TLS: Fix MSVC build (shortening)
RFC 9180 (Hybrid Public Key Encryption) defines its ExpandedLabel function to require that various lengths fit into a 16-bit integer so that I2OSP(L, 2) (which converts the integer to a length 2 byte array) returns without error. So for this method we should never have any lengths longer than a uint16_t, and don't need to return a size_t. This avoids having shortening warnings under MSVC. Fixup 10fa0dd21553c4f822fe79581296fe7a9d90e35d
This commit is contained in:
John Thacker
parent
91ceae28d9
commit
b97a9e534e
@ -9717,19 +9717,17 @@ ssl_dissect_hnd_hello_ext_ech(ssl_common_dissect_t *hf, tvbuff_t *tvb, packet_in
|
||||
break;
|
||||
}
|
||||
|
||||
uint8_t kdf_len = hpke_hkdf_len(kdf_id);
|
||||
if (kdf_len == 0) {
|
||||
if (hpke_hkdf_len(kdf_id) == 0) {
|
||||
ssl_debug_printf("Unsupported KDF\n");
|
||||
break;
|
||||
}
|
||||
|
||||
uint8_t aead_key_len = hpke_aead_key_len(aead_id);
|
||||
if (aead_key_len == 0) {
|
||||
if (hpke_aead_key_len(aead_id) == 0) {
|
||||
ssl_debug_printf("Unsupported AEAD\n");
|
||||
break;
|
||||
}
|
||||
|
||||
uint8_t aead_nonce_len = hpke_aead_nonce_len(aead_id);
|
||||
size_t aead_nonce_len = hpke_aead_nonce_len(aead_id);
|
||||
|
||||
uint16_t version = GUINT16_FROM_BE(*(uint16_t *)ech_config->data);
|
||||
if (version != SSL_HND_HELLO_EXT_ENCRYPTED_CLIENT_HELLO) {
|
||||
|
||||
@ -237,7 +237,7 @@ hpke_extract(uint16_t kdf_id, const uint8_t *salt, unsigned salt_len, const uint
|
||||
return GPG_ERR_NO_ERROR;
|
||||
}
|
||||
|
||||
size_t
|
||||
uint16_t
|
||||
hpke_hkdf_len(uint16_t kdf_id)
|
||||
{
|
||||
switch (kdf_id) {
|
||||
@ -252,11 +252,11 @@ hpke_hkdf_len(uint16_t kdf_id)
|
||||
}
|
||||
}
|
||||
|
||||
size_t
|
||||
uint16_t
|
||||
hpke_aead_key_len(uint16_t aead_id)
|
||||
{
|
||||
switch (aead_id) {
|
||||
case HPKE_AEAD_AES_128_GCM:
|
||||
case HPKE_AEAD_AES_128_GCM:
|
||||
return AEAD_AES_128_GCM_KEY_LENGTH;
|
||||
case HPKE_AEAD_AES_256_GCM:
|
||||
return AEAD_AES_256_GCM_KEY_LENGTH;
|
||||
@ -267,11 +267,11 @@ hpke_aead_key_len(uint16_t aead_id)
|
||||
}
|
||||
}
|
||||
|
||||
size_t
|
||||
uint16_t
|
||||
hpke_aead_nonce_len(uint16_t aead_id)
|
||||
{
|
||||
switch (aead_id) {
|
||||
case HPKE_AEAD_AES_128_GCM:
|
||||
case HPKE_AEAD_AES_128_GCM:
|
||||
case HPKE_AEAD_AES_256_GCM:
|
||||
case HPKE_AEAD_CHACHA20POLY1305:
|
||||
return HPKE_AEAD_NONCE_LENGTH;
|
||||
@ -294,7 +294,7 @@ hpke_suite_id(uint16_t kem_id, uint16_t kdf_id, uint16_t aead_id, uint8_t *suite
|
||||
suite_id[offset++] = aead_id & 0xFF;
|
||||
}
|
||||
|
||||
gcry_error_t
|
||||
static gcry_error_t
|
||||
hpke_expand(uint16_t kdf_id, const uint8_t *prk, const uint8_t *suite_id, const char *label,
|
||||
const uint8_t *info, uint8_t *out, uint16_t out_len)
|
||||
{
|
||||
@ -303,24 +303,24 @@ hpke_expand(uint16_t kdf_id, const uint8_t *prk, const uint8_t *suite_id, const
|
||||
uint16_t out_len_be = GUINT16_TO_BE(out_len);
|
||||
gcry_error_t result;
|
||||
switch (kdf_id) {
|
||||
case HPKE_HKDF_SHA256:
|
||||
case HPKE_HKDF_SHA256:
|
||||
hashalgo = GCRY_MD_SHA256;
|
||||
break;
|
||||
case HPKE_HKDF_SHA384:
|
||||
hashalgo = GCRY_MD_SHA384;
|
||||
break;
|
||||
case HPKE_HKDF_SHA512:
|
||||
case HPKE_HKDF_SHA512:
|
||||
hashalgo = GCRY_MD_SHA512;
|
||||
break;
|
||||
default:
|
||||
return GPG_ERR_DIGEST_ALGO;
|
||||
}
|
||||
g_byte_array_append(labeled_info, (guint8 *)&out_len_be, 2);
|
||||
g_byte_array_append(labeled_info, (uint8_t *)&out_len_be, 2);
|
||||
g_byte_array_append(labeled_info, HPKE_VERSION_ID, sizeof(HPKE_VERSION_ID) - 1);
|
||||
g_byte_array_append(labeled_info, suite_id, HPKE_SUIT_ID_LEN);
|
||||
g_byte_array_append(labeled_info, label, (guint)strlen(label));
|
||||
g_byte_array_append(labeled_info, info, (guint)(1 + hpke_hkdf_len(kdf_id) * 2));
|
||||
result = hkdf_expand(hashalgo, prk, (guint)hpke_hkdf_len(kdf_id), labeled_info->data, labeled_info->len, out, out_len);
|
||||
g_byte_array_append(labeled_info, label, (unsigned)strlen(label));
|
||||
g_byte_array_append(labeled_info, info, (unsigned)(1 + hpke_hkdf_len(kdf_id) * 2));
|
||||
result = hkdf_expand(hashalgo, prk, (unsigned)hpke_hkdf_len(kdf_id), labeled_info->data, labeled_info->len, out, out_len);
|
||||
g_byte_array_free(labeled_info, TRUE);
|
||||
return result;
|
||||
}
|
||||
|
||||
@ -89,13 +89,18 @@ hkdf_extract(int hashalgo, const uint8_t *salt, size_t salt_len, const uint8_t *
|
||||
return ws_hmac_buffer(hashalgo, prk, ikm, ikm_len, salt, salt_len);
|
||||
}
|
||||
|
||||
WS_DLL_PUBLIC size_t
|
||||
/*
|
||||
* Convenience functions for Hybrid Public Key Encryption (HPKE) according
|
||||
* to RFC 9180. Note these lengths must fit into a 16-bit integer so
|
||||
* that the I2OSP(L, 2) call in ExpandedLabel returns without error.
|
||||
*/
|
||||
WS_DLL_PUBLIC uint16_t
|
||||
hpke_hkdf_len(uint16_t kdf_id);
|
||||
|
||||
WS_DLL_PUBLIC size_t
|
||||
WS_DLL_PUBLIC uint16_t
|
||||
hpke_aead_key_len(uint16_t aead_id);
|
||||
|
||||
WS_DLL_PUBLIC size_t
|
||||
WS_DLL_PUBLIC uint16_t
|
||||
hpke_aead_nonce_len(uint16_t aead_id);
|
||||
|
||||
WS_DLL_PUBLIC void
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user