mirror of
https://github.com/openbsd/src.git
synced 2025-01-10 06:47:55 -08:00
Pull the code that builds a DTLS sequence number out into its own function
to avoid duplication. Also use fewer magic numbers. ok miod@
This commit is contained in:
jsing
parent
32c39e3d3c
commit
63152afb14
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: d1_lib.c,v 1.20 2014/06/13 04:29:13 miod Exp $ */
|
||||
/* $OpenBSD: d1_lib.c,v 1.21 2014/06/21 17:02:25 jsing Exp $ */
|
||||
/*
|
||||
* DTLS implementation written by Nagendra Modadugu
|
||||
* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
|
||||
@ -460,3 +460,16 @@ dtls1_listen(SSL *s, struct sockaddr *client)
|
||||
(void)BIO_dgram_get_peer(SSL_get_rbio(s), client);
|
||||
return 1;
|
||||
}
|
||||
|
||||
void
|
||||
dtls1_build_sequence_number(unsigned char *dst, unsigned char *seq,
|
||||
unsigned short epoch)
|
||||
{
|
||||
unsigned char dtlsseq[SSL3_SEQUENCE_SIZE];
|
||||
unsigned char *p;
|
||||
|
||||
p = dtlsseq;
|
||||
s2n(epoch, p);
|
||||
memcpy(p, &seq[2], SSL3_SEQUENCE_SIZE - 2);
|
||||
memcpy(dst, dtlsseq, SSL3_SEQUENCE_SIZE);
|
||||
}
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: d1_lib.c,v 1.20 2014/06/13 04:29:13 miod Exp $ */
|
||||
/* $OpenBSD: d1_lib.c,v 1.21 2014/06/21 17:02:25 jsing Exp $ */
|
||||
/*
|
||||
* DTLS implementation written by Nagendra Modadugu
|
||||
* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
|
||||
@ -460,3 +460,16 @@ dtls1_listen(SSL *s, struct sockaddr *client)
|
||||
(void)BIO_dgram_get_peer(SSL_get_rbio(s), client);
|
||||
return 1;
|
||||
}
|
||||
|
||||
void
|
||||
dtls1_build_sequence_number(unsigned char *dst, unsigned char *seq,
|
||||
unsigned short epoch)
|
||||
{
|
||||
unsigned char dtlsseq[SSL3_SEQUENCE_SIZE];
|
||||
unsigned char *p;
|
||||
|
||||
p = dtlsseq;
|
||||
s2n(epoch, p);
|
||||
memcpy(p, &seq[2], SSL3_SEQUENCE_SIZE - 2);
|
||||
memcpy(dst, dtlsseq, SSL3_SEQUENCE_SIZE);
|
||||
}
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: ssl_locl.h,v 1.52 2014/06/15 15:29:25 jsing Exp $ */
|
||||
/* $OpenBSD: ssl_locl.h,v 1.53 2014/06/21 17:02:25 jsing Exp $ */
|
||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||
* All rights reserved.
|
||||
*
|
||||
@ -759,9 +759,12 @@ int dtls1_retransmit_message(SSL *s, unsigned short seq,
|
||||
int dtls1_get_queue_priority(unsigned short seq, int is_ccs);
|
||||
int dtls1_retransmit_buffered_messages(SSL *s);
|
||||
void dtls1_clear_record_buffer(SSL *s);
|
||||
void dtls1_get_message_header(unsigned char *data, struct hm_header_st *msg_hdr);
|
||||
void dtls1_get_message_header(unsigned char *data,
|
||||
struct hm_header_st *msg_hdr);
|
||||
void dtls1_get_ccs_header(unsigned char *data, struct ccs_header_st *ccs_hdr);
|
||||
void dtls1_reset_seq_numbers(SSL *s, int rw);
|
||||
void dtls1_build_sequence_number(unsigned char *dst, unsigned char *seq,
|
||||
unsigned short epoch);
|
||||
long dtls1_default_timeout(void);
|
||||
struct timeval* dtls1_get_timeout(SSL *s, struct timeval* timeleft);
|
||||
int dtls1_check_timeout_num(SSL *s);
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: t1_enc.c,v 1.62 2014/06/21 14:45:22 jsing Exp $ */
|
||||
/* $OpenBSD: t1_enc.c,v 1.63 2014/06/21 17:02:25 jsing Exp $ */
|
||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||
* All rights reserved.
|
||||
*
|
||||
@ -795,11 +795,8 @@ tls1_enc(SSL *s, int send)
|
||||
ssize_t n;
|
||||
|
||||
if (SSL_IS_DTLS(s)) {
|
||||
unsigned char dtlsseq[9], *p = dtlsseq;
|
||||
|
||||
s2n(send ? s->d1->w_epoch : s->d1->r_epoch, p);
|
||||
memcpy(p, &seq[2], 6);
|
||||
memcpy(ad, dtlsseq, 8);
|
||||
dtls1_build_sequence_number(ad, seq,
|
||||
send ? s->d1->w_epoch : s->d1->r_epoch);
|
||||
} else {
|
||||
memcpy(ad, seq, SSL3_SEQUENCE_SIZE);
|
||||
ssl3_record_sequence_increment(seq);
|
||||
@ -948,11 +945,8 @@ tls1_enc(SSL *s, int send)
|
||||
unsigned char buf[13];
|
||||
|
||||
if (SSL_IS_DTLS(s)) {
|
||||
unsigned char dtlsseq[9], *p = dtlsseq;
|
||||
|
||||
s2n(send ? s->d1->w_epoch : s->d1->r_epoch, p);
|
||||
memcpy(p, &seq[2], 6);
|
||||
memcpy(buf, dtlsseq, 8);
|
||||
dtls1_build_sequence_number(buf, seq,
|
||||
send ? s->d1->w_epoch : s->d1->r_epoch);
|
||||
} else {
|
||||
memcpy(buf, seq, SSL3_SEQUENCE_SIZE);
|
||||
ssl3_record_sequence_increment(seq);
|
||||
@ -1131,15 +1125,11 @@ tls1_mac(SSL *ssl, unsigned char *md, int send)
|
||||
mac_ctx = &hmac;
|
||||
}
|
||||
|
||||
if (SSL_IS_DTLS(ssl)) {
|
||||
unsigned char dtlsseq[8], *p = dtlsseq;
|
||||
|
||||
s2n(send ? ssl->d1->w_epoch : ssl->d1->r_epoch, p);
|
||||
memcpy(p, &seq[2], 6);
|
||||
|
||||
memcpy(header, dtlsseq, 8);
|
||||
} else
|
||||
memcpy(header, seq, 8);
|
||||
if (SSL_IS_DTLS(ssl))
|
||||
dtls1_build_sequence_number(header, seq,
|
||||
send ? ssl->d1->w_epoch : ssl->d1->r_epoch);
|
||||
else
|
||||
memcpy(header, seq, SSL3_SEQUENCE_SIZE);
|
||||
|
||||
/* kludge: tls1_cbc_remove_padding passes padding length in rec->type */
|
||||
orig_len = rec->length + md_size + ((unsigned int)rec->type >> 8);
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: ssl_locl.h,v 1.52 2014/06/15 15:29:25 jsing Exp $ */
|
||||
/* $OpenBSD: ssl_locl.h,v 1.53 2014/06/21 17:02:25 jsing Exp $ */
|
||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||
* All rights reserved.
|
||||
*
|
||||
@ -759,9 +759,12 @@ int dtls1_retransmit_message(SSL *s, unsigned short seq,
|
||||
int dtls1_get_queue_priority(unsigned short seq, int is_ccs);
|
||||
int dtls1_retransmit_buffered_messages(SSL *s);
|
||||
void dtls1_clear_record_buffer(SSL *s);
|
||||
void dtls1_get_message_header(unsigned char *data, struct hm_header_st *msg_hdr);
|
||||
void dtls1_get_message_header(unsigned char *data,
|
||||
struct hm_header_st *msg_hdr);
|
||||
void dtls1_get_ccs_header(unsigned char *data, struct ccs_header_st *ccs_hdr);
|
||||
void dtls1_reset_seq_numbers(SSL *s, int rw);
|
||||
void dtls1_build_sequence_number(unsigned char *dst, unsigned char *seq,
|
||||
unsigned short epoch);
|
||||
long dtls1_default_timeout(void);
|
||||
struct timeval* dtls1_get_timeout(SSL *s, struct timeval* timeleft);
|
||||
int dtls1_check_timeout_num(SSL *s);
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: t1_enc.c,v 1.62 2014/06/21 14:45:22 jsing Exp $ */
|
||||
/* $OpenBSD: t1_enc.c,v 1.63 2014/06/21 17:02:25 jsing Exp $ */
|
||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||
* All rights reserved.
|
||||
*
|
||||
@ -795,11 +795,8 @@ tls1_enc(SSL *s, int send)
|
||||
ssize_t n;
|
||||
|
||||
if (SSL_IS_DTLS(s)) {
|
||||
unsigned char dtlsseq[9], *p = dtlsseq;
|
||||
|
||||
s2n(send ? s->d1->w_epoch : s->d1->r_epoch, p);
|
||||
memcpy(p, &seq[2], 6);
|
||||
memcpy(ad, dtlsseq, 8);
|
||||
dtls1_build_sequence_number(ad, seq,
|
||||
send ? s->d1->w_epoch : s->d1->r_epoch);
|
||||
} else {
|
||||
memcpy(ad, seq, SSL3_SEQUENCE_SIZE);
|
||||
ssl3_record_sequence_increment(seq);
|
||||
@ -948,11 +945,8 @@ tls1_enc(SSL *s, int send)
|
||||
unsigned char buf[13];
|
||||
|
||||
if (SSL_IS_DTLS(s)) {
|
||||
unsigned char dtlsseq[9], *p = dtlsseq;
|
||||
|
||||
s2n(send ? s->d1->w_epoch : s->d1->r_epoch, p);
|
||||
memcpy(p, &seq[2], 6);
|
||||
memcpy(buf, dtlsseq, 8);
|
||||
dtls1_build_sequence_number(buf, seq,
|
||||
send ? s->d1->w_epoch : s->d1->r_epoch);
|
||||
} else {
|
||||
memcpy(buf, seq, SSL3_SEQUENCE_SIZE);
|
||||
ssl3_record_sequence_increment(seq);
|
||||
@ -1131,15 +1125,11 @@ tls1_mac(SSL *ssl, unsigned char *md, int send)
|
||||
mac_ctx = &hmac;
|
||||
}
|
||||
|
||||
if (SSL_IS_DTLS(ssl)) {
|
||||
unsigned char dtlsseq[8], *p = dtlsseq;
|
||||
|
||||
s2n(send ? ssl->d1->w_epoch : ssl->d1->r_epoch, p);
|
||||
memcpy(p, &seq[2], 6);
|
||||
|
||||
memcpy(header, dtlsseq, 8);
|
||||
} else
|
||||
memcpy(header, seq, 8);
|
||||
if (SSL_IS_DTLS(ssl))
|
||||
dtls1_build_sequence_number(header, seq,
|
||||
send ? ssl->d1->w_epoch : ssl->d1->r_epoch);
|
||||
else
|
||||
memcpy(header, seq, SSL3_SEQUENCE_SIZE);
|
||||
|
||||
/* kludge: tls1_cbc_remove_padding passes padding length in rec->type */
|
||||
orig_len = rec->length + md_size + ((unsigned int)rec->type >> 8);
|
||||
|
||||
Loading…
Reference in New Issue
Block a user