X-Git-Url: https://www.bearssl.org/gitweb//home/git/?p=BearSSL;a=blobdiff_plain;f=src%2Fssl%2Fssl_hs_common.t0;h=dd9abcb53552ea93b9fb85621043ff5645ba702e;hp=05b1797c18fd906516ebfb0b331d46b7fad667f5;hb=f81a2828787c3ae7903bff66d64d71d6362ab4e1;hpb=968da0f646a43c69a2517a240c9963ff513981b3 diff --git a/src/ssl/ssl_hs_common.t0 b/src/ssl/ssl_hs_common.t0 index 05b1797..dd9abcb 100644 --- a/src/ssl/ssl_hs_common.t0 +++ b/src/ssl/ssl_hs_common.t0 @@ -34,7 +34,7 @@ preamble { /* * This macro evaluates to a pointer to the current engine context. */ -#define ENG ((br_ssl_engine_context *)((unsigned char *)t0ctx - offsetof(br_ssl_engine_context, cpu))) +#define ENG ((br_ssl_engine_context *)(void *)((unsigned char *)t0ctx - offsetof(br_ssl_engine_context, cpu))) } @@ -79,6 +79,23 @@ preamble { : NYI ( -- ! ) "NOT YET IMPLEMENTED!" puts cr -1 fail ; +\ Debug function that prints a string (and a newline) on stderr. +cc: DBG ( addr -- ) { + extern void *stderr; + extern int fprintf(void *, const char *, ...); + fprintf(stderr, "%s\n", &t0_datablock[T0_POPi()]); +} + +\ Debug function that prints a string and an integer value (followed +\ by a newline) on stderr. +cc: DBG2 ( addr x -- ) { + extern void *stderr; + extern int fprintf(void *, const char *, ...); + int32_t x = T0_POPi(); + fprintf(stderr, "%s: %ld (0x%08lX)\n", + &t0_datablock[T0_POPi()], (long)x, (unsigned long)(uint32_t)x); +} + \ Mark the context as failed with a specific error code. This also \ returns control to the caller. cc: fail ( err -- ! ) { @@ -95,13 +112,13 @@ cc: get8 ( addr -- val ) { \ Read a 16-bit word from the context (address is offset in context). cc: get16 ( addr -- val ) { size_t addr = (size_t)T0_POP(); - T0_PUSH(*(uint16_t *)((unsigned char *)ENG + addr)); + T0_PUSH(*(uint16_t *)(void *)((unsigned char *)ENG + addr)); } \ Read a 32-bit word from the context (address is offset in context). cc: get32 ( addr -- val ) { size_t addr = (size_t)T0_POP(); - T0_PUSH(*(uint32_t *)((unsigned char *)ENG + addr)); + T0_PUSH(*(uint32_t *)(void *)((unsigned char *)ENG + addr)); } \ Set a byte in the context (address is offset in context). @@ -113,13 +130,13 @@ cc: set8 ( val addr -- ) { \ Set a 16-bit word in the context (address is offset in context). cc: set16 ( val addr -- ) { size_t addr = (size_t)T0_POP(); - *(uint16_t *)((unsigned char *)ENG + addr) = (uint16_t)T0_POP(); + *(uint16_t *)(void *)((unsigned char *)ENG + addr) = (uint16_t)T0_POP(); } \ Set a 32-bit word in the context (address is offset in context). cc: set32 ( val addr -- ) { size_t addr = (size_t)T0_POP(); - *(uint32_t *)((unsigned char *)ENG + addr) = (uint32_t)T0_POP(); + *(uint32_t *)(void *)((unsigned char *)ENG + addr) = (uint32_t)T0_POP(); } \ Define a word that evaluates as an address of a field within the @@ -754,6 +771,10 @@ cc: mkrand ( addr len -- ) { \ -- PRF for TLS-1.2: \ 4 with SHA-256 \ 5 with SHA-384 +\ +\ WARNING: if adding a new cipher suite that does not use SHA-256 for the +\ PRF (with TLS 1.2), be sure to check the suites_sha384[] array defined +\ in ssl/ssl_keyexport.c data: cipher-suite-def @@ -858,6 +879,16 @@ hexb| 0000 | \ List terminator. : prf-id ( suite -- id ) cipher-suite-to-elements 15 and ; +\ Test whether a cipher suite is only for TLS-1.2. Cipher suites that +\ can be used with TLS-1.0 or 1.1 use HMAC/SHA-1. RFC do not formally +\ forbid using a CBC-based TLS-1.2 cipher suite, e.g. based on HMAC/SHA-256, +\ with older protocol versions; however, servers should not do that, since +\ it may confuse clients. Since the server code does not try such games, +\ for consistency, the client should reject it as well (normal servers +\ don't do that, so any attempt is a sign of foul play). +: use-tls12? ( suite -- bool ) + cipher-suite-to-elements 0xF0 and 0x20 <> ; + \ Switch to negotiated security parameters for input or output. : switch-encryption ( is-client for-input -- ) { for-input } @@ -1019,21 +1050,22 @@ cc: switch-chapol-in ( is_client prf_id -- ) { cc: compute-Finished-inner ( from_client prf_id -- ) { int prf_id = T0_POP(); int from_client = T0_POPi(); - unsigned char seed[48]; - size_t seed_len; + unsigned char tmp[48]; + br_tls_prf_seed_chunk seed; br_tls_prf_impl prf = br_ssl_engine_get_PRF(ENG, prf_id); + seed.data = tmp; if (ENG->session.version >= BR_TLS12) { - seed_len = br_multihash_out(&ENG->mhash, prf_id, seed); + seed.len = br_multihash_out(&ENG->mhash, prf_id, tmp); } else { - br_multihash_out(&ENG->mhash, br_md5_ID, seed); - br_multihash_out(&ENG->mhash, br_sha1_ID, seed + 16); - seed_len = 36; + br_multihash_out(&ENG->mhash, br_md5_ID, tmp); + br_multihash_out(&ENG->mhash, br_sha1_ID, tmp + 16); + seed.len = 36; } prf(ENG->pad, 12, ENG->session.master_secret, sizeof ENG->session.master_secret, from_client ? "client finished" : "server finished", - seed, seed_len); + 1, &seed); } \ Receive ChangeCipherSpec and Finished from the peer.