yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Allow the configuration of padding when using CID extension

Browse source
This commit is contained in:
Hanno Becker 2019-05-08 17:37:58 +01:00
parent 4c3eb7c919
commit b1aa1b3616
5 changed files with 32 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
include/mbedtls/config.h
View file

@ -3354,6 +3354,22 @@
*/ */
//#define MBEDTLS_SSL_CID_OUT_LEN_MAX 32 //#define MBEDTLS_SSL_CID_OUT_LEN_MAX 32
/** \def MBEDTLS_SSL_CID_PADDING_GRANULARITY
*
* This option controls the use of record plaintext padding
* when using the Connection ID extension in DTLS 1.2.
*
* The padding will always be chosen so that the length of the
* padded plaintext is a multiple of the value of this option.
*
* Note: A value of \c 1 means that no padding will be used
* for outgoing records.
*
* The value MUST be a power of 2.
*
*/
//#define MBEDTLS_SSL_CID_PADDING_GRANULARITY 16
/** \def MBEDTLS_SSL_OUT_CONTENT_LEN /** \def MBEDTLS_SSL_OUT_CONTENT_LEN
* *
* Maximum length (in bytes) of outgoing plaintext fragments. * Maximum length (in bytes) of outgoing plaintext fragments.

4
include/mbedtls/ssl.h
View file

@ -270,6 +270,10 @@
#define MBEDTLS_SSL_CID_OUT_LEN_MAX 32 #define MBEDTLS_SSL_CID_OUT_LEN_MAX 32
#endif #endif
#if !defined(MBEDTLS_SSL_CID_PADDING_GRANULARITY)
#define MBEDTLS_SSL_CID_PADDING_GRANULARITY 16
#endif
/* \} name SECTION: Module settings */ /* \} name SECTION: Module settings */
/* /*

4
include/mbedtls/ssl_internal.h
View file

@ -176,9 +176,7 @@
#endif #endif
#if defined(MBEDTLS_SSL_CID) #if defined(MBEDTLS_SSL_CID)
#define MBEDTLS_SSL_MAX_CID_EXPANSION 16 /* Currently, we pad records #define MBEDTLS_SSL_MAX_CID_EXPANSION MBEDTLS_SSL_CID_PADDING_GRANULARITY
* to lengths which are multiples
* of 16 Bytes. */
#else #else
#define MBEDTLS_SSL_MAX_CID_EXPANSION 0 #define MBEDTLS_SSL_MAX_CID_EXPANSION 0
#endif #endif

4
library/ssl_tls.c
View file

@ -2013,7 +2013,9 @@ static int ssl_cid_build_inner_plaintext( unsigned char *content,
uint8_t rec_type ) uint8_t rec_type )
{ {
size_t len = *content_size; size_t len = *content_size;
size_t pad = ~len & 0xF; /* Pad to a multiple of 16 */
/* MBEDTLS_SSL_CID_PADDING_GRANULARITY must be a power of 2. */
size_t pad = ~len & ( MBEDTLS_SSL_CID_PADDING_GRANULARITY - 1 );
/* Write real content type */ /* Write real content type */
if( remaining == 0 ) if( remaining == 0 )

8
programs/ssl/query_config.c
View file

@ -2530,6 +2530,14 @@ int query_config( const char *config )
} }
#endif /* MBEDTLS_SSL_CID_OUT_LEN_MAX */ #endif /* MBEDTLS_SSL_CID_OUT_LEN_MAX */
#if defined(MBEDTLS_SSL_CID_PADDING_GRANULARITY)
if( strcmp( "MBEDTLS_SSL_CID_PADDING_GRANULARITY", config ) == 0 )
{
MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CID_PADDING_GRANULARITY );
return( 0 );
}
#endif /* MBEDTLS_SSL_CID_PADDING_GRANULARITY */
#if defined(MBEDTLS_SSL_OUT_CONTENT_LEN) #if defined(MBEDTLS_SSL_OUT_CONTENT_LEN)
if( strcmp( "MBEDTLS_SSL_OUT_CONTENT_LEN", config ) == 0 ) if( strcmp( "MBEDTLS_SSL_OUT_CONTENT_LEN", config ) == 0 )
{ {