yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-22 22:25:47 +01:00
Code Issues Packages Projects Releases Wiki Activity

Remove ref to CID from inner plaintext parsing/building functions

Browse Source 
The internal functions

  `ssl_cid_{build/parse}_inner_plaintext()`

implement the TLSInnerPlaintext mechanism used by DTLS 1.2 + CID
in order to allow for flexible length padding and to protect the
true content type of a record.

This feature is also present in TLS 1.3 support for which is under
development. As a preparatory step towards sharing the code between
the case of DTLS 1.2 + CID and TLS 1.3, this commit renames

   `ssl_cid_{build/parse}_inner_plaintext()`

to

   `ssl_{build/parse}_inner_plaintext()`.

Signed-off-by: Hanno Becker <hanno.becker@arm.com>
This commit is contained in:
Hanno Becker 2020-05-04 12:20:03 +01:00
parent 2ab47dc5cd
commit 581bc1b908
1 changed files with 18 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
library/ssl_msg.c
View File

@ -342,14 +342,16 @@ static void ssl_read_memory( unsigned char *p, size_t len )
*/
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
/* This functions transforms a DTLS plaintext fragment and a record content
* type into an instance of the DTLSInnerPlaintext structure:
/* This functions transforms a (D)TLS plaintext fragment and a record content
* type into an instance of the (D)TLSInnerPlaintext structure. This is used
* in DTLS 1.2 + CID and within TLS 1.3 to allow flexible padding and to protect
* a record's content type.
*
* struct {
* opaque content[DTLSPlaintext.length];
* ContentType real_type;
* uint8 zeros[length_of_padding];
* } DTLSInnerPlaintext;
* } (D)TLSInnerPlaintext;
*
* Input:
* - `content`: The beginning of the buffer holding the
@ -360,18 +362,18 @@ static void ssl_read_memory( unsigned char *p, size_t len )
* - `rec_type`: The desired record content type.
*
* Output:
* - `content`: The beginning of the resulting DTLSInnerPlaintext structure.
* - `*content_size`: The length of the resulting DTLSInnerPlaintext structure.
* - `content`: The beginning of the resulting (D)TLSInnerPlaintext structure.
* - `*content_size`: The length of the resulting (D)TLSInnerPlaintext structure.
*
* Returns:
* - `0` on success.
* - A negative error code if `max_len` didn't offer enough space
* for the expansion.
*/
static int ssl_cid_build_inner_plaintext( unsigned char *content,
size_t *content_size,
size_t remaining,
uint8_t rec_type )
static int ssl_build_inner_plaintext( unsigned char *content,
size_t *content_size,
size_t remaining,
uint8_t rec_type )
{
size_t len = *content_size;
size_t pad = ( MBEDTLS_SSL_CID_PADDING_GRANULARITY -
@ -395,9 +397,9 @@ static int ssl_cid_build_inner_plaintext( unsigned char *content,
return( 0 );
}
/* This function parses a DTLSInnerPlaintext structure.
* See ssl_cid_build_inner_plaintext() for details. */
static int ssl_cid_parse_inner_plaintext( unsigned char const *content,
/* This function parses a (D)TLSInnerPlaintext structure.
* See ssl_build_inner_plaintext() for details. */
static int ssl_parse_inner_plaintext( unsigned char const *content,
size_t *content_size,
uint8_t *rec_type )
{
@ -586,12 +588,12 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl,
{
/*
* Wrap plaintext into DTLSInnerPlaintext structure.
* See ssl_cid_build_inner_plaintext() for more information.
* See ssl_build_inner_plaintext() for more information.
*
* Note that this changes `rec->data_len`, and hence
* `post_avail` needs to be recalculated afterwards.
*/
if( ssl_cid_build_inner_plaintext( data,
if( ssl_build_inner_plaintext( data,
&rec->data_len,
post_avail,
rec->type ) != 0 )
@ -1552,8 +1554,8 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl,
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
if( rec->cid_len != 0 )
{
ret = ssl_cid_parse_inner_plaintext( data, &rec->data_len,
&rec->type );
ret = ssl_parse_inner_plaintext( data, &rec->data_len,
&rec->type );
if( ret != 0 )
return( MBEDTLS_ERR_SSL_INVALID_RECORD );
}