From f2c82f0a3b955e0a88e84f73ab1cdd9b3c7d6fb4 Mon Sep 17 00:00:00 2001 From: Neil Armstrong Date: Tue, 5 Apr 2022 11:16:53 +0200 Subject: [PATCH] Introduce MBEDTLS_SSL_SOME_SUITES_USE_CBC_ETM macro to determine if Encrypt-then-MAC with CBC is used in a ciphersuite Signed-off-by: Neil Armstrong --- library/ssl_misc.h | 12 +++++--- library/ssl_tls.c | 71 ++++++++++++++++------------------------------ 2 files changed, 32 insertions(+), 51 deletions(-) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 3332c3f2b2..99257b0eb2 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -173,6 +173,12 @@ #define MBEDTLS_SSL_SOME_SUITES_USE_MAC #endif +/* This macro determines whether a ciphersuite uses Encrypt-then-MAC with CBC */ +#if defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC) && \ + defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) +#define MBEDTLS_SSL_SOME_SUITES_USE_CBC_ETM +#endif + #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ #if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) @@ -2223,16 +2229,14 @@ typedef enum { mbedtls_ssl_mode_t mbedtls_ssl_get_mode_from_transform( const mbedtls_ssl_transform *transform ); -#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) && \ - defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) +#if defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC_ETM) mbedtls_ssl_mode_t mbedtls_ssl_get_mode_from_ciphersuite( int encrypt_then_mac, const mbedtls_ssl_ciphersuite_t *suite ); #else mbedtls_ssl_mode_t mbedtls_ssl_get_mode_from_ciphersuite( const mbedtls_ssl_ciphersuite_t *suite ); -#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC && - MBEDTLS_SSL_SOME_SUITES_USE_MAC */ +#endif /* MBEDTLS_SSL_SOME_SUITES_USE_CBC_ETM */ #if defined(MBEDTLS_ECDH_C) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 4bc3c49e21..cb72f162e6 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -383,11 +383,9 @@ typedef int ssl_tls_prf_t(const unsigned char *, size_t, const char *, static int ssl_tls12_populate_transform( mbedtls_ssl_transform *transform, int ciphersuite, const unsigned char master[48], -#if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) && \ - defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) +#if defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC_ETM) int encrypt_then_mac, -#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC && - MBEDTLS_SSL_SOME_SUITES_USE_MAC */ +#endif /* MBEDTLS_SSL_SOME_SUITES_USE_CBC_ETM */ ssl_tls_prf_t tls_prf, const unsigned char randbytes[64], mbedtls_ssl_protocol_version tls_version, @@ -1716,11 +1714,9 @@ void mbedtls_ssl_conf_psk_cb( mbedtls_ssl_config *conf, #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */ static inline mbedtls_ssl_mode_t mbedtls_ssl_get_mode( -#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) && \ - defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) +#if defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC_ETM) int encrypt_then_mac, -#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC && - MBEDTLS_SSL_SOME_SUITES_USE_MAC */ +#endif /* MBEDTLS_SSL_SOME_SUITES_USE_CBC_ETM */ #if defined(MBEDTLS_USE_PSA_CRYPTO) psa_algorithm_t alg #else @@ -1774,32 +1770,26 @@ mbedtls_ssl_mode_t mbedtls_ssl_get_mode_from_transform( { #if defined(MBEDTLS_USE_PSA_CRYPTO) return mbedtls_ssl_get_mode( -#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) && \ - defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) +#if defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC_ETM) transform->encrypt_then_mac, -#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC && - MBEDTLS_SSL_SOME_SUITES_USE_MAC */ +#endif /* MBEDTLS_SSL_SOME_SUITES_USE_CBC_ETM */ transform->psa_alg ); #else mbedtls_cipher_mode_t mode = mbedtls_cipher_get_cipher_mode( &transform->cipher_ctx_enc ); return mbedtls_ssl_get_mode( -#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) && \ - defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) +#if defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC_ETM) transform->encrypt_then_mac, -#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC && - MBEDTLS_SSL_SOME_SUITES_USE_MAC */ +#endif /* MBEDTLS_SSL_SOME_SUITES_USE_CBC_ETM */ mode ); #endif /* MBEDTLS_USE_PSA_CRYPTO */ } mbedtls_ssl_mode_t mbedtls_ssl_get_mode_from_ciphersuite( -#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) && \ - defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) +#if defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC_ETM) int encrypt_then_mac, -#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC && - MBEDTLS_SSL_SOME_SUITES_USE_MAC */ +#endif /* MBEDTLS_SSL_SOME_SUITES_USE_CBC_ETM */ const mbedtls_ssl_ciphersuite_t *suite ) { #if defined(MBEDTLS_USE_PSA_CRYPTO) @@ -1811,11 +1801,9 @@ mbedtls_ssl_mode_t mbedtls_ssl_get_mode_from_ciphersuite( status = mbedtls_ssl_cipher_to_psa( suite->cipher, 0, &alg, &type, &size ); if( status == PSA_SUCCESS ) return mbedtls_ssl_get_mode( -#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) && \ - defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) +#if defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC_ETM) encrypt_then_mac, -#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC && - MBEDTLS_SSL_SOME_SUITES_USE_MAC */ +#endif /* MBEDTLS_SSL_SOME_SUITES_USE_CBC_ETM */ alg ); #else const mbedtls_cipher_info_t *cipher = @@ -1823,11 +1811,9 @@ mbedtls_ssl_mode_t mbedtls_ssl_get_mode_from_ciphersuite( if( cipher != NULL ) return mbedtls_ssl_get_mode( -#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) && \ - defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) +#if defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC_ETM) encrypt_then_mac, -#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC && - MBEDTLS_SSL_SOME_SUITES_USE_MAC */ +#endif /* MBEDTLS_SSL_SOME_SUITES_USE_CBC_ETM */ mbedtls_cipher_info_get_mode( cipher ) ); #endif /* MBEDTLS_USE_PSA_CRYPTO */ @@ -3734,11 +3720,9 @@ static int ssl_context_load( mbedtls_ssl_context *ssl, ret = ssl_tls12_populate_transform( ssl->transform, ssl->session->ciphersuite, ssl->session->master, -#if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) && \ - defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) +#if defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC_ETM) ssl->session->encrypt_then_mac, -#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC && - MBEDTLS_SSL_SOME_SUITES_USE_MAC */ +#endif /* MBEDTLS_SSL_SOME_SUITES_USE_CBC_ETM */ ssl_tls12prf_from_cs( ssl->session->ciphersuite ), p, /* currently pointing to randbytes */ MBEDTLS_SSL_VERSION_TLS1_2, /* (D)TLS 1.2 is forced */ @@ -5312,11 +5296,9 @@ int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl ) ret = ssl_tls12_populate_transform( ssl->transform_negotiate, ssl->session_negotiate->ciphersuite, ssl->session_negotiate->master, -#if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) && \ - defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) +#if defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC_ETM) ssl->session_negotiate->encrypt_then_mac, -#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC && - MBEDTLS_SSL_SOME_SUITES_USE_MAC */ +#endif /* MBEDTLS_SSL_SOME_SUITES_USE_CBC_ETM */ ssl->handshake->tls_prf, ssl->handshake->randbytes, ssl->tls_version, @@ -6902,11 +6884,9 @@ static mbedtls_tls_prf_types tls_prf_get_type( mbedtls_ssl_tls_prf_cb *tls_prf ) static int ssl_tls12_populate_transform( mbedtls_ssl_transform *transform, int ciphersuite, const unsigned char master[48], -#if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) && \ - defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) +#if defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC_ETM) int encrypt_then_mac, -#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC && - MBEDTLS_SSL_SOME_SUITES_USE_MAC */ +#endif /* MBEDTLS_SSL_SOME_SUITES_USE_CBC_ETM */ ssl_tls_prf_t tls_prf, const unsigned char randbytes[64], mbedtls_ssl_protocol_version tls_version, @@ -6950,10 +6930,9 @@ static int ssl_tls12_populate_transform( mbedtls_ssl_transform *transform, /* * Some data just needs copying into the structure */ -#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) && \ - defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) +#if defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC_ETM) transform->encrypt_then_mac = encrypt_then_mac; -#endif +#endif /* MBEDTLS_SSL_SOME_SUITES_USE_CBC_ETM */ transform->tls_version = tls_version; #if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) @@ -6981,11 +6960,9 @@ static int ssl_tls12_populate_transform( mbedtls_ssl_transform *transform, } ssl_mode = mbedtls_ssl_get_mode_from_ciphersuite( -#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) && \ - defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) +#if defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC_ETM) encrypt_then_mac, -#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC && - MBEDTLS_SSL_SOME_SUITES_USE_MAC */ +#endif /* MBEDTLS_SSL_SOME_SUITES_USE_CBC_ETM */ ciphersuite_info ); if( ssl_mode == MBEDTLS_SSL_MODE_AEAD )