From ec6fec452da8e67dc4a4420d3866ef4e3ecd735f Mon Sep 17 00:00:00 2001 From: John Safranek Date: Mon, 21 Nov 2016 09:16:53 -0800 Subject: [PATCH] Update session export with the new sequence number windows. --- src/internal.c | 81 +++++++++++++++++++--------------------------- wolfssl/internal.h | 29 ++++++++--------- 2 files changed, 47 insertions(+), 63 deletions(-) diff --git a/src/internal.c b/src/internal.c index 6d531b621..030bbaf14 100644 --- a/src/internal.c +++ b/src/internal.c @@ -355,20 +355,6 @@ static INLINE void c32toa(word32 u32, byte* c) c[3] = u32 & 0xff; } -#if defined(WOLFSSL_SESSION_EXPORT) -/* convert 64 bit integer to opaque */ -static INLINE void c64toa(word64 u64, byte* c) -{ - c[0] = (u64 >> 56) & 0xff; - c[1] = (u64 >> 48) & 0xff; - c[2] = (u64 >> 40) & 0xff; - c[3] = (u64 >> 32) & 0xff; - c[4] = (u64 >> 24) & 0xff; - c[5] = (u64 >> 16) & 0xff; - c[6] = (u64 >> 8) & 0xff; - c[7] = u64 & 0xff; -} -#endif /* WOLFSSL_SESSION_EXPORT */ #endif @@ -395,21 +381,6 @@ static INLINE void ato32(const byte* c, word32* u32) *u32 = (c[0] << 24) | (c[1] << 16) | (c[2] << 8) | c[3]; } -#if defined(WOLFSSL_SESSION_EXPORT) -/* convert opaque to word64 type */ -static INLINE void ato64(const byte* c, word64* u64) -{ - /* when doing cast to allow for shift, mask the values */ - *u64 = (((word64)c[0] << 56) & 0xff00000000000000) | - (((word64)c[1] << 48) & 0x00ff000000000000) | - (((word64)c[2] << 40) & 0x0000ff0000000000) | - (((word64)c[3] << 32) & 0x000000ff00000000) | - (((word64)c[4] << 24) & 0x00000000ff000000) | - (((word64)c[5] << 16) & 0x0000000000ff0000) | - (((word64)c[6] << 8) & 0x000000000000ff00) | - ((word64)c[7] & 0x00000000000000ff); -} -#endif /* WOLFSSL_SESSION_EXPORT */ #endif /* WOLFSSL_DTLS */ @@ -596,15 +567,18 @@ static int ExportKeyState(WOLFSSL* ssl, byte* exp, word32 len, byte ver) exp[idx++] = keys->encryptionOn; exp[idx++] = keys->decryptedCur; -#ifdef WORD64_AVAILABLE - c64toa(keys->window, exp + idx); idx += OPAQUE64_LEN; - c64toa(keys->prevWindow, exp + idx); idx += OPAQUE64_LEN; -#else - c32toa(keys->window, exp + idx); idx += OPAQUE32_LEN; - c32toa(0, exp + idx); idx += OPAQUE32_LEN; - c32toa(keys->prevWindow, exp + idx); idx += OPAQUE32_LEN; - c32toa(0, exp + idx); idx += OPAQUE32_LEN; -#endif + c16toa(WOLFSSL_DTLS_WINDOW_WORDS, exp + idx); idx += OPAQUE16_LEN; + { + word32 i; + for (i = 0; i < WOLFSSL_DTLS_WINDOW_WORDS; i++) { + c32toa(keys->window[i], exp + idx); + idx += OPAQUE32_LEN; + } + for (i = 0; i < WOLFSSL_DTLS_WINDOW_WORDS; i++) { + c32toa(keys->prevWindow[i], exp + idx); + idx += OPAQUE32_LEN; + } + } #ifdef HAVE_TRUNCATED_HMAC sz = ssl->truncated_hmac ? TRUNCATED_HMAC_SZ: ssl->specs.hash_size; @@ -729,15 +703,28 @@ static int ImportKeyState(WOLFSSL* ssl, byte* exp, word32 len, byte ver) keys->encryptionOn = exp[idx++]; keys->decryptedCur = exp[idx++]; -#ifdef WORD64_AVAILABLE - ato64(exp + idx, &keys->window); idx += OPAQUE64_LEN; - ato64(exp + idx, &keys->prevWindow); idx += OPAQUE64_LEN; -#else - ato32(exp + idx, &keys->window); idx += OPAQUE32_LEN; - ato32(exp + idx, 0); idx += OPAQUE32_LEN; - ato32(exp + idx, &keys->prevWindow); idx += OPAQUE32_LEN; - ato32(exp + idx, 0); idx += OPAQUE32_LEN; -#endif + { + word16 windowSz, i, adj = 0; + + ato16(exp + idx, &windowSz); + idx += OPAQUE16_LEN; + + if (windowSz > WOLFSSL_DTLS_WINDOW_WORDS) { + adj = WOLFSSL_DTLS_WINDOW_WORDS - windowSz; + windowSz = WOLFSSL_DTLS_WINDOW_WORDS; + } + + for (i = 0; i < windowSz; i++) { + ato32(exp + idx, &keys->window[i]); + idx += OPAQUE32_LEN; + } + idx += adj; + for (i = 0; i < windowSz; i++) { + ato32(exp + idx, &keys->prevWindow[i]); + idx += OPAQUE32_LEN; + } + idx += adj; + } #ifdef HAVE_TRUNCATED_HMAC ssl->truncated_hmac = exp[idx++]; diff --git a/wolfssl/internal.h b/wolfssl/internal.h index 3f895df1f..f69364a2a 100644 --- a/wolfssl/internal.h +++ b/wolfssl/internal.h @@ -863,6 +863,14 @@ enum { #endif +#ifndef WOLFSSL_DTLS_WINDOW_WORDS + #define WOLFSSL_DTLS_WINDOW_WORDS 2 +#endif /* WOLFSSL_DTLS_WINDOW_WORDS */ +#define DTLS_WORD_BITS (sizeof(word32) * CHAR_BIT) +#define DTLS_SEQ_BITS (WOLFSSL_DTLS_WINDOW_WORDS * DTLS_WORD_BITS) +#define DTLS_SEQ_SZ (sizeof(word32) * WOLFSSL_DTLS_WINDOW_WORDS) + + enum Misc { ECC_BYTE = 0xC0, /* ECC first cipher suite byte */ QSH_BYTE = 0xD0, /* Quantum-safe Handshake cipher suite */ @@ -960,10 +968,12 @@ enum Misc { DTLS_HANDSHAKE_FRAG_SZ = 3, /* fragment offset and length are 24 bit */ DTLS_POOL_SZ = 255,/* allowed number of list items in TX pool */ DTLS_EXPORT_PRO = 165,/* wolfSSL protocol for serialized session */ - DTLS_EXPORT_VERSION = 2, /* wolfSSL version for serialized session */ + DTLS_EXPORT_VERSION = 3, /* wolfSSL version for serialized session */ DTLS_EXPORT_OPT_SZ = 57, /* amount of bytes used from Options */ - DTLS_EXPORT_KEY_SZ = 337,/* max amount of bytes used from Keys */ - DTLS_EXPORT_MIN_KEY_SZ = 89, /* min amount of bytes used from Keys */ + DTLS_EXPORT_KEY_SZ = 323 + (DTLS_SEQ_SZ * 2), + /* max amount of bytes used from Keys */ + DTLS_EXPORT_MIN_KEY_SZ = 76 + (DTLS_SEQ_SZ * 2), + /* min amount of bytes used from Keys */ DTLS_EXPORT_SPC_SZ = 16, /* amount of bytes used from CipherSpecs */ DTLS_EXPORT_LEN = 2, /* 2 bytes for length and protocol */ DTLS_EXPORT_IP = 46, /* max ip size IPv4 mapped IPv6 */ @@ -1582,19 +1592,6 @@ typedef struct WOLFSSL_DTLS_CTX { } WOLFSSL_DTLS_CTX; -#ifdef WOLFSSL_DTLS - - #ifndef WOLFSSL_DTLS_WINDOW_WORDS - #define WOLFSSL_DTLS_WINDOW_WORDS 2 - #endif /* WOLFSSL_DTLS_WINDOW_WORDS */ - - #define DTLS_WORD_BITS (sizeof(word32) * CHAR_BIT) - #define DTLS_SEQ_BITS (WOLFSSL_DTLS_WINDOW_WORDS * DTLS_WORD_BITS) - #define DTLS_SEQ_SZ (sizeof(word32) * WOLFSSL_DTLS_WINDOW_WORDS) - -#endif /* WOLFSSL_DTLS */ - - #define MAX_WRITE_IV_SZ 16 /* max size of client/server write_IV */ /* keys and secrets