From 50dde56543f28fe138f55afea72ce161f61ddf27 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Tue, 22 Jun 2021 15:51:53 +0100 Subject: [PATCH 01/32] Implement byte reading macros into library/ To improve readability by saving horizontal and vertical space. Removed unecessary & 0xFF. Byte reading macros implemented in library/common.h, All files containing "& 0xff" were modified. Comments/Documentation not yet added to the macro definitions. Fixes #4274 Signed-off-by: Joe Subbiani --- library/common.h | 10 ++++++++++ library/ctr_drbg.c | 8 ++++---- library/nist_kw.c | 2 +- library/psa_crypto.c | 4 ++-- library/psa_its_file.c | 16 ++++++++-------- library/ssl_msg.c | 14 +++++++------- library/ssl_ticket.c | 4 ++-- 7 files changed, 34 insertions(+), 24 deletions(-) diff --git a/library/common.h b/library/common.h index 9e4b0312b..baef72d48 100644 --- a/library/common.h +++ b/library/common.h @@ -66,4 +66,14 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c */ #define MBEDTLS_ALLOW_PRIVATE_ACCESS +/** Byte Reading Macros + * + * To tidy up code and save horizontal and vertical space, use byte + * reading macros to cast + */ +#define BYTE_0( x ) ( (uint8_t) ( ( x ) & 0xff ) ) +#define BYTE_1( x ) ( (uint8_t) ( ( ( x ) >> 8 ) & 0xff ) ) +#define BYTE_2( x ) ( (uint8_t) ( ( ( x ) >> 16 ) & 0xff ) ) +#define BYTE_3( x ) ( (uint8_t) ( ( ( x ) >> 24 ) & 0xff ) ) + #endif /* MBEDTLS_LIBRARY_COMMON_H */ diff --git a/library/ctr_drbg.c b/library/ctr_drbg.c index b664fb0fc..d52d9ef25 100644 --- a/library/ctr_drbg.c +++ b/library/ctr_drbg.c @@ -152,10 +152,10 @@ static int block_cipher_df( unsigned char *output, * (Total is padded to a multiple of 16-bytes with zeroes) */ p = buf + MBEDTLS_CTR_DRBG_BLOCKSIZE; - *p++ = ( data_len >> 24 ) & 0xff; - *p++ = ( data_len >> 16 ) & 0xff; - *p++ = ( data_len >> 8 ) & 0xff; - *p++ = ( data_len ) & 0xff; + *p++ = BYTE_3( data_len ); + *p++ = BYTE_2( data_len ); + *p++ = BYTE_1( data_len ); + *p++ = BYTE_0( data_len ); p += 3; *p++ = MBEDTLS_CTR_DRBG_SEEDLEN; memcpy( p, data, data_len ); diff --git a/library/nist_kw.c b/library/nist_kw.c index 5054ca206..3fff2b7f8 100644 --- a/library/nist_kw.c +++ b/library/nist_kw.c @@ -169,7 +169,7 @@ static void calc_a_xor_t( unsigned char A[KW_SEMIBLOCK_LENGTH], uint64_t t ) size_t i = 0; for( i = 0; i < sizeof( t ); i++ ) { - A[i] ^= ( t >> ( ( sizeof( t ) - 1 - i ) * 8 ) ) & 0xff; + A[i] ^= BYTE_0( t >> ( ( sizeof( t ) - 1 - i ) * 8 ) ); } } diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 3574b9842..b46e023e5 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -4506,8 +4506,8 @@ static psa_status_t psa_tls12_prf_psk_to_ms_set_key( * uint16 with the value N, and the PSK itself. */ - *cur++ = ( data_length >> 8 ) & 0xff; - *cur++ = ( data_length >> 0 ) & 0xff; + *cur++ = BYTE_1( data_length ); + *cur++ = BYTE_0( data_length ); memset( cur, 0, data_length ); cur += data_length; *cur++ = pms[0]; diff --git a/library/psa_its_file.c b/library/psa_its_file.c index 492be1c71..66043b502 100644 --- a/library/psa_its_file.c +++ b/library/psa_its_file.c @@ -191,14 +191,14 @@ psa_status_t psa_its_set( psa_storage_uid_t uid, size_t n; memcpy( header.magic, PSA_ITS_MAGIC_STRING, PSA_ITS_MAGIC_LENGTH ); - header.size[0] = data_length & 0xff; - header.size[1] = ( data_length >> 8 ) & 0xff; - header.size[2] = ( data_length >> 16 ) & 0xff; - header.size[3] = ( data_length >> 24 ) & 0xff; - header.flags[0] = create_flags & 0xff; - header.flags[1] = ( create_flags >> 8 ) & 0xff; - header.flags[2] = ( create_flags >> 16 ) & 0xff; - header.flags[3] = ( create_flags >> 24 ) & 0xff; + header.size[0] = BYTE_0( data_length ); + header.size[1] = BYTE_1( data_length ); + header.size[2] = BYTE_2( data_length ); + header.size[3] = BYTE_3( data_length ); + header.flags[0] = BYTE_0( create_flags ); + header.flags[1] = BYTE_1( create_flags ); + header.flags[2] = BYTE_2( create_flags ); + header.flags[3] = BYTE_3( create_flags ); psa_its_fill_filename( uid, filename ); stream = fopen( PSA_ITS_STORAGE_TEMP, "wb" ); diff --git a/library/ssl_msg.c b/library/ssl_msg.c index a03f19251..1fd9420c2 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -2254,14 +2254,14 @@ int mbedtls_ssl_flight_transmit( mbedtls_ssl_context *ssl ) * copy beginning of headers then fill fragmentation fields. * Handshake headers: type(1) len(3) seq(2) f_off(3) f_len(3) */ memcpy( ssl->out_msg, cur->p, 6 ); + + ssl->out_msg[6] = BYTE_2( frag_off ); + ssl->out_msg[7] = BYTE_1( frag_off ); + ssl->out_msg[8] = BYTE_0( frag_off ); - ssl->out_msg[6] = ( ( frag_off >> 16 ) & 0xff ); - ssl->out_msg[7] = ( ( frag_off >> 8 ) & 0xff ); - ssl->out_msg[8] = ( ( frag_off ) & 0xff ); - - ssl->out_msg[ 9] = ( ( cur_hs_frag_len >> 16 ) & 0xff ); - ssl->out_msg[10] = ( ( cur_hs_frag_len >> 8 ) & 0xff ); - ssl->out_msg[11] = ( ( cur_hs_frag_len ) & 0xff ); + ssl->out_msg[ 9] = BYTE_2( cur_hs_frag_len ); + ssl->out_msg[10] = BYTE_1( cur_hs_frag_len ); + ssl->out_msg[11] = BYTE_0( cur_hs_frag_len ); MBEDTLS_SSL_DEBUG_BUF( 3, "handshake header", ssl->out_msg, 12 ); diff --git a/library/ssl_ticket.c b/library/ssl_ticket.c index 940e1a67a..29d834575 100644 --- a/library/ssl_ticket.c +++ b/library/ssl_ticket.c @@ -245,8 +245,8 @@ int mbedtls_ssl_ticket_write( void *p_ticket, { goto cleanup; } - state_len_bytes[0] = ( clear_len >> 8 ) & 0xff; - state_len_bytes[1] = ( clear_len ) & 0xff; + state_len_bytes[0] = BYTE_1( clear_len ); + state_len_bytes[1] = BYTE_0( clear_len ); /* Encrypt and authenticate */ if( ( ret = mbedtls_cipher_auth_encrypt_ext( &key->ctx, From 3b394509da07fd7b78a9d9396d838bd588c6ba59 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Wed, 23 Jun 2021 11:23:44 +0100 Subject: [PATCH 02/32] Move BYTES_TO_U32_LE to common.h The macro BYTES_TO_U32_LE appears in poly1305.c and chacha20.c. Removes duplicate code and save vertical space the macro has been moved to common.h. Improves maintainability. Signed-off-by: Joe Subbiani --- library/chacha20.c | 7 ------- library/common.h | 14 ++++++++++++-- library/poly1305.c | 7 ------- 3 files changed, 12 insertions(+), 16 deletions(-) diff --git a/library/chacha20.c b/library/chacha20.c index 78467d3fc..9862ea535 100644 --- a/library/chacha20.c +++ b/library/chacha20.c @@ -54,13 +54,6 @@ #define CHACHA20_VALIDATE( cond ) \ MBEDTLS_INTERNAL_VALIDATE( cond ) -#define BYTES_TO_U32_LE( data, offset ) \ - ( (uint32_t) (data)[offset] \ - | (uint32_t) ( (uint32_t) (data)[( offset ) + 1] << 8 ) \ - | (uint32_t) ( (uint32_t) (data)[( offset ) + 2] << 16 ) \ - | (uint32_t) ( (uint32_t) (data)[( offset ) + 3] << 24 ) \ - ) - #define ROTL32( value, amount ) \ ( (uint32_t) ( (value) << (amount) ) | ( (value) >> ( 32 - (amount) ) ) ) diff --git a/library/common.h b/library/common.h index baef72d48..500e5d4c7 100644 --- a/library/common.h +++ b/library/common.h @@ -71,9 +71,19 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c * To tidy up code and save horizontal and vertical space, use byte * reading macros to cast */ -#define BYTE_0( x ) ( (uint8_t) ( ( x ) & 0xff ) ) -#define BYTE_1( x ) ( (uint8_t) ( ( ( x ) >> 8 ) & 0xff ) ) +#define BYTE_0( x ) ( (uint8_t) ( ( x ) & 0xff ) ) +#define BYTE_1( x ) ( (uint8_t) ( ( ( x ) >> 8 ) & 0xff ) ) #define BYTE_2( x ) ( (uint8_t) ( ( ( x ) >> 16 ) & 0xff ) ) #define BYTE_3( x ) ( (uint8_t) ( ( ( x ) >> 24 ) & 0xff ) ) +/** + * + */ +#define BYTES_TO_U32_LE( data, offset ) \ + ( (uint32_t) (data)[offset] \ + | (uint32_t) ( (uint32_t) (data)[( offset ) + 1] << 8 ) \ + | (uint32_t) ( (uint32_t) (data)[( offset ) + 2] << 16 ) \ + | (uint32_t) ( (uint32_t) (data)[( offset ) + 3] << 24 ) \ + ) + #endif /* MBEDTLS_LIBRARY_COMMON_H */ diff --git a/library/poly1305.c b/library/poly1305.c index 492d1457d..a30b1707e 100644 --- a/library/poly1305.c +++ b/library/poly1305.c @@ -52,13 +52,6 @@ #define POLY1305_BLOCK_SIZE_BYTES ( 16U ) -#define BYTES_TO_U32_LE( data, offset ) \ - ( (uint32_t) (data)[offset] \ - | (uint32_t) ( (uint32_t) (data)[( offset ) + 1] << 8 ) \ - | (uint32_t) ( (uint32_t) (data)[( offset ) + 2] << 16 ) \ - | (uint32_t) ( (uint32_t) (data)[( offset ) + 3] << 24 ) \ - ) - /* * Our implementation is tuned for 32-bit platforms with a 64-bit multiplier. * However we provided an alternative for platforms without such a multiplier. From 30d974c232cfdff6b91856c99ac8c11de3135915 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Wed, 23 Jun 2021 11:49:03 +0100 Subject: [PATCH 03/32] Move UINT32_BE macros to common.h 32-bit integer manipulation macros (big edian): GET_UINT32_BE and PUT_UINT32_BE appear in several files in library/. Removes duplicate code and save vertical space the macro has been moved to common.h. Improves maintainability. Signed-off-by: Joe Subbiani --- library/camellia.c | 23 ----------------------- library/common.h | 23 +++++++++++++++++++++++ library/des.c | 23 ----------------------- library/gcm.c | 23 ----------------------- library/nist_kw.c | 20 -------------------- library/sha1.c | 23 ----------------------- library/sha256.c | 23 ----------------------- 7 files changed, 23 insertions(+), 135 deletions(-) diff --git a/library/camellia.c b/library/camellia.c index f7e013611..0817b1d29 100644 --- a/library/camellia.c +++ b/library/camellia.c @@ -49,29 +49,6 @@ #define CAMELLIA_VALIDATE( cond ) \ MBEDTLS_INTERNAL_VALIDATE( cond ) -/* - * 32-bit integer manipulation macros (big endian) - */ -#ifndef GET_UINT32_BE -#define GET_UINT32_BE(n,b,i) \ -{ \ - (n) = ( (uint32_t) (b)[(i) ] << 24 ) \ - | ( (uint32_t) (b)[(i) + 1] << 16 ) \ - | ( (uint32_t) (b)[(i) + 2] << 8 ) \ - | ( (uint32_t) (b)[(i) + 3] ); \ -} -#endif - -#ifndef PUT_UINT32_BE -#define PUT_UINT32_BE(n,b,i) \ -{ \ - (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \ - (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \ - (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \ - (b)[(i) + 3] = (unsigned char) ( (n) ); \ -} -#endif - static const unsigned char SIGMA_CHARS[6][8] = { { 0xa0, 0x9e, 0x66, 0x7f, 0x3b, 0xcc, 0x90, 0x8b }, diff --git a/library/common.h b/library/common.h index 500e5d4c7..b3b70dc62 100644 --- a/library/common.h +++ b/library/common.h @@ -76,6 +76,29 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c #define BYTE_2( x ) ( (uint8_t) ( ( ( x ) >> 16 ) & 0xff ) ) #define BYTE_3( x ) ( (uint8_t) ( ( ( x ) >> 24 ) & 0xff ) ) +/* + * 32-bit integer manipulation macros (big endian) + */ +#ifndef GET_UINT32_BE +#define GET_UINT32_BE(n,b,i) \ +{ \ + (n) = ( (uint32_t) (b)[(i) ] << 24 ) \ + | ( (uint32_t) (b)[(i) + 1] << 16 ) \ + | ( (uint32_t) (b)[(i) + 2] << 8 ) \ + | ( (uint32_t) (b)[(i) + 3] ); \ +} +#endif + +#ifndef PUT_UINT32_BE +#define PUT_UINT32_BE(n,b,i) \ +{ \ + (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \ + (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \ + (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \ + (b)[(i) + 3] = (unsigned char) ( (n) ); \ +} +#endif + /** * */ diff --git a/library/des.c b/library/des.c index eddf55e78..36ea27776 100644 --- a/library/des.c +++ b/library/des.c @@ -43,29 +43,6 @@ #if !defined(MBEDTLS_DES_ALT) -/* - * 32-bit integer manipulation macros (big endian) - */ -#ifndef GET_UINT32_BE -#define GET_UINT32_BE(n,b,i) \ -{ \ - (n) = ( (uint32_t) (b)[(i) ] << 24 ) \ - | ( (uint32_t) (b)[(i) + 1] << 16 ) \ - | ( (uint32_t) (b)[(i) + 2] << 8 ) \ - | ( (uint32_t) (b)[(i) + 3] ); \ -} -#endif - -#ifndef PUT_UINT32_BE -#define PUT_UINT32_BE(n,b,i) \ -{ \ - (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \ - (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \ - (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \ - (b)[(i) + 3] = (unsigned char) ( (n) ); \ -} -#endif - /* * Expanded DES S-boxes */ diff --git a/library/gcm.c b/library/gcm.c index 835b1b285..c8254876d 100644 --- a/library/gcm.c +++ b/library/gcm.c @@ -58,29 +58,6 @@ #define GCM_VALIDATE( cond ) \ MBEDTLS_INTERNAL_VALIDATE( cond ) -/* - * 32-bit integer manipulation macros (big endian) - */ -#ifndef GET_UINT32_BE -#define GET_UINT32_BE(n,b,i) \ -{ \ - (n) = ( (uint32_t) (b)[(i) ] << 24 ) \ - | ( (uint32_t) (b)[(i) + 1] << 16 ) \ - | ( (uint32_t) (b)[(i) + 2] << 8 ) \ - | ( (uint32_t) (b)[(i) + 3] ); \ -} -#endif - -#ifndef PUT_UINT32_BE -#define PUT_UINT32_BE(n,b,i) \ -{ \ - (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \ - (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \ - (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \ - (b)[(i) + 3] = (unsigned char) ( (n) ); \ -} -#endif - /* * Initialize a context */ diff --git a/library/nist_kw.c b/library/nist_kw.c index 3fff2b7f8..c0eed674c 100644 --- a/library/nist_kw.c +++ b/library/nist_kw.c @@ -77,26 +77,6 @@ static const unsigned char NIST_KW_ICV1[] = {0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, /*! The 32-bit default integrity check value (ICV) for KWP mode. */ static const unsigned char NIST_KW_ICV2[] = {0xA6, 0x59, 0x59, 0xA6}; -#ifndef GET_UINT32_BE -#define GET_UINT32_BE(n,b,i) \ -do { \ - (n) = ( (uint32_t) (b)[(i) ] << 24 ) \ - | ( (uint32_t) (b)[(i) + 1] << 16 ) \ - | ( (uint32_t) (b)[(i) + 2] << 8 ) \ - | ( (uint32_t) (b)[(i) + 3] ); \ -} while( 0 ) -#endif - -#ifndef PUT_UINT32_BE -#define PUT_UINT32_BE(n,b,i) \ -do { \ - (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \ - (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \ - (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \ - (b)[(i) + 3] = (unsigned char) ( (n) ); \ -} while( 0 ) -#endif - /* * Initialize context */ diff --git a/library/sha1.c b/library/sha1.c index 545d09310..9beaee5a5 100644 --- a/library/sha1.c +++ b/library/sha1.c @@ -48,29 +48,6 @@ #if !defined(MBEDTLS_SHA1_ALT) -/* - * 32-bit integer manipulation macros (big endian) - */ -#ifndef GET_UINT32_BE -#define GET_UINT32_BE(n,b,i) \ -{ \ - (n) = ( (uint32_t) (b)[(i) ] << 24 ) \ - | ( (uint32_t) (b)[(i) + 1] << 16 ) \ - | ( (uint32_t) (b)[(i) + 2] << 8 ) \ - | ( (uint32_t) (b)[(i) + 3] ); \ -} -#endif - -#ifndef PUT_UINT32_BE -#define PUT_UINT32_BE(n,b,i) \ -{ \ - (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \ - (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \ - (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \ - (b)[(i) + 3] = (unsigned char) ( (n) ); \ -} -#endif - void mbedtls_sha1_init( mbedtls_sha1_context *ctx ) { SHA1_VALIDATE( ctx != NULL ); diff --git a/library/sha256.c b/library/sha256.c index 6ec6da296..f548c672e 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -50,29 +50,6 @@ #if !defined(MBEDTLS_SHA256_ALT) -/* - * 32-bit integer manipulation macros (big endian) - */ -#ifndef GET_UINT32_BE -#define GET_UINT32_BE(n,b,i) \ -do { \ - (n) = ( (uint32_t) (b)[(i) ] << 24 ) \ - | ( (uint32_t) (b)[(i) + 1] << 16 ) \ - | ( (uint32_t) (b)[(i) + 2] << 8 ) \ - | ( (uint32_t) (b)[(i) + 3] ); \ -} while( 0 ) -#endif - -#ifndef PUT_UINT32_BE -#define PUT_UINT32_BE(n,b,i) \ -do { \ - (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \ - (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \ - (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \ - (b)[(i) + 3] = (unsigned char) ( (n) ); \ -} while( 0 ) -#endif - void mbedtls_sha256_init( mbedtls_sha256_context *ctx ) { SHA256_VALIDATE( ctx != NULL ); From 54c6134ff7de2ccc5d5cc2ef55f766d9a3a1fbdb Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Wed, 23 Jun 2021 12:16:47 +0100 Subject: [PATCH 04/32] Move UINT32_LE macros to common.h 32-bit integer manipulation macros (little edian): GET_UINT32_LE and PUT_UINT32_LE appear in several files in library/. Removes duplicate code and save vertical space the macro has been moved to common.h. Improves maintainability. Also provided brief comment in common.h for BYTES_TO_U32_LE. comment/documentation will probably need to be edited further for all recent additions to library/common.h Signed-off-by: Joe Subbiani --- library/aes.c | 23 ----------------------- library/aria.c | 23 ----------------------- library/common.h | 25 ++++++++++++++++++++++++- library/md5.c | 23 ----------------------- library/psa_crypto_storage.c | 23 ----------------------- library/ripemd160.c | 23 ----------------------- 6 files changed, 24 insertions(+), 116 deletions(-) diff --git a/library/aes.c b/library/aes.c index a15a80924..7b4fb869e 100644 --- a/library/aes.c +++ b/library/aes.c @@ -57,29 +57,6 @@ #define AES_VALIDATE( cond ) \ MBEDTLS_INTERNAL_VALIDATE( cond ) -/* - * 32-bit integer manipulation macros (little endian) - */ -#ifndef GET_UINT32_LE -#define GET_UINT32_LE(n,b,i) \ -{ \ - (n) = ( (uint32_t) (b)[(i) ] ) \ - | ( (uint32_t) (b)[(i) + 1] << 8 ) \ - | ( (uint32_t) (b)[(i) + 2] << 16 ) \ - | ( (uint32_t) (b)[(i) + 3] << 24 ); \ -} -#endif - -#ifndef PUT_UINT32_LE -#define PUT_UINT32_LE(n,b,i) \ -{ \ - (b)[(i) ] = (unsigned char) ( ( (n) ) & 0xFF ); \ - (b)[(i) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \ - (b)[(i) + 2] = (unsigned char) ( ( (n) >> 16 ) & 0xFF ); \ - (b)[(i) + 3] = (unsigned char) ( ( (n) >> 24 ) & 0xFF ); \ -} -#endif - #if defined(MBEDTLS_PADLOCK_C) && \ ( defined(MBEDTLS_HAVE_X86) || defined(MBEDTLS_PADLOCK_ALIGN16) ) static int aes_padlock_ace = -1; diff --git a/library/aria.c b/library/aria.c index a5786b37a..d7d2bea7c 100644 --- a/library/aria.c +++ b/library/aria.c @@ -55,29 +55,6 @@ #define ARIA_VALIDATE( cond ) \ MBEDTLS_INTERNAL_VALIDATE( cond ) -/* - * 32-bit integer manipulation macros (little endian) - */ -#ifndef GET_UINT32_LE -#define GET_UINT32_LE( n, b, i ) \ -{ \ - (n) = ( (uint32_t) (b)[(i) ] ) \ - | ( (uint32_t) (b)[(i) + 1] << 8 ) \ - | ( (uint32_t) (b)[(i) + 2] << 16 ) \ - | ( (uint32_t) (b)[(i) + 3] << 24 ); \ -} -#endif - -#ifndef PUT_UINT32_LE -#define PUT_UINT32_LE( n, b, i ) \ -{ \ - (b)[(i) ] = (unsigned char) ( ( (n) ) & 0xFF ); \ - (b)[(i) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \ - (b)[(i) + 2] = (unsigned char) ( ( (n) >> 16 ) & 0xFF ); \ - (b)[(i) + 3] = (unsigned char) ( ( (n) >> 24 ) & 0xFF ); \ -} -#endif - /* * modify byte order: ( A B C D ) -> ( B A D C ), i.e. swap pairs of bytes * diff --git a/library/common.h b/library/common.h index b3b70dc62..c2cf633c9 100644 --- a/library/common.h +++ b/library/common.h @@ -99,8 +99,31 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c } #endif +/* + * 32-bit integer manipulation macros (little endian) + */ +#ifndef GET_UINT32_LE +#define GET_UINT32_LE(n,b,i) \ +{ \ + (n) = ( (uint32_t) (b)[(i) ] ) \ + | ( (uint32_t) (b)[(i) + 1] << 8 ) \ + | ( (uint32_t) (b)[(i) + 2] << 16 ) \ + | ( (uint32_t) (b)[(i) + 3] << 24 ); \ +} +#endif + +#ifndef PUT_UINT32_LE +#define PUT_UINT32_LE(n,b,i) \ +{ \ + (b)[(i) ] = (unsigned char) ( ( (n) ) & 0xFF ); \ + (b)[(i) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \ + (b)[(i) + 2] = (unsigned char) ( ( (n) >> 16 ) & 0xFF ); \ + (b)[(i) + 3] = (unsigned char) ( ( (n) >> 24 ) & 0xFF ); \ +} +#endif + /** - * + * 32-bit integer conversion from bytes (little endian) */ #define BYTES_TO_U32_LE( data, offset ) \ ( (uint32_t) (data)[offset] \ diff --git a/library/md5.c b/library/md5.c index d7f8cee46..d8f637da8 100644 --- a/library/md5.c +++ b/library/md5.c @@ -43,29 +43,6 @@ #if !defined(MBEDTLS_MD5_ALT) -/* - * 32-bit integer manipulation macros (little endian) - */ -#ifndef GET_UINT32_LE -#define GET_UINT32_LE(n,b,i) \ -{ \ - (n) = ( (uint32_t) (b)[(i) ] ) \ - | ( (uint32_t) (b)[(i) + 1] << 8 ) \ - | ( (uint32_t) (b)[(i) + 2] << 16 ) \ - | ( (uint32_t) (b)[(i) + 3] << 24 ); \ -} -#endif - -#ifndef PUT_UINT32_LE -#define PUT_UINT32_LE(n,b,i) \ -{ \ - (b)[(i) ] = (unsigned char) ( ( (n) ) & 0xFF ); \ - (b)[(i) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \ - (b)[(i) + 2] = (unsigned char) ( ( (n) >> 16 ) & 0xFF ); \ - (b)[(i) + 3] = (unsigned char) ( ( (n) >> 24 ) & 0xFF ); \ -} -#endif - void mbedtls_md5_init( mbedtls_md5_context *ctx ) { memset( ctx, 0, sizeof( mbedtls_md5_context ) ); diff --git a/library/psa_crypto_storage.c b/library/psa_crypto_storage.c index 09cbab4c4..36b518350 100644 --- a/library/psa_crypto_storage.c +++ b/library/psa_crypto_storage.c @@ -230,29 +230,6 @@ static psa_status_t psa_crypto_storage_get_data_length( return( PSA_SUCCESS ); } -/* - * 32-bit integer manipulation macros (little endian) - */ -#ifndef GET_UINT32_LE -#define GET_UINT32_LE( n, b, i ) \ -{ \ - (n) = ( (uint32_t) (b)[(i) ] ) \ - | ( (uint32_t) (b)[(i) + 1] << 8 ) \ - | ( (uint32_t) (b)[(i) + 2] << 16 ) \ - | ( (uint32_t) (b)[(i) + 3] << 24 ); \ -} -#endif - -#ifndef PUT_UINT32_LE -#define PUT_UINT32_LE( n, b, i ) \ -{ \ - (b)[(i) ] = (unsigned char) ( ( (n) ) & 0xFF ); \ - (b)[(i) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \ - (b)[(i) + 2] = (unsigned char) ( ( (n) >> 16 ) & 0xFF ); \ - (b)[(i) + 3] = (unsigned char) ( ( (n) >> 24 ) & 0xFF ); \ -} -#endif - /* * 16-bit integer manipulation macros (little endian) */ diff --git a/library/ripemd160.c b/library/ripemd160.c index d2ccbbec4..d60654e95 100644 --- a/library/ripemd160.c +++ b/library/ripemd160.c @@ -44,29 +44,6 @@ #if !defined(MBEDTLS_RIPEMD160_ALT) -/* - * 32-bit integer manipulation macros (little endian) - */ -#ifndef GET_UINT32_LE -#define GET_UINT32_LE(n,b,i) \ -{ \ - (n) = ( (uint32_t) (b)[(i) ] ) \ - | ( (uint32_t) (b)[(i) + 1] << 8 ) \ - | ( (uint32_t) (b)[(i) + 2] << 16 ) \ - | ( (uint32_t) (b)[(i) + 3] << 24 ); \ -} -#endif - -#ifndef PUT_UINT32_LE -#define PUT_UINT32_LE(n,b,i) \ -{ \ - (b)[(i) ] = (unsigned char) ( ( (n) ) & 0xFF ); \ - (b)[(i) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \ - (b)[(i) + 2] = (unsigned char) ( ( (n) >> 16 ) & 0xFF ); \ - (b)[(i) + 3] = (unsigned char) ( ( (n) >> 24 ) & 0xFF ); \ -} -#endif - void mbedtls_ripemd160_init( mbedtls_ripemd160_context *ctx ) { memset( ctx, 0, sizeof( mbedtls_ripemd160_context ) ); From c4f3d5b38e4e1e88237f67380246c5f2fdeec7fd Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Wed, 23 Jun 2021 17:58:41 +0100 Subject: [PATCH 05/32] Add do-while protection to macros missed do-while around function-like macros (UINT32_BE and UINT_LE macros) originally present in the indivdual files, before being moved to common.h. Signed-off-by: Joe Subbiani --- library/common.h | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/library/common.h b/library/common.h index c2cf633c9..56514b343 100644 --- a/library/common.h +++ b/library/common.h @@ -81,22 +81,22 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c */ #ifndef GET_UINT32_BE #define GET_UINT32_BE(n,b,i) \ -{ \ +do { \ (n) = ( (uint32_t) (b)[(i) ] << 24 ) \ | ( (uint32_t) (b)[(i) + 1] << 16 ) \ | ( (uint32_t) (b)[(i) + 2] << 8 ) \ | ( (uint32_t) (b)[(i) + 3] ); \ -} +} while( 0 ) #endif #ifndef PUT_UINT32_BE #define PUT_UINT32_BE(n,b,i) \ -{ \ +do { \ (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \ (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \ (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \ (b)[(i) + 3] = (unsigned char) ( (n) ); \ -} +} while( 0 ) #endif /* @@ -104,22 +104,22 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c */ #ifndef GET_UINT32_LE #define GET_UINT32_LE(n,b,i) \ -{ \ +do { \ (n) = ( (uint32_t) (b)[(i) ] ) \ | ( (uint32_t) (b)[(i) + 1] << 8 ) \ | ( (uint32_t) (b)[(i) + 2] << 16 ) \ | ( (uint32_t) (b)[(i) + 3] << 24 ); \ -} +} while( 0 ) #endif #ifndef PUT_UINT32_LE #define PUT_UINT32_LE(n,b,i) \ -{ \ +do { \ (b)[(i) ] = (unsigned char) ( ( (n) ) & 0xFF ); \ (b)[(i) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \ (b)[(i) + 2] = (unsigned char) ( ( (n) >> 16 ) & 0xFF ); \ (b)[(i) + 3] = (unsigned char) ( ( (n) >> 24 ) & 0xFF ); \ -} +} while( 0 ) #endif /** From 6f2bb0c8efd7fb3a74ececd00b9ca507f5494efe Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Thu, 24 Jun 2021 09:06:23 +0100 Subject: [PATCH 06/32] Remove trailing whitespace Trailing white spaces causing check_files.py to fail Signed-off-by: Joe Subbiani --- library/common.h | 6 +++--- library/ssl_msg.c | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/library/common.h b/library/common.h index 56514b343..b6b7d01d9 100644 --- a/library/common.h +++ b/library/common.h @@ -67,8 +67,8 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c #define MBEDTLS_ALLOW_PRIVATE_ACCESS /** Byte Reading Macros - * - * To tidy up code and save horizontal and vertical space, use byte + * + * To tidy up code and save horizontal and vertical space, use byte * reading macros to cast */ #define BYTE_0( x ) ( (uint8_t) ( ( x ) & 0xff ) ) @@ -122,7 +122,7 @@ do { \ } while( 0 ) #endif -/** +/** * 32-bit integer conversion from bytes (little endian) */ #define BYTES_TO_U32_LE( data, offset ) \ diff --git a/library/ssl_msg.c b/library/ssl_msg.c index 1fd9420c2..f3dbba82b 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -2254,7 +2254,7 @@ int mbedtls_ssl_flight_transmit( mbedtls_ssl_context *ssl ) * copy beginning of headers then fill fragmentation fields. * Handshake headers: type(1) len(3) seq(2) f_off(3) f_len(3) */ memcpy( ssl->out_msg, cur->p, 6 ); - + ssl->out_msg[6] = BYTE_2( frag_off ); ssl->out_msg[7] = BYTE_1( frag_off ); ssl->out_msg[8] = BYTE_0( frag_off ); From 9aaec54e57e3ec869ad47ed0f6b67761b74f17fd Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Thu, 24 Jun 2021 11:00:08 +0100 Subject: [PATCH 07/32] Undo use of BYTE_x macro The use of the BYTE_x macro in nist_kw did not seem appropriate in hind sight as it is working with a character array not an int Signed-off-by: Joe Subbiani --- library/nist_kw.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/nist_kw.c b/library/nist_kw.c index c0eed674c..174a1eef1 100644 --- a/library/nist_kw.c +++ b/library/nist_kw.c @@ -149,7 +149,7 @@ static void calc_a_xor_t( unsigned char A[KW_SEMIBLOCK_LENGTH], uint64_t t ) size_t i = 0; for( i = 0; i < sizeof( t ); i++ ) { - A[i] ^= BYTE_0( t >> ( ( sizeof( t ) - 1 - i ) * 8 ) ); + A[i] ^= ( t >> ( ( sizeof( t ) - 1 - i ) * 8 ) ) & 0xff; } } From 5ecac217f01aee0f73cffcb30e8b32f00921299f Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Thu, 24 Jun 2021 13:00:03 +0100 Subject: [PATCH 08/32] Prefixed macros with MBEDTLS As per tests/scripts/check-names.sh, macros in library/ header files should be prefixed with MBEDTLS_ The macro functions in common.h where also indented to comply with the same test Signed-off-by: Joe Subbiani --- library/aes.c | 34 ++++++++--------- library/aria.c | 34 ++++++++--------- library/camellia.c | 22 +++++------ library/chacha20.c | 22 +++++------ library/common.h | 74 ++++++++++++++++++------------------ library/ctr_drbg.c | 8 ++-- library/des.c | 20 +++++----- library/gcm.c | 34 ++++++++--------- library/md5.c | 44 ++++++++++----------- library/nist_kw.c | 4 +- library/poly1305.c | 24 ++++++------ library/psa_crypto.c | 4 +- library/psa_crypto_storage.c | 24 ++++++------ library/psa_its_file.c | 16 ++++---- library/ripemd160.c | 46 +++++++++++----------- library/sha1.c | 46 +++++++++++----------- library/sha256.c | 24 ++++++------ library/ssl_msg.c | 12 +++--- library/ssl_ticket.c | 4 +- 19 files changed, 248 insertions(+), 248 deletions(-) diff --git a/library/aes.c b/library/aes.c index 7b4fb869e..db726fe36 100644 --- a/library/aes.c +++ b/library/aes.c @@ -567,7 +567,7 @@ int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key, for( i = 0; i < ( keybits >> 5 ); i++ ) { - GET_UINT32_LE( RK[i], key, i << 2 ); + MBEDTLS_GET_UINT32_LE( RK[i], key, i << 2 ); } switch( ctx->nr ) @@ -850,10 +850,10 @@ int mbedtls_internal_aes_encrypt( mbedtls_aes_context *ctx, uint32_t Y[4]; } t; - GET_UINT32_LE( t.X[0], input, 0 ); t.X[0] ^= *RK++; - GET_UINT32_LE( t.X[1], input, 4 ); t.X[1] ^= *RK++; - GET_UINT32_LE( t.X[2], input, 8 ); t.X[2] ^= *RK++; - GET_UINT32_LE( t.X[3], input, 12 ); t.X[3] ^= *RK++; + MBEDTLS_GET_UINT32_LE( t.X[0], input, 0 ); t.X[0] ^= *RK++; + MBEDTLS_GET_UINT32_LE( t.X[1], input, 4 ); t.X[1] ^= *RK++; + MBEDTLS_GET_UINT32_LE( t.X[2], input, 8 ); t.X[2] ^= *RK++; + MBEDTLS_GET_UINT32_LE( t.X[3], input, 12 ); t.X[3] ^= *RK++; for( i = ( ctx->nr >> 1 ) - 1; i > 0; i-- ) { @@ -887,10 +887,10 @@ int mbedtls_internal_aes_encrypt( mbedtls_aes_context *ctx, ( (uint32_t) FSb[ ( t.Y[1] >> 16 ) & 0xFF ] << 16 ) ^ ( (uint32_t) FSb[ ( t.Y[2] >> 24 ) & 0xFF ] << 24 ); - PUT_UINT32_LE( t.X[0], output, 0 ); - PUT_UINT32_LE( t.X[1], output, 4 ); - PUT_UINT32_LE( t.X[2], output, 8 ); - PUT_UINT32_LE( t.X[3], output, 12 ); + MBEDTLS_PUT_UINT32_LE( t.X[0], output, 0 ); + MBEDTLS_PUT_UINT32_LE( t.X[1], output, 4 ); + MBEDTLS_PUT_UINT32_LE( t.X[2], output, 8 ); + MBEDTLS_PUT_UINT32_LE( t.X[3], output, 12 ); mbedtls_platform_zeroize( &t, sizeof( t ) ); @@ -914,10 +914,10 @@ int mbedtls_internal_aes_decrypt( mbedtls_aes_context *ctx, uint32_t Y[4]; } t; - GET_UINT32_LE( t.X[0], input, 0 ); t.X[0] ^= *RK++; - GET_UINT32_LE( t.X[1], input, 4 ); t.X[1] ^= *RK++; - GET_UINT32_LE( t.X[2], input, 8 ); t.X[2] ^= *RK++; - GET_UINT32_LE( t.X[3], input, 12 ); t.X[3] ^= *RK++; + MBEDTLS_GET_UINT32_LE( t.X[0], input, 0 ); t.X[0] ^= *RK++; + MBEDTLS_GET_UINT32_LE( t.X[1], input, 4 ); t.X[1] ^= *RK++; + MBEDTLS_GET_UINT32_LE( t.X[2], input, 8 ); t.X[2] ^= *RK++; + MBEDTLS_GET_UINT32_LE( t.X[3], input, 12 ); t.X[3] ^= *RK++; for( i = ( ctx->nr >> 1 ) - 1; i > 0; i-- ) { @@ -951,10 +951,10 @@ int mbedtls_internal_aes_decrypt( mbedtls_aes_context *ctx, ( (uint32_t) RSb[ ( t.Y[1] >> 16 ) & 0xFF ] << 16 ) ^ ( (uint32_t) RSb[ ( t.Y[0] >> 24 ) & 0xFF ] << 24 ); - PUT_UINT32_LE( t.X[0], output, 0 ); - PUT_UINT32_LE( t.X[1], output, 4 ); - PUT_UINT32_LE( t.X[2], output, 8 ); - PUT_UINT32_LE( t.X[3], output, 12 ); + MBEDTLS_PUT_UINT32_LE( t.X[0], output, 0 ); + MBEDTLS_PUT_UINT32_LE( t.X[1], output, 4 ); + MBEDTLS_PUT_UINT32_LE( t.X[2], output, 8 ); + MBEDTLS_PUT_UINT32_LE( t.X[3], output, 12 ); mbedtls_platform_zeroize( &t, sizeof( t ) ); diff --git a/library/aria.c b/library/aria.c index d7d2bea7c..a6319d3e2 100644 --- a/library/aria.c +++ b/library/aria.c @@ -385,7 +385,7 @@ static void aria_fe_xor( uint32_t r[4], const uint32_t p[4], * Big endian 128-bit rotation: r = a ^ (b <<< n), used only in key setup. * * We chose to store bytes into 32-bit words in little-endian format (see - * GET/PUT_UINT32_LE) so we need to reverse bytes here. + * GET/MBEDTLS_PUT_UINT32_LE) so we need to reverse bytes here. */ static void aria_rot128( uint32_t r[4], const uint32_t a[4], const uint32_t b[4], uint8_t n ) @@ -433,21 +433,21 @@ int mbedtls_aria_setkey_enc( mbedtls_aria_context *ctx, return( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA ); /* Copy key to W0 (and potential remainder to W1) */ - GET_UINT32_LE( w[0][0], key, 0 ); - GET_UINT32_LE( w[0][1], key, 4 ); - GET_UINT32_LE( w[0][2], key, 8 ); - GET_UINT32_LE( w[0][3], key, 12 ); + MBEDTLS_GET_UINT32_LE( w[0][0], key, 0 ); + MBEDTLS_GET_UINT32_LE( w[0][1], key, 4 ); + MBEDTLS_GET_UINT32_LE( w[0][2], key, 8 ); + MBEDTLS_GET_UINT32_LE( w[0][3], key, 12 ); memset( w[1], 0, 16 ); if( keybits >= 192 ) { - GET_UINT32_LE( w[1][0], key, 16 ); // 192 bit key - GET_UINT32_LE( w[1][1], key, 20 ); + MBEDTLS_GET_UINT32_LE( w[1][0], key, 16 ); // 192 bit key + MBEDTLS_GET_UINT32_LE( w[1][1], key, 20 ); } if( keybits == 256 ) { - GET_UINT32_LE( w[1][2], key, 24 ); // 256 bit key - GET_UINT32_LE( w[1][3], key, 28 ); + MBEDTLS_GET_UINT32_LE( w[1][2], key, 24 ); // 256 bit key + MBEDTLS_GET_UINT32_LE( w[1][3], key, 28 ); } i = ( keybits - 128 ) >> 6; // index: 0, 1, 2 @@ -524,10 +524,10 @@ int mbedtls_aria_crypt_ecb( mbedtls_aria_context *ctx, ARIA_VALIDATE_RET( input != NULL ); ARIA_VALIDATE_RET( output != NULL ); - GET_UINT32_LE( a, input, 0 ); - GET_UINT32_LE( b, input, 4 ); - GET_UINT32_LE( c, input, 8 ); - GET_UINT32_LE( d, input, 12 ); + MBEDTLS_GET_UINT32_LE( a, input, 0 ); + MBEDTLS_GET_UINT32_LE( b, input, 4 ); + MBEDTLS_GET_UINT32_LE( c, input, 8 ); + MBEDTLS_GET_UINT32_LE( d, input, 12 ); i = 0; while( 1 ) @@ -559,10 +559,10 @@ int mbedtls_aria_crypt_ecb( mbedtls_aria_context *ctx, c ^= ctx->rk[i][2]; d ^= ctx->rk[i][3]; - PUT_UINT32_LE( a, output, 0 ); - PUT_UINT32_LE( b, output, 4 ); - PUT_UINT32_LE( c, output, 8 ); - PUT_UINT32_LE( d, output, 12 ); + MBEDTLS_PUT_UINT32_LE( a, output, 0 ); + MBEDTLS_PUT_UINT32_LE( b, output, 4 ); + MBEDTLS_PUT_UINT32_LE( c, output, 8 ); + MBEDTLS_PUT_UINT32_LE( d, output, 12 ); return( 0 ); } diff --git a/library/camellia.c b/library/camellia.c index 0817b1d29..9aab7ab67 100644 --- a/library/camellia.c +++ b/library/camellia.c @@ -353,8 +353,8 @@ int mbedtls_camellia_setkey_enc( mbedtls_camellia_context *ctx, * Prepare SIGMA values */ for( i = 0; i < 6; i++ ) { - GET_UINT32_BE( SIGMA[i][0], SIGMA_CHARS[i], 0 ); - GET_UINT32_BE( SIGMA[i][1], SIGMA_CHARS[i], 4 ); + MBEDTLS_GET_UINT32_BE( SIGMA[i][0], SIGMA_CHARS[i], 0 ); + MBEDTLS_GET_UINT32_BE( SIGMA[i][1], SIGMA_CHARS[i], 4 ); } /* @@ -365,7 +365,7 @@ int mbedtls_camellia_setkey_enc( mbedtls_camellia_context *ctx, /* Store KL, KR */ for( i = 0; i < 8; i++ ) - GET_UINT32_BE( KC[i], t, i * 4 ); + MBEDTLS_GET_UINT32_BE( KC[i], t, i * 4 ); /* Generate KA */ for( i = 0; i < 4; ++i ) @@ -491,10 +491,10 @@ int mbedtls_camellia_crypt_ecb( mbedtls_camellia_context *ctx, NR = ctx->nr; RK = ctx->rk; - GET_UINT32_BE( X[0], input, 0 ); - GET_UINT32_BE( X[1], input, 4 ); - GET_UINT32_BE( X[2], input, 8 ); - GET_UINT32_BE( X[3], input, 12 ); + MBEDTLS_GET_UINT32_BE( X[0], input, 0 ); + MBEDTLS_GET_UINT32_BE( X[1], input, 4 ); + MBEDTLS_GET_UINT32_BE( X[2], input, 8 ); + MBEDTLS_GET_UINT32_BE( X[3], input, 12 ); X[0] ^= *RK++; X[1] ^= *RK++; @@ -529,10 +529,10 @@ int mbedtls_camellia_crypt_ecb( mbedtls_camellia_context *ctx, X[0] ^= *RK++; X[1] ^= *RK++; - PUT_UINT32_BE( X[2], output, 0 ); - PUT_UINT32_BE( X[3], output, 4 ); - PUT_UINT32_BE( X[0], output, 8 ); - PUT_UINT32_BE( X[1], output, 12 ); + MBEDTLS_PUT_UINT32_BE( X[2], output, 0 ); + MBEDTLS_PUT_UINT32_BE( X[3], output, 4 ); + MBEDTLS_PUT_UINT32_BE( X[0], output, 8 ); + MBEDTLS_PUT_UINT32_BE( X[1], output, 12 ); return( 0 ); } diff --git a/library/chacha20.c b/library/chacha20.c index 9862ea535..d0d5741c7 100644 --- a/library/chacha20.c +++ b/library/chacha20.c @@ -205,14 +205,14 @@ int mbedtls_chacha20_setkey( mbedtls_chacha20_context *ctx, ctx->state[3] = 0x6b206574; /* Set key */ - ctx->state[4] = BYTES_TO_U32_LE( key, 0 ); - ctx->state[5] = BYTES_TO_U32_LE( key, 4 ); - ctx->state[6] = BYTES_TO_U32_LE( key, 8 ); - ctx->state[7] = BYTES_TO_U32_LE( key, 12 ); - ctx->state[8] = BYTES_TO_U32_LE( key, 16 ); - ctx->state[9] = BYTES_TO_U32_LE( key, 20 ); - ctx->state[10] = BYTES_TO_U32_LE( key, 24 ); - ctx->state[11] = BYTES_TO_U32_LE( key, 28 ); + ctx->state[4] = MBEDTLS_BYTES_TO_U32_LE( key, 0 ); + ctx->state[5] = MBEDTLS_BYTES_TO_U32_LE( key, 4 ); + ctx->state[6] = MBEDTLS_BYTES_TO_U32_LE( key, 8 ); + ctx->state[7] = MBEDTLS_BYTES_TO_U32_LE( key, 12 ); + ctx->state[8] = MBEDTLS_BYTES_TO_U32_LE( key, 16 ); + ctx->state[9] = MBEDTLS_BYTES_TO_U32_LE( key, 20 ); + ctx->state[10] = MBEDTLS_BYTES_TO_U32_LE( key, 24 ); + ctx->state[11] = MBEDTLS_BYTES_TO_U32_LE( key, 28 ); return( 0 ); } @@ -228,9 +228,9 @@ int mbedtls_chacha20_starts( mbedtls_chacha20_context* ctx, ctx->state[12] = counter; /* Nonce */ - ctx->state[13] = BYTES_TO_U32_LE( nonce, 0 ); - ctx->state[14] = BYTES_TO_U32_LE( nonce, 4 ); - ctx->state[15] = BYTES_TO_U32_LE( nonce, 8 ); + ctx->state[13] = MBEDTLS_BYTES_TO_U32_LE( nonce, 0 ); + ctx->state[14] = MBEDTLS_BYTES_TO_U32_LE( nonce, 4 ); + ctx->state[15] = MBEDTLS_BYTES_TO_U32_LE( nonce, 8 ); mbedtls_platform_zeroize( ctx->keystream8, sizeof( ctx->keystream8 ) ); diff --git a/library/common.h b/library/common.h index b6b7d01d9..6dbc808d3 100644 --- a/library/common.h +++ b/library/common.h @@ -71,61 +71,61 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c * To tidy up code and save horizontal and vertical space, use byte * reading macros to cast */ -#define BYTE_0( x ) ( (uint8_t) ( ( x ) & 0xff ) ) -#define BYTE_1( x ) ( (uint8_t) ( ( ( x ) >> 8 ) & 0xff ) ) -#define BYTE_2( x ) ( (uint8_t) ( ( ( x ) >> 16 ) & 0xff ) ) -#define BYTE_3( x ) ( (uint8_t) ( ( ( x ) >> 24 ) & 0xff ) ) +#define MBEDTLS_BYTE_0( x ) ( (uint8_t) ( ( x ) & 0xff ) ) +#define MBEDTLS_BYTE_1( x ) ( (uint8_t) ( ( ( x ) >> 8 ) & 0xff ) ) +#define MBEDTLS_BYTE_2( x ) ( (uint8_t) ( ( ( x ) >> 16 ) & 0xff ) ) +#define MBEDTLS_BYTE_3( x ) ( (uint8_t) ( ( ( x ) >> 24 ) & 0xff ) ) /* * 32-bit integer manipulation macros (big endian) */ -#ifndef GET_UINT32_BE -#define GET_UINT32_BE(n,b,i) \ -do { \ - (n) = ( (uint32_t) (b)[(i) ] << 24 ) \ - | ( (uint32_t) (b)[(i) + 1] << 16 ) \ - | ( (uint32_t) (b)[(i) + 2] << 8 ) \ - | ( (uint32_t) (b)[(i) + 3] ); \ -} while( 0 ) +#ifndef MBEDTLS_GET_UINT32_BE +#define MBEDTLS_GET_UINT32_BE(n,b,i) \ + do { \ + (n) = ( (uint32_t) (b)[(i) ] << 24 ) \ + | ( (uint32_t) (b)[(i) + 1] << 16 ) \ + | ( (uint32_t) (b)[(i) + 2] << 8 ) \ + | ( (uint32_t) (b)[(i) + 3] ); \ + } while( 0 ) #endif -#ifndef PUT_UINT32_BE -#define PUT_UINT32_BE(n,b,i) \ -do { \ - (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \ - (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \ - (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \ - (b)[(i) + 3] = (unsigned char) ( (n) ); \ -} while( 0 ) +#ifndef MBEDTLS_PUT_UINT32_BE +#define MBEDTLS_PUT_UINT32_BE(n,b,i) \ + do { \ + (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \ + (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \ + (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \ + (b)[(i) + 3] = (unsigned char) ( (n) ); \ + } while( 0 ) #endif /* * 32-bit integer manipulation macros (little endian) */ -#ifndef GET_UINT32_LE -#define GET_UINT32_LE(n,b,i) \ -do { \ - (n) = ( (uint32_t) (b)[(i) ] ) \ - | ( (uint32_t) (b)[(i) + 1] << 8 ) \ - | ( (uint32_t) (b)[(i) + 2] << 16 ) \ - | ( (uint32_t) (b)[(i) + 3] << 24 ); \ -} while( 0 ) +#ifndef MBEDTLS_GET_UINT32_LE +#define MBEDTLS_GET_UINT32_LE(n,b,i) \ + do { \ + (n) = ( (uint32_t) (b)[(i) ] ) \ + | ( (uint32_t) (b)[(i) + 1] << 8 ) \ + | ( (uint32_t) (b)[(i) + 2] << 16 ) \ + | ( (uint32_t) (b)[(i) + 3] << 24 ); \ + } while( 0 ) #endif -#ifndef PUT_UINT32_LE -#define PUT_UINT32_LE(n,b,i) \ -do { \ - (b)[(i) ] = (unsigned char) ( ( (n) ) & 0xFF ); \ - (b)[(i) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \ - (b)[(i) + 2] = (unsigned char) ( ( (n) >> 16 ) & 0xFF ); \ - (b)[(i) + 3] = (unsigned char) ( ( (n) >> 24 ) & 0xFF ); \ -} while( 0 ) +#ifndef MBEDTLS_PUT_UINT32_LE +#define MBEDTLS_PUT_UINT32_LE(n,b,i) \ + do { \ + (b)[(i) ] = (unsigned char) ( ( (n) ) & 0xFF ); \ + (b)[(i) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \ + (b)[(i) + 2] = (unsigned char) ( ( (n) >> 16 ) & 0xFF ); \ + (b)[(i) + 3] = (unsigned char) ( ( (n) >> 24 ) & 0xFF ); \ + } while( 0 ) #endif /** * 32-bit integer conversion from bytes (little endian) */ -#define BYTES_TO_U32_LE( data, offset ) \ +#define MBEDTLS_BYTES_TO_U32_LE( data, offset ) \ ( (uint32_t) (data)[offset] \ | (uint32_t) ( (uint32_t) (data)[( offset ) + 1] << 8 ) \ | (uint32_t) ( (uint32_t) (data)[( offset ) + 2] << 16 ) \ diff --git a/library/ctr_drbg.c b/library/ctr_drbg.c index d52d9ef25..68b32a366 100644 --- a/library/ctr_drbg.c +++ b/library/ctr_drbg.c @@ -152,10 +152,10 @@ static int block_cipher_df( unsigned char *output, * (Total is padded to a multiple of 16-bytes with zeroes) */ p = buf + MBEDTLS_CTR_DRBG_BLOCKSIZE; - *p++ = BYTE_3( data_len ); - *p++ = BYTE_2( data_len ); - *p++ = BYTE_1( data_len ); - *p++ = BYTE_0( data_len ); + *p++ = MBEDTLS_BYTE_3( data_len ); + *p++ = MBEDTLS_BYTE_2( data_len ); + *p++ = MBEDTLS_BYTE_1( data_len ); + *p++ = MBEDTLS_BYTE_0( data_len ); p += 3; *p++ = MBEDTLS_CTR_DRBG_SEEDLEN; memcpy( p, data, data_len ); diff --git a/library/des.c b/library/des.c index 36ea27776..9281747de 100644 --- a/library/des.c +++ b/library/des.c @@ -400,8 +400,8 @@ void mbedtls_des_setkey( uint32_t SK[32], const unsigned char key[MBEDTLS_DES_KE int i; uint32_t X, Y, T; - GET_UINT32_BE( X, key, 0 ); - GET_UINT32_BE( Y, key, 4 ); + MBEDTLS_GET_UINT32_BE( X, key, 0 ); + MBEDTLS_GET_UINT32_BE( Y, key, 4 ); /* * Permuted Choice 1 @@ -610,8 +610,8 @@ int mbedtls_des_crypt_ecb( mbedtls_des_context *ctx, SK = ctx->sk; - GET_UINT32_BE( X, input, 0 ); - GET_UINT32_BE( Y, input, 4 ); + MBEDTLS_GET_UINT32_BE( X, input, 0 ); + MBEDTLS_GET_UINT32_BE( Y, input, 4 ); DES_IP( X, Y ); @@ -623,8 +623,8 @@ int mbedtls_des_crypt_ecb( mbedtls_des_context *ctx, DES_FP( Y, X ); - PUT_UINT32_BE( Y, output, 0 ); - PUT_UINT32_BE( X, output, 4 ); + MBEDTLS_PUT_UINT32_BE( Y, output, 0 ); + MBEDTLS_PUT_UINT32_BE( X, output, 4 ); return( 0 ); } @@ -697,8 +697,8 @@ int mbedtls_des3_crypt_ecb( mbedtls_des3_context *ctx, SK = ctx->sk; - GET_UINT32_BE( X, input, 0 ); - GET_UINT32_BE( Y, input, 4 ); + MBEDTLS_GET_UINT32_BE( X, input, 0 ); + MBEDTLS_GET_UINT32_BE( Y, input, 4 ); DES_IP( X, Y ); @@ -722,8 +722,8 @@ int mbedtls_des3_crypt_ecb( mbedtls_des3_context *ctx, DES_FP( Y, X ); - PUT_UINT32_BE( Y, output, 0 ); - PUT_UINT32_BE( X, output, 4 ); + MBEDTLS_PUT_UINT32_BE( Y, output, 0 ); + MBEDTLS_PUT_UINT32_BE( X, output, 4 ); return( 0 ); } diff --git a/library/gcm.c b/library/gcm.c index c8254876d..3caeed26d 100644 --- a/library/gcm.c +++ b/library/gcm.c @@ -88,12 +88,12 @@ static int gcm_gen_table( mbedtls_gcm_context *ctx ) return( ret ); /* pack h as two 64-bits ints, big-endian */ - GET_UINT32_BE( hi, h, 0 ); - GET_UINT32_BE( lo, h, 4 ); + MBEDTLS_GET_UINT32_BE( hi, h, 0 ); + MBEDTLS_GET_UINT32_BE( lo, h, 4 ); vh = (uint64_t) hi << 32 | lo; - GET_UINT32_BE( hi, h, 8 ); - GET_UINT32_BE( lo, h, 12 ); + MBEDTLS_GET_UINT32_BE( hi, h, 8 ); + MBEDTLS_GET_UINT32_BE( lo, h, 12 ); vl = (uint64_t) hi << 32 | lo; /* 8 = 1000 corresponds to 1 in GF(2^128) */ @@ -200,10 +200,10 @@ static void gcm_mult( mbedtls_gcm_context *ctx, const unsigned char x[16], if( mbedtls_aesni_has_support( MBEDTLS_AESNI_CLMUL ) ) { unsigned char h[16]; - PUT_UINT32_BE( ctx->HH[8] >> 32, h, 0 ); - PUT_UINT32_BE( ctx->HH[8], h, 4 ); - PUT_UINT32_BE( ctx->HL[8] >> 32, h, 8 ); - PUT_UINT32_BE( ctx->HL[8], h, 12 ); + MBEDTLS_PUT_UINT32_BE( ctx->HH[8] >> 32, h, 0 ); + MBEDTLS_PUT_UINT32_BE( ctx->HH[8], h, 4 ); + MBEDTLS_PUT_UINT32_BE( ctx->HL[8] >> 32, h, 8 ); + MBEDTLS_PUT_UINT32_BE( ctx->HL[8], h, 12 ); mbedtls_aesni_gcm_mult( output, x, h ); return; @@ -239,10 +239,10 @@ static void gcm_mult( mbedtls_gcm_context *ctx, const unsigned char x[16], zl ^= ctx->HL[hi]; } - PUT_UINT32_BE( zh >> 32, output, 0 ); - PUT_UINT32_BE( zh, output, 4 ); - PUT_UINT32_BE( zl >> 32, output, 8 ); - PUT_UINT32_BE( zl, output, 12 ); + MBEDTLS_PUT_UINT32_BE( zh >> 32, output, 0 ); + MBEDTLS_PUT_UINT32_BE( zh, output, 4 ); + MBEDTLS_PUT_UINT32_BE( zl >> 32, output, 8 ); + MBEDTLS_PUT_UINT32_BE( zl, output, 12 ); } int mbedtls_gcm_starts( mbedtls_gcm_context *ctx, @@ -278,7 +278,7 @@ int mbedtls_gcm_starts( mbedtls_gcm_context *ctx, else { memset( work_buf, 0x00, 16 ); - PUT_UINT32_BE( iv_len * 8, work_buf, 12 ); + MBEDTLS_PUT_UINT32_BE( iv_len * 8, work_buf, 12 ); p = iv; while( iv_len > 0 ) @@ -546,10 +546,10 @@ int mbedtls_gcm_finish( mbedtls_gcm_context *ctx, { memset( work_buf, 0x00, 16 ); - PUT_UINT32_BE( ( orig_add_len >> 32 ), work_buf, 0 ); - PUT_UINT32_BE( ( orig_add_len ), work_buf, 4 ); - PUT_UINT32_BE( ( orig_len >> 32 ), work_buf, 8 ); - PUT_UINT32_BE( ( orig_len ), work_buf, 12 ); + MBEDTLS_PUT_UINT32_BE( ( orig_add_len >> 32 ), work_buf, 0 ); + MBEDTLS_PUT_UINT32_BE( ( orig_add_len ), work_buf, 4 ); + MBEDTLS_PUT_UINT32_BE( ( orig_len >> 32 ), work_buf, 8 ); + MBEDTLS_PUT_UINT32_BE( ( orig_len ), work_buf, 12 ); for( i = 0; i < 16; i++ ) ctx->buf[i] ^= work_buf[i]; diff --git a/library/md5.c b/library/md5.c index d8f637da8..e8d00216f 100644 --- a/library/md5.c +++ b/library/md5.c @@ -87,22 +87,22 @@ int mbedtls_internal_md5_process( mbedtls_md5_context *ctx, uint32_t X[16], A, B, C, D; } local; - GET_UINT32_LE( local.X[ 0], data, 0 ); - GET_UINT32_LE( local.X[ 1], data, 4 ); - GET_UINT32_LE( local.X[ 2], data, 8 ); - GET_UINT32_LE( local.X[ 3], data, 12 ); - GET_UINT32_LE( local.X[ 4], data, 16 ); - GET_UINT32_LE( local.X[ 5], data, 20 ); - GET_UINT32_LE( local.X[ 6], data, 24 ); - GET_UINT32_LE( local.X[ 7], data, 28 ); - GET_UINT32_LE( local.X[ 8], data, 32 ); - GET_UINT32_LE( local.X[ 9], data, 36 ); - GET_UINT32_LE( local.X[10], data, 40 ); - GET_UINT32_LE( local.X[11], data, 44 ); - GET_UINT32_LE( local.X[12], data, 48 ); - GET_UINT32_LE( local.X[13], data, 52 ); - GET_UINT32_LE( local.X[14], data, 56 ); - GET_UINT32_LE( local.X[15], data, 60 ); + MBEDTLS_GET_UINT32_LE( local.X[ 0], data, 0 ); + MBEDTLS_GET_UINT32_LE( local.X[ 1], data, 4 ); + MBEDTLS_GET_UINT32_LE( local.X[ 2], data, 8 ); + MBEDTLS_GET_UINT32_LE( local.X[ 3], data, 12 ); + MBEDTLS_GET_UINT32_LE( local.X[ 4], data, 16 ); + MBEDTLS_GET_UINT32_LE( local.X[ 5], data, 20 ); + MBEDTLS_GET_UINT32_LE( local.X[ 6], data, 24 ); + MBEDTLS_GET_UINT32_LE( local.X[ 7], data, 28 ); + MBEDTLS_GET_UINT32_LE( local.X[ 8], data, 32 ); + MBEDTLS_GET_UINT32_LE( local.X[ 9], data, 36 ); + MBEDTLS_GET_UINT32_LE( local.X[10], data, 40 ); + MBEDTLS_GET_UINT32_LE( local.X[11], data, 44 ); + MBEDTLS_GET_UINT32_LE( local.X[12], data, 48 ); + MBEDTLS_GET_UINT32_LE( local.X[13], data, 52 ); + MBEDTLS_GET_UINT32_LE( local.X[14], data, 56 ); + MBEDTLS_GET_UINT32_LE( local.X[15], data, 60 ); #define S(x,n) \ ( ( (x) << (n) ) | ( ( (x) & 0xFFFFFFFF) >> ( 32 - (n) ) ) ) @@ -307,8 +307,8 @@ int mbedtls_md5_finish( mbedtls_md5_context *ctx, | ( ctx->total[1] << 3 ); low = ( ctx->total[0] << 3 ); - PUT_UINT32_LE( low, ctx->buffer, 56 ); - PUT_UINT32_LE( high, ctx->buffer, 60 ); + MBEDTLS_PUT_UINT32_LE( low, ctx->buffer, 56 ); + MBEDTLS_PUT_UINT32_LE( high, ctx->buffer, 60 ); if( ( ret = mbedtls_internal_md5_process( ctx, ctx->buffer ) ) != 0 ) return( ret ); @@ -316,10 +316,10 @@ int mbedtls_md5_finish( mbedtls_md5_context *ctx, /* * Output final state */ - PUT_UINT32_LE( ctx->state[0], output, 0 ); - PUT_UINT32_LE( ctx->state[1], output, 4 ); - PUT_UINT32_LE( ctx->state[2], output, 8 ); - PUT_UINT32_LE( ctx->state[3], output, 12 ); + MBEDTLS_PUT_UINT32_LE( ctx->state[0], output, 0 ); + MBEDTLS_PUT_UINT32_LE( ctx->state[1], output, 4 ); + MBEDTLS_PUT_UINT32_LE( ctx->state[2], output, 8 ); + MBEDTLS_PUT_UINT32_LE( ctx->state[3], output, 12 ); return( 0 ); } diff --git a/library/nist_kw.c b/library/nist_kw.c index 174a1eef1..b8f923999 100644 --- a/library/nist_kw.c +++ b/library/nist_kw.c @@ -223,7 +223,7 @@ int mbedtls_nist_kw_wrap( mbedtls_nist_kw_context *ctx, } memcpy( output, NIST_KW_ICV2, KW_SEMIBLOCK_LENGTH / 2 ); - PUT_UINT32_BE( ( in_len & 0xffffffff ), output, + MBEDTLS_PUT_UINT32_BE( ( in_len & 0xffffffff ), output, KW_SEMIBLOCK_LENGTH / 2 ); memcpy( output + KW_SEMIBLOCK_LENGTH, input, in_len ); @@ -454,7 +454,7 @@ int mbedtls_nist_kw_unwrap( mbedtls_nist_kw_context *ctx, ret = MBEDTLS_ERR_CIPHER_AUTH_FAILED; } - GET_UINT32_BE( Plen, A, KW_SEMIBLOCK_LENGTH / 2 ); + MBEDTLS_GET_UINT32_BE( Plen, A, KW_SEMIBLOCK_LENGTH / 2 ); /* * Plen is the length of the plaintext, when the input is valid. diff --git a/library/poly1305.c b/library/poly1305.c index a30b1707e..3c0b7c6aa 100644 --- a/library/poly1305.c +++ b/library/poly1305.c @@ -122,10 +122,10 @@ static void poly1305_process( mbedtls_poly1305_context *ctx, for( i = 0U; i < nblocks; i++ ) { /* The input block is treated as a 128-bit little-endian integer */ - d0 = BYTES_TO_U32_LE( input, offset + 0 ); - d1 = BYTES_TO_U32_LE( input, offset + 4 ); - d2 = BYTES_TO_U32_LE( input, offset + 8 ); - d3 = BYTES_TO_U32_LE( input, offset + 12 ); + d0 = MBEDTLS_BYTES_TO_U32_LE( input, offset + 0 ); + d1 = MBEDTLS_BYTES_TO_U32_LE( input, offset + 4 ); + d2 = MBEDTLS_BYTES_TO_U32_LE( input, offset + 8 ); + d3 = MBEDTLS_BYTES_TO_U32_LE( input, offset + 12 ); /* Compute: acc += (padded) block as a 130-bit integer */ d0 += (uint64_t) acc0; @@ -290,15 +290,15 @@ int mbedtls_poly1305_starts( mbedtls_poly1305_context *ctx, POLY1305_VALIDATE_RET( key != NULL ); /* r &= 0x0ffffffc0ffffffc0ffffffc0fffffff */ - ctx->r[0] = BYTES_TO_U32_LE( key, 0 ) & 0x0FFFFFFFU; - ctx->r[1] = BYTES_TO_U32_LE( key, 4 ) & 0x0FFFFFFCU; - ctx->r[2] = BYTES_TO_U32_LE( key, 8 ) & 0x0FFFFFFCU; - ctx->r[3] = BYTES_TO_U32_LE( key, 12 ) & 0x0FFFFFFCU; + ctx->r[0] = MBEDTLS_BYTES_TO_U32_LE( key, 0 ) & 0x0FFFFFFFU; + ctx->r[1] = MBEDTLS_BYTES_TO_U32_LE( key, 4 ) & 0x0FFFFFFCU; + ctx->r[2] = MBEDTLS_BYTES_TO_U32_LE( key, 8 ) & 0x0FFFFFFCU; + ctx->r[3] = MBEDTLS_BYTES_TO_U32_LE( key, 12 ) & 0x0FFFFFFCU; - ctx->s[0] = BYTES_TO_U32_LE( key, 16 ); - ctx->s[1] = BYTES_TO_U32_LE( key, 20 ); - ctx->s[2] = BYTES_TO_U32_LE( key, 24 ); - ctx->s[3] = BYTES_TO_U32_LE( key, 28 ); + ctx->s[0] = MBEDTLS_BYTES_TO_U32_LE( key, 16 ); + ctx->s[1] = MBEDTLS_BYTES_TO_U32_LE( key, 20 ); + ctx->s[2] = MBEDTLS_BYTES_TO_U32_LE( key, 24 ); + ctx->s[3] = MBEDTLS_BYTES_TO_U32_LE( key, 28 ); /* Initial accumulator state */ ctx->acc[0] = 0U; diff --git a/library/psa_crypto.c b/library/psa_crypto.c index b46e023e5..95aa0d531 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -4506,8 +4506,8 @@ static psa_status_t psa_tls12_prf_psk_to_ms_set_key( * uint16 with the value N, and the PSK itself. */ - *cur++ = BYTE_1( data_length ); - *cur++ = BYTE_0( data_length ); + *cur++ = MBEDTLS_BYTE_1( data_length ); + *cur++ = MBEDTLS_BYTE_0( data_length ); memset( cur, 0, data_length ); cur += data_length; *cur++ = pms[0]; diff --git a/library/psa_crypto_storage.c b/library/psa_crypto_storage.c index 36b518350..3646953a5 100644 --- a/library/psa_crypto_storage.c +++ b/library/psa_crypto_storage.c @@ -275,14 +275,14 @@ void psa_format_key_data_for_storage( const uint8_t *data, (psa_persistent_key_storage_format *) storage_data; memcpy( storage_format->magic, PSA_KEY_STORAGE_MAGIC_HEADER, PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH ); - PUT_UINT32_LE( 0, storage_format->version, 0 ); - PUT_UINT32_LE( attr->lifetime, storage_format->lifetime, 0 ); + MBEDTLS_PUT_UINT32_LE( 0, storage_format->version, 0 ); + MBEDTLS_PUT_UINT32_LE( attr->lifetime, storage_format->lifetime, 0 ); PUT_UINT16_LE( (uint16_t) attr->type, storage_format->type, 0 ); PUT_UINT16_LE( (uint16_t) attr->bits, storage_format->bits, 0 ); - PUT_UINT32_LE( attr->policy.usage, storage_format->policy, 0 ); - PUT_UINT32_LE( attr->policy.alg, storage_format->policy, sizeof( uint32_t ) ); - PUT_UINT32_LE( attr->policy.alg2, storage_format->policy, 2 * sizeof( uint32_t ) ); - PUT_UINT32_LE( data_length, storage_format->data_len, 0 ); + MBEDTLS_PUT_UINT32_LE( attr->policy.usage, storage_format->policy, 0 ); + MBEDTLS_PUT_UINT32_LE( attr->policy.alg, storage_format->policy, sizeof( uint32_t ) ); + MBEDTLS_PUT_UINT32_LE( attr->policy.alg2, storage_format->policy, 2 * sizeof( uint32_t ) ); + MBEDTLS_PUT_UINT32_LE( data_length, storage_format->data_len, 0 ); memcpy( storage_format->key_data, data, data_length ); } @@ -312,11 +312,11 @@ psa_status_t psa_parse_key_data_from_storage( const uint8_t *storage_data, if( status != PSA_SUCCESS ) return( status ); - GET_UINT32_LE( version, storage_format->version, 0 ); + MBEDTLS_GET_UINT32_LE( version, storage_format->version, 0 ); if( version != 0 ) return( PSA_ERROR_DATA_INVALID ); - GET_UINT32_LE( *key_data_length, storage_format->data_len, 0 ); + MBEDTLS_GET_UINT32_LE( *key_data_length, storage_format->data_len, 0 ); if( *key_data_length > ( storage_data_length - sizeof(*storage_format) ) || *key_data_length > PSA_CRYPTO_MAX_STORAGE_SIZE ) return( PSA_ERROR_DATA_INVALID ); @@ -333,12 +333,12 @@ psa_status_t psa_parse_key_data_from_storage( const uint8_t *storage_data, memcpy( *key_data, storage_format->key_data, *key_data_length ); } - GET_UINT32_LE( attr->lifetime, storage_format->lifetime, 0 ); + MBEDTLS_GET_UINT32_LE( attr->lifetime, storage_format->lifetime, 0 ); GET_UINT16_LE( attr->type, storage_format->type, 0 ); GET_UINT16_LE( attr->bits, storage_format->bits, 0 ); - GET_UINT32_LE( attr->policy.usage, storage_format->policy, 0 ); - GET_UINT32_LE( attr->policy.alg, storage_format->policy, sizeof( uint32_t ) ); - GET_UINT32_LE( attr->policy.alg2, storage_format->policy, 2 * sizeof( uint32_t ) ); + MBEDTLS_GET_UINT32_LE( attr->policy.usage, storage_format->policy, 0 ); + MBEDTLS_GET_UINT32_LE( attr->policy.alg, storage_format->policy, sizeof( uint32_t ) ); + MBEDTLS_GET_UINT32_LE( attr->policy.alg2, storage_format->policy, 2 * sizeof( uint32_t ) ); return( PSA_SUCCESS ); } diff --git a/library/psa_its_file.c b/library/psa_its_file.c index 66043b502..c3b19a74a 100644 --- a/library/psa_its_file.c +++ b/library/psa_its_file.c @@ -191,14 +191,14 @@ psa_status_t psa_its_set( psa_storage_uid_t uid, size_t n; memcpy( header.magic, PSA_ITS_MAGIC_STRING, PSA_ITS_MAGIC_LENGTH ); - header.size[0] = BYTE_0( data_length ); - header.size[1] = BYTE_1( data_length ); - header.size[2] = BYTE_2( data_length ); - header.size[3] = BYTE_3( data_length ); - header.flags[0] = BYTE_0( create_flags ); - header.flags[1] = BYTE_1( create_flags ); - header.flags[2] = BYTE_2( create_flags ); - header.flags[3] = BYTE_3( create_flags ); + header.size[0] = MBEDTLS_BYTE_0( data_length ); + header.size[1] = MBEDTLS_BYTE_1( data_length ); + header.size[2] = MBEDTLS_BYTE_2( data_length ); + header.size[3] = MBEDTLS_BYTE_3( data_length ); + header.flags[0] = MBEDTLS_BYTE_0( create_flags ); + header.flags[1] = MBEDTLS_BYTE_1( create_flags ); + header.flags[2] = MBEDTLS_BYTE_2( create_flags ); + header.flags[3] = MBEDTLS_BYTE_3( create_flags ); psa_its_fill_filename( uid, filename ); stream = fopen( PSA_ITS_STORAGE_TEMP, "wb" ); diff --git a/library/ripemd160.c b/library/ripemd160.c index d60654e95..2bed10723 100644 --- a/library/ripemd160.c +++ b/library/ripemd160.c @@ -92,22 +92,22 @@ int mbedtls_internal_ripemd160_process( mbedtls_ripemd160_context *ctx, uint32_t A, B, C, D, E, Ap, Bp, Cp, Dp, Ep, X[16]; } local; - GET_UINT32_LE( local.X[ 0], data, 0 ); - GET_UINT32_LE( local.X[ 1], data, 4 ); - GET_UINT32_LE( local.X[ 2], data, 8 ); - GET_UINT32_LE( local.X[ 3], data, 12 ); - GET_UINT32_LE( local.X[ 4], data, 16 ); - GET_UINT32_LE( local.X[ 5], data, 20 ); - GET_UINT32_LE( local.X[ 6], data, 24 ); - GET_UINT32_LE( local.X[ 7], data, 28 ); - GET_UINT32_LE( local.X[ 8], data, 32 ); - GET_UINT32_LE( local.X[ 9], data, 36 ); - GET_UINT32_LE( local.X[10], data, 40 ); - GET_UINT32_LE( local.X[11], data, 44 ); - GET_UINT32_LE( local.X[12], data, 48 ); - GET_UINT32_LE( local.X[13], data, 52 ); - GET_UINT32_LE( local.X[14], data, 56 ); - GET_UINT32_LE( local.X[15], data, 60 ); + MBEDTLS_GET_UINT32_LE( local.X[ 0], data, 0 ); + MBEDTLS_GET_UINT32_LE( local.X[ 1], data, 4 ); + MBEDTLS_GET_UINT32_LE( local.X[ 2], data, 8 ); + MBEDTLS_GET_UINT32_LE( local.X[ 3], data, 12 ); + MBEDTLS_GET_UINT32_LE( local.X[ 4], data, 16 ); + MBEDTLS_GET_UINT32_LE( local.X[ 5], data, 20 ); + MBEDTLS_GET_UINT32_LE( local.X[ 6], data, 24 ); + MBEDTLS_GET_UINT32_LE( local.X[ 7], data, 28 ); + MBEDTLS_GET_UINT32_LE( local.X[ 8], data, 32 ); + MBEDTLS_GET_UINT32_LE( local.X[ 9], data, 36 ); + MBEDTLS_GET_UINT32_LE( local.X[10], data, 40 ); + MBEDTLS_GET_UINT32_LE( local.X[11], data, 44 ); + MBEDTLS_GET_UINT32_LE( local.X[12], data, 48 ); + MBEDTLS_GET_UINT32_LE( local.X[13], data, 52 ); + MBEDTLS_GET_UINT32_LE( local.X[14], data, 56 ); + MBEDTLS_GET_UINT32_LE( local.X[15], data, 60 ); local.A = local.Ap = ctx->state[0]; local.B = local.Bp = ctx->state[1]; @@ -354,8 +354,8 @@ int mbedtls_ripemd160_finish( mbedtls_ripemd160_context *ctx, | ( ctx->total[1] << 3 ); low = ( ctx->total[0] << 3 ); - PUT_UINT32_LE( low, msglen, 0 ); - PUT_UINT32_LE( high, msglen, 4 ); + MBEDTLS_PUT_UINT32_LE( low, msglen, 0 ); + MBEDTLS_PUT_UINT32_LE( high, msglen, 4 ); last = ctx->total[0] & 0x3F; padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last ); @@ -368,11 +368,11 @@ int mbedtls_ripemd160_finish( mbedtls_ripemd160_context *ctx, if( ret != 0 ) return( ret ); - PUT_UINT32_LE( ctx->state[0], output, 0 ); - PUT_UINT32_LE( ctx->state[1], output, 4 ); - PUT_UINT32_LE( ctx->state[2], output, 8 ); - PUT_UINT32_LE( ctx->state[3], output, 12 ); - PUT_UINT32_LE( ctx->state[4], output, 16 ); + MBEDTLS_PUT_UINT32_LE( ctx->state[0], output, 0 ); + MBEDTLS_PUT_UINT32_LE( ctx->state[1], output, 4 ); + MBEDTLS_PUT_UINT32_LE( ctx->state[2], output, 8 ); + MBEDTLS_PUT_UINT32_LE( ctx->state[3], output, 12 ); + MBEDTLS_PUT_UINT32_LE( ctx->state[4], output, 16 ); return( 0 ); } diff --git a/library/sha1.c b/library/sha1.c index 9beaee5a5..da61f65fc 100644 --- a/library/sha1.c +++ b/library/sha1.c @@ -103,22 +103,22 @@ int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx, SHA1_VALIDATE_RET( ctx != NULL ); SHA1_VALIDATE_RET( (const unsigned char *)data != NULL ); - GET_UINT32_BE( local.W[ 0], data, 0 ); - GET_UINT32_BE( local.W[ 1], data, 4 ); - GET_UINT32_BE( local.W[ 2], data, 8 ); - GET_UINT32_BE( local.W[ 3], data, 12 ); - GET_UINT32_BE( local.W[ 4], data, 16 ); - GET_UINT32_BE( local.W[ 5], data, 20 ); - GET_UINT32_BE( local.W[ 6], data, 24 ); - GET_UINT32_BE( local.W[ 7], data, 28 ); - GET_UINT32_BE( local.W[ 8], data, 32 ); - GET_UINT32_BE( local.W[ 9], data, 36 ); - GET_UINT32_BE( local.W[10], data, 40 ); - GET_UINT32_BE( local.W[11], data, 44 ); - GET_UINT32_BE( local.W[12], data, 48 ); - GET_UINT32_BE( local.W[13], data, 52 ); - GET_UINT32_BE( local.W[14], data, 56 ); - GET_UINT32_BE( local.W[15], data, 60 ); + MBEDTLS_GET_UINT32_BE( local.W[ 0], data, 0 ); + MBEDTLS_GET_UINT32_BE( local.W[ 1], data, 4 ); + MBEDTLS_GET_UINT32_BE( local.W[ 2], data, 8 ); + MBEDTLS_GET_UINT32_BE( local.W[ 3], data, 12 ); + MBEDTLS_GET_UINT32_BE( local.W[ 4], data, 16 ); + MBEDTLS_GET_UINT32_BE( local.W[ 5], data, 20 ); + MBEDTLS_GET_UINT32_BE( local.W[ 6], data, 24 ); + MBEDTLS_GET_UINT32_BE( local.W[ 7], data, 28 ); + MBEDTLS_GET_UINT32_BE( local.W[ 8], data, 32 ); + MBEDTLS_GET_UINT32_BE( local.W[ 9], data, 36 ); + MBEDTLS_GET_UINT32_BE( local.W[10], data, 40 ); + MBEDTLS_GET_UINT32_BE( local.W[11], data, 44 ); + MBEDTLS_GET_UINT32_BE( local.W[12], data, 48 ); + MBEDTLS_GET_UINT32_BE( local.W[13], data, 52 ); + MBEDTLS_GET_UINT32_BE( local.W[14], data, 56 ); + MBEDTLS_GET_UINT32_BE( local.W[15], data, 60 ); #define S(x,n) (((x) << (n)) | (((x) & 0xFFFFFFFF) >> (32 - (n)))) @@ -362,8 +362,8 @@ int mbedtls_sha1_finish( mbedtls_sha1_context *ctx, | ( ctx->total[1] << 3 ); low = ( ctx->total[0] << 3 ); - PUT_UINT32_BE( high, ctx->buffer, 56 ); - PUT_UINT32_BE( low, ctx->buffer, 60 ); + MBEDTLS_PUT_UINT32_BE( high, ctx->buffer, 56 ); + MBEDTLS_PUT_UINT32_BE( low, ctx->buffer, 60 ); if( ( ret = mbedtls_internal_sha1_process( ctx, ctx->buffer ) ) != 0 ) return( ret ); @@ -371,11 +371,11 @@ int mbedtls_sha1_finish( mbedtls_sha1_context *ctx, /* * Output final state */ - PUT_UINT32_BE( ctx->state[0], output, 0 ); - PUT_UINT32_BE( ctx->state[1], output, 4 ); - PUT_UINT32_BE( ctx->state[2], output, 8 ); - PUT_UINT32_BE( ctx->state[3], output, 12 ); - PUT_UINT32_BE( ctx->state[4], output, 16 ); + MBEDTLS_PUT_UINT32_BE( ctx->state[0], output, 0 ); + MBEDTLS_PUT_UINT32_BE( ctx->state[1], output, 4 ); + MBEDTLS_PUT_UINT32_BE( ctx->state[2], output, 8 ); + MBEDTLS_PUT_UINT32_BE( ctx->state[3], output, 12 ); + MBEDTLS_PUT_UINT32_BE( ctx->state[4], output, 16 ); return( 0 ); } diff --git a/library/sha256.c b/library/sha256.c index f548c672e..fb66340b2 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -190,7 +190,7 @@ int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx, for( i = 0; i < 64; i++ ) { if( i < 16 ) - GET_UINT32_BE( local.W[i], data, 4 * i ); + MBEDTLS_GET_UINT32_BE( local.W[i], data, 4 * i ); else R( i ); @@ -205,7 +205,7 @@ int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx, } #else /* MBEDTLS_SHA256_SMALLER */ for( i = 0; i < 16; i++ ) - GET_UINT32_BE( local.W[i], data, 4 * i ); + MBEDTLS_GET_UINT32_BE( local.W[i], data, 4 * i ); for( i = 0; i < 16; i += 8 ) { @@ -355,8 +355,8 @@ int mbedtls_sha256_finish( mbedtls_sha256_context *ctx, | ( ctx->total[1] << 3 ); low = ( ctx->total[0] << 3 ); - PUT_UINT32_BE( high, ctx->buffer, 56 ); - PUT_UINT32_BE( low, ctx->buffer, 60 ); + MBEDTLS_PUT_UINT32_BE( high, ctx->buffer, 56 ); + MBEDTLS_PUT_UINT32_BE( low, ctx->buffer, 60 ); if( ( ret = mbedtls_internal_sha256_process( ctx, ctx->buffer ) ) != 0 ) return( ret ); @@ -364,18 +364,18 @@ int mbedtls_sha256_finish( mbedtls_sha256_context *ctx, /* * Output final state */ - PUT_UINT32_BE( ctx->state[0], output, 0 ); - PUT_UINT32_BE( ctx->state[1], output, 4 ); - PUT_UINT32_BE( ctx->state[2], output, 8 ); - PUT_UINT32_BE( ctx->state[3], output, 12 ); - PUT_UINT32_BE( ctx->state[4], output, 16 ); - PUT_UINT32_BE( ctx->state[5], output, 20 ); - PUT_UINT32_BE( ctx->state[6], output, 24 ); + MBEDTLS_PUT_UINT32_BE( ctx->state[0], output, 0 ); + MBEDTLS_PUT_UINT32_BE( ctx->state[1], output, 4 ); + MBEDTLS_PUT_UINT32_BE( ctx->state[2], output, 8 ); + MBEDTLS_PUT_UINT32_BE( ctx->state[3], output, 12 ); + MBEDTLS_PUT_UINT32_BE( ctx->state[4], output, 16 ); + MBEDTLS_PUT_UINT32_BE( ctx->state[5], output, 20 ); + MBEDTLS_PUT_UINT32_BE( ctx->state[6], output, 24 ); #if defined(MBEDTLS_SHA224_C) if( ctx->is224 == 0 ) #endif - PUT_UINT32_BE( ctx->state[7], output, 28 ); + MBEDTLS_PUT_UINT32_BE( ctx->state[7], output, 28 ); return( 0 ); } diff --git a/library/ssl_msg.c b/library/ssl_msg.c index f3dbba82b..77904e0a1 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -2255,13 +2255,13 @@ int mbedtls_ssl_flight_transmit( mbedtls_ssl_context *ssl ) * Handshake headers: type(1) len(3) seq(2) f_off(3) f_len(3) */ memcpy( ssl->out_msg, cur->p, 6 ); - ssl->out_msg[6] = BYTE_2( frag_off ); - ssl->out_msg[7] = BYTE_1( frag_off ); - ssl->out_msg[8] = BYTE_0( frag_off ); + ssl->out_msg[6] = MBEDTLS_BYTE_2( frag_off ); + ssl->out_msg[7] = MBEDTLS_BYTE_1( frag_off ); + ssl->out_msg[8] = MBEDTLS_BYTE_0( frag_off ); - ssl->out_msg[ 9] = BYTE_2( cur_hs_frag_len ); - ssl->out_msg[10] = BYTE_1( cur_hs_frag_len ); - ssl->out_msg[11] = BYTE_0( cur_hs_frag_len ); + ssl->out_msg[ 9] = MBEDTLS_BYTE_2( cur_hs_frag_len ); + ssl->out_msg[10] = MBEDTLS_BYTE_1( cur_hs_frag_len ); + ssl->out_msg[11] = MBEDTLS_BYTE_0( cur_hs_frag_len ); MBEDTLS_SSL_DEBUG_BUF( 3, "handshake header", ssl->out_msg, 12 ); diff --git a/library/ssl_ticket.c b/library/ssl_ticket.c index 29d834575..a7a55f1a7 100644 --- a/library/ssl_ticket.c +++ b/library/ssl_ticket.c @@ -245,8 +245,8 @@ int mbedtls_ssl_ticket_write( void *p_ticket, { goto cleanup; } - state_len_bytes[0] = BYTE_1( clear_len ); - state_len_bytes[1] = BYTE_0( clear_len ); + state_len_bytes[0] = MBEDTLS_BYTE_1( clear_len ); + state_len_bytes[1] = MBEDTLS_BYTE_0( clear_len ); /* Encrypt and authenticate */ if( ( ret = mbedtls_cipher_auth_encrypt_ext( &key->ctx, From 33f953d8104bd0a069fb77d0ecbc13d33d927fe5 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Thu, 24 Jun 2021 16:49:38 +0100 Subject: [PATCH 09/32] Byte Reading Macros Changelog Signed-off-by: Joe Subbiani --- ChangeLog.d/issue4274.txt | 9 +++++++++ 1 file changed, 9 insertions(+) create mode 100644 ChangeLog.d/issue4274.txt diff --git a/ChangeLog.d/issue4274.txt b/ChangeLog.d/issue4274.txt new file mode 100644 index 000000000..3e59ca5be --- /dev/null +++ b/ChangeLog.d/issue4274.txt @@ -0,0 +1,9 @@ +Changes + * Create 4 byte reading macros in library/common.h, used in files + within the same directory: MBEDTLS_BYTE_0... MBEDTLS_BYTE_3. + * Move the (PUT and GET) UINT32_ (BE and LE) macro functions into + library/common.h. Rename with the prefix MBEDTLS_ to satisfy + test/scripts/check-names.sh (e.g MBEDTLS_PUT_UINT32_LE). + * Move BYTES_TO_U32_LE macro function to library/common.h, also given + the prefix MBEDTLS_. + Fixes #4274. \ No newline at end of file From c46997377afb35a2fc4881cd202c8c4fe5667479 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Fri, 25 Jun 2021 09:20:07 +0100 Subject: [PATCH 10/32] Fix formatting - Byte reading macros changelog Missing newline at the end of changelog.d/issue4274 Signed-off-by: Joe Subbiani --- ChangeLog.d/issue4274.txt | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/ChangeLog.d/issue4274.txt b/ChangeLog.d/issue4274.txt index 3e59ca5be..f0952f430 100644 --- a/ChangeLog.d/issue4274.txt +++ b/ChangeLog.d/issue4274.txt @@ -1,9 +1,9 @@ -Changes - * Create 4 byte reading macros in library/common.h, used in files - within the same directory: MBEDTLS_BYTE_0... MBEDTLS_BYTE_3. - * Move the (PUT and GET) UINT32_ (BE and LE) macro functions into - library/common.h. Rename with the prefix MBEDTLS_ to satisfy - test/scripts/check-names.sh (e.g MBEDTLS_PUT_UINT32_LE). - * Move BYTES_TO_U32_LE macro function to library/common.h, also given - the prefix MBEDTLS_. - Fixes #4274. \ No newline at end of file +Changes + * Create 4 byte reading macros in library/common.h, used in files + within the same directory: MBEDTLS_BYTE_0... MBEDTLS_BYTE_3. + * Move the (PUT and GET) UINT32_ (BE and LE) macro functions into + library/common.h. Rename with the prefix MBEDTLS_ to satisfy + test/scripts/check-names.sh (e.g MBEDTLS_PUT_UINT32_LE). + * Move BYTES_TO_U32_LE macro function to library/common.h, also given + the prefix MBEDTLS_. + Fixes #4274. From 9fa9ac3612c0c542fa91c0fae003dcb37c1586a8 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Mon, 5 Jul 2021 15:37:39 +0100 Subject: [PATCH 11/32] Move GET/PUT_UINT16_LE macros to common.h Although these only appear in one file: psa_crypto_storage.c it is tidy to give it the same prefix as the UINT32 macros and to store them in the fame file Signed-off-by: Joe Subbiani --- library/common.h | 31 ++++++++++++++++++++++++++----- library/psa_crypto_storage.c | 27 ++++----------------------- 2 files changed, 30 insertions(+), 28 deletions(-) diff --git a/library/common.h b/library/common.h index 6dbc808d3..e85cbf28d 100644 --- a/library/common.h +++ b/library/common.h @@ -80,7 +80,7 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c * 32-bit integer manipulation macros (big endian) */ #ifndef MBEDTLS_GET_UINT32_BE -#define MBEDTLS_GET_UINT32_BE(n,b,i) \ +#define MBEDTLS_GET_UINT32_BE(n,b,i) \ do { \ (n) = ( (uint32_t) (b)[(i) ] << 24 ) \ | ( (uint32_t) (b)[(i) + 1] << 16 ) \ @@ -90,7 +90,7 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c #endif #ifndef MBEDTLS_PUT_UINT32_BE -#define MBEDTLS_PUT_UINT32_BE(n,b,i) \ +#define MBEDTLS_PUT_UINT32_BE(n,b,i) \ do { \ (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \ (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \ @@ -103,7 +103,7 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c * 32-bit integer manipulation macros (little endian) */ #ifndef MBEDTLS_GET_UINT32_LE -#define MBEDTLS_GET_UINT32_LE(n,b,i) \ +#define MBEDTLS_GET_UINT32_LE(n,b,i) \ do { \ (n) = ( (uint32_t) (b)[(i) ] ) \ | ( (uint32_t) (b)[(i) + 1] << 8 ) \ @@ -113,7 +113,7 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c #endif #ifndef MBEDTLS_PUT_UINT32_LE -#define MBEDTLS_PUT_UINT32_LE(n,b,i) \ +#define MBEDTLS_PUT_UINT32_LE(n,b,i) \ do { \ (b)[(i) ] = (unsigned char) ( ( (n) ) & 0xFF ); \ (b)[(i) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \ @@ -125,11 +125,32 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c /** * 32-bit integer conversion from bytes (little endian) */ -#define MBEDTLS_BYTES_TO_U32_LE( data, offset ) \ +#define MBEDTLS_BYTES_TO_U32_LE( data, offset ) \ ( (uint32_t) (data)[offset] \ | (uint32_t) ( (uint32_t) (data)[( offset ) + 1] << 8 ) \ | (uint32_t) ( (uint32_t) (data)[( offset ) + 2] << 16 ) \ | (uint32_t) ( (uint32_t) (data)[( offset ) + 3] << 24 ) \ ) + +/* + * 16-bit integer manipulation macros (little endian) + */ +#ifndef MBEDTLS_GET_UINT16_LE +#define MBEDTLS_GET_UINT16_LE( n, b, i ) \ +{ \ + (n) = ( (uint16_t) (b)[(i) ] ) \ + | ( (uint16_t) (b)[(i) + 1] << 8 ); \ +} +#endif + +#ifndef MBEDTLS_PUT_UINT16_LE +#define MBEDTLS_PUT_UINT16_LE( n, b, i ) \ +{ \ + (b)[(i) ] = (unsigned char) ( ( (n) ) & 0xFF ); \ + (b)[(i) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \ +} +#endif + + #endif /* MBEDTLS_LIBRARY_COMMON_H */ diff --git a/library/psa_crypto_storage.c b/library/psa_crypto_storage.c index 3646953a5..07c2cdf60 100644 --- a/library/psa_crypto_storage.c +++ b/library/psa_crypto_storage.c @@ -230,25 +230,6 @@ static psa_status_t psa_crypto_storage_get_data_length( return( PSA_SUCCESS ); } -/* - * 16-bit integer manipulation macros (little endian) - */ -#ifndef GET_UINT16_LE -#define GET_UINT16_LE( n, b, i ) \ -{ \ - (n) = ( (uint16_t) (b)[(i) ] ) \ - | ( (uint16_t) (b)[(i) + 1] << 8 ); \ -} -#endif - -#ifndef PUT_UINT16_LE -#define PUT_UINT16_LE( n, b, i ) \ -{ \ - (b)[(i) ] = (unsigned char) ( ( (n) ) & 0xFF ); \ - (b)[(i) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \ -} -#endif - /** * Persistent key storage magic header. */ @@ -277,8 +258,8 @@ void psa_format_key_data_for_storage( const uint8_t *data, memcpy( storage_format->magic, PSA_KEY_STORAGE_MAGIC_HEADER, PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH ); MBEDTLS_PUT_UINT32_LE( 0, storage_format->version, 0 ); MBEDTLS_PUT_UINT32_LE( attr->lifetime, storage_format->lifetime, 0 ); - PUT_UINT16_LE( (uint16_t) attr->type, storage_format->type, 0 ); - PUT_UINT16_LE( (uint16_t) attr->bits, storage_format->bits, 0 ); + MBEDTLS_PUT_UINT16_LE( (uint16_t) attr->type, storage_format->type, 0 ); + MBEDTLS_PUT_UINT16_LE( (uint16_t) attr->bits, storage_format->bits, 0 ); MBEDTLS_PUT_UINT32_LE( attr->policy.usage, storage_format->policy, 0 ); MBEDTLS_PUT_UINT32_LE( attr->policy.alg, storage_format->policy, sizeof( uint32_t ) ); MBEDTLS_PUT_UINT32_LE( attr->policy.alg2, storage_format->policy, 2 * sizeof( uint32_t ) ); @@ -334,8 +315,8 @@ psa_status_t psa_parse_key_data_from_storage( const uint8_t *storage_data, } MBEDTLS_GET_UINT32_LE( attr->lifetime, storage_format->lifetime, 0 ); - GET_UINT16_LE( attr->type, storage_format->type, 0 ); - GET_UINT16_LE( attr->bits, storage_format->bits, 0 ); + MBEDTLS_GET_UINT16_LE( attr->type, storage_format->type, 0 ); + MBEDTLS_GET_UINT16_LE( attr->bits, storage_format->bits, 0 ); MBEDTLS_GET_UINT32_LE( attr->policy.usage, storage_format->policy, 0 ); MBEDTLS_GET_UINT32_LE( attr->policy.alg, storage_format->policy, sizeof( uint32_t ) ); MBEDTLS_GET_UINT32_LE( attr->policy.alg2, storage_format->policy, 2 * sizeof( uint32_t ) ); From 394bdd662b7facd32cfbb8ccd24cc0593f38ac0d Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Wed, 7 Jul 2021 15:16:56 +0100 Subject: [PATCH 12/32] Document common.h and remove changelog Added documenttion comments to common.h and removed the changelog as it is not really necessary for refactoring. Also modified a comment in aria.c to be clearer Signed-off-by: Joe Subbiani --- ChangeLog.d/issue4274.txt | 9 ------- library/aria.c | 3 ++- library/common.h | 50 +++++++++++++++++++++++++++++++++++---- 3 files changed, 47 insertions(+), 15 deletions(-) delete mode 100644 ChangeLog.d/issue4274.txt diff --git a/ChangeLog.d/issue4274.txt b/ChangeLog.d/issue4274.txt deleted file mode 100644 index f0952f430..000000000 --- a/ChangeLog.d/issue4274.txt +++ /dev/null @@ -1,9 +0,0 @@ -Changes - * Create 4 byte reading macros in library/common.h, used in files - within the same directory: MBEDTLS_BYTE_0... MBEDTLS_BYTE_3. - * Move the (PUT and GET) UINT32_ (BE and LE) macro functions into - library/common.h. Rename with the prefix MBEDTLS_ to satisfy - test/scripts/check-names.sh (e.g MBEDTLS_PUT_UINT32_LE). - * Move BYTES_TO_U32_LE macro function to library/common.h, also given - the prefix MBEDTLS_. - Fixes #4274. diff --git a/library/aria.c b/library/aria.c index a6319d3e2..f4aa64107 100644 --- a/library/aria.c +++ b/library/aria.c @@ -385,7 +385,8 @@ static void aria_fe_xor( uint32_t r[4], const uint32_t p[4], * Big endian 128-bit rotation: r = a ^ (b <<< n), used only in key setup. * * We chose to store bytes into 32-bit words in little-endian format (see - * GET/MBEDTLS_PUT_UINT32_LE) so we need to reverse bytes here. + * MBEDTLS_GET_UINT32_LE / MBEDTLS_PUT_UINT32_LE ) so we need to reverse + * bytes here. */ static void aria_rot128( uint32_t r[4], const uint32_t a[4], const uint32_t b[4], uint8_t n ) diff --git a/library/common.h b/library/common.h index e85cbf28d..5115465e8 100644 --- a/library/common.h +++ b/library/common.h @@ -68,15 +68,36 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c /** Byte Reading Macros * - * To tidy up code and save horizontal and vertical space, use byte - * reading macros to cast + * Obtain the most significant byte of x using 0xff + * Using MBEDTLS_BYTE_a will shift a*8 bits + * to retrieve the next byte of information */ #define MBEDTLS_BYTE_0( x ) ( (uint8_t) ( ( x ) & 0xff ) ) #define MBEDTLS_BYTE_1( x ) ( (uint8_t) ( ( ( x ) >> 8 ) & 0xff ) ) #define MBEDTLS_BYTE_2( x ) ( (uint8_t) ( ( ( x ) >> 16 ) & 0xff ) ) #define MBEDTLS_BYTE_3( x ) ( (uint8_t) ( ( ( x ) >> 24 ) & 0xff ) ) -/* +/** + * 32-bit integer manipulation macros + * + * \brief Using GET- + * From input data, take the most significant bytes + * and concatonate them as you shift along + * Using PUT- + * Read from a 32 bit integer and store each byte + * in memory, offset by a byte each, resulting in + * each byte being adjacent in memory. + * + * \param n 32 bit integer where data is accessed via + * PUT or stored using GET + * \param b const unsigned char array of data to be + * manipulated + * \param i offset in bytes, In the case of UINT32, i + * would increment by 4 every use assuming + * the data is being stored in the same location + */ + +/** * 32-bit integer manipulation macros (big endian) */ #ifndef MBEDTLS_GET_UINT32_BE @@ -99,7 +120,7 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c } while( 0 ) #endif -/* +/** * 32-bit integer manipulation macros (little endian) */ #ifndef MBEDTLS_GET_UINT32_LE @@ -132,8 +153,27 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c | (uint32_t) ( (uint32_t) (data)[( offset ) + 3] << 24 ) \ ) +/** + * 16-bit integer manipulation macros + * + * \brief Using GET- + * From input data, take the most significant bytes + * and concatonate them as you shift along + * Using PUT- + * Read from a 16 bit integer and store each byte + * in memory, offset by a byte each, resulting in + * each byte being adjacent in memory. + * + * \param n 16 bit integer where data is accessed via + * PUT or stored using GET + * \param b const unsigned char array of data to be + * manipulated + * \param i offset in bytes, In the case of UINT16, i + * would increment by 2 every use assuming + * the data is being stored in the same location + */ -/* +/** * 16-bit integer manipulation macros (little endian) */ #ifndef MBEDTLS_GET_UINT16_LE From 6a5063149756e1d5d12b0497867f5c22aaa8100e Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Wed, 7 Jul 2021 16:56:29 +0100 Subject: [PATCH 13/32] GET macros use a target variable The GET macros used to write to a macro parameter, but now they can be used to assign a value to the desired variable rather than pass it in as an argument and have it modified in the macro function. Due to this MBEDTLS_BYTES_TO_U32_LE is the same as MBEDTLS_GET_UINT32_LE and was there for replaced in the appropriate files and removed from common.h Signed-off-by: Joe Subbiani --- library/aes.c | 18 ++--- library/aria.c | 24 +++--- library/camellia.c | 14 ++-- library/chacha20.c | 22 ++--- library/common.h | 151 +++++++++++++++++++++-------------- library/des.c | 12 +-- library/gcm.c | 8 +- library/md5.c | 32 ++++---- library/nist_kw.c | 2 +- library/poly1305.c | 24 +++--- library/psa_crypto_storage.c | 16 ++-- library/ripemd160.c | 32 ++++---- library/sha1.c | 32 ++++---- library/sha256.c | 4 +- 14 files changed, 211 insertions(+), 180 deletions(-) diff --git a/library/aes.c b/library/aes.c index db726fe36..7a44a7840 100644 --- a/library/aes.c +++ b/library/aes.c @@ -567,7 +567,7 @@ int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key, for( i = 0; i < ( keybits >> 5 ); i++ ) { - MBEDTLS_GET_UINT32_LE( RK[i], key, i << 2 ); + RK[i] = MBEDTLS_GET_UINT32_LE( key, i << 2 ); } switch( ctx->nr ) @@ -850,10 +850,10 @@ int mbedtls_internal_aes_encrypt( mbedtls_aes_context *ctx, uint32_t Y[4]; } t; - MBEDTLS_GET_UINT32_LE( t.X[0], input, 0 ); t.X[0] ^= *RK++; - MBEDTLS_GET_UINT32_LE( t.X[1], input, 4 ); t.X[1] ^= *RK++; - MBEDTLS_GET_UINT32_LE( t.X[2], input, 8 ); t.X[2] ^= *RK++; - MBEDTLS_GET_UINT32_LE( t.X[3], input, 12 ); t.X[3] ^= *RK++; + t.X[0] = MBEDTLS_GET_UINT32_LE( input, 0 ); t.X[0] ^= *RK++; + t.X[1] = MBEDTLS_GET_UINT32_LE( input, 4 ); t.X[1] ^= *RK++; + t.X[2] = MBEDTLS_GET_UINT32_LE( input, 8 ); t.X[2] ^= *RK++; + t.X[3] = MBEDTLS_GET_UINT32_LE( input, 12 ); t.X[3] ^= *RK++; for( i = ( ctx->nr >> 1 ) - 1; i > 0; i-- ) { @@ -914,10 +914,10 @@ int mbedtls_internal_aes_decrypt( mbedtls_aes_context *ctx, uint32_t Y[4]; } t; - MBEDTLS_GET_UINT32_LE( t.X[0], input, 0 ); t.X[0] ^= *RK++; - MBEDTLS_GET_UINT32_LE( t.X[1], input, 4 ); t.X[1] ^= *RK++; - MBEDTLS_GET_UINT32_LE( t.X[2], input, 8 ); t.X[2] ^= *RK++; - MBEDTLS_GET_UINT32_LE( t.X[3], input, 12 ); t.X[3] ^= *RK++; + t.X[0] = MBEDTLS_GET_UINT32_LE( input, 0 ); t.X[0] ^= *RK++; + t.X[1] = MBEDTLS_GET_UINT32_LE( input, 4 ); t.X[1] ^= *RK++; + t.X[2] = MBEDTLS_GET_UINT32_LE( input, 8 ); t.X[2] ^= *RK++; + t.X[3] = MBEDTLS_GET_UINT32_LE( input, 12 ); t.X[3] ^= *RK++; for( i = ( ctx->nr >> 1 ) - 1; i > 0; i-- ) { diff --git a/library/aria.c b/library/aria.c index f4aa64107..320f7758a 100644 --- a/library/aria.c +++ b/library/aria.c @@ -434,21 +434,21 @@ int mbedtls_aria_setkey_enc( mbedtls_aria_context *ctx, return( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA ); /* Copy key to W0 (and potential remainder to W1) */ - MBEDTLS_GET_UINT32_LE( w[0][0], key, 0 ); - MBEDTLS_GET_UINT32_LE( w[0][1], key, 4 ); - MBEDTLS_GET_UINT32_LE( w[0][2], key, 8 ); - MBEDTLS_GET_UINT32_LE( w[0][3], key, 12 ); + w[0][0] = MBEDTLS_GET_UINT32_LE( key, 0 ); + w[0][1] = MBEDTLS_GET_UINT32_LE( key, 4 ); + w[0][2] = MBEDTLS_GET_UINT32_LE( key, 8 ); + w[0][3] = MBEDTLS_GET_UINT32_LE( key, 12 ); memset( w[1], 0, 16 ); if( keybits >= 192 ) { - MBEDTLS_GET_UINT32_LE( w[1][0], key, 16 ); // 192 bit key - MBEDTLS_GET_UINT32_LE( w[1][1], key, 20 ); + w[1][0] = MBEDTLS_GET_UINT32_LE( key, 16 ); // 192 bit key + w[1][1] = MBEDTLS_GET_UINT32_LE( key, 20 ); } if( keybits == 256 ) { - MBEDTLS_GET_UINT32_LE( w[1][2], key, 24 ); // 256 bit key - MBEDTLS_GET_UINT32_LE( w[1][3], key, 28 ); + w[1][2] = MBEDTLS_GET_UINT32_LE( key, 24 ); // 256 bit key + w[1][3] = MBEDTLS_GET_UINT32_LE( key, 28 ); } i = ( keybits - 128 ) >> 6; // index: 0, 1, 2 @@ -525,10 +525,10 @@ int mbedtls_aria_crypt_ecb( mbedtls_aria_context *ctx, ARIA_VALIDATE_RET( input != NULL ); ARIA_VALIDATE_RET( output != NULL ); - MBEDTLS_GET_UINT32_LE( a, input, 0 ); - MBEDTLS_GET_UINT32_LE( b, input, 4 ); - MBEDTLS_GET_UINT32_LE( c, input, 8 ); - MBEDTLS_GET_UINT32_LE( d, input, 12 ); + a = MBEDTLS_GET_UINT32_LE( input, 0 ); + b = MBEDTLS_GET_UINT32_LE( input, 4 ); + c = MBEDTLS_GET_UINT32_LE( input, 8 ); + d = MBEDTLS_GET_UINT32_LE( input, 12 ); i = 0; while( 1 ) diff --git a/library/camellia.c b/library/camellia.c index 9aab7ab67..4d6b468e5 100644 --- a/library/camellia.c +++ b/library/camellia.c @@ -353,8 +353,8 @@ int mbedtls_camellia_setkey_enc( mbedtls_camellia_context *ctx, * Prepare SIGMA values */ for( i = 0; i < 6; i++ ) { - MBEDTLS_GET_UINT32_BE( SIGMA[i][0], SIGMA_CHARS[i], 0 ); - MBEDTLS_GET_UINT32_BE( SIGMA[i][1], SIGMA_CHARS[i], 4 ); + SIGMA[i][0] = MBEDTLS_GET_UINT32_BE( SIGMA_CHARS[i], 0 ); + SIGMA[i][1] = MBEDTLS_GET_UINT32_BE( SIGMA_CHARS[i], 4 ); } /* @@ -365,7 +365,7 @@ int mbedtls_camellia_setkey_enc( mbedtls_camellia_context *ctx, /* Store KL, KR */ for( i = 0; i < 8; i++ ) - MBEDTLS_GET_UINT32_BE( KC[i], t, i * 4 ); + KC[i] = MBEDTLS_GET_UINT32_BE( t, i * 4 ); /* Generate KA */ for( i = 0; i < 4; ++i ) @@ -491,10 +491,10 @@ int mbedtls_camellia_crypt_ecb( mbedtls_camellia_context *ctx, NR = ctx->nr; RK = ctx->rk; - MBEDTLS_GET_UINT32_BE( X[0], input, 0 ); - MBEDTLS_GET_UINT32_BE( X[1], input, 4 ); - MBEDTLS_GET_UINT32_BE( X[2], input, 8 ); - MBEDTLS_GET_UINT32_BE( X[3], input, 12 ); + X[0] = MBEDTLS_GET_UINT32_BE( input, 0 ); + X[1] = MBEDTLS_GET_UINT32_BE( input, 4 ); + X[2] = MBEDTLS_GET_UINT32_BE( input, 8 ); + X[3] = MBEDTLS_GET_UINT32_BE( input, 12 ); X[0] ^= *RK++; X[1] ^= *RK++; diff --git a/library/chacha20.c b/library/chacha20.c index d0d5741c7..7015f99d5 100644 --- a/library/chacha20.c +++ b/library/chacha20.c @@ -205,14 +205,14 @@ int mbedtls_chacha20_setkey( mbedtls_chacha20_context *ctx, ctx->state[3] = 0x6b206574; /* Set key */ - ctx->state[4] = MBEDTLS_BYTES_TO_U32_LE( key, 0 ); - ctx->state[5] = MBEDTLS_BYTES_TO_U32_LE( key, 4 ); - ctx->state[6] = MBEDTLS_BYTES_TO_U32_LE( key, 8 ); - ctx->state[7] = MBEDTLS_BYTES_TO_U32_LE( key, 12 ); - ctx->state[8] = MBEDTLS_BYTES_TO_U32_LE( key, 16 ); - ctx->state[9] = MBEDTLS_BYTES_TO_U32_LE( key, 20 ); - ctx->state[10] = MBEDTLS_BYTES_TO_U32_LE( key, 24 ); - ctx->state[11] = MBEDTLS_BYTES_TO_U32_LE( key, 28 ); + ctx->state[4] = MBEDTLS_GET_UINT32_LE( key, 0 ); + ctx->state[5] = MBEDTLS_GET_UINT32_LE( key, 4 ); + ctx->state[6] = MBEDTLS_GET_UINT32_LE( key, 8 ); + ctx->state[7] = MBEDTLS_GET_UINT32_LE( key, 12 ); + ctx->state[8] = MBEDTLS_GET_UINT32_LE( key, 16 ); + ctx->state[9] = MBEDTLS_GET_UINT32_LE( key, 20 ); + ctx->state[10] = MBEDTLS_GET_UINT32_LE( key, 24 ); + ctx->state[11] = MBEDTLS_GET_UINT32_LE( key, 28 ); return( 0 ); } @@ -228,9 +228,9 @@ int mbedtls_chacha20_starts( mbedtls_chacha20_context* ctx, ctx->state[12] = counter; /* Nonce */ - ctx->state[13] = MBEDTLS_BYTES_TO_U32_LE( nonce, 0 ); - ctx->state[14] = MBEDTLS_BYTES_TO_U32_LE( nonce, 4 ); - ctx->state[15] = MBEDTLS_BYTES_TO_U32_LE( nonce, 8 ); + ctx->state[13] = MBEDTLS_GET_UINT32_LE( nonce, 0 ); + ctx->state[14] = MBEDTLS_GET_UINT32_LE( nonce, 4 ); + ctx->state[15] = MBEDTLS_GET_UINT32_LE( nonce, 8 ); mbedtls_platform_zeroize( ctx->keystream8, sizeof( ctx->keystream8 ) ); diff --git a/library/common.h b/library/common.h index 5115465e8..4ecc0162b 100644 --- a/library/common.h +++ b/library/common.h @@ -78,38 +78,45 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c #define MBEDTLS_BYTE_3( x ) ( (uint8_t) ( ( ( x ) >> 24 ) & 0xff ) ) /** - * 32-bit integer manipulation macros + * 32-bit integer manipulation GET macros (big endian) * - * \brief Using GET- - * From input data, take the most significant bytes - * and concatonate them as you shift along - * Using PUT- - * Read from a 32 bit integer and store each byte - * in memory, offset by a byte each, resulting in - * each byte being adjacent in memory. + * \brief Use this to assign an unsigned 32 bit integer + * by taking data stored adjacent in memory that + * can be accessed via on offset + * Big Endian is used when wanting to + * transmit the most signifcant bits first * - * \param n 32 bit integer where data is accessed via - * PUT or stored using GET + * \param data The data used to translate to a 32 bit + * integer + * \param offset the shift in bytes to access the next byte + * of data + */ +#ifndef MBEDTLS_GET_UINT32_BE +#define MBEDTLS_GET_UINT32_BE( data , offset ) \ + ( \ + ( (uint32_t) ( data )[( offset ) ] << 24 ) \ + | ( (uint32_t) ( data )[( offset ) + 1] << 16 ) \ + | ( (uint32_t) ( data )[( offset ) + 2] << 8 ) \ + | ( (uint32_t) ( data )[( offset ) + 3] ) \ + ) +#endif + +/** + * 32-bit integer manipulation PUT macros (big endian) + * + * \brief Read from a 32 bit integer and store each byte + * in memory, offset by a specified amount, resulting + * in each byte being adjacent in memory. + * Big Endian is used when wanting to + * transmit the most signifcant bits first + * + * \param n 32 bit integer where data is accessed * \param b const unsigned char array of data to be * manipulated * \param i offset in bytes, In the case of UINT32, i * would increment by 4 every use assuming * the data is being stored in the same location */ - -/** - * 32-bit integer manipulation macros (big endian) - */ -#ifndef MBEDTLS_GET_UINT32_BE -#define MBEDTLS_GET_UINT32_BE(n,b,i) \ - do { \ - (n) = ( (uint32_t) (b)[(i) ] << 24 ) \ - | ( (uint32_t) (b)[(i) + 1] << 16 ) \ - | ( (uint32_t) (b)[(i) + 2] << 8 ) \ - | ( (uint32_t) (b)[(i) + 3] ); \ - } while( 0 ) -#endif - #ifndef MBEDTLS_PUT_UINT32_BE #define MBEDTLS_PUT_UINT32_BE(n,b,i) \ do { \ @@ -121,18 +128,45 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c #endif /** - * 32-bit integer manipulation macros (little endian) + * 32-bit integer manipulation GET macros (little endian) + * + * \brief Use this to assign an unsigned 32 bit integer + * by taking data stored adjacent in memory that + * can be accessed via on offset + * Little Endian is used when wanting to + * transmit the least signifcant bits first + * + * \param data The data used to translate to a 32 bit + * integer + * \param offset the shift in bytes to access the next byte + * of data */ #ifndef MBEDTLS_GET_UINT32_LE -#define MBEDTLS_GET_UINT32_LE(n,b,i) \ - do { \ - (n) = ( (uint32_t) (b)[(i) ] ) \ - | ( (uint32_t) (b)[(i) + 1] << 8 ) \ - | ( (uint32_t) (b)[(i) + 2] << 16 ) \ - | ( (uint32_t) (b)[(i) + 3] << 24 ); \ - } while( 0 ) +#define MBEDTLS_GET_UINT32_LE( data, offset ) \ + ( \ + ( (uint32_t) ( data )[( offset ) ] ) \ + | ( (uint32_t) ( data )[( offset ) + 1] << 8 ) \ + | ( (uint32_t) ( data )[( offset ) + 2] << 16 ) \ + | ( (uint32_t) ( data )[( offset ) + 3] << 24 ) \ + ) #endif +/** + * 32-bit integer manipulation PUT macros (little endian) + * + * \brief Read from a 32 bit integer and store each byte + * in memory, offset by a specified amount, resulting + * in each byte being adjacent in memory. + * Little Endian is used when wanting to + * transmit the least signifcant bits first + * + * \param n 32 bit integer where data is accessed + * \param b const unsigned char array of data to be + * manipulated + * \param i offset in bytes, In the case of UINT32, i + * would increment by 4 every use assuming + * the data is being stored in the same location + */ #ifndef MBEDTLS_PUT_UINT32_LE #define MBEDTLS_PUT_UINT32_LE(n,b,i) \ do { \ @@ -144,46 +178,43 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c #endif /** - * 32-bit integer conversion from bytes (little endian) + * 16-bit integer manipulation GET macros (little endian) + * + * \brief Use this to assign an unsigned 16 bit integer + * by taking data stored adjacent in memory that + * can be accessed via on offset + * Little Endian is used when wanting to + * transmit the least signifcant bits first + * + * \param data The data used to translate to a 16 bit + * integer + * \param offset the shit in bytes to access the next byte + * of data */ -#define MBEDTLS_BYTES_TO_U32_LE( data, offset ) \ - ( (uint32_t) (data)[offset] \ - | (uint32_t) ( (uint32_t) (data)[( offset ) + 1] << 8 ) \ - | (uint32_t) ( (uint32_t) (data)[( offset ) + 2] << 16 ) \ - | (uint32_t) ( (uint32_t) (data)[( offset ) + 3] << 24 ) \ +#ifndef MBEDTLS_GET_UINT16_LE +#define MBEDTLS_GET_UINT16_LE( data, offset ) \ + ( \ + ( (uint16_t) ( data )[( offset ) ] ) \ + | ( (uint16_t) ( data )[( offset ) + 1] << 8 ) \ ) +#endif /** - * 16-bit integer manipulation macros + * 16-bit integer manipulation PUT macros (little endian) * - * \brief Using GET- - * From input data, take the most significant bytes - * and concatonate them as you shift along - * Using PUT- - * Read from a 16 bit integer and store each byte - * in memory, offset by a byte each, resulting in - * each byte being adjacent in memory. + * \brief Read from a 16 bit integer and store each byte + * in memory, offset by a specified amount, resulting + * in each byte being adjacent in memory. + * Little Endian is used when wanting to + * transmit the least signifcant bits first * - * \param n 16 bit integer where data is accessed via - * PUT or stored using GET + * \param n 16 bit integer where data is accessed * \param b const unsigned char array of data to be * manipulated * \param i offset in bytes, In the case of UINT16, i * would increment by 2 every use assuming * the data is being stored in the same location */ - -/** - * 16-bit integer manipulation macros (little endian) - */ -#ifndef MBEDTLS_GET_UINT16_LE -#define MBEDTLS_GET_UINT16_LE( n, b, i ) \ -{ \ - (n) = ( (uint16_t) (b)[(i) ] ) \ - | ( (uint16_t) (b)[(i) + 1] << 8 ); \ -} -#endif - #ifndef MBEDTLS_PUT_UINT16_LE #define MBEDTLS_PUT_UINT16_LE( n, b, i ) \ { \ diff --git a/library/des.c b/library/des.c index 9281747de..7f90faa04 100644 --- a/library/des.c +++ b/library/des.c @@ -400,8 +400,8 @@ void mbedtls_des_setkey( uint32_t SK[32], const unsigned char key[MBEDTLS_DES_KE int i; uint32_t X, Y, T; - MBEDTLS_GET_UINT32_BE( X, key, 0 ); - MBEDTLS_GET_UINT32_BE( Y, key, 4 ); + X = MBEDTLS_GET_UINT32_BE( key, 0 ); + Y = MBEDTLS_GET_UINT32_BE( key, 4 ); /* * Permuted Choice 1 @@ -610,8 +610,8 @@ int mbedtls_des_crypt_ecb( mbedtls_des_context *ctx, SK = ctx->sk; - MBEDTLS_GET_UINT32_BE( X, input, 0 ); - MBEDTLS_GET_UINT32_BE( Y, input, 4 ); + X = MBEDTLS_GET_UINT32_BE( input, 0 ); + Y = MBEDTLS_GET_UINT32_BE( input, 4 ); DES_IP( X, Y ); @@ -697,8 +697,8 @@ int mbedtls_des3_crypt_ecb( mbedtls_des3_context *ctx, SK = ctx->sk; - MBEDTLS_GET_UINT32_BE( X, input, 0 ); - MBEDTLS_GET_UINT32_BE( Y, input, 4 ); + X = MBEDTLS_GET_UINT32_BE( input, 0 ); + Y = MBEDTLS_GET_UINT32_BE( input, 4 ); DES_IP( X, Y ); diff --git a/library/gcm.c b/library/gcm.c index 3caeed26d..910646b28 100644 --- a/library/gcm.c +++ b/library/gcm.c @@ -88,12 +88,12 @@ static int gcm_gen_table( mbedtls_gcm_context *ctx ) return( ret ); /* pack h as two 64-bits ints, big-endian */ - MBEDTLS_GET_UINT32_BE( hi, h, 0 ); - MBEDTLS_GET_UINT32_BE( lo, h, 4 ); + hi = MBEDTLS_GET_UINT32_BE( h, 0 ); + lo = MBEDTLS_GET_UINT32_BE( h, 4 ); vh = (uint64_t) hi << 32 | lo; - MBEDTLS_GET_UINT32_BE( hi, h, 8 ); - MBEDTLS_GET_UINT32_BE( lo, h, 12 ); + hi = MBEDTLS_GET_UINT32_BE( h, 8 ); + lo = MBEDTLS_GET_UINT32_BE( h, 12 ); vl = (uint64_t) hi << 32 | lo; /* 8 = 1000 corresponds to 1 in GF(2^128) */ diff --git a/library/md5.c b/library/md5.c index e8d00216f..a9bbcb488 100644 --- a/library/md5.c +++ b/library/md5.c @@ -87,22 +87,22 @@ int mbedtls_internal_md5_process( mbedtls_md5_context *ctx, uint32_t X[16], A, B, C, D; } local; - MBEDTLS_GET_UINT32_LE( local.X[ 0], data, 0 ); - MBEDTLS_GET_UINT32_LE( local.X[ 1], data, 4 ); - MBEDTLS_GET_UINT32_LE( local.X[ 2], data, 8 ); - MBEDTLS_GET_UINT32_LE( local.X[ 3], data, 12 ); - MBEDTLS_GET_UINT32_LE( local.X[ 4], data, 16 ); - MBEDTLS_GET_UINT32_LE( local.X[ 5], data, 20 ); - MBEDTLS_GET_UINT32_LE( local.X[ 6], data, 24 ); - MBEDTLS_GET_UINT32_LE( local.X[ 7], data, 28 ); - MBEDTLS_GET_UINT32_LE( local.X[ 8], data, 32 ); - MBEDTLS_GET_UINT32_LE( local.X[ 9], data, 36 ); - MBEDTLS_GET_UINT32_LE( local.X[10], data, 40 ); - MBEDTLS_GET_UINT32_LE( local.X[11], data, 44 ); - MBEDTLS_GET_UINT32_LE( local.X[12], data, 48 ); - MBEDTLS_GET_UINT32_LE( local.X[13], data, 52 ); - MBEDTLS_GET_UINT32_LE( local.X[14], data, 56 ); - MBEDTLS_GET_UINT32_LE( local.X[15], data, 60 ); + local.X[ 0] = MBEDTLS_GET_UINT32_LE( data, 0 ); + local.X[ 1] = MBEDTLS_GET_UINT32_LE( data, 4 ); + local.X[ 2] = MBEDTLS_GET_UINT32_LE( data, 8 ); + local.X[ 3] = MBEDTLS_GET_UINT32_LE( data, 12 ); + local.X[ 4] = MBEDTLS_GET_UINT32_LE( data, 16 ); + local.X[ 5] = MBEDTLS_GET_UINT32_LE( data, 20 ); + local.X[ 6] = MBEDTLS_GET_UINT32_LE( data, 24 ); + local.X[ 7] = MBEDTLS_GET_UINT32_LE( data, 28 ); + local.X[ 8] = MBEDTLS_GET_UINT32_LE( data, 32 ); + local.X[ 9] = MBEDTLS_GET_UINT32_LE( data, 36 ); + local.X[10] = MBEDTLS_GET_UINT32_LE( data, 40 ); + local.X[11] = MBEDTLS_GET_UINT32_LE( data, 44 ); + local.X[12] = MBEDTLS_GET_UINT32_LE( data, 48 ); + local.X[13] = MBEDTLS_GET_UINT32_LE( data, 52 ); + local.X[14] = MBEDTLS_GET_UINT32_LE( data, 56 ); + local.X[15] = MBEDTLS_GET_UINT32_LE( data, 60 ); #define S(x,n) \ ( ( (x) << (n) ) | ( ( (x) & 0xFFFFFFFF) >> ( 32 - (n) ) ) ) diff --git a/library/nist_kw.c b/library/nist_kw.c index b8f923999..e2ab2566f 100644 --- a/library/nist_kw.c +++ b/library/nist_kw.c @@ -454,7 +454,7 @@ int mbedtls_nist_kw_unwrap( mbedtls_nist_kw_context *ctx, ret = MBEDTLS_ERR_CIPHER_AUTH_FAILED; } - MBEDTLS_GET_UINT32_BE( Plen, A, KW_SEMIBLOCK_LENGTH / 2 ); + Plen = MBEDTLS_GET_UINT32_BE( A, KW_SEMIBLOCK_LENGTH / 2 ); /* * Plen is the length of the plaintext, when the input is valid. diff --git a/library/poly1305.c b/library/poly1305.c index 3c0b7c6aa..f19574253 100644 --- a/library/poly1305.c +++ b/library/poly1305.c @@ -122,10 +122,10 @@ static void poly1305_process( mbedtls_poly1305_context *ctx, for( i = 0U; i < nblocks; i++ ) { /* The input block is treated as a 128-bit little-endian integer */ - d0 = MBEDTLS_BYTES_TO_U32_LE( input, offset + 0 ); - d1 = MBEDTLS_BYTES_TO_U32_LE( input, offset + 4 ); - d2 = MBEDTLS_BYTES_TO_U32_LE( input, offset + 8 ); - d3 = MBEDTLS_BYTES_TO_U32_LE( input, offset + 12 ); + d0 = MBEDTLS_GET_UINT32_LE( input, offset + 0 ); + d1 = MBEDTLS_GET_UINT32_LE( input, offset + 4 ); + d2 = MBEDTLS_GET_UINT32_LE( input, offset + 8 ); + d3 = MBEDTLS_GET_UINT32_LE( input, offset + 12 ); /* Compute: acc += (padded) block as a 130-bit integer */ d0 += (uint64_t) acc0; @@ -290,15 +290,15 @@ int mbedtls_poly1305_starts( mbedtls_poly1305_context *ctx, POLY1305_VALIDATE_RET( key != NULL ); /* r &= 0x0ffffffc0ffffffc0ffffffc0fffffff */ - ctx->r[0] = MBEDTLS_BYTES_TO_U32_LE( key, 0 ) & 0x0FFFFFFFU; - ctx->r[1] = MBEDTLS_BYTES_TO_U32_LE( key, 4 ) & 0x0FFFFFFCU; - ctx->r[2] = MBEDTLS_BYTES_TO_U32_LE( key, 8 ) & 0x0FFFFFFCU; - ctx->r[3] = MBEDTLS_BYTES_TO_U32_LE( key, 12 ) & 0x0FFFFFFCU; + ctx->r[0] = MBEDTLS_GET_UINT32_LE( key, 0 ) & 0x0FFFFFFFU; + ctx->r[1] = MBEDTLS_GET_UINT32_LE( key, 4 ) & 0x0FFFFFFCU; + ctx->r[2] = MBEDTLS_GET_UINT32_LE( key, 8 ) & 0x0FFFFFFCU; + ctx->r[3] = MBEDTLS_GET_UINT32_LE( key, 12 ) & 0x0FFFFFFCU; - ctx->s[0] = MBEDTLS_BYTES_TO_U32_LE( key, 16 ); - ctx->s[1] = MBEDTLS_BYTES_TO_U32_LE( key, 20 ); - ctx->s[2] = MBEDTLS_BYTES_TO_U32_LE( key, 24 ); - ctx->s[3] = MBEDTLS_BYTES_TO_U32_LE( key, 28 ); + ctx->s[0] = MBEDTLS_GET_UINT32_LE( key, 16 ); + ctx->s[1] = MBEDTLS_GET_UINT32_LE( key, 20 ); + ctx->s[2] = MBEDTLS_GET_UINT32_LE( key, 24 ); + ctx->s[3] = MBEDTLS_GET_UINT32_LE( key, 28 ); /* Initial accumulator state */ ctx->acc[0] = 0U; diff --git a/library/psa_crypto_storage.c b/library/psa_crypto_storage.c index 07c2cdf60..c6660b955 100644 --- a/library/psa_crypto_storage.c +++ b/library/psa_crypto_storage.c @@ -293,11 +293,11 @@ psa_status_t psa_parse_key_data_from_storage( const uint8_t *storage_data, if( status != PSA_SUCCESS ) return( status ); - MBEDTLS_GET_UINT32_LE( version, storage_format->version, 0 ); + version = MBEDTLS_GET_UINT32_LE( storage_format->version, 0 ); if( version != 0 ) return( PSA_ERROR_DATA_INVALID ); - MBEDTLS_GET_UINT32_LE( *key_data_length, storage_format->data_len, 0 ); + *key_data_length = MBEDTLS_GET_UINT32_LE( storage_format->data_len, 0 ); if( *key_data_length > ( storage_data_length - sizeof(*storage_format) ) || *key_data_length > PSA_CRYPTO_MAX_STORAGE_SIZE ) return( PSA_ERROR_DATA_INVALID ); @@ -314,12 +314,12 @@ psa_status_t psa_parse_key_data_from_storage( const uint8_t *storage_data, memcpy( *key_data, storage_format->key_data, *key_data_length ); } - MBEDTLS_GET_UINT32_LE( attr->lifetime, storage_format->lifetime, 0 ); - MBEDTLS_GET_UINT16_LE( attr->type, storage_format->type, 0 ); - MBEDTLS_GET_UINT16_LE( attr->bits, storage_format->bits, 0 ); - MBEDTLS_GET_UINT32_LE( attr->policy.usage, storage_format->policy, 0 ); - MBEDTLS_GET_UINT32_LE( attr->policy.alg, storage_format->policy, sizeof( uint32_t ) ); - MBEDTLS_GET_UINT32_LE( attr->policy.alg2, storage_format->policy, 2 * sizeof( uint32_t ) ); + attr->lifetime = MBEDTLS_GET_UINT32_LE( storage_format->lifetime, 0 ); + attr->type = MBEDTLS_GET_UINT16_LE( storage_format->type, 0 ); + attr->bits = MBEDTLS_GET_UINT16_LE( storage_format->bits, 0 ); + attr->policy.usage = MBEDTLS_GET_UINT32_LE( storage_format->policy, 0 ); + attr->policy.alg = MBEDTLS_GET_UINT32_LE( storage_format->policy, sizeof( uint32_t ) ); + attr->policy.alg2 = MBEDTLS_GET_UINT32_LE( storage_format->policy, 2 * sizeof( uint32_t ) ); return( PSA_SUCCESS ); } diff --git a/library/ripemd160.c b/library/ripemd160.c index 2bed10723..41d838722 100644 --- a/library/ripemd160.c +++ b/library/ripemd160.c @@ -92,22 +92,22 @@ int mbedtls_internal_ripemd160_process( mbedtls_ripemd160_context *ctx, uint32_t A, B, C, D, E, Ap, Bp, Cp, Dp, Ep, X[16]; } local; - MBEDTLS_GET_UINT32_LE( local.X[ 0], data, 0 ); - MBEDTLS_GET_UINT32_LE( local.X[ 1], data, 4 ); - MBEDTLS_GET_UINT32_LE( local.X[ 2], data, 8 ); - MBEDTLS_GET_UINT32_LE( local.X[ 3], data, 12 ); - MBEDTLS_GET_UINT32_LE( local.X[ 4], data, 16 ); - MBEDTLS_GET_UINT32_LE( local.X[ 5], data, 20 ); - MBEDTLS_GET_UINT32_LE( local.X[ 6], data, 24 ); - MBEDTLS_GET_UINT32_LE( local.X[ 7], data, 28 ); - MBEDTLS_GET_UINT32_LE( local.X[ 8], data, 32 ); - MBEDTLS_GET_UINT32_LE( local.X[ 9], data, 36 ); - MBEDTLS_GET_UINT32_LE( local.X[10], data, 40 ); - MBEDTLS_GET_UINT32_LE( local.X[11], data, 44 ); - MBEDTLS_GET_UINT32_LE( local.X[12], data, 48 ); - MBEDTLS_GET_UINT32_LE( local.X[13], data, 52 ); - MBEDTLS_GET_UINT32_LE( local.X[14], data, 56 ); - MBEDTLS_GET_UINT32_LE( local.X[15], data, 60 ); + local.X[ 0] = MBEDTLS_GET_UINT32_LE( data, 0 ); + local.X[ 1] = MBEDTLS_GET_UINT32_LE( data, 4 ); + local.X[ 2] = MBEDTLS_GET_UINT32_LE( data, 8 ); + local.X[ 3] = MBEDTLS_GET_UINT32_LE( data, 12 ); + local.X[ 4] = MBEDTLS_GET_UINT32_LE( data, 16 ); + local.X[ 5] = MBEDTLS_GET_UINT32_LE( data, 20 ); + local.X[ 6] = MBEDTLS_GET_UINT32_LE( data, 24 ); + local.X[ 7] = MBEDTLS_GET_UINT32_LE( data, 28 ); + local.X[ 8] = MBEDTLS_GET_UINT32_LE( data, 32 ); + local.X[ 9] = MBEDTLS_GET_UINT32_LE( data, 36 ); + local.X[10] = MBEDTLS_GET_UINT32_LE( data, 40 ); + local.X[11] = MBEDTLS_GET_UINT32_LE( data, 44 ); + local.X[12] = MBEDTLS_GET_UINT32_LE( data, 48 ); + local.X[13] = MBEDTLS_GET_UINT32_LE( data, 52 ); + local.X[14] = MBEDTLS_GET_UINT32_LE( data, 56 ); + local.X[15] = MBEDTLS_GET_UINT32_LE( data, 60 ); local.A = local.Ap = ctx->state[0]; local.B = local.Bp = ctx->state[1]; diff --git a/library/sha1.c b/library/sha1.c index da61f65fc..6fc937123 100644 --- a/library/sha1.c +++ b/library/sha1.c @@ -103,22 +103,22 @@ int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx, SHA1_VALIDATE_RET( ctx != NULL ); SHA1_VALIDATE_RET( (const unsigned char *)data != NULL ); - MBEDTLS_GET_UINT32_BE( local.W[ 0], data, 0 ); - MBEDTLS_GET_UINT32_BE( local.W[ 1], data, 4 ); - MBEDTLS_GET_UINT32_BE( local.W[ 2], data, 8 ); - MBEDTLS_GET_UINT32_BE( local.W[ 3], data, 12 ); - MBEDTLS_GET_UINT32_BE( local.W[ 4], data, 16 ); - MBEDTLS_GET_UINT32_BE( local.W[ 5], data, 20 ); - MBEDTLS_GET_UINT32_BE( local.W[ 6], data, 24 ); - MBEDTLS_GET_UINT32_BE( local.W[ 7], data, 28 ); - MBEDTLS_GET_UINT32_BE( local.W[ 8], data, 32 ); - MBEDTLS_GET_UINT32_BE( local.W[ 9], data, 36 ); - MBEDTLS_GET_UINT32_BE( local.W[10], data, 40 ); - MBEDTLS_GET_UINT32_BE( local.W[11], data, 44 ); - MBEDTLS_GET_UINT32_BE( local.W[12], data, 48 ); - MBEDTLS_GET_UINT32_BE( local.W[13], data, 52 ); - MBEDTLS_GET_UINT32_BE( local.W[14], data, 56 ); - MBEDTLS_GET_UINT32_BE( local.W[15], data, 60 ); + local.W[ 0] = MBEDTLS_GET_UINT32_BE( data, 0 ); + local.W[ 1] = MBEDTLS_GET_UINT32_BE( data, 4 ); + local.W[ 2] = MBEDTLS_GET_UINT32_BE( data, 8 ); + local.W[ 3] = MBEDTLS_GET_UINT32_BE( data, 12 ); + local.W[ 4] = MBEDTLS_GET_UINT32_BE( data, 16 ); + local.W[ 5] = MBEDTLS_GET_UINT32_BE( data, 20 ); + local.W[ 6] = MBEDTLS_GET_UINT32_BE( data, 24 ); + local.W[ 7] = MBEDTLS_GET_UINT32_BE( data, 28 ); + local.W[ 8] = MBEDTLS_GET_UINT32_BE( data, 32 ); + local.W[ 9] = MBEDTLS_GET_UINT32_BE( data, 36 ); + local.W[10] = MBEDTLS_GET_UINT32_BE( data, 40 ); + local.W[11] = MBEDTLS_GET_UINT32_BE( data, 44 ); + local.W[12] = MBEDTLS_GET_UINT32_BE( data, 48 ); + local.W[13] = MBEDTLS_GET_UINT32_BE( data, 52 ); + local.W[14] = MBEDTLS_GET_UINT32_BE( data, 56 ); + local.W[15] = MBEDTLS_GET_UINT32_BE( data, 60 ); #define S(x,n) (((x) << (n)) | (((x) & 0xFFFFFFFF) >> (32 - (n)))) diff --git a/library/sha256.c b/library/sha256.c index fb66340b2..c3573f85f 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -190,7 +190,7 @@ int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx, for( i = 0; i < 64; i++ ) { if( i < 16 ) - MBEDTLS_GET_UINT32_BE( local.W[i], data, 4 * i ); + local.W[i] = MBEDTLS_GET_UINT32_BE( data, 4 * i ); else R( i ); @@ -205,7 +205,7 @@ int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx, } #else /* MBEDTLS_SHA256_SMALLER */ for( i = 0; i < 16; i++ ) - MBEDTLS_GET_UINT32_BE( local.W[i], data, 4 * i ); + local.W[i] = MBEDTLS_GET_UINT32_BE( data, 4 * i ); for( i = 0; i < 16; i += 8 ) { From cd84d76e9b1a3b2c82d5975561aea493777abd51 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Thu, 8 Jul 2021 14:59:52 +0100 Subject: [PATCH 14/32] Add Character byte reading macros These cast to an unsigned char rather than a uint8_t like with MBEDTLS_BYTE_x These save alot of space and will improve maintence by replacing the appropriate code with MBEDTLS_CHAR_x Signed-off-by: Joe Subbiani --- library/aes.c | 196 +++++++++++++++++++-------------------- library/aria.c | 32 +++---- library/asn1write.c | 18 ++-- library/camellia.c | 16 ++-- library/ccm.c | 6 +- library/common.h | 9 ++ library/ecjpake.c | 18 ++-- library/ssl_cli.c | 131 ++++++++++++-------------- library/ssl_msg.c | 12 +-- library/ssl_srv.c | 94 +++++++++---------- library/ssl_tls.c | 120 ++++++++++++------------ library/ssl_tls13_keys.c | 6 +- 12 files changed, 328 insertions(+), 330 deletions(-) diff --git a/library/aes.c b/library/aes.c index 7a44a7840..1eb3e204d 100644 --- a/library/aes.c +++ b/library/aes.c @@ -386,7 +386,7 @@ static void aes_gen_tables( void ) { pow[i] = x; log[x] = i; - x = ( x ^ XTIME( x ) ) & 0xFF; + x = MBEDTLS_BYTE_0( x ^ XTIME( x ) ); } /* @@ -395,7 +395,7 @@ static void aes_gen_tables( void ) for( i = 0, x = 1; i < 10; i++ ) { RCON[i] = (uint32_t) x; - x = XTIME( x ) & 0xFF; + x = MBEDTLS_BYTE_0( XTIME( x ) ); } /* @@ -408,10 +408,10 @@ static void aes_gen_tables( void ) { x = pow[255 - log[i]]; - y = x; y = ( ( y << 1 ) | ( y >> 7 ) ) & 0xFF; - x ^= y; y = ( ( y << 1 ) | ( y >> 7 ) ) & 0xFF; - x ^= y; y = ( ( y << 1 ) | ( y >> 7 ) ) & 0xFF; - x ^= y; y = ( ( y << 1 ) | ( y >> 7 ) ) & 0xFF; + y = x; y = MBEDTLS_BYTE_0( ( y << 1 ) | ( y >> 7 ) ); + x ^= y; y = MBEDTLS_BYTE_0( ( y << 1 ) | ( y >> 7 ) ); + x ^= y; y = MBEDTLS_BYTE_0( ( y << 1 ) | ( y >> 7 ) ); + x ^= y; y = MBEDTLS_BYTE_0( ( y << 1 ) | ( y >> 7 ) ); x ^= y ^ 0x63; FSb[i] = (unsigned char) x; @@ -424,8 +424,8 @@ static void aes_gen_tables( void ) for( i = 0; i < 256; i++ ) { x = FSb[i]; - y = XTIME( x ) & 0xFF; - z = ( y ^ x ) & 0xFF; + y = MBEDTLS_BYTE_0( XTIME( x ) ); + z = MBEDTLS_BYTE_0( y ^ x ); FT0[i] = ( (uint32_t) y ) ^ ( (uint32_t) x << 8 ) ^ @@ -577,10 +577,10 @@ int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key, for( i = 0; i < 10; i++, RK += 4 ) { RK[4] = RK[0] ^ RCON[i] ^ - ( (uint32_t) FSb[ ( RK[3] >> 8 ) & 0xFF ] ) ^ - ( (uint32_t) FSb[ ( RK[3] >> 16 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) FSb[ ( RK[3] >> 24 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) FSb[ ( RK[3] ) & 0xFF ] << 24 ); + ( (uint32_t) FSb[ MBEDTLS_BYTE_1( RK[3] ) ] ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_2( RK[3] ) ] << 8 ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_3( RK[3] ) ] << 16 ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_0( RK[3] ) ] << 24 ); RK[5] = RK[1] ^ RK[4]; RK[6] = RK[2] ^ RK[5]; @@ -593,10 +593,10 @@ int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key, for( i = 0; i < 8; i++, RK += 6 ) { RK[6] = RK[0] ^ RCON[i] ^ - ( (uint32_t) FSb[ ( RK[5] >> 8 ) & 0xFF ] ) ^ - ( (uint32_t) FSb[ ( RK[5] >> 16 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) FSb[ ( RK[5] >> 24 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) FSb[ ( RK[5] ) & 0xFF ] << 24 ); + ( (uint32_t) FSb[ MBEDTLS_BYTE_1( RK[5] ) ] ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_2( RK[5] ) ] << 8 ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_3( RK[5] ) ] << 16 ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_0( RK[5] ) ] << 24 ); RK[7] = RK[1] ^ RK[6]; RK[8] = RK[2] ^ RK[7]; @@ -611,20 +611,20 @@ int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key, for( i = 0; i < 7; i++, RK += 8 ) { RK[8] = RK[0] ^ RCON[i] ^ - ( (uint32_t) FSb[ ( RK[7] >> 8 ) & 0xFF ] ) ^ - ( (uint32_t) FSb[ ( RK[7] >> 16 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) FSb[ ( RK[7] >> 24 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) FSb[ ( RK[7] ) & 0xFF ] << 24 ); + ( (uint32_t) FSb[ MBEDTLS_BYTE_1( RK[7] ) ] ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_2( RK[7] ) ] << 8 ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_3( RK[7] ) ] << 16 ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_0( RK[7] ) ] << 24 ); RK[9] = RK[1] ^ RK[8]; RK[10] = RK[2] ^ RK[9]; RK[11] = RK[3] ^ RK[10]; RK[12] = RK[4] ^ - ( (uint32_t) FSb[ ( RK[11] ) & 0xFF ] ) ^ - ( (uint32_t) FSb[ ( RK[11] >> 8 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) FSb[ ( RK[11] >> 16 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) FSb[ ( RK[11] >> 24 ) & 0xFF ] << 24 ); + ( (uint32_t) FSb[ MBEDTLS_BYTE_0( RK[11] ) ] ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_1( RK[11] ) ] << 8 ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_2( RK[11] ) ] << 16 ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_3( RK[11] ) ] << 24 ); RK[13] = RK[5] ^ RK[12]; RK[14] = RK[6] ^ RK[13]; @@ -690,10 +690,10 @@ int mbedtls_aes_setkey_dec( mbedtls_aes_context *ctx, const unsigned char *key, { for( j = 0; j < 4; j++, SK++ ) { - *RK++ = AES_RT0( FSb[ ( *SK ) & 0xFF ] ) ^ - AES_RT1( FSb[ ( *SK >> 8 ) & 0xFF ] ) ^ - AES_RT2( FSb[ ( *SK >> 16 ) & 0xFF ] ) ^ - AES_RT3( FSb[ ( *SK >> 24 ) & 0xFF ] ); + *RK++ = AES_RT0( FSb[ MBEDTLS_BYTE_0( *SK ) ] ) ^ + AES_RT1( FSb[ MBEDTLS_BYTE_1( *SK ) ] ) ^ + AES_RT2( FSb[ MBEDTLS_BYTE_2( *SK ) ] ) ^ + AES_RT3( FSb[ MBEDTLS_BYTE_3( *SK ) ] ); } } @@ -786,52 +786,52 @@ int mbedtls_aes_xts_setkey_dec( mbedtls_aes_xts_context *ctx, } #endif /* MBEDTLS_CIPHER_MODE_XTS */ -#define AES_FROUND(X0,X1,X2,X3,Y0,Y1,Y2,Y3) \ - do \ - { \ - (X0) = *RK++ ^ AES_FT0( ( (Y0) ) & 0xFF ) ^ \ - AES_FT1( ( (Y1) >> 8 ) & 0xFF ) ^ \ - AES_FT2( ( (Y2) >> 16 ) & 0xFF ) ^ \ - AES_FT3( ( (Y3) >> 24 ) & 0xFF ); \ - \ - (X1) = *RK++ ^ AES_FT0( ( (Y1) ) & 0xFF ) ^ \ - AES_FT1( ( (Y2) >> 8 ) & 0xFF ) ^ \ - AES_FT2( ( (Y3) >> 16 ) & 0xFF ) ^ \ - AES_FT3( ( (Y0) >> 24 ) & 0xFF ); \ - \ - (X2) = *RK++ ^ AES_FT0( ( (Y2) ) & 0xFF ) ^ \ - AES_FT1( ( (Y3) >> 8 ) & 0xFF ) ^ \ - AES_FT2( ( (Y0) >> 16 ) & 0xFF ) ^ \ - AES_FT3( ( (Y1) >> 24 ) & 0xFF ); \ - \ - (X3) = *RK++ ^ AES_FT0( ( (Y3) ) & 0xFF ) ^ \ - AES_FT1( ( (Y0) >> 8 ) & 0xFF ) ^ \ - AES_FT2( ( (Y1) >> 16 ) & 0xFF ) ^ \ - AES_FT3( ( (Y2) >> 24 ) & 0xFF ); \ +#define AES_FROUND(X0,X1,X2,X3,Y0,Y1,Y2,Y3) \ + do \ + { \ + (X0) = *RK++ ^ AES_FT0( MBEDTLS_BYTE_0( Y0 ) ) ^ \ + AES_FT1( MBEDTLS_BYTE_1( Y1 ) ) ^ \ + AES_FT2( MBEDTLS_BYTE_2( Y2 ) ) ^ \ + AES_FT3( MBEDTLS_BYTE_3( Y3 ) ); \ + \ + (X1) = *RK++ ^ AES_FT0( MBEDTLS_BYTE_0( Y1 ) ) ^ \ + AES_FT1( MBEDTLS_BYTE_1( Y2 ) ) ^ \ + AES_FT2( MBEDTLS_BYTE_2( Y3 ) ) ^ \ + AES_FT3( MBEDTLS_BYTE_3( Y0 ) ); \ + \ + (X2) = *RK++ ^ AES_FT0( MBEDTLS_BYTE_0( Y2 ) ) ^ \ + AES_FT1( MBEDTLS_BYTE_1( Y3 ) ) ^ \ + AES_FT2( MBEDTLS_BYTE_2( Y0 ) ) ^ \ + AES_FT3( MBEDTLS_BYTE_3( Y1 ) ); \ + \ + (X3) = *RK++ ^ AES_FT0( MBEDTLS_BYTE_0( Y3 ) ) ^ \ + AES_FT1( MBEDTLS_BYTE_1( Y0 ) ) ^ \ + AES_FT2( MBEDTLS_BYTE_2( Y1 ) ) ^ \ + AES_FT3( MBEDTLS_BYTE_3( Y2 ) ); \ } while( 0 ) #define AES_RROUND(X0,X1,X2,X3,Y0,Y1,Y2,Y3) \ do \ { \ - (X0) = *RK++ ^ AES_RT0( ( (Y0) ) & 0xFF ) ^ \ - AES_RT1( ( (Y3) >> 8 ) & 0xFF ) ^ \ - AES_RT2( ( (Y2) >> 16 ) & 0xFF ) ^ \ - AES_RT3( ( (Y1) >> 24 ) & 0xFF ); \ + (X0) = *RK++ ^ AES_RT0( MBEDTLS_BYTE_0( Y0 ) ) ^ \ + AES_RT1( MBEDTLS_BYTE_1( Y3 ) ) ^ \ + AES_RT2( MBEDTLS_BYTE_2( Y2 ) ) ^ \ + AES_RT3( MBEDTLS_BYTE_3( Y1 ) ); \ \ - (X1) = *RK++ ^ AES_RT0( ( (Y1) ) & 0xFF ) ^ \ - AES_RT1( ( (Y0) >> 8 ) & 0xFF ) ^ \ - AES_RT2( ( (Y3) >> 16 ) & 0xFF ) ^ \ - AES_RT3( ( (Y2) >> 24 ) & 0xFF ); \ + (X1) = *RK++ ^ AES_RT0( MBEDTLS_BYTE_0( Y1 ) ) ^ \ + AES_RT1( MBEDTLS_BYTE_1( Y0 ) ) ^ \ + AES_RT2( MBEDTLS_BYTE_2( Y3 ) ) ^ \ + AES_RT3( MBEDTLS_BYTE_3( Y2 ) ); \ \ - (X2) = *RK++ ^ AES_RT0( ( (Y2) ) & 0xFF ) ^ \ - AES_RT1( ( (Y1) >> 8 ) & 0xFF ) ^ \ - AES_RT2( ( (Y0) >> 16 ) & 0xFF ) ^ \ - AES_RT3( ( (Y3) >> 24 ) & 0xFF ); \ + (X2) = *RK++ ^ AES_RT0( MBEDTLS_BYTE_0( Y2 ) ) ^ \ + AES_RT1( MBEDTLS_BYTE_1( Y1 ) ) ^ \ + AES_RT2( MBEDTLS_BYTE_2( Y0 ) ) ^ \ + AES_RT3( MBEDTLS_BYTE_3( Y3 ) ); \ \ - (X3) = *RK++ ^ AES_RT0( ( (Y3) ) & 0xFF ) ^ \ - AES_RT1( ( (Y2) >> 8 ) & 0xFF ) ^ \ - AES_RT2( ( (Y1) >> 16 ) & 0xFF ) ^ \ - AES_RT3( ( (Y0) >> 24 ) & 0xFF ); \ + (X3) = *RK++ ^ AES_RT0( MBEDTLS_BYTE_0( Y3 ) ) ^ \ + AES_RT1( MBEDTLS_BYTE_1( Y2 ) ) ^ \ + AES_RT2( MBEDTLS_BYTE_2( Y1 ) ) ^ \ + AES_RT3( MBEDTLS_BYTE_3( Y0 ) ); \ } while( 0 ) /* @@ -864,28 +864,28 @@ int mbedtls_internal_aes_encrypt( mbedtls_aes_context *ctx, AES_FROUND( t.Y[0], t.Y[1], t.Y[2], t.Y[3], t.X[0], t.X[1], t.X[2], t.X[3] ); t.X[0] = *RK++ ^ \ - ( (uint32_t) FSb[ ( t.Y[0] ) & 0xFF ] ) ^ - ( (uint32_t) FSb[ ( t.Y[1] >> 8 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) FSb[ ( t.Y[2] >> 16 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) FSb[ ( t.Y[3] >> 24 ) & 0xFF ] << 24 ); + ( (uint32_t) FSb[ MBEDTLS_BYTE_0( t.Y[0] ) ] ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_1( t.Y[1] ) ] << 8 ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_2( t.Y[2] ) ] << 16 ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_3( t.Y[3] ) ] << 24 ); t.X[1] = *RK++ ^ \ - ( (uint32_t) FSb[ ( t.Y[1] ) & 0xFF ] ) ^ - ( (uint32_t) FSb[ ( t.Y[2] >> 8 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) FSb[ ( t.Y[3] >> 16 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) FSb[ ( t.Y[0] >> 24 ) & 0xFF ] << 24 ); + ( (uint32_t) FSb[ MBEDTLS_BYTE_0( t.Y[1] ) ] ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_1( t.Y[2] ) ] << 8 ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_2( t.Y[3] ) ] << 16 ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_3( t.Y[0] ) ] << 24 ); t.X[2] = *RK++ ^ \ - ( (uint32_t) FSb[ ( t.Y[2] ) & 0xFF ] ) ^ - ( (uint32_t) FSb[ ( t.Y[3] >> 8 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) FSb[ ( t.Y[0] >> 16 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) FSb[ ( t.Y[1] >> 24 ) & 0xFF ] << 24 ); + ( (uint32_t) FSb[ MBEDTLS_BYTE_0( t.Y[2] ) ] ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_1( t.Y[3] ) ] << 8 ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_2( t.Y[0] ) ] << 16 ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_3( t.Y[1] ) ] << 24 ); t.X[3] = *RK++ ^ \ - ( (uint32_t) FSb[ ( t.Y[3] ) & 0xFF ] ) ^ - ( (uint32_t) FSb[ ( t.Y[0] >> 8 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) FSb[ ( t.Y[1] >> 16 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) FSb[ ( t.Y[2] >> 24 ) & 0xFF ] << 24 ); + ( (uint32_t) FSb[ MBEDTLS_BYTE_0( t.Y[3] ) ] ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_1( t.Y[0] ) ] << 8 ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_2( t.Y[1] ) ] << 16 ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_3( t.Y[2] ) ] << 24 ); MBEDTLS_PUT_UINT32_LE( t.X[0], output, 0 ); MBEDTLS_PUT_UINT32_LE( t.X[1], output, 4 ); @@ -928,28 +928,28 @@ int mbedtls_internal_aes_decrypt( mbedtls_aes_context *ctx, AES_RROUND( t.Y[0], t.Y[1], t.Y[2], t.Y[3], t.X[0], t.X[1], t.X[2], t.X[3] ); t.X[0] = *RK++ ^ \ - ( (uint32_t) RSb[ ( t.Y[0] ) & 0xFF ] ) ^ - ( (uint32_t) RSb[ ( t.Y[3] >> 8 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) RSb[ ( t.Y[2] >> 16 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) RSb[ ( t.Y[1] >> 24 ) & 0xFF ] << 24 ); + ( (uint32_t) RSb[ MBEDTLS_BYTE_0( t.Y[0] ) ] ) ^ + ( (uint32_t) RSb[ MBEDTLS_BYTE_1( t.Y[3] ) ] << 8 ) ^ + ( (uint32_t) RSb[ MBEDTLS_BYTE_2( t.Y[2] ) ] << 16 ) ^ + ( (uint32_t) RSb[ MBEDTLS_BYTE_3( t.Y[1] ) ] << 24 ); t.X[1] = *RK++ ^ \ - ( (uint32_t) RSb[ ( t.Y[1] ) & 0xFF ] ) ^ - ( (uint32_t) RSb[ ( t.Y[0] >> 8 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) RSb[ ( t.Y[3] >> 16 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) RSb[ ( t.Y[2] >> 24 ) & 0xFF ] << 24 ); + ( (uint32_t) RSb[ MBEDTLS_BYTE_0( t.Y[1] ) ] ) ^ + ( (uint32_t) RSb[ MBEDTLS_BYTE_1( t.Y[0] ) ] << 8 ) ^ + ( (uint32_t) RSb[ MBEDTLS_BYTE_2( t.Y[3] ) ] << 16 ) ^ + ( (uint32_t) RSb[ MBEDTLS_BYTE_3( t.Y[2] ) ] << 24 ); t.X[2] = *RK++ ^ \ - ( (uint32_t) RSb[ ( t.Y[2] ) & 0xFF ] ) ^ - ( (uint32_t) RSb[ ( t.Y[1] >> 8 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) RSb[ ( t.Y[0] >> 16 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) RSb[ ( t.Y[3] >> 24 ) & 0xFF ] << 24 ); + ( (uint32_t) RSb[ MBEDTLS_BYTE_0( t.Y[2] ) ] ) ^ + ( (uint32_t) RSb[ MBEDTLS_BYTE_1( t.Y[1] ) ] << 8 ) ^ + ( (uint32_t) RSb[ MBEDTLS_BYTE_2( t.Y[0] ) ] << 16 ) ^ + ( (uint32_t) RSb[ MBEDTLS_BYTE_3( t.Y[3] ) ] << 24 ); t.X[3] = *RK++ ^ \ - ( (uint32_t) RSb[ ( t.Y[3] ) & 0xFF ] ) ^ - ( (uint32_t) RSb[ ( t.Y[2] >> 8 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) RSb[ ( t.Y[1] >> 16 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) RSb[ ( t.Y[0] >> 24 ) & 0xFF ] << 24 ); + ( (uint32_t) RSb[ MBEDTLS_BYTE_0( t.Y[3] ) ] ) ^ + ( (uint32_t) RSb[ MBEDTLS_BYTE_1( t.Y[2] ) ] << 8 ) ^ + ( (uint32_t) RSb[ MBEDTLS_BYTE_2( t.Y[1] ) ] << 16 ) ^ + ( (uint32_t) RSb[ MBEDTLS_BYTE_3( t.Y[0] ) ] << 24 ); MBEDTLS_PUT_UINT32_LE( t.X[0], output, 0 ); MBEDTLS_PUT_UINT32_LE( t.X[1], output, 4 ); diff --git a/library/aria.c b/library/aria.c index 320f7758a..6bfdfbdce 100644 --- a/library/aria.c +++ b/library/aria.c @@ -212,22 +212,22 @@ static inline void aria_sl( uint32_t *a, uint32_t *b, const uint8_t sa[256], const uint8_t sb[256], const uint8_t sc[256], const uint8_t sd[256] ) { - *a = ( (uint32_t) sa[ *a & 0xFF] ) ^ - (((uint32_t) sb[(*a >> 8) & 0xFF]) << 8) ^ - (((uint32_t) sc[(*a >> 16) & 0xFF]) << 16) ^ - (((uint32_t) sd[ *a >> 24 ]) << 24); - *b = ( (uint32_t) sa[ *b & 0xFF] ) ^ - (((uint32_t) sb[(*b >> 8) & 0xFF]) << 8) ^ - (((uint32_t) sc[(*b >> 16) & 0xFF]) << 16) ^ - (((uint32_t) sd[ *b >> 24 ]) << 24); - *c = ( (uint32_t) sa[ *c & 0xFF] ) ^ - (((uint32_t) sb[(*c >> 8) & 0xFF]) << 8) ^ - (((uint32_t) sc[(*c >> 16) & 0xFF]) << 16) ^ - (((uint32_t) sd[ *c >> 24 ]) << 24); - *d = ( (uint32_t) sa[ *d & 0xFF] ) ^ - (((uint32_t) sb[(*d >> 8) & 0xFF]) << 8) ^ - (((uint32_t) sc[(*d >> 16) & 0xFF]) << 16) ^ - (((uint32_t) sd[ *d >> 24 ]) << 24); + *a = ( (uint32_t) sa[ MBEDTLS_BYTE_0( *a ) ] ) ^ + (((uint32_t) sb[ MBEDTLS_BYTE_1( *a ) ]) << 8) ^ + (((uint32_t) sc[ MBEDTLS_BYTE_2( *a ) ]) << 16) ^ + (((uint32_t) sd[ *a >> 24 ]) << 24); + *b = ( (uint32_t) sa[ MBEDTLS_BYTE_0( *b ) ] ) ^ + (((uint32_t) sb[ MBEDTLS_BYTE_1( *b ) ]) << 8) ^ + (((uint32_t) sc[ MBEDTLS_BYTE_2( *b ) ]) << 16) ^ + (((uint32_t) sd[ *b >> 24 ]) << 24); + *c = ( (uint32_t) sa[ MBEDTLS_BYTE_0( *c ) ] ) ^ + (((uint32_t) sb[ MBEDTLS_BYTE_1( *c ) ]) << 8) ^ + (((uint32_t) sc[ MBEDTLS_BYTE_2( *c ) ]) << 16) ^ + (((uint32_t) sd[ *c >> 24 ]) << 24); + *d = ( (uint32_t) sa[ MBEDTLS_BYTE_0( *d ) ] ) ^ + (((uint32_t) sb[ MBEDTLS_BYTE_1( *d ) ]) << 8) ^ + (((uint32_t) sc[ MBEDTLS_BYTE_2( *d ) ]) << 16) ^ + (((uint32_t) sd[ *d >> 24 ]) << 24); } /* diff --git a/library/asn1write.c b/library/asn1write.c index 0289e8949..8555767fe 100644 --- a/library/asn1write.c +++ b/library/asn1write.c @@ -60,8 +60,8 @@ int mbedtls_asn1_write_len( unsigned char **p, const unsigned char *start, size_ if( *p - start < 3 ) return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); - *--(*p) = ( len ) & 0xFF; - *--(*p) = ( len >> 8 ) & 0xFF; + *--(*p) = MBEDTLS_CHAR_0( len ); + *--(*p) = MBEDTLS_CHAR_1( len ); *--(*p) = 0x82; return( 3 ); } @@ -71,9 +71,9 @@ int mbedtls_asn1_write_len( unsigned char **p, const unsigned char *start, size_ if( *p - start < 4 ) return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); - *--(*p) = ( len ) & 0xFF; - *--(*p) = ( len >> 8 ) & 0xFF; - *--(*p) = ( len >> 16 ) & 0xFF; + *--(*p) = MBEDTLS_CHAR_0( len ); + *--(*p) = MBEDTLS_CHAR_1( len ); + *--(*p) = MBEDTLS_CHAR_2( len ); *--(*p) = 0x83; return( 4 ); } @@ -85,10 +85,10 @@ int mbedtls_asn1_write_len( unsigned char **p, const unsigned char *start, size_ if( *p - start < 5 ) return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); - *--(*p) = ( len ) & 0xFF; - *--(*p) = ( len >> 8 ) & 0xFF; - *--(*p) = ( len >> 16 ) & 0xFF; - *--(*p) = ( len >> 24 ) & 0xFF; + *--(*p) = MBEDTLS_CHAR_0( len ); + *--(*p) = MBEDTLS_CHAR_1( len ); + *--(*p) = MBEDTLS_CHAR_2( len ); + *--(*p) = MBEDTLS_CHAR_3( len ); *--(*p) = 0x84; return( 5 ); } diff --git a/library/camellia.c b/library/camellia.c index 4d6b468e5..29d730ab5 100644 --- a/library/camellia.c +++ b/library/camellia.c @@ -278,14 +278,14 @@ static void camellia_feistel( const uint32_t x[2], const uint32_t k[2], I0 = x[0] ^ k[0]; I1 = x[1] ^ k[1]; - I0 = ((uint32_t) SBOX1((I0 >> 24) & 0xFF) << 24) | - ((uint32_t) SBOX2((I0 >> 16) & 0xFF) << 16) | - ((uint32_t) SBOX3((I0 >> 8) & 0xFF) << 8) | - ((uint32_t) SBOX4((I0 ) & 0xFF) ); - I1 = ((uint32_t) SBOX2((I1 >> 24) & 0xFF) << 24) | - ((uint32_t) SBOX3((I1 >> 16) & 0xFF) << 16) | - ((uint32_t) SBOX4((I1 >> 8) & 0xFF) << 8) | - ((uint32_t) SBOX1((I1 ) & 0xFF) ); + I0 = ((uint32_t) SBOX1( MBEDTLS_BYTE_3( I0 )) << 24) | + ((uint32_t) SBOX2( MBEDTLS_BYTE_2( I0 )) << 16) | + ((uint32_t) SBOX3( MBEDTLS_BYTE_1( I0 )) << 8) | + ((uint32_t) SBOX4( MBEDTLS_BYTE_0( I0 )) ); + I1 = ((uint32_t) SBOX2( MBEDTLS_BYTE_3( I1 )) << 24) | + ((uint32_t) SBOX3( MBEDTLS_BYTE_2( I1 )) << 16) | + ((uint32_t) SBOX4( MBEDTLS_BYTE_1( I1 )) << 8) | + ((uint32_t) SBOX1( MBEDTLS_BYTE_0( I1 )) ); I0 ^= (I1 << 8) | (I1 >> 24); I1 ^= (I0 << 16) | (I0 >> 16); diff --git a/library/ccm.c b/library/ccm.c index 424ee77b6..95d90dc61 100644 --- a/library/ccm.c +++ b/library/ccm.c @@ -200,7 +200,7 @@ static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length, memcpy( b + 1, iv, iv_len ); for( i = 0, len_left = length; i < q; i++, len_left >>= 8 ) - b[15-i] = (unsigned char)( len_left & 0xFF ); + b[15-i] = MBEDTLS_CHAR_0( len_left ); if( len_left > 0 ) return( MBEDTLS_ERR_CCM_BAD_INPUT ); @@ -221,8 +221,8 @@ static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length, src = add; memset( b, 0, 16 ); - b[0] = (unsigned char)( ( add_len >> 8 ) & 0xFF ); - b[1] = (unsigned char)( ( add_len ) & 0xFF ); + b[0] = MBEDTLS_CHAR_1( add_len ); + b[1] = MBEDTLS_CHAR_0( add_len ); use_len = len_left < 16 - 2 ? len_left : 16 - 2; memcpy( b + 2, src, use_len ); diff --git a/library/common.h b/library/common.h index 4ecc0162b..56c300265 100644 --- a/library/common.h +++ b/library/common.h @@ -77,6 +77,15 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c #define MBEDTLS_BYTE_2( x ) ( (uint8_t) ( ( ( x ) >> 16 ) & 0xff ) ) #define MBEDTLS_BYTE_3( x ) ( (uint8_t) ( ( ( x ) >> 24 ) & 0xff ) ) +#define MBEDTLS_CHAR_0( x ) ( (unsigned char) ( ( x ) & 0xff ) ) +#define MBEDTLS_CHAR_1( x ) ( (unsigned char) ( ( ( x ) >> 8 ) & 0xff ) ) +#define MBEDTLS_CHAR_2( x ) ( (unsigned char) ( ( ( x ) >> 16 ) & 0xff ) ) +#define MBEDTLS_CHAR_3( x ) ( (unsigned char) ( ( ( x ) >> 24 ) & 0xff ) ) +#define MBEDTLS_CHAR_4( x ) ( (unsigned char) ( ( ( x ) >> 32 ) & 0xff ) ) +#define MBEDTLS_CHAR_5( x ) ( (unsigned char) ( ( ( x ) >> 40 ) & 0xff ) ) +#define MBEDTLS_CHAR_6( x ) ( (unsigned char) ( ( ( x ) >> 48 ) & 0xff ) ) +#define MBEDTLS_CHAR_7( x ) ( (unsigned char) ( ( ( x ) >> 56 ) & 0xff ) ) + /** * 32-bit integer manipulation GET macros (big endian) * diff --git a/library/ecjpake.c b/library/ecjpake.c index d22931142..7305dfeee 100644 --- a/library/ecjpake.c +++ b/library/ecjpake.c @@ -180,10 +180,10 @@ static int ecjpake_write_len_point( unsigned char **p, if( ret != 0 ) return( ret ); - (*p)[0] = (unsigned char)( ( len >> 24 ) & 0xFF ); - (*p)[1] = (unsigned char)( ( len >> 16 ) & 0xFF ); - (*p)[2] = (unsigned char)( ( len >> 8 ) & 0xFF ); - (*p)[3] = (unsigned char)( ( len ) & 0xFF ); + (*p)[0] = MBEDTLS_CHAR_3( len ); + (*p)[1] = MBEDTLS_CHAR_2( len ); + (*p)[2] = MBEDTLS_CHAR_1( len ); + (*p)[3] = MBEDTLS_CHAR_0( len ); *p += 4 + len; @@ -223,10 +223,10 @@ static int ecjpake_hash( const mbedtls_md_info_t *md_info, if( end - p < 4 ) return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL ); - *p++ = (unsigned char)( ( id_len >> 24 ) & 0xFF ); - *p++ = (unsigned char)( ( id_len >> 16 ) & 0xFF ); - *p++ = (unsigned char)( ( id_len >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( id_len ) & 0xFF ); + *p++ = MBEDTLS_CHAR_3( id_len ); + *p++ = MBEDTLS_CHAR_2( id_len ); + *p++ = MBEDTLS_CHAR_1( id_len ); + *p++ = MBEDTLS_CHAR_0( id_len ); if( end < p || (size_t)( end - p ) < id_len ) return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL ); @@ -366,7 +366,7 @@ static int ecjpake_zkp_write( const mbedtls_md_info_t *md_info, goto cleanup; } - *(*p)++ = (unsigned char)( len & 0xFF ); + *(*p)++ = MBEDTLS_CHAR_0( len ); MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &h, *p, len ) ); /* r */ *p += len; diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 59c546042..7d65479ef 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -136,18 +136,18 @@ static int ssl_write_hostname_ext( mbedtls_ssl_context *ssl, * } ServerNameList; * */ - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SERVERNAME >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SERVERNAME ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_SERVERNAME ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_SERVERNAME ); - *p++ = (unsigned char)( ( (hostname_len + 5) >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( (hostname_len + 5) ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( hostname_len + 5); + *p++ = MBEDTLS_CHAR_0( hostname_len + 5); - *p++ = (unsigned char)( ( (hostname_len + 3) >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( (hostname_len + 3) ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( hostname_len + 3 ); + *p++ = MBEDTLS_CHAR_0( hostname_len + 3 ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SERVERNAME_HOSTNAME ) & 0xFF ); - *p++ = (unsigned char)( ( hostname_len >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( hostname_len ) & 0xFF ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_SERVERNAME_HOSTNAME ); + *p++ = MBEDTLS_CHAR_1( hostname_len ); + *p++ = MBEDTLS_CHAR_0( hostname_len ); memcpy( p, ssl->hostname, hostname_len ); @@ -181,14 +181,12 @@ static int ssl_write_renegotiation_ext( mbedtls_ssl_context *ssl, /* * Secure renegotiation */ - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO >> 8 ) - & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ) - & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ); *p++ = 0x00; - *p++ = ( ssl->verify_data_len + 1 ) & 0xFF; - *p++ = ssl->verify_data_len & 0xFF; + *p++ = MBEDTLS_CHAR_0( ssl->verify_data_len + 1 ); + *p++ = MBEDTLS_CHAR_0( ssl->verify_data_len ); memcpy( p, ssl->own_verify_data, ssl->verify_data_len ); @@ -283,14 +281,14 @@ static int ssl_write_signature_algorithms_ext( mbedtls_ssl_context *ssl, * SignatureAndHashAlgorithm * supported_signature_algorithms<2..2^16-2>; */ - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SIG_ALG >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SIG_ALG ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_SIG_ALG ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_SIG_ALG ); - *p++ = (unsigned char)( ( ( sig_alg_len + 2 ) >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( ( sig_alg_len + 2 ) ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( sig_alg_len + 2 ); + *p++ = MBEDTLS_CHAR_0( sig_alg_len + 2 ); - *p++ = (unsigned char)( ( sig_alg_len >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( sig_alg_len ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( sig_alg_len ); + *p++ = MBEDTLS_CHAR_0( sig_alg_len ); *olen = 6 + sig_alg_len; @@ -358,16 +356,14 @@ static int ssl_write_supported_elliptic_curves_ext( mbedtls_ssl_context *ssl, elliptic_curve_list[elliptic_curve_len++] = info->tls_id & 0xFF; } - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES >> 8 ) - & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES ) - & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES ); - *p++ = (unsigned char)( ( ( elliptic_curve_len + 2 ) >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( ( elliptic_curve_len + 2 ) ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( elliptic_curve_len + 2 ); + *p++ = MBEDTLS_CHAR_0( elliptic_curve_len + 2 ); - *p++ = (unsigned char)( ( ( elliptic_curve_len ) >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( ( elliptic_curve_len ) ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( elliptic_curve_len ); + *p++ = MBEDTLS_CHAR_0( elliptic_curve_len ); *olen = 6 + elliptic_curve_len; @@ -388,10 +384,8 @@ static int ssl_write_supported_point_formats_ext( mbedtls_ssl_context *ssl, ( "client hello, adding supported_point_formats extension" ) ); MBEDTLS_SSL_CHK_BUF_PTR( p, end, 6 ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS >> 8 ) - & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ) - & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ); *p++ = 0x00; *p++ = 2; @@ -427,8 +421,8 @@ static int ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_CHK_BUF_PTR( p, end, 4 ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ECJPAKE_KKPP >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ); /* * We may need to send ClientHello multiple times for Hello verification. @@ -470,8 +464,8 @@ static int ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl, memcpy( p + 2, ssl->handshake->ecjpake_cache, kkpp_len ); } - *p++ = (unsigned char)( ( kkpp_len >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( kkpp_len ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( kkpp_len ); + *p++ = MBEDTLS_CHAR_0( kkpp_len ); *olen = kkpp_len + 4; @@ -510,11 +504,11 @@ static int ssl_write_cid_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_CHK_BUF_PTR( p, end, (unsigned)( ssl->own_cid_len + 5 ) ); /* Add extension ID + size */ - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_CID >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_CID ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_CID ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_CID ); ext_len = (size_t) ssl->own_cid_len + 1; - *p++ = (unsigned char)( ( ext_len >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( ext_len ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( ext_len ); + *p++ = MBEDTLS_CHAR_0( ext_len ); *p++ = (uint8_t) ssl->own_cid_len; memcpy( p, ssl->own_cid, ssl->own_cid_len ); @@ -543,10 +537,8 @@ static int ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_CHK_BUF_PTR( p, end, 5 ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH >> 8 ) - & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ) - & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ); *p++ = 0x00; *p++ = 1; @@ -577,8 +569,8 @@ static int ssl_write_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_CHK_BUF_PTR( p, end, 4 ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ); *p++ = 0x00; *p++ = 0x00; @@ -607,10 +599,8 @@ static int ssl_write_extended_ms_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_CHK_BUF_PTR( p, end, 4 ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET >> 8 ) - & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ) - & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ); *p++ = 0x00; *p++ = 0x00; @@ -641,11 +631,11 @@ static int ssl_write_session_ticket_ext( mbedtls_ssl_context *ssl, /* The addition is safe here since the ticket length is 16 bit. */ MBEDTLS_SSL_CHK_BUF_PTR( p, end, 4 + tlen ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SESSION_TICKET >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SESSION_TICKET ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_SESSION_TICKET ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_SESSION_TICKET ); - *p++ = (unsigned char)( ( tlen >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( tlen ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( tlen ); + *p++ = MBEDTLS_CHAR_0( tlen ); *olen = 4; @@ -685,8 +675,8 @@ static int ssl_write_alpn_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_CHK_BUF_PTR( p, end, 6 + alpnlen ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ALPN >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ALPN ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_ALPN ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_ALPN ); /* * opaque ProtocolName<1..2^8-1>; @@ -713,12 +703,12 @@ static int ssl_write_alpn_ext( mbedtls_ssl_context *ssl, *olen = p - buf; /* List length = olen - 2 (ext_type) - 2 (ext_len) - 2 (list_len) */ - buf[4] = (unsigned char)( ( ( *olen - 6 ) >> 8 ) & 0xFF ); - buf[5] = (unsigned char)( ( ( *olen - 6 ) ) & 0xFF ); + buf[4] = MBEDTLS_CHAR_1( *olen - 6 ); + buf[5] = MBEDTLS_CHAR_0( *olen - 6 ); /* Extension length = olen - 2 (ext_type) - 2 (ext_len) */ - buf[2] = (unsigned char)( ( ( *olen - 4 ) >> 8 ) & 0xFF ); - buf[3] = (unsigned char)( ( ( *olen - 4 ) ) & 0xFF ); + buf[2] = MBEDTLS_CHAR_1( *olen - 4 ); + buf[3] = MBEDTLS_CHAR_0( *olen - 4 ); return( 0 ); } @@ -770,12 +760,12 @@ static int ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, */ MBEDTLS_SSL_CHK_BUF_PTR( p, end, ext_len + 4 ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_USE_SRTP >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_USE_SRTP ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_USE_SRTP ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_USE_SRTP ); - *p++ = (unsigned char)( ( ( ext_len & 0xFF00 ) >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ext_len & 0xFF ); + *p++ = MBEDTLS_CHAR_1( ext_len & 0xFF00 ); + *p++ = MBEDTLS_CHAR_0( ext_len ); /* protection profile length: 2*(ssl->conf->dtls_srtp_profile_list_len) */ /* micro-optimization: @@ -786,8 +776,7 @@ static int ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, * >> 8 ) & 0xFF ); */ *p++ = 0; - *p++ = (unsigned char)( ( 2 * ssl->conf->dtls_srtp_profile_list_len ) - & 0xFF ); + *p++ = MBEDTLS_CHAR_0( 2 * ssl->conf->dtls_srtp_profile_list_len ); for( protection_profiles_index=0; protection_profiles_index < ssl->conf->dtls_srtp_profile_list_len; @@ -799,8 +788,8 @@ static int ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, { MBEDTLS_SSL_DEBUG_MSG( 3, ( "ssl_write_use_srtp_ext, add profile: %04x", profile_value ) ); - *p++ = ( ( profile_value >> 8 ) & 0xFF ); - *p++ = ( profile_value & 0xFF ); + *p++ = MBEDTLS_BYTE_1( profile_value ); + *p++ = MBEDTLS_BYTE_0( profile_value ); } else { @@ -1334,8 +1323,8 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl ) { /* No need to check for space here, because the extension * writing functions already took care of that. */ - *p++ = (unsigned char)( ( ext_len >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( ext_len ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( ext_len ); + *p++ = MBEDTLS_CHAR_0( ext_len ); p += ext_len; } diff --git a/library/ssl_msg.c b/library/ssl_msg.c index 77904e0a1..e0c50bcce 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -454,15 +454,15 @@ static void ssl_extract_add_data_from_record( unsigned char* add_data, *cur = rec->cid_len; cur++; - cur[0] = ( ad_len_field >> 8 ) & 0xFF; - cur[1] = ( ad_len_field >> 0 ) & 0xFF; + cur[0] = MBEDTLS_CHAR_1( ad_len_field ); + cur[1] = MBEDTLS_CHAR_0( ad_len_field ); cur += 2; } else #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ { - cur[0] = ( ad_len_field >> 8 ) & 0xFF; - cur[1] = ( ad_len_field >> 0 ) & 0xFF; + cur[0] = MBEDTLS_CHAR_1( ad_len_field ); + cur[1] = MBEDTLS_CHAR_0( ad_len_field ); cur += 2; } @@ -2481,8 +2481,8 @@ int mbedtls_ssl_write_handshake_msg_ext( mbedtls_ssl_context *ssl, /* Write message_seq and update it, except for HelloRequest */ if( hs_type != MBEDTLS_SSL_HS_HELLO_REQUEST ) { - ssl->out_msg[4] = ( ssl->handshake->out_msg_seq >> 8 ) & 0xFF; - ssl->out_msg[5] = ( ssl->handshake->out_msg_seq ) & 0xFF; + ssl->out_msg[4] = MBEDTLS_CHAR_1( ssl->handshake->out_msg_seq ); + ssl->out_msg[5] = MBEDTLS_CHAR_0( ssl->handshake->out_msg_seq ); ++( ssl->handshake->out_msg_seq ); } else diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 3d6739342..253ab5695 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -1848,8 +1848,8 @@ read_record_header: for( j = 0, p = buf + ciph_offset + 2; j < ciph_len; j += 2, p += 2 ) for( i = 0; ciphersuites[i] != 0; i++ ) { - if( p[0] != ( ( ciphersuites[i] >> 8 ) & 0xFF ) || - p[1] != ( ( ciphersuites[i] ) & 0xFF ) ) + if( p[0] != MBEDTLS_BYTE_1( ciphersuites[i] ) || + p[1] != MBEDTLS_BYTE_0( ciphersuites[i] )) continue; got_common_suite = 1; @@ -1865,8 +1865,8 @@ read_record_header: for( i = 0; ciphersuites[i] != 0; i++ ) for( j = 0, p = buf + ciph_offset + 2; j < ciph_len; j += 2, p += 2 ) { - if( p[0] != ( ( ciphersuites[i] >> 8 ) & 0xFF ) || - p[1] != ( ( ciphersuites[i] ) & 0xFF ) ) + if( p[0] != MBEDTLS_BYTE_1( ciphersuites[i] ) || + p[1] != MBEDTLS_BYTE_0( ciphersuites[i] )) continue; got_common_suite = 1; @@ -1971,11 +1971,11 @@ static void ssl_write_cid_ext( mbedtls_ssl_context *ssl, * } ConnectionId; */ - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_CID >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_CID ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_CID ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_CID ); ext_len = (size_t) ssl->own_cid_len + 1; - *p++ = (unsigned char)( ( ext_len >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( ext_len ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( ext_len ); + *p++ = MBEDTLS_CHAR_0( ext_len ); *p++ = (uint8_t) ssl->own_cid_len; memcpy( p, ssl->own_cid, ssl->own_cid_len ); @@ -2016,8 +2016,8 @@ static void ssl_write_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding encrypt then mac extension" ) ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ); *p++ = 0x00; *p++ = 0x00; @@ -2042,8 +2042,8 @@ static void ssl_write_extended_ms_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding extended master secret " "extension" ) ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ); *p++ = 0x00; *p++ = 0x00; @@ -2067,8 +2067,8 @@ static void ssl_write_session_ticket_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding session ticket extension" ) ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SESSION_TICKET >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SESSION_TICKET ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_SESSION_TICKET ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_SESSION_TICKET ); *p++ = 0x00; *p++ = 0x00; @@ -2091,8 +2091,8 @@ static void ssl_write_renegotiation_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, secure renegotiation extension" ) ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ); #if defined(MBEDTLS_SSL_RENEGOTIATION) if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE ) @@ -2132,8 +2132,8 @@ static void ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, max_fragment_length extension" ) ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ); *p++ = 0x00; *p++ = 1; @@ -2162,8 +2162,8 @@ static void ssl_write_supported_point_formats_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, supported_point_formats extension" ) ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ); *p++ = 0x00; *p++ = 2; @@ -2200,8 +2200,8 @@ static void ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl, return; } - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ECJPAKE_KKPP >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ); ret = mbedtls_ecjpake_write_round_one( &ssl->handshake->ecjpake_ctx, p + 2, end - p - 2, &kkpp_len, @@ -2212,8 +2212,8 @@ static void ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl, return; } - *p++ = (unsigned char)( ( kkpp_len >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( kkpp_len ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( kkpp_len ); + *p++ = MBEDTLS_CHAR_0( kkpp_len ); *olen = kkpp_len + 4; } @@ -2238,18 +2238,18 @@ static void ssl_write_alpn_ext( mbedtls_ssl_context *ssl, * 6 . 6 protocol name length * 7 . 7+n protocol name */ - buf[0] = (unsigned char)( ( MBEDTLS_TLS_EXT_ALPN >> 8 ) & 0xFF ); - buf[1] = (unsigned char)( ( MBEDTLS_TLS_EXT_ALPN ) & 0xFF ); + buf[0] = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_ALPN ); + buf[1] = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_ALPN ); *olen = 7 + strlen( ssl->alpn_chosen ); - buf[2] = (unsigned char)( ( ( *olen - 4 ) >> 8 ) & 0xFF ); - buf[3] = (unsigned char)( ( ( *olen - 4 ) ) & 0xFF ); + buf[2] = MBEDTLS_CHAR_1( *olen - 4 ); + buf[3] = MBEDTLS_CHAR_0( *olen - 4 ); - buf[4] = (unsigned char)( ( ( *olen - 6 ) >> 8 ) & 0xFF ); - buf[5] = (unsigned char)( ( ( *olen - 6 ) ) & 0xFF ); + buf[4] = MBEDTLS_CHAR_1( *olen - 6 ); + buf[5] = MBEDTLS_CHAR_0( *olen - 6 ); - buf[6] = (unsigned char)( ( ( *olen - 7 ) ) & 0xFF ); + buf[6] = MBEDTLS_CHAR_0( *olen - 7 ); memcpy( buf + 7, ssl->alpn_chosen, *olen - 7 ); } @@ -2294,15 +2294,15 @@ static void ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, } /* extension */ - buf[0] = (unsigned char)( ( MBEDTLS_TLS_EXT_USE_SRTP >> 8 ) & 0xFF ); - buf[1] = (unsigned char)( ( MBEDTLS_TLS_EXT_USE_SRTP ) & 0xFF ); + buf[0] = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_USE_SRTP ); + buf[1] = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_USE_SRTP ); /* * total length 5 and mki value: only one profile(2 bytes) * and length(2 bytes) and srtp_mki ) */ ext_len = 5 + mki_len; - buf[2] = (unsigned char)( ( ext_len >> 8 ) & 0xFF ); - buf[3] = (unsigned char)( ext_len & 0xFF ); + buf[2] = MBEDTLS_CHAR_1( ext_len ); + buf[3] = MBEDTLS_CHAR_0( ext_len ); /* protection profile length: 2 */ buf[4] = 0x00; @@ -2311,8 +2311,8 @@ static void ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, ssl->dtls_srtp_info.chosen_dtls_srtp_profile ); if( profile_value != MBEDTLS_TLS_SRTP_UNSET ) { - buf[6] = (unsigned char)( ( profile_value >> 8 ) & 0xFF ); - buf[7] = (unsigned char)( profile_value & 0xFF ); + buf[6] = MBEDTLS_CHAR_1( profile_value ); + buf[7] = MBEDTLS_CHAR_0( profile_value ); } else { @@ -2648,8 +2648,8 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl ) if( ext_len > 0 ) { - *p++ = (unsigned char)( ( ext_len >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( ext_len ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( ext_len ); + *p++ = MBEDTLS_CHAR_0( ext_len ); p += ext_len; } @@ -3478,8 +3478,8 @@ static int ssl_decrypt_encrypted_pms( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } - if( *p++ != ( ( len >> 8 ) & 0xFF ) || - *p++ != ( ( len ) & 0xFF ) ) + if( *p++ != MBEDTLS_CHAR_1( len ) || + *p++ != MBEDTLS_CHAR_0( len ) ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); return( MBEDTLS_ERR_SSL_DECODE_ERROR ); @@ -4223,13 +4223,13 @@ static int ssl_write_new_session_ticket( mbedtls_ssl_context *ssl ) tlen = 0; } - ssl->out_msg[4] = ( lifetime >> 24 ) & 0xFF; - ssl->out_msg[5] = ( lifetime >> 16 ) & 0xFF; - ssl->out_msg[6] = ( lifetime >> 8 ) & 0xFF; - ssl->out_msg[7] = ( lifetime ) & 0xFF; + ssl->out_msg[4] = MBEDTLS_CHAR_3( lifetime ); + ssl->out_msg[5] = MBEDTLS_CHAR_2( lifetime ); + ssl->out_msg[6] = MBEDTLS_CHAR_1( lifetime ); + ssl->out_msg[7] = MBEDTLS_CHAR_0( lifetime ); - ssl->out_msg[8] = (unsigned char)( ( tlen >> 8 ) & 0xFF ); - ssl->out_msg[9] = (unsigned char)( ( tlen ) & 0xFF ); + ssl->out_msg[8] = MBEDTLS_CHAR_1( tlen ); + ssl->out_msg[9] = MBEDTLS_CHAR_0( tlen ); ssl->out_msglen = 10 + tlen; diff --git a/library/ssl_tls.c b/library/ssl_tls.c index f8cad4aec..0655dc57e 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -4582,8 +4582,8 @@ static unsigned char ssl_serialized_session_header[] = { MBEDTLS_VERSION_MAJOR, MBEDTLS_VERSION_MINOR, MBEDTLS_VERSION_PATCH, - ( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG >> 8 ) & 0xFF, - ( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG >> 0 ) & 0xFF, + MBEDTLS_CHAR_1( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG ), + MBEDTLS_CHAR_0( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG ), }; /* @@ -4664,14 +4664,14 @@ static size_t ssl_session_save_tls12( const mbedtls_ssl_session *session, { start = (uint64_t) session->start; - *p++ = (unsigned char)( ( start >> 56 ) & 0xFF ); - *p++ = (unsigned char)( ( start >> 48 ) & 0xFF ); - *p++ = (unsigned char)( ( start >> 40 ) & 0xFF ); - *p++ = (unsigned char)( ( start >> 32 ) & 0xFF ); - *p++ = (unsigned char)( ( start >> 24 ) & 0xFF ); - *p++ = (unsigned char)( ( start >> 16 ) & 0xFF ); - *p++ = (unsigned char)( ( start >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( start ) & 0xFF ); + *p++ = MBEDTLS_CHAR_7( start ); + *p++ = MBEDTLS_CHAR_6( start ); + *p++ = MBEDTLS_CHAR_5( start ); + *p++ = MBEDTLS_CHAR_4( start ); + *p++ = MBEDTLS_CHAR_3( start ); + *p++ = MBEDTLS_CHAR_2( start ); + *p++ = MBEDTLS_CHAR_1( start ); + *p++ = MBEDTLS_CHAR_0( start ); } #endif /* MBEDTLS_HAVE_TIME */ @@ -4687,22 +4687,22 @@ static size_t ssl_session_save_tls12( const mbedtls_ssl_session *session, if( used <= buf_len ) { - *p++ = (unsigned char)( ( session->ciphersuite >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( session->ciphersuite ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( session->ciphersuite ); + *p++ = MBEDTLS_CHAR_0( session->ciphersuite ); - *p++ = (unsigned char)( session->compression & 0xFF ); + *p++ = MBEDTLS_CHAR_0( session->compression ); - *p++ = (unsigned char)( session->id_len & 0xFF ); + *p++ = MBEDTLS_CHAR_0( session->id_len ); memcpy( p, session->id, 32 ); p += 32; memcpy( p, session->master, 48 ); p += 48; - *p++ = (unsigned char)( ( session->verify_result >> 24 ) & 0xFF ); - *p++ = (unsigned char)( ( session->verify_result >> 16 ) & 0xFF ); - *p++ = (unsigned char)( ( session->verify_result >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( session->verify_result ) & 0xFF ); + *p++ = MBEDTLS_CHAR_3( session->verify_result ); + *p++ = MBEDTLS_CHAR_2( session->verify_result ); + *p++ = MBEDTLS_CHAR_1( session->verify_result ); + *p++ = MBEDTLS_CHAR_0( session->verify_result ); } /* @@ -4719,9 +4719,9 @@ static size_t ssl_session_save_tls12( const mbedtls_ssl_session *session, if( used <= buf_len ) { - *p++ = (unsigned char)( ( cert_len >> 16 ) & 0xFF ); - *p++ = (unsigned char)( ( cert_len >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( cert_len ) & 0xFF ); + *p++ = MBEDTLS_CHAR_2( cert_len ); + *p++ = MBEDTLS_CHAR_1( cert_len ); + *p++ = MBEDTLS_CHAR_0( cert_len ); if( session->peer_cert != NULL ) { @@ -4762,9 +4762,9 @@ static size_t ssl_session_save_tls12( const mbedtls_ssl_session *session, if( used <= buf_len ) { - *p++ = (unsigned char)( ( session->ticket_len >> 16 ) & 0xFF ); - *p++ = (unsigned char)( ( session->ticket_len >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( session->ticket_len ) & 0xFF ); + *p++ = MBEDTLS_CHAR_2( session->ticket_len ); + *p++ = MBEDTLS_CHAR_1( session->ticket_len ); + *p++ = MBEDTLS_CHAR_0( session->ticket_len ); if( session->ticket != NULL ) { @@ -4772,10 +4772,10 @@ static size_t ssl_session_save_tls12( const mbedtls_ssl_session *session, p += session->ticket_len; } - *p++ = (unsigned char)( ( session->ticket_lifetime >> 24 ) & 0xFF ); - *p++ = (unsigned char)( ( session->ticket_lifetime >> 16 ) & 0xFF ); - *p++ = (unsigned char)( ( session->ticket_lifetime >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( session->ticket_lifetime ) & 0xFF ); + *p++ = MBEDTLS_CHAR_3( session->ticket_lifetime ); + *p++ = MBEDTLS_CHAR_2( session->ticket_lifetime ); + *p++ = MBEDTLS_CHAR_1( session->ticket_lifetime ); + *p++ = MBEDTLS_CHAR_0( session->ticket_lifetime ); } #endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */ @@ -4793,7 +4793,7 @@ static size_t ssl_session_save_tls12( const mbedtls_ssl_session *session, used += 1; if( used <= buf_len ) - *p++ = (unsigned char)( ( session->encrypt_then_mac ) & 0xFF ); + *p++ = MBEDTLS_CHAR_0( session->encrypt_then_mac ); #endif return( used ); @@ -5568,11 +5568,11 @@ static unsigned char ssl_serialized_context_header[] = { MBEDTLS_VERSION_MAJOR, MBEDTLS_VERSION_MINOR, MBEDTLS_VERSION_PATCH, - ( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG >> 8 ) & 0xFF, - ( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG >> 0 ) & 0xFF, - ( SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG >> 16 ) & 0xFF, - ( SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG >> 8 ) & 0xFF, - ( SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG >> 0 ) & 0xFF, + MBEDTLS_CHAR_1( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG ), + MBEDTLS_CHAR_0( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG ), + MBEDTLS_CHAR_2( SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG ), + MBEDTLS_CHAR_1( SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG ), + MBEDTLS_CHAR_0( SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG ), }; /* @@ -5713,10 +5713,10 @@ int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl, used += 4 + session_len; if( used <= buf_len ) { - *p++ = (unsigned char)( ( session_len >> 24 ) & 0xFF ); - *p++ = (unsigned char)( ( session_len >> 16 ) & 0xFF ); - *p++ = (unsigned char)( ( session_len >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( session_len ) & 0xFF ); + *p++ = MBEDTLS_CHAR_3( session_len ); + *p++ = MBEDTLS_CHAR_2( session_len ); + *p++ = MBEDTLS_CHAR_1( session_len ); + *p++ = MBEDTLS_CHAR_0( session_len ); ret = ssl_session_save( ssl->session, 1, p, session_len, &session_len ); @@ -5757,33 +5757,33 @@ int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl, used += 4; if( used <= buf_len ) { - *p++ = (unsigned char)( ( ssl->badmac_seen >> 24 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->badmac_seen >> 16 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->badmac_seen >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->badmac_seen ) & 0xFF ); + *p++ = MBEDTLS_CHAR_3( ssl->badmac_seen ); + *p++ = MBEDTLS_CHAR_2( ssl->badmac_seen ); + *p++ = MBEDTLS_CHAR_1( ssl->badmac_seen ); + *p++ = MBEDTLS_CHAR_0( ssl->badmac_seen ); } #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) used += 16; if( used <= buf_len ) { - *p++ = (unsigned char)( ( ssl->in_window_top >> 56 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->in_window_top >> 48 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->in_window_top >> 40 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->in_window_top >> 32 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->in_window_top >> 24 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->in_window_top >> 16 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->in_window_top >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->in_window_top ) & 0xFF ); + *p++ = MBEDTLS_CHAR_7( ssl->in_window_top ); + *p++ = MBEDTLS_CHAR_6( ssl->in_window_top ); + *p++ = MBEDTLS_CHAR_5( ssl->in_window_top ); + *p++ = MBEDTLS_CHAR_4( ssl->in_window_top ); + *p++ = MBEDTLS_CHAR_3( ssl->in_window_top ); + *p++ = MBEDTLS_CHAR_2( ssl->in_window_top ); + *p++ = MBEDTLS_CHAR_1( ssl->in_window_top ); + *p++ = MBEDTLS_CHAR_0( ssl->in_window_top ); - *p++ = (unsigned char)( ( ssl->in_window >> 56 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->in_window >> 48 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->in_window >> 40 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->in_window >> 32 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->in_window >> 24 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->in_window >> 16 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->in_window >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->in_window ) & 0xFF ); + *p++ = MBEDTLS_CHAR_7( ssl->in_window ); + *p++ = MBEDTLS_CHAR_6( ssl->in_window ); + *p++ = MBEDTLS_CHAR_5( ssl->in_window ); + *p++ = MBEDTLS_CHAR_4( ssl->in_window ); + *p++ = MBEDTLS_CHAR_3( ssl->in_window ); + *p++ = MBEDTLS_CHAR_2( ssl->in_window ); + *p++ = MBEDTLS_CHAR_1( ssl->in_window ); + *p++ = MBEDTLS_CHAR_0( ssl->in_window ); } #endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */ @@ -5806,8 +5806,8 @@ int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl, used += 2; if( used <= buf_len ) { - *p++ = (unsigned char)( ( ssl->mtu >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->mtu ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( ssl->mtu ); + *p++ = MBEDTLS_CHAR_0( ssl->mtu ); } #endif /* MBEDTLS_SSL_PROTO_DTLS */ diff --git a/library/ssl_tls13_keys.c b/library/ssl_tls13_keys.c index 902f99ea8..9e629cb0b 100644 --- a/library/ssl_tls13_keys.c +++ b/library/ssl_tls13_keys.c @@ -113,17 +113,17 @@ static void ssl_tls1_3_hkdf_encode_label( #endif *p++ = 0; - *p++ = (unsigned char)( ( desired_length >> 0 ) & 0xFF ); + *p++ = MBEDTLS_CHAR_0( desired_length ); /* Add label incl. prefix */ - *p++ = (unsigned char)( total_label_len & 0xFF ); + *p++ = MBEDTLS_CHAR_0( total_label_len ); memcpy( p, tls1_3_label_prefix, sizeof(tls1_3_label_prefix) ); p += sizeof(tls1_3_label_prefix); memcpy( p, label, llen ); p += llen; /* Add context value */ - *p++ = (unsigned char)( clen & 0xFF ); + *p++ = MBEDTLS_CHAR_0( clen ); if( clen != 0 ) memcpy( p, ctx, clen ); From 635231a71ef0a055bad5dd46e66bfdcff1027c98 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Wed, 14 Jul 2021 11:53:07 +0100 Subject: [PATCH 15/32] Improve common.h macro documentation Imrpoved the descriptions of the macros and parameters and changing the name of the MBEDTLS_PUT_UINT... macro parameters to be more descriptive Signed-off-by: Joe Subbiani --- library/common.h | 140 ++++++++++++++++++----------------------------- 1 file changed, 52 insertions(+), 88 deletions(-) diff --git a/library/common.h b/library/common.h index 56c300265..f7a9c9da6 100644 --- a/library/common.h +++ b/library/common.h @@ -87,18 +87,13 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c #define MBEDTLS_CHAR_7( x ) ( (unsigned char) ( ( ( x ) >> 56 ) & 0xff ) ) /** - * 32-bit integer manipulation GET macros (big endian) + * Get the unsigned 32 bits integer corresponding to four bytes in + * big-endian order (MSB first). * - * \brief Use this to assign an unsigned 32 bit integer - * by taking data stored adjacent in memory that - * can be accessed via on offset - * Big Endian is used when wanting to - * transmit the most signifcant bits first - * - * \param data The data used to translate to a 32 bit - * integer - * \param offset the shift in bytes to access the next byte - * of data + * \param data Base address of the memory to get the four bytes from. + * \param offset Offset from \p base of the first and most significant + * byte of the four bytes to build the 32 bits unsigned + * integer from. */ #ifndef MBEDTLS_GET_UINT32_BE #define MBEDTLS_GET_UINT32_BE( data , offset ) \ @@ -111,44 +106,32 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c #endif /** - * 32-bit integer manipulation PUT macros (big endian) + * Put in memory a 32 bits unsigned integer in big-endian order. * - * \brief Read from a 32 bit integer and store each byte - * in memory, offset by a specified amount, resulting - * in each byte being adjacent in memory. - * Big Endian is used when wanting to - * transmit the most signifcant bits first - * - * \param n 32 bit integer where data is accessed - * \param b const unsigned char array of data to be - * manipulated - * \param i offset in bytes, In the case of UINT32, i - * would increment by 4 every use assuming - * the data is being stored in the same location + * \param n 32 bits unsigned integer to put in memory + * \param data Base address of the memory where to put the 32 + * bits unsigned integer in. + * \param offset Offset from \p base where to put the most significant + * byte of the 32 bits unsigned integer \p n. */ #ifndef MBEDTLS_PUT_UINT32_BE -#define MBEDTLS_PUT_UINT32_BE(n,b,i) \ - do { \ - (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \ - (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \ - (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \ - (b)[(i) + 3] = (unsigned char) ( (n) ); \ +#define MBEDTLS_PUT_UINT32_BE( n, data, offset ) \ + do { \ + ( data )[( offset ) ] = (unsigned char) ( (n) >> 24 ); \ + ( data )[( offset ) + 1] = (unsigned char) ( (n) >> 16 ); \ + ( data )[( offset ) + 2] = (unsigned char) ( (n) >> 8 ); \ + ( data )[( offset ) + 3] = (unsigned char) ( (n) ); \ } while( 0 ) #endif /** - * 32-bit integer manipulation GET macros (little endian) + * Get the unsigned 32 bits integer corresponding to four bytes in + * little-endian order (LSB first). * - * \brief Use this to assign an unsigned 32 bit integer - * by taking data stored adjacent in memory that - * can be accessed via on offset - * Little Endian is used when wanting to - * transmit the least signifcant bits first - * - * \param data The data used to translate to a 32 bit - * integer - * \param offset the shift in bytes to access the next byte - * of data + * \param data Base address of the memory to get the four bytes from. + * \param offset Offset from \p base of the first and least significant + * byte of the four bytes to build the 32 bits unsigned + * integer from. */ #ifndef MBEDTLS_GET_UINT32_LE #define MBEDTLS_GET_UINT32_LE( data, offset ) \ @@ -161,44 +144,32 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c #endif /** - * 32-bit integer manipulation PUT macros (little endian) + * Put in memory a 32 bits unsigned integer in little-endian order. * - * \brief Read from a 32 bit integer and store each byte - * in memory, offset by a specified amount, resulting - * in each byte being adjacent in memory. - * Little Endian is used when wanting to - * transmit the least signifcant bits first - * - * \param n 32 bit integer where data is accessed - * \param b const unsigned char array of data to be - * manipulated - * \param i offset in bytes, In the case of UINT32, i - * would increment by 4 every use assuming - * the data is being stored in the same location + * \param n 32 bits unsigned integer to put in memory + * \param data Base address of the memory where to put the 32 + * bits unsigned integer in. + * \param offset Offset from \p base where to put the least significant + * byte of the 32 bits unsigned integer \p n. */ #ifndef MBEDTLS_PUT_UINT32_LE -#define MBEDTLS_PUT_UINT32_LE(n,b,i) \ - do { \ - (b)[(i) ] = (unsigned char) ( ( (n) ) & 0xFF ); \ - (b)[(i) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \ - (b)[(i) + 2] = (unsigned char) ( ( (n) >> 16 ) & 0xFF ); \ - (b)[(i) + 3] = (unsigned char) ( ( (n) >> 24 ) & 0xFF ); \ +#define MBEDTLS_PUT_UINT32_LE( n, data, offset ) \ + do { \ + ( data )[( offset ) ] = (unsigned char) ( ( (n) ) & 0xFF ); \ + ( data )[( offset ) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \ + ( data )[( offset ) + 2] = (unsigned char) ( ( (n) >> 16 ) & 0xFF ); \ + ( data )[( offset ) + 3] = (unsigned char) ( ( (n) >> 24 ) & 0xFF ); \ } while( 0 ) #endif /** - * 16-bit integer manipulation GET macros (little endian) + * Get the unsigned 16 bits integer corresponding to four bytes in + * little-endian order (LSB first). * - * \brief Use this to assign an unsigned 16 bit integer - * by taking data stored adjacent in memory that - * can be accessed via on offset - * Little Endian is used when wanting to - * transmit the least signifcant bits first - * - * \param data The data used to translate to a 16 bit - * integer - * \param offset the shit in bytes to access the next byte - * of data + * \param data Base address of the memory to get the four bytes from. + * \param offset Offset from \p base of the first and least significant + * byte of the four bytes to build the 16 bits unsigned + * integer from. */ #ifndef MBEDTLS_GET_UINT16_LE #define MBEDTLS_GET_UINT16_LE( data, offset ) \ @@ -209,26 +180,19 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c #endif /** - * 16-bit integer manipulation PUT macros (little endian) + * Put in memory a 16 bits unsigned integer in little-endian order. * - * \brief Read from a 16 bit integer and store each byte - * in memory, offset by a specified amount, resulting - * in each byte being adjacent in memory. - * Little Endian is used when wanting to - * transmit the least signifcant bits first - * - * \param n 16 bit integer where data is accessed - * \param b const unsigned char array of data to be - * manipulated - * \param i offset in bytes, In the case of UINT16, i - * would increment by 2 every use assuming - * the data is being stored in the same location + * \param n 16 bits unsigned integer to put in memory + * \param data Base address of the memory where to put the 16 + * bits unsigned integer in. + * \param offset Offset from \p base where to put the least significant + * byte of the 16 bits unsigned integer \p n. */ #ifndef MBEDTLS_PUT_UINT16_LE -#define MBEDTLS_PUT_UINT16_LE( n, b, i ) \ -{ \ - (b)[(i) ] = (unsigned char) ( ( (n) ) & 0xFF ); \ - (b)[(i) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \ +#define MBEDTLS_PUT_UINT16_LE( n, data, offset ) \ +{ \ + ( data )[( offset ) ] = (unsigned char) ( ( (n) ) & 0xFF ); \ + ( data )[( offset ) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \ } #endif From 54550f7fca255769c4a2d9f5e089caddde4b0c6c Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Wed, 14 Jul 2021 11:59:48 +0100 Subject: [PATCH 16/32] Replace 3 byte shift with appropriate macro aria.c has a shift by 3 bytes, but does not use the 0xff masking. aparently this is not a problem and it is tidier to use the maco. Signed-off-by: Joe Subbiani --- library/aria.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/library/aria.c b/library/aria.c index 6bfdfbdce..bc05c4a31 100644 --- a/library/aria.c +++ b/library/aria.c @@ -215,19 +215,19 @@ static inline void aria_sl( uint32_t *a, uint32_t *b, *a = ( (uint32_t) sa[ MBEDTLS_BYTE_0( *a ) ] ) ^ (((uint32_t) sb[ MBEDTLS_BYTE_1( *a ) ]) << 8) ^ (((uint32_t) sc[ MBEDTLS_BYTE_2( *a ) ]) << 16) ^ - (((uint32_t) sd[ *a >> 24 ]) << 24); + (((uint32_t) sd[ MBEDTLS_BYTE_3( *a ) ]) << 24); *b = ( (uint32_t) sa[ MBEDTLS_BYTE_0( *b ) ] ) ^ (((uint32_t) sb[ MBEDTLS_BYTE_1( *b ) ]) << 8) ^ (((uint32_t) sc[ MBEDTLS_BYTE_2( *b ) ]) << 16) ^ - (((uint32_t) sd[ *b >> 24 ]) << 24); + (((uint32_t) sd[ MBEDTLS_BYTE_3( *b ) ]) << 24); *c = ( (uint32_t) sa[ MBEDTLS_BYTE_0( *c ) ] ) ^ (((uint32_t) sb[ MBEDTLS_BYTE_1( *c ) ]) << 8) ^ (((uint32_t) sc[ MBEDTLS_BYTE_2( *c ) ]) << 16) ^ - (((uint32_t) sd[ *c >> 24 ]) << 24); + (((uint32_t) sd[ MBEDTLS_BYTE_3( *c ) ]) << 24); *d = ( (uint32_t) sa[ MBEDTLS_BYTE_0( *d ) ] ) ^ (((uint32_t) sb[ MBEDTLS_BYTE_1( *d ) ]) << 8) ^ (((uint32_t) sc[ MBEDTLS_BYTE_2( *d ) ]) << 16) ^ - (((uint32_t) sd[ *d >> 24 ]) << 24); + (((uint32_t) sd[ MBEDTLS_BYTE_3( *d ) ]) << 24); } /* From f5462d989c8674805d3566cf4d85029da0f18717 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Tue, 13 Jul 2021 12:13:19 +0100 Subject: [PATCH 17/32] Remove trailing whitespaces Signed-off-by: Joe Subbiani --- library/common.h | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/library/common.h b/library/common.h index f7a9c9da6..87f0d66bc 100644 --- a/library/common.h +++ b/library/common.h @@ -87,12 +87,12 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c #define MBEDTLS_CHAR_7( x ) ( (unsigned char) ( ( ( x ) >> 56 ) & 0xff ) ) /** - * Get the unsigned 32 bits integer corresponding to four bytes in + * Get the unsigned 32 bits integer corresponding to four bytes in * big-endian order (MSB first). * * \param data Base address of the memory to get the four bytes from. - * \param offset Offset from \p base of the first and most significant - * byte of the four bytes to build the 32 bits unsigned + * \param offset Offset from \p base of the first and most significant + * byte of the four bytes to build the 32 bits unsigned * integer from. */ #ifndef MBEDTLS_GET_UINT32_BE @@ -108,10 +108,10 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c /** * Put in memory a 32 bits unsigned integer in big-endian order. * - * \param n 32 bits unsigned integer to put in memory - * \param data Base address of the memory where to put the 32 + * \param n 32 bits unsigned integer to put in memory. + * \param data Base address of the memory where to put the 32 * bits unsigned integer in. - * \param offset Offset from \p base where to put the most significant + * \param offset Offset from \p base where to put the most significant * byte of the 32 bits unsigned integer \p n. */ #ifndef MBEDTLS_PUT_UINT32_BE @@ -125,12 +125,12 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c #endif /** - * Get the unsigned 32 bits integer corresponding to four bytes in + * Get the unsigned 32 bits integer corresponding to four bytes in * little-endian order (LSB first). * * \param data Base address of the memory to get the four bytes from. - * \param offset Offset from \p base of the first and least significant - * byte of the four bytes to build the 32 bits unsigned + * \param offset Offset from \p base of the first and least significant + * byte of the four bytes to build the 32 bits unsigned * integer from. */ #ifndef MBEDTLS_GET_UINT32_LE @@ -146,10 +146,10 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c /** * Put in memory a 32 bits unsigned integer in little-endian order. * - * \param n 32 bits unsigned integer to put in memory - * \param data Base address of the memory where to put the 32 + * \param n 32 bits unsigned integer to put in memory. + * \param data Base address of the memory where to put the 32 * bits unsigned integer in. - * \param offset Offset from \p base where to put the least significant + * \param offset Offset from \p base where to put the least significant * byte of the 32 bits unsigned integer \p n. */ #ifndef MBEDTLS_PUT_UINT32_LE @@ -163,12 +163,12 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c #endif /** - * Get the unsigned 16 bits integer corresponding to four bytes in + * Get the unsigned 16 bits integer corresponding to four bytes in * little-endian order (LSB first). * * \param data Base address of the memory to get the four bytes from. - * \param offset Offset from \p base of the first and least significant - * byte of the four bytes to build the 16 bits unsigned + * \param offset Offset from \p base of the first and least significant + * byte of the four bytes to build the 16 bits unsigned * integer from. */ #ifndef MBEDTLS_GET_UINT16_LE @@ -182,10 +182,10 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c /** * Put in memory a 16 bits unsigned integer in little-endian order. * - * \param n 16 bits unsigned integer to put in memory - * \param data Base address of the memory where to put the 16 + * \param n 16 bits unsigned integer to put in memory. + * \param data Base address of the memory where to put the 16 * bits unsigned integer in. - * \param offset Offset from \p base where to put the least significant + * \param offset Offset from \p base where to put the least significant * byte of the 16 bits unsigned integer \p n. */ #ifndef MBEDTLS_PUT_UINT16_LE From bf7ea84f83d7fbef2103cae2564fe7258e6847c9 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Wed, 14 Jul 2021 12:05:51 +0100 Subject: [PATCH 18/32] Replace "four bytes" with "two bytes" in macro documentation When writing the documentation 4 bytes was written instead of 2 for MBEDTLS_UINT16_LE Signed-off-by: Joe Subbiani --- library/common.h | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/library/common.h b/library/common.h index 87f0d66bc..28017f974 100644 --- a/library/common.h +++ b/library/common.h @@ -163,12 +163,12 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c #endif /** - * Get the unsigned 16 bits integer corresponding to four bytes in + * Get the unsigned 16 bits integer corresponding to two bytes in * little-endian order (LSB first). * - * \param data Base address of the memory to get the four bytes from. + * \param data Base address of the memory to get the two bytes from. * \param offset Offset from \p base of the first and least significant - * byte of the four bytes to build the 16 bits unsigned + * byte of the two bytes to build the 16 bits unsigned * integer from. */ #ifndef MBEDTLS_GET_UINT16_LE From 2194dc477a65c0c18f592168b5e5f765c475bc9c Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Wed, 14 Jul 2021 12:31:31 +0100 Subject: [PATCH 19/32] Replace MBEDTLS_CHAR_x with MBEDTLS_BYTE_x The CHAR macros casted to an unsigned char which in this project is garunteed to be 8 bits - the same as uint8_t (which BYTE casts to) therefore, instances of CHAR have been swapped with BYTE and the number of macros have been cut down Signed-off-by: Joe Subbiani --- library/asn1write.c | 18 +++--- library/ccm.c | 6 +- library/common.h | 17 +++--- library/ecjpake.c | 18 +++--- library/ssl_cli.c | 116 ++++++++++++++++++------------------- library/ssl_msg.c | 4 +- library/ssl_srv.c | 86 ++++++++++++++-------------- library/ssl_tls.c | 120 +++++++++++++++++++-------------------- library/ssl_tls13_keys.c | 6 +- 9 files changed, 194 insertions(+), 197 deletions(-) diff --git a/library/asn1write.c b/library/asn1write.c index 8555767fe..dc6185413 100644 --- a/library/asn1write.c +++ b/library/asn1write.c @@ -60,8 +60,8 @@ int mbedtls_asn1_write_len( unsigned char **p, const unsigned char *start, size_ if( *p - start < 3 ) return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); - *--(*p) = MBEDTLS_CHAR_0( len ); - *--(*p) = MBEDTLS_CHAR_1( len ); + *--(*p) = MBEDTLS_BYTE_0( len ); + *--(*p) = MBEDTLS_BYTE_1( len ); *--(*p) = 0x82; return( 3 ); } @@ -71,9 +71,9 @@ int mbedtls_asn1_write_len( unsigned char **p, const unsigned char *start, size_ if( *p - start < 4 ) return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); - *--(*p) = MBEDTLS_CHAR_0( len ); - *--(*p) = MBEDTLS_CHAR_1( len ); - *--(*p) = MBEDTLS_CHAR_2( len ); + *--(*p) = MBEDTLS_BYTE_0( len ); + *--(*p) = MBEDTLS_BYTE_1( len ); + *--(*p) = MBEDTLS_BYTE_2( len ); *--(*p) = 0x83; return( 4 ); } @@ -85,10 +85,10 @@ int mbedtls_asn1_write_len( unsigned char **p, const unsigned char *start, size_ if( *p - start < 5 ) return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); - *--(*p) = MBEDTLS_CHAR_0( len ); - *--(*p) = MBEDTLS_CHAR_1( len ); - *--(*p) = MBEDTLS_CHAR_2( len ); - *--(*p) = MBEDTLS_CHAR_3( len ); + *--(*p) = MBEDTLS_BYTE_0( len ); + *--(*p) = MBEDTLS_BYTE_1( len ); + *--(*p) = MBEDTLS_BYTE_2( len ); + *--(*p) = MBEDTLS_BYTE_3( len ); *--(*p) = 0x84; return( 5 ); } diff --git a/library/ccm.c b/library/ccm.c index 95d90dc61..0188075f5 100644 --- a/library/ccm.c +++ b/library/ccm.c @@ -200,7 +200,7 @@ static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length, memcpy( b + 1, iv, iv_len ); for( i = 0, len_left = length; i < q; i++, len_left >>= 8 ) - b[15-i] = MBEDTLS_CHAR_0( len_left ); + b[15-i] = MBEDTLS_BYTE_0( len_left ); if( len_left > 0 ) return( MBEDTLS_ERR_CCM_BAD_INPUT ); @@ -221,8 +221,8 @@ static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length, src = add; memset( b, 0, 16 ); - b[0] = MBEDTLS_CHAR_1( add_len ); - b[1] = MBEDTLS_CHAR_0( add_len ); + b[0] = MBEDTLS_BYTE_1( add_len ); + b[1] = MBEDTLS_BYTE_0( add_len ); use_len = len_left < 16 - 2 ? len_left : 16 - 2; memcpy( b + 2, src, use_len ); diff --git a/library/common.h b/library/common.h index 28017f974..e0f8b99ba 100644 --- a/library/common.h +++ b/library/common.h @@ -25,6 +25,8 @@ #include "mbedtls/build_info.h" +#include + /** Helper to define a function as static except when building invasive tests. * * If a function is only used inside its own source file and should be @@ -72,19 +74,14 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c * Using MBEDTLS_BYTE_a will shift a*8 bits * to retrieve the next byte of information */ -#define MBEDTLS_BYTE_0( x ) ( (uint8_t) ( ( x ) & 0xff ) ) +#define MBEDTLS_BYTE_0( x ) ( (uint8_t) ( ( x ) & 0xff ) ) #define MBEDTLS_BYTE_1( x ) ( (uint8_t) ( ( ( x ) >> 8 ) & 0xff ) ) #define MBEDTLS_BYTE_2( x ) ( (uint8_t) ( ( ( x ) >> 16 ) & 0xff ) ) #define MBEDTLS_BYTE_3( x ) ( (uint8_t) ( ( ( x ) >> 24 ) & 0xff ) ) - -#define MBEDTLS_CHAR_0( x ) ( (unsigned char) ( ( x ) & 0xff ) ) -#define MBEDTLS_CHAR_1( x ) ( (unsigned char) ( ( ( x ) >> 8 ) & 0xff ) ) -#define MBEDTLS_CHAR_2( x ) ( (unsigned char) ( ( ( x ) >> 16 ) & 0xff ) ) -#define MBEDTLS_CHAR_3( x ) ( (unsigned char) ( ( ( x ) >> 24 ) & 0xff ) ) -#define MBEDTLS_CHAR_4( x ) ( (unsigned char) ( ( ( x ) >> 32 ) & 0xff ) ) -#define MBEDTLS_CHAR_5( x ) ( (unsigned char) ( ( ( x ) >> 40 ) & 0xff ) ) -#define MBEDTLS_CHAR_6( x ) ( (unsigned char) ( ( ( x ) >> 48 ) & 0xff ) ) -#define MBEDTLS_CHAR_7( x ) ( (unsigned char) ( ( ( x ) >> 56 ) & 0xff ) ) +#define MBEDTLS_BYTE_4( x ) ( (uint8_t) ( ( ( x ) >> 32 ) & 0xff ) ) +#define MBEDTLS_BYTE_5( x ) ( (uint8_t) ( ( ( x ) >> 40 ) & 0xff ) ) +#define MBEDTLS_BYTE_6( x ) ( (uint8_t) ( ( ( x ) >> 48 ) & 0xff ) ) +#define MBEDTLS_BYTE_7( x ) ( (uint8_t) ( ( ( x ) >> 56 ) & 0xff ) ) /** * Get the unsigned 32 bits integer corresponding to four bytes in diff --git a/library/ecjpake.c b/library/ecjpake.c index 7305dfeee..a599b1ba4 100644 --- a/library/ecjpake.c +++ b/library/ecjpake.c @@ -180,10 +180,10 @@ static int ecjpake_write_len_point( unsigned char **p, if( ret != 0 ) return( ret ); - (*p)[0] = MBEDTLS_CHAR_3( len ); - (*p)[1] = MBEDTLS_CHAR_2( len ); - (*p)[2] = MBEDTLS_CHAR_1( len ); - (*p)[3] = MBEDTLS_CHAR_0( len ); + (*p)[0] = MBEDTLS_BYTE_3( len ); + (*p)[1] = MBEDTLS_BYTE_2( len ); + (*p)[2] = MBEDTLS_BYTE_1( len ); + (*p)[3] = MBEDTLS_BYTE_0( len ); *p += 4 + len; @@ -223,10 +223,10 @@ static int ecjpake_hash( const mbedtls_md_info_t *md_info, if( end - p < 4 ) return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL ); - *p++ = MBEDTLS_CHAR_3( id_len ); - *p++ = MBEDTLS_CHAR_2( id_len ); - *p++ = MBEDTLS_CHAR_1( id_len ); - *p++ = MBEDTLS_CHAR_0( id_len ); + *p++ = MBEDTLS_BYTE_3( id_len ); + *p++ = MBEDTLS_BYTE_2( id_len ); + *p++ = MBEDTLS_BYTE_1( id_len ); + *p++ = MBEDTLS_BYTE_0( id_len ); if( end < p || (size_t)( end - p ) < id_len ) return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL ); @@ -366,7 +366,7 @@ static int ecjpake_zkp_write( const mbedtls_md_info_t *md_info, goto cleanup; } - *(*p)++ = MBEDTLS_CHAR_0( len ); + *(*p)++ = MBEDTLS_BYTE_0( len ); MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &h, *p, len ) ); /* r */ *p += len; diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 7d65479ef..9e0db96c4 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -136,18 +136,18 @@ static int ssl_write_hostname_ext( mbedtls_ssl_context *ssl, * } ServerNameList; * */ - *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_SERVERNAME ); - *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_SERVERNAME ); + *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_SERVERNAME ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_SERVERNAME ); - *p++ = MBEDTLS_CHAR_1( hostname_len + 5); - *p++ = MBEDTLS_CHAR_0( hostname_len + 5); + *p++ = MBEDTLS_BYTE_1( hostname_len + 5); + *p++ = MBEDTLS_BYTE_0( hostname_len + 5); - *p++ = MBEDTLS_CHAR_1( hostname_len + 3 ); - *p++ = MBEDTLS_CHAR_0( hostname_len + 3 ); + *p++ = MBEDTLS_BYTE_1( hostname_len + 3 ); + *p++ = MBEDTLS_BYTE_0( hostname_len + 3 ); - *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_SERVERNAME_HOSTNAME ); - *p++ = MBEDTLS_CHAR_1( hostname_len ); - *p++ = MBEDTLS_CHAR_0( hostname_len ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_SERVERNAME_HOSTNAME ); + *p++ = MBEDTLS_BYTE_1( hostname_len ); + *p++ = MBEDTLS_BYTE_0( hostname_len ); memcpy( p, ssl->hostname, hostname_len ); @@ -181,12 +181,12 @@ static int ssl_write_renegotiation_ext( mbedtls_ssl_context *ssl, /* * Secure renegotiation */ - *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ); - *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ); + *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ); *p++ = 0x00; - *p++ = MBEDTLS_CHAR_0( ssl->verify_data_len + 1 ); - *p++ = MBEDTLS_CHAR_0( ssl->verify_data_len ); + *p++ = MBEDTLS_BYTE_0( ssl->verify_data_len + 1 ); + *p++ = MBEDTLS_BYTE_0( ssl->verify_data_len ); memcpy( p, ssl->own_verify_data, ssl->verify_data_len ); @@ -281,14 +281,14 @@ static int ssl_write_signature_algorithms_ext( mbedtls_ssl_context *ssl, * SignatureAndHashAlgorithm * supported_signature_algorithms<2..2^16-2>; */ - *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_SIG_ALG ); - *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_SIG_ALG ); + *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_SIG_ALG ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_SIG_ALG ); - *p++ = MBEDTLS_CHAR_1( sig_alg_len + 2 ); - *p++ = MBEDTLS_CHAR_0( sig_alg_len + 2 ); + *p++ = MBEDTLS_BYTE_1( sig_alg_len + 2 ); + *p++ = MBEDTLS_BYTE_0( sig_alg_len + 2 ); - *p++ = MBEDTLS_CHAR_1( sig_alg_len ); - *p++ = MBEDTLS_CHAR_0( sig_alg_len ); + *p++ = MBEDTLS_BYTE_1( sig_alg_len ); + *p++ = MBEDTLS_BYTE_0( sig_alg_len ); *olen = 6 + sig_alg_len; @@ -356,14 +356,14 @@ static int ssl_write_supported_elliptic_curves_ext( mbedtls_ssl_context *ssl, elliptic_curve_list[elliptic_curve_len++] = info->tls_id & 0xFF; } - *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES ); - *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES ); + *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES ); - *p++ = MBEDTLS_CHAR_1( elliptic_curve_len + 2 ); - *p++ = MBEDTLS_CHAR_0( elliptic_curve_len + 2 ); + *p++ = MBEDTLS_BYTE_1( elliptic_curve_len + 2 ); + *p++ = MBEDTLS_BYTE_0( elliptic_curve_len + 2 ); - *p++ = MBEDTLS_CHAR_1( elliptic_curve_len ); - *p++ = MBEDTLS_CHAR_0( elliptic_curve_len ); + *p++ = MBEDTLS_BYTE_1( elliptic_curve_len ); + *p++ = MBEDTLS_BYTE_0( elliptic_curve_len ); *olen = 6 + elliptic_curve_len; @@ -384,8 +384,8 @@ static int ssl_write_supported_point_formats_ext( mbedtls_ssl_context *ssl, ( "client hello, adding supported_point_formats extension" ) ); MBEDTLS_SSL_CHK_BUF_PTR( p, end, 6 ); - *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ); - *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ); + *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ); *p++ = 0x00; *p++ = 2; @@ -421,8 +421,8 @@ static int ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_CHK_BUF_PTR( p, end, 4 ); - *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ); - *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ); + *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ); /* * We may need to send ClientHello multiple times for Hello verification. @@ -464,8 +464,8 @@ static int ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl, memcpy( p + 2, ssl->handshake->ecjpake_cache, kkpp_len ); } - *p++ = MBEDTLS_CHAR_1( kkpp_len ); - *p++ = MBEDTLS_CHAR_0( kkpp_len ); + *p++ = MBEDTLS_BYTE_1( kkpp_len ); + *p++ = MBEDTLS_BYTE_0( kkpp_len ); *olen = kkpp_len + 4; @@ -504,11 +504,11 @@ static int ssl_write_cid_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_CHK_BUF_PTR( p, end, (unsigned)( ssl->own_cid_len + 5 ) ); /* Add extension ID + size */ - *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_CID ); - *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_CID ); + *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_CID ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_CID ); ext_len = (size_t) ssl->own_cid_len + 1; - *p++ = MBEDTLS_CHAR_1( ext_len ); - *p++ = MBEDTLS_CHAR_0( ext_len ); + *p++ = MBEDTLS_BYTE_1( ext_len ); + *p++ = MBEDTLS_BYTE_0( ext_len ); *p++ = (uint8_t) ssl->own_cid_len; memcpy( p, ssl->own_cid, ssl->own_cid_len ); @@ -537,8 +537,8 @@ static int ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_CHK_BUF_PTR( p, end, 5 ); - *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ); - *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ); + *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ); *p++ = 0x00; *p++ = 1; @@ -569,8 +569,8 @@ static int ssl_write_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_CHK_BUF_PTR( p, end, 4 ); - *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ); - *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ); + *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ); *p++ = 0x00; *p++ = 0x00; @@ -599,8 +599,8 @@ static int ssl_write_extended_ms_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_CHK_BUF_PTR( p, end, 4 ); - *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ); - *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ); + *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ); *p++ = 0x00; *p++ = 0x00; @@ -631,11 +631,11 @@ static int ssl_write_session_ticket_ext( mbedtls_ssl_context *ssl, /* The addition is safe here since the ticket length is 16 bit. */ MBEDTLS_SSL_CHK_BUF_PTR( p, end, 4 + tlen ); - *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_SESSION_TICKET ); - *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_SESSION_TICKET ); + *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_SESSION_TICKET ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_SESSION_TICKET ); - *p++ = MBEDTLS_CHAR_1( tlen ); - *p++ = MBEDTLS_CHAR_0( tlen ); + *p++ = MBEDTLS_BYTE_1( tlen ); + *p++ = MBEDTLS_BYTE_0( tlen ); *olen = 4; @@ -675,8 +675,8 @@ static int ssl_write_alpn_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_CHK_BUF_PTR( p, end, 6 + alpnlen ); - *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_ALPN ); - *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_ALPN ); + *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_ALPN ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_ALPN ); /* * opaque ProtocolName<1..2^8-1>; @@ -703,12 +703,12 @@ static int ssl_write_alpn_ext( mbedtls_ssl_context *ssl, *olen = p - buf; /* List length = olen - 2 (ext_type) - 2 (ext_len) - 2 (list_len) */ - buf[4] = MBEDTLS_CHAR_1( *olen - 6 ); - buf[5] = MBEDTLS_CHAR_0( *olen - 6 ); + buf[4] = MBEDTLS_BYTE_1( *olen - 6 ); + buf[5] = MBEDTLS_BYTE_0( *olen - 6 ); /* Extension length = olen - 2 (ext_type) - 2 (ext_len) */ - buf[2] = MBEDTLS_CHAR_1( *olen - 4 ); - buf[3] = MBEDTLS_CHAR_0( *olen - 4 ); + buf[2] = MBEDTLS_BYTE_1( *olen - 4 ); + buf[3] = MBEDTLS_BYTE_0( *olen - 4 ); return( 0 ); } @@ -760,12 +760,12 @@ static int ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, */ MBEDTLS_SSL_CHK_BUF_PTR( p, end, ext_len + 4 ); - *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_USE_SRTP ); - *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_USE_SRTP ); + *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_USE_SRTP ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_USE_SRTP ); - *p++ = MBEDTLS_CHAR_1( ext_len & 0xFF00 ); - *p++ = MBEDTLS_CHAR_0( ext_len ); + *p++ = MBEDTLS_BYTE_1( ext_len & 0xFF00 ); + *p++ = MBEDTLS_BYTE_0( ext_len ); /* protection profile length: 2*(ssl->conf->dtls_srtp_profile_list_len) */ /* micro-optimization: @@ -776,7 +776,7 @@ static int ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, * >> 8 ) & 0xFF ); */ *p++ = 0; - *p++ = MBEDTLS_CHAR_0( 2 * ssl->conf->dtls_srtp_profile_list_len ); + *p++ = MBEDTLS_BYTE_0( 2 * ssl->conf->dtls_srtp_profile_list_len ); for( protection_profiles_index=0; protection_profiles_index < ssl->conf->dtls_srtp_profile_list_len; @@ -1323,8 +1323,8 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl ) { /* No need to check for space here, because the extension * writing functions already took care of that. */ - *p++ = MBEDTLS_CHAR_1( ext_len ); - *p++ = MBEDTLS_CHAR_0( ext_len ); + *p++ = MBEDTLS_BYTE_1( ext_len ); + *p++ = MBEDTLS_BYTE_0( ext_len ); p += ext_len; } diff --git a/library/ssl_msg.c b/library/ssl_msg.c index e0c50bcce..989c59874 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -2481,8 +2481,8 @@ int mbedtls_ssl_write_handshake_msg_ext( mbedtls_ssl_context *ssl, /* Write message_seq and update it, except for HelloRequest */ if( hs_type != MBEDTLS_SSL_HS_HELLO_REQUEST ) { - ssl->out_msg[4] = MBEDTLS_CHAR_1( ssl->handshake->out_msg_seq ); - ssl->out_msg[5] = MBEDTLS_CHAR_0( ssl->handshake->out_msg_seq ); + ssl->out_msg[4] = MBEDTLS_BYTE_1( ssl->handshake->out_msg_seq ); + ssl->out_msg[5] = MBEDTLS_BYTE_0( ssl->handshake->out_msg_seq ); ++( ssl->handshake->out_msg_seq ); } else diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 253ab5695..96b08ab8f 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -1971,11 +1971,11 @@ static void ssl_write_cid_ext( mbedtls_ssl_context *ssl, * } ConnectionId; */ - *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_CID ); - *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_CID ); + *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_CID ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_CID ); ext_len = (size_t) ssl->own_cid_len + 1; - *p++ = MBEDTLS_CHAR_1( ext_len ); - *p++ = MBEDTLS_CHAR_0( ext_len ); + *p++ = MBEDTLS_BYTE_1( ext_len ); + *p++ = MBEDTLS_BYTE_0( ext_len ); *p++ = (uint8_t) ssl->own_cid_len; memcpy( p, ssl->own_cid, ssl->own_cid_len ); @@ -2016,8 +2016,8 @@ static void ssl_write_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding encrypt then mac extension" ) ); - *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ); - *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ); + *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ); *p++ = 0x00; *p++ = 0x00; @@ -2042,8 +2042,8 @@ static void ssl_write_extended_ms_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding extended master secret " "extension" ) ); - *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ); - *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ); + *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ); *p++ = 0x00; *p++ = 0x00; @@ -2067,8 +2067,8 @@ static void ssl_write_session_ticket_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding session ticket extension" ) ); - *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_SESSION_TICKET ); - *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_SESSION_TICKET ); + *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_SESSION_TICKET ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_SESSION_TICKET ); *p++ = 0x00; *p++ = 0x00; @@ -2091,8 +2091,8 @@ static void ssl_write_renegotiation_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, secure renegotiation extension" ) ); - *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ); - *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ); + *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ); #if defined(MBEDTLS_SSL_RENEGOTIATION) if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE ) @@ -2132,8 +2132,8 @@ static void ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, max_fragment_length extension" ) ); - *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ); - *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ); + *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ); *p++ = 0x00; *p++ = 1; @@ -2162,8 +2162,8 @@ static void ssl_write_supported_point_formats_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, supported_point_formats extension" ) ); - *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ); - *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ); + *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ); *p++ = 0x00; *p++ = 2; @@ -2200,8 +2200,8 @@ static void ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl, return; } - *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ); - *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ); + *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ); ret = mbedtls_ecjpake_write_round_one( &ssl->handshake->ecjpake_ctx, p + 2, end - p - 2, &kkpp_len, @@ -2212,8 +2212,8 @@ static void ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl, return; } - *p++ = MBEDTLS_CHAR_1( kkpp_len ); - *p++ = MBEDTLS_CHAR_0( kkpp_len ); + *p++ = MBEDTLS_BYTE_1( kkpp_len ); + *p++ = MBEDTLS_BYTE_0( kkpp_len ); *olen = kkpp_len + 4; } @@ -2238,18 +2238,18 @@ static void ssl_write_alpn_ext( mbedtls_ssl_context *ssl, * 6 . 6 protocol name length * 7 . 7+n protocol name */ - buf[0] = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_ALPN ); - buf[1] = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_ALPN ); + buf[0] = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_ALPN ); + buf[1] = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_ALPN ); *olen = 7 + strlen( ssl->alpn_chosen ); - buf[2] = MBEDTLS_CHAR_1( *olen - 4 ); - buf[3] = MBEDTLS_CHAR_0( *olen - 4 ); + buf[2] = MBEDTLS_BYTE_1( *olen - 4 ); + buf[3] = MBEDTLS_BYTE_0( *olen - 4 ); - buf[4] = MBEDTLS_CHAR_1( *olen - 6 ); - buf[5] = MBEDTLS_CHAR_0( *olen - 6 ); + buf[4] = MBEDTLS_BYTE_1( *olen - 6 ); + buf[5] = MBEDTLS_BYTE_0( *olen - 6 ); - buf[6] = MBEDTLS_CHAR_0( *olen - 7 ); + buf[6] = MBEDTLS_BYTE_0( *olen - 7 ); memcpy( buf + 7, ssl->alpn_chosen, *olen - 7 ); } @@ -2294,15 +2294,15 @@ static void ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, } /* extension */ - buf[0] = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_USE_SRTP ); - buf[1] = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_USE_SRTP ); + buf[0] = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_USE_SRTP ); + buf[1] = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_USE_SRTP ); /* * total length 5 and mki value: only one profile(2 bytes) * and length(2 bytes) and srtp_mki ) */ ext_len = 5 + mki_len; - buf[2] = MBEDTLS_CHAR_1( ext_len ); - buf[3] = MBEDTLS_CHAR_0( ext_len ); + buf[2] = MBEDTLS_BYTE_1( ext_len ); + buf[3] = MBEDTLS_BYTE_0( ext_len ); /* protection profile length: 2 */ buf[4] = 0x00; @@ -2311,8 +2311,8 @@ static void ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, ssl->dtls_srtp_info.chosen_dtls_srtp_profile ); if( profile_value != MBEDTLS_TLS_SRTP_UNSET ) { - buf[6] = MBEDTLS_CHAR_1( profile_value ); - buf[7] = MBEDTLS_CHAR_0( profile_value ); + buf[6] = MBEDTLS_BYTE_1( profile_value ); + buf[7] = MBEDTLS_BYTE_0( profile_value ); } else { @@ -2648,8 +2648,8 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl ) if( ext_len > 0 ) { - *p++ = MBEDTLS_CHAR_1( ext_len ); - *p++ = MBEDTLS_CHAR_0( ext_len ); + *p++ = MBEDTLS_BYTE_1( ext_len ); + *p++ = MBEDTLS_BYTE_0( ext_len ); p += ext_len; } @@ -3478,8 +3478,8 @@ static int ssl_decrypt_encrypted_pms( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } - if( *p++ != MBEDTLS_CHAR_1( len ) || - *p++ != MBEDTLS_CHAR_0( len ) ) + if( *p++ != MBEDTLS_BYTE_1( len ) || + *p++ != MBEDTLS_BYTE_0( len ) ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); return( MBEDTLS_ERR_SSL_DECODE_ERROR ); @@ -4223,13 +4223,13 @@ static int ssl_write_new_session_ticket( mbedtls_ssl_context *ssl ) tlen = 0; } - ssl->out_msg[4] = MBEDTLS_CHAR_3( lifetime ); - ssl->out_msg[5] = MBEDTLS_CHAR_2( lifetime ); - ssl->out_msg[6] = MBEDTLS_CHAR_1( lifetime ); - ssl->out_msg[7] = MBEDTLS_CHAR_0( lifetime ); + ssl->out_msg[4] = MBEDTLS_BYTE_3( lifetime ); + ssl->out_msg[5] = MBEDTLS_BYTE_2( lifetime ); + ssl->out_msg[6] = MBEDTLS_BYTE_1( lifetime ); + ssl->out_msg[7] = MBEDTLS_BYTE_0( lifetime ); - ssl->out_msg[8] = MBEDTLS_CHAR_1( tlen ); - ssl->out_msg[9] = MBEDTLS_CHAR_0( tlen ); + ssl->out_msg[8] = MBEDTLS_BYTE_1( tlen ); + ssl->out_msg[9] = MBEDTLS_BYTE_0( tlen ); ssl->out_msglen = 10 + tlen; diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 0655dc57e..381eb9e03 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -4582,8 +4582,8 @@ static unsigned char ssl_serialized_session_header[] = { MBEDTLS_VERSION_MAJOR, MBEDTLS_VERSION_MINOR, MBEDTLS_VERSION_PATCH, - MBEDTLS_CHAR_1( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG ), - MBEDTLS_CHAR_0( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG ), + MBEDTLS_BYTE_1( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG ), + MBEDTLS_BYTE_0( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG ), }; /* @@ -4664,14 +4664,14 @@ static size_t ssl_session_save_tls12( const mbedtls_ssl_session *session, { start = (uint64_t) session->start; - *p++ = MBEDTLS_CHAR_7( start ); - *p++ = MBEDTLS_CHAR_6( start ); - *p++ = MBEDTLS_CHAR_5( start ); - *p++ = MBEDTLS_CHAR_4( start ); - *p++ = MBEDTLS_CHAR_3( start ); - *p++ = MBEDTLS_CHAR_2( start ); - *p++ = MBEDTLS_CHAR_1( start ); - *p++ = MBEDTLS_CHAR_0( start ); + *p++ = MBEDTLS_BYTE_7( start ); + *p++ = MBEDTLS_BYTE_6( start ); + *p++ = MBEDTLS_BYTE_5( start ); + *p++ = MBEDTLS_BYTE_4( start ); + *p++ = MBEDTLS_BYTE_3( start ); + *p++ = MBEDTLS_BYTE_2( start ); + *p++ = MBEDTLS_BYTE_1( start ); + *p++ = MBEDTLS_BYTE_0( start ); } #endif /* MBEDTLS_HAVE_TIME */ @@ -4687,22 +4687,22 @@ static size_t ssl_session_save_tls12( const mbedtls_ssl_session *session, if( used <= buf_len ) { - *p++ = MBEDTLS_CHAR_1( session->ciphersuite ); - *p++ = MBEDTLS_CHAR_0( session->ciphersuite ); + *p++ = MBEDTLS_BYTE_1( session->ciphersuite ); + *p++ = MBEDTLS_BYTE_0( session->ciphersuite ); - *p++ = MBEDTLS_CHAR_0( session->compression ); + *p++ = MBEDTLS_BYTE_0( session->compression ); - *p++ = MBEDTLS_CHAR_0( session->id_len ); + *p++ = MBEDTLS_BYTE_0( session->id_len ); memcpy( p, session->id, 32 ); p += 32; memcpy( p, session->master, 48 ); p += 48; - *p++ = MBEDTLS_CHAR_3( session->verify_result ); - *p++ = MBEDTLS_CHAR_2( session->verify_result ); - *p++ = MBEDTLS_CHAR_1( session->verify_result ); - *p++ = MBEDTLS_CHAR_0( session->verify_result ); + *p++ = MBEDTLS_BYTE_3( session->verify_result ); + *p++ = MBEDTLS_BYTE_2( session->verify_result ); + *p++ = MBEDTLS_BYTE_1( session->verify_result ); + *p++ = MBEDTLS_BYTE_0( session->verify_result ); } /* @@ -4719,9 +4719,9 @@ static size_t ssl_session_save_tls12( const mbedtls_ssl_session *session, if( used <= buf_len ) { - *p++ = MBEDTLS_CHAR_2( cert_len ); - *p++ = MBEDTLS_CHAR_1( cert_len ); - *p++ = MBEDTLS_CHAR_0( cert_len ); + *p++ = MBEDTLS_BYTE_2( cert_len ); + *p++ = MBEDTLS_BYTE_1( cert_len ); + *p++ = MBEDTLS_BYTE_0( cert_len ); if( session->peer_cert != NULL ) { @@ -4762,9 +4762,9 @@ static size_t ssl_session_save_tls12( const mbedtls_ssl_session *session, if( used <= buf_len ) { - *p++ = MBEDTLS_CHAR_2( session->ticket_len ); - *p++ = MBEDTLS_CHAR_1( session->ticket_len ); - *p++ = MBEDTLS_CHAR_0( session->ticket_len ); + *p++ = MBEDTLS_BYTE_2( session->ticket_len ); + *p++ = MBEDTLS_BYTE_1( session->ticket_len ); + *p++ = MBEDTLS_BYTE_0( session->ticket_len ); if( session->ticket != NULL ) { @@ -4772,10 +4772,10 @@ static size_t ssl_session_save_tls12( const mbedtls_ssl_session *session, p += session->ticket_len; } - *p++ = MBEDTLS_CHAR_3( session->ticket_lifetime ); - *p++ = MBEDTLS_CHAR_2( session->ticket_lifetime ); - *p++ = MBEDTLS_CHAR_1( session->ticket_lifetime ); - *p++ = MBEDTLS_CHAR_0( session->ticket_lifetime ); + *p++ = MBEDTLS_BYTE_3( session->ticket_lifetime ); + *p++ = MBEDTLS_BYTE_2( session->ticket_lifetime ); + *p++ = MBEDTLS_BYTE_1( session->ticket_lifetime ); + *p++ = MBEDTLS_BYTE_0( session->ticket_lifetime ); } #endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */ @@ -4793,7 +4793,7 @@ static size_t ssl_session_save_tls12( const mbedtls_ssl_session *session, used += 1; if( used <= buf_len ) - *p++ = MBEDTLS_CHAR_0( session->encrypt_then_mac ); + *p++ = MBEDTLS_BYTE_0( session->encrypt_then_mac ); #endif return( used ); @@ -5568,11 +5568,11 @@ static unsigned char ssl_serialized_context_header[] = { MBEDTLS_VERSION_MAJOR, MBEDTLS_VERSION_MINOR, MBEDTLS_VERSION_PATCH, - MBEDTLS_CHAR_1( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG ), - MBEDTLS_CHAR_0( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG ), - MBEDTLS_CHAR_2( SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG ), - MBEDTLS_CHAR_1( SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG ), - MBEDTLS_CHAR_0( SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG ), + MBEDTLS_BYTE_1( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG ), + MBEDTLS_BYTE_0( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG ), + MBEDTLS_BYTE_2( SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG ), + MBEDTLS_BYTE_1( SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG ), + MBEDTLS_BYTE_0( SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG ), }; /* @@ -5713,10 +5713,10 @@ int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl, used += 4 + session_len; if( used <= buf_len ) { - *p++ = MBEDTLS_CHAR_3( session_len ); - *p++ = MBEDTLS_CHAR_2( session_len ); - *p++ = MBEDTLS_CHAR_1( session_len ); - *p++ = MBEDTLS_CHAR_0( session_len ); + *p++ = MBEDTLS_BYTE_3( session_len ); + *p++ = MBEDTLS_BYTE_2( session_len ); + *p++ = MBEDTLS_BYTE_1( session_len ); + *p++ = MBEDTLS_BYTE_0( session_len ); ret = ssl_session_save( ssl->session, 1, p, session_len, &session_len ); @@ -5757,33 +5757,33 @@ int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl, used += 4; if( used <= buf_len ) { - *p++ = MBEDTLS_CHAR_3( ssl->badmac_seen ); - *p++ = MBEDTLS_CHAR_2( ssl->badmac_seen ); - *p++ = MBEDTLS_CHAR_1( ssl->badmac_seen ); - *p++ = MBEDTLS_CHAR_0( ssl->badmac_seen ); + *p++ = MBEDTLS_BYTE_3( ssl->badmac_seen ); + *p++ = MBEDTLS_BYTE_2( ssl->badmac_seen ); + *p++ = MBEDTLS_BYTE_1( ssl->badmac_seen ); + *p++ = MBEDTLS_BYTE_0( ssl->badmac_seen ); } #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) used += 16; if( used <= buf_len ) { - *p++ = MBEDTLS_CHAR_7( ssl->in_window_top ); - *p++ = MBEDTLS_CHAR_6( ssl->in_window_top ); - *p++ = MBEDTLS_CHAR_5( ssl->in_window_top ); - *p++ = MBEDTLS_CHAR_4( ssl->in_window_top ); - *p++ = MBEDTLS_CHAR_3( ssl->in_window_top ); - *p++ = MBEDTLS_CHAR_2( ssl->in_window_top ); - *p++ = MBEDTLS_CHAR_1( ssl->in_window_top ); - *p++ = MBEDTLS_CHAR_0( ssl->in_window_top ); + *p++ = MBEDTLS_BYTE_7( ssl->in_window_top ); + *p++ = MBEDTLS_BYTE_6( ssl->in_window_top ); + *p++ = MBEDTLS_BYTE_5( ssl->in_window_top ); + *p++ = MBEDTLS_BYTE_4( ssl->in_window_top ); + *p++ = MBEDTLS_BYTE_3( ssl->in_window_top ); + *p++ = MBEDTLS_BYTE_2( ssl->in_window_top ); + *p++ = MBEDTLS_BYTE_1( ssl->in_window_top ); + *p++ = MBEDTLS_BYTE_0( ssl->in_window_top ); - *p++ = MBEDTLS_CHAR_7( ssl->in_window ); - *p++ = MBEDTLS_CHAR_6( ssl->in_window ); - *p++ = MBEDTLS_CHAR_5( ssl->in_window ); - *p++ = MBEDTLS_CHAR_4( ssl->in_window ); - *p++ = MBEDTLS_CHAR_3( ssl->in_window ); - *p++ = MBEDTLS_CHAR_2( ssl->in_window ); - *p++ = MBEDTLS_CHAR_1( ssl->in_window ); - *p++ = MBEDTLS_CHAR_0( ssl->in_window ); + *p++ = MBEDTLS_BYTE_7( ssl->in_window ); + *p++ = MBEDTLS_BYTE_6( ssl->in_window ); + *p++ = MBEDTLS_BYTE_5( ssl->in_window ); + *p++ = MBEDTLS_BYTE_4( ssl->in_window ); + *p++ = MBEDTLS_BYTE_3( ssl->in_window ); + *p++ = MBEDTLS_BYTE_2( ssl->in_window ); + *p++ = MBEDTLS_BYTE_1( ssl->in_window ); + *p++ = MBEDTLS_BYTE_0( ssl->in_window ); } #endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */ @@ -5806,8 +5806,8 @@ int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl, used += 2; if( used <= buf_len ) { - *p++ = MBEDTLS_CHAR_1( ssl->mtu ); - *p++ = MBEDTLS_CHAR_0( ssl->mtu ); + *p++ = MBEDTLS_BYTE_1( ssl->mtu ); + *p++ = MBEDTLS_BYTE_0( ssl->mtu ); } #endif /* MBEDTLS_SSL_PROTO_DTLS */ diff --git a/library/ssl_tls13_keys.c b/library/ssl_tls13_keys.c index 9e629cb0b..7aec21dff 100644 --- a/library/ssl_tls13_keys.c +++ b/library/ssl_tls13_keys.c @@ -113,17 +113,17 @@ static void ssl_tls1_3_hkdf_encode_label( #endif *p++ = 0; - *p++ = MBEDTLS_CHAR_0( desired_length ); + *p++ = MBEDTLS_BYTE_0( desired_length ); /* Add label incl. prefix */ - *p++ = MBEDTLS_CHAR_0( total_label_len ); + *p++ = MBEDTLS_BYTE_0( total_label_len ); memcpy( p, tls1_3_label_prefix, sizeof(tls1_3_label_prefix) ); p += sizeof(tls1_3_label_prefix); memcpy( p, label, llen ); p += llen; /* Add context value */ - *p++ = MBEDTLS_CHAR_0( clen ); + *p++ = MBEDTLS_BYTE_0( clen ); if( clen != 0 ) memcpy( p, ctx, clen ); From 99edd6c8105740b58ad3261da7ed47c42658b36e Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Fri, 16 Jul 2021 12:29:49 +0100 Subject: [PATCH 20/32] Add UINT64 GET and PUT macros Copy over the GET/PUT_UINT64_LE/BE macros from aes.c and sha512.c Add the MBEDTLS_ prefix to all 4 macros. Modify the GET_UINT64 macros to no longer take a target variable as a parameter, so when the macro function is called it must be assigned to a variable in the same statement. Signed-off-by: Joe Subbiani --- library/aes.c | 37 +++----------------- library/common.h | 91 ++++++++++++++++++++++++++++++++++++++++++++++++ library/sha512.c | 39 +++------------------ 3 files changed, 99 insertions(+), 68 deletions(-) diff --git a/library/aes.c b/library/aes.c index 1eb3e204d..8e3358c49 100644 --- a/library/aes.c +++ b/library/aes.c @@ -1074,35 +1074,6 @@ int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx, #if defined(MBEDTLS_CIPHER_MODE_XTS) -/* Endianess with 64 bits values */ -#ifndef GET_UINT64_LE -#define GET_UINT64_LE(n,b,i) \ -{ \ - (n) = ( (uint64_t) (b)[(i) + 7] << 56 ) \ - | ( (uint64_t) (b)[(i) + 6] << 48 ) \ - | ( (uint64_t) (b)[(i) + 5] << 40 ) \ - | ( (uint64_t) (b)[(i) + 4] << 32 ) \ - | ( (uint64_t) (b)[(i) + 3] << 24 ) \ - | ( (uint64_t) (b)[(i) + 2] << 16 ) \ - | ( (uint64_t) (b)[(i) + 1] << 8 ) \ - | ( (uint64_t) (b)[(i) ] ); \ -} -#endif - -#ifndef PUT_UINT64_LE -#define PUT_UINT64_LE(n,b,i) \ -{ \ - (b)[(i) + 7] = (unsigned char) ( (n) >> 56 ); \ - (b)[(i) + 6] = (unsigned char) ( (n) >> 48 ); \ - (b)[(i) + 5] = (unsigned char) ( (n) >> 40 ); \ - (b)[(i) + 4] = (unsigned char) ( (n) >> 32 ); \ - (b)[(i) + 3] = (unsigned char) ( (n) >> 24 ); \ - (b)[(i) + 2] = (unsigned char) ( (n) >> 16 ); \ - (b)[(i) + 1] = (unsigned char) ( (n) >> 8 ); \ - (b)[(i) ] = (unsigned char) ( (n) ); \ -} -#endif - typedef unsigned char mbedtls_be128[16]; /* @@ -1118,14 +1089,14 @@ static void mbedtls_gf128mul_x_ble( unsigned char r[16], { uint64_t a, b, ra, rb; - GET_UINT64_LE( a, x, 0 ); - GET_UINT64_LE( b, x, 8 ); + a = MBEDTLS_GET_UINT64_LE( x, 0 ); + b = MBEDTLS_GET_UINT64_LE( x, 8 ); ra = ( a << 1 ) ^ 0x0087 >> ( 8 - ( ( b >> 63 ) << 3 ) ); rb = ( a >> 63 ) | ( b << 1 ); - PUT_UINT64_LE( ra, r, 0 ); - PUT_UINT64_LE( rb, r, 8 ); + MBEDTLS_PUT_UINT64_LE( ra, r, 0 ); + MBEDTLS_PUT_UINT64_LE( rb, r, 8 ); } /* diff --git a/library/common.h b/library/common.h index e0f8b99ba..ce2f04007 100644 --- a/library/common.h +++ b/library/common.h @@ -193,5 +193,96 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c } #endif +/** + * Get the unsigned 64 bits integer corresponding to eight bytes in + * big-endian order (MSB first). + * + * \param data Base address of the memory to get the eight bytes from. + * \param offset Offset from \p base of the first and most significant + * byte of the eight bytes to build the 64 bits unsigned + * integer from. + */ +#ifndef MBEDTLS_GET_UINT64_BE +#define MBEDTLS_GET_UINT64_BE( data, offset ) \ + ( \ + ( (uint64_t) ( data )[( offset ) ] << 56 ) \ + | ( (uint64_t) ( data )[( offset ) + 1] << 48 ) \ + | ( (uint64_t) ( data )[( offset ) + 2] << 40 ) \ + | ( (uint64_t) ( data )[( offset ) + 3] << 32 ) \ + | ( (uint64_t) ( data )[( offset ) + 4] << 24 ) \ + | ( (uint64_t) ( data )[( offset ) + 5] << 16 ) \ + | ( (uint64_t) ( data )[( offset ) + 6] << 8 ) \ + | ( (uint64_t) ( data )[( offset ) + 7] ) \ + ) +#endif + +/** + * Put in memory a 64 bits unsigned integer in big-endian order. + * + * \param n 64 bits unsigned integer to put in memory. + * \param data Base address of the memory where to put the 64 + * bits unsigned integer in. + * \param offset Offset from \p base where to put the most significant + * byte of the 64 bits unsigned integer \p n. + */ +#ifndef MBEDTLS_PUT_UINT64_BE +#define MBEDTLS_PUT_UINT64_BE( n, data, offset ) \ +{ \ + ( data )[( offset ) ] = (unsigned char) ( (n) >> 56 ); \ + ( data )[( offset ) + 1] = (unsigned char) ( (n) >> 48 ); \ + ( data )[( offset ) + 2] = (unsigned char) ( (n) >> 40 ); \ + ( data )[( offset ) + 3] = (unsigned char) ( (n) >> 32 ); \ + ( data )[( offset ) + 4] = (unsigned char) ( (n) >> 24 ); \ + ( data )[( offset ) + 5] = (unsigned char) ( (n) >> 16 ); \ + ( data )[( offset ) + 6] = (unsigned char) ( (n) >> 8 ); \ + ( data )[( offset ) + 7] = (unsigned char) ( (n) ); \ +} +#endif + +/** + * Get the unsigned 64 bits integer corresponding to eight bytes in + * little-endian order (LSB first). + * + * \param data Base address of the memory to get the eight bytes from. + * \param offset Offset from \p base of the first and least significant + * byte of the eight bytes to build the 64 bits unsigned + * integer from. + */ +#ifndef MBEDTLS_GET_UINT64_LE +#define MBEDTLS_GET_UINT64_LE( data, offset ) \ + ( \ + ( (uint64_t) ( data )[( offset ) + 7] << 56 ) \ + | ( (uint64_t) ( data )[( offset ) + 6] << 48 ) \ + | ( (uint64_t) ( data )[( offset ) + 5] << 40 ) \ + | ( (uint64_t) ( data )[( offset ) + 4] << 32 ) \ + | ( (uint64_t) ( data )[( offset ) + 3] << 24 ) \ + | ( (uint64_t) ( data )[( offset ) + 2] << 16 ) \ + | ( (uint64_t) ( data )[( offset ) + 1] << 8 ) \ + | ( (uint64_t) ( data )[( offset ) ] ) \ + ) +#endif + +/** + * Put in memory a 64 bits unsigned integer in little-endian order. + * + * \param n 64 bits unsigned integer to put in memory. + * \param data Base address of the memory where to put the 64 + * bits unsigned integer in. + * \param offset Offset from \p base where to put the least significant + * byte of the 64 bits unsigned integer \p n. + */ +#ifndef MBEDTLS_PUT_UINT64_LE +#define MBEDTLS_PUT_UINT64_LE( n, data, offset ) \ +{ \ + ( data )[( offset ) + 7] = (unsigned char) ( (n) >> 56 ); \ + ( data )[( offset ) + 6] = (unsigned char) ( (n) >> 48 ); \ + ( data )[( offset ) + 5] = (unsigned char) ( (n) >> 40 ); \ + ( data )[( offset ) + 4] = (unsigned char) ( (n) >> 32 ); \ + ( data )[( offset ) + 3] = (unsigned char) ( (n) >> 24 ); \ + ( data )[( offset ) + 2] = (unsigned char) ( (n) >> 16 ); \ + ( data )[( offset ) + 1] = (unsigned char) ( (n) >> 8 ); \ + ( data )[( offset ) ] = (unsigned char) ( (n) ); \ +} +#endif #endif /* MBEDTLS_LIBRARY_COMMON_H */ diff --git a/library/sha512.c b/library/sha512.c index 6511c6e36..2b4cc547e 100644 --- a/library/sha512.c +++ b/library/sha512.c @@ -56,44 +56,13 @@ #if !defined(MBEDTLS_SHA512_ALT) -/* - * 64-bit integer manipulation macros (big endian) - */ -#ifndef GET_UINT64_BE -#define GET_UINT64_BE(n,b,i) \ -{ \ - (n) = ( (uint64_t) (b)[(i) ] << 56 ) \ - | ( (uint64_t) (b)[(i) + 1] << 48 ) \ - | ( (uint64_t) (b)[(i) + 2] << 40 ) \ - | ( (uint64_t) (b)[(i) + 3] << 32 ) \ - | ( (uint64_t) (b)[(i) + 4] << 24 ) \ - | ( (uint64_t) (b)[(i) + 5] << 16 ) \ - | ( (uint64_t) (b)[(i) + 6] << 8 ) \ - | ( (uint64_t) (b)[(i) + 7] ); \ -} -#endif /* GET_UINT64_BE */ - -#ifndef PUT_UINT64_BE -#define PUT_UINT64_BE(n,b,i) \ -{ \ - (b)[(i) ] = (unsigned char) ( (n) >> 56 ); \ - (b)[(i) + 1] = (unsigned char) ( (n) >> 48 ); \ - (b)[(i) + 2] = (unsigned char) ( (n) >> 40 ); \ - (b)[(i) + 3] = (unsigned char) ( (n) >> 32 ); \ - (b)[(i) + 4] = (unsigned char) ( (n) >> 24 ); \ - (b)[(i) + 5] = (unsigned char) ( (n) >> 16 ); \ - (b)[(i) + 6] = (unsigned char) ( (n) >> 8 ); \ - (b)[(i) + 7] = (unsigned char) ( (n) ); \ -} -#endif /* PUT_UINT64_BE */ - #if defined(MBEDTLS_SHA512_SMALLER) static void sha512_put_uint64_be( uint64_t n, unsigned char *b, uint8_t i ) { - PUT_UINT64_BE(n, b, i); + MBEDTLS_PUT_UINT64_BE(n, b, i); } #else -#define sha512_put_uint64_be PUT_UINT64_BE +#define sha512_put_uint64_be MBEDTLS_PUT_UINT64_BE #endif /* MBEDTLS_SHA512_SMALLER */ void mbedtls_sha512_init( mbedtls_sha512_context *ctx ) @@ -261,7 +230,7 @@ int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx, { if( i < 16 ) { - GET_UINT64_BE( local.W[i], data, i << 3 ); + local.W[i] = MBEDTLS_GET_UINT64_BE( data, i << 3 ); } else { @@ -281,7 +250,7 @@ int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx, #else /* MBEDTLS_SHA512_SMALLER */ for( i = 0; i < 16; i++ ) { - GET_UINT64_BE( local.W[i], data, i << 3 ); + local.W[i] = MBEDTLS_GET_UINT64_BE( data, i << 3 ); } for( ; i < 80; i++ ) From fbeb692dd09efbb5d81304637e490ad1a2208ce5 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Fri, 16 Jul 2021 14:27:50 +0100 Subject: [PATCH 21/32] Use byte reading macros in places not using a byte mask byte shifting opertations throughout library/ were only replaced with the byte reading macros when an 0xff mask was being used. The byte reading macros are now more widley used, however they have not been used in all cases of a byte shift operation, as it detracted from the immediate readability or otherwise did not seem appropriate. Signed-off-by: Joe Subbiani --- library/base64.c | 6 +++--- library/chacha20.c | 8 ++++---- library/chachapoly.c | 32 ++++++++++++++++---------------- library/dhm.c | 4 ++-- library/ecp.c | 4 ++-- library/pkcs12.c | 8 ++++---- library/poly1305.c | 36 ++++++++++++++++++------------------ library/ssl_cli.c | 40 ++++++++++++++++++++-------------------- library/ssl_cookie.c | 8 ++++---- library/ssl_msg.c | 28 ++++++++++++++-------------- library/ssl_srv.c | 30 +++++++++++++++--------------- library/ssl_tls.c | 28 ++++++++++++++-------------- library/x509write_crt.c | 4 ++-- 13 files changed, 118 insertions(+), 118 deletions(-) diff --git a/library/base64.c b/library/base64.c index 1a05226ef..9cf5dd41d 100644 --- a/library/base64.c +++ b/library/base64.c @@ -319,9 +319,9 @@ int mbedtls_base64_decode( unsigned char *dst, size_t dlen, size_t *olen, if( ++n == 4 ) { n = 0; - if( j > 0 ) *p++ = (unsigned char)( x >> 16 ); - if( j > 1 ) *p++ = (unsigned char)( x >> 8 ); - if( j > 2 ) *p++ = (unsigned char)( x ); + if( j > 0 ) *p++ = MBEDTLS_BYTE_2( x ); + if( j > 1 ) *p++ = MBEDTLS_BYTE_1( x ); + if( j > 2 ) *p++ = MBEDTLS_BYTE_0( x ); } } diff --git a/library/chacha20.c b/library/chacha20.c index 7015f99d5..0e057f0e3 100644 --- a/library/chacha20.c +++ b/library/chacha20.c @@ -164,10 +164,10 @@ static void chacha20_block( const uint32_t initial_state[16], { size_t offset = i * 4U; - keystream[offset ] = (unsigned char)( working_state[i] ); - keystream[offset + 1U] = (unsigned char)( working_state[i] >> 8 ); - keystream[offset + 2U] = (unsigned char)( working_state[i] >> 16 ); - keystream[offset + 3U] = (unsigned char)( working_state[i] >> 24 ); + keystream[offset ] = MBEDTLS_BYTE_0( working_state[i] ); + keystream[offset + 1U] = MBEDTLS_BYTE_1( working_state[i] ); + keystream[offset + 2U] = MBEDTLS_BYTE_2( working_state[i] ); + keystream[offset + 3U] = MBEDTLS_BYTE_3( working_state[i] ); } mbedtls_platform_zeroize( working_state, sizeof( working_state ) ); diff --git a/library/chachapoly.c b/library/chachapoly.c index 77d547731..696d97bf0 100644 --- a/library/chachapoly.c +++ b/library/chachapoly.c @@ -263,22 +263,22 @@ int mbedtls_chachapoly_finish( mbedtls_chachapoly_context *ctx, /* The lengths of the AAD and ciphertext are processed by * Poly1305 as the final 128-bit block, encoded as little-endian integers. */ - len_block[ 0] = (unsigned char)( ctx->aad_len ); - len_block[ 1] = (unsigned char)( ctx->aad_len >> 8 ); - len_block[ 2] = (unsigned char)( ctx->aad_len >> 16 ); - len_block[ 3] = (unsigned char)( ctx->aad_len >> 24 ); - len_block[ 4] = (unsigned char)( ctx->aad_len >> 32 ); - len_block[ 5] = (unsigned char)( ctx->aad_len >> 40 ); - len_block[ 6] = (unsigned char)( ctx->aad_len >> 48 ); - len_block[ 7] = (unsigned char)( ctx->aad_len >> 56 ); - len_block[ 8] = (unsigned char)( ctx->ciphertext_len ); - len_block[ 9] = (unsigned char)( ctx->ciphertext_len >> 8 ); - len_block[10] = (unsigned char)( ctx->ciphertext_len >> 16 ); - len_block[11] = (unsigned char)( ctx->ciphertext_len >> 24 ); - len_block[12] = (unsigned char)( ctx->ciphertext_len >> 32 ); - len_block[13] = (unsigned char)( ctx->ciphertext_len >> 40 ); - len_block[14] = (unsigned char)( ctx->ciphertext_len >> 48 ); - len_block[15] = (unsigned char)( ctx->ciphertext_len >> 56 ); + len_block[ 0] = MBEDTLS_BYTE_0( ctx->aad_len ); + len_block[ 1] = MBEDTLS_BYTE_1( ctx->aad_len ); + len_block[ 2] = MBEDTLS_BYTE_2( ctx->aad_len ); + len_block[ 3] = MBEDTLS_BYTE_3( ctx->aad_len ); + len_block[ 4] = MBEDTLS_BYTE_4( ctx->aad_len ); + len_block[ 5] = MBEDTLS_BYTE_5( ctx->aad_len ); + len_block[ 6] = MBEDTLS_BYTE_6( ctx->aad_len ); + len_block[ 7] = MBEDTLS_BYTE_7( ctx->aad_len ); + len_block[ 8] = MBEDTLS_BYTE_0( ctx->ciphertext_len ); + len_block[ 9] = MBEDTLS_BYTE_1( ctx->ciphertext_len ); + len_block[10] = MBEDTLS_BYTE_2( ctx->ciphertext_len ); + len_block[11] = MBEDTLS_BYTE_3( ctx->ciphertext_len ); + len_block[12] = MBEDTLS_BYTE_4( ctx->ciphertext_len ); + len_block[13] = MBEDTLS_BYTE_5( ctx->ciphertext_len ); + len_block[14] = MBEDTLS_BYTE_6( ctx->ciphertext_len ); + len_block[15] = MBEDTLS_BYTE_7( ctx->ciphertext_len ); ret = mbedtls_poly1305_update( &ctx->poly1305_ctx, len_block, 16U ); if( ret != 0 ) diff --git a/library/dhm.c b/library/dhm.c index 29ce75598..2ce0ed4fd 100644 --- a/library/dhm.c +++ b/library/dhm.c @@ -270,8 +270,8 @@ int mbedtls_dhm_make_params( mbedtls_dhm_context *ctx, int x_size, MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( ( X ), \ p + 2, \ ( n ) ) ); \ - *p++ = (unsigned char)( ( n ) >> 8 ); \ - *p++ = (unsigned char)( ( n ) ); \ + *p++ = MBEDTLS_BYTE_1( n ); \ + *p++ = MBEDTLS_BYTE_0( n ); \ p += ( n ); \ } while( 0 ) diff --git a/library/ecp.c b/library/ecp.c index b608ff1bd..fdfc96006 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -1012,8 +1012,8 @@ int mbedtls_ecp_tls_write_group( const mbedtls_ecp_group *grp, size_t *olen, /* * Next two bytes are the namedcurve value */ - buf[0] = curve_info->tls_id >> 8; - buf[1] = curve_info->tls_id & 0xFF; + buf[0] = MBEDTLS_BYTE_1( curve_info->tls_id ); + buf[1] = MBEDTLS_BYTE_0( curve_info->tls_id ); return( 0 ); } diff --git a/library/pkcs12.c b/library/pkcs12.c index 04b1a6dab..8f64bc639 100644 --- a/library/pkcs12.c +++ b/library/pkcs12.c @@ -285,8 +285,8 @@ int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen, for( i = v; i > 0; i-- ) { j = salt_block[i - 1] + hash_block[i - 1] + c; - c = (unsigned char) (j >> 8); - salt_block[i - 1] = j & 0xFF; + c = MBEDTLS_BYTE_1( j ); + salt_block[i - 1] = MBEDTLS_BYTE_0( j ); } // pwd_block += B @@ -294,8 +294,8 @@ int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen, for( i = v; i > 0; i-- ) { j = pwd_block[i - 1] + hash_block[i - 1] + c; - c = (unsigned char) (j >> 8); - pwd_block[i - 1] = j & 0xFF; + c = MBEDTLS_BYTE_1( j ); + pwd_block[i - 1] = MBEDTLS_BYTE_0( j ); } } diff --git a/library/poly1305.c b/library/poly1305.c index f19574253..333aade94 100644 --- a/library/poly1305.c +++ b/library/poly1305.c @@ -62,8 +62,8 @@ static uint64_t mul64( uint32_t a, uint32_t b ) /* a = al + 2**16 ah, b = bl + 2**16 bh */ const uint16_t al = (uint16_t) a; const uint16_t bl = (uint16_t) b; - const uint16_t ah = a >> 16; - const uint16_t bh = b >> 16; + const uint16_t ah = MBEDTLS_BYTE_2( a ); + const uint16_t bh = MBEDTLS_BYTE_2( b ); /* ab = al*bl + 2**16 (ah*bl + bl*bh) + 2**32 ah*bh */ const uint32_t lo = (uint32_t) al * bl; @@ -250,22 +250,22 @@ static void poly1305_compute_mac( const mbedtls_poly1305_context *ctx, acc3 += ctx->s[3] + (uint32_t) ( d >> 32U ); /* Compute MAC (128 least significant bits of the accumulator) */ - mac[ 0] = (unsigned char)( acc0 ); - mac[ 1] = (unsigned char)( acc0 >> 8 ); - mac[ 2] = (unsigned char)( acc0 >> 16 ); - mac[ 3] = (unsigned char)( acc0 >> 24 ); - mac[ 4] = (unsigned char)( acc1 ); - mac[ 5] = (unsigned char)( acc1 >> 8 ); - mac[ 6] = (unsigned char)( acc1 >> 16 ); - mac[ 7] = (unsigned char)( acc1 >> 24 ); - mac[ 8] = (unsigned char)( acc2 ); - mac[ 9] = (unsigned char)( acc2 >> 8 ); - mac[10] = (unsigned char)( acc2 >> 16 ); - mac[11] = (unsigned char)( acc2 >> 24 ); - mac[12] = (unsigned char)( acc3 ); - mac[13] = (unsigned char)( acc3 >> 8 ); - mac[14] = (unsigned char)( acc3 >> 16 ); - mac[15] = (unsigned char)( acc3 >> 24 ); + mac[ 0] = MBEDTLS_BYTE_0( acc0 ); + mac[ 1] = MBEDTLS_BYTE_1( acc0 ); + mac[ 2] = MBEDTLS_BYTE_2( acc0 ); + mac[ 3] = MBEDTLS_BYTE_3( acc0 ); + mac[ 4] = MBEDTLS_BYTE_0( acc1 ); + mac[ 5] = MBEDTLS_BYTE_1( acc1 ); + mac[ 6] = MBEDTLS_BYTE_2( acc1 ); + mac[ 7] = MBEDTLS_BYTE_3( acc1 ); + mac[ 8] = MBEDTLS_BYTE_0( acc2 ); + mac[ 9] = MBEDTLS_BYTE_1( acc2 ); + mac[10] = MBEDTLS_BYTE_2( acc2 ); + mac[11] = MBEDTLS_BYTE_3( acc2 ); + mac[12] = MBEDTLS_BYTE_0( acc3 ); + mac[13] = MBEDTLS_BYTE_1( acc3 ); + mac[14] = MBEDTLS_BYTE_2( acc3 ); + mac[15] = MBEDTLS_BYTE_3( acc3 ); } void mbedtls_poly1305_init( mbedtls_poly1305_context *ctx ) diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 9e0db96c4..729784a6e 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -352,8 +352,8 @@ static int ssl_write_supported_elliptic_curves_ext( mbedtls_ssl_context *ssl, grp_id++ ) { info = mbedtls_ecp_curve_info_from_grp_id( *grp_id ); - elliptic_curve_list[elliptic_curve_len++] = info->tls_id >> 8; - elliptic_curve_list[elliptic_curve_len++] = info->tls_id & 0xFF; + elliptic_curve_list[elliptic_curve_len++] = MBEDTLS_BYTE_1( info->tls_id ); + elliptic_curve_list[elliptic_curve_len++] = MBEDTLS_BYTE_0( info->tls_id ); } *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES ); @@ -857,10 +857,10 @@ static int ssl_generate_random( mbedtls_ssl_context *ssl ) #if defined(MBEDTLS_HAVE_TIME) t = mbedtls_time( NULL ); - *p++ = (unsigned char)( t >> 24 ); - *p++ = (unsigned char)( t >> 16 ); - *p++ = (unsigned char)( t >> 8 ); - *p++ = (unsigned char)( t ); + *p++ = MBEDTLS_BYTE_3( t ); + *p++ = MBEDTLS_BYTE_2( t ); + *p++ = MBEDTLS_BYTE_1( t ); + *p++ = MBEDTLS_BYTE_0( t ); MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, current time: %" MBEDTLS_PRINTF_LONGLONG, (long long) t ) ); @@ -1143,8 +1143,8 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_CHK_BUF_PTR( p, end, 2 ); n++; - *p++ = (unsigned char)( ciphersuites[i] >> 8 ); - *p++ = (unsigned char)( ciphersuites[i] ); + *p++ = MBEDTLS_BYTE_1( ciphersuites[i] ); + *p++ = MBEDTLS_BYTE_0( ciphersuites[i] ); } MBEDTLS_SSL_DEBUG_MSG( 3, @@ -1159,8 +1159,8 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl ) { MBEDTLS_SSL_DEBUG_MSG( 3, ( "adding EMPTY_RENEGOTIATION_INFO_SCSV" ) ); MBEDTLS_SSL_CHK_BUF_PTR( p, end, 2 ); - *p++ = (unsigned char)( MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO >> 8 ); - *p++ = (unsigned char)( MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO ); + *p++ = MBEDTLS_BYTE_1( MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO ); n++; } @@ -2745,8 +2745,8 @@ static int ssl_write_encrypted_pms( mbedtls_ssl_context *ssl, #if defined(MBEDTLS_SSL_PROTO_TLS1_2) if( len_bytes == 2 ) { - ssl->out_msg[offset+0] = (unsigned char)( *olen >> 8 ); - ssl->out_msg[offset+1] = (unsigned char)( *olen ); + ssl->out_msg[offset+0] = MBEDTLS_BYTE_1( *olen ); + ssl->out_msg[offset+1] = MBEDTLS_BYTE_0( *olen ); *olen += 2; } #endif @@ -3503,8 +3503,8 @@ static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl ) */ content_len = mbedtls_dhm_get_len( &ssl->handshake->dhm_ctx ); - ssl->out_msg[4] = (unsigned char)( content_len >> 8 ); - ssl->out_msg[5] = (unsigned char)( content_len ); + ssl->out_msg[4] = MBEDTLS_BYTE_1( content_len ); + ssl->out_msg[5] = MBEDTLS_BYTE_0( content_len ); header_len = 6; ret = mbedtls_dhm_make_public( &ssl->handshake->dhm_ctx, @@ -3719,8 +3719,8 @@ ecdh_calc_secret: return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); } - ssl->out_msg[header_len++] = (unsigned char)( content_len >> 8 ); - ssl->out_msg[header_len++] = (unsigned char)( content_len ); + ssl->out_msg[header_len++] = MBEDTLS_BYTE_1( content_len ); + ssl->out_msg[header_len++] = MBEDTLS_BYTE_0( content_len ); memcpy( ssl->out_msg + header_len, ssl->conf->psk_identity, @@ -3771,8 +3771,8 @@ ecdh_calc_secret: return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); } - ssl->out_msg[header_len++] = (unsigned char)( content_len >> 8 ); - ssl->out_msg[header_len++] = (unsigned char)( content_len ); + ssl->out_msg[header_len++] = MBEDTLS_BYTE_1( content_len ); + ssl->out_msg[header_len++] = MBEDTLS_BYTE_0( content_len ); ret = mbedtls_dhm_make_public( &ssl->handshake->dhm_ctx, (int) mbedtls_dhm_get_len( &ssl->handshake->dhm_ctx ), @@ -4054,8 +4054,8 @@ sign: return( ret ); } - ssl->out_msg[4 + offset] = (unsigned char)( n >> 8 ); - ssl->out_msg[5 + offset] = (unsigned char)( n ); + ssl->out_msg[4 + offset] = MBEDTLS_BYTE_1( n ); + ssl->out_msg[5 + offset] = MBEDTLS_BYTE_0( n ); ssl->out_msglen = 6 + n + offset; ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; diff --git a/library/ssl_cookie.c b/library/ssl_cookie.c index 40b8913b8..4f1c07bde 100644 --- a/library/ssl_cookie.c +++ b/library/ssl_cookie.c @@ -165,10 +165,10 @@ int mbedtls_ssl_cookie_write( void *p_ctx, t = ctx->serial++; #endif - (*p)[0] = (unsigned char)( t >> 24 ); - (*p)[1] = (unsigned char)( t >> 16 ); - (*p)[2] = (unsigned char)( t >> 8 ); - (*p)[3] = (unsigned char)( t ); + (*p)[0] = MBEDTLS_BYTE_3( t ); + (*p)[1] = MBEDTLS_BYTE_2( t ); + (*p)[2] = MBEDTLS_BYTE_1( t ); + (*p)[3] = MBEDTLS_BYTE_0( t ); *p += 4; #if defined(MBEDTLS_THREADING_C) diff --git a/library/ssl_msg.c b/library/ssl_msg.c index 989c59874..304e7f22b 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -2451,9 +2451,9 @@ int mbedtls_ssl_write_handshake_msg_ext( mbedtls_ssl_context *ssl, */ if( ssl->out_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE ) { - ssl->out_msg[1] = (unsigned char)( hs_len >> 16 ); - ssl->out_msg[2] = (unsigned char)( hs_len >> 8 ); - ssl->out_msg[3] = (unsigned char)( hs_len ); + ssl->out_msg[1] = MBEDTLS_BYTE_2( hs_len ); + ssl->out_msg[2] = MBEDTLS_BYTE_1( hs_len ); + ssl->out_msg[3] = MBEDTLS_BYTE_0( hs_len ); /* * DTLS has additional fields in the Handshake layer, @@ -2566,8 +2566,8 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl, uint8_t force_flush ) ssl->conf->transport, ssl->out_hdr + 1 ); memcpy( ssl->out_ctr, ssl->cur_out_ctr, 8 ); - ssl->out_len[0] = (unsigned char)( len >> 8 ); - ssl->out_len[1] = (unsigned char)( len ); + ssl->out_len[0] = MBEDTLS_BYTE_1( len ); + ssl->out_len[1] = MBEDTLS_BYTE_0( len ); if( ssl->transform_out != NULL ) { @@ -2607,8 +2607,8 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl, uint8_t force_flush ) memcpy( ssl->out_cid, rec.cid, rec.cid_len ); #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ ssl->out_msglen = len = rec.data_len; - ssl->out_len[0] = (unsigned char)( rec.data_len >> 8 ); - ssl->out_len[1] = (unsigned char)( rec.data_len ); + ssl->out_len[0] = MBEDTLS_BYTE_1( rec.data_len ); + ssl->out_len[1] = MBEDTLS_BYTE_0( rec.data_len ); } protected_record_size = len + mbedtls_ssl_out_hdr_len( ssl ); @@ -3180,12 +3180,12 @@ static int ssl_check_dtls_clihlo_cookie( /* Go back and fill length fields */ obuf[27] = (unsigned char)( *olen - 28 ); - obuf[14] = obuf[22] = (unsigned char)( ( *olen - 25 ) >> 16 ); - obuf[15] = obuf[23] = (unsigned char)( ( *olen - 25 ) >> 8 ); - obuf[16] = obuf[24] = (unsigned char)( ( *olen - 25 ) ); + obuf[14] = obuf[22] = MBEDTLS_BYTE_2( *olen - 25 ); + obuf[15] = obuf[23] = MBEDTLS_BYTE_1( *olen - 25 ); + obuf[16] = obuf[24] = MBEDTLS_BYTE_0( *olen - 25 ); - obuf[11] = (unsigned char)( ( *olen - 13 ) >> 8 ); - obuf[12] = (unsigned char)( ( *olen - 13 ) ); + obuf[11] = MBEDTLS_BYTE_1( *olen - 13 ); + obuf[12] = MBEDTLS_BYTE_0( *olen - 13 ); return( MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED ); } @@ -4565,8 +4565,8 @@ static int ssl_get_next_record( mbedtls_ssl_context *ssl ) ssl->in_hdr[0] = rec.type; ssl->in_msg = rec.buf + rec.data_offset; ssl->in_msglen = rec.data_len; - ssl->in_len[0] = (unsigned char)( rec.data_len >> 8 ); - ssl->in_len[1] = (unsigned char)( rec.data_len ); + ssl->in_len[0] = MBEDTLS_BYTE_1( rec.data_len ); + ssl->in_len[1] = MBEDTLS_BYTE_0( rec.data_len ); return( 0 ); } diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 96b08ab8f..232846ff0 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -2494,10 +2494,10 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl ) #if defined(MBEDTLS_HAVE_TIME) t = mbedtls_time( NULL ); - *p++ = (unsigned char)( t >> 24 ); - *p++ = (unsigned char)( t >> 16 ); - *p++ = (unsigned char)( t >> 8 ); - *p++ = (unsigned char)( t ); + *p++ = MBEDTLS_BYTE_3( t ); + *p++ = MBEDTLS_BYTE_2( t ); + *p++ = MBEDTLS_BYTE_1( t ); + *p++ = MBEDTLS_BYTE_0( t ); MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, current time: %" MBEDTLS_PRINTF_LONGLONG, (long long) t ) ); @@ -2578,9 +2578,9 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_MSG( 3, ( "%s session has been resumed", ssl->handshake->resume ? "a" : "no" ) ); - *p++ = (unsigned char)( ssl->session_negotiate->ciphersuite >> 8 ); - *p++ = (unsigned char)( ssl->session_negotiate->ciphersuite ); - *p++ = (unsigned char)( ssl->session_negotiate->compression ); + *p++ = MBEDTLS_BYTE_1( ssl->session_negotiate->ciphersuite ); + *p++ = MBEDTLS_BYTE_0( ssl->session_negotiate->ciphersuite ); + *p++ = MBEDTLS_BYTE_0( ssl->session_negotiate->compression ); MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, chosen ciphersuite: %s", mbedtls_ssl_get_ciphersuite_name( ssl->session_negotiate->ciphersuite ) ) ); @@ -2785,8 +2785,8 @@ static int ssl_write_certificate_request( mbedtls_ssl_context *ssl ) #endif } - p[0] = (unsigned char)( sa_len >> 8 ); - p[1] = (unsigned char)( sa_len ); + p[0] = MBEDTLS_BYTE_1( sa_len ); + p[1] = MBEDTLS_BYTE_0( sa_len ); sa_len += 2; p += sa_len; } @@ -2826,8 +2826,8 @@ static int ssl_write_certificate_request( mbedtls_ssl_context *ssl ) break; } - *p++ = (unsigned char)( dn_size >> 8 ); - *p++ = (unsigned char)( dn_size ); + *p++ = MBEDTLS_BYTE_1( dn_size ); + *p++ = MBEDTLS_BYTE_0( dn_size ); memcpy( p, crt->subject_raw.p, dn_size ); p += dn_size; @@ -2841,8 +2841,8 @@ static int ssl_write_certificate_request( mbedtls_ssl_context *ssl ) ssl->out_msglen = p - buf; ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; ssl->out_msg[0] = MBEDTLS_SSL_HS_CERTIFICATE_REQUEST; - ssl->out_msg[4 + ct_len + sa_len] = (unsigned char)( total_dn_size >> 8 ); - ssl->out_msg[5 + ct_len + sa_len] = (unsigned char)( total_dn_size ); + ssl->out_msg[4 + ct_len + sa_len] = MBEDTLS_BYTE_1( total_dn_size ); + ssl->out_msg[5 + ct_len + sa_len] = MBEDTLS_BYTE_0( total_dn_size ); ret = mbedtls_ssl_write_handshake_msg( ssl ); @@ -3320,8 +3320,8 @@ static int ssl_write_server_key_exchange( mbedtls_ssl_context *ssl ) #if defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED) if( signature_len != 0 ) { - ssl->out_msg[ssl->out_msglen++] = (unsigned char)( signature_len >> 8 ); - ssl->out_msg[ssl->out_msglen++] = (unsigned char)( signature_len ); + ssl->out_msg[ssl->out_msglen++] = MBEDTLS_BYTE_1( signature_len ); + ssl->out_msg[ssl->out_msglen++] = MBEDTLS_BYTE_0( signature_len ); MBEDTLS_SSL_DEBUG_BUF( 3, "my signature", ssl->out_msg + ssl->out_msglen, diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 381eb9e03..33f026f4d 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -1487,8 +1487,8 @@ int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exch if( end - p < 2 ) return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - *(p++) = (unsigned char)( psk_len >> 8 ); - *(p++) = (unsigned char)( psk_len ); + *(p++) = MBEDTLS_BYTE_1( psk_len ); + *(p++) = MBEDTLS_BYTE_0( psk_len ); if( end < p || (size_t)( end - p ) < psk_len ) return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); @@ -1528,8 +1528,8 @@ int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exch MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_calc_secret", ret ); return( ret ); } - *(p++) = (unsigned char)( len >> 8 ); - *(p++) = (unsigned char)( len ); + *(p++) = MBEDTLS_BYTE_1( len ); + *(p++) = MBEDTLS_BYTE_0( len ); p += len; MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: K ", &ssl->handshake->dhm_ctx.K ); @@ -1550,8 +1550,8 @@ int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exch return( ret ); } - *(p++) = (unsigned char)( zlen >> 8 ); - *(p++) = (unsigned char)( zlen ); + *(p++) = MBEDTLS_BYTE_1( zlen ); + *(p++) = MBEDTLS_BYTE_0( zlen ); p += zlen; MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx, @@ -1568,8 +1568,8 @@ int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exch if( end - p < 2 ) return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - *(p++) = (unsigned char)( psk_len >> 8 ); - *(p++) = (unsigned char)( psk_len ); + *(p++) = MBEDTLS_BYTE_1( psk_len ); + *(p++) = MBEDTLS_BYTE_0( psk_len ); if( end < p || (size_t)( end - p ) < psk_len ) return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); @@ -1746,17 +1746,17 @@ int mbedtls_ssl_write_certificate( mbedtls_ssl_context *ssl ) return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); } - ssl->out_msg[i ] = (unsigned char)( n >> 16 ); - ssl->out_msg[i + 1] = (unsigned char)( n >> 8 ); - ssl->out_msg[i + 2] = (unsigned char)( n ); + ssl->out_msg[i ] = MBEDTLS_BYTE_2( n ); + ssl->out_msg[i + 1] = MBEDTLS_BYTE_1( n ); + ssl->out_msg[i + 2] = MBEDTLS_BYTE_0( n ); i += 3; memcpy( ssl->out_msg + i, crt->raw.p, n ); i += n; crt = crt->next; } - ssl->out_msg[4] = (unsigned char)( ( i - 7 ) >> 16 ); - ssl->out_msg[5] = (unsigned char)( ( i - 7 ) >> 8 ); - ssl->out_msg[6] = (unsigned char)( ( i - 7 ) ); + ssl->out_msg[4] = MBEDTLS_BYTE_2( i - 7 ); + ssl->out_msg[5] = MBEDTLS_BYTE_1( i - 7 ); + ssl->out_msg[6] = MBEDTLS_BYTE_0( i - 7 ); ssl->out_msglen = i; ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; diff --git a/library/x509write_crt.c b/library/x509write_crt.c index c8169f1fe..0daf0683e 100644 --- a/library/x509write_crt.c +++ b/library/x509write_crt.c @@ -251,8 +251,8 @@ int mbedtls_x509write_crt_set_key_usage( mbedtls_x509write_cert *ctx, return( MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE ); c = buf + 5; - ku[0] = (unsigned char)( key_usage ); - ku[1] = (unsigned char)( key_usage >> 8 ); + ku[0] = MBEDTLS_BYTE_0( key_usage ); + ku[1] = MBEDTLS_BYTE_1( key_usage ); ret = mbedtls_asn1_write_named_bitstring( &c, buf, ku, 9 ); if( ret < 0 ) From b6511b04fa8891a92fe45b42315ca9c4ec9439ac Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Fri, 16 Jul 2021 15:02:55 +0100 Subject: [PATCH 22/32] Replace instances of byte reading macros with PUT Instances of a group of byte reading macros which are equivilant to MBEDTLS_PUT_UINTx_yz Signed-off-by: Joe Subbiani --- library/chacha20.c | 5 +---- library/chachapoly.c | 18 ++---------------- library/ssl_cookie.c | 5 +---- 3 files changed, 4 insertions(+), 24 deletions(-) diff --git a/library/chacha20.c b/library/chacha20.c index 0e057f0e3..658f04690 100644 --- a/library/chacha20.c +++ b/library/chacha20.c @@ -164,10 +164,7 @@ static void chacha20_block( const uint32_t initial_state[16], { size_t offset = i * 4U; - keystream[offset ] = MBEDTLS_BYTE_0( working_state[i] ); - keystream[offset + 1U] = MBEDTLS_BYTE_1( working_state[i] ); - keystream[offset + 2U] = MBEDTLS_BYTE_2( working_state[i] ); - keystream[offset + 3U] = MBEDTLS_BYTE_3( working_state[i] ); + MBEDTLS_PUT_UINT32_LE(working_state[i], keystream, offset); } mbedtls_platform_zeroize( working_state, sizeof( working_state ) ); diff --git a/library/chachapoly.c b/library/chachapoly.c index 696d97bf0..dc75b2030 100644 --- a/library/chachapoly.c +++ b/library/chachapoly.c @@ -263,22 +263,8 @@ int mbedtls_chachapoly_finish( mbedtls_chachapoly_context *ctx, /* The lengths of the AAD and ciphertext are processed by * Poly1305 as the final 128-bit block, encoded as little-endian integers. */ - len_block[ 0] = MBEDTLS_BYTE_0( ctx->aad_len ); - len_block[ 1] = MBEDTLS_BYTE_1( ctx->aad_len ); - len_block[ 2] = MBEDTLS_BYTE_2( ctx->aad_len ); - len_block[ 3] = MBEDTLS_BYTE_3( ctx->aad_len ); - len_block[ 4] = MBEDTLS_BYTE_4( ctx->aad_len ); - len_block[ 5] = MBEDTLS_BYTE_5( ctx->aad_len ); - len_block[ 6] = MBEDTLS_BYTE_6( ctx->aad_len ); - len_block[ 7] = MBEDTLS_BYTE_7( ctx->aad_len ); - len_block[ 8] = MBEDTLS_BYTE_0( ctx->ciphertext_len ); - len_block[ 9] = MBEDTLS_BYTE_1( ctx->ciphertext_len ); - len_block[10] = MBEDTLS_BYTE_2( ctx->ciphertext_len ); - len_block[11] = MBEDTLS_BYTE_3( ctx->ciphertext_len ); - len_block[12] = MBEDTLS_BYTE_4( ctx->ciphertext_len ); - len_block[13] = MBEDTLS_BYTE_5( ctx->ciphertext_len ); - len_block[14] = MBEDTLS_BYTE_6( ctx->ciphertext_len ); - len_block[15] = MBEDTLS_BYTE_7( ctx->ciphertext_len ); + MBEDTLS_PUT_UINT64_LE(ctx->aad_len, len_block, 0); + MBEDTLS_PUT_UINT64_LE(ctx->ciphertext_len, len_block, 8); ret = mbedtls_poly1305_update( &ctx->poly1305_ctx, len_block, 16U ); if( ret != 0 ) diff --git a/library/ssl_cookie.c b/library/ssl_cookie.c index 4f1c07bde..986b1410b 100644 --- a/library/ssl_cookie.c +++ b/library/ssl_cookie.c @@ -165,10 +165,7 @@ int mbedtls_ssl_cookie_write( void *p_ctx, t = ctx->serial++; #endif - (*p)[0] = MBEDTLS_BYTE_3( t ); - (*p)[1] = MBEDTLS_BYTE_2( t ); - (*p)[2] = MBEDTLS_BYTE_1( t ); - (*p)[3] = MBEDTLS_BYTE_0( t ); + MBEDTLS_PUT_UINT32_BE(t, *p, 0); *p += 4; #if defined(MBEDTLS_THREADING_C) From 4919bb46b02a7032518951d5ff5f9168a8876859 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Fri, 16 Jul 2021 17:14:07 +0100 Subject: [PATCH 23/32] Remove use of byte reading macro for uint16 Accidently used MBEDTLS_BYTE_16 for a uint16 variable Signed-off-by: Joe Subbiani --- library/poly1305.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/library/poly1305.c b/library/poly1305.c index 333aade94..9e90d67b1 100644 --- a/library/poly1305.c +++ b/library/poly1305.c @@ -61,9 +61,9 @@ static uint64_t mul64( uint32_t a, uint32_t b ) { /* a = al + 2**16 ah, b = bl + 2**16 bh */ const uint16_t al = (uint16_t) a; - const uint16_t bl = (uint16_t) b; - const uint16_t ah = MBEDTLS_BYTE_2( a ); - const uint16_t bh = MBEDTLS_BYTE_2( b ); + const uint16_t bl = (uint16_t) b; + const uint16_t ah = a >> 16; + const uint16_t bh = b >> 16; /* ab = al*bl + 2**16 (ah*bl + bl*bh) + 2**32 ah*bh */ const uint32_t lo = (uint32_t) al * bl; From 51b147add0abc84098c680ad7eac86d6dd3e10d6 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Fri, 16 Jul 2021 17:47:17 +0100 Subject: [PATCH 24/32] Remove trailing white space Signed-off-by: Joe Subbiani --- library/poly1305.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/poly1305.c b/library/poly1305.c index 9e90d67b1..1f35f1d50 100644 --- a/library/poly1305.c +++ b/library/poly1305.c @@ -61,7 +61,7 @@ static uint64_t mul64( uint32_t a, uint32_t b ) { /* a = al + 2**16 ah, b = bl + 2**16 bh */ const uint16_t al = (uint16_t) a; - const uint16_t bl = (uint16_t) b; + const uint16_t bl = (uint16_t) b; const uint16_t ah = a >> 16; const uint16_t bh = b >> 16; From 6dd73645533dfaf489906c5ee30e9bb816b652a6 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Mon, 19 Jul 2021 11:56:54 +0100 Subject: [PATCH 25/32] Replace instances of byte reading macros with PUT Instances of a group of byte reading macros which are equivilant to MBEDTLS_PUT_UINTx_yz Signed-off-by: Joe Subbiani --- library/common.h | 34 ++++++++++++++++++++++++++++++++++ library/poly1305.c | 20 ++++---------------- library/psa_its_file.c | 10 ++-------- library/ssl_cli.c | 15 +++++---------- library/ssl_msg.c | 21 +++++++-------------- library/ssl_srv.c | 34 ++++++++++------------------------ library/ssl_ticket.c | 3 +-- library/x509write_crt.c | 3 +-- 8 files changed, 64 insertions(+), 76 deletions(-) diff --git a/library/common.h b/library/common.h index ce2f04007..3e8f88bf3 100644 --- a/library/common.h +++ b/library/common.h @@ -193,6 +193,40 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c } #endif +/** + * Get the unsigned 16 bits integer corresponding to two bytes in + * big-endian order (LSB first). + * + * \param data Base address of the memory to get the two bytes from. + * \param offset Offset from \p base of the first and most significant + * byte of the two bytes to build the 16 bits unsigned + * integer from. + */ +#ifndef MBEDTLS_GET_UINT16_BE +#define MBEDTLS_GET_UINT16_BE( data, offset ) \ + ( \ + ( (uint16_t) ( data )[( offset ) ] << 8 ) \ + | ( (uint16_t) ( data )[( offset ) + 1] ) \ + ) +#endif + +/** + * Put in memory a 16 bits unsigned integer in big-endian order. + * + * \param n 16 bits unsigned integer to put in memory. + * \param data Base address of the memory where to put the 16 + * bits unsigned integer in. + * \param offset Offset from \p base where to put the most significant + * byte of the 16 bits unsigned integer \p n. + */ +#ifndef MBEDTLS_PUT_UINT16_BE +#define MBEDTLS_PUT_UINT16_BE( n, data, offset ) \ +{ \ + ( data )[( offset ) ] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \ + ( data )[( offset ) + 1] = (unsigned char) ( ( (n) ) & 0xFF ); \ +} +#endif + /** * Get the unsigned 64 bits integer corresponding to eight bytes in * big-endian order (MSB first). diff --git a/library/poly1305.c b/library/poly1305.c index 1f35f1d50..7375a0c57 100644 --- a/library/poly1305.c +++ b/library/poly1305.c @@ -250,22 +250,10 @@ static void poly1305_compute_mac( const mbedtls_poly1305_context *ctx, acc3 += ctx->s[3] + (uint32_t) ( d >> 32U ); /* Compute MAC (128 least significant bits of the accumulator) */ - mac[ 0] = MBEDTLS_BYTE_0( acc0 ); - mac[ 1] = MBEDTLS_BYTE_1( acc0 ); - mac[ 2] = MBEDTLS_BYTE_2( acc0 ); - mac[ 3] = MBEDTLS_BYTE_3( acc0 ); - mac[ 4] = MBEDTLS_BYTE_0( acc1 ); - mac[ 5] = MBEDTLS_BYTE_1( acc1 ); - mac[ 6] = MBEDTLS_BYTE_2( acc1 ); - mac[ 7] = MBEDTLS_BYTE_3( acc1 ); - mac[ 8] = MBEDTLS_BYTE_0( acc2 ); - mac[ 9] = MBEDTLS_BYTE_1( acc2 ); - mac[10] = MBEDTLS_BYTE_2( acc2 ); - mac[11] = MBEDTLS_BYTE_3( acc2 ); - mac[12] = MBEDTLS_BYTE_0( acc3 ); - mac[13] = MBEDTLS_BYTE_1( acc3 ); - mac[14] = MBEDTLS_BYTE_2( acc3 ); - mac[15] = MBEDTLS_BYTE_3( acc3 ); + MBEDTLS_PUT_UINT32_LE( acc0, mac, 0 ); + MBEDTLS_PUT_UINT32_LE( acc1, mac, 4 ); + MBEDTLS_PUT_UINT32_LE( acc2, mac, 8 ); + MBEDTLS_PUT_UINT32_LE( acc3, mac, 12 ); } void mbedtls_poly1305_init( mbedtls_poly1305_context *ctx ) diff --git a/library/psa_its_file.c b/library/psa_its_file.c index c3b19a74a..c4782cdba 100644 --- a/library/psa_its_file.c +++ b/library/psa_its_file.c @@ -191,14 +191,8 @@ psa_status_t psa_its_set( psa_storage_uid_t uid, size_t n; memcpy( header.magic, PSA_ITS_MAGIC_STRING, PSA_ITS_MAGIC_LENGTH ); - header.size[0] = MBEDTLS_BYTE_0( data_length ); - header.size[1] = MBEDTLS_BYTE_1( data_length ); - header.size[2] = MBEDTLS_BYTE_2( data_length ); - header.size[3] = MBEDTLS_BYTE_3( data_length ); - header.flags[0] = MBEDTLS_BYTE_0( create_flags ); - header.flags[1] = MBEDTLS_BYTE_1( create_flags ); - header.flags[2] = MBEDTLS_BYTE_2( create_flags ); - header.flags[3] = MBEDTLS_BYTE_3( create_flags ); + MBEDTLS_PUT_UINT32_LE( data_length, header.size, 0 ); + MBEDTLS_PUT_UINT32_LE( create_flags, header.flags, 0 ); psa_its_fill_filename( uid, filename ); stream = fopen( PSA_ITS_STORAGE_TEMP, "wb" ); diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 729784a6e..3a0e6df6f 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -703,12 +703,10 @@ static int ssl_write_alpn_ext( mbedtls_ssl_context *ssl, *olen = p - buf; /* List length = olen - 2 (ext_type) - 2 (ext_len) - 2 (list_len) */ - buf[4] = MBEDTLS_BYTE_1( *olen - 6 ); - buf[5] = MBEDTLS_BYTE_0( *olen - 6 ); + MBEDTLS_PUT_UINT16_BE( *olen - 6, buf, 4 ); /* Extension length = olen - 2 (ext_type) - 2 (ext_len) */ - buf[2] = MBEDTLS_BYTE_1( *olen - 4 ); - buf[3] = MBEDTLS_BYTE_0( *olen - 4 ); + MBEDTLS_PUT_UINT16_BE( *olen - 4, buf, 2 ); return( 0 ); } @@ -2745,8 +2743,7 @@ static int ssl_write_encrypted_pms( mbedtls_ssl_context *ssl, #if defined(MBEDTLS_SSL_PROTO_TLS1_2) if( len_bytes == 2 ) { - ssl->out_msg[offset+0] = MBEDTLS_BYTE_1( *olen ); - ssl->out_msg[offset+1] = MBEDTLS_BYTE_0( *olen ); + MBEDTLS_PUT_UINT16_BE( *olen, ssl->out_msg, offset ); *olen += 2; } #endif @@ -3503,8 +3500,7 @@ static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl ) */ content_len = mbedtls_dhm_get_len( &ssl->handshake->dhm_ctx ); - ssl->out_msg[4] = MBEDTLS_BYTE_1( content_len ); - ssl->out_msg[5] = MBEDTLS_BYTE_0( content_len ); + MBEDTLS_PUT_UINT16_BE( content_len, ssl->out_msg, 4 ); header_len = 6; ret = mbedtls_dhm_make_public( &ssl->handshake->dhm_ctx, @@ -4054,8 +4050,7 @@ sign: return( ret ); } - ssl->out_msg[4 + offset] = MBEDTLS_BYTE_1( n ); - ssl->out_msg[5 + offset] = MBEDTLS_BYTE_0( n ); + MBEDTLS_PUT_UINT16_BE( n, ssl->out_msg, offset + 4 ); ssl->out_msglen = 6 + n + offset; ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; diff --git a/library/ssl_msg.c b/library/ssl_msg.c index 304e7f22b..2fe801a28 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -454,15 +454,13 @@ static void ssl_extract_add_data_from_record( unsigned char* add_data, *cur = rec->cid_len; cur++; - cur[0] = MBEDTLS_CHAR_1( ad_len_field ); - cur[1] = MBEDTLS_CHAR_0( ad_len_field ); + MBEDTLS_PUT_UINT16_BE( ad_len_field, cur, 0 ); cur += 2; } else #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ { - cur[0] = MBEDTLS_CHAR_1( ad_len_field ); - cur[1] = MBEDTLS_CHAR_0( ad_len_field ); + MBEDTLS_PUT_UINT16_BE( ad_len_field, cur, 0 ); cur += 2; } @@ -2481,8 +2479,7 @@ int mbedtls_ssl_write_handshake_msg_ext( mbedtls_ssl_context *ssl, /* Write message_seq and update it, except for HelloRequest */ if( hs_type != MBEDTLS_SSL_HS_HELLO_REQUEST ) { - ssl->out_msg[4] = MBEDTLS_BYTE_1( ssl->handshake->out_msg_seq ); - ssl->out_msg[5] = MBEDTLS_BYTE_0( ssl->handshake->out_msg_seq ); + MBEDTLS_PUT_UINT16_BE( ssl->handshake->out_msg_seq, ssl->out_msg, 4 ); ++( ssl->handshake->out_msg_seq ); } else @@ -2566,8 +2563,7 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl, uint8_t force_flush ) ssl->conf->transport, ssl->out_hdr + 1 ); memcpy( ssl->out_ctr, ssl->cur_out_ctr, 8 ); - ssl->out_len[0] = MBEDTLS_BYTE_1( len ); - ssl->out_len[1] = MBEDTLS_BYTE_0( len ); + MBEDTLS_PUT_UINT16_BE( len, ssl->out_len, 0); if( ssl->transform_out != NULL ) { @@ -2607,8 +2603,7 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl, uint8_t force_flush ) memcpy( ssl->out_cid, rec.cid, rec.cid_len ); #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ ssl->out_msglen = len = rec.data_len; - ssl->out_len[0] = MBEDTLS_BYTE_1( rec.data_len ); - ssl->out_len[1] = MBEDTLS_BYTE_0( rec.data_len ); + MBEDTLS_PUT_UINT16_BE( rec.data_len, ssl->out_len, 0 ); } protected_record_size = len + mbedtls_ssl_out_hdr_len( ssl ); @@ -3184,8 +3179,7 @@ static int ssl_check_dtls_clihlo_cookie( obuf[15] = obuf[23] = MBEDTLS_BYTE_1( *olen - 25 ); obuf[16] = obuf[24] = MBEDTLS_BYTE_0( *olen - 25 ); - obuf[11] = MBEDTLS_BYTE_1( *olen - 13 ); - obuf[12] = MBEDTLS_BYTE_0( *olen - 13 ); + MBEDTLS_PUT_UINT16_BE( *olen - 13, obuf, 11 ); return( MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED ); } @@ -4565,8 +4559,7 @@ static int ssl_get_next_record( mbedtls_ssl_context *ssl ) ssl->in_hdr[0] = rec.type; ssl->in_msg = rec.buf + rec.data_offset; ssl->in_msglen = rec.data_len; - ssl->in_len[0] = MBEDTLS_BYTE_1( rec.data_len ); - ssl->in_len[1] = MBEDTLS_BYTE_0( rec.data_len ); + MBEDTLS_PUT_UINT16_BE( rec.data_len, ssl->in_len, 0 ); return( 0 ); } diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 232846ff0..a791b8076 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -2238,16 +2238,13 @@ static void ssl_write_alpn_ext( mbedtls_ssl_context *ssl, * 6 . 6 protocol name length * 7 . 7+n protocol name */ - buf[0] = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_ALPN ); - buf[1] = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_ALPN ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_ALPN, buf, 0); *olen = 7 + strlen( ssl->alpn_chosen ); - buf[2] = MBEDTLS_BYTE_1( *olen - 4 ); - buf[3] = MBEDTLS_BYTE_0( *olen - 4 ); + MBEDTLS_PUT_UINT16_BE( *olen - 4, buf, 2 ); - buf[4] = MBEDTLS_BYTE_1( *olen - 6 ); - buf[5] = MBEDTLS_BYTE_0( *olen - 6 ); + MBEDTLS_PUT_UINT16_BE( *olen - 6, buf, 4 ); buf[6] = MBEDTLS_BYTE_0( *olen - 7 ); @@ -2294,15 +2291,13 @@ static void ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, } /* extension */ - buf[0] = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_USE_SRTP ); - buf[1] = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_USE_SRTP ); + MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_USE_SRTP, buf, 0 ); /* * total length 5 and mki value: only one profile(2 bytes) * and length(2 bytes) and srtp_mki ) */ ext_len = 5 + mki_len; - buf[2] = MBEDTLS_BYTE_1( ext_len ); - buf[3] = MBEDTLS_BYTE_0( ext_len ); + MBEDTLS_PUT_UINT16_BE( ext_len, buf, 2 ); /* protection profile length: 2 */ buf[4] = 0x00; @@ -2311,8 +2306,7 @@ static void ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, ssl->dtls_srtp_info.chosen_dtls_srtp_profile ); if( profile_value != MBEDTLS_TLS_SRTP_UNSET ) { - buf[6] = MBEDTLS_BYTE_1( profile_value ); - buf[7] = MBEDTLS_BYTE_0( profile_value ); + MBEDTLS_PUT_UINT16_BE( profile_value, buf, 6 ); } else { @@ -2785,8 +2779,7 @@ static int ssl_write_certificate_request( mbedtls_ssl_context *ssl ) #endif } - p[0] = MBEDTLS_BYTE_1( sa_len ); - p[1] = MBEDTLS_BYTE_0( sa_len ); + MBEDTLS_PUT_UINT16_BE( sa_len, p, 0 ); sa_len += 2; p += sa_len; } @@ -2841,8 +2834,7 @@ static int ssl_write_certificate_request( mbedtls_ssl_context *ssl ) ssl->out_msglen = p - buf; ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; ssl->out_msg[0] = MBEDTLS_SSL_HS_CERTIFICATE_REQUEST; - ssl->out_msg[4 + ct_len + sa_len] = MBEDTLS_BYTE_1( total_dn_size ); - ssl->out_msg[5 + ct_len + sa_len] = MBEDTLS_BYTE_0( total_dn_size ); + MBEDTLS_PUT_UINT16_BE( total_dn_size, ssl->out_msg, 4 + ct_len + sa_len ); ret = mbedtls_ssl_write_handshake_msg( ssl ); @@ -4223,14 +4215,8 @@ static int ssl_write_new_session_ticket( mbedtls_ssl_context *ssl ) tlen = 0; } - ssl->out_msg[4] = MBEDTLS_BYTE_3( lifetime ); - ssl->out_msg[5] = MBEDTLS_BYTE_2( lifetime ); - ssl->out_msg[6] = MBEDTLS_BYTE_1( lifetime ); - ssl->out_msg[7] = MBEDTLS_BYTE_0( lifetime ); - - ssl->out_msg[8] = MBEDTLS_BYTE_1( tlen ); - ssl->out_msg[9] = MBEDTLS_BYTE_0( tlen ); - + MBEDTLS_PUT_UINT32_BE( lifetime, ssl->out_msg, 4 ); + MBEDTLS_PUT_UINT16_BE( tlen, ssl->out_msg, 8 ); ssl->out_msglen = 10 + tlen; /* diff --git a/library/ssl_ticket.c b/library/ssl_ticket.c index a7a55f1a7..bce9a1cd7 100644 --- a/library/ssl_ticket.c +++ b/library/ssl_ticket.c @@ -245,8 +245,7 @@ int mbedtls_ssl_ticket_write( void *p_ticket, { goto cleanup; } - state_len_bytes[0] = MBEDTLS_BYTE_1( clear_len ); - state_len_bytes[1] = MBEDTLS_BYTE_0( clear_len ); + MBEDTLS_PUT_UINT16_BE( clear_len, state_len_bytes, 0 ); /* Encrypt and authenticate */ if( ( ret = mbedtls_cipher_auth_encrypt_ext( &key->ctx, diff --git a/library/x509write_crt.c b/library/x509write_crt.c index 0daf0683e..17b3e7966 100644 --- a/library/x509write_crt.c +++ b/library/x509write_crt.c @@ -251,8 +251,7 @@ int mbedtls_x509write_crt_set_key_usage( mbedtls_x509write_cert *ctx, return( MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE ); c = buf + 5; - ku[0] = MBEDTLS_BYTE_0( key_usage ); - ku[1] = MBEDTLS_BYTE_1( key_usage ); + MBEDTLS_PUT_UINT16_LE( key_usage, ku, 0 ); ret = mbedtls_asn1_write_named_bitstring( &c, buf, ku, 9 ); if( ret < 0 ) From 5241e343ded7655e4baa95a493002ec93ae458c1 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Mon, 19 Jul 2021 15:29:18 +0100 Subject: [PATCH 26/32] Improve consitency throughout library/common.h Replace the contents of MBEDTLS_PUT_UINTx_yz contained inconsitent but similar/duplicate code to the MBEDTLS_BYTE_x macros. Therefore the contents of the macros now utilise the byte reading macros. MBEDTLS_PUT_UINT64_LE's written order was also not consitent with the other PUT macros, so that was modified. Documentation comment said LSB instead of MSB and that has also been resolved. Signed-off-by: Joe Subbiani --- library/common.h | 166 +++++++++++++++++++++++------------------------ 1 file changed, 83 insertions(+), 83 deletions(-) diff --git a/library/common.h b/library/common.h index 3e8f88bf3..ba0396c58 100644 --- a/library/common.h +++ b/library/common.h @@ -93,12 +93,12 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c * integer from. */ #ifndef MBEDTLS_GET_UINT32_BE -#define MBEDTLS_GET_UINT32_BE( data , offset ) \ - ( \ - ( (uint32_t) ( data )[( offset ) ] << 24 ) \ - | ( (uint32_t) ( data )[( offset ) + 1] << 16 ) \ - | ( (uint32_t) ( data )[( offset ) + 2] << 8 ) \ - | ( (uint32_t) ( data )[( offset ) + 3] ) \ +#define MBEDTLS_GET_UINT32_BE( data , offset ) \ + ( \ + ( (uint32_t) ( data )[( offset ) ] << 24 ) \ + | ( (uint32_t) ( data )[( offset ) + 1] << 16 ) \ + | ( (uint32_t) ( data )[( offset ) + 2] << 8 ) \ + | ( (uint32_t) ( data )[( offset ) + 3] ) \ ) #endif @@ -112,13 +112,13 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c * byte of the 32 bits unsigned integer \p n. */ #ifndef MBEDTLS_PUT_UINT32_BE -#define MBEDTLS_PUT_UINT32_BE( n, data, offset ) \ - do { \ - ( data )[( offset ) ] = (unsigned char) ( (n) >> 24 ); \ - ( data )[( offset ) + 1] = (unsigned char) ( (n) >> 16 ); \ - ( data )[( offset ) + 2] = (unsigned char) ( (n) >> 8 ); \ - ( data )[( offset ) + 3] = (unsigned char) ( (n) ); \ - } while( 0 ) +#define MBEDTLS_PUT_UINT32_BE( n, data, offset ) \ +{ \ + ( data )[( offset ) ] = MBEDTLS_BYTE_3( n ); \ + ( data )[( offset ) + 1] = MBEDTLS_BYTE_2( n ); \ + ( data )[( offset ) + 2] = MBEDTLS_BYTE_1( n ); \ + ( data )[( offset ) + 3] = MBEDTLS_BYTE_0( n ); \ +} #endif /** @@ -131,12 +131,12 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c * integer from. */ #ifndef MBEDTLS_GET_UINT32_LE -#define MBEDTLS_GET_UINT32_LE( data, offset ) \ - ( \ - ( (uint32_t) ( data )[( offset ) ] ) \ - | ( (uint32_t) ( data )[( offset ) + 1] << 8 ) \ - | ( (uint32_t) ( data )[( offset ) + 2] << 16 ) \ - | ( (uint32_t) ( data )[( offset ) + 3] << 24 ) \ +#define MBEDTLS_GET_UINT32_LE( data, offset ) \ + ( \ + ( (uint32_t) ( data )[( offset ) ] ) \ + | ( (uint32_t) ( data )[( offset ) + 1] << 8 ) \ + | ( (uint32_t) ( data )[( offset ) + 2] << 16 ) \ + | ( (uint32_t) ( data )[( offset ) + 3] << 24 ) \ ) #endif @@ -150,13 +150,13 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c * byte of the 32 bits unsigned integer \p n. */ #ifndef MBEDTLS_PUT_UINT32_LE -#define MBEDTLS_PUT_UINT32_LE( n, data, offset ) \ - do { \ - ( data )[( offset ) ] = (unsigned char) ( ( (n) ) & 0xFF ); \ - ( data )[( offset ) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \ - ( data )[( offset ) + 2] = (unsigned char) ( ( (n) >> 16 ) & 0xFF ); \ - ( data )[( offset ) + 3] = (unsigned char) ( ( (n) >> 24 ) & 0xFF ); \ - } while( 0 ) +#define MBEDTLS_PUT_UINT32_LE( n, data, offset ) \ +{ \ + ( data )[( offset ) ] = MBEDTLS_BYTE_0( n ); \ + ( data )[( offset ) + 1] = MBEDTLS_BYTE_1( n ); \ + ( data )[( offset ) + 2] = MBEDTLS_BYTE_2( n ); \ + ( data )[( offset ) + 3] = MBEDTLS_BYTE_3( n ); \ +} #endif /** @@ -169,10 +169,10 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c * integer from. */ #ifndef MBEDTLS_GET_UINT16_LE -#define MBEDTLS_GET_UINT16_LE( data, offset ) \ - ( \ - ( (uint16_t) ( data )[( offset ) ] ) \ - | ( (uint16_t) ( data )[( offset ) + 1] << 8 ) \ +#define MBEDTLS_GET_UINT16_LE( data, offset ) \ + ( \ + ( (uint16_t) ( data )[( offset ) ] ) \ + | ( (uint16_t) ( data )[( offset ) + 1] << 8 ) \ ) #endif @@ -186,16 +186,16 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c * byte of the 16 bits unsigned integer \p n. */ #ifndef MBEDTLS_PUT_UINT16_LE -#define MBEDTLS_PUT_UINT16_LE( n, data, offset ) \ -{ \ - ( data )[( offset ) ] = (unsigned char) ( ( (n) ) & 0xFF ); \ - ( data )[( offset ) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \ +#define MBEDTLS_PUT_UINT16_LE( n, data, offset ) \ +{ \ + ( data )[( offset ) ] = MBEDTLS_BYTE_0( n ); \ + ( data )[( offset ) + 1] = MBEDTLS_BYTE_1( n ); \ } #endif /** * Get the unsigned 16 bits integer corresponding to two bytes in - * big-endian order (LSB first). + * big-endian order (MSB first). * * \param data Base address of the memory to get the two bytes from. * \param offset Offset from \p base of the first and most significant @@ -203,10 +203,10 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c * integer from. */ #ifndef MBEDTLS_GET_UINT16_BE -#define MBEDTLS_GET_UINT16_BE( data, offset ) \ - ( \ - ( (uint16_t) ( data )[( offset ) ] << 8 ) \ - | ( (uint16_t) ( data )[( offset ) + 1] ) \ +#define MBEDTLS_GET_UINT16_BE( data, offset ) \ + ( \ + ( (uint16_t) ( data )[( offset ) ] << 8 ) \ + | ( (uint16_t) ( data )[( offset ) + 1] ) \ ) #endif @@ -220,10 +220,10 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c * byte of the 16 bits unsigned integer \p n. */ #ifndef MBEDTLS_PUT_UINT16_BE -#define MBEDTLS_PUT_UINT16_BE( n, data, offset ) \ -{ \ - ( data )[( offset ) ] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \ - ( data )[( offset ) + 1] = (unsigned char) ( ( (n) ) & 0xFF ); \ +#define MBEDTLS_PUT_UINT16_BE( n, data, offset ) \ +{ \ + ( data )[( offset ) ] = MBEDTLS_BYTE_1( n ); \ + ( data )[( offset ) + 1] = MBEDTLS_BYTE_0( n ); \ } #endif @@ -237,16 +237,16 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c * integer from. */ #ifndef MBEDTLS_GET_UINT64_BE -#define MBEDTLS_GET_UINT64_BE( data, offset ) \ - ( \ - ( (uint64_t) ( data )[( offset ) ] << 56 ) \ - | ( (uint64_t) ( data )[( offset ) + 1] << 48 ) \ - | ( (uint64_t) ( data )[( offset ) + 2] << 40 ) \ - | ( (uint64_t) ( data )[( offset ) + 3] << 32 ) \ - | ( (uint64_t) ( data )[( offset ) + 4] << 24 ) \ - | ( (uint64_t) ( data )[( offset ) + 5] << 16 ) \ - | ( (uint64_t) ( data )[( offset ) + 6] << 8 ) \ - | ( (uint64_t) ( data )[( offset ) + 7] ) \ +#define MBEDTLS_GET_UINT64_BE( data, offset ) \ + ( \ + ( (uint64_t) ( data )[( offset ) ] << 56 ) \ + | ( (uint64_t) ( data )[( offset ) + 1] << 48 ) \ + | ( (uint64_t) ( data )[( offset ) + 2] << 40 ) \ + | ( (uint64_t) ( data )[( offset ) + 3] << 32 ) \ + | ( (uint64_t) ( data )[( offset ) + 4] << 24 ) \ + | ( (uint64_t) ( data )[( offset ) + 5] << 16 ) \ + | ( (uint64_t) ( data )[( offset ) + 6] << 8 ) \ + | ( (uint64_t) ( data )[( offset ) + 7] ) \ ) #endif @@ -260,16 +260,16 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c * byte of the 64 bits unsigned integer \p n. */ #ifndef MBEDTLS_PUT_UINT64_BE -#define MBEDTLS_PUT_UINT64_BE( n, data, offset ) \ -{ \ - ( data )[( offset ) ] = (unsigned char) ( (n) >> 56 ); \ - ( data )[( offset ) + 1] = (unsigned char) ( (n) >> 48 ); \ - ( data )[( offset ) + 2] = (unsigned char) ( (n) >> 40 ); \ - ( data )[( offset ) + 3] = (unsigned char) ( (n) >> 32 ); \ - ( data )[( offset ) + 4] = (unsigned char) ( (n) >> 24 ); \ - ( data )[( offset ) + 5] = (unsigned char) ( (n) >> 16 ); \ - ( data )[( offset ) + 6] = (unsigned char) ( (n) >> 8 ); \ - ( data )[( offset ) + 7] = (unsigned char) ( (n) ); \ +#define MBEDTLS_PUT_UINT64_BE( n, data, offset ) \ +{ \ + ( data )[( offset ) ] = MBEDTLS_BYTE_7( n ); \ + ( data )[( offset ) + 1] = MBEDTLS_BYTE_6( n ); \ + ( data )[( offset ) + 2] = MBEDTLS_BYTE_5( n ); \ + ( data )[( offset ) + 3] = MBEDTLS_BYTE_4( n ); \ + ( data )[( offset ) + 4] = MBEDTLS_BYTE_3( n ); \ + ( data )[( offset ) + 5] = MBEDTLS_BYTE_2( n ); \ + ( data )[( offset ) + 6] = MBEDTLS_BYTE_1( n ); \ + ( data )[( offset ) + 7] = MBEDTLS_BYTE_0( n ); \ } #endif @@ -283,16 +283,16 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c * integer from. */ #ifndef MBEDTLS_GET_UINT64_LE -#define MBEDTLS_GET_UINT64_LE( data, offset ) \ - ( \ - ( (uint64_t) ( data )[( offset ) + 7] << 56 ) \ - | ( (uint64_t) ( data )[( offset ) + 6] << 48 ) \ - | ( (uint64_t) ( data )[( offset ) + 5] << 40 ) \ - | ( (uint64_t) ( data )[( offset ) + 4] << 32 ) \ - | ( (uint64_t) ( data )[( offset ) + 3] << 24 ) \ - | ( (uint64_t) ( data )[( offset ) + 2] << 16 ) \ - | ( (uint64_t) ( data )[( offset ) + 1] << 8 ) \ - | ( (uint64_t) ( data )[( offset ) ] ) \ +#define MBEDTLS_GET_UINT64_LE( data, offset ) \ + ( \ + ( (uint64_t) ( data )[( offset ) + 7] << 56 ) \ + | ( (uint64_t) ( data )[( offset ) + 6] << 48 ) \ + | ( (uint64_t) ( data )[( offset ) + 5] << 40 ) \ + | ( (uint64_t) ( data )[( offset ) + 4] << 32 ) \ + | ( (uint64_t) ( data )[( offset ) + 3] << 24 ) \ + | ( (uint64_t) ( data )[( offset ) + 2] << 16 ) \ + | ( (uint64_t) ( data )[( offset ) + 1] << 8 ) \ + | ( (uint64_t) ( data )[( offset ) ] ) \ ) #endif @@ -306,16 +306,16 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c * byte of the 64 bits unsigned integer \p n. */ #ifndef MBEDTLS_PUT_UINT64_LE -#define MBEDTLS_PUT_UINT64_LE( n, data, offset ) \ -{ \ - ( data )[( offset ) + 7] = (unsigned char) ( (n) >> 56 ); \ - ( data )[( offset ) + 6] = (unsigned char) ( (n) >> 48 ); \ - ( data )[( offset ) + 5] = (unsigned char) ( (n) >> 40 ); \ - ( data )[( offset ) + 4] = (unsigned char) ( (n) >> 32 ); \ - ( data )[( offset ) + 3] = (unsigned char) ( (n) >> 24 ); \ - ( data )[( offset ) + 2] = (unsigned char) ( (n) >> 16 ); \ - ( data )[( offset ) + 1] = (unsigned char) ( (n) >> 8 ); \ - ( data )[( offset ) ] = (unsigned char) ( (n) ); \ +#define MBEDTLS_PUT_UINT64_LE( n, data, offset ) \ +{ \ + ( data )[( offset ) ] = MBEDTLS_BYTE_0( n ); \ + ( data )[( offset ) + 1] = MBEDTLS_BYTE_1( n ); \ + ( data )[( offset ) + 2] = MBEDTLS_BYTE_2( n ); \ + ( data )[( offset ) + 3] = MBEDTLS_BYTE_3( n ); \ + ( data )[( offset ) + 4] = MBEDTLS_BYTE_4( n ); \ + ( data )[( offset ) + 5] = MBEDTLS_BYTE_5( n ); \ + ( data )[( offset ) + 6] = MBEDTLS_BYTE_6( n ); \ + ( data )[( offset ) + 7] = MBEDTLS_BYTE_7( n ); \ } #endif From d0687856afdc603112b39edf5443dfe539eaee40 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Wed, 21 Jul 2021 15:22:47 +0100 Subject: [PATCH 27/32] Improve documentation and add more uses of MBEDTLS_PUT minor changes, such as improving the documentation for the byte reading macros, and using MBEDTLS_PUT_UINT16_xy in place of byte reading macro combinations Signed-off-by: Joe Subbiani --- library/ccm.c | 3 +-- library/common.h | 5 ++--- library/ecp.c | 3 +-- library/ssl_cli.c | 2 +- 4 files changed, 5 insertions(+), 8 deletions(-) diff --git a/library/ccm.c b/library/ccm.c index 0188075f5..a21a37f55 100644 --- a/library/ccm.c +++ b/library/ccm.c @@ -221,8 +221,7 @@ static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length, src = add; memset( b, 0, 16 ); - b[0] = MBEDTLS_BYTE_1( add_len ); - b[1] = MBEDTLS_BYTE_0( add_len ); + MBEDTLS_PUT_UINT16_BE( add_len, b, 0 ); use_len = len_left < 16 - 2 ? len_left : 16 - 2; memcpy( b + 2, src, use_len ); diff --git a/library/common.h b/library/common.h index ba0396c58..d740c7338 100644 --- a/library/common.h +++ b/library/common.h @@ -70,9 +70,8 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c /** Byte Reading Macros * - * Obtain the most significant byte of x using 0xff - * Using MBEDTLS_BYTE_a will shift a*8 bits - * to retrieve the next byte of information + * Given a multi-byte integer \p x, MBEDTLS_BYTE_n retrieves the n-th + * byte from x, where byte 0 is the least significant byte. */ #define MBEDTLS_BYTE_0( x ) ( (uint8_t) ( ( x ) & 0xff ) ) #define MBEDTLS_BYTE_1( x ) ( (uint8_t) ( ( ( x ) >> 8 ) & 0xff ) ) diff --git a/library/ecp.c b/library/ecp.c index fdfc96006..0212069c8 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -1012,8 +1012,7 @@ int mbedtls_ecp_tls_write_group( const mbedtls_ecp_group *grp, size_t *olen, /* * Next two bytes are the namedcurve value */ - buf[0] = MBEDTLS_BYTE_1( curve_info->tls_id ); - buf[1] = MBEDTLS_BYTE_0( curve_info->tls_id ); + MBEDTLS_PUT_UINT16_BE( curve_info->tls_id, buf, 0 ); return( 0 ); } diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 3a0e6df6f..0e25b6c60 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -762,7 +762,7 @@ static int ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_USE_SRTP ); - *p++ = MBEDTLS_BYTE_1( ext_len & 0xFF00 ); + *p++ = MBEDTLS_BYTE_1( ext_len ); *p++ = MBEDTLS_BYTE_0( ext_len ); /* protection profile length: 2*(ssl->conf->dtls_srtp_profile_list_len) */ From 9ab1866b0d0adace1c6c7ac65e0d8c586ad5a320 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Wed, 21 Jul 2021 16:35:48 +0100 Subject: [PATCH 28/32] Remove trailing whitespace Signed-off-by: Joe Subbiani --- library/common.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/common.h b/library/common.h index d740c7338..780ce378d 100644 --- a/library/common.h +++ b/library/common.h @@ -70,7 +70,7 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c /** Byte Reading Macros * - * Given a multi-byte integer \p x, MBEDTLS_BYTE_n retrieves the n-th + * Given a multi-byte integer \p x, MBEDTLS_BYTE_n retrieves the n-th * byte from x, where byte 0 is the least significant byte. */ #define MBEDTLS_BYTE_0( x ) ( (uint8_t) ( ( x ) & 0xff ) ) From 1f6c3aeb63a40c22af17311ea3a8cf6e3f02e554 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Fri, 20 Aug 2021 11:44:44 +0100 Subject: [PATCH 29/32] Tidy up ssl_*.c grouped MBEDTLS_BYTE_x macros exchange groups of the byte reading macros with MBEDTLS_PUT_UINTxyz and then shift the pointer afterwards. Easier to read as you can see how big the data is that you are putting in, and in the case of UINT32 AND UINT64 it saves some vertical space. Signed-off-by: Joe Subbiani --- library/ssl_cli.c | 121 +++++++++++++++++++++++----------------------- library/ssl_srv.c | 59 +++++++++++----------- library/ssl_tls.c | 62 +++++++----------------- 3 files changed, 106 insertions(+), 136 deletions(-) diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 0e25b6c60..df32cfdb6 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -136,18 +136,19 @@ static int ssl_write_hostname_ext( mbedtls_ssl_context *ssl, * } ServerNameList; * */ - *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_SERVERNAME ); - *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_SERVERNAME ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_SERVERNAME, p, 0 ); + p += 2; - *p++ = MBEDTLS_BYTE_1( hostname_len + 5); - *p++ = MBEDTLS_BYTE_0( hostname_len + 5); + MBEDTLS_PUT_UINT16_BE( hostname_len + 5, p, 0 ); + p += 2; - *p++ = MBEDTLS_BYTE_1( hostname_len + 3 ); - *p++ = MBEDTLS_BYTE_0( hostname_len + 3 ); + MBEDTLS_PUT_UINT16_BE( hostname_len + 3, p, 0 ); + p += 2; *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_SERVERNAME_HOSTNAME ); - *p++ = MBEDTLS_BYTE_1( hostname_len ); - *p++ = MBEDTLS_BYTE_0( hostname_len ); + + MBEDTLS_PUT_UINT16_BE( hostname_len, p, 0 ); + p += 2; memcpy( p, ssl->hostname, hostname_len ); @@ -181,8 +182,8 @@ static int ssl_write_renegotiation_ext( mbedtls_ssl_context *ssl, /* * Secure renegotiation */ - *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ); - *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO, p, 0 ); + p += 2; *p++ = 0x00; *p++ = MBEDTLS_BYTE_0( ssl->verify_data_len + 1 ); @@ -281,14 +282,14 @@ static int ssl_write_signature_algorithms_ext( mbedtls_ssl_context *ssl, * SignatureAndHashAlgorithm * supported_signature_algorithms<2..2^16-2>; */ - *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_SIG_ALG ); - *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_SIG_ALG ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_SIG_ALG, p, 0 ); + p += 2; - *p++ = MBEDTLS_BYTE_1( sig_alg_len + 2 ); - *p++ = MBEDTLS_BYTE_0( sig_alg_len + 2 ); + MBEDTLS_PUT_UINT16_BE( sig_alg_len + 2, p, 0 ); + p += 2; - *p++ = MBEDTLS_BYTE_1( sig_alg_len ); - *p++ = MBEDTLS_BYTE_0( sig_alg_len ); + MBEDTLS_PUT_UINT16_BE( sig_alg_len, p, 0 ); + p += 2; *olen = 6 + sig_alg_len; @@ -356,14 +357,14 @@ static int ssl_write_supported_elliptic_curves_ext( mbedtls_ssl_context *ssl, elliptic_curve_list[elliptic_curve_len++] = MBEDTLS_BYTE_0( info->tls_id ); } - *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES ); - *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES, p, 0 ); + p += 2; - *p++ = MBEDTLS_BYTE_1( elliptic_curve_len + 2 ); - *p++ = MBEDTLS_BYTE_0( elliptic_curve_len + 2 ); + MBEDTLS_PUT_UINT16_BE( elliptic_curve_len + 2, p, 0 ); + p += 2; - *p++ = MBEDTLS_BYTE_1( elliptic_curve_len ); - *p++ = MBEDTLS_BYTE_0( elliptic_curve_len ); + MBEDTLS_PUT_UINT16_BE( elliptic_curve_len, p, 0 ); + p += 2; *olen = 6 + elliptic_curve_len; @@ -384,8 +385,8 @@ static int ssl_write_supported_point_formats_ext( mbedtls_ssl_context *ssl, ( "client hello, adding supported_point_formats extension" ) ); MBEDTLS_SSL_CHK_BUF_PTR( p, end, 6 ); - *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ); - *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS, p, 0 ); + p += 2; *p++ = 0x00; *p++ = 2; @@ -421,8 +422,8 @@ static int ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_CHK_BUF_PTR( p, end, 4 ); - *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ); - *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_ECJPAKE_KKPP, p, 0 ); + p += 2; /* * We may need to send ClientHello multiple times for Hello verification. @@ -464,8 +465,8 @@ static int ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl, memcpy( p + 2, ssl->handshake->ecjpake_cache, kkpp_len ); } - *p++ = MBEDTLS_BYTE_1( kkpp_len ); - *p++ = MBEDTLS_BYTE_0( kkpp_len ); + MBEDTLS_PUT_UINT16_BE( kkpp_len, p, 0 ); + p += 2; *olen = kkpp_len + 4; @@ -504,11 +505,11 @@ static int ssl_write_cid_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_CHK_BUF_PTR( p, end, (unsigned)( ssl->own_cid_len + 5 ) ); /* Add extension ID + size */ - *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_CID ); - *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_CID ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_CID, p, 0 ); + p += 2; ext_len = (size_t) ssl->own_cid_len + 1; - *p++ = MBEDTLS_BYTE_1( ext_len ); - *p++ = MBEDTLS_BYTE_0( ext_len ); + MBEDTLS_PUT_UINT16_BE( ext_len, p, 0 ); + p += 2; *p++ = (uint8_t) ssl->own_cid_len; memcpy( p, ssl->own_cid, ssl->own_cid_len ); @@ -537,8 +538,8 @@ static int ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_CHK_BUF_PTR( p, end, 5 ); - *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ); - *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH, p, 0 ); + p += 2; *p++ = 0x00; *p++ = 1; @@ -569,8 +570,8 @@ static int ssl_write_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_CHK_BUF_PTR( p, end, 4 ); - *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ); - *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC, p, 0 ); + p += 2; *p++ = 0x00; *p++ = 0x00; @@ -599,8 +600,8 @@ static int ssl_write_extended_ms_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_CHK_BUF_PTR( p, end, 4 ); - *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ); - *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET, p, 0 ); + p += 2; *p++ = 0x00; *p++ = 0x00; @@ -631,11 +632,11 @@ static int ssl_write_session_ticket_ext( mbedtls_ssl_context *ssl, /* The addition is safe here since the ticket length is 16 bit. */ MBEDTLS_SSL_CHK_BUF_PTR( p, end, 4 + tlen ); - *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_SESSION_TICKET ); - *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_SESSION_TICKET ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_SESSION_TICKET, p, 0 ); + p += 2; - *p++ = MBEDTLS_BYTE_1( tlen ); - *p++ = MBEDTLS_BYTE_0( tlen ); + MBEDTLS_PUT_UINT16_BE( tlen, p, 0 ); + p += 2; *olen = 4; @@ -675,8 +676,8 @@ static int ssl_write_alpn_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_CHK_BUF_PTR( p, end, 6 + alpnlen ); - *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_ALPN ); - *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_ALPN ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_ALPN, p, 0 ); + p += 2; /* * opaque ProtocolName<1..2^8-1>; @@ -758,12 +759,11 @@ static int ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, */ MBEDTLS_SSL_CHK_BUF_PTR( p, end, ext_len + 4 ); - *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_USE_SRTP ); - *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_USE_SRTP ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_USE_SRTP, p, 0 ); + p += 2; - - *p++ = MBEDTLS_BYTE_1( ext_len ); - *p++ = MBEDTLS_BYTE_0( ext_len ); + MBEDTLS_PUT_UINT16_BE( ext_len, p, 0 ); + p += 2; /* protection profile length: 2*(ssl->conf->dtls_srtp_profile_list_len) */ /* micro-optimization: @@ -786,8 +786,9 @@ static int ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, { MBEDTLS_SSL_DEBUG_MSG( 3, ( "ssl_write_use_srtp_ext, add profile: %04x", profile_value ) ); - *p++ = MBEDTLS_BYTE_1( profile_value ); - *p++ = MBEDTLS_BYTE_0( profile_value ); + MBEDTLS_PUT_UINT16_BE( profile_value, p, 0 ); + p += 2; + } else { @@ -855,10 +856,8 @@ static int ssl_generate_random( mbedtls_ssl_context *ssl ) #if defined(MBEDTLS_HAVE_TIME) t = mbedtls_time( NULL ); - *p++ = MBEDTLS_BYTE_3( t ); - *p++ = MBEDTLS_BYTE_2( t ); - *p++ = MBEDTLS_BYTE_1( t ); - *p++ = MBEDTLS_BYTE_0( t ); + MBEDTLS_PUT_UINT32_BE( t, p, 0 ); + p += 4; MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, current time: %" MBEDTLS_PRINTF_LONGLONG, (long long) t ) ); @@ -1141,8 +1140,8 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_CHK_BUF_PTR( p, end, 2 ); n++; - *p++ = MBEDTLS_BYTE_1( ciphersuites[i] ); - *p++ = MBEDTLS_BYTE_0( ciphersuites[i] ); + MBEDTLS_PUT_UINT16_BE( ciphersuites[i], p, 0 ); + p += 2; } MBEDTLS_SSL_DEBUG_MSG( 3, @@ -1157,8 +1156,8 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl ) { MBEDTLS_SSL_DEBUG_MSG( 3, ( "adding EMPTY_RENEGOTIATION_INFO_SCSV" ) ); MBEDTLS_SSL_CHK_BUF_PTR( p, end, 2 ); - *p++ = MBEDTLS_BYTE_1( MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO ); - *p++ = MBEDTLS_BYTE_0( MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO, p, 0 ); + p += 2; n++; } @@ -1321,8 +1320,8 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl ) { /* No need to check for space here, because the extension * writing functions already took care of that. */ - *p++ = MBEDTLS_BYTE_1( ext_len ); - *p++ = MBEDTLS_BYTE_0( ext_len ); + MBEDTLS_PUT_UINT16_BE( ext_len, p, 0 ); + p += 2; p += ext_len; } diff --git a/library/ssl_srv.c b/library/ssl_srv.c index a791b8076..c63af7a32 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -1970,12 +1970,11 @@ static void ssl_write_cid_ext( mbedtls_ssl_context *ssl, * opaque cid<0..2^8-1>; * } ConnectionId; */ - - *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_CID ); - *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_CID ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_CID, p, 0 ); + p += 2; ext_len = (size_t) ssl->own_cid_len + 1; - *p++ = MBEDTLS_BYTE_1( ext_len ); - *p++ = MBEDTLS_BYTE_0( ext_len ); + MBEDTLS_PUT_UINT16_BE( ext_len, p, 0 ); + p += 2; *p++ = (uint8_t) ssl->own_cid_len; memcpy( p, ssl->own_cid, ssl->own_cid_len ); @@ -2016,8 +2015,8 @@ static void ssl_write_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding encrypt then mac extension" ) ); - *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ); - *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC, p, 0 ); + p += 2; *p++ = 0x00; *p++ = 0x00; @@ -2042,8 +2041,8 @@ static void ssl_write_extended_ms_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding extended master secret " "extension" ) ); - *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ); - *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET, p, 0 ); + p += 2; *p++ = 0x00; *p++ = 0x00; @@ -2067,8 +2066,8 @@ static void ssl_write_session_ticket_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding session ticket extension" ) ); - *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_SESSION_TICKET ); - *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_SESSION_TICKET ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_SESSION_TICKET, p, 0 ); + p += 2; *p++ = 0x00; *p++ = 0x00; @@ -2091,8 +2090,8 @@ static void ssl_write_renegotiation_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, secure renegotiation extension" ) ); - *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ); - *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO, p, 0 ); + p += 2; #if defined(MBEDTLS_SSL_RENEGOTIATION) if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE ) @@ -2132,8 +2131,8 @@ static void ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, max_fragment_length extension" ) ); - *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ); - *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH, p, 0 ); + p += 2; *p++ = 0x00; *p++ = 1; @@ -2162,8 +2161,8 @@ static void ssl_write_supported_point_formats_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, supported_point_formats extension" ) ); - *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ); - *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS, p, 0 ); + p += 2; *p++ = 0x00; *p++ = 2; @@ -2200,8 +2199,8 @@ static void ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl, return; } - *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ); - *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_ECJPAKE_KKPP, p, 0 ); + p += 2; ret = mbedtls_ecjpake_write_round_one( &ssl->handshake->ecjpake_ctx, p + 2, end - p - 2, &kkpp_len, @@ -2212,8 +2211,8 @@ static void ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl, return; } - *p++ = MBEDTLS_BYTE_1( kkpp_len ); - *p++ = MBEDTLS_BYTE_0( kkpp_len ); + MBEDTLS_PUT_UINT16_BE( kkpp_len, p, 0 ); + p += 2; *olen = kkpp_len + 4; } @@ -2488,10 +2487,8 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl ) #if defined(MBEDTLS_HAVE_TIME) t = mbedtls_time( NULL ); - *p++ = MBEDTLS_BYTE_3( t ); - *p++ = MBEDTLS_BYTE_2( t ); - *p++ = MBEDTLS_BYTE_1( t ); - *p++ = MBEDTLS_BYTE_0( t ); + MBEDTLS_PUT_UINT32_BE( t, p, 0 ); + p += 4; MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, current time: %" MBEDTLS_PRINTF_LONGLONG, (long long) t ) ); @@ -2572,8 +2569,8 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_MSG( 3, ( "%s session has been resumed", ssl->handshake->resume ? "a" : "no" ) ); - *p++ = MBEDTLS_BYTE_1( ssl->session_negotiate->ciphersuite ); - *p++ = MBEDTLS_BYTE_0( ssl->session_negotiate->ciphersuite ); + MBEDTLS_PUT_UINT16_BE( ssl->session_negotiate->ciphersuite, p, 0 ); + p += 2; *p++ = MBEDTLS_BYTE_0( ssl->session_negotiate->compression ); MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, chosen ciphersuite: %s", @@ -2642,8 +2639,8 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl ) if( ext_len > 0 ) { - *p++ = MBEDTLS_BYTE_1( ext_len ); - *p++ = MBEDTLS_BYTE_0( ext_len ); + MBEDTLS_PUT_UINT16_BE( ext_len, p, 0 ); + p += 2; p += ext_len; } @@ -2819,8 +2816,8 @@ static int ssl_write_certificate_request( mbedtls_ssl_context *ssl ) break; } - *p++ = MBEDTLS_BYTE_1( dn_size ); - *p++ = MBEDTLS_BYTE_0( dn_size ); + MBEDTLS_PUT_UINT16_BE( dn_size, p, 0 ); + p += 2; memcpy( p, crt->subject_raw.p, dn_size ); p += dn_size; diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 33f026f4d..abf4c0f5f 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -4664,14 +4664,8 @@ static size_t ssl_session_save_tls12( const mbedtls_ssl_session *session, { start = (uint64_t) session->start; - *p++ = MBEDTLS_BYTE_7( start ); - *p++ = MBEDTLS_BYTE_6( start ); - *p++ = MBEDTLS_BYTE_5( start ); - *p++ = MBEDTLS_BYTE_4( start ); - *p++ = MBEDTLS_BYTE_3( start ); - *p++ = MBEDTLS_BYTE_2( start ); - *p++ = MBEDTLS_BYTE_1( start ); - *p++ = MBEDTLS_BYTE_0( start ); + MBEDTLS_PUT_UINT64_BE( start, p, 0 ); + p += 8; } #endif /* MBEDTLS_HAVE_TIME */ @@ -4687,8 +4681,8 @@ static size_t ssl_session_save_tls12( const mbedtls_ssl_session *session, if( used <= buf_len ) { - *p++ = MBEDTLS_BYTE_1( session->ciphersuite ); - *p++ = MBEDTLS_BYTE_0( session->ciphersuite ); + MBEDTLS_PUT_UINT16_BE( session->ciphersuite, p, 0 ); + p += 2; *p++ = MBEDTLS_BYTE_0( session->compression ); @@ -4699,10 +4693,8 @@ static size_t ssl_session_save_tls12( const mbedtls_ssl_session *session, memcpy( p, session->master, 48 ); p += 48; - *p++ = MBEDTLS_BYTE_3( session->verify_result ); - *p++ = MBEDTLS_BYTE_2( session->verify_result ); - *p++ = MBEDTLS_BYTE_1( session->verify_result ); - *p++ = MBEDTLS_BYTE_0( session->verify_result ); + MBEDTLS_PUT_UINT32_BE( session->verify_result, p, 0 ); + p += 4; } /* @@ -4772,10 +4764,8 @@ static size_t ssl_session_save_tls12( const mbedtls_ssl_session *session, p += session->ticket_len; } - *p++ = MBEDTLS_BYTE_3( session->ticket_lifetime ); - *p++ = MBEDTLS_BYTE_2( session->ticket_lifetime ); - *p++ = MBEDTLS_BYTE_1( session->ticket_lifetime ); - *p++ = MBEDTLS_BYTE_0( session->ticket_lifetime ); + MBEDTLS_PUT_UINT32_BE( session->ticket_lifetime, p, 0 ); + p += 4; } #endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */ @@ -5713,10 +5703,8 @@ int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl, used += 4 + session_len; if( used <= buf_len ) { - *p++ = MBEDTLS_BYTE_3( session_len ); - *p++ = MBEDTLS_BYTE_2( session_len ); - *p++ = MBEDTLS_BYTE_1( session_len ); - *p++ = MBEDTLS_BYTE_0( session_len ); + MBEDTLS_PUT_UINT32_BE( session_len, p, 0 ); + p += 4; ret = ssl_session_save( ssl->session, 1, p, session_len, &session_len ); @@ -5757,33 +5745,19 @@ int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl, used += 4; if( used <= buf_len ) { - *p++ = MBEDTLS_BYTE_3( ssl->badmac_seen ); - *p++ = MBEDTLS_BYTE_2( ssl->badmac_seen ); - *p++ = MBEDTLS_BYTE_1( ssl->badmac_seen ); - *p++ = MBEDTLS_BYTE_0( ssl->badmac_seen ); + MBEDTLS_PUT_UINT32_BE( ssl->badmac_seen, p, 0 ); + p += 4; } #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) used += 16; if( used <= buf_len ) { - *p++ = MBEDTLS_BYTE_7( ssl->in_window_top ); - *p++ = MBEDTLS_BYTE_6( ssl->in_window_top ); - *p++ = MBEDTLS_BYTE_5( ssl->in_window_top ); - *p++ = MBEDTLS_BYTE_4( ssl->in_window_top ); - *p++ = MBEDTLS_BYTE_3( ssl->in_window_top ); - *p++ = MBEDTLS_BYTE_2( ssl->in_window_top ); - *p++ = MBEDTLS_BYTE_1( ssl->in_window_top ); - *p++ = MBEDTLS_BYTE_0( ssl->in_window_top ); + MBEDTLS_PUT_UINT64_BE( ssl->in_window_top, p, 0 ); + p += 8; - *p++ = MBEDTLS_BYTE_7( ssl->in_window ); - *p++ = MBEDTLS_BYTE_6( ssl->in_window ); - *p++ = MBEDTLS_BYTE_5( ssl->in_window ); - *p++ = MBEDTLS_BYTE_4( ssl->in_window ); - *p++ = MBEDTLS_BYTE_3( ssl->in_window ); - *p++ = MBEDTLS_BYTE_2( ssl->in_window ); - *p++ = MBEDTLS_BYTE_1( ssl->in_window ); - *p++ = MBEDTLS_BYTE_0( ssl->in_window ); + MBEDTLS_PUT_UINT64_BE( ssl->in_window, p, 0 ); + p += 8; } #endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */ @@ -5806,8 +5780,8 @@ int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl, used += 2; if( used <= buf_len ) { - *p++ = MBEDTLS_BYTE_1( ssl->mtu ); - *p++ = MBEDTLS_BYTE_0( ssl->mtu ); + MBEDTLS_PUT_UINT16_BE( ssl->mtu, p, 0 ); + p += 2; } #endif /* MBEDTLS_SSL_PROTO_DTLS */ From e4603eece9aa216190edb5edd0dd3f51cf47df48 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Fri, 20 Aug 2021 13:05:30 +0100 Subject: [PATCH 30/32] Compress byte reading macros in if statements exchange MBEDTLS_BYTE_x in if statements with MBEDTLS_GET_UINT16_BE Signed-off-by: Joe Subbiani --- library/ssl_srv.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/library/ssl_srv.c b/library/ssl_srv.c index c63af7a32..1841b5579 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -1848,8 +1848,7 @@ read_record_header: for( j = 0, p = buf + ciph_offset + 2; j < ciph_len; j += 2, p += 2 ) for( i = 0; ciphersuites[i] != 0; i++ ) { - if( p[0] != MBEDTLS_BYTE_1( ciphersuites[i] ) || - p[1] != MBEDTLS_BYTE_0( ciphersuites[i] )) + if( MBEDTLS_GET_UINT16_BE(p, 0) != ciphersuites[i] ) continue; got_common_suite = 1; @@ -1865,8 +1864,7 @@ read_record_header: for( i = 0; ciphersuites[i] != 0; i++ ) for( j = 0, p = buf + ciph_offset + 2; j < ciph_len; j += 2, p += 2 ) { - if( p[0] != MBEDTLS_BYTE_1( ciphersuites[i] ) || - p[1] != MBEDTLS_BYTE_0( ciphersuites[i] )) + if( MBEDTLS_GET_UINT16_BE(p, 0) != ciphersuites[i] ) continue; got_common_suite = 1; From 94180e708ff9496f7b3bc6bfe50bdaab7226ba34 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Fri, 20 Aug 2021 16:20:44 +0100 Subject: [PATCH 31/32] Minor coding style improvement Signed-off-by: Joe Subbiani --- library/ssl_cli.c | 4 +--- library/ssl_srv.c | 3 +-- 2 files changed, 2 insertions(+), 5 deletions(-) diff --git a/library/ssl_cli.c b/library/ssl_cli.c index df32cfdb6..9120aa2f7 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -788,7 +788,6 @@ static int ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, profile_value ) ); MBEDTLS_PUT_UINT16_BE( profile_value, p, 0 ); p += 2; - } else { @@ -1321,8 +1320,7 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl ) /* No need to check for space here, because the extension * writing functions already took care of that. */ MBEDTLS_PUT_UINT16_BE( ext_len, p, 0 ); - p += 2; - p += ext_len; + p += 2 + ext_len; } ssl->out_msglen = p - buf; diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 1841b5579..b8c431484 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -2638,8 +2638,7 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl ) if( ext_len > 0 ) { MBEDTLS_PUT_UINT16_BE( ext_len, p, 0 ); - p += 2; - p += ext_len; + p += 2 + ext_len; } ssl->out_msglen = p - buf; From a5cb0d24d4737fa02ff9c0df315a582558c0ecc8 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Mon, 23 Aug 2021 11:35:25 +0100 Subject: [PATCH 32/32] Tidy up grouped MBEDTLS_BYTE_x macros exchange groups of the byte reading macros with MBEDTLS_PUT_UINTxyz and then shift the pointer afterwards. Easier to read as you can see how big the data is that you are putting in, and in the case of UINT32 AND UINT64 it saves some vertical space. Signed-off-by: Joe Subbiani --- library/ctr_drbg.c | 7 ++----- library/ecjpake.c | 11 +++-------- library/ssl_tls.c | 18 ++++++++---------- 3 files changed, 13 insertions(+), 23 deletions(-) diff --git a/library/ctr_drbg.c b/library/ctr_drbg.c index 68b32a366..93a7cdcd1 100644 --- a/library/ctr_drbg.c +++ b/library/ctr_drbg.c @@ -152,11 +152,8 @@ static int block_cipher_df( unsigned char *output, * (Total is padded to a multiple of 16-bytes with zeroes) */ p = buf + MBEDTLS_CTR_DRBG_BLOCKSIZE; - *p++ = MBEDTLS_BYTE_3( data_len ); - *p++ = MBEDTLS_BYTE_2( data_len ); - *p++ = MBEDTLS_BYTE_1( data_len ); - *p++ = MBEDTLS_BYTE_0( data_len ); - p += 3; + MBEDTLS_PUT_UINT32_BE( data_len, p, 0); + p += 4 + 3; *p++ = MBEDTLS_CTR_DRBG_SEEDLEN; memcpy( p, data, data_len ); p[data_len] = 0x80; diff --git a/library/ecjpake.c b/library/ecjpake.c index a599b1ba4..738a97719 100644 --- a/library/ecjpake.c +++ b/library/ecjpake.c @@ -180,10 +180,7 @@ static int ecjpake_write_len_point( unsigned char **p, if( ret != 0 ) return( ret ); - (*p)[0] = MBEDTLS_BYTE_3( len ); - (*p)[1] = MBEDTLS_BYTE_2( len ); - (*p)[2] = MBEDTLS_BYTE_1( len ); - (*p)[3] = MBEDTLS_BYTE_0( len ); + MBEDTLS_PUT_UINT32_BE( len, *p, 0 ); *p += 4 + len; @@ -223,10 +220,8 @@ static int ecjpake_hash( const mbedtls_md_info_t *md_info, if( end - p < 4 ) return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL ); - *p++ = MBEDTLS_BYTE_3( id_len ); - *p++ = MBEDTLS_BYTE_2( id_len ); - *p++ = MBEDTLS_BYTE_1( id_len ); - *p++ = MBEDTLS_BYTE_0( id_len ); + MBEDTLS_PUT_UINT32_BE( id_len, p, 0 ); + p += 4; if( end < p || (size_t)( end - p ) < id_len ) return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL ); diff --git a/library/ssl_tls.c b/library/ssl_tls.c index abf4c0f5f..5cd47e6ce 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -1487,8 +1487,8 @@ int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exch if( end - p < 2 ) return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - *(p++) = MBEDTLS_BYTE_1( psk_len ); - *(p++) = MBEDTLS_BYTE_0( psk_len ); + MBEDTLS_PUT_UINT16_BE( psk_len, p, 0 ); + p += 2; if( end < p || (size_t)( end - p ) < psk_len ) return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); @@ -1528,9 +1528,8 @@ int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exch MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_calc_secret", ret ); return( ret ); } - *(p++) = MBEDTLS_BYTE_1( len ); - *(p++) = MBEDTLS_BYTE_0( len ); - p += len; + MBEDTLS_PUT_UINT16_BE( len, p, 0 ); + p += 2 + len; MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: K ", &ssl->handshake->dhm_ctx.K ); } @@ -1550,9 +1549,8 @@ int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exch return( ret ); } - *(p++) = MBEDTLS_BYTE_1( zlen ); - *(p++) = MBEDTLS_BYTE_0( zlen ); - p += zlen; + MBEDTLS_PUT_UINT16_BE( zlen, p, 0 ); + p += 2 + zlen; MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx, MBEDTLS_DEBUG_ECDH_Z ); @@ -1568,8 +1566,8 @@ int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exch if( end - p < 2 ) return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - *(p++) = MBEDTLS_BYTE_1( psk_len ); - *(p++) = MBEDTLS_BYTE_0( psk_len ); + MBEDTLS_PUT_UINT16_BE( psk_len, p, 0 ); + p += 2; if( end < p || (size_t)( end - p ) < psk_len ) return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );