mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-03-31 10:20:45 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Account for additional record expansion when using CIDs

Browse Source 
Using the Connection ID extension increases the maximum record expansion
because
- the real record content type is added to the plaintext
- the plaintext may be padded with an arbitrary number of
  zero bytes, in order to prevent leakage of information
  through package length analysis. Currently, we always
  pad the plaintext in a minimal way so that its length
  is a multiple of 16 Bytes.

This commit adapts the various parts of the library to account
for that additional source of record expansion.
This commit is contained in:
Hanno Becker 2019-05-08 15:40:11 +01:00
parent ad4a137965
commit 6cbad5560d
2 changed files with 27 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
include/mbedtls/ssl_internal.h
View File

@ -175,10 +175,19 @@
#define MBEDTLS_SSL_PADDING_ADD 0 #define MBEDTLS_SSL_PADDING_ADD 0
#endif #endif
#if defined(MBEDTLS_SSL_CID)
#define MBEDTLS_SSL_MAX_CID_EXPANSION 16 /* Currently, we pad records
* to lengths which are multiples
* of 16 Bytes. */
#else
#define MBEDTLS_SSL_MAX_CID_EXPANSION 0
#endif
#define MBEDTLS_SSL_PAYLOAD_OVERHEAD ( MBEDTLS_SSL_COMPRESSION_ADD + \ #define MBEDTLS_SSL_PAYLOAD_OVERHEAD ( MBEDTLS_SSL_COMPRESSION_ADD + \
MBEDTLS_MAX_IV_LENGTH + \ MBEDTLS_MAX_IV_LENGTH + \
MBEDTLS_SSL_MAC_ADD + \ MBEDTLS_SSL_MAC_ADD + \
MBEDTLS_SSL_PADDING_ADD \ MBEDTLS_SSL_PADDING_ADD + \
MBEDTLS_SSL_MAX_CID_EXPANSION \
) )
#define MBEDTLS_SSL_IN_PAYLOAD_LEN ( MBEDTLS_SSL_PAYLOAD_OVERHEAD + \ #define MBEDTLS_SSL_IN_PAYLOAD_LEN ( MBEDTLS_SSL_PAYLOAD_OVERHEAD + \
@ -231,11 +240,23 @@
implicit sequence number. */ implicit sequence number. */
#define MBEDTLS_SSL_HEADER_LEN 13 #define MBEDTLS_SSL_HEADER_LEN 13
#if defined(MBEDTLS_SSL_CID)
#define MBEDTLS_SSL_IN_BUFFER_LEN \ #define MBEDTLS_SSL_IN_BUFFER_LEN \
( ( MBEDTLS_SSL_HEADER_LEN ) + ( MBEDTLS_SSL_IN_PAYLOAD_LEN ) ) ( ( MBEDTLS_SSL_HEADER_LEN ) + ( MBEDTLS_SSL_IN_PAYLOAD_LEN ) )
#else
#define MBEDTLS_SSL_IN_BUFFER_LEN \
( ( MBEDTLS_SSL_HEADER_LEN ) + ( MBEDTLS_SSL_IN_PAYLOAD_LEN ) \
+ ( MBEDTLS_SSL_CID_IN_LEN_MAX ) )
#endif
#if defined(MBEDTLS_SSL_CID)
#define MBEDTLS_SSL_OUT_BUFFER_LEN \ #define MBEDTLS_SSL_OUT_BUFFER_LEN \
( ( MBEDTLS_SSL_HEADER_LEN ) + ( MBEDTLS_SSL_OUT_PAYLOAD_LEN ) ) ( ( MBEDTLS_SSL_HEADER_LEN ) + ( MBEDTLS_SSL_OUT_PAYLOAD_LEN ) )
#else
#define MBEDTLS_SSL_OUT_BUFFER_LEN \
( ( MBEDTLS_SSL_HEADER_LEN ) + ( MBEDTLS_SSL_OUT_PAYLOAD_LEN ) \
+ ( MBEDTLS_SSL_CID_OUT_LEN_MAX ) )
#endif
#ifdef MBEDTLS_ZLIB_SUPPORT #ifdef MBEDTLS_ZLIB_SUPPORT
/* Compression buffer holds both IN and OUT buffers, so should be size of the larger */ /* Compression buffer holds both IN and OUT buffers, so should be size of the larger */

5
library/ssl_tls.c
View File

@ -9261,6 +9261,11 @@ int mbedtls_ssl_get_record_expansion( const mbedtls_ssl_context *ssl )
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
} }
#if defined(MBEDTLS_SSL_CID)
if( transform->out_cid_len != 0 )
transform_expansion += MBEDTLS_SSL_MAX_CID_EXPANSION;
#endif /* MBEDTLS_SSL_CID */
return( (int)( out_hdr_len + transform_expansion ) ); return( (int)( out_hdr_len + transform_expansion ) );
} }