feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Change TLSX functions that return error with length to do so separately

Browse Source
This commit is contained in:
Sean Parkinson
2019-06-20 16:37:34 +10:00
parent d378d3c009
commit e7b3b31d9f
3 changed files with 99 additions and 93 deletions
Download Patch File Download Diff File Expand all files Collapse all files

171
src/tls.c
View File

@ -5079,7 +5079,6 @@ static word16 TLSX_QSH_Write(QSHScheme* list, byte* output)
/* write public key list in extension */ /* write public key list in extension */
static word16 TLSX_QSHPK_WriteR(QSHScheme* format, byte* output);
static word16 TLSX_QSHPK_WriteR(QSHScheme* format, byte* output) static word16 TLSX_QSHPK_WriteR(QSHScheme* format, byte* output)
{ {
word32 offset = 0; word32 offset = 0;
@ -5609,7 +5608,7 @@ static int TLSX_SupportedVersions_GetSize(void* data, byte msgType, word16* pSz)
* returns the length of data that was written. * returns the length of data that was written.
*/ */
static int TLSX_SupportedVersions_Write(void* data, byte* output, static int TLSX_SupportedVersions_Write(void* data, byte* output,
byte msgType, word16* pSz) byte msgType, word16* pSz)
{ {
WOLFSSL* ssl = (WOLFSSL*)data; WOLFSSL* ssl = (WOLFSSL*)data;
byte major; byte major;
@ -5900,7 +5899,8 @@ static int TLSX_Cookie_GetSize(Cookie* cookie, byte msgType, word16* pSz)
* msgType The type of the message this extension is being written into. * msgType The type of the message this extension is being written into.
* returns the number of bytes written into the buffer. * returns the number of bytes written into the buffer.
*/ */
static int TLSX_Cookie_Write(Cookie* cookie, byte* output, byte msgType, word16* pSz) static int TLSX_Cookie_Write(Cookie* cookie, byte* output, byte msgType,
word16* pSz)
{ {
if (msgType == client_hello || msgType == hello_retry_request) { if (msgType == client_hello || msgType == hello_retry_request) {
c16toa(cookie->len, output); c16toa(cookie->len, output);
@ -6642,7 +6642,7 @@ static void TLSX_KeyShare_FreeAll(KeyShareEntry* list, void* heap)
*/ */
static word16 TLSX_KeyShare_GetSize(KeyShareEntry* list, byte msgType) static word16 TLSX_KeyShare_GetSize(KeyShareEntry* list, byte msgType)
{ {
int len = 0; word16 len = 0;
byte isRequest = (msgType == client_hello); byte isRequest = (msgType == client_hello);
KeyShareEntry* current; KeyShareEntry* current;
@ -6659,10 +6659,10 @@ static word16 TLSX_KeyShare_GetSize(KeyShareEntry* list, byte msgType)
if (!isRequest && current->key == NULL) if (!isRequest && current->key == NULL)
continue; continue;
len += (int)(KE_GROUP_LEN + OPAQUE16_LEN + current->pubKeyLen); len += KE_GROUP_LEN + OPAQUE16_LEN + current->pubKeyLen;
} }
return (word16)len; return len;
} }
/* Writes the key share extension into the output buffer. /* Writes the key share extension into the output buffer.
@ -7741,7 +7741,8 @@ static void TLSX_PreSharedKey_FreeAll(PreSharedKey* list, void* heap)
* returns the number of bytes of the encoded pre-shared key extension or * returns the number of bytes of the encoded pre-shared key extension or
* SANITY_MSG_E to indicate invalid message type. * SANITY_MSG_E to indicate invalid message type.
*/ */
static word16 TLSX_PreSharedKey_GetSize(PreSharedKey* list, byte msgType) static int TLSX_PreSharedKey_GetSize(PreSharedKey* list, byte msgType,
word16* pSz)
{ {
if (msgType == client_hello) { if (msgType == client_hello) {
/* Length of identities + Length of binders. */ /* Length of identities + Length of binders. */
@ -7752,14 +7753,16 @@ static word16 TLSX_PreSharedKey_GetSize(PreSharedKey* list, byte msgType)
OPAQUE8_LEN + list->binderLen; OPAQUE8_LEN + list->binderLen;
list = list->next; list = list->next;
} }
return len; *pSz += len;
return 0;
} }
if (msgType == server_hello) { if (msgType == server_hello) {
return OPAQUE16_LEN; *pSz += OPAQUE16_LEN;
return 0;
} }
return 0; return SANITY_MSG_E;
} }
/* The number of bytes to be written for the binders. /* The number of bytes to be written for the binders.
@ -7769,12 +7772,13 @@ static word16 TLSX_PreSharedKey_GetSize(PreSharedKey* list, byte msgType)
* returns the number of bytes of the encoded pre-shared key extension or * returns the number of bytes of the encoded pre-shared key extension or
* SANITY_MSG_E to indicate invalid message type. * SANITY_MSG_E to indicate invalid message type.
*/ */
word16 TLSX_PreSharedKey_GetSizeBinders(PreSharedKey* list, byte msgType) int TLSX_PreSharedKey_GetSizeBinders(PreSharedKey* list, byte msgType,
word16* pSz)
{ {
word16 len; word16 len;
if (msgType != client_hello) if (msgType != client_hello)
return (word16)SANITY_MSG_E; return SANITY_MSG_E;
/* Length of all binders. */ /* Length of all binders. */
len = OPAQUE16_LEN; len = OPAQUE16_LEN;
@ -7783,7 +7787,8 @@ word16 TLSX_PreSharedKey_GetSizeBinders(PreSharedKey* list, byte msgType)
list = list->next; list = list->next;
} }
return len; *pSz = len;
return 0;
} }
/* Writes the pre-shared key extension into the output buffer - binders only. /* Writes the pre-shared key extension into the output buffer - binders only.
@ -7794,8 +7799,8 @@ word16 TLSX_PreSharedKey_GetSizeBinders(PreSharedKey* list, byte msgType)
* msgType The type of the message this extension is being written into. * msgType The type of the message this extension is being written into.
* returns the number of bytes written into the buffer. * returns the number of bytes written into the buffer.
*/ */
word16 TLSX_PreSharedKey_WriteBinders(PreSharedKey* list, byte* output, int TLSX_PreSharedKey_WriteBinders(PreSharedKey* list, byte* output,
byte msgType) byte msgType, word16* pSz)
{ {
PreSharedKey* current = list; PreSharedKey* current = list;
word16 idx = 0; word16 idx = 0;
@ -7803,7 +7808,7 @@ word16 TLSX_PreSharedKey_WriteBinders(PreSharedKey* list, byte* output,
word16 len; word16 len;
if (msgType != client_hello) if (msgType != client_hello)
return (word16)SANITY_MSG_E; return SANITY_MSG_E;
/* Skip length of all binders. */ /* Skip length of all binders. */
lenIdx = idx; lenIdx = idx;
@ -7821,7 +7826,8 @@ word16 TLSX_PreSharedKey_WriteBinders(PreSharedKey* list, byte* output,
len = idx - lenIdx - OPAQUE16_LEN; len = idx - lenIdx - OPAQUE16_LEN;
c16toa(len, output + lenIdx); c16toa(len, output + lenIdx);
return idx; *pSz = idx;
return 0;
} }
@ -7833,8 +7839,8 @@ word16 TLSX_PreSharedKey_WriteBinders(PreSharedKey* list, byte* output,
* msgType The type of the message this extension is being written into. * msgType The type of the message this extension is being written into.
* returns the number of bytes written into the buffer. * returns the number of bytes written into the buffer.
*/ */
static word16 TLSX_PreSharedKey_Write(PreSharedKey* list, byte* output, static int TLSX_PreSharedKey_Write(PreSharedKey* list, byte* output,
byte msgType) byte msgType, word16* pSz)
{ {
if (msgType == client_hello) { if (msgType == client_hello) {
PreSharedKey* current = list; PreSharedKey* current = list;
@ -7868,29 +7874,28 @@ static word16 TLSX_PreSharedKey_Write(PreSharedKey* list, byte* output,
* The binders are based on the hash of all the ClientHello data up to * The binders are based on the hash of all the ClientHello data up to
* and include the identities written above. * and include the identities written above.
*/ */
len = ret = TLSX_PreSharedKey_GetSizeBinders(list, msgType); ret = TLSX_PreSharedKey_GetSizeBinders(list, msgType, &len);
if (ret < 0) if (ret < 0)
return ret; return ret;
idx += len; *pSz += idx + len;
return idx;
} }
else if (msgType == server_hello) {
if (msgType == server_hello) {
word16 i; word16 i;
/* Find the index of the chosen identity. */ /* Find the index of the chosen identity. */
for (i=0; list != NULL && !list->chosen; i++) for (i=0; list != NULL && !list->chosen; i++)
list = list->next; list = list->next;
if (list == NULL) if (list == NULL)
return (word16)BUILD_MSG_ERROR; return BUILD_MSG_ERROR;
/* The index of the identity chosen by the server from the list supplied /* The index of the identity chosen by the server from the list supplied
* by the client. * by the client.
*/ */
c16toa(i, output); c16toa(i, output);
return OPAQUE16_LEN; *pSz += OPAQUE16_LEN;
} }
else
return SANITY_MSG_E;
return 0; return 0;
} }
@ -8171,8 +8176,8 @@ int TLSX_PreSharedKey_Use(WOLFSSL* ssl, byte* identity, word16 len, word32 age,
#else #else
#define PSK_FREE_ALL(a, b) #define PSK_FREE_ALL(a, b)
#define PSK_GET_SIZE(a, b) 0 #define PSK_GET_SIZE(a, b, c) 0
#define PSK_WRITE(a, b, c) 0 #define PSK_WRITE(a, b, c, d) 0
#define PSK_PARSE(a, b, c, d) 0 #define PSK_PARSE(a, b, c, d) 0
#endif #endif
@ -8189,7 +8194,7 @@ int TLSX_PreSharedKey_Use(WOLFSSL* ssl, byte* identity, word16 len, word32 age,
* msgType The type of the message this extension is being written into. * msgType The type of the message this extension is being written into.
* returns the number of bytes of the encoded PSK KE mode extension. * returns the number of bytes of the encoded PSK KE mode extension.
*/ */
static word16 TLSX_PskKeModes_GetSize(byte modes, byte msgType) static int TLSX_PskKeModes_GetSize(byte modes, byte msgType, word16* pSz)
{ {
if (msgType == client_hello) { if (msgType == client_hello) {
/* Format: Len | Modes* */ /* Format: Len | Modes* */
@ -8199,10 +8204,11 @@ static word16 TLSX_PskKeModes_GetSize(byte modes, byte msgType)
len += OPAQUE8_LEN; len += OPAQUE8_LEN;
if (modes & (1 << PSK_DHE_KE)) if (modes & (1 << PSK_DHE_KE))
len += OPAQUE8_LEN; len += OPAQUE8_LEN;
return len; *pSz += len;
return 0;
} }
return (word16)SANITY_MSG_E; return SANITY_MSG_E;
} }
/* Writes the PSK KE modes extension into the output buffer. /* Writes the PSK KE modes extension into the output buffer.
@ -8214,7 +8220,8 @@ static word16 TLSX_PskKeModes_GetSize(byte modes, byte msgType)
* msgType The type of the message this extension is being written into. * msgType The type of the message this extension is being written into.
* returns the number of bytes written into the buffer. * returns the number of bytes written into the buffer.
*/ */
static word16 TLSX_PskKeModes_Write(byte modes, byte* output, byte msgType) static int TLSX_PskKeModes_Write(byte modes, byte* output, byte msgType,
word16* pSz)
{ {
if (msgType == client_hello) { if (msgType == client_hello) {
/* Format: Len | Modes* */ /* Format: Len | Modes* */
@ -8228,10 +8235,11 @@ static word16 TLSX_PskKeModes_Write(byte modes, byte* output, byte msgType)
/* Write out length of mode list. */ /* Write out length of mode list. */
output[0] = idx - OPAQUE8_LEN; output[0] = idx - OPAQUE8_LEN;
return idx; *pSz += idx;
return 0;
} }
return (word16)SANITY_MSG_E; return SANITY_MSG_E;
} }
/* Parse the PSK KE modes extension. /* Parse the PSK KE modes extension.
@ -8319,8 +8327,8 @@ int TLSX_PskKeModes_Use(WOLFSSL* ssl, byte modes)
#else #else
#define PKM_GET_SIZE(a, b) 0 #define PKM_GET_SIZE(a, b, c) 0
#define PKM_WRITE(a, b, c) 0 #define PKM_WRITE(a, b, c, d) 0
#define PKM_PARSE(a, b, c, d) 0 #define PKM_PARSE(a, b, c, d) 0
#endif #endif
@ -8337,10 +8345,12 @@ int TLSX_PskKeModes_Use(WOLFSSL* ssl, byte modes)
* returns the number of bytes of the encoded Post-Handshake Authentication * returns the number of bytes of the encoded Post-Handshake Authentication
* extension. * extension.
*/ */
static word16 TLSX_PostHandAuth_GetSize(byte msgType) static int TLSX_PostHandAuth_GetSize(byte msgType, word16* pSz)
{ {
if (msgType == client_hello) if (msgType == client_hello) {
*pSz += 0;
return 0; return 0;
}
return SANITY_MSG_E; return SANITY_MSG_E;
} }
@ -8353,12 +8363,14 @@ static word16 TLSX_PostHandAuth_GetSize(byte msgType)
* msgType The type of the message this extension is being written into. * msgType The type of the message this extension is being written into.
* returns the number of bytes written into the buffer. * returns the number of bytes written into the buffer.
*/ */
static word16 TLSX_PostHandAuth_Write(byte* output, byte msgType) static int TLSX_PostHandAuth_Write(byte* output, byte msgType, word16* pSz)
{ {
(void)output; (void)output;
if (msgType == client_hello) if (msgType == client_hello) {
*pSz += 0;
return 0; return 0;
}
return SANITY_MSG_E; return SANITY_MSG_E;
} }
@ -8418,8 +8430,8 @@ static int TLSX_PostHandAuth_Use(WOLFSSL* ssl)
#else #else
#define PHA_GET_SIZE(a) 0 #define PHA_GET_SIZE(a, b) 0
#define PHA_WRITE(a, b) 0 #define PHA_WRITE(a, b, c) 0
#define PHA_PARSE(a, b, c, d) 0 #define PHA_PARSE(a, b, c, d) 0
#endif #endif
@ -8435,14 +8447,18 @@ static int TLSX_PostHandAuth_Use(WOLFSSL* ssl)
* msgType The type of the message this extension is being written into. * msgType The type of the message this extension is being written into.
* returns the number of bytes of the encoded Early Data Indication extension. * returns the number of bytes of the encoded Early Data Indication extension.
*/ */
static word16 TLSX_EarlyData_GetSize(byte msgType) static int TLSX_EarlyData_GetSize(byte msgType, word16* pSz)
{ {
if (msgType == client_hello || msgType == encrypted_extensions) int ret = 0;
return 0;
if (msgType == session_ticket)
return OPAQUE32_LEN;
return SANITY_MSG_E; if (msgType == client_hello || msgType == encrypted_extensions)
*pSz += 0;
else if (msgType == session_ticket)
*pSz += OPAQUE32_LEN;
else
ret = SANITY_MSG_E;
return ret;
} }
/* Writes the Early Data Indicator extension into the output buffer. /* Writes the Early Data Indicator extension into the output buffer.
@ -8454,14 +8470,15 @@ static word16 TLSX_EarlyData_GetSize(byte msgType)
* msgType The type of the message this extension is being written into. * msgType The type of the message this extension is being written into.
* returns the number of bytes written into the buffer. * returns the number of bytes written into the buffer.
*/ */
static word16 TLSX_EarlyData_Write(word32 max, byte* output, byte msgType) static int TLSX_EarlyData_Write(word32 max, byte* output, byte msgType,
word16* pSz)
{ {
if (msgType == client_hello || msgType == encrypted_extensions) { if (msgType == client_hello || msgType == encrypted_extensions)
return 0; return 0;
} else if (msgType == session_ticket) {
if (msgType == session_ticket) {
c32toa(max, output); c32toa(max, output);
return OPAQUE32_LEN; *pSz += OPAQUE32_LEN;
return 0;
} }
return SANITY_MSG_E; return SANITY_MSG_E;
@ -8547,8 +8564,8 @@ int TLSX_EarlyData_Use(WOLFSSL* ssl, word32 max)
#else #else
#define EDI_GET_SIZE(a) 0 #define EDI_GET_SIZE(a, b) 0
#define EDI_WRITE(a, b, c) 0 #define EDI_WRITE(a, b, c, d) 0
#define EDI_PARSE(a, b, c, d) 0 #define EDI_PARSE(a, b, c, d) 0
#endif #endif
@ -8698,7 +8715,8 @@ int TLSX_SupportExtensions(WOLFSSL* ssl) {
} }
/** Tells the buffered size of the extensions in a list. */ /** Tells the buffered size of the extensions in a list. */
static int TLSX_GetSize(TLSX* list, byte* semaphore, byte msgType, word16* pLength) static int TLSX_GetSize(TLSX* list, byte* semaphore, byte msgType,
word16* pLength)
{ {
int ret = 0; int ret = 0;
TLSX* extension; TLSX* extension;
@ -8795,31 +8813,24 @@ static int TLSX_GetSize(TLSX* list, byte* semaphore, byte msgType, word16* pLeng
#if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK)
case TLSX_PRE_SHARED_KEY: case TLSX_PRE_SHARED_KEY:
ret = PSK_GET_SIZE((PreSharedKey*)extension->data, msgType); ret = PSK_GET_SIZE((PreSharedKey*)extension->data, msgType,
if (ret > 0) { &length);
length += ret;
ret = 0;
}
break; break;
case TLSX_PSK_KEY_EXCHANGE_MODES: case TLSX_PSK_KEY_EXCHANGE_MODES:
ret = PKM_GET_SIZE(extension->val, msgType); ret = PKM_GET_SIZE(extension->val, msgType, &length);
if (ret > 0) {
length += ret;
ret = 0;
}
break; break;
#endif #endif
#ifdef WOLFSSL_EARLY_DATA #ifdef WOLFSSL_EARLY_DATA
case TLSX_EARLY_DATA: case TLSX_EARLY_DATA:
length += EDI_GET_SIZE(msgType); ret = EDI_GET_SIZE(msgType, &length);
break; break;
#endif #endif
#ifdef WOLFSSL_POST_HANDSHAKE_AUTH #ifdef WOLFSSL_POST_HANDSHAKE_AUTH
case TLSX_POST_HANDSHAKE_AUTH: case TLSX_POST_HANDSHAKE_AUTH:
length += PHA_GET_SIZE(msgType); ret = PHA_GET_SIZE(msgType, &length);
break; break;
#endif #endif
@ -8969,35 +8980,29 @@ static int TLSX_Write(TLSX* list, byte* output, byte* semaphore,
#if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK)
case TLSX_PRE_SHARED_KEY: case TLSX_PRE_SHARED_KEY:
WOLFSSL_MSG("Pre-Shared Key extension to write"); WOLFSSL_MSG("Pre-Shared Key extension to write");
ret = PSK_WRITE((PreSharedKey*)extension->data, ret = PSK_WRITE((PreSharedKey*)extension->data, output + offset,
output + offset, msgType); msgType, &offset);
if (ret > 0) {
offset += ret;
ret = 0;
}
break; break;
case TLSX_PSK_KEY_EXCHANGE_MODES: case TLSX_PSK_KEY_EXCHANGE_MODES:
WOLFSSL_MSG("PSK Key Exchange Modes extension to write"); WOLFSSL_MSG("PSK Key Exchange Modes extension to write");
ret = PKM_WRITE(extension->val, output + offset, msgType); ret = PKM_WRITE(extension->val, output + offset, msgType,
if (ret > 0) { &offset);
offset += ret;
ret = 0;
}
break; break;
#endif #endif
#ifdef WOLFSSL_EARLY_DATA #ifdef WOLFSSL_EARLY_DATA
case TLSX_EARLY_DATA: case TLSX_EARLY_DATA:
WOLFSSL_MSG("Early Data extension to write"); WOLFSSL_MSG("Early Data extension to write");
offset += EDI_WRITE(extension->val, output + offset, msgType); ret = EDI_WRITE(extension->val, output + offset, msgType,
&offset);
break; break;
#endif #endif
#ifdef WOLFSSL_POST_HANDSHAKE_AUTH #ifdef WOLFSSL_POST_HANDSHAKE_AUTH
case TLSX_POST_HANDSHAKE_AUTH: case TLSX_POST_HANDSHAKE_AUTH:
WOLFSSL_MSG("Post-Handshake Authentication extension to write"); WOLFSSL_MSG("Post-Handshake Authentication extension to write");
offset += PHA_WRITE(output + offset, msgType); ret = PHA_WRITE(output + offset, msgType, &offset);
break; break;
#endif #endif
@ -9011,7 +9016,7 @@ static int TLSX_Write(TLSX* list, byte* output, byte* semaphore,
case TLSX_KEY_SHARE: case TLSX_KEY_SHARE:
WOLFSSL_MSG("Key Share extension to write"); WOLFSSL_MSG("Key Share extension to write");
offset += KS_WRITE((KeyShareEntry*)extension->data, offset += KS_WRITE((KeyShareEntry*)extension->data,
output + offset, msgType); output + offset, msgType);
break; break;
#endif #endif
} }

12
src/tls13.c
View File

@ -2478,8 +2478,8 @@ static int WritePSKBinders(WOLFSSL* ssl, byte* output, word32 idx)
return SANITY_MSG_E; return SANITY_MSG_E;
/* Get the size of the binders to determine where to write binders. */ /* Get the size of the binders to determine where to write binders. */
len = ret = TLSX_PreSharedKey_GetSizeBinders((PreSharedKey*)ext->data, ret = TLSX_PreSharedKey_GetSizeBinders((PreSharedKey*)ext->data,
client_hello); client_hello, &len);
if (ret < 0) if (ret < 0)
return ret; return ret;
idx -= len; idx -= len;
@ -2523,8 +2523,8 @@ static int WritePSKBinders(WOLFSSL* ssl, byte* output, word32 idx)
} }
/* Data entered into extension, now write to message. */ /* Data entered into extension, now write to message. */
len = ret = TLSX_PreSharedKey_WriteBinders((PreSharedKey*)ext->data, ret = TLSX_PreSharedKey_WriteBinders((PreSharedKey*)ext->data, output + idx,
output + idx, client_hello); client_hello, &len);
if (ret < 0) if (ret < 0)
return ret; return ret;
@ -3385,8 +3385,8 @@ static int DoPreSharedKeys(WOLFSSL* ssl, const byte* input, word32 helloSz,
/* Find the pre-shared key extension and calculate hash of truncated /* Find the pre-shared key extension and calculate hash of truncated
* ClientHello for binders. * ClientHello for binders.
*/ */
bindersLen = ret = TLSX_PreSharedKey_GetSizeBinders( ret = TLSX_PreSharedKey_GetSizeBinders((PreSharedKey*)ext->data,
(PreSharedKey*)ext->data, client_hello); client_hello, &bindersLen);
if (ret < 0) if (ret < 0)
return ret; return ret;

9
wolfssl/internal.h
View File

@ -2445,10 +2445,11 @@ typedef struct PreSharedKey {
struct PreSharedKey* next; /* List pointer */ struct PreSharedKey* next; /* List pointer */
} PreSharedKey; } PreSharedKey;
WOLFSSL_LOCAL word16 TLSX_PreSharedKey_WriteBinders(PreSharedKey* list, WOLFSSL_LOCAL int TLSX_PreSharedKey_WriteBinders(PreSharedKey* list,
byte* output, byte msgType); byte* output, byte msgType,
WOLFSSL_LOCAL word16 TLSX_PreSharedKey_GetSizeBinders(PreSharedKey* list, word16* pSz);
byte msgType); WOLFSSL_LOCAL int TLSX_PreSharedKey_GetSizeBinders(PreSharedKey* list,
byte msgType, word16* pSz);
WOLFSSL_LOCAL int TLSX_PreSharedKey_Use(WOLFSSL* ssl, byte* identity, WOLFSSL_LOCAL int TLSX_PreSharedKey_Use(WOLFSSL* ssl, byte* identity,
word16 len, word32 age, byte hmac, word16 len, word32 age, byte hmac,
byte cipherSuite0, byte cipherSuite, byte cipherSuite0, byte cipherSuite,