Added stricter rule on input for RSA private key operation (mathematically correct...

[BearSSL] / src / ssl / ssl_hs_common.t0

diff --git a/src/ssl/ssl_hs_common.t0 b/src/ssl/ssl_hs_common.t0
index dc025ff..dd9abcb 100644 (file)
--- a/src/ssl/ssl_hs_common.t0
+++ b/src/ssl/ssl_hs_common.t0
@@ -34,7 +34,7 @@ preamble {
 /*
  * This macro evaluates to a pointer to the current engine context.
  */
 /*
  * This macro evaluates to a pointer to the current engine context.
  */

-#define ENG  ((br_ssl_engine_context *)((unsigned char *)t0ctx - offsetof(br_ssl_engine_context, cpu)))
+#define ENG  ((br_ssl_engine_context *)(void *)((unsigned char *)t0ctx - offsetof(br_ssl_engine_context, cpu)))

 
 }
 
 
 }
 


@@ -112,13 +112,13 @@ cc: get8 ( addr -- val ) {
 \ Read a 16-bit word from the context (address is offset in context).
 cc: get16 ( addr -- val ) {
        size_t addr = (size_t)T0_POP();
 \ Read a 16-bit word from the context (address is offset in context).
 cc: get16 ( addr -- val ) {
        size_t addr = (size_t)T0_POP();

-       T0_PUSH(*(uint16_t *)((unsigned char *)ENG + addr));
+       T0_PUSH(*(uint16_t *)(void *)((unsigned char *)ENG + addr));

 }
 
 \ Read a 32-bit word from the context (address is offset in context).
 cc: get32 ( addr -- val ) {
        size_t addr = (size_t)T0_POP();
 }
 
 \ Read a 32-bit word from the context (address is offset in context).
 cc: get32 ( addr -- val ) {
        size_t addr = (size_t)T0_POP();

-       T0_PUSH(*(uint32_t *)((unsigned char *)ENG + addr));
+       T0_PUSH(*(uint32_t *)(void *)((unsigned char *)ENG + addr));

 }
 
 \ Set a byte in the context (address is offset in context).
 }
 
 \ Set a byte in the context (address is offset in context).


@@ -130,13 +130,13 @@ cc: set8 ( val addr -- ) {
 \ Set a 16-bit word in the context (address is offset in context).
 cc: set16 ( val addr -- ) {
        size_t addr = (size_t)T0_POP();
 \ Set a 16-bit word in the context (address is offset in context).
 cc: set16 ( val addr -- ) {
        size_t addr = (size_t)T0_POP();

-       *(uint16_t *)((unsigned char *)ENG + addr) = (uint16_t)T0_POP();
+       *(uint16_t *)(void *)((unsigned char *)ENG + addr) = (uint16_t)T0_POP();

 }
 
 \ Set a 32-bit word in the context (address is offset in context).
 cc: set32 ( val addr -- ) {
        size_t addr = (size_t)T0_POP();
 }
 
 \ Set a 32-bit word in the context (address is offset in context).
 cc: set32 ( val addr -- ) {
        size_t addr = (size_t)T0_POP();

-       *(uint32_t *)((unsigned char *)ENG + addr) = (uint32_t)T0_POP();
+       *(uint32_t *)(void *)((unsigned char *)ENG + addr) = (uint32_t)T0_POP();

 }
 
 \ Define a word that evaluates as an address of a field within the
 }
 
 \ Define a word that evaluates as an address of a field within the


@@ -879,6 +879,16 @@ hexb| 0000 | \ List terminator.
 : prf-id ( suite -- id )
        cipher-suite-to-elements 15 and ;
 
 : prf-id ( suite -- id )
        cipher-suite-to-elements 15 and ;
 

+\ Test whether a cipher suite is only for TLS-1.2. Cipher suites that
+\ can be used with TLS-1.0 or 1.1 use HMAC/SHA-1. RFC do not formally
+\ forbid using a CBC-based TLS-1.2 cipher suite, e.g. based on HMAC/SHA-256,
+\ with older protocol versions; however, servers should not do that, since
+\ it may confuse clients. Since the server code does not try such games,
+\ for consistency, the client should reject it as well (normal servers
+\ don't do that, so any attempt is a sign of foul play).
+: use-tls12? ( suite -- bool )
+       cipher-suite-to-elements 0xF0 and 0x20 <> ;
+

 \ Switch to negotiated security parameters for input or output.
 : switch-encryption ( is-client for-input -- )
        { for-input }
 \ Switch to negotiated security parameters for input or output.
 : switch-encryption ( is-client for-input -- )
        { for-input }