Add counter length macro

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
This commit is contained in:
Jerry Yu 2021-09-28 18:58:59 +08:00
parent 6ca7c7fd6b
commit d9a94fe3d0
5 changed files with 43 additions and 37 deletions

View file

@ -594,7 +594,7 @@ union mbedtls_ssl_premaster_secret
#define MBEDTLS_PREMASTER_SIZE sizeof( union mbedtls_ssl_premaster_secret ) #define MBEDTLS_PREMASTER_SIZE sizeof( union mbedtls_ssl_premaster_secret )
/* Length of in_ctr buffer in mbedtls_ssl_session */ /* Length of in_ctr buffer in mbedtls_ssl_session */
#define MBEDTLS_SSL_IN_CTR_LEN 8 #define MBEDTLS_SSL_COUNTER_LEN 8
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
@ -1555,7 +1555,7 @@ struct mbedtls_ssl_context
size_t MBEDTLS_PRIVATE(out_buf_len); /*!< length of output buffer */ size_t MBEDTLS_PRIVATE(out_buf_len); /*!< length of output buffer */
#endif #endif
unsigned char MBEDTLS_PRIVATE(cur_out_ctr)[8]; /*!< Outgoing record sequence number. */ unsigned char MBEDTLS_PRIVATE(cur_out_ctr)[MBEDTLS_SSL_COUNTER_LEN]; /*!< Outgoing record sequence number. */
#if defined(MBEDTLS_SSL_PROTO_DTLS) #if defined(MBEDTLS_SSL_PROTO_DTLS)
uint16_t MBEDTLS_PRIVATE(mtu); /*!< path mtu, used to fragment outgoing messages */ uint16_t MBEDTLS_PRIVATE(mtu); /*!< path mtu, used to fragment outgoing messages */

View file

@ -573,8 +573,8 @@ struct mbedtls_ssl_handshake_params
flight being received */ flight being received */
mbedtls_ssl_transform *alt_transform_out; /*!< Alternative transform for mbedtls_ssl_transform *alt_transform_out; /*!< Alternative transform for
resending messages */ resending messages */
unsigned char alt_out_ctr[8]; /*!< Alternative record epoch/counter unsigned char alt_out_ctr[MBEDTLS_SSL_COUNTER_LEN]; /*!< Alternative record epoch/counter
for resending messages */ for resending messages */
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
/* The state of CID configuration in this handshake. */ /* The state of CID configuration in this handshake. */
@ -873,14 +873,14 @@ static inline int mbedtls_ssl_transform_uses_aead(
typedef struct typedef struct
{ {
uint8_t ctr[8]; /* In TLS: The implicit record sequence number. uint8_t ctr[MBEDTLS_SSL_COUNTER_LEN]; /* In TLS: The implicit record sequence number.
* In DTLS: The 2-byte epoch followed by * In DTLS: The 2-byte epoch followed by
* the 6-byte sequence number. * the 6-byte sequence number.
* This is stored as a raw big endian byte array * This is stored as a raw big endian byte array
* as opposed to a uint64_t because we rarely * as opposed to a uint64_t because we rarely
* need to perform arithmetic on this, but do * need to perform arithmetic on this, but do
* need it as a Byte array for the purpose of * need it as a Byte array for the purpose of
* MAC computations. */ * MAC computations. */
uint8_t type; /* The record content type. */ uint8_t type; /* The record content type. */
uint8_t ver[2]; /* SSL/TLS version as present on the wire. uint8_t ver[2]; /* SSL/TLS version as present on the wire.
* Convert to internal presentation of versions * Convert to internal presentation of versions

View file

@ -2117,9 +2117,9 @@ static int ssl_swap_epochs( mbedtls_ssl_context *ssl )
ssl->handshake->alt_transform_out = tmp_transform; ssl->handshake->alt_transform_out = tmp_transform;
/* Swap epoch + sequence_number */ /* Swap epoch + sequence_number */
memcpy( tmp_out_ctr, ssl->cur_out_ctr, 8 ); memcpy( tmp_out_ctr, ssl->cur_out_ctr, sizeof( ssl->cur_out_ctr ) );
memcpy( ssl->cur_out_ctr, ssl->handshake->alt_out_ctr, 8 ); memcpy( ssl->cur_out_ctr, ssl->handshake->alt_out_ctr, sizeof( ssl->cur_out_ctr ) );
memcpy( ssl->handshake->alt_out_ctr, tmp_out_ctr, 8 ); memcpy( ssl->handshake->alt_out_ctr, tmp_out_ctr, sizeof( ssl->handshake->alt_out_ctr ) );
/* Adjust to the newly activated transform */ /* Adjust to the newly activated transform */
mbedtls_ssl_update_out_pointers( ssl, ssl->transform_out ); mbedtls_ssl_update_out_pointers( ssl, ssl->transform_out );
@ -2562,7 +2562,7 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl, uint8_t force_flush )
mbedtls_ssl_write_version( ssl->major_ver, ssl->minor_ver, mbedtls_ssl_write_version( ssl->major_ver, ssl->minor_ver,
ssl->conf->transport, ssl->out_hdr + 1 ); ssl->conf->transport, ssl->out_hdr + 1 );
memcpy( ssl->out_ctr, ssl->cur_out_ctr, 8 ); memcpy( ssl->out_ctr, ssl->cur_out_ctr, sizeof( ssl->cur_out_ctr ) );
MBEDTLS_PUT_UINT16_BE( len, ssl->out_len, 0); MBEDTLS_PUT_UINT16_BE( len, ssl->out_len, 0);
if( ssl->transform_out != NULL ) if( ssl->transform_out != NULL )
@ -2574,7 +2574,7 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl, uint8_t force_flush )
rec.data_len = ssl->out_msglen; rec.data_len = ssl->out_msglen;
rec.data_offset = ssl->out_msg - rec.buf; rec.data_offset = ssl->out_msg - rec.buf;
memcpy( &rec.ctr[0], ssl->out_ctr, 8 ); memcpy( &rec.ctr[0], ssl->out_ctr, MBEDTLS_SSL_COUNTER_LEN );
mbedtls_ssl_write_version( ssl->major_ver, ssl->minor_ver, mbedtls_ssl_write_version( ssl->major_ver, ssl->minor_ver,
ssl->conf->transport, rec.ver ); ssl->conf->transport, rec.ver );
rec.type = ssl->out_msgtype; rec.type = ssl->out_msgtype;
@ -3649,7 +3649,7 @@ static int ssl_prepare_record_content( mbedtls_ssl_context *ssl,
#endif #endif
{ {
unsigned i; unsigned i;
for( i = MBEDTLS_SSL_IN_CTR_LEN; i > mbedtls_ssl_ep_len( ssl ); i-- ) for( i = MBEDTLS_SSL_COUNTER_LEN; i > mbedtls_ssl_ep_len( ssl ); i-- )
if( ++ssl->in_ctr[i - 1] != 0 ) if( ++ssl->in_ctr[i - 1] != 0 )
break; break;
@ -4791,7 +4791,7 @@ int mbedtls_ssl_parse_change_cipher_spec( mbedtls_ssl_context *ssl )
} }
else else
#endif /* MBEDTLS_SSL_PROTO_DTLS */ #endif /* MBEDTLS_SSL_PROTO_DTLS */
mbedtls_platform_zeroize( ssl->in_ctr, MBEDTLS_SSL_IN_CTR_LEN ); mbedtls_platform_zeroize( ssl->in_ctr, MBEDTLS_SSL_COUNTER_LEN );
mbedtls_ssl_update_in_pointers( ssl ); mbedtls_ssl_update_in_pointers( ssl );
@ -4827,12 +4827,12 @@ void mbedtls_ssl_update_out_pointers( mbedtls_ssl_context *ssl,
{ {
ssl->out_ctr = ssl->out_hdr + 3; ssl->out_ctr = ssl->out_hdr + 3;
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
ssl->out_cid = ssl->out_ctr + 8; ssl->out_cid = ssl->out_ctr + MBEDTLS_SSL_COUNTER_LEN;
ssl->out_len = ssl->out_cid; ssl->out_len = ssl->out_cid;
if( transform != NULL ) if( transform != NULL )
ssl->out_len += transform->out_cid_len; ssl->out_len += transform->out_cid_len;
#else /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ #else /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
ssl->out_len = ssl->out_ctr + 8; ssl->out_len = ssl->out_ctr + MBEDTLS_SSL_COUNTER_LEN;
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
ssl->out_iv = ssl->out_len + 2; ssl->out_iv = ssl->out_len + 2;
} }
@ -4881,17 +4881,17 @@ void mbedtls_ssl_update_in_pointers( mbedtls_ssl_context *ssl )
* ssl_parse_record_header(). */ * ssl_parse_record_header(). */
ssl->in_ctr = ssl->in_hdr + 3; ssl->in_ctr = ssl->in_hdr + 3;
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
ssl->in_cid = ssl->in_ctr + MBEDTLS_SSL_IN_CTR_LEN; ssl->in_cid = ssl->in_ctr + MBEDTLS_SSL_COUNTER_LEN;
ssl->in_len = ssl->in_cid; /* Default: no CID */ ssl->in_len = ssl->in_cid; /* Default: no CID */
#else /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ #else /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
ssl->in_len = ssl->in_ctr + MBEDTLS_SSL_IN_CTR_LEN; ssl->in_len = ssl->in_ctr + MBEDTLS_SSL_COUNTER_LEN;
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
ssl->in_iv = ssl->in_len + 2; ssl->in_iv = ssl->in_len + 2;
} }
else else
#endif #endif
{ {
ssl->in_ctr = ssl->in_hdr - MBEDTLS_SSL_IN_CTR_LEN; ssl->in_ctr = ssl->in_hdr - MBEDTLS_SSL_COUNTER_LEN;
ssl->in_len = ssl->in_hdr + 3; ssl->in_len = ssl->in_hdr + 3;
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
ssl->in_cid = ssl->in_len; ssl->in_cid = ssl->in_len;
@ -5065,9 +5065,11 @@ static int ssl_check_ctr_renegotiate( mbedtls_ssl_context *ssl )
} }
in_ctr_cmp = memcmp( ssl->in_ctr + ep_len, in_ctr_cmp = memcmp( ssl->in_ctr + ep_len,
ssl->conf->renego_period + ep_len, 8 - ep_len ); &ssl->conf->renego_period[ep_len],
out_ctr_cmp = memcmp( ssl->cur_out_ctr + ep_len, MBEDTLS_SSL_COUNTER_LEN - ep_len );
ssl->conf->renego_period + ep_len, 8 - ep_len ); out_ctr_cmp = memcmp( &ssl->cur_out_ctr[ep_len],
&ssl->conf->renego_period[ep_len],
sizeof( ssl->cur_out_ctr ) - ep_len );
if( in_ctr_cmp <= 0 && out_ctr_cmp <= 0 ) if( in_ctr_cmp <= 0 && out_ctr_cmp <= 0 )
{ {
@ -5558,7 +5560,7 @@ void mbedtls_ssl_set_inbound_transform( mbedtls_ssl_context *ssl,
return; return;
ssl->transform_in = transform; ssl->transform_in = transform;
mbedtls_platform_zeroize( ssl->in_ctr, MBEDTLS_SSL_IN_CTR_LEN ); mbedtls_platform_zeroize( ssl->in_ctr, MBEDTLS_SSL_COUNTER_LEN );
} }
void mbedtls_ssl_set_outbound_transform( mbedtls_ssl_context *ssl, void mbedtls_ssl_set_outbound_transform( mbedtls_ssl_context *ssl,

View file

@ -1220,7 +1220,8 @@ read_record_header:
return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER );
} }
memcpy( ssl->cur_out_ctr + 2, ssl->in_ctr + 2, MBEDTLS_SSL_IN_CTR_LEN - 2 ); memcpy( &ssl->cur_out_ctr[2], ssl->in_ctr + 2,
MBEDTLS_SSL_COUNTER_LEN - 2 );
#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
if( mbedtls_ssl_dtls_replay_check( ssl ) != 0 ) if( mbedtls_ssl_dtls_replay_check( ssl ) != 0 )

View file

@ -2820,10 +2820,13 @@ int mbedtls_ssl_write_finished( mbedtls_ssl_context *ssl )
/* Remember current epoch settings for resending */ /* Remember current epoch settings for resending */
ssl->handshake->alt_transform_out = ssl->transform_out; ssl->handshake->alt_transform_out = ssl->transform_out;
memcpy( ssl->handshake->alt_out_ctr, ssl->cur_out_ctr, 8 ); memcpy( ssl->handshake->alt_out_ctr, ssl->cur_out_ctr,
sizeof( ssl->cur_out_ctr ) );
/* Set sequence_number to zero */ /* Set sequence_number to zero */
memset( ssl->cur_out_ctr + 2, 0, 6 ); mbedtls_platform_zeroize( &ssl->cur_out_ctr[2],
sizeof( ssl->cur_out_ctr ) - 2 );
/* Increment epoch */ /* Increment epoch */
for( i = 2; i > 0; i-- ) for( i = 2; i > 0; i-- )
@ -2839,7 +2842,7 @@ int mbedtls_ssl_write_finished( mbedtls_ssl_context *ssl )
} }
else else
#endif /* MBEDTLS_SSL_PROTO_DTLS */ #endif /* MBEDTLS_SSL_PROTO_DTLS */
memset( ssl->cur_out_ctr, 0, 8 ); mbedtls_platform_zeroize( ssl->cur_out_ctr, sizeof( ssl->cur_out_ctr ) );
ssl->transform_out = ssl->transform_negotiate; ssl->transform_out = ssl->transform_negotiate;
ssl->session_out = ssl->session_negotiate; ssl->session_out = ssl->session_negotiate;
@ -3324,7 +3327,7 @@ static void ssl_session_reset_msg_layer( mbedtls_ssl_context *ssl,
ssl->out_msglen = 0; ssl->out_msglen = 0;
ssl->out_left = 0; ssl->out_left = 0;
memset( ssl->out_buf, 0, out_buf_len ); memset( ssl->out_buf, 0, out_buf_len );
memset( ssl->cur_out_ctr, 0, sizeof( ssl->cur_out_ctr ) ); mbedtls_platform_zeroize( ssl->cur_out_ctr, sizeof( ssl->cur_out_ctr ) );
ssl->transform_out = NULL; ssl->transform_out = NULL;
#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
@ -5778,7 +5781,7 @@ int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl,
used += 8; used += 8;
if( used <= buf_len ) if( used <= buf_len )
{ {
memcpy( p, ssl->cur_out_ctr, 8 ); memcpy( p, ssl->cur_out_ctr, sizeof( ssl->cur_out_ctr ) );
p += 8; p += 8;
} }
@ -6035,11 +6038,11 @@ static int ssl_context_load( mbedtls_ssl_context *ssl,
ssl->disable_datagram_packing = *p++; ssl->disable_datagram_packing = *p++;
#endif /* MBEDTLS_SSL_PROTO_DTLS */ #endif /* MBEDTLS_SSL_PROTO_DTLS */
if( (size_t)( end - p ) < 8 ) if( (size_t)( end - p ) < sizeof( ssl->cur_out_ctr ) )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
memcpy( ssl->cur_out_ctr, p, 8 ); memcpy( ssl->cur_out_ctr, p, sizeof( ssl->cur_out_ctr ) );
p += 8; p += sizeof( ssl->cur_out_ctr );
#if defined(MBEDTLS_SSL_PROTO_DTLS) #if defined(MBEDTLS_SSL_PROTO_DTLS)
if( (size_t)( end - p ) < 2 ) if( (size_t)( end - p ) < 2 )