Rename counter_len

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2025-01-25 09:35:19 +00:00 · 2021-10-08 15:21:19 +08:00 · 2021-10-08 15:21:19 +08:00 · ae0b2e2a2f
commit ae0b2e2a2f
parent c1ddeef53a
4 changed files with 29 additions and 26 deletions
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@ -594,7 +594,7 @@ union mbedtls_ssl_premaster_secret
 #define MBEDTLS_PREMASTER_SIZE     sizeof( union mbedtls_ssl_premaster_secret )

 /* Length in number of bytes of the TLS sequence number */
-#define MBEDTLS_SSL_COUNTER_LEN 8
+#define MBEDTLS_SSL_SEQUENCE_NUMBER_LEN 8

 #ifdef __cplusplus
 extern "C" {
@ -1555,7 +1555,7 @@ struct mbedtls_ssl_context
    size_t MBEDTLS_PRIVATE(out_buf_len);         /*!< length of output buffer          */
 #endif

-    unsigned char MBEDTLS_PRIVATE(cur_out_ctr)[MBEDTLS_SSL_COUNTER_LEN]; /*!<  Outgoing record sequence  number. */
+    unsigned char MBEDTLS_PRIVATE(cur_out_ctr)[MBEDTLS_SSL_SEQUENCE_NUMBER_LEN]; /*!<  Outgoing record sequence  number. */

 #if defined(MBEDTLS_SSL_PROTO_DTLS)
    uint16_t MBEDTLS_PRIVATE(mtu);               /*!< path mtu, used to fragment outgoing messages */
--- a/library/ssl_misc.h
+++ b/library/ssl_misc.h
@ -573,8 +573,8 @@ struct mbedtls_ssl_handshake_params
                                              flight being received          */
    mbedtls_ssl_transform *alt_transform_out;   /*!<  Alternative transform for
                                              resending messages             */
-    unsigned char alt_out_ctr[MBEDTLS_SSL_COUNTER_LEN]; /*!<  Alternative record epoch/counter
-                                                              for resending messages         */
+    unsigned char alt_out_ctr[MBEDTLS_SSL_SEQUENCE_NUMBER_LEN]; /*!<  Alternative record epoch/counter
+                                                                      for resending messages         */

 #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
    /* The state of CID configuration in this handshake. */
@ -873,14 +873,14 @@ static inline int mbedtls_ssl_transform_uses_aead(

 typedef struct
 {
-    uint8_t ctr[MBEDTLS_SSL_COUNTER_LEN];  /* In TLS:  The implicit record sequence number.
-                                            * In DTLS: The 2-byte epoch followed by
-                                            *          the 6-byte sequence number.
-                                            * This is stored as a raw big endian byte array
-                                            * as opposed to a uint64_t because we rarely
-                                            * need to perform arithmetic on this, but do
-                                            * need it as a Byte array for the purpose of
-                                            * MAC computations.                             */
+    uint8_t ctr[MBEDTLS_SSL_SEQUENCE_NUMBER_LEN];  /* In TLS:  The implicit record sequence number.
+                                                    * In DTLS: The 2-byte epoch followed by
+                                                    *          the 6-byte sequence number.
+                                                    * This is stored as a raw big endian byte array
+                                                    * as opposed to a uint64_t because we rarely
+                                                    * need to perform arithmetic on this, but do
+                                                    * need it as a Byte array for the purpose of
+                                                    * MAC computations.                             */
    uint8_t type;           /* The record content type.                      */
    uint8_t ver[2];         /* SSL/TLS version as present on the wire.
                             * Convert to internal presentation of versions
--- a/library/ssl_msg.c
+++ b/library/ssl_msg.c
@ -2101,7 +2101,7 @@ void mbedtls_ssl_flight_free( mbedtls_ssl_flight_item *flight )
 static int ssl_swap_epochs( mbedtls_ssl_context *ssl )
 {
    mbedtls_ssl_transform *tmp_transform;
-    unsigned char tmp_out_ctr[MBEDTLS_SSL_COUNTER_LEN];
+    unsigned char tmp_out_ctr[MBEDTLS_SSL_SEQUENCE_NUMBER_LEN];

    if( ssl->transform_out == ssl->handshake->alt_transform_out )
    {
@ -2564,7 +2564,7 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl, uint8_t force_flush )
        mbedtls_ssl_write_version( ssl->major_ver, ssl->minor_ver,
                           ssl->conf->transport, ssl->out_hdr + 1 );

-        memcpy( ssl->out_ctr, ssl->cur_out_ctr, MBEDTLS_SSL_COUNTER_LEN );
+        memcpy( ssl->out_ctr, ssl->cur_out_ctr, MBEDTLS_SSL_SEQUENCE_NUMBER_LEN );
        MBEDTLS_PUT_UINT16_BE( len, ssl->out_len, 0);

        if( ssl->transform_out != NULL )
@ -3651,9 +3651,12 @@ static int ssl_prepare_record_content( mbedtls_ssl_context *ssl,
 #endif
        {
            unsigned i;
-            for( i = MBEDTLS_SSL_COUNTER_LEN; i > mbedtls_ssl_ep_len( ssl ); i-- )
+            for( i = MBEDTLS_SSL_SEQUENCE_NUMBER_LEN;
+                 i > mbedtls_ssl_ep_len( ssl ); i-- )
+            {
                if( ++ssl->in_ctr[i - 1] != 0 )
                    break;
+            }

            /* The loop goes to its end iff the counter is wrapping */
            if( i == mbedtls_ssl_ep_len( ssl ) )
@ -4793,7 +4796,7 @@ int mbedtls_ssl_parse_change_cipher_spec( mbedtls_ssl_context *ssl )
    }
    else
 #endif /* MBEDTLS_SSL_PROTO_DTLS */
-    mbedtls_platform_zeroize( ssl->in_ctr, MBEDTLS_SSL_COUNTER_LEN );
+    mbedtls_platform_zeroize( ssl->in_ctr, MBEDTLS_SSL_SEQUENCE_NUMBER_LEN );

    mbedtls_ssl_update_in_pointers( ssl );

@ -4829,12 +4832,12 @@ void mbedtls_ssl_update_out_pointers( mbedtls_ssl_context *ssl,
    {
        ssl->out_ctr = ssl->out_hdr +  3;
 #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-        ssl->out_cid = ssl->out_ctr + MBEDTLS_SSL_COUNTER_LEN;
+        ssl->out_cid = ssl->out_ctr + MBEDTLS_SSL_SEQUENCE_NUMBER_LEN;
        ssl->out_len = ssl->out_cid;
        if( transform != NULL )
            ssl->out_len += transform->out_cid_len;
 #else /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
-        ssl->out_len = ssl->out_ctr + MBEDTLS_SSL_COUNTER_LEN;
+        ssl->out_len = ssl->out_ctr + MBEDTLS_SSL_SEQUENCE_NUMBER_LEN;
 #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
        ssl->out_iv  = ssl->out_len + 2;
    }
@ -4883,17 +4886,17 @@ void mbedtls_ssl_update_in_pointers( mbedtls_ssl_context *ssl )
         * ssl_parse_record_header(). */
        ssl->in_ctr = ssl->in_hdr +  3;
 #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-        ssl->in_cid = ssl->in_ctr + MBEDTLS_SSL_COUNTER_LEN;
+        ssl->in_cid = ssl->in_ctr + MBEDTLS_SSL_SEQUENCE_NUMBER_LEN;
        ssl->in_len = ssl->in_cid; /* Default: no CID */
 #else /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
-        ssl->in_len = ssl->in_ctr + MBEDTLS_SSL_COUNTER_LEN;
+        ssl->in_len = ssl->in_ctr + MBEDTLS_SSL_SEQUENCE_NUMBER_LEN;
 #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
        ssl->in_iv  = ssl->in_len + 2;
    }
    else
 #endif
    {
-        ssl->in_ctr = ssl->in_hdr - MBEDTLS_SSL_COUNTER_LEN;
+        ssl->in_ctr = ssl->in_hdr - MBEDTLS_SSL_SEQUENCE_NUMBER_LEN;
        ssl->in_len = ssl->in_hdr + 3;
 #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
        ssl->in_cid = ssl->in_len;
@ -5068,7 +5071,7 @@ static int ssl_check_ctr_renegotiate( mbedtls_ssl_context *ssl )

    in_ctr_cmp = memcmp( ssl->in_ctr + ep_len,
                         &ssl->conf->renego_period[ep_len],
-                         MBEDTLS_SSL_COUNTER_LEN - ep_len );
+                         MBEDTLS_SSL_SEQUENCE_NUMBER_LEN - ep_len );
    out_ctr_cmp = memcmp( &ssl->cur_out_ctr[ep_len],
                          &ssl->conf->renego_period[ep_len],
                          sizeof( ssl->cur_out_ctr ) - ep_len );
@ -5559,7 +5562,7 @@ void mbedtls_ssl_set_inbound_transform( mbedtls_ssl_context *ssl,
                                        mbedtls_ssl_transform *transform )
 {
    ssl->transform_in = transform;
-    mbedtls_platform_zeroize( ssl->in_ctr, MBEDTLS_SSL_COUNTER_LEN );
+    mbedtls_platform_zeroize( ssl->in_ctr, MBEDTLS_SSL_SEQUENCE_NUMBER_LEN );
 }

 void mbedtls_ssl_set_outbound_transform( mbedtls_ssl_context *ssl,
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@ -5778,11 +5778,11 @@ int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl,
    }
 #endif /* MBEDTLS_SSL_PROTO_DTLS */

-    used += MBEDTLS_SSL_COUNTER_LEN;
+    used += MBEDTLS_SSL_SEQUENCE_NUMBER_LEN;
    if( used <= buf_len )
    {
-        memcpy( p, ssl->cur_out_ctr, MBEDTLS_SSL_COUNTER_LEN );
-        p += MBEDTLS_SSL_COUNTER_LEN;
+        memcpy( p, ssl->cur_out_ctr, MBEDTLS_SSL_SEQUENCE_NUMBER_LEN );
+        p += MBEDTLS_SSL_SEQUENCE_NUMBER_LEN;
    }

 #if defined(MBEDTLS_SSL_PROTO_DTLS)