Allow the configuration of padding when using CID extension
This commit is contained in:
parent
4c3eb7c919
commit
b1aa1b3616
5 changed files with 32 additions and 4 deletions
|
@ -3354,6 +3354,22 @@
|
|||
*/
|
||||
//#define MBEDTLS_SSL_CID_OUT_LEN_MAX 32
|
||||
|
||||
/** \def MBEDTLS_SSL_CID_PADDING_GRANULARITY
|
||||
*
|
||||
* This option controls the use of record plaintext padding
|
||||
* when using the Connection ID extension in DTLS 1.2.
|
||||
*
|
||||
* The padding will always be chosen so that the length of the
|
||||
* padded plaintext is a multiple of the value of this option.
|
||||
*
|
||||
* Note: A value of \c 1 means that no padding will be used
|
||||
* for outgoing records.
|
||||
*
|
||||
* The value MUST be a power of 2.
|
||||
*
|
||||
*/
|
||||
//#define MBEDTLS_SSL_CID_PADDING_GRANULARITY 16
|
||||
|
||||
/** \def MBEDTLS_SSL_OUT_CONTENT_LEN
|
||||
*
|
||||
* Maximum length (in bytes) of outgoing plaintext fragments.
|
||||
|
|
|
@ -270,6 +270,10 @@
|
|||
#define MBEDTLS_SSL_CID_OUT_LEN_MAX 32
|
||||
#endif
|
||||
|
||||
#if !defined(MBEDTLS_SSL_CID_PADDING_GRANULARITY)
|
||||
#define MBEDTLS_SSL_CID_PADDING_GRANULARITY 16
|
||||
#endif
|
||||
|
||||
/* \} name SECTION: Module settings */
|
||||
|
||||
/*
|
||||
|
|
|
@ -176,9 +176,7 @@
|
|||
#endif
|
||||
|
||||
#if defined(MBEDTLS_SSL_CID)
|
||||
#define MBEDTLS_SSL_MAX_CID_EXPANSION 16 /* Currently, we pad records
|
||||
* to lengths which are multiples
|
||||
* of 16 Bytes. */
|
||||
#define MBEDTLS_SSL_MAX_CID_EXPANSION MBEDTLS_SSL_CID_PADDING_GRANULARITY
|
||||
#else
|
||||
#define MBEDTLS_SSL_MAX_CID_EXPANSION 0
|
||||
#endif
|
||||
|
|
|
@ -2013,7 +2013,9 @@ static int ssl_cid_build_inner_plaintext( unsigned char *content,
|
|||
uint8_t rec_type )
|
||||
{
|
||||
size_t len = *content_size;
|
||||
size_t pad = ~len & 0xF; /* Pad to a multiple of 16 */
|
||||
|
||||
/* MBEDTLS_SSL_CID_PADDING_GRANULARITY must be a power of 2. */
|
||||
size_t pad = ~len & ( MBEDTLS_SSL_CID_PADDING_GRANULARITY - 1 );
|
||||
|
||||
/* Write real content type */
|
||||
if( remaining == 0 )
|
||||
|
|
|
@ -2530,6 +2530,14 @@ int query_config( const char *config )
|
|||
}
|
||||
#endif /* MBEDTLS_SSL_CID_OUT_LEN_MAX */
|
||||
|
||||
#if defined(MBEDTLS_SSL_CID_PADDING_GRANULARITY)
|
||||
if( strcmp( "MBEDTLS_SSL_CID_PADDING_GRANULARITY", config ) == 0 )
|
||||
{
|
||||
MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CID_PADDING_GRANULARITY );
|
||||
return( 0 );
|
||||
}
|
||||
#endif /* MBEDTLS_SSL_CID_PADDING_GRANULARITY */
|
||||
|
||||
#if defined(MBEDTLS_SSL_OUT_CONTENT_LEN)
|
||||
if( strcmp( "MBEDTLS_SSL_OUT_CONTENT_LEN", config ) == 0 )
|
||||
{
|
||||
|
|
Loading…
Reference in a new issue