_len ); - *p++ = MBEDTLS_CHAR_0( hostname_len ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_SERVERNAME_HOSTNAME ); + *p++ = MBEDTLS_BYTE_1( hostname_len ); + *p++ = MBEDTLS_BYTE_0( hostname_len ); memcpy( p, ssl->hostname, hostname_len ); @@ -181,12 +181,12 @@ static int ssl_write_renegotiation_ext( mbedtls_ssl_context *ssl, /* * Secure renegotiation */ - *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ); - *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ); + *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ); *p++ = 0x00; - *p++ = MBEDTLS_CHAR_0( ssl->verify_data_len + 1 ); - *p++ = MBEDTLS_CHAR_0( ssl->verify_data_len ); + *p++ = MBEDTLS_BYTE_0( ssl->verify_data_len + 1 ); + *p++ = MBEDTLS_BYTE_0( ssl->verify_data_len ); memcpy( p, ssl->own_verify_data, ssl->verify_data_len ); @@ -281,14 +281,14 @@ static int ssl_write_signature_algorithms_ext( mbedtls_ssl_context *ssl, * SignatureAndHashAlgorithm * supported_signature_algorithms<2..2^16-2>; */ - *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_SIG_ALG ); - *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_SIG_ALG ); + *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_SIG_ALG ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_SIG_ALG ); - *p++ = MBEDTLS_CHAR_1( sig_alg_len + 2 ); - *p++ = MBEDTLS_CHAR_0( sig_alg_len + 2 ); + *p++ = MBEDTLS_BYTE_1( sig_alg_len + 2 ); + *p++ = MBEDTLS_BYTE_0( sig_alg_len + 2 ); - *p++ = MBEDTLS_CHAR_1( sig_alg_len ); - *p++ = MBEDTLS_CHAR_0( sig_alg_len ); + *p++ = MBEDTLS_BYTE_1( sig_alg_len ); + *p++ = MBEDTLS_BYTE_0( sig_alg_len ); *olen = 6 + sig_alg_len; @@ -356,14 +356,14 @@ static int ssl_write_supported_elliptic_curves_ext( mbedtls_ssl_context *ssl, elliptic_curve_list[elliptic_curve_len++] = info->tls_id & 0xFF; } - *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES ); - *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES ); + *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES ); - *p++ = MBEDTLS_CHAR_1( elliptic_curve_len + 2 ); - *p++ = MBEDTLS_CHAR_0( elliptic_curve_len + 2 ); + *p++ = MBEDTLS_BYTE_1( elliptic_curve_len + 2 ); + *p++ = MBEDTLS_BYTE_0( elliptic_curve_len + 2 ); - *p++ = MBEDTLS_CHAR_1( elliptic_curve_len ); - *p++ = MBEDTLS_CHAR_0( elliptic_curve_len ); + *p++ = MBEDTLS_BYTE_1( elliptic_curve_len ); + *p++ = MBEDTLS_BYTE_0( elliptic_curve_len ); *olen = 6 + elliptic_curve_len; @@ -384,8 +384,8 @@ static int ssl_write_supported_point_formats_ext( mbedtls_ssl_context *ssl, ( "client hello, adding supported_point_formats extension" ) ); MBEDTLS_SSL_CHK_BUF_PTR( p, end, 6 ); - *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ); - *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ); + *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ); *p++ = 0x00; *p++ = 2; @@ -421,8 +421,8 @@ static int ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_CHK_BUF_PTR( p, end, 4 ); - *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ); - *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ); + *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ); /* * We may need to send ClientHello multiple times for Hello verification. @@ -464,8 +464,8 @@ static int ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl, memcpy( p + 2, ssl->handshake->ecjpake_cache, kkpp_len ); } - *p++ = MBEDTLS_CHAR_1( kkpp_len ); - *p++ = MBEDTLS_CHAR_0( kkpp_len ); + *p++ = MBEDTLS_BYTE_1( kkpp_len ); + *p++ = MBEDTLS_BYTE_0( kkpp_len ); *olen = kkpp_len + 4; @@ -504,11 +504,11 @@ static int ssl_write_cid_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_CHK_BUF_PTR( p, end, (unsigned)( ssl->own_cid_len + 5 ) ); /* Add extension ID + size */ - *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_CID ); - *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_CID ); + *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_CID ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_CID ); ext_len = (size_t) ssl->own_cid_len + 1; - *p++ = MBEDTLS_CHAR_1( ext_len ); - *p++ = MBEDTLS_CHAR_0( ext_len ); + *p++ = MBEDTLS_BYTE_1( ext_len ); + *p++ = MBEDTLS_BYTE_0( ext_len ); *p++ = (uint8_t) ssl->own_cid_len; memcpy( p, ssl->own_cid, ssl->own_cid_len ); @@ -537,8 +537,8 @@ static int ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_CHK_BUF_PTR( p, end, 5 ); - *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ); - *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ); + *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ); *p++ = 0x00; *p++ = 1; @@ -569,8 +569,8 @@ static int ssl_write_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_CHK_BUF_PTR( p, end, 4 ); - *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ); - *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ); + *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ); *p++ = 0x00; *p++ = 0x00; @@ -599,8 +599,8 @@ static int ssl_write_extended_ms_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_CHK_BUF_PTR( p, end, 4 ); - *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ); - *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ); + *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ); *p++ = 0x00; *p++ = 0x00; @@ -631,11 +631,11 @@ static int ssl_write_session_ticket_ext( mbedtls_ssl_context *ssl, /* The addition is safe here since the ticket length is 16 bit. */ MBEDTLS_SSL_CHK_BUF_PTR( p, end, 4 + tlen ); - *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_SESSION_TICKET ); - *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_SESSION_TICKET ); + *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_SESSION_TICKET ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_SESSION_TICKET ); - *p++ = MBEDTLS_CHAR_1( tlen ); - *p++ = MBEDTLS_CHAR_0( tlen ); + *p++ = MBEDTLS_BYTE_1( tlen ); + *p++ = MBEDTLS_BYTE_0( tlen ); *olen = 4; @@ -675,8 +675,8 @@ static int ssl_write_alpn_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_CHK_BUF_PTR( p, end, 6 + alpnlen ); - *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_ALPN ); - *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_ALPN ); + *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_ALPN ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_ALPN ); /* * opaque ProtocolName<1..2^8-1>; @@ -703,12 +703,12 @@ static int ssl_write_alpn_ext( mbedtls_ssl_context *ssl, *olen = p - buf; /* List length = olen - 2 (ext_type) - 2 (ext_len) - 2 (list_len) */ - buf[4] = MBEDTLS_CHAR_1( *olen - 6 ); - buf[5] = MBEDTLS_CHAR_0( *olen - 6 ); + buf[4] = MBEDTLS_BYTE_1( *olen - 6 ); + buf[5] = MBEDTLS_BYTE_0( *olen - 6 ); /* Extension length = olen - 2 (ext_type) - 2 (ext_len) */ - buf[2] = MBEDTLS_CHAR_1( *olen - 4 ); - buf[3] = MBEDTLS_CHAR_0( *olen - 4 ); + buf[2] = MBEDTLS_BYTE_1( *olen - 4 ); + buf[3] = MBEDTLS_BYTE_0( *olen - 4 ); return( 0 ); } @@ -760,12 +760,12 @@ static int ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, */ MBEDTLS_SSL_CHK_BUF_PTR( p, end, ext_len + 4 ); - *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_USE_SRTP ); - *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_USE_SRTP ); + *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_USE_SRTP ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_USE_SRTP ); - *p++ = MBEDTLS_CHAR_1( ext_len & 0xFF00 ); - *p++ = MBEDTLS_CHAR_0( ext_len ); + *p++ = MBEDTLS_BYTE_1( ext_len & 0xFF00 ); + *p++ = MBEDTLS_BYTE_0( ext_len ); /* protection profile length: 2*(ssl->conf->dtls_srtp_profile_list_len) */ /* micro-optimization: @@ -776,7 +776,7 @@ static int ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, * >> 8 ) & 0xFF ); */ *p++ = 0; - *p++ = MBEDTLS_CHAR_0( 2 * ssl->conf->dtls_srtp_profile_list_len ); + *p++ = MBEDTLS_BYTE_0( 2 * ssl->conf->dtls_srtp_profile_list_len ); for( protection_profiles_index=0; protection_profiles_index < ssl->conf->dtls_srtp_profile_list_len; @@ -1323,8 +1323,8 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl ) { /* No need to check for space here, because the extension * writing functions already took care of that. */ - *p++ = MBEDTLS_CHAR_1( ext_len ); - *p++ = MBEDTLS_CHAR_0( ext_len ); + *p++ = MBEDTLS_BYTE_1( ext_len ); + *p++ = MBEDTLS_BYTE_0( ext_len ); p += ext_len; } diff --git a/library/ssl_msg.c b/library/ssl_msg.c index e0c50bcce..989c59874 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -2481,8 +2481,8 @@ int mbedtls_ssl_write_handshake_msg_ext( mbedtls_ssl_context *ssl, /* Write message_seq and update it, except for HelloRequest */ if( hs_type != MBEDTLS_SSL_HS_HELLO_REQUEST ) { - ssl->out_msg[4] = MBEDTLS_CHAR_1( ssl->handshake->out_msg_seq ); - ssl->out_msg[5] = MBEDTLS_CHAR_0( ssl->handshake->out_msg_seq ); + ssl->out_msg[4] = MBEDTLS_BYTE_1( ssl->handshake->out_msg_seq ); + ssl->out_msg[5] = MBEDTLS_BYTE_0( ssl->handshake->out_msg_seq ); ++( ssl->handshake->out_msg_seq ); } else diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 253ab5695..96b08ab8f 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -1971,11 +1971,11 @@ static void ssl_write_cid_ext( mbedtls_ssl_context *ssl, * } ConnectionId; */ - *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_CID ); - *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_CID ); + *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_CID ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_CID ); ext_len = (size_t) ssl->own_cid_len + 1; - *p++ = MBEDTLS_CHAR_1( ext_len ); - *p++ = MBEDTLS_CHAR_0( ext_len ); + *p++ = MBEDTLS_BYTE_1( ext_len ); + *p++ = MBEDTLS_BYTE_0( ext_len ); *p++ = (uint8_t) ssl->own_cid_len; memcpy( p, ssl->own_cid, ssl->own_cid_len ); @@ -2016,8 +2016,8 @@ static void ssl_write_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding encrypt then mac extension" ) ); - *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ); - *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ); + *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ); *p++ = 0x00; *p++ = 0x00; @@ -2042,8 +2042,8 @@ static void ssl_write_extended_ms_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding extended master secret " "extension" ) ); - *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ); - *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ); + *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ); *p++ = 0x00; *p++ = 0x00; @@ -2067,8 +2067,8 @@ static void ssl_write_session_ticket_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding session ticket extension" ) ); - *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_SESSION_TICKET ); - *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_SESSION_TICKET ); + *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_SESSION_TICKET ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_SESSION_TICKET ); *p++ = 0x00; *p++ = 0x00; @@ -2091,8 +2091,8 @@ static void ssl_write_renegotiation_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, secure renegotiation extension" ) ); - *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ); - *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ); + *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ); #if defined(MBEDTLS_SSL_RENEGOTIATION) if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE ) @@ -2132,8 +2132,8 @@ static void ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, max_fragment_length extension" ) ); - *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ); - *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ); + *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ); *p++ = 0x00; *p++ = 1; @@ -2162,8 +2162,8 @@ static void ssl_write_supported_point_formats_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, supported_point_formats extension" ) ); - *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ); - *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ); + *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ); *p++ = 0x00; *p++ = 2; @@ -2200,8 +2200,8 @@ static void ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl, return; } - *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ); - *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ); + *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ); ret = mbedtls_ecjpake_write_round_one( &ssl->handshake->ecjpake_ctx, p + 2, end - p - 2, &kkpp_len, @@ -2212,8 +2212,8 @@ static void ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl, return; } - *p++ = MBEDTLS_CHAR_1( kkpp_len ); - *p++ = MBEDTLS_CHAR_0( kkpp_len ); + *p++ = MBEDTLS_BYTE_1( kkpp_len ); + *p++ = MBEDTLS_BYTE_0( kkpp_len ); *olen = kkpp_len + 4; } @@ -2238,18 +2238,18 @@ static void ssl_write_alpn_ext( mbedtls_ssl_context *ssl, * 6 . 6 protocol name length * 7 . 7+n protocol name */ - buf[0] = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_ALPN ); - buf[1] = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_ALPN ); + buf[0] = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_ALPN ); + buf[1] = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_ALPN ); *olen = 7 + strlen( ssl->alpn_chosen ); - buf[2] = MBEDTLS_CHAR_1( *olen - 4 ); - buf[3] = MBEDTLS_CHAR_0( *olen - 4 ); + buf[2] = MBEDTLS_BYTE_1( *olen - 4 ); + buf[3] = MBEDTLS_BYTE_0( *olen - 4 ); - buf[4] = MBEDTLS_CHAR_1( *olen - 6 ); - buf[5] = MBEDTLS_CHAR_0( *olen - 6 ); + buf[4] = MBEDTLS_BYTE_1( *olen - 6 ); + buf[5] = MBEDTLS_BYTE_0( *olen - 6 ); - buf[6] = MBEDTLS_CHAR_0( *olen - 7 ); + buf[6] = MBEDTLS_BYTE_0( *olen - 7 ); memcpy( buf + 7, ssl->alpn_chosen, *olen - 7 ); } @@ -2294,15 +2294,15 @@ static void ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, } /* extension */ - buf[0] = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_USE_SRTP ); - buf[1] = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_USE_SRTP ); + buf[0] = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_USE_SRTP ); + buf[1] = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_USE_SRTP ); /* * total length 5 and mki value: only one profile(2 bytes) * and length(2 bytes) and srtp_mki ) */ ext_len = 5 + mki_len; - buf[2] = MBEDTLS_CHAR_1( ext_len ); - buf[3] = MBEDTLS_CHAR_0( ext_len ); + buf[2] = MBEDTLS_BYTE_1( ext_len ); + buf[3] = MBEDTLS_BYTE_0( ext_len ); /* protection profile length: 2 */ buf[4] = 0x00; @@ -2311,8 +2311,8 @@ static void ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, ssl->dtls_srtp_info.chosen_dtls_srtp_profile ); if( profile_value != MBEDTLS_TLS_SRTP_UNSET ) { - buf[6] = MBEDTLS_CHAR_1( profile_value ); - buf[7] = MBEDTLS_CHAR_0( profile_value ); + buf[6] = MBEDTLS_BYTE_1( profile_value ); + buf[7] = MBEDTLS_BYTE_0( profile_value ); } else { @@ -2648,8 +2648,8 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl ) if( ext_len > 0 ) { - *p++ = MBEDTLS_CHAR_1( ext_len ); - *p++ = MBEDTLS_CHAR_0( ext_len ); + *p++ = MBEDTLS_BYTE_1( ext_len ); + *p++ = MBEDTLS_BYTE_0( ext_len ); p += ext_len; } @@ -3478,8 +3478,8 @@ static int ssl_decrypt_encrypted_pms( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } - if( *p++ != MBEDTLS_CHAR_1( len ) || - *p++ != MBEDTLS_CHAR_0( len ) ) + if( *p++ != MBEDTLS_BYTE_1( len ) || + *p++ != MBEDTLS_BYTE_0( len ) ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); return( MBEDTLS_ERR_SSL_DECODE_ERROR ); @@ -4223,13 +4223,13 @@ static int ssl_write_new_session_ticket( mbedtls_ssl_context *ssl ) tlen = 0; } - ssl->out_msg[4] = MBEDTLS_CHAR_3( lifetime ); - ssl->out_msg[5] = MBEDTLS_CHAR_2( lifetime ); - ssl->out_msg[6] = MBEDTLS_CHAR_1( lifetime ); - ssl->out_msg[7] = MBEDTLS_CHAR_0( lifetime ); + ssl->out_msg[4] = MBEDTLS_BYTE_3( lifetime ); + ssl->out_msg[5] = MBEDTLS_BYTE_2( lifetime ); + ssl->out_msg[6] = MBEDTLS_BYTE_1( lifetime ); + ssl->out_msg[7] = MBEDTLS_BYTE_0( lifetime ); - ssl->out_msg[8] = MBEDTLS_CHAR_1( tlen ); - ssl->out_msg[9] = MBEDTLS_CHAR_0( tlen ); + ssl->out_msg[8] = MBEDTLS_BYTE_1( tlen ); + ssl->out_msg[9] = MBEDTLS_BYTE_0( tlen ); ssl->out_msglen = 10 + tlen; diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 0655dc57e..381eb9e03 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -4582,8 +4582,8 @@ static unsigned char ssl_serialized_session_header[] = { MBEDTLS_VERSION_MAJOR, MBEDTLS_VERSION_MINOR, MBEDTLS_VERSION_PATCH, - MBEDTLS_CHAR_1( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG ), - MBEDTLS_CHAR_0( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG ), + MBEDTLS_BYTE_1( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG ), + MBEDTLS_BYTE_0( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG ), }; /* @@ -4664,14 +4664,14 @@ static size_t ssl_session_save_tls12( const mbedtls_ssl_session *session, { start = (uint64_t) session->start; - *p++ = MBEDTLS_CHAR_7( start ); - *p++ = MBEDTLS_CHAR_6( start ); - *p++ = MBEDTLS_CHAR_5( start ); - *p++ = MBEDTLS_CHAR_4( start ); - *p++ = MBEDTLS_CHAR_3( start ); - *p++ = MBEDTLS_CHAR_2( start ); - *p++ = MBEDTLS_CHAR_1( start ); - *p++ = MBEDTLS_CHAR_0( start ); + *p++ = MBEDTLS_BYTE_7( start ); + *p++ = MBEDTLS_BYTE_6( start ); + *p++ = MBEDTLS_BYTE_5( start ); + *p++ = MBEDTLS_BYTE_4( start ); + *p++ = MBEDTLS_BYTE_3( start ); + *p++ = MBEDTLS_BYTE_2( start ); + *p++ = MBEDTLS_BYTE_1( start ); + *p++ = MBEDTLS_BYTE_0( start ); } #endif /* MBEDTLS_HAVE_TIME */ @@ -4687,22 +4687,22 @@ static size_t ssl_session_save_tls12( const mbedtls_ssl_session *session, if( used <= buf_len ) { - *p++ = MBEDTLS_CHAR_1( session->ciphersuite ); - *p++ = MBEDTLS_CHAR_0( session->ciphersuite ); + *p++ = MBEDTLS_BYTE_1( session->ciphersuite ); + *p++ = MBEDTLS_BYTE_0( session->ciphersuite ); - *p++ = MBEDTLS_CHAR_0( session->compression ); + *p++ = MBEDTLS_BYTE_0( session->compression ); - *p++ = MBEDTLS_CHAR_0( session->id_len ); + *p++ = MBEDTLS_BYTE_0( session->id_len ); memcpy( p, session->id, 32 ); p += 32; memcpy( p, session->master, 48 ); p += 48; - *p++ = MBEDTLS_CHAR_3( session->verify_result ); - *p++ = MBEDTLS_CHAR_2( session->verify_result ); - *p++ = MBEDTLS_CHAR_1( session->verify_result ); - *p++ = MBEDTLS_CHAR_0( session->verify_result ); + *p++ = MBEDTLS_BYTE_3( session->verify_result ); + *p++ = MBEDTLS_BYTE_2( session->verify_result ); + *p++ = MBEDTLS_BYTE_1( session->verify_result ); + *p++ = MBEDTLS_BYTE_0( session->verify_result ); } /* @@ -4719,9 +4719,9 @@ static size_t ssl_session_save_tls12( const mbedtls_ssl_session *session, if( used <= buf_len ) { - *p++ = MBEDTLS_CHAR_2( cert_len ); - *p++ = MBEDTLS_CHAR_1( cert_len ); - *p++ = MBEDTLS_CHAR_0( cert_len ); + *p++ = MBEDTLS_BYTE_2( cert_len ); + *p++ = MBEDTLS_BYTE_1( cert_len ); + *p++ = MBEDTLS_BYTE_0( cert_len ); if( session->peer_cert != NULL ) { @@ -4762,9 +4762,9 @@ static size_t ssl_session_save_tls12( const mbedtls_ssl_session *session, if( used <= buf_len ) { - *p++ = MBEDTLS_CHAR_2( session->ticket_len ); - *p++ = MBEDTLS_CHAR_1( session->ticket_len ); - *p++ = MBEDTLS_CHAR_0( session->ticket_len ); + *p++ = MBEDTLS_BYTE_2( session->ticket_len ); + *p++ = MBEDTLS_BYTE_1( session->ticket_len ); + *p++ = MBEDTLS_BYTE_0( session->ticket_len ); if( session->ticket != NULL ) { @@ -4772,10 +4772,10 @@ static size_t ssl_session_save_tls12( const mbedtls_ssl_session *session, p += session->ticket_len; } - *p++ = MBEDTLS_CHAR_3( session->ticket_lifetime ); - *p++ = MBEDTLS_CHAR_2( session->ticket_lifetime ); - *p++ = MBEDTLS_CHAR_1( session->ticket_lifetime ); - *p++ = MBEDTLS_CHAR_0( session->ticket_lifetime ); + *p++ = MBEDTLS_BYTE_3( session->ticket_lifetime ); + *p++ = MBEDTLS_BYTE_2( session->ticket_lifetime ); + *p++ = MBEDTLS_BYTE_1( session->ticket_lifetime ); + *p++ = MBEDTLS_BYTE_0( session->ticket_lifetime ); } #endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */ @@ -4793,7 +4793,7 @@ static size_t ssl_session_save_tls12( const mbedtls_ssl_session *session, used += 1; if( used <= buf_len ) - *p++ = MBEDTLS_CHAR_0( session->encrypt_then_mac ); + *p++ = MBEDTLS_BYTE_0( session->encrypt_then_mac ); #endif return( used ); @@ -5568,11 +5568,11 @@ static unsigned char ssl_serialized_context_header[] = { MBEDTLS_VERSION_MAJOR, MBEDTLS_VERSION_MINOR, MBEDTLS_VERSION_PATCH, - MBEDTLS_CHAR_1( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG ), - MBEDTLS_CHAR_0( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG ), - MBEDTLS_CHAR_2( SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG ), - MBEDTLS_CHAR_1( SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG ), - MBEDTLS_CHAR_0( SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG ), + MBEDTLS_BYTE_1( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG ), + MBEDTLS_BYTE_0( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG ), + MBEDTLS_BYTE_2( SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG ), + MBEDTLS_BYTE_1( SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG ), + MBEDTLS_BYTE_0( SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG ), }; /* @@ -5713,10 +5713,10 @@ int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl, used += 4 + session_len; if( used <= buf_len ) { - *p++ = MBEDTLS_CHAR_3( session_len ); - *p++ = MBEDTLS_CHAR_2( session_len ); - *p++ = MBEDTLS_CHAR_1( session_len ); - *p++ = MBEDTLS_CHAR_0( session_len ); + *p++ = MBEDTLS_BYTE_3( session_len ); + *p++ = MBEDTLS_BYTE_2( session_len ); + *p++ = MBEDTLS_BYTE_1( session_len ); + *p++ = MBEDTLS_BYTE_0( session_len ); ret = ssl_session_save( ssl->session, 1, p, session_len, &session_len ); @@ -5757,33 +5757,33 @@ int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl, used += 4; if( used <= buf_len ) { - *p++ = MBEDTLS_CHAR_3( ssl->badmac_seen ); - *p++ = MBEDTLS_CHAR_2( ssl->badmac_seen ); - *p++ = MBEDTLS_CHAR_1( ssl->badmac_seen ); - *p++ = MBEDTLS_CHAR_0( ssl->badmac_seen ); + *p++ = MBEDTLS_BYTE_3( ssl->badmac_seen ); + *p++ = MBEDTLS_BYTE_2( ssl->badmac_seen ); + *p++ = MBEDTLS_BYTE_1( ssl->badmac_seen ); + *p++ = MBEDTLS_BYTE_0( ssl->badmac_seen ); } #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) used += 16; if( used <= buf_len ) { - *p++ = MBEDTLS_CHAR_7( ssl->in_window_top ); - *p++ = MBEDTLS_CHAR_6( ssl->in_window_top ); - *p++ = MBEDTLS_CHAR_5( ssl->in_window_top ); - *p++ = MBEDTLS_CHAR_4( ssl->in_window_top ); - *p++ = MBEDTLS_CHAR_3( ssl->in_window_top ); - *p++ = MBEDTLS_CHAR_2( ssl->in_window_top ); - *p++ = MBEDTLS_CHAR_1( ssl->in_window_top ); - *p++ = MBEDTLS_CHAR_0( ssl->in_window_top ); + *p++ = MBEDTLS_BYTE_7( ssl->in_window_top ); + *p++ = MBEDTLS_BYTE_6( ssl->in_window_top ); + *p++ = MBEDTLS_BYTE_5( ssl->in_window_top ); + *p++ = MBEDTLS_BYTE_4( ssl->in_window_top ); + *p++ = MBEDTLS_BYTE_3( ssl->in_window_top ); + *p++ = MBEDTLS_BYTE_2( ssl->in_window_top ); + *p++ = MBEDTLS_BYTE_1( ssl->in_window_top ); + *p++ = MBEDTLS_BYTE_0( ssl->in_window_top ); - *p++ = MBEDTLS_CHAR_7( ssl->in_window ); - *p++ = MBEDTLS_CHAR_6( ssl->in_window ); - *p++ = MBEDTLS_CHAR_5( ssl->in_window ); - *p++ = MBEDTLS_CHAR_4( ssl->in_window ); - *p++ = MBEDTLS_CHAR_3( ssl->in_window ); - *p++ = MBEDTLS_CHAR_2( ssl->in_window ); - *p++ = MBEDTLS_CHAR_1( ssl->in_window ); - *p++ = MBEDTLS_CHAR_0( ssl->in_window ); + *p++ = MBEDTLS_BYTE_7( ssl->in_window ); + *p++ = MBEDTLS_BYTE_6( ssl->in_window ); + *p++ = MBEDTLS_BYTE_5( ssl->in_window ); + *p++ = MBEDTLS_BYTE_4( ssl->in_window ); + *p++ = MBEDTLS_BYTE_3( ssl->in_window ); + *p++ = MBEDTLS_BYTE_2( ssl->in_window ); + *p++ = MBEDTLS_BYTE_1( ssl->in_window ); + *p++ = MBEDTLS_BYTE_0( ssl->in_window ); } #endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */ @@ -5806,8 +5806,8 @@ int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl, used += 2; if( used <= buf_len ) { - *p++ = MBEDTLS_CHAR_1( ssl->mtu ); - *p++ = MBEDTLS_CHAR_0( ssl->mtu ); + *p++ = MBEDTLS_BYTE_1( ssl->mtu ); + *p++ = MBEDTLS_BYTE_0( ssl->mtu ); } #endif /* MBEDTLS_SSL_PROTO_DTLS */ diff --git a/library/ssl_tls13_keys.c b/library/ssl_tls13_keys.c index 9e629cb0b..7aec21dff 100644 --- a/library/ssl_tls13_keys.c +++ b/library/ssl_tls13_keys.c @@ -113,17 +113,17 @@ static void ssl_tls1_3_hkdf_encode_label( #endif *p++ = 0; - *p++ = MBEDTLS_CHAR_0( desired_length ); + *p++ = MBEDTLS_BYTE_0( desired_length ); /* Add label incl. prefix */ - *p++ = MBEDTLS_CHAR_0( total_label_len ); + *p++ = MBEDTLS_BYTE_0( total_label_len ); memcpy( p, tls1_3_label_prefix, sizeof(tls1_3_label_prefix) ); p += sizeof(tls1_3_label_prefix); memcpy( p, label, llen ); p += llen; /* Add context value */ - *p++ = MBEDTLS_CHAR_0( clen ); + *p++ = MBEDTLS_BYTE_0( clen ); if( clen != 0 ) memcpy( p, ctx, clen ); From 99edd6c8105740b58ad3261da7ed47c42658b36e Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Fri, 16 Jul 2021 12:29:49 +0100 Subject: [PATCH 68/81] Add UINT64 GET and PUT macros Copy over the GET/PUT_UINT64_LE/BE macros from aes.c and sha512.c Add the MBEDTLS_ prefix to all 4 macros. Modify the GET_UINT64 macros to no longer take a target variable as a parameter, so when the macro function is called it must be assigned to a variable in the same statement. Signed-off-by: Joe Subbiani --- library/aes.c | 37 +++----------------- library/common.h | 91 ++++++++++++++++++++++++++++++++++++++++++++++++ library/sha512.c | 39 +++------------------ 3 files changed, 99 insertions(+), 68 deletions(-) diff --git a/library/aes.c b/library/aes.c index 1eb3e204d..8e3358c49 100644 --- a/library/aes.c +++ b/library/aes.c @@ -1074,35 +1074,6 @@ int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx, #if defined(MBEDTLS_CIPHER_MODE_XTS) -/* Endianess with 64 bits values */ -#ifndef GET_UINT64_LE -#define GET_UINT64_LE(n,b,i) \ -{ \ - (n) = ( (uint64_t) (b)[(i) + 7] << 56 ) \ - | ( (uint64_t) (b)[(i) + 6] << 48 ) \ - | ( (uint64_t) (b)[(i) + 5] << 40 ) \ - | ( (uint64_t) (b)[(i) + 4] << 32 ) \ - | ( (uint64_t) (b)[(i) + 3] << 24 ) \ - | ( (uint64_t) (b)[(i) + 2] << 16 ) \ - | ( (uint64_t) (b)[(i) + 1] << 8 ) \ - | ( (uint64_t) (b)[(i) ] ); \ -} -#endif - -#ifndef PUT_UINT64_LE -#define PUT_UINT64_LE(n,b,i) \ -{ \ - (b)[(i) + 7] = (unsigned char) ( (n) >> 56 ); \ - (b)[(i) + 6] = (unsigned char) ( (n) >> 48 ); \ - (b)[(i) + 5] = (unsigned char) ( (n) >> 40 ); \ - (b)[(i) + 4] = (unsigned char) ( (n) >> 32 ); \ - (b)[(i) + 3] = (unsigned char) ( (n) >> 24 ); \ - (b)[(i) + 2] = (unsigned char) ( (n) >> 16 ); \ - (b)[(i) + 1] = (unsigned char) ( (n) >> 8 ); \ - (b)[(i) ] = (unsigned char) ( (n) ); \ -} -#endif - typedef unsigned char mbedtls_be128[16]; /* @@ -1118,14 +1089,14 @@ static void mbedtls_gf128mul_x_ble( unsigned char r[16], { uint64_t a, b, ra, rb; - GET_UINT64_LE( a, x, 0 ); - GET_UINT64_LE( b, x, 8 ); + a = MBEDTLS_GET_UINT64_LE( x, 0 ); + b = MBEDTLS_GET_UINT64_LE( x, 8 ); ra = ( a << 1 ) ^ 0x0087 >> ( 8 - ( ( b >> 63 ) << 3 ) ); rb = ( a >> 63 ) | ( b << 1 ); - PUT_UINT64_LE( ra, r, 0 ); - PUT_UINT64_LE( rb, r, 8 ); + MBEDTLS_PUT_UINT64_LE( ra, r, 0 ); + MBEDTLS_PUT_UINT64_LE( rb, r, 8 ); } /* diff --git a/library/common.h b/library/common.h index e0f8b99ba..ce2f04007 100644 --- a/library/common.h +++ b/library/common.h @@ -193,5 +193,96 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c } #endif +/** + * Get the unsigned 64 bits integer corresponding to eight bytes in + * big-endian order (MSB first). + * + * \param data Base address of the memory to get the eight bytes from. + * \param offset Offset from \p base of the first and most significant + * byte of the eight bytes to build the 64 bits unsigned + * integer from. + */ +#ifndef MBEDTLS_GET_UINT64_BE +#define MBEDTLS_GET_UINT64_BE( data, offset ) \ + ( \ + ( (uint64_t) ( data )[( offset ) ] << 56 ) \ + | ( (uint64_t) ( data )[( offset ) + 1] << 48 ) \ + | ( (uint64_t) ( data )[( offset ) + 2] << 40 ) \ + | ( (uint64_t) ( data )[( offset ) + 3] << 32 ) \ + | ( (uint64_t) ( data )[( offset ) + 4] << 24 ) \ + | ( (uint64_t) ( data )[( offset ) + 5] << 16 ) \ + | ( (uint64_t) ( data )[( offset ) + 6] << 8 ) \ + | ( (uint64_t) ( data )[( offset ) + 7] ) \ + ) +#endif + +/** + * Put in memory a 64 bits unsigned integer in big-endian order. + * + * \param n 64 bits unsigned integer to put in memory. + * \param data Base address of the memory where to put the 64 + * bits unsigned integer in. + * \param offset Offset from \p base where to put the most significant + * byte of the 64 bits unsigned integer \p n. + */ +#ifndef MBEDTLS_PUT_UINT64_BE +#define MBEDTLS_PUT_UINT64_BE( n, data, offset ) \ +{ \ + ( data )[( offset ) ] = (unsigned char) ( (n) >> 56 ); \ + ( data )[( offset ) + 1] = (unsigned char) ( (n) >> 48 ); \ + ( data )[( offset ) + 2] = (unsigned char) ( (n) >> 40 ); \ + ( data )[( offset ) + 3] = (unsigned char) ( (n) >> 32 ); \ + ( data )[( offset ) + 4] = (unsigned char) ( (n) >> 24 ); \ + ( data )[( offset ) + 5] = (unsigned char) ( (n) >> 16 ); \ + ( data )[( offset ) + 6] = (unsigned char) ( (n) >> 8 ); \ + ( data )[( offset ) + 7] = (unsigned char) ( (n) ); \ +} +#endif + +/** + * Get the unsigned 64 bits integer corresponding to eight bytes in + * little-endian order (LSB first). + * + * \param data Base address of the memory to get the eight bytes from. + * \param offset Offset from \p base of the first and least significant + * byte of the eight bytes to build the 64 bits unsigned + * integer from. + */ +#ifndef MBEDTLS_GET_UINT64_LE +#define MBEDTLS_GET_UINT64_LE( data, offset ) \ + ( \ + ( (uint64_t) ( data )[( offset ) + 7] << 56 ) \ + | ( (uint64_t) ( data )[( offset ) + 6] << 48 ) \ + | ( (uint64_t) ( data )[( offset ) + 5] << 40 ) \ + | ( (uint64_t) ( data )[( offset ) + 4] << 32 ) \ + | ( (uint64_t) ( data )[( offset ) + 3] << 24 ) \ + | ( (uint64_t) ( data )[( offset ) + 2] << 16 ) \ + | ( (uint64_t) ( data )[( offset ) + 1] << 8 ) \ + | ( (uint64_t) ( data )[( offset ) ] ) \ + ) +#endif + +/** + * Put in memory a 64 bits unsigned integer in little-endian order. + * + * \param n 64 bits unsigned integer to put in memory. + * \param data Base address of the memory where to put the 64 + * bits unsigned integer in. + * \param offset Offset from \p base where to put the least significant + * byte of the 64 bits unsigned integer \p n. + */ +#ifndef MBEDTLS_PUT_UINT64_LE +#define MBEDTLS_PUT_UINT64_LE( n, data, offset ) \ +{ \ + ( data )[( offset ) + 7] = (unsigned char) ( (n) >> 56 ); \ + ( data )[( offset ) + 6] = (unsigned char) ( (n) >> 48 ); \ + ( data )[( offset ) + 5] = (unsigned char) ( (n) >> 40 ); \ + ( data )[( offset ) + 4] = (unsigned char) ( (n) >> 32 ); \ + ( data )[( offset ) + 3] = (unsigned char) ( (n) >> 24 ); \ + ( data )[( offset ) + 2] = (unsigned char) ( (n) >> 16 ); \ + ( data )[( offset ) + 1] = (unsigned char) ( (n) >> 8 ); \ + ( data )[( offset ) ] = (unsigned char) ( (n) ); \ +} +#endif #endif /* MBEDTLS_LIBRARY_COMMON_H */ diff --git a/library/sha512.c b/library/sha512.c index 6511c6e36..2b4cc547e 100644 --- a/library/sha512.c +++ b/library/sha512.c @@ -56,44 +56,13 @@ #if !defined(MBEDTLS_SHA512_ALT) -/* - * 64-bit integer manipulation macros (big endian) - */ -#ifndef GET_UINT64_BE -#define GET_UINT64_BE(n,b,i) \ -{ \ - (n) = ( (uint64_t) (b)[(i) ] << 56 ) \ - | ( (uint64_t) (b)[(i) + 1] << 48 ) \ - | ( (uint64_t) (b)[(i) + 2] << 40 ) \ - | ( (uint64_t) (b)[(i) + 3] << 32 ) \ - | ( (uint64_t) (b)[(i) + 4] << 24 ) \ - | ( (uint64_t) (b)[(i) + 5] << 16 ) \ - | ( (uint64_t) (b)[(i) + 6] << 8 ) \ - | ( (uint64_t) (b)[(i) + 7] ); \ -} -#endif /* GET_UINT64_BE */ - -#ifndef PUT_UINT64_BE -#define PUT_UINT64_BE(n,b,i) \ -{ \ - (b)[(i) ] = (unsigned char) ( (n) >> 56 ); \ - (b)[(i) + 1] = (unsigned char) ( (n) >> 48 ); \ - (b)[(i) + 2] = (unsigned char) ( (n) >> 40 ); \ - (b)[(i) + 3] = (unsigned char) ( (n) >> 32 ); \ - (b)[(i) + 4] = (unsigned char) ( (n) >> 24 ); \ - (b)[(i) + 5] = (unsigned char) ( (n) >> 16 ); \ - (b)[(i) + 6] = (unsigned char) ( (n) >> 8 ); \ - (b)[(i) + 7] = (unsigned char) ( (n) ); \ -} -#endif /* PUT_UINT64_BE */ - #if defined(MBEDTLS_SHA512_SMALLER) static void sha512_put_uint64_be( uint64_t n, unsigned char *b, uint8_t i ) { - PUT_UINT64_BE(n, b, i); + MBEDTLS_PUT_UINT64_BE(n, b, i); } #else -#define sha512_put_uint64_be PUT_UINT64_BE +#define sha512_put_uint64_be MBEDTLS_PUT_UINT64_BE #endif /* MBEDTLS_SHA512_SMALLER */ void mbedtls_sha512_init( mbedtls_sha512_context *ctx ) @@ -261,7 +230,7 @@ int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx, { if( i < 16 ) { - GET_UINT64_BE( local.W[i], data, i << 3 ); + local.W[i] = MBEDTLS_GET_UINT64_BE( data, i << 3 ); } else { @@ -281,7 +250,7 @@ int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx, #else /* MBEDTLS_SHA512_SMALLER */ for( i = 0; i < 16; i++ ) { - GET_UINT64_BE( local.W[i], data, i << 3 ); + local.W[i] = MBEDTLS_GET_UINT64_BE( data, i << 3 ); } for( ; i < 80; i++ ) From fbeb692dd09efbb5d81304637e490ad1a2208ce5 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Fri, 16 Jul 2021 14:27:50 +0100 Subject: [PATCH 69/81] Use byte reading macros in places not using a byte mask byte shifting opertations throughout library/ were only replaced with the byte reading macros when an 0xff mask was being used. The byte reading macros are now more widley used, however they have not been used in all cases of a byte shift operation, as it detracted from the immediate readability or otherwise did not seem appropriate. Signed-off-by: Joe Subbiani --- library/base64.c | 6 +++--- library/chacha20.c | 8 ++++---- library/chachapoly.c | 32 ++++++++++++++++---------------- library/dhm.c | 4 ++-- library/ecp.c | 4 ++-- library/pkcs12.c | 8 ++++---- library/poly1305.c | 36 ++++++++++++++++++------------------ library/ssl_cli.c | 40 ++++++++++++++++++++-------------------- library/ssl_cookie.c | 8 ++++---- library/ssl_msg.c | 28 ++++++++++++++-------------- library/ssl_srv.c | 30 +++++++++++++++--------------- library/ssl_tls.c | 28 ++++++++++++++-------------- library/x509write_crt.c | 4 ++-- 13 files changed, 118 insertions(+), 118 deletions(-) diff --git a/library/base64.c b/library/base64.c index 1a05226ef..9cf5dd41d 100644 --- a/library/base64.c +++ b/library/base64.c @@ -319,9 +319,9 @@ int mbedtls_base64_decode( unsigned char *dst, size_t dlen, size_t *olen, if( ++n == 4 ) { n = 0; - if( j > 0 ) *p++ = (unsigned char)( x >> 16 ); - if( j > 1 ) *p++ = (unsigned char)( x >> 8 ); - if( j > 2 ) *p++ = (unsigned char)( x ); + if( j > 0 ) *p++ = MBEDTLS_BYTE_2( x ); + if( j > 1 ) *p++ = MBEDTLS_BYTE_1( x ); + if( j > 2 ) *p++ = MBEDTLS_BYTE_0( x ); } } diff --git a/library/chacha20.c b/library/chacha20.c index 7015f99d5..0e057f0e3 100644 --- a/library/chacha20.c +++ b/library/chacha20.c @@ -164,10 +164,10 @@ static void chacha20_block( const uint32_t initial_state[16], { size_t offset = i * 4U; - keystream[offset ] = (unsigned char)( working_state[i] ); - keystream[offset + 1U] = (unsigned char)( working_state[i] >> 8 ); - keystream[offset + 2U] = (unsigned char)( working_state[i] >> 16 ); - keystream[offset + 3U] = (unsigned char)( working_state[i] >> 24 ); + keystream[offset ] = MBEDTLS_BYTE_0( working_state[i] ); + keystream[offset + 1U] = MBEDTLS_BYTE_1( working_state[i] ); + keystream[offset + 2U] = MBEDTLS_BYTE_2( working_state[i] ); + keystream[offset + 3U] = MBEDTLS_BYTE_3( working_state[i] ); } mbedtls_platform_zeroize( working_state, sizeof( working_state ) ); diff --git a/library/chachapoly.c b/library/chachapoly.c index 77d547731..696d97bf0 100644 --- a/library/chachapoly.c +++ b/library/chachapoly.c @@ -263,22 +263,22 @@ int mbedtls_chachapoly_finish( mbedtls_chachapoly_context *ctx, /* The lengths of the AAD and ciphertext are processed by * Poly1305 as the final 128-bit block, encoded as little-endian integers. */ - len_block[ 0] = (unsigned char)( ctx->aad_len ); - len_block[ 1] = (unsigned char)( ctx->aad_len >> 8 ); - len_block[ 2] = (unsigned char)( ctx->aad_len >> 16 ); - len_block[ 3] = (unsigned char)( ctx->aad_len >> 24 ); - len_block[ 4] = (unsigned char)( ctx->aad_len >> 32 ); - len_block[ 5] = (unsigned char)( ctx->aad_len >> 40 ); - len_block[ 6] = (unsigned char)( ctx->aad_len >> 48 ); - len_block[ 7] = (unsigned char)( ctx->aad_len >> 56 ); - len_block[ 8] = (unsigned char)( ctx->ciphertext_len ); - len_block[ 9] = (unsigned char)( ctx->ciphertext_len >> 8 ); - len_block[10] = (unsigned char)( ctx->ciphertext_len >> 16 ); - len_block[11] = (unsigned char)( ctx->ciphertext_len >> 24 ); - len_block[12] = (unsigned char)( ctx->ciphertext_len >> 32 ); - len_block[13] = (unsigned char)( ctx->ciphertext_len >> 40 ); - len_block[14] = (unsigned char)( ctx->ciphertext_len >> 48 ); - len_block[15] = (unsigned char)( ctx->ciphertext_len >> 56 ); + len_block[ 0] = MBEDTLS_BYTE_0( ctx->aad_len ); + len_block[ 1] = MBEDTLS_BYTE_1( ctx->aad_len ); + len_block[ 2] = MBEDTLS_BYTE_2( ctx->aad_len ); + len_block[ 3] = MBEDTLS_BYTE_3( ctx->aad_len ); + len_block[ 4] = MBEDTLS_BYTE_4( ctx->aad_len ); + len_block[ 5] = MBEDTLS_BYTE_5( ctx->aad_len ); + len_block[ 6] = MBEDTLS_BYTE_6( ctx->aad_len ); + len_block[ 7] = MBEDTLS_BYTE_7( ctx->aad_len ); + len_block[ 8] = MBEDTLS_BYTE_0( ctx->ciphertext_len ); + len_block[ 9] = MBEDTLS_BYTE_1( ctx->ciphertext_len ); + len_block[10] = MBEDTLS_BYTE_2( ctx->ciphertext_len ); + len_block[11] = MBEDTLS_BYTE_3( ctx->ciphertext_len ); + len_block[12] = MBEDTLS_BYTE_4( ctx->ciphertext_len ); + len_block[13] = MBEDTLS_BYTE_5( ctx->ciphertext_len ); + len_block[14] = MBEDTLS_BYTE_6( ctx->ciphertext_len ); + len_block[15] = MBEDTLS_BYTE_7( ctx->ciphertext_len ); ret = mbedtls_poly1305_update( &ctx->poly1305_ctx, len_block, 16U ); if( ret != 0 ) diff --git a/library/dhm.c b/library/dhm.c index 29ce75598..2ce0ed4fd 100644 --- a/library/dhm.c +++ b/library/dhm.c @@ -270,8 +270,8 @@ int mbedtls_dhm_make_params( mbedtls_dhm_context *ctx, int x_size, MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( ( X ), \ p + 2, \ ( n ) ) ); \ - *p++ = (unsigned char)( ( n ) >> 8 ); \ - *p++ = (unsigned char)( ( n ) ); \ + *p++ = MBEDTLS_BYTE_1( n ); \ + *p++ = MBEDTLS_BYTE_0( n ); \ p += ( n ); \ } while( 0 ) diff --git a/library/ecp.c b/library/ecp.c index b608ff1bd..fdfc96006 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -1012,8 +1012,8 @@ int mbedtls_ecp_tls_write_group( const mbedtls_ecp_group *grp, size_t *olen, /* * Next two bytes are the namedcurve value */ - buf[0] = curve_info->tls_id >> 8; - buf[1] = curve_info->tls_id & 0xFF; + buf[0] = MBEDTLS_BYTE_1( curve_info->tls_id ); + buf[1] = MBEDTLS_BYTE_0( curve_info->tls_id ); return( 0 ); } diff --git a/library/pkcs12.c b/library/pkcs12.c index 04b1a6dab..8f64bc639 100644 --- a/library/pkcs12.c +++ b/library/pkcs12.c @@ -285,8 +285,8 @@ int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen, for( i = v; i > 0; i-- ) { j = salt_block[i - 1] + hash_block[i - 1] + c; - c = (unsigned char) (j >> 8); - salt_block[i - 1] = j & 0xFF; + c = MBEDTLS_BYTE_1( j ); + salt_block[i - 1] = MBEDTLS_BYTE_0( j ); } // pwd_block += B @@ -294,8 +294,8 @@ int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen, for( i = v; i > 0; i-- ) { j = pwd_block[i - 1] + hash_block[i - 1] + c; - c = (unsigned char) (j >> 8); - pwd_block[i - 1] = j & 0xFF; + c = MBEDTLS_BYTE_1( j ); + pwd_block[i - 1] = MBEDTLS_BYTE_0( j ); } } diff --git a/library/poly1305.c b/library/poly1305.c index f19574253..333aade94 100644 --- a/library/poly1305.c +++ b/library/poly1305.c @@ -62,8 +62,8 @@ static uint64_t mul64( uint32_t a, uint32_t b ) /* a = al + 2**16 ah, b = bl + 2**16 bh */ const uint16_t al = (uint16_t) a; const uint16_t bl = (uint16_t) b; - const uint16_t ah = a >> 16; - const uint16_t bh = b >> 16; + const uint16_t ah = MBEDTLS_BYTE_2( a ); + const uint16_t bh = MBEDTLS_BYTE_2( b ); /* ab = al*bl + 2**16 (ah*bl + bl*bh) + 2**32 ah*bh */ const uint32_t lo = (uint32_t) al * bl; @@ -250,22 +250,22 @@ static void poly1305_compute_mac( const mbedtls_poly1305_context *ctx, acc3 += ctx->s[3] + (uint32_t) ( d >> 32U ); /* Compute MAC (128 least significant bits of the accumulator) */ - mac[ 0] = (unsigned char)( acc0 ); - mac[ 1] = (unsigned char)( acc0 >> 8 ); - mac[ 2] = (unsigned char)( acc0 >> 16 ); - mac[ 3] = (unsigned char)( acc0 >> 24 ); - mac[ 4] = (unsigned char)( acc1 ); - mac[ 5] = (unsigned char)( acc1 >> 8 ); - mac[ 6] = (unsigned char)( acc1 >> 16 ); - mac[ 7] = (unsigned char)( acc1 >> 24 ); - mac[ 8] = (unsigned char)( acc2 ); - mac[ 9] = (unsigned char)( acc2 >> 8 ); - mac[10] = (unsigned char)( acc2 >> 16 ); - mac[11] = (unsigned char)( acc2 >> 24 ); - mac[12] = (unsigned char)( acc3 ); - mac[13] = (unsigned char)( acc3 >> 8 ); - mac[14] = (unsigned char)( acc3 >> 16 ); - mac[15] = (unsigned char)( acc3 >> 24 ); + mac[ 0] = MBEDTLS_BYTE_0( acc0 ); + mac[ 1] = MBEDTLS_BYTE_1( acc0 ); + mac[ 2] = MBEDTLS_BYTE_2( acc0 ); + mac[ 3] = MBEDTLS_BYTE_3( acc0 ); + mac[ 4] = MBEDTLS_BYTE_0( acc1 ); + mac[ 5] = MBEDTLS_BYTE_1( acc1 ); + mac[ 6] = MBEDTLS_BYTE_2( acc1 ); + mac[ 7] = MBEDTLS_BYTE_3( acc1 ); + mac[ 8] = MBEDTLS_BYTE_0( acc2 ); + mac[ 9] = MBEDTLS_BYTE_1( acc2 ); + mac[10] = MBEDTLS_BYTE_2( acc2 ); + mac[11] = MBEDTLS_BYTE_3( acc2 ); + mac[12] = MBEDTLS_BYTE_0( acc3 ); + mac[13] = MBEDTLS_BYTE_1( acc3 ); + mac[14] = MBEDTLS_BYTE_2( acc3 ); + mac[15] = MBEDTLS_BYTE_3( acc3 ); } void mbedtls_poly1305_init( mbedtls_poly1305_context *ctx ) diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 9e0db96c4..729784a6e 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -352,8 +352,8 @@ static int ssl_write_supported_elliptic_curves_ext( mbedtls_ssl_context *ssl, grp_id++ ) { info = mbedtls_ecp_curve_info_from_grp_id( *grp_id ); - elliptic_curve_list[elliptic_curve_len++] = info->tls_id >> 8; - elliptic_curve_list[elliptic_curve_len++] = info->tls_id & 0xFF; + elliptic_curve_list[elliptic_curve_len++] = MBEDTLS_BYTE_1( info->tls_id ); + elliptic_curve_list[elliptic_curve_len++] = MBEDTLS_BYTE_0( info->tls_id ); } *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES ); @@ -857,10 +857,10 @@ static int ssl_generate_random( mbedtls_ssl_context *ssl ) #if defined(MBEDTLS_HAVE_TIME) t = mbedtls_time( NULL ); - *p++ = (unsigned char)( t >> 24 ); - *p++ = (unsigned char)( t >> 16 ); - *p++ = (unsigned char)( t >> 8 ); - *p++ = (unsigned char)( t ); + *p++ = MBEDTLS_BYTE_3( t ); + *p++ = MBEDTLS_BYTE_2( t ); + *p++ = MBEDTLS_BYTE_1( t ); + *p++ = MBEDTLS_BYTE_0( t ); MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, current time: %" MBEDTLS_PRINTF_LONGLONG, (long long) t ) ); @@ -1143,8 +1143,8 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_CHK_BUF_PTR( p, end, 2 ); n++; - *p++ = (unsigned char)( ciphersuites[i] >> 8 ); - *p++ = (unsigned char)( ciphersuites[i] ); + *p++ = MBEDTLS_BYTE_1( ciphersuites[i] ); + *p++ = MBEDTLS_BYTE_0( ciphersuites[i] ); } MBEDTLS_SSL_DEBUG_MSG( 3, @@ -1159,8 +1159,8 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl ) { MBEDTLS_SSL_DEBUG_MSG( 3, ( "adding EMPTY_RENEGOTIATION_INFO_SCSV" ) ); MBEDTLS_SSL_CHK_BUF_PTR( p, end, 2 ); - *p++ = (unsigned char)( MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO >> 8 ); - *p++ = (unsigned char)( MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO ); + *p++ = MBEDTLS_BYTE_1( MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO ); n++; } @@ -2745,8 +2745,8 @@ static int ssl_write_encrypted_pms( mbedtls_ssl_context *ssl, #if defined(MBEDTLS_SSL_PROTO_TLS1_2) if( len_bytes == 2 ) { - ssl->out_msg[offset+0] = (unsigned char)( *olen >> 8 ); - ssl->out_msg[offset+1] = (unsigned char)( *olen ); + ssl->out_msg[offset+0] = MBEDTLS_BYTE_1( *olen ); + ssl->out_msg[offset+1] = MBEDTLS_BYTE_0( *olen ); *olen += 2; } #endif @@ -3503,8 +3503,8 @@ static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl ) */ content_len = mbedtls_dhm_get_len( &ssl->handshake->dhm_ctx ); - ssl->out_msg[4] = (unsigned char)( content_len >> 8 ); - ssl->out_msg[5] = (unsigned char)( content_len ); + ssl->out_msg[4] = MBEDTLS_BYTE_1( content_len ); + ssl->out_msg[5] = MBEDTLS_BYTE_0( content_len ); header_len = 6; ret = mbedtls_dhm_make_public( &ssl->handshake->dhm_ctx, @@ -3719,8 +3719,8 @@ ecdh_calc_secret: return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); } - ssl->out_msg[header_len++] = (unsigned char)( content_len >> 8 ); - ssl->out_msg[header_len++] = (unsigned char)( content_len ); + ssl->out_msg[header_len++] = MBEDTLS_BYTE_1( content_len ); + ssl->out_msg[header_len++] = MBEDTLS_BYTE_0( content_len ); memcpy( ssl->out_msg + header_len, ssl->conf->psk_identity, @@ -3771,8 +3771,8 @@ ecdh_calc_secret: return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); } - ssl->out_msg[header_len++] = (unsigned char)( content_len >> 8 ); - ssl->out_msg[header_len++] = (unsigned char)( content_len ); + ssl->out_msg[header_len++] = MBEDTLS_BYTE_1( content_len ); + ssl->out_msg[header_len++] = MBEDTLS_BYTE_0( content_len ); ret = mbedtls_dhm_make_public( &ssl->handshake->dhm_ctx, (int) mbedtls_dhm_get_len( &ssl->handshake->dhm_ctx ), @@ -4054,8 +4054,8 @@ sign: return( ret ); } - ssl->out_msg[4 + offset] = (unsigned char)( n >> 8 ); - ssl->out_msg[5 + offset] = (unsigned char)( n ); + ssl->out_msg[4 + offset] = MBEDTLS_BYTE_1( n ); + ssl->out_msg[5 + offset] = MBEDTLS_BYTE_0( n ); ssl->out_msglen = 6 + n + offset; ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; diff --git a/library/ssl_cookie.c b/library/ssl_cookie.c index 40b8913b8..4f1c07bde 100644 --- a/library/ssl_cookie.c +++ b/library/ssl_cookie.c @@ -165,10 +165,10 @@ int mbedtls_ssl_cookie_write( void *p_ctx, t = ctx->serial++; #endif - (*p)[0] = (unsigned char)( t >> 24 ); - (*p)[1] = (unsigned char)( t >> 16 ); - (*p)[2] = (unsigned char)( t >> 8 ); - (*p)[3] = (unsigned char)( t ); + (*p)[0] = MBEDTLS_BYTE_3( t ); + (*p)[1] = MBEDTLS_BYTE_2( t ); + (*p)[2] = MBEDTLS_BYTE_1( t ); + (*p)[3] = MBEDTLS_BYTE_0( t ); *p += 4; #if defined(MBEDTLS_THREADING_C) diff --git a/library/ssl_msg.c b/library/ssl_msg.c index 989c59874..304e7f22b 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -2451,9 +2451,9 @@ int mbedtls_ssl_write_handshake_msg_ext( mbedtls_ssl_context *ssl, */ if( ssl->out_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE ) { - ssl->out_msg[1] = (unsigned char)( hs_len >> 16 ); - ssl->out_msg[2] = (unsigned char)( hs_len >> 8 ); - ssl->out_msg[3] = (unsigned char)( hs_len ); + ssl->out_msg[1] = MBEDTLS_BYTE_2( hs_len ); + ssl->out_msg[2] = MBEDTLS_BYTE_1( hs_len ); + ssl->out_msg[3] = MBEDTLS_BYTE_0( hs_len ); /* * DTLS has additional fields in the Handshake layer, @@ -2566,8 +2566,8 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl, uint8_t force_flush ) ssl->conf->transport, ssl->out_hdr + 1 ); memcpy( ssl->out_ctr, ssl->cur_out_ctr, 8 ); - ssl->out_len[0] = (unsigned char)( len >> 8 ); - ssl->out_len[1] = (unsigned char)( len ); + ssl->out_len[0] = MBEDTLS_BYTE_1( len ); + ssl->out_len[1] = MBEDTLS_BYTE_0( len ); if( ssl->transform_out != NULL ) { @@ -2607,8 +2607,8 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl, uint8_t force_flush ) memcpy( ssl->out_cid, rec.cid, rec.cid_len ); #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ ssl->out_msglen = len = rec.data_len; - ssl->out_len[0] = (unsigned char)( rec.data_len >> 8 ); - ssl->out_len[1] = (unsigned char)( rec.data_len ); + ssl->out_len[0] = MBEDTLS_BYTE_1( rec.data_len ); + ssl->out_len[1] = MBEDTLS_BYTE_0( rec.data_len ); } protected_record_size = len + mbedtls_ssl_out_hdr_len( ssl ); @@ -3180,12 +3180,12 @@ static int ssl_check_dtls_clihlo_cookie( /* Go back and fill length fields */ obuf[27] = (unsigned char)( *olen - 28 ); - obuf[14] = obuf[22] = (unsigned char)( ( *olen - 25 ) >> 16 ); - obuf[15] = obuf[23] = (unsigned char)( ( *olen - 25 ) >> 8 ); - obuf[16] = obuf[24] = (unsigned char)( ( *olen - 25 ) ); + obuf[14] = obuf[22] = MBEDTLS_BYTE_2( *olen - 25 ); + obuf[15] = obuf[23] = MBEDTLS_BYTE_1( *olen - 25 ); + obuf[16] = obuf[24] = MBEDTLS_BYTE_0( *olen - 25 ); - obuf[11] = (unsigned char)( ( *olen - 13 ) >> 8 ); - obuf[12] = (unsigned char)( ( *olen - 13 ) ); + obuf[11] = MBEDTLS_BYTE_1( *olen - 13 ); + obuf[12] = MBEDTLS_BYTE_0( *olen - 13 ); return( MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED ); } @@ -4565,8 +4565,8 @@ static int ssl_get_next_record( mbedtls_ssl_context *ssl ) ssl->in_hdr[0] = rec.type; ssl->in_msg = rec.buf + rec.data_offset; ssl->in_msglen = rec.data_len; - ssl->in_len[0] = (unsigned char)( rec.data_len >> 8 ); - ssl->in_len[1] = (unsigned char)( rec.data_len ); + ssl->in_len[0] = MBEDTLS_BYTE_1( rec.data_len ); + ssl->in_len[1] = MBEDTLS_BYTE_0( rec.data_len ); return( 0 ); } diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 96b08ab8f..232846ff0 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -2494,10 +2494,10 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl ) #if defined(MBEDTLS_HAVE_TIME) t = mbedtls_time( NULL ); - *p++ = (unsigned char)( t >> 24 ); - *p++ = (unsigned char)( t >> 16 ); - *p++ = (unsigned char)( t >> 8 ); - *p++ = (unsigned char)( t ); + *p++ = MBEDTLS_BYTE_3( t ); + *p++ = MBEDTLS_BYTE_2( t ); + *p++ = MBEDTLS_BYTE_1( t ); + *p++ = MBEDTLS_BYTE_0( t ); MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, current time: %" MBEDTLS_PRINTF_LONGLONG, (long long) t ) ); @@ -2578,9 +2578,9 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_MSG( 3, ( "%s session has been resumed", ssl->handshake->resume ? "a" : "no" ) ); - *p++ = (unsigned char)( ssl->session_negotiate->ciphersuite >> 8 ); - *p++ = (unsigned char)( ssl->session_negotiate->ciphersuite ); - *p++ = (unsigned char)( ssl->session_negotiate->compression ); + *p++ = MBEDTLS_BYTE_1( ssl->session_negotiate->ciphersuite ); + *p++ = MBEDTLS_BYTE_0( ssl->session_negotiate->ciphersuite ); + *p++ = MBEDTLS_BYTE_0( ssl->session_negotiate->compression ); MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, chosen ciphersuite: %s", mbedtls_ssl_get_ciphersuite_name( ssl->session_negotiate->ciphersuite ) ) ); @@ -2785,8 +2785,8 @@ static int ssl_write_certificate_request( mbedtls_ssl_context *ssl ) #endif } - p[0] = (unsigned char)( sa_len >> 8 ); - p[1] = (unsigned char)( sa_len ); + p[0] = MBEDTLS_BYTE_1( sa_len ); + p[1] = MBEDTLS_BYTE_0( sa_len ); sa_len += 2; p += sa_len; } @@ -2826,8 +2826,8 @@ static int ssl_write_certificate_request( mbedtls_ssl_context *ssl ) break; } - *p++ = (unsigned char)( dn_size >> 8 ); - *p++ = (unsigned char)( dn_size ); + *p++ = MBEDTLS_BYTE_1( dn_size ); + *p++ = MBEDTLS_BYTE_0( dn_size ); memcpy( p, crt->subject_raw.p, dn_size ); p += dn_size; @@ -2841,8 +2841,8 @@ static int ssl_write_certificate_request( mbedtls_ssl_context *ssl ) ssl->out_msglen = p - buf; ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; ssl->out_msg[0] = MBEDTLS_SSL_HS_CERTIFICATE_REQUEST; - ssl->out_msg[4 + ct_len + sa_len] = (unsigned char)( total_dn_size >> 8 ); - ssl->out_msg[5 + ct_len + sa_len] = (unsigned char)( total_dn_size ); + ssl->out_msg[4 + ct_len + sa_len] = MBEDTLS_BYTE_1( total_dn_size ); + ssl->out_msg[5 + ct_len + sa_len] = MBEDTLS_BYTE_0( total_dn_size ); ret = mbedtls_ssl_write_handshake_msg( ssl ); @@ -3320,8 +3320,8 @@ static int ssl_write_server_key_exchange( mbedtls_ssl_context *ssl ) #if defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED) if( signature_len != 0 ) { - ssl->out_msg[ssl->out_msglen++] = (unsigned char)( signature_len >> 8 ); - ssl->out_msg[ssl->out_msglen++] = (unsigned char)( signature_len ); + ssl->out_msg[ssl->out_msglen++] = MBEDTLS_BYTE_1( signature_len ); + ssl->out_msg[ssl->out_msglen++] = MBEDTLS_BYTE_0( signature_len ); MBEDTLS_SSL_DEBUG_BUF( 3, "my signature", ssl->out_msg + ssl->out_msglen, diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 381eb9e03..33f026f4d 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -1487,8 +1487,8 @@ int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exch if( end - p < 2 ) return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - *(p++) = (unsigned char)( psk_len >> 8 ); - *(p++) = (unsigned char)( psk_len ); + *(p++) = MBEDTLS_BYTE_1( psk_len ); + *(p++) = MBEDTLS_BYTE_0( psk_len ); if( end < p || (size_t)( end - p ) < psk_len ) return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); @@ -1528,8 +1528,8 @@ int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exch MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_calc_secret", ret ); return( ret ); } - *(p++) = (unsigned char)( len >> 8 ); - *(p++) = (unsigned char)( len ); + *(p++) = MBEDTLS_BYTE_1( len ); + *(p++) = MBEDTLS_BYTE_0( len ); p += len; MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: K ", &ssl->handshake->dhm_ctx.K ); @@ -1550,8 +1550,8 @@ int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exch return( ret ); } - *(p++) = (unsigned char)( zlen >> 8 ); - *(p++) = (unsigned char)( zlen ); + *(p++) = MBEDTLS_BYTE_1( zlen ); + *(p++) = MBEDTLS_BYTE_0( zlen ); p += zlen; MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx, @@ -1568,8 +1568,8 @@ int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exch if( end - p < 2 ) return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - *(p++) = (unsigned char)( psk_len >> 8 ); - *(p++) = (unsigned char)( psk_len ); + *(p++) = MBEDTLS_BYTE_1( psk_len ); + *(p++) = MBEDTLS_BYTE_0( psk_len ); if( end < p || (size_t)( end - p ) < psk_len ) return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); @@ -1746,17 +1746,17 @@ int mbedtls_ssl_write_certificate( mbedtls_ssl_context *ssl ) return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); } - ssl->out_msg[i ] = (unsigned char)( n >> 16 ); - ssl->out_msg[i + 1] = (unsigned char)( n >> 8 ); - ssl->out_msg[i + 2] = (unsigned char)( n ); + ssl->out_msg[i ] = MBEDTLS_BYTE_2( n ); + ssl->out_msg[i + 1] = MBEDTLS_BYTE_1( n ); + ssl->out_msg[i + 2] = MBEDTLS_BYTE_0( n ); i += 3; memcpy( ssl->out_msg + i, crt->raw.p, n ); i += n; crt = crt->next; } - ssl->out_msg[4] = (unsigned char)( ( i - 7 ) >> 16 ); - ssl->out_msg[5] = (unsigned char)( ( i - 7 ) >> 8 ); - ssl->out_msg[6] = (unsigned char)( ( i - 7 ) ); + ssl->out_msg[4] = MBEDTLS_BYTE_2( i - 7 ); + ssl->out_msg[5] = MBEDTLS_BYTE_1( i - 7 ); + ssl->out_msg[6] = MBEDTLS_BYTE_0( i - 7 ); ssl->out_msglen = i; ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; diff --git a/library/x509write_crt.c b/library/x509write_crt.c index c8169f1fe..0daf0683e 100644 --- a/library/x509write_crt.c +++ b/library/x509write_crt.c @@ -251,8 +251,8 @@ int mbedtls_x509write_crt_set_key_usage( mbedtls_x509write_cert *ctx, return( MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE ); c = buf + 5; - ku[0] = (unsigned char)( key_usage ); - ku[1] = (unsigned char)( key_usage >> 8 ); + ku[0] = MBEDTLS_BYTE_0( key_usage ); + ku[1] = MBEDTLS_BYTE_1( key_usage ); ret = mbedtls_asn1_write_named_bitstring( &c, buf, ku, 9 ); if( ret < 0 ) From b6511b04fa8891a92fe45b42315ca9c4ec9439ac Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Fri, 16 Jul 2021 15:02:55 +0100 Subject: [PATCH 70/81] Replace instances of byte reading macros with PUT Instances of a group of byte reading macros which are equivilant to MBEDTLS_PUT_UINTx_yz Signed-off-by: Joe Subbiani --- library/chacha20.c | 5 +---- library/chachapoly.c | 18 ++---------------- library/ssl_cookie.c | 5 +---- 3 files changed, 4 insertions(+), 24 deletions(-) diff --git a/library/chacha20.c b/library/chacha20.c index 0e057f0e3..658f04690 100644 --- a/library/chacha20.c +++ b/library/chacha20.c @@ -164,10 +164,7 @@ static void chacha20_block( const uint32_t initial_state[16], { size_t offset = i * 4U; - keystream[offset ] = MBEDTLS_BYTE_0( working_state[i] ); - keystream[offset + 1U] = MBEDTLS_BYTE_1( working_state[i] ); - keystream[offset + 2U] = MBEDTLS_BYTE_2( working_state[i] ); - keystream[offset + 3U] = MBEDTLS_BYTE_3( working_state[i] ); + MBEDTLS_PUT_UINT32_LE(working_state[i], keystream, offset); } mbedtls_platform_zeroize( working_state, sizeof( working_state ) ); diff --git a/library/chachapoly.c b/library/chachapoly.c index 696d97bf0..dc75b2030 100644 --- a/library/chachapoly.c +++ b/library/chachapoly.c @@ -263,22 +263,8 @@ int mbedtls_chachapoly_finish( mbedtls_chachapoly_context *ctx, /* The lengths of the AAD and ciphertext are processed by * Poly1305 as the final 128-bit block, encoded as little-endian integers. */ - len_block[ 0] = MBEDTLS_BYTE_0( ctx->aad_len ); - len_block[ 1] = MBEDTLS_BYTE_1( ctx->aad_len ); - len_block[ 2] = MBEDTLS_BYTE_2( ctx->aad_len ); - len_block[ 3] = MBEDTLS_BYTE_3( ctx->aad_len ); - len_block[ 4] = MBEDTLS_BYTE_4( ctx->aad_len ); - len_block[ 5] = MBEDTLS_BYTE_5( ctx->aad_len ); - len_block[ 6] = MBEDTLS_BYTE_6( ctx->aad_len ); - len_block[ 7] = MBEDTLS_BYTE_7( ctx->aad_len ); - len_block[ 8] = MBEDTLS_BYTE_0( ctx->ciphertext_len ); - len_block[ 9] = MBEDTLS_BYTE_1( ctx->ciphertext_len ); - len_block[10] = MBEDTLS_BYTE_2( ctx->ciphertext_len ); - len_block[11] = MBEDTLS_BYTE_3( ctx->ciphertext_len ); - len_block[12] = MBEDTLS_BYTE_4( ctx->ciphertext_len ); - len_block[13] = MBEDTLS_BYTE_5( ctx->ciphertext_len ); - len_block[14] = MBEDTLS_BYTE_6( ctx->ciphertext_len ); - len_block[15] = MBEDTLS_BYTE_7( ctx->ciphertext_len ); + MBEDTLS_PUT_UINT64_LE(ctx->aad_len, len_block, 0); + MBEDTLS_PUT_UINT64_LE(ctx->ciphertext_len, len_block, 8); ret = mbedtls_poly1305_update( &ctx->poly1305_ctx, len_block, 16U ); if( ret != 0 ) diff --git a/library/ssl_cookie.c b/library/ssl_cookie.c index 4f1c07bde..986b1410b 100644 --- a/library/ssl_cookie.c +++ b/library/ssl_cookie.c @@ -165,10 +165,7 @@ int mbedtls_ssl_cookie_write( void *p_ctx, t = ctx->serial++; #endif - (*p)[0] = MBEDTLS_BYTE_3( t ); - (*p)[1] = MBEDTLS_BYTE_2( t ); - (*p)[2] = MBEDTLS_BYTE_1( t ); - (*p)[3] = MBEDTLS_BYTE_0( t ); + MBEDTLS_PUT_UINT32_BE(t, *p, 0); *p += 4; #if defined(MBEDTLS_THREADING_C) From 4919bb46b02a7032518951d5ff5f9168a8876859 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Fri, 16 Jul 2021 17:14:07 +0100 Subject: [PATCH 71/81] Remove use of byte reading macro for uint16 Accidently used MBEDTLS_BYTE_16 for a uint16 variable Signed-off-by: Joe Subbiani --- library/poly1305.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/library/poly1305.c b/library/poly1305.c index 333aade94..9e90d67b1 100644 --- a/library/poly1305.c +++ b/library/poly1305.c @@ -61,9 +61,9 @@ static uint64_t mul64( uint32_t a, uint32_t b ) { /* a = al + 2**16 ah, b = bl + 2**16 bh */ const uint16_t al = (uint16_t) a; - const uint16_t bl = (uint16_t) b; - const uint16_t ah = MBEDTLS_BYTE_2( a ); - const uint16_t bh = MBEDTLS_BYTE_2( b ); + const uint16_t bl = (uint16_t) b; + const uint16_t ah = a >> 16; + const uint16_t bh = b >> 16; /* ab = al*bl + 2**16 (ah*bl + bl*bh) + 2**32 ah*bh */ const uint32_t lo = (uint32_t) al * bl; From 51b147add0abc84098c680ad7eac86d6dd3e10d6 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Fri, 16 Jul 2021 17:47:17 +0100 Subject: [PATCH 72/81] Remove trailing white space Signed-off-by: Joe Subbiani --- library/poly1305.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/poly1305.c b/library/poly1305.c index 9e90d67b1..1f35f1d50 100644 --- a/library/poly1305.c +++ b/library/poly1305.c @@ -61,7 +61,7 @@ static uint64_t mul64( uint32_t a, uint32_t b ) { /* a = al + 2**16 ah, b = bl + 2**16 bh */ const uint16_t al = (uint16_t) a; - const uint16_t bl = (uint16_t) b; + const uint16_t bl = (uint16_t) b; const uint16_t ah = a >> 16; const uint16_t bh = b >> 16; From 6dd73645533dfaf489906c5ee30e9bb816b652a6 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Mon, 19 Jul 2021 11:56:54 +0100 Subject: [PATCH 73/81] Replace instances of byte reading macros with PUT Instances of a group of byte reading macros which are equivilant to MBEDTLS_PUT_UINTx_yz Signed-off-by: Joe Subbiani --- library/common.h | 34 ++++++++++++++++++++++++++++++++++ library/poly1305.c | 20 ++++---------------- library/psa_its_file.c | 10 ++-------- library/ssl_cli.c | 15 +++++---------- library/ssl_msg.c | 21 +++++++-------------- library/ssl_srv.c | 34 ++++++++++------------------------ library/ssl_ticket.c | 3 +-- library/x509write_crt.c | 3 +-- 8 files changed, 64 insertions(+), 76 deletions(-) diff --git a/library/common.h b/library/common.h index ce2f04007..3e8f88bf3 100644 --- a/library/common.h +++ b/library/common.h @@ -193,6 +193,40 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c } #endif +/** + * Get the unsigned 16 bits integer corresponding to two bytes in + * big-endian order (LSB first). + * + * \param data Base address of the memory to get the two bytes from. + * \param offset Offset from \p base of the first and most significant + * byte of the two bytes to build the 16 bits unsigned + * integer from. + */ +#ifndef MBEDTLS_GET_UINT16_BE +#define MBEDTLS_GET_UINT16_BE( data, offset ) \ + ( \ + ( (uint16_t) ( data )[( offset ) ] << 8 ) \ + | ( (uint16_t) ( data )[( offset ) + 1] ) \ + ) +#endif + +/** + * Put in memory a 16 bits unsigned integer in big-endian order. + * + * \param n 16 bits unsigned integer to put in memory. + * \param data Base address of the memory where to put the 16 + * bits unsigned integer in. + * \param offset Offset from \p base where to put the most significant + * byte of the 16 bits unsigned integer \p n. + */ +#ifndef MBEDTLS_PUT_UINT16_BE +#define MBEDTLS_PUT_UINT16_BE( n, data, offset ) \ +{ \ + ( data )[( offset ) ] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \ + ( data )[( offset ) + 1] = (unsigned char) ( ( (n) ) & 0xFF ); \ +} +#endif + /** * Get the unsigned 64 bits integer corresponding to eight bytes in * big-endian order (MSB first). diff --git a/library/poly1305.c b/library/poly1305.c index 1f35f1d50..7375a0c57 100644 --- a/library/poly1305.c +++ b/library/poly1305.c @@ -250,22 +250,10 @@ static void poly1305_compute_mac( const mbedtls_poly1305_context *ctx, acc3 += ctx->s[3] + (uint32_t) ( d >> 32U ); /* Compute MAC (128 least significant bits of the accumulator) */ - mac[ 0] = MBEDTLS_BYTE_0( acc0 ); - mac[ 1] = MBEDTLS_BYTE_1( acc0 ); - mac[ 2] = MBEDTLS_BYTE_2( acc0 ); - mac[ 3] = MBEDTLS_BYTE_3( acc0 ); - mac[ 4] = MBEDTLS_BYTE_0( acc1 ); - mac[ 5] = MBEDTLS_BYTE_1( acc1 ); - mac[ 6] = MBEDTLS_BYTE_2( acc1 ); - mac[ 7] = MBEDTLS_BYTE_3( acc1 ); - mac[ 8] = MBEDTLS_BYTE_0( acc2 ); - mac[ 9] = MBEDTLS_BYTE_1( acc2 ); - mac[10] = MBEDTLS_BYTE_2( acc2 ); - mac[11] = MBEDTLS_BYTE_3( acc2 ); - mac[12] = MBEDTLS_BYTE_0( acc3 ); - mac[13] = MBEDTLS_BYTE_1( acc3 ); - mac[14] = MBEDTLS_BYTE_2( acc3 ); - mac[15] = MBEDTLS_BYTE_3( acc3 ); + MBEDTLS_PUT_UINT32_LE( acc0, mac, 0 ); + MBEDTLS_PUT_UINT32_LE( acc1, mac, 4 ); + MBEDTLS_PUT_UINT32_LE( acc2, mac, 8 ); + MBEDTLS_PUT_UINT32_LE( acc3, mac, 12 ); } void mbedtls_poly1305_init( mbedtls_poly1305_context *ctx ) diff --git a/library/psa_its_file.c b/library/psa_its_file.c index c3b19a74a..c4782cdba 100644 --- a/library/psa_its_file.c +++ b/library/psa_its_file.c @@ -191,14 +191,8 @@ psa_status_t psa_its_set( psa_storage_uid_t uid, size_t n; memcpy( header.magic, PSA_ITS_MAGIC_STRING, PSA_ITS_MAGIC_LENGTH ); - header.size[0] = MBEDTLS_BYTE_0( data_length ); - header.size[1] = MBEDTLS_BYTE_1( data_length ); - header.size[2] = MBEDTLS_BYTE_2( data_length ); - header.size[3] = MBEDTLS_BYTE_3( data_length ); - header.flags[0] = MBEDTLS_BYTE_0( create_flags ); - header.flags[1] = MBEDTLS_BYTE_1( create_flags ); - header.flags[2] = MBEDTLS_BYTE_2( create_flags ); - header.flags[3] = MBEDTLS_BYTE_3( create_flags ); + MBEDTLS_PUT_UINT32_LE( data_length, header.size, 0 ); + MBEDTLS_PUT_UINT32_LE( create_flags, header.flags, 0 ); psa_its_fill_filename( uid, filename ); stream = fopen( PSA_ITS_STORAGE_TEMP, "wb" ); diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 729784a6e..3a0e6df6f 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -703,12 +703,10 @@ static int ssl_write_alpn_ext( mbedtls_ssl_context *ssl, *olen = p - buf; /* List length = olen - 2 (ext_type) - 2 (ext_len) - 2 (list_len) */ - buf[4] = MBEDTLS_BYTE_1( *olen - 6 ); - buf[5] = MBEDTLS_BYTE_0( *olen - 6 ); + MBEDTLS_PUT_UINT16_BE( *olen - 6, buf, 4 ); /* Extension length = olen - 2 (ext_type) - 2 (ext_len) */ - buf[2] = MBEDTLS_BYTE_1( *olen - 4 ); - buf[3] = MBEDTLS_BYTE_0( *olen - 4 ); + MBEDTLS_PUT_UINT16_BE( *olen - 4, buf, 2 ); return( 0 ); } @@ -2745,8 +2743,7 @@ static int ssl_write_encrypted_pms( mbedtls_ssl_context *ssl, #if defined(MBEDTLS_SSL_PROTO_TLS1_2) if( len_bytes == 2 ) { - ssl->out_msg[offset+0] = MBEDTLS_BYTE_1( *olen ); - ssl->out_msg[offset+1] = MBEDTLS_BYTE_0( *olen ); + MBEDTLS_PUT_UINT16_BE( *olen, ssl->out_msg, offset ); *olen += 2; } #endif @@ -3503,8 +3500,7 @@ static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl ) */ content_len = mbedtls_dhm_get_len( &ssl->handshake->dhm_ctx ); - ssl->out_msg[4] = MBEDTLS_BYTE_1( content_len ); - ssl->out_msg[5] = MBEDTLS_BYTE_0( content_len ); + MBEDTLS_PUT_UINT16_BE( content_len, ssl->out_msg, 4 ); header_len = 6; ret = mbedtls_dhm_make_public( &ssl->handshake->dhm_ctx, @@ -4054,8 +4050,7 @@ sign: return( ret ); } - ssl->out_msg[4 + offset] = MBEDTLS_BYTE_1( n ); - ssl->out_msg[5 + offset] = MBEDTLS_BYTE_0( n ); + MBEDTLS_PUT_UINT16_BE( n, ssl->out_msg, offset + 4 ); ssl->out_msglen = 6 + n + offset; ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; diff --git a/library/ssl_msg.c b/library/ssl_msg.c index 304e7f22b..2fe801a28 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -454,15 +454,13 @@ static void ssl_extract_add_data_from_record( unsigned char* add_data, *cur = rec->cid_len; cur++; - cur[0] = MBEDTLS_CHAR_1( ad_len_field ); - cur[1] = MBEDTLS_CHAR_0( ad_len_field ); + MBEDTLS_PUT_UINT16_BE( ad_len_field, cur, 0 ); cur += 2; } else #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ { - cur[0] = MBEDTLS_CHAR_1( ad_len_field ); - cur[1] = MBEDTLS_CHAR_0( ad_len_field ); + MBEDTLS_PUT_UINT16_BE( ad_len_field, cur, 0 ); cur += 2; } @@ -2481,8 +2479,7 @@ int mbedtls_ssl_write_handshake_msg_ext( mbedtls_ssl_context *ssl, /* Write message_seq and update it, except for HelloRequest */ if( hs_type != MBEDTLS_SSL_HS_HELLO_REQUEST ) { - ssl->out_msg[4] = MBEDTLS_BYTE_1( ssl->handshake->out_msg_seq ); - ssl->out_msg[5] = MBEDTLS_BYTE_0( ssl->handshake->out_msg_seq ); + MBEDTLS_PUT_UINT16_BE( ssl->handshake->out_msg_seq, ssl->out_msg, 4 ); ++( ssl->handshake->out_msg_seq ); } else @@ -2566,8 +2563,7 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl, uint8_t force_flush ) ssl->conf->transport, ssl->out_hdr + 1 ); memcpy( ssl->out_ctr, ssl->cur_out_ctr, 8 ); - ssl->out_len[0] = MBEDTLS_BYTE_1( len ); - ssl->out_len[1] = MBEDTLS_BYTE_0( len ); + MBEDTLS_PUT_UINT16_BE( len, ssl->out_len, 0); if( ssl->transform_out != NULL ) { @@ -2607,8 +2603,7 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl, uint8_t force_flush ) memcpy( ssl->out_cid, rec.cid, rec.cid_len ); #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ ssl->out_msglen = len = rec.data_len; - ssl->out_len[0] = MBEDTLS_BYTE_1( rec.data_len ); - ssl->out_len[1] = MBEDTLS_BYTE_0( rec.data_len ); + MBEDTLS_PUT_UINT16_BE( rec.data_len, ssl->out_len, 0 ); } protected_record_size = len + mbedtls_ssl_out_hdr_len( ssl ); @@ -3184,8 +3179,7 @@ static int ssl_check_dtls_clihlo_cookie( obuf[15] = obuf[23] = MBEDTLS_BYTE_1( *olen - 25 ); obuf[16] = obuf[24] = MBEDTLS_BYTE_0( *olen - 25 ); - obuf[11] = MBEDTLS_BYTE_1( *olen - 13 ); - obuf[12] = MBEDTLS_BYTE_0( *olen - 13 ); + MBEDTLS_PUT_UINT16_BE( *olen - 13, obuf, 11 ); return( MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED ); } @@ -4565,8 +4559,7 @@ static int ssl_get_next_record( mbedtls_ssl_context *ssl ) ssl->in_hdr[0] = rec.type; ssl->in_msg = rec.buf + rec.data_offset; ssl->in_msglen = rec.data_len; - ssl->in_len[0] = MBEDTLS_BYTE_1( rec.data_len ); - ssl->in_len[1] = MBEDTLS_BYTE_0( rec.data_len ); + MBEDTLS_PUT_UINT16_BE( rec.data_len, ssl->in_len, 0 ); return( 0 ); } diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 232846ff0..a791b8076 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -2238,16 +2238,13 @@ static void ssl_write_alpn_ext( mbedtls_ssl_context *ssl, * 6 . 6 protocol name length * 7 . 7+n protocol name */ - buf[0] = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_ALPN ); - buf[1] = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_ALPN ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_ALPN, buf, 0); *olen = 7 + strlen( ssl->alpn_chosen ); - buf[2] = MBEDTLS_BYTE_1( *olen - 4 ); - buf[3] = MBEDTLS_BYTE_0( *olen - 4 ); + MBEDTLS_PUT_UINT16_BE( *olen - 4, buf, 2 ); - buf[4] = MBEDTLS_BYTE_1( *olen - 6 ); - buf[5] = MBEDTLS_BYTE_0( *olen - 6 ); + MBEDTLS_PUT_UINT16_BE( *olen - 6, buf, 4 ); buf[6] = MBEDTLS_BYTE_0( *olen - 7 ); @@ -2294,15 +2291,13 @@ static void ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, } /* extension */ - buf[0] = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_USE_SRTP ); - buf[1] = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_USE_SRTP ); + MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_USE_SRTP, buf, 0 ); /* * total length 5 and mki value: only one profile(2 bytes) * and length(2 bytes) and srtp_mki ) */ ext_len = 5 + mki_len; - buf[2] = MBEDTLS_BYTE_1( ext_len ); - buf[3] = MBEDTLS_BYTE_0( ext_len ); + MBEDTLS_PUT_UINT16_BE( ext_len, buf, 2 ); /* protection profile length: 2 */ buf[4] = 0x00; @@ -2311,8 +2306,7 @@ static void ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, ssl->dtls_srtp_info.chosen_dtls_srtp_profile ); if( profile_value != MBEDTLS_TLS_SRTP_UNSET ) { - buf[6] = MBEDTLS_BYTE_1( profile_value ); - buf[7] = MBEDTLS_BYTE_0( profile_value ); + MBEDTLS_PUT_UINT16_BE( profile_value, buf, 6 ); } else { @@ -2785,8 +2779,7 @@ static int ssl_write_certificate_request( mbedtls_ssl_context *ssl ) #endif } - p[0] = MBEDTLS_BYTE_1( sa_len ); - p[1] = MBEDTLS_BYTE_0( sa_len ); + MBEDTLS_PUT_UINT16_BE( sa_len, p, 0 ); sa_len += 2; p += sa_len; } @@ -2841,8 +2834,7 @@ static int ssl_write_certificate_request( mbedtls_ssl_context *ssl ) ssl->out_msglen = p - buf; ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; ssl->out_msg[0] = MBEDTLS_SSL_HS_CERTIFICATE_REQUEST; - ssl->out_msg[4 + ct_len + sa_len] = MBEDTLS_BYTE_1( total_dn_size ); - ssl->out_msg[5 + ct_len + sa_len] = MBEDTLS_BYTE_0( total_dn_size ); + MBEDTLS_PUT_UINT16_BE( total_dn_size, ssl->out_msg, 4 + ct_len + sa_len ); ret = mbedtls_ssl_write_handshake_msg( ssl ); @@ -4223,14 +4215,8 @@ static int ssl_write_new_session_ticket( mbedtls_ssl_context *ssl ) tlen = 0; } - ssl->out_msg[4] = MBEDTLS_BYTE_3( lifetime ); - ssl->out_msg[5] = MBEDTLS_BYTE_2( lifetime ); - ssl->out_msg[6] = MBEDTLS_BYTE_1( lifetime ); - ssl->out_msg[7] = MBEDTLS_BYTE_0( lifetime ); - - ssl->out_msg[8] = MBEDTLS_BYTE_1( tlen ); - ssl->out_msg[9] = MBEDTLS_BYTE_0( tlen ); - + MBEDTLS_PUT_UINT32_BE( lifetime, ssl->out_msg, 4 ); + MBEDTLS_PUT_UINT16_BE( tlen, ssl->out_msg, 8 ); ssl->out_msglen = 10 + tlen; /* diff --git a/library/ssl_ticket.c b/library/ssl_ticket.c index a7a55f1a7..bce9a1cd7 100644 --- a/library/ssl_ticket.c +++ b/library/ssl_ticket.c @@ -245,8 +245,7 @@ int mbedtls_ssl_ticket_write( void *p_ticket, { goto cleanup; } - state_len_bytes[0] = MBEDTLS_BYTE_1( clear_len ); - state_len_bytes[1] = MBEDTLS_BYTE_0( clear_len ); + MBEDTLS_PUT_UINT16_BE( clear_len, state_len_bytes, 0 ); /* Encrypt and authenticate */ if( ( ret = mbedtls_cipher_auth_encrypt_ext( &key->ctx, diff --git a/library/x509write_crt.c b/library/x509write_crt.c index 0daf0683e..17b3e7966 100644 --- a/library/x509write_crt.c +++ b/library/x509write_crt.c @@ -251,8 +251,7 @@ int mbedtls_x509write_crt_set_key_usage( mbedtls_x509write_cert *ctx, return( MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE ); c = buf + 5; - ku[0] = MBEDTLS_BYTE_0( key_usage ); - ku[1] = MBEDTLS_BYTE_1( key_usage ); + MBEDTLS_PUT_UINT16_LE( key_usage, ku, 0 ); ret = mbedtls_asn1_write_named_bitstring( &c, buf, ku, 9 ); if( ret < 0 ) From 5241e343ded7655e4baa95a493002ec93ae458c1 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Mon, 19 Jul 2021 15:29:18 +0100 Subject: [PATCH 74/81] Improve consitency throughout library/common.h Replace the contents of MBEDTLS_PUT_UINTx_yz contained inconsitent but similar/duplicate code to the MBEDTLS_BYTE_x macros. Therefore the contents of the macros now utilise the byte reading macros. MBEDTLS_PUT_UINT64_LE's written order was also not consitent with the other PUT macros, so that was modified. Documentation comment said LSB instead of MSB and that has also been resolved. Signed-off-by: Joe Subbiani --- library/common.h | 166 +++++++++++++++++++++++------------------------ 1 file changed, 83 insertions(+), 83 deletions(-) diff --git a/library/common.h b/library/common.h index 3e8f88bf3..ba0396c58 100644 --- a/library/common.h +++ b/library/common.h @@ -93,12 +93,12 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c * integer from. */ #ifndef MBEDTLS_GET_UINT32_BE -#define MBEDTLS_GET_UINT32_BE( data , offset ) \ - ( \ - ( (uint32_t) ( data )[( offset ) ] << 24 ) \ - | ( (uint32_t) ( data )[( offset ) + 1] << 16 ) \ - | ( (uint32_t) ( data )[( offset ) + 2] << 8 ) \ - | ( (uint32_t) ( data )[( offset ) + 3] ) \ +#define MBEDTLS_GET_UINT32_BE( data , offset ) \ + ( \ + ( (uint32_t) ( data )[( offset ) ] << 24 ) \ + | ( (uint32_t) ( data )[( offset ) + 1] << 16 ) \ + | ( (uint32_t) ( data )[( offset ) + 2] << 8 ) \ + | ( (uint32_t) ( data )[( offset ) + 3] ) \ ) #endif @@ -112,13 +112,13 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c * byte of the 32 bits unsigned integer \p n. */ #ifndef MBEDTLS_PUT_UINT32_BE -#define MBEDTLS_PUT_UINT32_BE( n, data, offset ) \ - do { \ - ( data )[( offset ) ] = (unsigned char) ( (n) >> 24 ); \ - ( data )[( offset ) + 1] = (unsigned char) ( (n) >> 16 ); \ - ( data )[( offset ) + 2] = (unsigned char) ( (n) >> 8 ); \ - ( data )[( offset ) + 3] = (unsigned char) ( (n) ); \ - } while( 0 ) +#define MBEDTLS_PUT_UINT32_BE( n, data, offset ) \ +{ \ + ( data )[( offset ) ] = MBEDTLS_BYTE_3( n ); \ + ( data )[( offset ) + 1] = MBEDTLS_BYTE_2( n ); \ + ( data )[( offset ) + 2] = MBEDTLS_BYTE_1( n ); \ + ( data )[( offset ) + 3] = MBEDTLS_BYTE_0( n ); \ +} #endif /** @@ -131,12 +131,12 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c * integer from. */ #ifndef MBEDTLS_GET_UINT32_LE -#define MBEDTLS_GET_UINT32_LE( data, offset ) \ - ( \ - ( (uint32_t) ( data )[( offset ) ] ) \ - | ( (uint32_t) ( data )[( offset ) + 1] << 8 ) \ - | ( (uint32_t) ( data )[( offset ) + 2] << 16 ) \ - | ( (uint32_t) ( data )[( offset ) + 3] << 24 ) \ +#define MBEDTLS_GET_UINT32_LE( data, offset ) \ + ( \ + ( (uint32_t) ( data )[( offset ) ] ) \ + | ( (uint32_t) ( data )[( offset ) + 1] << 8 ) \ + | ( (uint32_t) ( data )[( offset ) + 2] << 16 ) \ + | ( (uint32_t) ( data )[( offset ) + 3] << 24 ) \ ) #endif @@ -150,13 +150,13 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c * byte of the 32 bits unsigned integer \p n. */ #ifndef MBEDTLS_PUT_UINT32_LE -#define MBEDTLS_PUT_UINT32_LE( n, data, offset ) \ - do { \ - ( data )[( offset ) ] = (unsigned char) ( ( (n) ) & 0xFF ); \ - ( data )[( offset ) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \ - ( data )[( offset ) + 2] = (unsigned char) ( ( (n) >> 16 ) & 0xFF ); \ - ( data )[( offset ) + 3] = (unsigned char) ( ( (n) >> 24 ) & 0xFF ); \ - } while( 0 ) +#define MBEDTLS_PUT_UINT32_LE( n, data, offset ) \ +{ \ + ( data )[( offset ) ] = MBEDTLS_BYTE_0( n ); \ + ( data )[( offset ) + 1] = MBEDTLS_BYTE_1( n ); \ + ( data )[( offset ) + 2] = MBEDTLS_BYTE_2( n ); \ + ( data )[( offset ) + 3] = MBEDTLS_BYTE_3( n ); \ +} #endif /** @@ -169,10 +169,10 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c * integer from. */ #ifndef MBEDTLS_GET_UINT16_LE -#define MBEDTLS_GET_UINT16_LE( data, offset ) \ - ( \ - ( (uint16_t) ( data )[( offset ) ] ) \ - | ( (uint16_t) ( data )[( offset ) + 1] << 8 ) \ +#define MBEDTLS_GET_UINT16_LE( data, offset ) \ + ( \ + ( (uint16_t) ( data )[( offset ) ] ) \ + | ( (uint16_t) ( data )[( offset ) + 1] << 8 ) \ ) #endif @@ -186,16 +186,16 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c * byte of the 16 bits unsigned integer \p n. */ #ifndef MBEDTLS_PUT_UINT16_LE -#define MBEDTLS_PUT_UINT16_LE( n, data, offset ) \ -{ \ - ( data )[( offset ) ] = (unsigned char) ( ( (n) ) & 0xFF ); \ - ( data )[( offset ) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \ +#define MBEDTLS_PUT_UINT16_LE( n, data, offset ) \ +{ \ + ( data )[( offset ) ] = MBEDTLS_BYTE_0( n ); \ + ( data )[( offset ) + 1] = MBEDTLS_BYTE_1( n ); \ } #endif /** * Get the unsigned 16 bits integer corresponding to two bytes in - * big-endian order (LSB first). + * big-endian order (MSB first). * * \param data Base address of the memory to get the two bytes from. * \param offset Offset from \p base of the first and most significant @@ -203,10 +203,10 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c * integer from. */ #ifndef MBEDTLS_GET_UINT16_BE -#define MBEDTLS_GET_UINT16_BE( data, offset ) \ - ( \ - ( (uint16_t) ( data )[( offset ) ] << 8 ) \ - | ( (uint16_t) ( data )[( offset ) + 1] ) \ +#define MBEDTLS_GET_UINT16_BE( data, offset ) \ + ( \ + ( (uint16_t) ( data )[( offset ) ] << 8 ) \ + | ( (uint16_t) ( data )[( offset ) + 1] ) \ ) #endif @@ -220,10 +220,10 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c * byte of the 16 bits unsigned integer \p n. */ #ifndef MBEDTLS_PUT_UINT16_BE -#define MBEDTLS_PUT_UINT16_BE( n, data, offset ) \ -{ \ - ( data )[( offset ) ] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \ - ( data )[( offset ) + 1] = (unsigned char) ( ( (n) ) & 0xFF ); \ +#define MBEDTLS_PUT_UINT16_BE( n, data, offset ) \ +{ \ + ( data )[( offset ) ] = MBEDTLS_BYTE_1( n ); \ + ( data )[( offset ) + 1] = MBEDTLS_BYTE_0( n ); \ } #endif @@ -237,16 +237,16 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c * integer from. */ #ifndef MBEDTLS_GET_UINT64_BE -#define MBEDTLS_GET_UINT64_BE( data, offset ) \ - ( \ - ( (uint64_t) ( data )[( offset ) ] << 56 ) \ - | ( (uint64_t) ( data )[( offset ) + 1] << 48 ) \ - | ( (uint64_t) ( data )[( offset ) + 2] << 40 ) \ - | ( (uint64_t) ( data )[( offset ) + 3] << 32 ) \ - | ( (uint64_t) ( data )[( offset ) + 4] << 24 ) \ - | ( (uint64_t) ( data )[( offset ) + 5] << 16 ) \ - | ( (uint64_t) ( data )[( offset ) + 6] << 8 ) \ - | ( (uint64_t) ( data )[( offset ) + 7] ) \ +#define MBEDTLS_GET_UINT64_BE( data, offset ) \ + ( \ + ( (uint64_t) ( data )[( offset ) ] << 56 ) \ + | ( (uint64_t) ( data )[( offset ) + 1] << 48 ) \ + | ( (uint64_t) ( data )[( offset ) + 2] << 40 ) \ + | ( (uint64_t) ( data )[( offset ) + 3] << 32 ) \ + | ( (uint64_t) ( data )[( offset ) + 4] << 24 ) \ + | ( (uint64_t) ( data )[( offset ) + 5] << 16 ) \ + | ( (uint64_t) ( data )[( offset ) + 6] << 8 ) \ + | ( (uint64_t) ( data )[( offset ) + 7] ) \ ) #endif @@ -260,16 +260,16 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c * byte of the 64 bits unsigned integer \p n. */ #ifndef MBEDTLS_PUT_UINT64_BE -#define MBEDTLS_PUT_UINT64_BE( n, data, offset ) \ -{ \ - ( data )[( offset ) ] = (unsigned char) ( (n) >> 56 ); \ - ( data )[( offset ) + 1] = (unsigned char) ( (n) >> 48 ); \ - ( data )[( offset ) + 2] = (unsigned char) ( (n) >> 40 ); \ - ( data )[( offset ) + 3] = (unsigned char) ( (n) >> 32 ); \ - ( data )[( offset ) + 4] = (unsigned char) ( (n) >> 24 ); \ - ( data )[( offset ) + 5] = (unsigned char) ( (n) >> 16 ); \ - ( data )[( offset ) + 6] = (unsigned char) ( (n) >> 8 ); \ - ( data )[( offset ) + 7] = (unsigned char) ( (n) ); \ +#define MBEDTLS_PUT_UINT64_BE( n, data, offset ) \ +{ \ + ( data )[( offset ) ] = MBEDTLS_BYTE_7( n ); \ + ( data )[( offset ) + 1] = MBEDTLS_BYTE_6( n ); \ + ( data )[( offset ) + 2] = MBEDTLS_BYTE_5( n ); \ + ( data )[( offset ) + 3] = MBEDTLS_BYTE_4( n ); \ + ( data )[( offset ) + 4] = MBEDTLS_BYTE_3( n ); \ + ( data )[( offset ) + 5] = MBEDTLS_BYTE_2( n ); \ + ( data )[( offset ) + 6] = MBEDTLS_BYTE_1( n ); \ + ( data )[( offset ) + 7] = MBEDTLS_BYTE_0( n ); \ } #endif @@ -283,16 +283,16 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c * integer from. */ #ifndef MBEDTLS_GET_UINT64_LE -#define MBEDTLS_GET_UINT64_LE( data, offset ) \ - ( \ - ( (uint64_t) ( data )[( offset ) + 7] << 56 ) \ - | ( (uint64_t) ( data )[( offset ) + 6] << 48 ) \ - | ( (uint64_t) ( data )[( offset ) + 5] << 40 ) \ - | ( (uint64_t) ( data )[( offset ) + 4] << 32 ) \ - | ( (uint64_t) ( data )[( offset ) + 3] << 24 ) \ - | ( (uint64_t) ( data )[( offset ) + 2] << 16 ) \ - | ( (uint64_t) ( data )[( offset ) + 1] << 8 ) \ - | ( (uint64_t) ( data )[( offset ) ] ) \ +#define MBEDTLS_GET_UINT64_LE( data, offset ) \ + ( \ + ( (uint64_t) ( data )[( offset ) + 7] << 56 ) \ + | ( (uint64_t) ( data )[( offset ) + 6] << 48 ) \ + | ( (uint64_t) ( data )[( offset ) + 5] << 40 ) \ + | ( (uint64_t) ( data )[( offset ) + 4] << 32 ) \ + | ( (uint64_t) ( data )[( offset ) + 3] << 24 ) \ + | ( (uint64_t) ( data )[( offset ) + 2] << 16 ) \ + | ( (uint64_t) ( data )[( offset ) + 1] << 8 ) \ + | ( (uint64_t) ( data )[( offset ) ] ) \ ) #endif @@ -306,16 +306,16 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c * byte of the 64 bits unsigned integer \p n. */ #ifndef MBEDTLS_PUT_UINT64_LE -#define MBEDTLS_PUT_UINT64_LE( n, data, offset ) \ -{ \ - ( data )[( offset ) + 7] = (unsigned char) ( (n) >> 56 ); \ - ( data )[( offset ) + 6] = (unsigned char) ( (n) >> 48 ); \ - ( data )[( offset ) + 5] = (unsigned char) ( (n) >> 40 ); \ - ( data )[( offset ) + 4] = (unsigned char) ( (n) >> 32 ); \ - ( data )[( offset ) + 3] = (unsigned char) ( (n) >> 24 ); \ - ( data )[( offset ) + 2] = (unsigned char) ( (n) >> 16 ); \ - ( data )[( offset ) + 1] = (unsigned char) ( (n) >> 8 ); \ - ( data )[( offset ) ] = (unsigned char) ( (n) ); \ +#define MBEDTLS_PUT_UINT64_LE( n, data, offset ) \ +{ \ + ( data )[( offset ) ] = MBEDTLS_BYTE_0( n ); \ + ( data )[( offset ) + 1] = MBEDTLS_BYTE_1( n ); \ + ( data )[( offset ) + 2] = MBEDTLS_BYTE_2( n ); \ + ( data )[( offset ) + 3] = MBEDTLS_BYTE_3( n ); \ + ( data )[( offset ) + 4] = MBEDTLS_BYTE_4( n ); \ + ( data )[( offset ) + 5] = MBEDTLS_BYTE_5( n ); \ + ( data )[( offset ) + 6] = MBEDTLS_BYTE_6( n ); \ + ( data )[( offset ) + 7] = MBEDTLS_BYTE_7( n ); \ } #endif From d0687856afdc603112b39edf5443dfe539eaee40 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Wed, 21 Jul 2021 15:22:47 +0100 Subject: [PATCH 75/81] Improve documentation and add more uses of MBEDTLS_PUT minor changes, such as improving the documentation for the byte reading macros, and using MBEDTLS_PUT_UINT16_xy in place of byte reading macro combinations Signed-off-by: Joe Subbiani --- library/ccm.c | 3 +-- library/common.h | 5 ++--- library/ecp.c | 3 +-- library/ssl_cli.c | 2 +- 4 files changed, 5 insertions(+), 8 deletions(-) diff --git a/library/ccm.c b/library/ccm.c index 0188075f5..a21a37f55 100644 --- a/library/ccm.c +++ b/library/ccm.c @@ -221,8 +221,7 @@ static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length, src = add; memset( b, 0, 16 ); - b[0] = MBEDTLS_BYTE_1( add_len ); - b[1] = MBEDTLS_BYTE_0( add_len ); + MBEDTLS_PUT_UINT16_BE( add_len, b, 0 ); use_len = len_left < 16 - 2 ? len_left : 16 - 2; memcpy( b + 2, src, use_len ); diff --git a/library/common.h b/library/common.h index ba0396c58..d740c7338 100644 --- a/library/common.h +++ b/library/common.h @@ -70,9 +70,8 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c /** Byte Reading Macros * - * Obtain the most significant byte of x using 0xff - * Using MBEDTLS_BYTE_a will shift a*8 bits - * to retrieve the next byte of information + * Given a multi-byte integer \p x, MBEDTLS_BYTE_n retrieves the n-th + * byte from x, where byte 0 is the least significant byte. */ #define MBEDTLS_BYTE_0( x ) ( (uint8_t) ( ( x ) & 0xff ) ) #define MBEDTLS_BYTE_1( x ) ( (uint8_t) ( ( ( x ) >> 8 ) & 0xff ) ) diff --git a/library/ecp.c b/library/ecp.c index fdfc96006..0212069c8 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -1012,8 +1012,7 @@ int mbedtls_ecp_tls_write_group( const mbedtls_ecp_group *grp, size_t *olen, /* * Next two bytes are the namedcurve value */ - buf[0] = MBEDTLS_BYTE_1( curve_info->tls_id ); - buf[1] = MBEDTLS_BYTE_0( curve_info->tls_id ); + MBEDTLS_PUT_UINT16_BE( curve_info->tls_id, buf, 0 ); return( 0 ); } diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 3a0e6df6f..0e25b6c60 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -762,7 +762,7 @@ static int ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_USE_SRTP ); - *p++ = MBEDTLS_BYTE_1( ext_len & 0xFF00 ); + *p++ = MBEDTLS_BYTE_1( ext_len ); *p++ = MBEDTLS_BYTE_0( ext_len ); /* protection profile length: 2*(ssl->conf->dtls_srtp_profile_list_len) */ From 9ab1866b0d0adace1c6c7ac65e0d8c586ad5a320 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Wed, 21 Jul 2021 16:35:48 +0100 Subject: [PATCH 76/81] Remove trailing whitespace Signed-off-by: Joe Subbiani --- library/common.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/common.h b/library/common.h index d740c7338..780ce378d 100644 --- a/library/common.h +++ b/library/common.h @@ -70,7 +70,7 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c /** Byte Reading Macros * - * Given a multi-byte integer \p x, MBEDTLS_BYTE_n retrieves the n-th + * Given a multi-byte integer \p x, MBEDTLS_BYTE_n retrieves the n-th * byte from x, where byte 0 is the least significant byte. */ #define MBEDTLS_BYTE_0( x ) ( (uint8_t) ( ( x ) & 0xff ) ) From 1f6c3aeb63a40c22af17311ea3a8cf6e3f02e554 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Fri, 20 Aug 2021 11:44:44 +0100 Subject: [PATCH 77/81] Tidy up ssl_*.c grouped MBEDTLS_BYTE_x macros exchange groups of the byte reading macros with MBEDTLS_PUT_UINTxyz and then shift the pointer afterwards. Easier to read as you can see how big the data is that you are putting in, and in the case of UINT32 AND UINT64 it saves some vertical space. Signed-off-by: Joe Subbiani --- library/ssl_cli.c | 121 +++++++++++++++++++++++----------------------- library/ssl_srv.c | 59 +++++++++++----------- library/ssl_tls.c | 62 +++++++----------------- 3 files changed, 106 insertions(+), 136 deletions(-) diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 0e25b6c60..df32cfdb6 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -136,18 +136,19 @@ static int ssl_write_hostname_ext( mbedtls_ssl_context *ssl, * } ServerNameList; * */ - *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_SERVERNAME ); - *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_SERVERNAME ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_SERVERNAME, p, 0 ); + p += 2; - *p++ = MBEDTLS_BYTE_1( hostname_len + 5); - *p++ = MBEDTLS_BYTE_0( hostname_len + 5); + MBEDTLS_PUT_UINT16_BE( hostname_len + 5, p, 0 ); + p += 2; - *p++ = MBEDTLS_BYTE_1( hostname_len + 3 ); - *p++ = MBEDTLS_BYTE_0( hostname_len + 3 ); + MBEDTLS_PUT_UINT16_BE( hostname_len + 3, p, 0 ); + p += 2; *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_SERVERNAME_HOSTNAME ); - *p++ = MBEDTLS_BYTE_1( hostname_len ); - *p++ = MBEDTLS_BYTE_0( hostname_len ); + + MBEDTLS_PUT_UINT16_BE( hostname_len, p, 0 ); + p += 2; memcpy( p, ssl->hostname, hostname_len ); @@ -181,8 +182,8 @@ static int ssl_write_renegotiation_ext( mbedtls_ssl_context *ssl, /* * Secure renegotiation */ - *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ); - *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO, p, 0 ); + p += 2; *p++ = 0x00; *p++ = MBEDTLS_BYTE_0( ssl->verify_data_len + 1 ); @@ -281,14 +282,14 @@ static int ssl_write_signature_algorithms_ext( mbedtls_ssl_context *ssl, * SignatureAndHashAlgorithm * supported_signature_algorithms<2..2^16-2>; */ - *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_SIG_ALG ); - *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_SIG_ALG ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_SIG_ALG, p, 0 ); + p += 2; - *p++ = MBEDTLS_BYTE_1( sig_alg_len + 2 ); - *p++ = MBEDTLS_BYTE_0( sig_alg_len + 2 ); + MBEDTLS_PUT_UINT16_BE( sig_alg_len + 2, p, 0 ); + p += 2; - *p++ = MBEDTLS_BYTE_1( sig_alg_len ); - *p++ = MBEDTLS_BYTE_0( sig_alg_len ); + MBEDTLS_PUT_UINT16_BE( sig_alg_len, p, 0 ); + p += 2; *olen = 6 + sig_alg_len; @@ -356,14 +357,14 @@ static int ssl_write_supported_elliptic_curves_ext( mbedtls_ssl_context *ssl, elliptic_curve_list[elliptic_curve_len++] = MBEDTLS_BYTE_0( info->tls_id ); } - *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES ); - *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES, p, 0 ); + p += 2; - *p++ = MBEDTLS_BYTE_1( elliptic_curve_len + 2 ); - *p++ = MBEDTLS_BYTE_0( elliptic_curve_len + 2 ); + MBEDTLS_PUT_UINT16_BE( elliptic_curve_len + 2, p, 0 ); + p += 2; - *p++ = MBEDTLS_BYTE_1( elliptic_curve_len ); - *p++ = MBEDTLS_BYTE_0( elliptic_curve_len ); + MBEDTLS_PUT_UINT16_BE( elliptic_curve_len, p, 0 ); + p += 2; *olen = 6 + elliptic_curve_len; @@ -384,8 +385,8 @@ static int ssl_write_supported_point_formats_ext( mbedtls_ssl_context *ssl, ( "client hello, adding supported_point_formats extension" ) ); MBEDTLS_SSL_CHK_BUF_PTR( p, end, 6 ); - *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ); - *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS, p, 0 ); + p += 2; *p++ = 0x00; *p++ = 2; @@ -421,8 +422,8 @@ static int ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_CHK_BUF_PTR( p, end, 4 ); - *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ); - *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_ECJPAKE_KKPP, p, 0 ); + p += 2; /* * We may need to send ClientHello multiple times for Hello verification. @@ -464,8 +465,8 @@ static int ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl, memcpy( p + 2, ssl->handshake->ecjpake_cache, kkpp_len ); } - *p++ = MBEDTLS_BYTE_1( kkpp_len ); - *p++ = MBEDTLS_BYTE_0( kkpp_len ); + MBEDTLS_PUT_UINT16_BE( kkpp_len, p, 0 ); + p += 2; *olen = kkpp_len + 4; @@ -504,11 +505,11 @@ static int ssl_write_cid_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_CHK_BUF_PTR( p, end, (unsigned)( ssl->own_cid_len + 5 ) ); /* Add extension ID + size */ - *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_CID ); - *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_CID ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_CID, p, 0 ); + p += 2; ext_len = (size_t) ssl->own_cid_len + 1; - *p++ = MBEDTLS_BYTE_1( ext_len ); - *p++ = MBEDTLS_BYTE_0( ext_len ); + MBEDTLS_PUT_UINT16_BE( ext_len, p, 0 ); + p += 2; *p++ = (uint8_t) ssl->own_cid_len; memcpy( p, ssl->own_cid, ssl->own_cid_len ); @@ -537,8 +538,8 @@ static int ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_CHK_BUF_PTR( p, end, 5 ); - *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ); - *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH, p, 0 ); + p += 2; *p++ = 0x00; *p++ = 1; @@ -569,8 +570,8 @@ static int ssl_write_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_CHK_BUF_PTR( p, end, 4 ); - *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ); - *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC, p, 0 ); + p += 2; *p++ = 0x00; *p++ = 0x00; @@ -599,8 +600,8 @@ static int ssl_write_extended_ms_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_CHK_BUF_PTR( p, end, 4 ); - *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ); - *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET, p, 0 ); + p += 2; *p++ = 0x00; *p++ = 0x00; @@ -631,11 +632,11 @@ static int ssl_write_session_ticket_ext( mbedtls_ssl_context *ssl, /* The addition is safe here since the ticket length is 16 bit. */ MBEDTLS_SSL_CHK_BUF_PTR( p, end, 4 + tlen ); - *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_SESSION_TICKET ); - *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_SESSION_TICKET ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_SESSION_TICKET, p, 0 ); + p += 2; - *p++ = MBEDTLS_BYTE_1( tlen ); - *p++ = MBEDTLS_BYTE_0( tlen ); + MBEDTLS_PUT_UINT16_BE( tlen, p, 0 ); + p += 2; *olen = 4; @@ -675,8 +676,8 @@ static int ssl_write_alpn_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_CHK_BUF_PTR( p, end, 6 + alpnlen ); - *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_ALPN ); - *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_ALPN ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_ALPN, p, 0 ); + p += 2; /* * opaque ProtocolName<1..2^8-1>; @@ -758,12 +759,11 @@ static int ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, */ MBEDTLS_SSL_CHK_BUF_PTR( p, end, ext_len + 4 ); - *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_USE_SRTP ); - *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_USE_SRTP ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_USE_SRTP, p, 0 ); + p += 2; - - *p++ = MBEDTLS_BYTE_1( ext_len ); - *p++ = MBEDTLS_BYTE_0( ext_len ); + MBEDTLS_PUT_UINT16_BE( ext_len, p, 0 ); + p += 2; /* protection profile length: 2*(ssl->conf->dtls_srtp_profile_list_len) */ /* micro-optimization: @@ -786,8 +786,9 @@ static int ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, { MBEDTLS_SSL_DEBUG_MSG( 3, ( "ssl_write_use_srtp_ext, add profile: %04x", profile_value ) ); - *p++ = MBEDTLS_BYTE_1( profile_value ); - *p++ = MBEDTLS_BYTE_0( profile_value ); + MBEDTLS_PUT_UINT16_BE( profile_value, p, 0 ); + p += 2; + } else { @@ -855,10 +856,8 @@ static int ssl_generate_random( mbedtls_ssl_context *ssl ) #if defined(MBEDTLS_HAVE_TIME) t = mbedtls_time( NULL ); - *p++ = MBEDTLS_BYTE_3( t ); - *p++ = MBEDTLS_BYTE_2( t ); - *p++ = MBEDTLS_BYTE_1( t ); - *p++ = MBEDTLS_BYTE_0( t ); + MBEDTLS_PUT_UINT32_BE( t, p, 0 ); + p += 4; MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, current time: %" MBEDTLS_PRINTF_LONGLONG, (long long) t ) ); @@ -1141,8 +1140,8 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_CHK_BUF_PTR( p, end, 2 ); n++; - *p++ = MBEDTLS_BYTE_1( ciphersuites[i] ); - *p++ = MBEDTLS_BYTE_0( ciphersuites[i] ); + MBEDTLS_PUT_UINT16_BE( ciphersuites[i], p, 0 ); + p += 2; } MBEDTLS_SSL_DEBUG_MSG( 3, @@ -1157,8 +1156,8 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl ) { MBEDTLS_SSL_DEBUG_MSG( 3, ( "adding EMPTY_RENEGOTIATION_INFO_SCSV" ) ); MBEDTLS_SSL_CHK_BUF_PTR( p, end, 2 ); - *p++ = MBEDTLS_BYTE_1( MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO ); - *p++ = MBEDTLS_BYTE_0( MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO, p, 0 ); + p += 2; n++; } @@ -1321,8 +1320,8 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl ) { /* No need to check for space here, because the extension * writing functions already took care of that. */ - *p++ = MBEDTLS_BYTE_1( ext_len ); - *p++ = MBEDTLS_BYTE_0( ext_len ); + MBEDTLS_PUT_UINT16_BE( ext_len, p, 0 ); + p += 2; p += ext_len; } diff --git a/library/ssl_srv.c b/library/ssl_srv.c index a791b8076..c63af7a32 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -1970,12 +1970,11 @@ static void ssl_write_cid_ext( mbedtls_ssl_context *ssl, * opaque cid<0..2^8-1>; * } ConnectionId; */ - - *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_CID ); - *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_CID ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_CID, p, 0 ); + p += 2; ext_len = (size_t) ssl->own_cid_len + 1; - *p++ = MBEDTLS_BYTE_1( ext_len ); - *p++ = MBEDTLS_BYTE_0( ext_len ); + MBEDTLS_PUT_UINT16_BE( ext_len, p, 0 ); + p += 2; *p++ = (uint8_t) ssl->own_cid_len; memcpy( p, ssl->own_cid, ssl->own_cid_len ); @@ -2016,8 +2015,8 @@ static void ssl_write_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding encrypt then mac extension" ) ); - *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ); - *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC, p, 0 ); + p += 2; *p++ = 0x00; *p++ = 0x00; @@ -2042,8 +2041,8 @@ static void ssl_write_extended_ms_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding extended master secret " "extension" ) ); - *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ); - *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET, p, 0 ); + p += 2; *p++ = 0x00; *p++ = 0x00; @@ -2067,8 +2066,8 @@ static void ssl_write_session_ticket_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding session ticket extension" ) ); - *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_SESSION_TICKET ); - *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_SESSION_TICKET ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_SESSION_TICKET, p, 0 ); + p += 2; *p++ = 0x00; *p++ = 0x00; @@ -2091,8 +2090,8 @@ static void ssl_write_renegotiation_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, secure renegotiation extension" ) ); - *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ); - *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO, p, 0 ); + p += 2; #if defined(MBEDTLS_SSL_RENEGOTIATION) if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE ) @@ -2132,8 +2131,8 @@ static void ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, max_fragment_length extension" ) ); - *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ); - *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH, p, 0 ); + p += 2; *p++ = 0x00; *p++ = 1; @@ -2162,8 +2161,8 @@ static void ssl_write_supported_point_formats_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, supported_point_formats extension" ) ); - *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ); - *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS, p, 0 ); + p += 2; *p++ = 0x00; *p++ = 2; @@ -2200,8 +2199,8 @@ static void ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl, return; } - *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ); - *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_ECJPAKE_KKPP, p, 0 ); + p += 2; ret = mbedtls_ecjpake_write_round_one( &ssl->handshake->ecjpake_ctx, p + 2, end - p - 2, &kkpp_len, @@ -2212,8 +2211,8 @@ static void ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl, return; } - *p++ = MBEDTLS_BYTE_1( kkpp_len ); - *p++ = MBEDTLS_BYTE_0( kkpp_len ); + MBEDTLS_PUT_UINT16_BE( kkpp_len, p, 0 ); + p += 2; *olen = kkpp_len + 4; } @@ -2488,10 +2487,8 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl ) #if defined(MBEDTLS_HAVE_TIME) t = mbedtls_time( NULL ); - *p++ = MBEDTLS_BYTE_3( t ); - *p++ = MBEDTLS_BYTE_2( t ); - *p++ = MBEDTLS_BYTE_1( t ); - *p++ = MBEDTLS_BYTE_0( t ); + MBEDTLS_PUT_UINT32_BE( t, p, 0 ); + p += 4; MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, current time: %" MBEDTLS_PRINTF_LONGLONG, (long long) t ) ); @@ -2572,8 +2569,8 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_MSG( 3, ( "%s session has been resumed", ssl->handshake->resume ? "a" : "no" ) ); - *p++ = MBEDTLS_BYTE_1( ssl->session_negotiate->ciphersuite ); - *p++ = MBEDTLS_BYTE_0( ssl->session_negotiate->ciphersuite ); + MBEDTLS_PUT_UINT16_BE( ssl->session_negotiate->ciphersuite, p, 0 ); + p += 2; *p++ = MBEDTLS_BYTE_0( ssl->session_negotiate->compression ); MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, chosen ciphersuite: %s", @@ -2642,8 +2639,8 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl ) if( ext_len > 0 ) { - *p++ = MBEDTLS_BYTE_1( ext_len ); - *p++ = MBEDTLS_BYTE_0( ext_len ); + MBEDTLS_PUT_UINT16_BE( ext_len, p, 0 ); + p += 2; p += ext_len; } @@ -2819,8 +2816,8 @@ static int ssl_write_certificate_request( mbedtls_ssl_context *ssl ) break; } - *p++ = MBEDTLS_BYTE_1( dn_size ); - *p++ = MBEDTLS_BYTE_0( dn_size ); + MBEDTLS_PUT_UINT16_BE( dn_size, p, 0 ); + p += 2; memcpy( p, crt->subject_raw.p, dn_size ); p += dn_size; diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 33f026f4d..abf4c0f5f 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -4664,14 +4664,8 @@ static size_t ssl_session_save_tls12( const mbedtls_ssl_session *session, { start = (uint64_t) session->start; - *p++ = MBEDTLS_BYTE_7( start ); - *p++ = MBEDTLS_BYTE_6( start ); - *p++ = MBEDTLS_BYTE_5( start ); - *p++ = MBEDTLS_BYTE_4( start ); - *p++ = MBEDTLS_BYTE_3( start ); - *p++ = MBEDTLS_BYTE_2( start ); - *p++ = MBEDTLS_BYTE_1( start ); - *p++ = MBEDTLS_BYTE_0( start ); + MBEDTLS_PUT_UINT64_BE( start, p, 0 ); + p += 8; } #endif /* MBEDTLS_HAVE_TIME */ @@ -4687,8 +4681,8 @@ static size_t ssl_session_save_tls12( const mbedtls_ssl_session *session, if( used <= buf_len ) { - *p++ = MBEDTLS_BYTE_1( session->ciphersuite ); - *p++ = MBEDTLS_BYTE_0( session->ciphersuite ); + MBEDTLS_PUT_UINT16_BE( session->ciphersuite, p, 0 ); + p += 2; *p++ = MBEDTLS_BYTE_0( session->compression ); @@ -4699,10 +4693,8 @@ static size_t ssl_session_save_tls12( const mbedtls_ssl_session *session, memcpy( p, session->master, 48 ); p += 48; - *p++ = MBEDTLS_BYTE_3( session->verify_result ); - *p++ = MBEDTLS_BYTE_2( session->verify_result ); - *p++ = MBEDTLS_BYTE_1( session->verify_result ); - *p++ = MBEDTLS_BYTE_0( session->verify_result ); + MBEDTLS_PUT_UINT32_BE( session->verify_result, p, 0 ); + p += 4; } /* @@ -4772,10 +4764,8 @@ static size_t ssl_session_save_tls12( const mbedtls_ssl_session *session, p += session->ticket_len; } - *p++ = MBEDTLS_BYTE_3( session->ticket_lifetime ); - *p++ = MBEDTLS_BYTE_2( session->ticket_lifetime ); - *p++ = MBEDTLS_BYTE_1( session->ticket_lifetime ); - *p++ = MBEDTLS_BYTE_0( session->ticket_lifetime ); + MBEDTLS_PUT_UINT32_BE( session->ticket_lifetime, p, 0 ); + p += 4; } #endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */ @@ -5713,10 +5703,8 @@ int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl, used += 4 + session_len; if( used <= buf_len ) { - *p++ = MBEDTLS_BYTE_3( session_len ); - *p++ = MBEDTLS_BYTE_2( session_len ); - *p++ = MBEDTLS_BYTE_1( session_len ); - *p++ = MBEDTLS_BYTE_0( session_len ); + MBEDTLS_PUT_UINT32_BE( session_len, p, 0 ); + p += 4; ret = ssl_session_save( ssl->session, 1, p, session_len, &session_len ); @@ -5757,33 +5745,19 @@ int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl, used += 4; if( used <= buf_len ) { - *p++ = MBEDTLS_BYTE_3( ssl->badmac_seen ); - *p++ = MBEDTLS_BYTE_2( ssl->badmac_seen ); - *p++ = MBEDTLS_BYTE_1( ssl->badmac_seen ); - *p++ = MBEDTLS_BYTE_0( ssl->badmac_seen ); + MBEDTLS_PUT_UINT32_BE( ssl->badmac_seen, p, 0 ); + p += 4; } #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) used += 16; if( used <= buf_len ) { - *p++ = MBEDTLS_BYTE_7( ssl->in_window_top ); - *p++ = MBEDTLS_BYTE_6( ssl->in_window_top ); - *p++ = MBEDTLS_BYTE_5( ssl->in_window_top ); - *p++ = MBEDTLS_BYTE_4( ssl->in_window_top ); - *p++ = MBEDTLS_BYTE_3( ssl->in_window_top ); - *p++ = MBEDTLS_BYTE_2( ssl->in_window_top ); - *p++ = MBEDTLS_BYTE_1( ssl->in_window_top ); - *p++ = MBEDTLS_BYTE_0( ssl->in_window_top ); + MBEDTLS_PUT_UINT64_BE( ssl->in_window_top, p, 0 ); + p += 8; - *p++ = MBEDTLS_BYTE_7( ssl->in_window ); - *p++ = MBEDTLS_BYTE_6( ssl->in_window ); - *p++ = MBEDTLS_BYTE_5( ssl->in_window ); - *p++ = MBEDTLS_BYTE_4( ssl->in_window ); - *p++ = MBEDTLS_BYTE_3( ssl->in_window ); - *p++ = MBEDTLS_BYTE_2( ssl->in_window ); - *p++ = MBEDTLS_BYTE_1( ssl->in_window ); - *p++ = MBEDTLS_BYTE_0( ssl->in_window ); + MBEDTLS_PUT_UINT64_BE( ssl->in_window, p, 0 ); + p += 8; } #endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */ @@ -5806,8 +5780,8 @@ int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl, used += 2; if( used <= buf_len ) { - *p++ = MBEDTLS_BYTE_1( ssl->mtu ); - *p++ = MBEDTLS_BYTE_0( ssl->mtu ); + MBEDTLS_PUT_UINT16_BE( ssl->mtu, p, 0 ); + p += 2; } #endif /* MBEDTLS_SSL_PROTO_DTLS */ From e4603eece9aa216190edb5edd0dd3f51cf47df48 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Fri, 20 Aug 2021 13:05:30 +0100 Subject: [PATCH 78/81] Compress byte reading macros in if statements exchange MBEDTLS_BYTE_x in if statements with MBEDTLS_GET_UINT16_BE Signed-off-by: Joe Subbiani --- library/ssl_srv.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/library/ssl_srv.c b/library/ssl_srv.c index c63af7a32..1841b5579 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -1848,8 +1848,7 @@ read_record_header: for( j = 0, p = buf + ciph_offset + 2; j < ciph_len; j += 2, p += 2 ) for( i = 0; ciphersuites[i] != 0; i++ ) { - if( p[0] != MBEDTLS_BYTE_1( ciphersuites[i] ) || - p[1] != MBEDTLS_BYTE_0( ciphersuites[i] )) + if( MBEDTLS_GET_UINT16_BE(p, 0) != ciphersuites[i] ) continue; got_common_suite = 1; @@ -1865,8 +1864,7 @@ read_record_header: for( i = 0; ciphersuites[i] != 0; i++ ) for( j = 0, p = buf + ciph_offset + 2; j < ciph_len; j += 2, p += 2 ) { - if( p[0] != MBEDTLS_BYTE_1( ciphersuites[i] ) || - p[1] != MBEDTLS_BYTE_0( ciphersuites[i] )) + if( MBEDTLS_GET_UINT16_BE(p, 0) != ciphersuites[i] ) continue; got_common_suite = 1; From 94180e708ff9496f7b3bc6bfe50bdaab7226ba34 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Fri, 20 Aug 2021 16:20:44 +0100 Subject: [PATCH 79/81] Minor coding style improvement Signed-off-by: Joe Subbiani --- library/ssl_cli.c | 4 +--- library/ssl_srv.c | 3 +-- 2 files changed, 2 insertions(+), 5 deletions(-) diff --git a/library/ssl_cli.c b/library/ssl_cli.c index df32cfdb6..9120aa2f7 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -788,7 +788,6 @@ static int ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, profile_value ) ); MBEDTLS_PUT_UINT16_BE( profile_value, p, 0 ); p += 2; - } else { @@ -1321,8 +1320,7 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl ) /* No need to check for space here, because the extension * writing functions already took care of that. */ MBEDTLS_PUT_UINT16_BE( ext_len, p, 0 ); - p += 2; - p += ext_len; + p += 2 + ext_len; } ssl->out_msglen = p - buf; diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 1841b5579..b8c431484 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -2638,8 +2638,7 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl ) if( ext_len > 0 ) { MBEDTLS_PUT_UINT16_BE( ext_len, p, 0 ); - p += 2; - p += ext_len; + p += 2 + ext_len; } ssl->out_msglen = p - buf; From 90cc33aad60b14a7425f751c0d0f2494ac2dd782 Mon Sep 17 00:00:00 2001 From: Andrey Starodubtsev Date: Mon, 23 Aug 2021 12:14:56 +0300 Subject: [PATCH 80/81] Misprint was fixed Signed-off-by: Andrey Starodubtsev --- include/mbedtls/ssl.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index f08fc89a5..3cb896cb4 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -602,7 +602,7 @@ typedef int mbedtls_ssl_recv_t( void *ctx, * \param ctx Context for the receive callback (typically a file descriptor) * \param buf Buffer to write the received data to * \param len Length of the receive buffer - * \param timeout Maximum nomber of millisecondes to wait for data + * \param timeout Maximum number of milliseconds to wait for data * 0 means no timeout (potentially waiting forever) * * \return The callback must return the number of bytes received, From a5cb0d24d4737fa02ff9c0df315a582558c0ecc8 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Mon, 23 Aug 2021 11:35:25 +0100 Subject: [PATCH 81/81] Tidy up grouped MBEDTLS_BYTE_x macros exchange groups of the byte reading macros with MBEDTLS_PUT_UINTxyz and then shift the pointer afterwards. Easier to read as you can see how big the data is that you are putting in, and in the case of UINT32 AND UINT64 it saves some vertical space. Signed-off-by: Joe Subbiani --- library/ctr_drbg.c | 7 ++----- library/ecjpake.c | 11 +++-------- library/ssl_tls.c | 18 ++++++++---------- 3 files changed, 13 insertions(+), 23 deletions(-) diff --git a/library/ctr_drbg.c b/library/ctr_drbg.c index 68b32a366..93a7cdcd1 100644 --- a/library/ctr_drbg.c +++ b/library/ctr_drbg.c @@ -152,11 +152,8 @@ static int block_cipher_df( unsigned char *output, * (Total is padded to a multiple of 16-bytes with zeroes) */ p = buf + MBEDTLS_CTR_DRBG_BLOCKSIZE; - *p++ = MBEDTLS_BYTE_3( data_len ); - *p++ = MBEDTLS_BYTE_2( data_len ); - *p++ = MBEDTLS_BYTE_1( data_len ); - *p++ = MBEDTLS_BYTE_0( data_len ); - p += 3; + MBEDTLS_PUT_UINT32_BE( data_len, p, 0); + p += 4 + 3; *p++ = MBEDTLS_CTR_DRBG_SEEDLEN; memcpy( p, data, data_len ); p[data_len] = 0x80; diff --git a/library/ecjpake.c b/library/ecjpake.c index a599b1ba4..738a97719 100644 --- a/library/ecjpake.c +++ b/library/ecjpake.c @@ -180,10 +180,7 @@ static int ecjpake_write_len_point( unsigned char **p, if( ret != 0 ) return( ret ); - (*p)[0] = MBEDTLS_BYTE_3( len ); - (*p)[1] = MBEDTLS_BYTE_2( len ); - (*p)[2] = MBEDTLS_BYTE_1( len ); - (*p)[3] = MBEDTLS_BYTE_0( len ); + MBEDTLS_PUT_UINT32_BE( len, *p, 0 ); *p += 4 + len; @@ -223,10 +220,8 @@ static int ecjpake_hash( const mbedtls_md_info_t *md_info, if( end - p < 4 ) return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL ); - *p++ = MBEDTLS_BYTE_3( id_len ); - *p++ = MBEDTLS_BYTE_2( id_len ); - *p++ = MBEDTLS_BYTE_1( id_len ); - *p++ = MBEDTLS_BYTE_0( id_len ); + MBEDTLS_PUT_UINT32_BE( id_len, p, 0 ); + p += 4; if( end < p || (size_t)( end - p ) < id_len ) return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL ); diff --git a/library/ssl_tls.c b/library/ssl_tls.c index abf4c0f5f..5cd47e6ce 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -1487,8 +1487,8 @@ int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exch if( end - p < 2 ) return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - *(p++) = MBEDTLS_BYTE_1( psk_len ); - *(p++) = MBEDTLS_BYTE_0( psk_len ); + MBEDTLS_PUT_UINT16_BE( psk_len, p, 0 ); + p += 2; if( end < p || (size_t)( end - p ) < psk_len ) return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); @@ -1528,9 +1528,8 @@ int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exch MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_calc_secret", ret ); return( ret ); } - *(p++) = MBEDTLS_BYTE_1( len ); - *(p++) = MBEDTLS_BYTE_0( len ); - p += len; + MBEDTLS_PUT_UINT16_BE( len, p, 0 ); + p += 2 + len; MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: K ", &ssl->handshake->dhm_ctx.K ); } @@ -1550,9 +1549,8 @@ int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exch return( ret ); } - *(p++) = MBEDTLS_BYTE_1( zlen ); - *(p++) = MBEDTLS_BYTE_0( zlen ); - p += zlen; + MBEDTLS_PUT_UINT16_BE( zlen, p, 0 ); + p += 2 + zlen; MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx, MBEDTLS_DEBUG_ECDH_Z ); @@ -1568,8 +1566,8 @@ int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exch if( end - p < 2 ) return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - *(p++) = MBEDTLS_BYTE_1( psk_len ); - *(p++) = MBEDTLS_BYTE_0( psk_len ); + MBEDTLS_PUT_UINT16_BE( psk_len, p, 0 ); + p += 2; if( end < p || (size_t)( end - p ) < psk_len ) return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );