diff --git a/library/common.h b/library/common.h index ce2f04007..3e8f88bf3 100644 --- a/library/common.h +++ b/library/common.h @@ -193,6 +193,40 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c } #endif +/** + * Get the unsigned 16 bits integer corresponding to two bytes in + * big-endian order (LSB first). + * + * \param data Base address of the memory to get the two bytes from. + * \param offset Offset from \p base of the first and most significant + * byte of the two bytes to build the 16 bits unsigned + * integer from. + */ +#ifndef MBEDTLS_GET_UINT16_BE +#define MBEDTLS_GET_UINT16_BE( data, offset ) \ + ( \ + ( (uint16_t) ( data )[( offset ) ] << 8 ) \ + | ( (uint16_t) ( data )[( offset ) + 1] ) \ + ) +#endif + +/** + * Put in memory a 16 bits unsigned integer in big-endian order. + * + * \param n 16 bits unsigned integer to put in memory. + * \param data Base address of the memory where to put the 16 + * bits unsigned integer in. + * \param offset Offset from \p base where to put the most significant + * byte of the 16 bits unsigned integer \p n. + */ +#ifndef MBEDTLS_PUT_UINT16_BE +#define MBEDTLS_PUT_UINT16_BE( n, data, offset ) \ +{ \ + ( data )[( offset ) ] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \ + ( data )[( offset ) + 1] = (unsigned char) ( ( (n) ) & 0xFF ); \ +} +#endif + /** * Get the unsigned 64 bits integer corresponding to eight bytes in * big-endian order (MSB first). diff --git a/library/poly1305.c b/library/poly1305.c index 1f35f1d50..7375a0c57 100644 --- a/library/poly1305.c +++ b/library/poly1305.c @@ -250,22 +250,10 @@ static void poly1305_compute_mac( const mbedtls_poly1305_context *ctx, acc3 += ctx->s[3] + (uint32_t) ( d >> 32U ); /* Compute MAC (128 least significant bits of the accumulator) */ - mac[ 0] = MBEDTLS_BYTE_0( acc0 ); - mac[ 1] = MBEDTLS_BYTE_1( acc0 ); - mac[ 2] = MBEDTLS_BYTE_2( acc0 ); - mac[ 3] = MBEDTLS_BYTE_3( acc0 ); - mac[ 4] = MBEDTLS_BYTE_0( acc1 ); - mac[ 5] = MBEDTLS_BYTE_1( acc1 ); - mac[ 6] = MBEDTLS_BYTE_2( acc1 ); - mac[ 7] = MBEDTLS_BYTE_3( acc1 ); - mac[ 8] = MBEDTLS_BYTE_0( acc2 ); - mac[ 9] = MBEDTLS_BYTE_1( acc2 ); - mac[10] = MBEDTLS_BYTE_2( acc2 ); - mac[11] = MBEDTLS_BYTE_3( acc2 ); - mac[12] = MBEDTLS_BYTE_0( acc3 ); - mac[13] = MBEDTLS_BYTE_1( acc3 ); - mac[14] = MBEDTLS_BYTE_2( acc3 ); - mac[15] = MBEDTLS_BYTE_3( acc3 ); + MBEDTLS_PUT_UINT32_LE( acc0, mac, 0 ); + MBEDTLS_PUT_UINT32_LE( acc1, mac, 4 ); + MBEDTLS_PUT_UINT32_LE( acc2, mac, 8 ); + MBEDTLS_PUT_UINT32_LE( acc3, mac, 12 ); } void mbedtls_poly1305_init( mbedtls_poly1305_context *ctx ) diff --git a/library/psa_its_file.c b/library/psa_its_file.c index c3b19a74a..c4782cdba 100644 --- a/library/psa_its_file.c +++ b/library/psa_its_file.c @@ -191,14 +191,8 @@ psa_status_t psa_its_set( psa_storage_uid_t uid, size_t n; memcpy( header.magic, PSA_ITS_MAGIC_STRING, PSA_ITS_MAGIC_LENGTH ); - header.size[0] = MBEDTLS_BYTE_0( data_length ); - header.size[1] = MBEDTLS_BYTE_1( data_length ); - header.size[2] = MBEDTLS_BYTE_2( data_length ); - header.size[3] = MBEDTLS_BYTE_3( data_length ); - header.flags[0] = MBEDTLS_BYTE_0( create_flags ); - header.flags[1] = MBEDTLS_BYTE_1( create_flags ); - header.flags[2] = MBEDTLS_BYTE_2( create_flags ); - header.flags[3] = MBEDTLS_BYTE_3( create_flags ); + MBEDTLS_PUT_UINT32_LE( data_length, header.size, 0 ); + MBEDTLS_PUT_UINT32_LE( create_flags, header.flags, 0 ); psa_its_fill_filename( uid, filename ); stream = fopen( PSA_ITS_STORAGE_TEMP, "wb" ); diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 729784a6e..3a0e6df6f 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -703,12 +703,10 @@ static int ssl_write_alpn_ext( mbedtls_ssl_context *ssl, *olen = p - buf; /* List length = olen - 2 (ext_type) - 2 (ext_len) - 2 (list_len) */ - buf[4] = MBEDTLS_BYTE_1( *olen - 6 ); - buf[5] = MBEDTLS_BYTE_0( *olen - 6 ); + MBEDTLS_PUT_UINT16_BE( *olen - 6, buf, 4 ); /* Extension length = olen - 2 (ext_type) - 2 (ext_len) */ - buf[2] = MBEDTLS_BYTE_1( *olen - 4 ); - buf[3] = MBEDTLS_BYTE_0( *olen - 4 ); + MBEDTLS_PUT_UINT16_BE( *olen - 4, buf, 2 ); return( 0 ); } @@ -2745,8 +2743,7 @@ static int ssl_write_encrypted_pms( mbedtls_ssl_context *ssl, #if defined(MBEDTLS_SSL_PROTO_TLS1_2) if( len_bytes == 2 ) { - ssl->out_msg[offset+0] = MBEDTLS_BYTE_1( *olen ); - ssl->out_msg[offset+1] = MBEDTLS_BYTE_0( *olen ); + MBEDTLS_PUT_UINT16_BE( *olen, ssl->out_msg, offset ); *olen += 2; } #endif @@ -3503,8 +3500,7 @@ static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl ) */ content_len = mbedtls_dhm_get_len( &ssl->handshake->dhm_ctx ); - ssl->out_msg[4] = MBEDTLS_BYTE_1( content_len ); - ssl->out_msg[5] = MBEDTLS_BYTE_0( content_len ); + MBEDTLS_PUT_UINT16_BE( content_len, ssl->out_msg, 4 ); header_len = 6; ret = mbedtls_dhm_make_public( &ssl->handshake->dhm_ctx, @@ -4054,8 +4050,7 @@ sign: return( ret ); } - ssl->out_msg[4 + offset] = MBEDTLS_BYTE_1( n ); - ssl->out_msg[5 + offset] = MBEDTLS_BYTE_0( n ); + MBEDTLS_PUT_UINT16_BE( n, ssl->out_msg, offset + 4 ); ssl->out_msglen = 6 + n + offset; ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; diff --git a/library/ssl_msg.c b/library/ssl_msg.c index 304e7f22b..2fe801a28 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -454,15 +454,13 @@ static void ssl_extract_add_data_from_record( unsigned char* add_data, *cur = rec->cid_len; cur++; - cur[0] = MBEDTLS_CHAR_1( ad_len_field ); - cur[1] = MBEDTLS_CHAR_0( ad_len_field ); + MBEDTLS_PUT_UINT16_BE( ad_len_field, cur, 0 ); cur += 2; } else #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ { - cur[0] = MBEDTLS_CHAR_1( ad_len_field ); - cur[1] = MBEDTLS_CHAR_0( ad_len_field ); + MBEDTLS_PUT_UINT16_BE( ad_len_field, cur, 0 ); cur += 2; } @@ -2481,8 +2479,7 @@ int mbedtls_ssl_write_handshake_msg_ext( mbedtls_ssl_context *ssl, /* Write message_seq and update it, except for HelloRequest */ if( hs_type != MBEDTLS_SSL_HS_HELLO_REQUEST ) { - ssl->out_msg[4] = MBEDTLS_BYTE_1( ssl->handshake->out_msg_seq ); - ssl->out_msg[5] = MBEDTLS_BYTE_0( ssl->handshake->out_msg_seq ); + MBEDTLS_PUT_UINT16_BE( ssl->handshake->out_msg_seq, ssl->out_msg, 4 ); ++( ssl->handshake->out_msg_seq ); } else @@ -2566,8 +2563,7 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl, uint8_t force_flush ) ssl->conf->transport, ssl->out_hdr + 1 ); memcpy( ssl->out_ctr, ssl->cur_out_ctr, 8 ); - ssl->out_len[0] = MBEDTLS_BYTE_1( len ); - ssl->out_len[1] = MBEDTLS_BYTE_0( len ); + MBEDTLS_PUT_UINT16_BE( len, ssl->out_len, 0); if( ssl->transform_out != NULL ) { @@ -2607,8 +2603,7 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl, uint8_t force_flush ) memcpy( ssl->out_cid, rec.cid, rec.cid_len ); #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ ssl->out_msglen = len = rec.data_len; - ssl->out_len[0] = MBEDTLS_BYTE_1( rec.data_len ); - ssl->out_len[1] = MBEDTLS_BYTE_0( rec.data_len ); + MBEDTLS_PUT_UINT16_BE( rec.data_len, ssl->out_len, 0 ); } protected_record_size = len + mbedtls_ssl_out_hdr_len( ssl ); @@ -3184,8 +3179,7 @@ static int ssl_check_dtls_clihlo_cookie( obuf[15] = obuf[23] = MBEDTLS_BYTE_1( *olen - 25 ); obuf[16] = obuf[24] = MBEDTLS_BYTE_0( *olen - 25 ); - obuf[11] = MBEDTLS_BYTE_1( *olen - 13 ); - obuf[12] = MBEDTLS_BYTE_0( *olen - 13 ); + MBEDTLS_PUT_UINT16_BE( *olen - 13, obuf, 11 ); return( MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED ); } @@ -4565,8 +4559,7 @@ static int ssl_get_next_record( mbedtls_ssl_context *ssl ) ssl->in_hdr[0] = rec.type; ssl->in_msg = rec.buf + rec.data_offset; ssl->in_msglen = rec.data_len; - ssl->in_len[0] = MBEDTLS_BYTE_1( rec.data_len ); - ssl->in_len[1] = MBEDTLS_BYTE_0( rec.data_len ); + MBEDTLS_PUT_UINT16_BE( rec.data_len, ssl->in_len, 0 ); return( 0 ); } diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 232846ff0..a791b8076 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -2238,16 +2238,13 @@ static void ssl_write_alpn_ext( mbedtls_ssl_context *ssl, * 6 . 6 protocol name length * 7 . 7+n protocol name */ - buf[0] = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_ALPN ); - buf[1] = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_ALPN ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_ALPN, buf, 0); *olen = 7 + strlen( ssl->alpn_chosen ); - buf[2] = MBEDTLS_BYTE_1( *olen - 4 ); - buf[3] = MBEDTLS_BYTE_0( *olen - 4 ); + MBEDTLS_PUT_UINT16_BE( *olen - 4, buf, 2 ); - buf[4] = MBEDTLS_BYTE_1( *olen - 6 ); - buf[5] = MBEDTLS_BYTE_0( *olen - 6 ); + MBEDTLS_PUT_UINT16_BE( *olen - 6, buf, 4 ); buf[6] = MBEDTLS_BYTE_0( *olen - 7 ); @@ -2294,15 +2291,13 @@ static void ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, } /* extension */ - buf[0] = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_USE_SRTP ); - buf[1] = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_USE_SRTP ); + MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_USE_SRTP, buf, 0 ); /* * total length 5 and mki value: only one profile(2 bytes) * and length(2 bytes) and srtp_mki ) */ ext_len = 5 + mki_len; - buf[2] = MBEDTLS_BYTE_1( ext_len ); - buf[3] = MBEDTLS_BYTE_0( ext_len ); + MBEDTLS_PUT_UINT16_BE( ext_len, buf, 2 ); /* protection profile length: 2 */ buf[4] = 0x00; @@ -2311,8 +2306,7 @@ static void ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, ssl->dtls_srtp_info.chosen_dtls_srtp_profile ); if( profile_value != MBEDTLS_TLS_SRTP_UNSET ) { - buf[6] = MBEDTLS_BYTE_1( profile_value ); - buf[7] = MBEDTLS_BYTE_0( profile_value ); + MBEDTLS_PUT_UINT16_BE( profile_value, buf, 6 ); } else { @@ -2785,8 +2779,7 @@ static int ssl_write_certificate_request( mbedtls_ssl_context *ssl ) #endif } - p[0] = MBEDTLS_BYTE_1( sa_len ); - p[1] = MBEDTLS_BYTE_0( sa_len ); + MBEDTLS_PUT_UINT16_BE( sa_len, p, 0 ); sa_len += 2; p += sa_len; } @@ -2841,8 +2834,7 @@ static int ssl_write_certificate_request( mbedtls_ssl_context *ssl ) ssl->out_msglen = p - buf; ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; ssl->out_msg[0] = MBEDTLS_SSL_HS_CERTIFICATE_REQUEST; - ssl->out_msg[4 + ct_len + sa_len] = MBEDTLS_BYTE_1( total_dn_size ); - ssl->out_msg[5 + ct_len + sa_len] = MBEDTLS_BYTE_0( total_dn_size ); + MBEDTLS_PUT_UINT16_BE( total_dn_size, ssl->out_msg, 4 + ct_len + sa_len ); ret = mbedtls_ssl_write_handshake_msg( ssl ); @@ -4223,14 +4215,8 @@ static int ssl_write_new_session_ticket( mbedtls_ssl_context *ssl ) tlen = 0; } - ssl->out_msg[4] = MBEDTLS_BYTE_3( lifetime ); - ssl->out_msg[5] = MBEDTLS_BYTE_2( lifetime ); - ssl->out_msg[6] = MBEDTLS_BYTE_1( lifetime ); - ssl->out_msg[7] = MBEDTLS_BYTE_0( lifetime ); - - ssl->out_msg[8] = MBEDTLS_BYTE_1( tlen ); - ssl->out_msg[9] = MBEDTLS_BYTE_0( tlen ); - + MBEDTLS_PUT_UINT32_BE( lifetime, ssl->out_msg, 4 ); + MBEDTLS_PUT_UINT16_BE( tlen, ssl->out_msg, 8 ); ssl->out_msglen = 10 + tlen; /* diff --git a/library/ssl_ticket.c b/library/ssl_ticket.c index a7a55f1a7..bce9a1cd7 100644 --- a/library/ssl_ticket.c +++ b/library/ssl_ticket.c @@ -245,8 +245,7 @@ int mbedtls_ssl_ticket_write( void *p_ticket, { goto cleanup; } - state_len_bytes[0] = MBEDTLS_BYTE_1( clear_len ); - state_len_bytes[1] = MBEDTLS_BYTE_0( clear_len ); + MBEDTLS_PUT_UINT16_BE( clear_len, state_len_bytes, 0 ); /* Encrypt and authenticate */ if( ( ret = mbedtls_cipher_auth_encrypt_ext( &key->ctx, diff --git a/library/x509write_crt.c b/library/x509write_crt.c index 0daf0683e..17b3e7966 100644 --- a/library/x509write_crt.c +++ b/library/x509write_crt.c @@ -251,8 +251,7 @@ int mbedtls_x509write_crt_set_key_usage( mbedtls_x509write_cert *ctx, return( MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE ); c = buf + 5; - ku[0] = MBEDTLS_BYTE_0( key_usage ); - ku[1] = MBEDTLS_BYTE_1( key_usage ); + MBEDTLS_PUT_UINT16_LE( key_usage, ku, 0 ); ret = mbedtls_asn1_write_named_bitstring( &c, buf, ku, 9 ); if( ret < 0 )