From 6b897c930c822575bc1746c31adfb6c9dfbd7ebf Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Thu, 8 Jul 2021 14:59:52 +0100 Subject: [PATCH] Add Character byte reading macros These cast to an unsigned char rather than a uint8_t like with MBEDTLS_BYTE_x These save alot of space and will improve maintence by replacing the appropriate code with MBEDTLS_CHAR_x Signed-off-by: Joe Subbiani --- library/aes.c | 196 +++++++++++++++++++-------------------- library/aria.c | 32 +++---- library/asn1write.c | 18 ++-- library/camellia.c | 16 ++-- library/ccm.c | 6 +- library/common.h | 9 ++ library/ecjpake.c | 18 ++-- library/ssl_cli.c | 131 ++++++++++++-------------- library/ssl_msg.c | 12 +-- library/ssl_srv.c | 91 +++++++++--------- library/ssl_tls.c | 120 ++++++++++++------------ library/ssl_tls13_keys.c | 6 +- 12 files changed, 326 insertions(+), 329 deletions(-) diff --git a/library/aes.c b/library/aes.c index 94025163b..ae1eca651 100644 --- a/library/aes.c +++ b/library/aes.c @@ -386,7 +386,7 @@ static void aes_gen_tables( void ) { pow[i] = x; log[x] = i; - x = ( x ^ XTIME( x ) ) & 0xFF; + x = MBEDTLS_BYTE_0( x ^ XTIME( x ) ); } /* @@ -395,7 +395,7 @@ static void aes_gen_tables( void ) for( i = 0, x = 1; i < 10; i++ ) { RCON[i] = (uint32_t) x; - x = XTIME( x ) & 0xFF; + x = MBEDTLS_BYTE_0( XTIME( x ) ); } /* @@ -408,10 +408,10 @@ static void aes_gen_tables( void ) { x = pow[255 - log[i]]; - y = x; y = ( ( y << 1 ) | ( y >> 7 ) ) & 0xFF; - x ^= y; y = ( ( y << 1 ) | ( y >> 7 ) ) & 0xFF; - x ^= y; y = ( ( y << 1 ) | ( y >> 7 ) ) & 0xFF; - x ^= y; y = ( ( y << 1 ) | ( y >> 7 ) ) & 0xFF; + y = x; y = MBEDTLS_BYTE_0( ( y << 1 ) | ( y >> 7 ) ); + x ^= y; y = MBEDTLS_BYTE_0( ( y << 1 ) | ( y >> 7 ) ); + x ^= y; y = MBEDTLS_BYTE_0( ( y << 1 ) | ( y >> 7 ) ); + x ^= y; y = MBEDTLS_BYTE_0( ( y << 1 ) | ( y >> 7 ) ); x ^= y ^ 0x63; FSb[i] = (unsigned char) x; @@ -424,8 +424,8 @@ static void aes_gen_tables( void ) for( i = 0; i < 256; i++ ) { x = FSb[i]; - y = XTIME( x ) & 0xFF; - z = ( y ^ x ) & 0xFF; + y = MBEDTLS_BYTE_0( XTIME( x ) ); + z = MBEDTLS_BYTE_0( y ^ x ); FT0[i] = ( (uint32_t) y ) ^ ( (uint32_t) x << 8 ) ^ @@ -577,10 +577,10 @@ int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key, for( i = 0; i < 10; i++, RK += 4 ) { RK[4] = RK[0] ^ RCON[i] ^ - ( (uint32_t) FSb[ ( RK[3] >> 8 ) & 0xFF ] ) ^ - ( (uint32_t) FSb[ ( RK[3] >> 16 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) FSb[ ( RK[3] >> 24 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) FSb[ ( RK[3] ) & 0xFF ] << 24 ); + ( (uint32_t) FSb[ MBEDTLS_BYTE_1( RK[3] ) ] ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_2( RK[3] ) ] << 8 ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_3( RK[3] ) ] << 16 ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_0( RK[3] ) ] << 24 ); RK[5] = RK[1] ^ RK[4]; RK[6] = RK[2] ^ RK[5]; @@ -593,10 +593,10 @@ int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key, for( i = 0; i < 8; i++, RK += 6 ) { RK[6] = RK[0] ^ RCON[i] ^ - ( (uint32_t) FSb[ ( RK[5] >> 8 ) & 0xFF ] ) ^ - ( (uint32_t) FSb[ ( RK[5] >> 16 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) FSb[ ( RK[5] >> 24 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) FSb[ ( RK[5] ) & 0xFF ] << 24 ); + ( (uint32_t) FSb[ MBEDTLS_BYTE_1( RK[5] ) ] ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_2( RK[5] ) ] << 8 ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_3( RK[5] ) ] << 16 ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_0( RK[5] ) ] << 24 ); RK[7] = RK[1] ^ RK[6]; RK[8] = RK[2] ^ RK[7]; @@ -611,20 +611,20 @@ int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key, for( i = 0; i < 7; i++, RK += 8 ) { RK[8] = RK[0] ^ RCON[i] ^ - ( (uint32_t) FSb[ ( RK[7] >> 8 ) & 0xFF ] ) ^ - ( (uint32_t) FSb[ ( RK[7] >> 16 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) FSb[ ( RK[7] >> 24 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) FSb[ ( RK[7] ) & 0xFF ] << 24 ); + ( (uint32_t) FSb[ MBEDTLS_BYTE_1( RK[7] ) ] ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_2( RK[7] ) ] << 8 ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_3( RK[7] ) ] << 16 ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_0( RK[7] ) ] << 24 ); RK[9] = RK[1] ^ RK[8]; RK[10] = RK[2] ^ RK[9]; RK[11] = RK[3] ^ RK[10]; RK[12] = RK[4] ^ - ( (uint32_t) FSb[ ( RK[11] ) & 0xFF ] ) ^ - ( (uint32_t) FSb[ ( RK[11] >> 8 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) FSb[ ( RK[11] >> 16 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) FSb[ ( RK[11] >> 24 ) & 0xFF ] << 24 ); + ( (uint32_t) FSb[ MBEDTLS_BYTE_0( RK[11] ) ] ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_1( RK[11] ) ] << 8 ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_2( RK[11] ) ] << 16 ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_3( RK[11] ) ] << 24 ); RK[13] = RK[5] ^ RK[12]; RK[14] = RK[6] ^ RK[13]; @@ -690,10 +690,10 @@ int mbedtls_aes_setkey_dec( mbedtls_aes_context *ctx, const unsigned char *key, { for( j = 0; j < 4; j++, SK++ ) { - *RK++ = AES_RT0( FSb[ ( *SK ) & 0xFF ] ) ^ - AES_RT1( FSb[ ( *SK >> 8 ) & 0xFF ] ) ^ - AES_RT2( FSb[ ( *SK >> 16 ) & 0xFF ] ) ^ - AES_RT3( FSb[ ( *SK >> 24 ) & 0xFF ] ); + *RK++ = AES_RT0( FSb[ MBEDTLS_BYTE_0( *SK ) ] ) ^ + AES_RT1( FSb[ MBEDTLS_BYTE_1( *SK ) ] ) ^ + AES_RT2( FSb[ MBEDTLS_BYTE_2( *SK ) ] ) ^ + AES_RT3( FSb[ MBEDTLS_BYTE_3( *SK ) ] ); } } @@ -786,52 +786,52 @@ int mbedtls_aes_xts_setkey_dec( mbedtls_aes_xts_context *ctx, } #endif /* MBEDTLS_CIPHER_MODE_XTS */ -#define AES_FROUND(X0,X1,X2,X3,Y0,Y1,Y2,Y3) \ - do \ - { \ - (X0) = *RK++ ^ AES_FT0( ( (Y0) ) & 0xFF ) ^ \ - AES_FT1( ( (Y1) >> 8 ) & 0xFF ) ^ \ - AES_FT2( ( (Y2) >> 16 ) & 0xFF ) ^ \ - AES_FT3( ( (Y3) >> 24 ) & 0xFF ); \ - \ - (X1) = *RK++ ^ AES_FT0( ( (Y1) ) & 0xFF ) ^ \ - AES_FT1( ( (Y2) >> 8 ) & 0xFF ) ^ \ - AES_FT2( ( (Y3) >> 16 ) & 0xFF ) ^ \ - AES_FT3( ( (Y0) >> 24 ) & 0xFF ); \ - \ - (X2) = *RK++ ^ AES_FT0( ( (Y2) ) & 0xFF ) ^ \ - AES_FT1( ( (Y3) >> 8 ) & 0xFF ) ^ \ - AES_FT2( ( (Y0) >> 16 ) & 0xFF ) ^ \ - AES_FT3( ( (Y1) >> 24 ) & 0xFF ); \ - \ - (X3) = *RK++ ^ AES_FT0( ( (Y3) ) & 0xFF ) ^ \ - AES_FT1( ( (Y0) >> 8 ) & 0xFF ) ^ \ - AES_FT2( ( (Y1) >> 16 ) & 0xFF ) ^ \ - AES_FT3( ( (Y2) >> 24 ) & 0xFF ); \ +#define AES_FROUND(X0,X1,X2,X3,Y0,Y1,Y2,Y3) \ + do \ + { \ + (X0) = *RK++ ^ AES_FT0( MBEDTLS_BYTE_0( Y0 ) ) ^ \ + AES_FT1( MBEDTLS_BYTE_1( Y1 ) ) ^ \ + AES_FT2( MBEDTLS_BYTE_2( Y2 ) ) ^ \ + AES_FT3( MBEDTLS_BYTE_3( Y3 ) ); \ + \ + (X1) = *RK++ ^ AES_FT0( MBEDTLS_BYTE_0( Y1 ) ) ^ \ + AES_FT1( MBEDTLS_BYTE_1( Y2 ) ) ^ \ + AES_FT2( MBEDTLS_BYTE_2( Y3 ) ) ^ \ + AES_FT3( MBEDTLS_BYTE_3( Y0 ) ); \ + \ + (X2) = *RK++ ^ AES_FT0( MBEDTLS_BYTE_0( Y2 ) ) ^ \ + AES_FT1( MBEDTLS_BYTE_1( Y3 ) ) ^ \ + AES_FT2( MBEDTLS_BYTE_2( Y0 ) ) ^ \ + AES_FT3( MBEDTLS_BYTE_3( Y1 ) ); \ + \ + (X3) = *RK++ ^ AES_FT0( MBEDTLS_BYTE_0( Y3 ) ) ^ \ + AES_FT1( MBEDTLS_BYTE_1( Y0 ) ) ^ \ + AES_FT2( MBEDTLS_BYTE_2( Y1 ) ) ^ \ + AES_FT3( MBEDTLS_BYTE_3( Y2 ) ); \ } while( 0 ) #define AES_RROUND(X0,X1,X2,X3,Y0,Y1,Y2,Y3) \ do \ { \ - (X0) = *RK++ ^ AES_RT0( ( (Y0) ) & 0xFF ) ^ \ - AES_RT1( ( (Y3) >> 8 ) & 0xFF ) ^ \ - AES_RT2( ( (Y2) >> 16 ) & 0xFF ) ^ \ - AES_RT3( ( (Y1) >> 24 ) & 0xFF ); \ + (X0) = *RK++ ^ AES_RT0( MBEDTLS_BYTE_0( Y0 ) ) ^ \ + AES_RT1( MBEDTLS_BYTE_1( Y3 ) ) ^ \ + AES_RT2( MBEDTLS_BYTE_2( Y2 ) ) ^ \ + AES_RT3( MBEDTLS_BYTE_3( Y1 ) ); \ \ - (X1) = *RK++ ^ AES_RT0( ( (Y1) ) & 0xFF ) ^ \ - AES_RT1( ( (Y0) >> 8 ) & 0xFF ) ^ \ - AES_RT2( ( (Y3) >> 16 ) & 0xFF ) ^ \ - AES_RT3( ( (Y2) >> 24 ) & 0xFF ); \ + (X1) = *RK++ ^ AES_RT0( MBEDTLS_BYTE_0( Y1 ) ) ^ \ + AES_RT1( MBEDTLS_BYTE_1( Y0 ) ) ^ \ + AES_RT2( MBEDTLS_BYTE_2( Y3 ) ) ^ \ + AES_RT3( MBEDTLS_BYTE_3( Y2 ) ); \ \ - (X2) = *RK++ ^ AES_RT0( ( (Y2) ) & 0xFF ) ^ \ - AES_RT1( ( (Y1) >> 8 ) & 0xFF ) ^ \ - AES_RT2( ( (Y0) >> 16 ) & 0xFF ) ^ \ - AES_RT3( ( (Y3) >> 24 ) & 0xFF ); \ + (X2) = *RK++ ^ AES_RT0( MBEDTLS_BYTE_0( Y2 ) ) ^ \ + AES_RT1( MBEDTLS_BYTE_1( Y1 ) ) ^ \ + AES_RT2( MBEDTLS_BYTE_2( Y0 ) ) ^ \ + AES_RT3( MBEDTLS_BYTE_3( Y3 ) ); \ \ - (X3) = *RK++ ^ AES_RT0( ( (Y3) ) & 0xFF ) ^ \ - AES_RT1( ( (Y2) >> 8 ) & 0xFF ) ^ \ - AES_RT2( ( (Y1) >> 16 ) & 0xFF ) ^ \ - AES_RT3( ( (Y0) >> 24 ) & 0xFF ); \ + (X3) = *RK++ ^ AES_RT0( MBEDTLS_BYTE_0( Y3 ) ) ^ \ + AES_RT1( MBEDTLS_BYTE_1( Y2 ) ) ^ \ + AES_RT2( MBEDTLS_BYTE_2( Y1 ) ) ^ \ + AES_RT3( MBEDTLS_BYTE_3( Y0 ) ); \ } while( 0 ) /* @@ -864,28 +864,28 @@ int mbedtls_internal_aes_encrypt( mbedtls_aes_context *ctx, AES_FROUND( t.Y[0], t.Y[1], t.Y[2], t.Y[3], t.X[0], t.X[1], t.X[2], t.X[3] ); t.X[0] = *RK++ ^ \ - ( (uint32_t) FSb[ ( t.Y[0] ) & 0xFF ] ) ^ - ( (uint32_t) FSb[ ( t.Y[1] >> 8 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) FSb[ ( t.Y[2] >> 16 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) FSb[ ( t.Y[3] >> 24 ) & 0xFF ] << 24 ); + ( (uint32_t) FSb[ MBEDTLS_BYTE_0( t.Y[0] ) ] ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_1( t.Y[1] ) ] << 8 ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_2( t.Y[2] ) ] << 16 ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_3( t.Y[3] ) ] << 24 ); t.X[1] = *RK++ ^ \ - ( (uint32_t) FSb[ ( t.Y[1] ) & 0xFF ] ) ^ - ( (uint32_t) FSb[ ( t.Y[2] >> 8 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) FSb[ ( t.Y[3] >> 16 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) FSb[ ( t.Y[0] >> 24 ) & 0xFF ] << 24 ); + ( (uint32_t) FSb[ MBEDTLS_BYTE_0( t.Y[1] ) ] ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_1( t.Y[2] ) ] << 8 ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_2( t.Y[3] ) ] << 16 ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_3( t.Y[0] ) ] << 24 ); t.X[2] = *RK++ ^ \ - ( (uint32_t) FSb[ ( t.Y[2] ) & 0xFF ] ) ^ - ( (uint32_t) FSb[ ( t.Y[3] >> 8 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) FSb[ ( t.Y[0] >> 16 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) FSb[ ( t.Y[1] >> 24 ) & 0xFF ] << 24 ); + ( (uint32_t) FSb[ MBEDTLS_BYTE_0( t.Y[2] ) ] ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_1( t.Y[3] ) ] << 8 ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_2( t.Y[0] ) ] << 16 ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_3( t.Y[1] ) ] << 24 ); t.X[3] = *RK++ ^ \ - ( (uint32_t) FSb[ ( t.Y[3] ) & 0xFF ] ) ^ - ( (uint32_t) FSb[ ( t.Y[0] >> 8 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) FSb[ ( t.Y[1] >> 16 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) FSb[ ( t.Y[2] >> 24 ) & 0xFF ] << 24 ); + ( (uint32_t) FSb[ MBEDTLS_BYTE_0( t.Y[3] ) ] ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_1( t.Y[0] ) ] << 8 ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_2( t.Y[1] ) ] << 16 ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_3( t.Y[2] ) ] << 24 ); MBEDTLS_PUT_UINT32_LE( t.X[0], output, 0 ); MBEDTLS_PUT_UINT32_LE( t.X[1], output, 4 ); @@ -937,28 +937,28 @@ int mbedtls_internal_aes_decrypt( mbedtls_aes_context *ctx, AES_RROUND( t.Y[0], t.Y[1], t.Y[2], t.Y[3], t.X[0], t.X[1], t.X[2], t.X[3] ); t.X[0] = *RK++ ^ \ - ( (uint32_t) RSb[ ( t.Y[0] ) & 0xFF ] ) ^ - ( (uint32_t) RSb[ ( t.Y[3] >> 8 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) RSb[ ( t.Y[2] >> 16 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) RSb[ ( t.Y[1] >> 24 ) & 0xFF ] << 24 ); + ( (uint32_t) RSb[ MBEDTLS_BYTE_0( t.Y[0] ) ] ) ^ + ( (uint32_t) RSb[ MBEDTLS_BYTE_1( t.Y[3] ) ] << 8 ) ^ + ( (uint32_t) RSb[ MBEDTLS_BYTE_2( t.Y[2] ) ] << 16 ) ^ + ( (uint32_t) RSb[ MBEDTLS_BYTE_3( t.Y[1] ) ] << 24 ); t.X[1] = *RK++ ^ \ - ( (uint32_t) RSb[ ( t.Y[1] ) & 0xFF ] ) ^ - ( (uint32_t) RSb[ ( t.Y[0] >> 8 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) RSb[ ( t.Y[3] >> 16 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) RSb[ ( t.Y[2] >> 24 ) & 0xFF ] << 24 ); + ( (uint32_t) RSb[ MBEDTLS_BYTE_0( t.Y[1] ) ] ) ^ + ( (uint32_t) RSb[ MBEDTLS_BYTE_1( t.Y[0] ) ] << 8 ) ^ + ( (uint32_t) RSb[ MBEDTLS_BYTE_2( t.Y[3] ) ] << 16 ) ^ + ( (uint32_t) RSb[ MBEDTLS_BYTE_3( t.Y[2] ) ] << 24 ); t.X[2] = *RK++ ^ \ - ( (uint32_t) RSb[ ( t.Y[2] ) & 0xFF ] ) ^ - ( (uint32_t) RSb[ ( t.Y[1] >> 8 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) RSb[ ( t.Y[0] >> 16 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) RSb[ ( t.Y[3] >> 24 ) & 0xFF ] << 24 ); + ( (uint32_t) RSb[ MBEDTLS_BYTE_0( t.Y[2] ) ] ) ^ + ( (uint32_t) RSb[ MBEDTLS_BYTE_1( t.Y[1] ) ] << 8 ) ^ + ( (uint32_t) RSb[ MBEDTLS_BYTE_2( t.Y[0] ) ] << 16 ) ^ + ( (uint32_t) RSb[ MBEDTLS_BYTE_3( t.Y[3] ) ] << 24 ); t.X[3] = *RK++ ^ \ - ( (uint32_t) RSb[ ( t.Y[3] ) & 0xFF ] ) ^ - ( (uint32_t) RSb[ ( t.Y[2] >> 8 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) RSb[ ( t.Y[1] >> 16 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) RSb[ ( t.Y[0] >> 24 ) & 0xFF ] << 24 ); + ( (uint32_t) RSb[ MBEDTLS_BYTE_0( t.Y[3] ) ] ) ^ + ( (uint32_t) RSb[ MBEDTLS_BYTE_1( t.Y[2] ) ] << 8 ) ^ + ( (uint32_t) RSb[ MBEDTLS_BYTE_2( t.Y[1] ) ] << 16 ) ^ + ( (uint32_t) RSb[ MBEDTLS_BYTE_3( t.Y[0] ) ] << 24 ); MBEDTLS_PUT_UINT32_LE( t.X[0], output, 0 ); MBEDTLS_PUT_UINT32_LE( t.X[1], output, 4 ); diff --git a/library/aria.c b/library/aria.c index 320f7758a..6bfdfbdce 100644 --- a/library/aria.c +++ b/library/aria.c @@ -212,22 +212,22 @@ static inline void aria_sl( uint32_t *a, uint32_t *b, const uint8_t sa[256], const uint8_t sb[256], const uint8_t sc[256], const uint8_t sd[256] ) { - *a = ( (uint32_t) sa[ *a & 0xFF] ) ^ - (((uint32_t) sb[(*a >> 8) & 0xFF]) << 8) ^ - (((uint32_t) sc[(*a >> 16) & 0xFF]) << 16) ^ - (((uint32_t) sd[ *a >> 24 ]) << 24); - *b = ( (uint32_t) sa[ *b & 0xFF] ) ^ - (((uint32_t) sb[(*b >> 8) & 0xFF]) << 8) ^ - (((uint32_t) sc[(*b >> 16) & 0xFF]) << 16) ^ - (((uint32_t) sd[ *b >> 24 ]) << 24); - *c = ( (uint32_t) sa[ *c & 0xFF] ) ^ - (((uint32_t) sb[(*c >> 8) & 0xFF]) << 8) ^ - (((uint32_t) sc[(*c >> 16) & 0xFF]) << 16) ^ - (((uint32_t) sd[ *c >> 24 ]) << 24); - *d = ( (uint32_t) sa[ *d & 0xFF] ) ^ - (((uint32_t) sb[(*d >> 8) & 0xFF]) << 8) ^ - (((uint32_t) sc[(*d >> 16) & 0xFF]) << 16) ^ - (((uint32_t) sd[ *d >> 24 ]) << 24); + *a = ( (uint32_t) sa[ MBEDTLS_BYTE_0( *a ) ] ) ^ + (((uint32_t) sb[ MBEDTLS_BYTE_1( *a ) ]) << 8) ^ + (((uint32_t) sc[ MBEDTLS_BYTE_2( *a ) ]) << 16) ^ + (((uint32_t) sd[ *a >> 24 ]) << 24); + *b = ( (uint32_t) sa[ MBEDTLS_BYTE_0( *b ) ] ) ^ + (((uint32_t) sb[ MBEDTLS_BYTE_1( *b ) ]) << 8) ^ + (((uint32_t) sc[ MBEDTLS_BYTE_2( *b ) ]) << 16) ^ + (((uint32_t) sd[ *b >> 24 ]) << 24); + *c = ( (uint32_t) sa[ MBEDTLS_BYTE_0( *c ) ] ) ^ + (((uint32_t) sb[ MBEDTLS_BYTE_1( *c ) ]) << 8) ^ + (((uint32_t) sc[ MBEDTLS_BYTE_2( *c ) ]) << 16) ^ + (((uint32_t) sd[ *c >> 24 ]) << 24); + *d = ( (uint32_t) sa[ MBEDTLS_BYTE_0( *d ) ] ) ^ + (((uint32_t) sb[ MBEDTLS_BYTE_1( *d ) ]) << 8) ^ + (((uint32_t) sc[ MBEDTLS_BYTE_2( *d ) ]) << 16) ^ + (((uint32_t) sd[ *d >> 24 ]) << 24); } /* diff --git a/library/asn1write.c b/library/asn1write.c index deb1a2ff6..592269543 100644 --- a/library/asn1write.c +++ b/library/asn1write.c @@ -60,8 +60,8 @@ int mbedtls_asn1_write_len( unsigned char **p, unsigned char *start, size_t len if( *p - start < 3 ) return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); - *--(*p) = ( len ) & 0xFF; - *--(*p) = ( len >> 8 ) & 0xFF; + *--(*p) = MBEDTLS_CHAR_0( len ); + *--(*p) = MBEDTLS_CHAR_1( len ); *--(*p) = 0x82; return( 3 ); } @@ -71,9 +71,9 @@ int mbedtls_asn1_write_len( unsigned char **p, unsigned char *start, size_t len if( *p - start < 4 ) return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); - *--(*p) = ( len ) & 0xFF; - *--(*p) = ( len >> 8 ) & 0xFF; - *--(*p) = ( len >> 16 ) & 0xFF; + *--(*p) = MBEDTLS_CHAR_0( len ); + *--(*p) = MBEDTLS_CHAR_1( len ); + *--(*p) = MBEDTLS_CHAR_2( len ); *--(*p) = 0x83; return( 4 ); } @@ -85,10 +85,10 @@ int mbedtls_asn1_write_len( unsigned char **p, unsigned char *start, size_t len if( *p - start < 5 ) return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); - *--(*p) = ( len ) & 0xFF; - *--(*p) = ( len >> 8 ) & 0xFF; - *--(*p) = ( len >> 16 ) & 0xFF; - *--(*p) = ( len >> 24 ) & 0xFF; + *--(*p) = MBEDTLS_CHAR_0( len ); + *--(*p) = MBEDTLS_CHAR_1( len ); + *--(*p) = MBEDTLS_CHAR_2( len ); + *--(*p) = MBEDTLS_CHAR_3( len ); *--(*p) = 0x84; return( 5 ); } diff --git a/library/camellia.c b/library/camellia.c index 4d6b468e5..29d730ab5 100644 --- a/library/camellia.c +++ b/library/camellia.c @@ -278,14 +278,14 @@ static void camellia_feistel( const uint32_t x[2], const uint32_t k[2], I0 = x[0] ^ k[0]; I1 = x[1] ^ k[1]; - I0 = ((uint32_t) SBOX1((I0 >> 24) & 0xFF) << 24) | - ((uint32_t) SBOX2((I0 >> 16) & 0xFF) << 16) | - ((uint32_t) SBOX3((I0 >> 8) & 0xFF) << 8) | - ((uint32_t) SBOX4((I0 ) & 0xFF) ); - I1 = ((uint32_t) SBOX2((I1 >> 24) & 0xFF) << 24) | - ((uint32_t) SBOX3((I1 >> 16) & 0xFF) << 16) | - ((uint32_t) SBOX4((I1 >> 8) & 0xFF) << 8) | - ((uint32_t) SBOX1((I1 ) & 0xFF) ); + I0 = ((uint32_t) SBOX1( MBEDTLS_BYTE_3( I0 )) << 24) | + ((uint32_t) SBOX2( MBEDTLS_BYTE_2( I0 )) << 16) | + ((uint32_t) SBOX3( MBEDTLS_BYTE_1( I0 )) << 8) | + ((uint32_t) SBOX4( MBEDTLS_BYTE_0( I0 )) ); + I1 = ((uint32_t) SBOX2( MBEDTLS_BYTE_3( I1 )) << 24) | + ((uint32_t) SBOX3( MBEDTLS_BYTE_2( I1 )) << 16) | + ((uint32_t) SBOX4( MBEDTLS_BYTE_1( I1 )) << 8) | + ((uint32_t) SBOX1( MBEDTLS_BYTE_0( I1 )) ); I0 ^= (I1 << 8) | (I1 >> 24); I1 ^= (I0 << 16) | (I0 >> 16); diff --git a/library/ccm.c b/library/ccm.c index 424ee77b6..95d90dc61 100644 --- a/library/ccm.c +++ b/library/ccm.c @@ -200,7 +200,7 @@ static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length, memcpy( b + 1, iv, iv_len ); for( i = 0, len_left = length; i < q; i++, len_left >>= 8 ) - b[15-i] = (unsigned char)( len_left & 0xFF ); + b[15-i] = MBEDTLS_CHAR_0( len_left ); if( len_left > 0 ) return( MBEDTLS_ERR_CCM_BAD_INPUT ); @@ -221,8 +221,8 @@ static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length, src = add; memset( b, 0, 16 ); - b[0] = (unsigned char)( ( add_len >> 8 ) & 0xFF ); - b[1] = (unsigned char)( ( add_len ) & 0xFF ); + b[0] = MBEDTLS_CHAR_1( add_len ); + b[1] = MBEDTLS_CHAR_0( add_len ); use_len = len_left < 16 - 2 ? len_left : 16 - 2; memcpy( b + 2, src, use_len ); diff --git a/library/common.h b/library/common.h index fdc68db4e..11bb9912e 100644 --- a/library/common.h +++ b/library/common.h @@ -68,6 +68,15 @@ #define MBEDTLS_BYTE_2( x ) ( (uint8_t) ( ( ( x ) >> 16 ) & 0xff ) ) #define MBEDTLS_BYTE_3( x ) ( (uint8_t) ( ( ( x ) >> 24 ) & 0xff ) ) +#define MBEDTLS_CHAR_0( x ) ( (unsigned char) ( ( x ) & 0xff ) ) +#define MBEDTLS_CHAR_1( x ) ( (unsigned char) ( ( ( x ) >> 8 ) & 0xff ) ) +#define MBEDTLS_CHAR_2( x ) ( (unsigned char) ( ( ( x ) >> 16 ) & 0xff ) ) +#define MBEDTLS_CHAR_3( x ) ( (unsigned char) ( ( ( x ) >> 24 ) & 0xff ) ) +#define MBEDTLS_CHAR_4( x ) ( (unsigned char) ( ( ( x ) >> 32 ) & 0xff ) ) +#define MBEDTLS_CHAR_5( x ) ( (unsigned char) ( ( ( x ) >> 40 ) & 0xff ) ) +#define MBEDTLS_CHAR_6( x ) ( (unsigned char) ( ( ( x ) >> 48 ) & 0xff ) ) +#define MBEDTLS_CHAR_7( x ) ( (unsigned char) ( ( ( x ) >> 56 ) & 0xff ) ) + /** * 32-bit integer manipulation GET macros (big endian) * diff --git a/library/ecjpake.c b/library/ecjpake.c index 464ff51cc..98c025bd7 100644 --- a/library/ecjpake.c +++ b/library/ecjpake.c @@ -166,10 +166,10 @@ static int ecjpake_write_len_point( unsigned char **p, if( ret != 0 ) return( ret ); - (*p)[0] = (unsigned char)( ( len >> 24 ) & 0xFF ); - (*p)[1] = (unsigned char)( ( len >> 16 ) & 0xFF ); - (*p)[2] = (unsigned char)( ( len >> 8 ) & 0xFF ); - (*p)[3] = (unsigned char)( ( len ) & 0xFF ); + (*p)[0] = MBEDTLS_CHAR_3( len ); + (*p)[1] = MBEDTLS_CHAR_2( len ); + (*p)[2] = MBEDTLS_CHAR_1( len ); + (*p)[3] = MBEDTLS_CHAR_0( len ); *p += 4 + len; @@ -209,10 +209,10 @@ static int ecjpake_hash( const mbedtls_md_info_t *md_info, if( end - p < 4 ) return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL ); - *p++ = (unsigned char)( ( id_len >> 24 ) & 0xFF ); - *p++ = (unsigned char)( ( id_len >> 16 ) & 0xFF ); - *p++ = (unsigned char)( ( id_len >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( id_len ) & 0xFF ); + *p++ = MBEDTLS_CHAR_3( id_len ); + *p++ = MBEDTLS_CHAR_2( id_len ); + *p++ = MBEDTLS_CHAR_1( id_len ); + *p++ = MBEDTLS_CHAR_0( id_len ); if( end < p || (size_t)( end - p ) < id_len ) return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL ); @@ -352,7 +352,7 @@ static int ecjpake_zkp_write( const mbedtls_md_info_t *md_info, goto cleanup; } - *(*p)++ = (unsigned char)( len & 0xFF ); + *(*p)++ = MBEDTLS_CHAR_0( len ); MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &h, *p, len ) ); /* r */ *p += len; diff --git a/library/ssl_cli.c b/library/ssl_cli.c index f49178cf4..aefcf2269 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -136,18 +136,18 @@ static int ssl_write_hostname_ext( mbedtls_ssl_context *ssl, * } ServerNameList; * */ - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SERVERNAME >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SERVERNAME ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_SERVERNAME ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_SERVERNAME ); - *p++ = (unsigned char)( ( (hostname_len + 5) >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( (hostname_len + 5) ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( hostname_len + 5); + *p++ = MBEDTLS_CHAR_0( hostname_len + 5); - *p++ = (unsigned char)( ( (hostname_len + 3) >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( (hostname_len + 3) ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( hostname_len + 3 ); + *p++ = MBEDTLS_CHAR_0( hostname_len + 3 ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SERVERNAME_HOSTNAME ) & 0xFF ); - *p++ = (unsigned char)( ( hostname_len >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( hostname_len ) & 0xFF ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_SERVERNAME_HOSTNAME ); + *p++ = MBEDTLS_CHAR_1( hostname_len ); + *p++ = MBEDTLS_CHAR_0( hostname_len ); memcpy( p, ssl->hostname, hostname_len ); @@ -181,14 +181,12 @@ static int ssl_write_renegotiation_ext( mbedtls_ssl_context *ssl, /* * Secure renegotiation */ - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO >> 8 ) - & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ) - & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ); *p++ = 0x00; - *p++ = ( ssl->verify_data_len + 1 ) & 0xFF; - *p++ = ssl->verify_data_len & 0xFF; + *p++ = MBEDTLS_CHAR_0( ssl->verify_data_len + 1 ); + *p++ = MBEDTLS_CHAR_0( ssl->verify_data_len ); memcpy( p, ssl->own_verify_data, ssl->verify_data_len ); @@ -283,14 +281,14 @@ static int ssl_write_signature_algorithms_ext( mbedtls_ssl_context *ssl, * SignatureAndHashAlgorithm * supported_signature_algorithms<2..2^16-2>; */ - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SIG_ALG >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SIG_ALG ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_SIG_ALG ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_SIG_ALG ); - *p++ = (unsigned char)( ( ( sig_alg_len + 2 ) >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( ( sig_alg_len + 2 ) ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( sig_alg_len + 2 ); + *p++ = MBEDTLS_CHAR_0( sig_alg_len + 2 ); - *p++ = (unsigned char)( ( sig_alg_len >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( sig_alg_len ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( sig_alg_len ); + *p++ = MBEDTLS_CHAR_0( sig_alg_len ); *olen = 6 + sig_alg_len; @@ -358,16 +356,14 @@ static int ssl_write_supported_elliptic_curves_ext( mbedtls_ssl_context *ssl, elliptic_curve_list[elliptic_curve_len++] = info->tls_id & 0xFF; } - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES >> 8 ) - & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES ) - & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES ); - *p++ = (unsigned char)( ( ( elliptic_curve_len + 2 ) >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( ( elliptic_curve_len + 2 ) ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( elliptic_curve_len + 2 ); + *p++ = MBEDTLS_CHAR_0( elliptic_curve_len + 2 ); - *p++ = (unsigned char)( ( ( elliptic_curve_len ) >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( ( elliptic_curve_len ) ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( elliptic_curve_len ); + *p++ = MBEDTLS_CHAR_0( elliptic_curve_len ); *olen = 6 + elliptic_curve_len; @@ -388,10 +384,8 @@ static int ssl_write_supported_point_formats_ext( mbedtls_ssl_context *ssl, ( "client hello, adding supported_point_formats extension" ) ); MBEDTLS_SSL_CHK_BUF_PTR( p, end, 6 ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS >> 8 ) - & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ) - & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ); *p++ = 0x00; *p++ = 2; @@ -427,8 +421,8 @@ static int ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_CHK_BUF_PTR( p, end, 4 ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ECJPAKE_KKPP >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ); /* * We may need to send ClientHello multiple times for Hello verification. @@ -470,8 +464,8 @@ static int ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl, memcpy( p + 2, ssl->handshake->ecjpake_cache, kkpp_len ); } - *p++ = (unsigned char)( ( kkpp_len >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( kkpp_len ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( kkpp_len ); + *p++ = MBEDTLS_CHAR_0( kkpp_len ); *olen = kkpp_len + 4; @@ -510,11 +504,11 @@ static int ssl_write_cid_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_CHK_BUF_PTR( p, end, (unsigned)( ssl->own_cid_len + 5 ) ); /* Add extension ID + size */ - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_CID >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_CID ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_CID ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_CID ); ext_len = (size_t) ssl->own_cid_len + 1; - *p++ = (unsigned char)( ( ext_len >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( ext_len ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( ext_len ); + *p++ = MBEDTLS_CHAR_0( ext_len ); *p++ = (uint8_t) ssl->own_cid_len; memcpy( p, ssl->own_cid, ssl->own_cid_len ); @@ -543,10 +537,8 @@ static int ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_CHK_BUF_PTR( p, end, 5 ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH >> 8 ) - & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ) - & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ); *p++ = 0x00; *p++ = 1; @@ -608,8 +600,8 @@ static int ssl_write_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_CHK_BUF_PTR( p, end, 4 ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ); *p++ = 0x00; *p++ = 0x00; @@ -639,10 +631,8 @@ static int ssl_write_extended_ms_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_CHK_BUF_PTR( p, end, 4 ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET >> 8 ) - & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ) - & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ); *p++ = 0x00; *p++ = 0x00; @@ -673,11 +663,11 @@ static int ssl_write_session_ticket_ext( mbedtls_ssl_context *ssl, /* The addition is safe here since the ticket length is 16 bit. */ MBEDTLS_SSL_CHK_BUF_PTR( p, end, 4 + tlen ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SESSION_TICKET >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SESSION_TICKET ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_SESSION_TICKET ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_SESSION_TICKET ); - *p++ = (unsigned char)( ( tlen >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( tlen ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( tlen ); + *p++ = MBEDTLS_CHAR_0( tlen ); *olen = 4; @@ -717,8 +707,8 @@ static int ssl_write_alpn_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_CHK_BUF_PTR( p, end, 6 + alpnlen ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ALPN >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ALPN ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_ALPN ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_ALPN ); /* * opaque ProtocolName<1..2^8-1>; @@ -745,12 +735,12 @@ static int ssl_write_alpn_ext( mbedtls_ssl_context *ssl, *olen = p - buf; /* List length = olen - 2 (ext_type) - 2 (ext_len) - 2 (list_len) */ - buf[4] = (unsigned char)( ( ( *olen - 6 ) >> 8 ) & 0xFF ); - buf[5] = (unsigned char)( ( ( *olen - 6 ) ) & 0xFF ); + buf[4] = MBEDTLS_CHAR_1( *olen - 6 ); + buf[5] = MBEDTLS_CHAR_0( *olen - 6 ); /* Extension length = olen - 2 (ext_type) - 2 (ext_len) */ - buf[2] = (unsigned char)( ( ( *olen - 4 ) >> 8 ) & 0xFF ); - buf[3] = (unsigned char)( ( ( *olen - 4 ) ) & 0xFF ); + buf[2] = MBEDTLS_CHAR_1( *olen - 4 ); + buf[3] = MBEDTLS_CHAR_0( *olen - 4 ); return( 0 ); } @@ -802,12 +792,12 @@ static int ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, */ MBEDTLS_SSL_CHK_BUF_PTR( p, end, ext_len + 4 ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_USE_SRTP >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_USE_SRTP ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_USE_SRTP ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_USE_SRTP ); - *p++ = (unsigned char)( ( ( ext_len & 0xFF00 ) >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ext_len & 0xFF ); + *p++ = MBEDTLS_CHAR_1( ext_len & 0xFF00 ); + *p++ = MBEDTLS_CHAR_0( ext_len ); /* protection profile length: 2*(ssl->conf->dtls_srtp_profile_list_len) */ /* micro-optimization: @@ -818,8 +808,7 @@ static int ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, * >> 8 ) & 0xFF ); */ *p++ = 0; - *p++ = (unsigned char)( ( 2 * ssl->conf->dtls_srtp_profile_list_len ) - & 0xFF ); + *p++ = MBEDTLS_CHAR_0( 2 * ssl->conf->dtls_srtp_profile_list_len ); for( protection_profiles_index=0; protection_profiles_index < ssl->conf->dtls_srtp_profile_list_len; @@ -831,8 +820,8 @@ static int ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, { MBEDTLS_SSL_DEBUG_MSG( 3, ( "ssl_write_use_srtp_ext, add profile: %04x", profile_value ) ); - *p++ = ( ( profile_value >> 8 ) & 0xFF ); - *p++ = ( profile_value & 0xFF ); + *p++ = MBEDTLS_BYTE_1( profile_value ); + *p++ = MBEDTLS_BYTE_0( profile_value ); } else { @@ -1428,8 +1417,8 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl ) { /* No need to check for space here, because the extension * writing functions already took care of that. */ - *p++ = (unsigned char)( ( ext_len >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( ext_len ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( ext_len ); + *p++ = MBEDTLS_CHAR_0( ext_len ); p += ext_len; } diff --git a/library/ssl_msg.c b/library/ssl_msg.c index c9cb10c9e..b001a0242 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -454,15 +454,15 @@ static void ssl_extract_add_data_from_record( unsigned char* add_data, *cur = rec->cid_len; cur++; - cur[0] = ( rec->data_len >> 8 ) & 0xFF; - cur[1] = ( rec->data_len >> 0 ) & 0xFF; + cur[0] = MBEDTLS_CHAR_1( rec->data_len ); + cur[1] = MBEDTLS_CHAR_0( rec->data_len ); cur += 2; } else #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ { - cur[0] = ( rec->data_len >> 8 ) & 0xFF; - cur[1] = ( rec->data_len >> 0 ) & 0xFF; + cur[0] = MBEDTLS_CHAR_1( rec->data_len ); + cur[1] = MBEDTLS_CHAR_0( rec->data_len ); cur += 2; } @@ -2759,8 +2759,8 @@ int mbedtls_ssl_write_handshake_msg( mbedtls_ssl_context *ssl ) /* Write message_seq and update it, except for HelloRequest */ if( hs_type != MBEDTLS_SSL_HS_HELLO_REQUEST ) { - ssl->out_msg[4] = ( ssl->handshake->out_msg_seq >> 8 ) & 0xFF; - ssl->out_msg[5] = ( ssl->handshake->out_msg_seq ) & 0xFF; + ssl->out_msg[4] = MBEDTLS_CHAR_1( ssl->handshake->out_msg_seq ); + ssl->out_msg[5] = MBEDTLS_CHAR_0( ssl->handshake->out_msg_seq ); ++( ssl->handshake->out_msg_seq ); } else diff --git a/library/ssl_srv.c b/library/ssl_srv.c index aca871eca..319902e1a 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -2205,8 +2205,8 @@ read_record_header: for( j = 0, p = buf + ciph_offset + 2; j < ciph_len; j += 2, p += 2 ) #endif { - if( p[0] != ( ( ciphersuites[i] >> 8 ) & 0xFF ) || - p[1] != ( ( ciphersuites[i] ) & 0xFF ) ) + if( p[0] != MBEDTLS_BYTE_1( ciphersuites[i] ) || + p[1] != MBEDTLS_BYTE_0( ciphersuites[i] )) continue; got_common_suite = 1; @@ -2335,11 +2335,11 @@ static void ssl_write_cid_ext( mbedtls_ssl_context *ssl, * } ConnectionId; */ - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_CID >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_CID ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_CID ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_CID ); ext_len = (size_t) ssl->own_cid_len + 1; - *p++ = (unsigned char)( ( ext_len >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( ext_len ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( ext_len ); + *p++ = MBEDTLS_CHAR_0( ext_len ); *p++ = (uint8_t) ssl->own_cid_len; memcpy( p, ssl->own_cid, ssl->own_cid_len ); @@ -2381,8 +2381,8 @@ static void ssl_write_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding encrypt then mac extension" ) ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ); *p++ = 0x00; *p++ = 0x00; @@ -2408,8 +2408,8 @@ static void ssl_write_extended_ms_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding extended master secret " "extension" ) ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ); *p++ = 0x00; *p++ = 0x00; @@ -2433,8 +2433,8 @@ static void ssl_write_session_ticket_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding session ticket extension" ) ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SESSION_TICKET >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SESSION_TICKET ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_SESSION_TICKET ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_SESSION_TICKET ); *p++ = 0x00; *p++ = 0x00; @@ -2457,8 +2457,8 @@ static void ssl_write_renegotiation_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, secure renegotiation extension" ) ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ); #if defined(MBEDTLS_SSL_RENEGOTIATION) if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE ) @@ -2498,8 +2498,8 @@ static void ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, max_fragment_length extension" ) ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ); *p++ = 0x00; *p++ = 1; @@ -2528,8 +2528,8 @@ static void ssl_write_supported_point_formats_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, supported_point_formats extension" ) ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ); *p++ = 0x00; *p++ = 2; @@ -2566,8 +2566,8 @@ static void ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl, return; } - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ECJPAKE_KKPP >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ); ret = mbedtls_ecjpake_write_round_one( &ssl->handshake->ecjpake_ctx, p + 2, end - p - 2, &kkpp_len, @@ -2578,8 +2578,8 @@ static void ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl, return; } - *p++ = (unsigned char)( ( kkpp_len >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( kkpp_len ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( kkpp_len ); + *p++ = MBEDTLS_CHAR_0( kkpp_len ); *olen = kkpp_len + 4; } @@ -2604,18 +2604,18 @@ static void ssl_write_alpn_ext( mbedtls_ssl_context *ssl, * 6 . 6 protocol name length * 7 . 7+n protocol name */ - buf[0] = (unsigned char)( ( MBEDTLS_TLS_EXT_ALPN >> 8 ) & 0xFF ); - buf[1] = (unsigned char)( ( MBEDTLS_TLS_EXT_ALPN ) & 0xFF ); + buf[0] = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_ALPN ); + buf[1] = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_ALPN ); *olen = 7 + strlen( ssl->alpn_chosen ); - buf[2] = (unsigned char)( ( ( *olen - 4 ) >> 8 ) & 0xFF ); - buf[3] = (unsigned char)( ( ( *olen - 4 ) ) & 0xFF ); + buf[2] = MBEDTLS_CHAR_1( *olen - 4 ); + buf[3] = MBEDTLS_CHAR_0( *olen - 4 ); - buf[4] = (unsigned char)( ( ( *olen - 6 ) >> 8 ) & 0xFF ); - buf[5] = (unsigned char)( ( ( *olen - 6 ) ) & 0xFF ); + buf[4] = MBEDTLS_CHAR_1( *olen - 6 ); + buf[5] = MBEDTLS_CHAR_0( *olen - 6 ); - buf[6] = (unsigned char)( ( ( *olen - 7 ) ) & 0xFF ); + buf[6] = MBEDTLS_CHAR_0( *olen - 7 ); memcpy( buf + 7, ssl->alpn_chosen, *olen - 7 ); } @@ -2660,15 +2660,15 @@ static void ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, } /* extension */ - buf[0] = (unsigned char)( ( MBEDTLS_TLS_EXT_USE_SRTP >> 8 ) & 0xFF ); - buf[1] = (unsigned char)( ( MBEDTLS_TLS_EXT_USE_SRTP ) & 0xFF ); + buf[0] = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_USE_SRTP ); + buf[1] = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_USE_SRTP ); /* * total length 5 and mki value: only one profile(2 bytes) * and length(2 bytes) and srtp_mki ) */ ext_len = 5 + mki_len; - buf[2] = (unsigned char)( ( ext_len >> 8 ) & 0xFF ); - buf[3] = (unsigned char)( ext_len & 0xFF ); + buf[2] = MBEDTLS_CHAR_1( ext_len ); + buf[3] = MBEDTLS_CHAR_0( ext_len ); /* protection profile length: 2 */ buf[4] = 0x00; @@ -2677,8 +2677,8 @@ static void ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, ssl->dtls_srtp_info.chosen_dtls_srtp_profile ); if( profile_value != MBEDTLS_TLS_SRTP_UNSET ) { - buf[6] = (unsigned char)( ( profile_value >> 8 ) & 0xFF ); - buf[7] = (unsigned char)( profile_value & 0xFF ); + buf[6] = MBEDTLS_CHAR_1( profile_value ); + buf[7] = MBEDTLS_CHAR_0( profile_value ); } else { @@ -3026,8 +3026,8 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl ) if( ext_len > 0 ) { - *p++ = (unsigned char)( ( ext_len >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( ext_len ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( ext_len ); + *p++ = MBEDTLS_CHAR_0( ext_len ); p += ext_len; } @@ -3883,9 +3883,8 @@ static int ssl_decrypt_encrypted_pms( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); } - if( *p++ != ( ( len >> 8 ) & 0xFF ) || - *p++ != ( ( len ) & 0xFF ) ) - { + if( *p++ != MBEDTLS_CHAR_1( len ) || + *p++ != MBEDTLS_CHAR_0( len ) ){ MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); } @@ -4647,13 +4646,13 @@ static int ssl_write_new_session_ticket( mbedtls_ssl_context *ssl ) tlen = 0; } - ssl->out_msg[4] = ( lifetime >> 24 ) & 0xFF; - ssl->out_msg[5] = ( lifetime >> 16 ) & 0xFF; - ssl->out_msg[6] = ( lifetime >> 8 ) & 0xFF; - ssl->out_msg[7] = ( lifetime ) & 0xFF; + ssl->out_msg[4] = MBEDTLS_CHAR_3( lifetime ); + ssl->out_msg[5] = MBEDTLS_CHAR_2( lifetime ); + ssl->out_msg[6] = MBEDTLS_CHAR_1( lifetime ); + ssl->out_msg[7] = MBEDTLS_CHAR_0( lifetime ); - ssl->out_msg[8] = (unsigned char)( ( tlen >> 8 ) & 0xFF ); - ssl->out_msg[9] = (unsigned char)( ( tlen ) & 0xFF ); + ssl->out_msg[8] = MBEDTLS_CHAR_1( tlen ); + ssl->out_msg[9] = MBEDTLS_CHAR_0( tlen ); ssl->out_msglen = 10 + tlen; diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 976a87c51..2c3e506cd 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -5278,8 +5278,8 @@ static unsigned char ssl_serialized_session_header[] = { MBEDTLS_VERSION_MAJOR, MBEDTLS_VERSION_MINOR, MBEDTLS_VERSION_PATCH, - ( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG >> 8 ) & 0xFF, - ( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG >> 0 ) & 0xFF, + MBEDTLS_CHAR_1( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG ), + MBEDTLS_CHAR_0( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG ), }; /* @@ -5360,14 +5360,14 @@ static int ssl_session_save( const mbedtls_ssl_session *session, { start = (uint64_t) session->start; - *p++ = (unsigned char)( ( start >> 56 ) & 0xFF ); - *p++ = (unsigned char)( ( start >> 48 ) & 0xFF ); - *p++ = (unsigned char)( ( start >> 40 ) & 0xFF ); - *p++ = (unsigned char)( ( start >> 32 ) & 0xFF ); - *p++ = (unsigned char)( ( start >> 24 ) & 0xFF ); - *p++ = (unsigned char)( ( start >> 16 ) & 0xFF ); - *p++ = (unsigned char)( ( start >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( start ) & 0xFF ); + *p++ = MBEDTLS_CHAR_7( start ); + *p++ = MBEDTLS_CHAR_6( start ); + *p++ = MBEDTLS_CHAR_5( start ); + *p++ = MBEDTLS_CHAR_4( start ); + *p++ = MBEDTLS_CHAR_3( start ); + *p++ = MBEDTLS_CHAR_2( start ); + *p++ = MBEDTLS_CHAR_1( start ); + *p++ = MBEDTLS_CHAR_0( start ); } #endif /* MBEDTLS_HAVE_TIME */ @@ -5383,22 +5383,22 @@ static int ssl_session_save( const mbedtls_ssl_session *session, if( used <= buf_len ) { - *p++ = (unsigned char)( ( session->ciphersuite >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( session->ciphersuite ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( session->ciphersuite ); + *p++ = MBEDTLS_CHAR_0( session->ciphersuite ); - *p++ = (unsigned char)( session->compression & 0xFF ); + *p++ = MBEDTLS_CHAR_0( session->compression ); - *p++ = (unsigned char)( session->id_len & 0xFF ); + *p++ = MBEDTLS_CHAR_0( session->id_len ); memcpy( p, session->id, 32 ); p += 32; memcpy( p, session->master, 48 ); p += 48; - *p++ = (unsigned char)( ( session->verify_result >> 24 ) & 0xFF ); - *p++ = (unsigned char)( ( session->verify_result >> 16 ) & 0xFF ); - *p++ = (unsigned char)( ( session->verify_result >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( session->verify_result ) & 0xFF ); + *p++ = MBEDTLS_CHAR_3( session->verify_result ); + *p++ = MBEDTLS_CHAR_2( session->verify_result ); + *p++ = MBEDTLS_CHAR_1( session->verify_result ); + *p++ = MBEDTLS_CHAR_0( session->verify_result ); } /* @@ -5415,9 +5415,9 @@ static int ssl_session_save( const mbedtls_ssl_session *session, if( used <= buf_len ) { - *p++ = (unsigned char)( ( cert_len >> 16 ) & 0xFF ); - *p++ = (unsigned char)( ( cert_len >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( cert_len ) & 0xFF ); + *p++ = MBEDTLS_CHAR_2( cert_len ); + *p++ = MBEDTLS_CHAR_1( cert_len ); + *p++ = MBEDTLS_CHAR_0( cert_len ); if( session->peer_cert != NULL ) { @@ -5458,9 +5458,9 @@ static int ssl_session_save( const mbedtls_ssl_session *session, if( used <= buf_len ) { - *p++ = (unsigned char)( ( session->ticket_len >> 16 ) & 0xFF ); - *p++ = (unsigned char)( ( session->ticket_len >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( session->ticket_len ) & 0xFF ); + *p++ = MBEDTLS_CHAR_2( session->ticket_len ); + *p++ = MBEDTLS_CHAR_1( session->ticket_len ); + *p++ = MBEDTLS_CHAR_0( session->ticket_len ); if( session->ticket != NULL ) { @@ -5468,10 +5468,10 @@ static int ssl_session_save( const mbedtls_ssl_session *session, p += session->ticket_len; } - *p++ = (unsigned char)( ( session->ticket_lifetime >> 24 ) & 0xFF ); - *p++ = (unsigned char)( ( session->ticket_lifetime >> 16 ) & 0xFF ); - *p++ = (unsigned char)( ( session->ticket_lifetime >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( session->ticket_lifetime ) & 0xFF ); + *p++ = MBEDTLS_CHAR_3( session->ticket_lifetime ); + *p++ = MBEDTLS_CHAR_2( session->ticket_lifetime ); + *p++ = MBEDTLS_CHAR_1( session->ticket_lifetime ); + *p++ = MBEDTLS_CHAR_0( session->ticket_lifetime ); } #endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */ @@ -5496,7 +5496,7 @@ static int ssl_session_save( const mbedtls_ssl_session *session, used += 1; if( used <= buf_len ) - *p++ = (unsigned char)( ( session->encrypt_then_mac ) & 0xFF ); + *p++ = MBEDTLS_CHAR_0( session->encrypt_then_mac ); #endif /* Done */ @@ -6149,11 +6149,11 @@ static unsigned char ssl_serialized_context_header[] = { MBEDTLS_VERSION_MAJOR, MBEDTLS_VERSION_MINOR, MBEDTLS_VERSION_PATCH, - ( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG >> 8 ) & 0xFF, - ( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG >> 0 ) & 0xFF, - ( SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG >> 16 ) & 0xFF, - ( SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG >> 8 ) & 0xFF, - ( SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG >> 0 ) & 0xFF, + MBEDTLS_CHAR_1( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG ), + MBEDTLS_CHAR_0( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG ), + MBEDTLS_CHAR_2( SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG ), + MBEDTLS_CHAR_1( SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG ), + MBEDTLS_CHAR_0( SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG ), }; /* @@ -6294,10 +6294,10 @@ int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl, used += 4 + session_len; if( used <= buf_len ) { - *p++ = (unsigned char)( ( session_len >> 24 ) & 0xFF ); - *p++ = (unsigned char)( ( session_len >> 16 ) & 0xFF ); - *p++ = (unsigned char)( ( session_len >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( session_len ) & 0xFF ); + *p++ = MBEDTLS_CHAR_3( session_len ); + *p++ = MBEDTLS_CHAR_2( session_len ); + *p++ = MBEDTLS_CHAR_1( session_len ); + *p++ = MBEDTLS_CHAR_0( session_len ); ret = ssl_session_save( ssl->session, 1, p, session_len, &session_len ); @@ -6339,10 +6339,10 @@ int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl, used += 4; if( used <= buf_len ) { - *p++ = (unsigned char)( ( ssl->badmac_seen >> 24 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->badmac_seen >> 16 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->badmac_seen >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->badmac_seen ) & 0xFF ); + *p++ = MBEDTLS_CHAR_3( ssl->badmac_seen ); + *p++ = MBEDTLS_CHAR_2( ssl->badmac_seen ); + *p++ = MBEDTLS_CHAR_1( ssl->badmac_seen ); + *p++ = MBEDTLS_CHAR_0( ssl->badmac_seen ); } #endif /* MBEDTLS_SSL_DTLS_BADMAC_LIMIT */ @@ -6350,23 +6350,23 @@ int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl, used += 16; if( used <= buf_len ) { - *p++ = (unsigned char)( ( ssl->in_window_top >> 56 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->in_window_top >> 48 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->in_window_top >> 40 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->in_window_top >> 32 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->in_window_top >> 24 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->in_window_top >> 16 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->in_window_top >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->in_window_top ) & 0xFF ); + *p++ = MBEDTLS_CHAR_7( ssl->in_window_top ); + *p++ = MBEDTLS_CHAR_6( ssl->in_window_top ); + *p++ = MBEDTLS_CHAR_5( ssl->in_window_top ); + *p++ = MBEDTLS_CHAR_4( ssl->in_window_top ); + *p++ = MBEDTLS_CHAR_3( ssl->in_window_top ); + *p++ = MBEDTLS_CHAR_2( ssl->in_window_top ); + *p++ = MBEDTLS_CHAR_1( ssl->in_window_top ); + *p++ = MBEDTLS_CHAR_0( ssl->in_window_top ); - *p++ = (unsigned char)( ( ssl->in_window >> 56 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->in_window >> 48 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->in_window >> 40 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->in_window >> 32 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->in_window >> 24 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->in_window >> 16 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->in_window >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->in_window ) & 0xFF ); + *p++ = MBEDTLS_CHAR_7( ssl->in_window ); + *p++ = MBEDTLS_CHAR_6( ssl->in_window ); + *p++ = MBEDTLS_CHAR_5( ssl->in_window ); + *p++ = MBEDTLS_CHAR_4( ssl->in_window ); + *p++ = MBEDTLS_CHAR_3( ssl->in_window ); + *p++ = MBEDTLS_CHAR_2( ssl->in_window ); + *p++ = MBEDTLS_CHAR_1( ssl->in_window ); + *p++ = MBEDTLS_CHAR_0( ssl->in_window ); } #endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */ @@ -6389,8 +6389,8 @@ int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl, used += 2; if( used <= buf_len ) { - *p++ = (unsigned char)( ( ssl->mtu >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->mtu ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( ssl->mtu ); + *p++ = MBEDTLS_CHAR_0( ssl->mtu ); } #endif /* MBEDTLS_SSL_PROTO_DTLS */ diff --git a/library/ssl_tls13_keys.c b/library/ssl_tls13_keys.c index c39e0322b..4b84cb452 100644 --- a/library/ssl_tls13_keys.c +++ b/library/ssl_tls13_keys.c @@ -112,17 +112,17 @@ static void ssl_tls1_3_hkdf_encode_label( #endif *p++ = 0; - *p++ = (unsigned char)( ( desired_length >> 0 ) & 0xFF ); + *p++ = MBEDTLS_CHAR_0( desired_length ); /* Add label incl. prefix */ - *p++ = (unsigned char)( total_label_len & 0xFF ); + *p++ = MBEDTLS_CHAR_0( total_label_len ); memcpy( p, tls1_3_label_prefix, sizeof(tls1_3_label_prefix) ); p += sizeof(tls1_3_label_prefix); memcpy( p, label, llen ); p += llen; /* Add context value */ - *p++ = (unsigned char)( clen & 0xFF ); + *p++ = MBEDTLS_CHAR_0( clen ); if( clen != 0 ) memcpy( p, ctx, clen );