From 94ef3b35f41b22addc6624ec02846d25edc03744 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Thu, 16 May 2019 12:50:45 +0100
Subject: [PATCH] Encode relevant parts of the config in serialized session
 header

This commit makes use of the added space in the session header to
encode the state of those parts of the compile-time configuration
which influence the structure of the serialized session in the
present version of Mbed TLS. Specifically, these are
- the options which influence the presence/omission of fields
  from mbedtls_ssl_session (which is currently shallow-copied
  into the serialized session)
- the setting of MBEDTLS_X509_CRT_PARSE_C, which determines whether
  the serialized session contains a CRT-length + CRT-value pair after
  the shallow-copied mbedtls_ssl_session instance.
- the setting of MBEDTLS_SSL_SESSION_TICKETS, which determines whether
  the serialized session contains a session ticket.
---
 library/ssl_tls.c | 96 ++++++++++++++++++++++++++++++++++++++++++++---
 1 file changed, 90 insertions(+), 6 deletions(-)

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index ca52752c2..f60c63290 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -9848,12 +9848,81 @@ const mbedtls_ssl_session *mbedtls_ssl_get_session_pointer( const mbedtls_ssl_co
  * and structure of the ticket.
  */
 
+/*
+ * Define bitflag determining structure of mbedtls_ssl_session.
+ */
+
+#if defined(MBEDTLS_HAVE_TIME)
+#define SSL_SERIALIZED_SESSION_STRUCT_TIME_BIT 1
+#else
+#define SSL_SERIALIZED_SESSION_STRUCT_TIME_BIT 0
+#endif /* MBEDTLS_HAVE_TIME */
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+#define SSL_SERIALIZED_SESSION_STRUCT_CRT_BIT 1
+#else
+#define SSL_SERIALIZED_SESSION_STRUCT_CRT_BIT 0
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
+
+#if defined(MBEDTLS_SSL_CLI_C) && defined(MBEDTLS_SSL_SESSION_TICKETS)
+#define SSL_SERIALIZED_SESSION_STRUCT_CLIENT_BIT 1
+#else
+#define SSL_SERIALIZED_SESSION_STRUCT_CLIENT_BIT 0
+#endif /* MBEDTLS_SSL_CLI_C && MBEDTLS_SSL_SESSION_TICKETS */
+
+#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
+#define SSL_SERIALIZED_SESSION_STRUCT_MFL_BIT 1
+#else
+#define SSL_SERIALIZED_SESSION_STRUCT_MFL_BIT 0
+#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
+
+#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
+#define SSL_SERIALIZED_SESSION_STRUCT_TRUNC_HMAC_BIT 1
+#else
+#define SSL_SERIALIZED_SESSION_STRUCT_TRUNC_HMAC_BIT 0
+#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
+
+#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+#define SSL_SERIALIZED_SESSION_STRUCT_ETM_BIT 1
+#else
+#define SSL_SERIALIZED_SESSION_STRUCT_ETM_BIT 0
+#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */
+
+#define SSL_SERIALIZED_SESSION_STRUCT_BYTE                                 \
+    ( (uint8_t) ( ( SSL_SERIALIZED_SESSION_STRUCT_TIME_BIT       << 0 )    | \
+                  ( SSL_SERIALIZED_SESSION_STRUCT_CRT_BIT        << 1 )    | \
+                  ( SSL_SERIALIZED_SESSION_STRUCT_CLIENT_BIT     << 2 )    | \
+                  ( SSL_SERIALIZED_SESSION_STRUCT_MFL_BIT        << 3 )    | \
+                  ( SSL_SERIALIZED_SESSION_STRUCT_TRUNC_HMAC_BIT << 4 )    | \
+                  ( SSL_SERIALIZED_SESSION_STRUCT_ETM_BIT        << 5 ) ) )
+
+/*
+ * Define bitflag determining compile-time settings influencing
+ * structure of the ticket outside of the session structure.
+ */
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+#define SSL_SERIALIZED_SESSION_CONFIG_CRT 1
+#else
+#define SSL_SERIALIZED_SESSION_CONFIG_CRT 0
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
+
+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+#define SSL_SERIALIZED_SESSION_CONFIG_TICKET 1
+#else
+#define SSL_SERIALIZED_SESSION_CONFIG_TICKET 0
+#endif /* MBEDTLS_SSL_SESSION_TICKETS */
+
+#define SSL_SERIALIZED_SESSION_CONFIG_BYTE                               \
+    ( (uint8_t) ( ( SSL_SERIALIZED_SESSION_CONFIG_CRT    << 0 )        | \
+                  ( SSL_SERIALIZED_SESSION_CONFIG_TICKET << 1 ) ) )
+
 static unsigned char ssl_serialized_session_header[] = {
-   MBEDTLS_VERSION_MAJOR,
-   MBEDTLS_VERSION_MINOR,
-   MBEDTLS_VERSION_PATCH,
-   0xFF /* TBD */,
-   0xFF /* TBD */
+    MBEDTLS_VERSION_MAJOR,
+    MBEDTLS_VERSION_MINOR,
+    MBEDTLS_VERSION_PATCH,
+    SSL_SERIALIZED_SESSION_STRUCT_BYTE,
+    SSL_SERIALIZED_SESSION_CONFIG_BYTE
 };
 
 /*
@@ -9867,7 +9936,22 @@ static unsigned char ssl_serialized_session_header[] = {
  *                                  // indicating the setting of those compile-
  *                                  // time configuration options influencing
  *                                  // the format of the serialized data.
- *                                  // Unused so far.
+ *                                  //
+ *                                  // In this version, we use:
+ *                                  // - Bits 8-15 (second byte)
+ *                                  //   Bitflag determining structure of
+ *                                  //   mbedtls_ssl_session
+ *                                  // - Bit 0:
+ *                                  //   0/1 depending on state of
+ *                                  //   MBEDTLS_X509_CRT_PARSE_C.
+ *                                  //   This determines whether the session
+ *                                  //   is followed by a certificate.
+ *                                  // - Bit 1:
+ *                                  //   0/1 depending on state of
+ *                                  //   MBEDTLS_SSL_SESSION_TICKETS
+ *                                  //   This determines whether the certificate
+ *                                  //   is followed by a session ticket.
+ *                                  // - Bits 2-7: Unused so far
  *  uint64 start_time;
  *  uint8 ciphersuite[2];           // defined by the standard
  *  uint8 compression;              // 0 or 1