Add (stub) header writing and checking
The number of meaning of the flags will be determined later, when handling the relevant struct members. For now three bytes are reserved as an example, but this number may change later.
This commit is contained in:
parent
0ff76407d2
commit
4c90e858b5
2 changed files with 57 additions and 9 deletions
|
@ -3985,6 +3985,8 @@ int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl,
|
|||
*
|
||||
* \return \c 0 if successful.
|
||||
* \return #MBEDTLS_ERR_SSL_ALLOC_FAILED if memory allocation failed.
|
||||
* \return #MBEDTLS_ERR_SSL_VERSION_MISMATCH if the serialized data
|
||||
* comes from a different Mbed TLS version or build.
|
||||
* \return #MBEDTLS_ERR_SSL_BAD_INPUT_DATA if input data is invalid.
|
||||
*/
|
||||
int mbedtls_ssl_context_load( mbedtls_ssl_context *ssl,
|
||||
|
|
|
@ -11284,6 +11284,17 @@ void mbedtls_ssl_session_free( mbedtls_ssl_session *session )
|
|||
mbedtls_platform_zeroize( session, sizeof( mbedtls_ssl_session ) );
|
||||
}
|
||||
|
||||
static unsigned char ssl_serialized_context_header[] = {
|
||||
MBEDTLS_VERSION_MAJOR,
|
||||
MBEDTLS_VERSION_MINOR,
|
||||
MBEDTLS_VERSION_PATCH,
|
||||
( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG >> 8 ) & 0xFF,
|
||||
( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG >> 0 ) & 0xFF,
|
||||
0, /* placeholder */
|
||||
0, /* placeholder */
|
||||
0, /* placeholder */
|
||||
};
|
||||
|
||||
/*
|
||||
* Serialize a full SSL context
|
||||
*
|
||||
|
@ -11292,9 +11303,9 @@ void mbedtls_ssl_session_free( mbedtls_ssl_session *session )
|
|||
*
|
||||
* // header
|
||||
* opaque mbedtls_version[3]; // major, minor, patch
|
||||
* opaque context_format[n]; // version-specific field determining
|
||||
* opaque context_format[5]; // version-specific field determining
|
||||
* // the format of the remaining
|
||||
* // serialized data. (n TBD)
|
||||
* // serialized data.
|
||||
* Note: When updating the format, remember to keep
|
||||
* these version+format bytes. (To be confirmed.)
|
||||
*
|
||||
|
@ -11327,6 +11338,9 @@ int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl,
|
|||
size_t buf_len,
|
||||
size_t *olen )
|
||||
{
|
||||
unsigned char *p = buf;
|
||||
size_t used = 0;
|
||||
|
||||
/*
|
||||
* Enforce current usage restrictions
|
||||
*/
|
||||
|
@ -11354,11 +11368,25 @@ int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl,
|
|||
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
|
||||
}
|
||||
|
||||
/* Unimplemented */
|
||||
if( buf != NULL )
|
||||
memset( buf, 0, buf_len );
|
||||
/*
|
||||
* Version and format identifier
|
||||
*/
|
||||
used += sizeof( ssl_serialized_context_header );
|
||||
|
||||
*olen = 0;
|
||||
if( used <= buf_len )
|
||||
{
|
||||
memcpy( p, ssl_serialized_context_header,
|
||||
sizeof( ssl_serialized_context_header ) );
|
||||
p += sizeof( ssl_serialized_context_header );
|
||||
}
|
||||
|
||||
/*
|
||||
* Done
|
||||
*/
|
||||
*olen = used;
|
||||
|
||||
if( used > buf_len )
|
||||
return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
@ -11370,6 +11398,9 @@ int mbedtls_ssl_context_load( mbedtls_ssl_context *ssl,
|
|||
const unsigned char *buf,
|
||||
size_t len )
|
||||
{
|
||||
const unsigned char *p = buf;
|
||||
const unsigned char * const end = buf + len;
|
||||
|
||||
/*
|
||||
* The context should have been freshly setup or reset.
|
||||
* Give the user an error in case of obvious misuse.
|
||||
|
@ -11399,9 +11430,24 @@ int mbedtls_ssl_context_load( mbedtls_ssl_context *ssl,
|
|||
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
|
||||
}
|
||||
|
||||
/* Unimplemented */
|
||||
(void) buf;
|
||||
(void) len;
|
||||
/*
|
||||
* Check version identifier
|
||||
*/
|
||||
if( (size_t)( end - p ) < sizeof( ssl_serialized_context_header ) )
|
||||
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
|
||||
|
||||
if( memcmp( p, ssl_serialized_context_header,
|
||||
sizeof( ssl_serialized_context_header ) ) != 0 )
|
||||
{
|
||||
return( MBEDTLS_ERR_SSL_VERSION_MISMATCH );
|
||||
}
|
||||
p += sizeof( ssl_serialized_context_header );
|
||||
|
||||
/*
|
||||
* Done - should have consumed entire buffer
|
||||
*/
|
||||
if( p != end )
|
||||
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue