yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Improve doc'n of config-identifying bitfield in serialized session

Browse source
This commit is contained in:
Hanno Becker 2019-05-28 14:30:45 +01:00 committed by Jarno Lamsa
parent f37d91830a
commit 50b596666d
1 changed files with 51 additions and 70 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

99
library/ssl_tls.c
View file

@ -9849,80 +9849,75 @@ const mbedtls_ssl_session *mbedtls_ssl_get_session_pointer( const mbedtls_ssl_co
*/
/*
* Define bitflag determining structure of mbedtls_ssl_session.
* Define bitflag determining compile-time settings influencing
* structure of serialized SSL sessions.
*/
#if defined(MBEDTLS_HAVE_TIME)
#define SSL_SERIALIZED_SESSION_STRUCT_TIME_BIT 1
#if defined(MBEDTLS_SSL_SERIALIZED_STRUCTURES_LOCAL_ONLY)
#define SSL_SERIALIZED_SESSION_CONFIG_LOCAL 1
#else
#define SSL_SERIALIZED_SESSION_STRUCT_TIME_BIT 0
#define SSL_SERIALIZED_SESSION_CONFIG_LOCAL 0
#endif /* MBEDTLS_SSL_SERIALIZED_STRUCTURES_LOCAL_ONLY */
#if defined(MBEDTLS_HAVE_TIME)
#define SSL_SERIALIZED_SESSION_CONFIG_TIME_BIT 1
#else
#define SSL_SERIALIZED_SESSION_CONFIG_TIME_BIT 0
#endif /* MBEDTLS_HAVE_TIME */
#if defined(MBEDTLS_X509_CRT_PARSE_C)
#define SSL_SERIALIZED_SESSION_STRUCT_CRT_BIT 1
#define SSL_SERIALIZED_SESSION_CONFIG_CRT_BIT 1
#else
#define SSL_SERIALIZED_SESSION_STRUCT_CRT_BIT 0
#define SSL_SERIALIZED_SESSION_CONFIG_CRT_BIT 0
#endif /* MBEDTLS_X509_CRT_PARSE_C */
#if defined(MBEDTLS_SSL_CLI_C) && defined(MBEDTLS_SSL_SESSION_TICKETS)
#define SSL_SERIALIZED_SESSION_STRUCT_CLIENT_BIT 1
#define SSL_SERIALIZED_SESSION_CONFIG_CLIENT_TICKET_BIT 1
#else
#define SSL_SERIALIZED_SESSION_STRUCT_CLIENT_BIT 0
#define SSL_SERIALIZED_SESSION_CONFIG_CLIENT_TICKET_BIT 0
#endif /* MBEDTLS_SSL_CLI_C && MBEDTLS_SSL_SESSION_TICKETS */
#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
#define SSL_SERIALIZED_SESSION_STRUCT_MFL_BIT 1
#define SSL_SERIALIZED_SESSION_CONFIG_MFL_BIT 1
#else
#define SSL_SERIALIZED_SESSION_STRUCT_MFL_BIT 0
#define SSL_SERIALIZED_SESSION_CONFIG_MFL_BIT 0
#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
#define SSL_SERIALIZED_SESSION_STRUCT_TRUNC_HMAC_BIT 1
#define SSL_SERIALIZED_SESSION_CONFIG_TRUNC_HMAC_BIT 1
#else
#define SSL_SERIALIZED_SESSION_STRUCT_TRUNC_HMAC_BIT 0
#define SSL_SERIALIZED_SESSION_CONFIG_TRUNC_HMAC_BIT 0
#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
#define SSL_SERIALIZED_SESSION_STRUCT_ETM_BIT 1
#define SSL_SERIALIZED_SESSION_CONFIG_ETM_BIT 1
#else
#define SSL_SERIALIZED_SESSION_STRUCT_ETM_BIT 0
#define SSL_SERIALIZED_SESSION_CONFIG_ETM_BIT 0
#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */
#define SSL_SERIALIZED_SESSION_STRUCT_BYTE \
( (uint8_t) ( ( SSL_SERIALIZED_SESSION_STRUCT_TIME_BIT << 0 ) | \
( SSL_SERIALIZED_SESSION_STRUCT_CRT_BIT << 1 ) | \
( SSL_SERIALIZED_SESSION_STRUCT_CLIENT_BIT << 2 ) | \
( SSL_SERIALIZED_SESSION_STRUCT_MFL_BIT << 3 ) | \
( SSL_SERIALIZED_SESSION_STRUCT_TRUNC_HMAC_BIT << 4 ) | \
( SSL_SERIALIZED_SESSION_STRUCT_ETM_BIT << 5 ) ) )
/*
* Define bitflag determining compile-time settings influencing
* structure of the ticket outside of the session structure.
*/
#if defined(MBEDTLS_X509_CRT_PARSE_C)
#define SSL_SERIALIZED_SESSION_CONFIG_CRT 1
#else
#define SSL_SERIALIZED_SESSION_CONFIG_CRT 0
#endif /* MBEDTLS_X509_CRT_PARSE_C */
#if defined(MBEDTLS_SSL_SESSION_TICKETS)
#define SSL_SERIALIZED_SESSION_CONFIG_TICKET 1
#else
#define SSL_SERIALIZED_SESSION_CONFIG_TICKET 0
#endif /* MBEDTLS_SSL_SESSION_TICKETS */
#define SSL_SERIALIZED_SESSION_CONFIG_BYTE \
( (uint8_t) ( ( SSL_SERIALIZED_SESSION_CONFIG_CRT << 0 ) | \
( SSL_SERIALIZED_SESSION_CONFIG_TICKET << 1 ) ) )
#define SSL_SERIALIZED_SESSION_CONFIG_BITFLAG \
( (uint16_t) ( ( SSL_SERIALIZED_SESSION_CONFIG_TIME_BIT << 0 ) | \
( SSL_SERIALIZED_SESSION_CONFIG_CRT_BIT << 1 ) | \
( SSL_SERIALIZED_SESSION_CONFIG_CLIENT_TICKET_BIT << 2 ) | \
( SSL_SERIALIZED_SESSION_CONFIG_MFL_BIT << 3 ) | \
( SSL_SERIALIZED_SESSION_CONFIG_TRUNC_HMAC_BIT << 4 ) | \
( SSL_SERIALIZED_SESSION_CONFIG_ETM_BIT << 5 ) | \
( SSL_SERIALIZED_SESSION_CONFIG_CRT << 6 ) | \
( SSL_SERIALIZED_SESSION_CONFIG_TICKET << 7 ) | \
( SSL_SERIALIZED_SESSION_CONFIG_LOCAL << 8 ) ) )
static unsigned char ssl_serialized_session_header[] = {
MBEDTLS_VERSION_MAJOR,
MBEDTLS_VERSION_MINOR,
MBEDTLS_VERSION_PATCH,
SSL_SERIALIZED_SESSION_STRUCT_BYTE,
SSL_SERIALIZED_SESSION_CONFIG_BYTE
( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG >> 8 ) & 0xFF,
( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG >> 0 ) & 0xFF,
};
/*
@ -9931,27 +9926,13 @@ static unsigned char ssl_serialized_session_header[] = {
*
* opaque mbedtls_version[3]; // major, minor, patch
* opaque session_format[2]; // version-specific 16-bit field determining
* // the format of the remaining serialized
* // data. For example, it could be a bitfield
* // indicating the setting of those compile-
* // time configuration options influencing
* // the format of the serialized data.
* //
* // In this version, we use:
* // - Bits 8-15 (second byte)
* // Bitflag determining structure of
* // mbedtls_ssl_session
* // - Bit 0:
* // 0/1 depending on state of
* // MBEDTLS_X509_CRT_PARSE_C.
* // This determines whether the session
* // is followed by a certificate.
* // - Bit 1:
* // 0/1 depending on state of
* // MBEDTLS_SSL_SESSION_TICKETS
* // This determines whether the certificate
* // is followed by a session ticket.
* // - Bits 2-7: Unused so far
* // the format of the remaining
* // serialized data.
* // In this version, this indicates whether
* // MBEDTLS_SSL_SERIALIZED_STRUCTURES_LOCAL_ONLY
* // is set, plus the setting of those compile-
* // time configuration options which influence
* // the structure of mbedtls_ssl_session.
* uint64 start_time;
* uint8 ciphersuite[2]; // defined by the standard
* uint8 compression; // 0 or 1