Merge remote-tracking branch 'origin/pr/657' into baremetal
diff --git a/include/mbedtls/platform_util.h b/include/mbedtls/platform_util.h
index 98384ad..7033af8 100644
--- a/include/mbedtls/platform_util.h
+++ b/include/mbedtls/platform_util.h
@@ -30,7 +30,7 @@
#else
#include MBEDTLS_CONFIG_FILE
#endif
-
+#include <stdint.h>
#include <stddef.h>
#if defined(MBEDTLS_HAVE_TIME_DATE)
#include "platform_time.h"
@@ -195,6 +195,82 @@
struct tm *tm_buf );
#endif /* MBEDTLS_HAVE_TIME_DATE */
+/**
+ * \brief Convert a 32-bit number to the big endian format and write it to
+ * the given buffer.
+ *
+ * \param buf Address where the converted number is written.
+ * \param num A number that needs to be converted to the big endian format.
+ *
+ * \return Address to the end of buffer where the converted number is
+ * written.
+ */
+unsigned char* mbedtls_platform_put_uint32_be( unsigned char *buf,
+ size_t num );
+
+/**
+ * \brief Convert a 24-bit number to the big endian format and write it to
+ * the given buffer.
+ *
+ * \param buf Address where the converted number is written.
+ * \param num A number that needs to be converted to the big endian format.
+ *
+ * \return Address to the end of buffer where the converted number is
+ * written.
+ */
+unsigned char* mbedtls_platform_put_uint24_be( unsigned char *buf,
+ size_t num );
+
+/**
+ * \brief Convert a 16-bit number to the big endian format and write it to
+ * the given buffer.
+ *
+ *
+ * \param buf Address where the converted number is written.
+ * \param num A number that needs to be converted to the big endian format.
+ *
+ * \return Address to the end of buffer where the converted number is
+ * written.
+ */
+unsigned char* mbedtls_platform_put_uint16_be( unsigned char *buf,
+ size_t num );
+
+/**
+ * \brief Convert a 32-bit number from the big endian format.
+ *
+ * The function reads a 32-bit number from the given buffer in the
+ * big endian format and returns it to the caller.
+ *
+ * \param buf Buffer where the 32-bit number locates.
+ *
+ * \return Converted number.
+ */
+size_t mbedtls_platform_get_uint32_be( const unsigned char *buf );
+
+/**
+ * \brief Convert a 24-bit number from the big endian format.
+ *
+ * The function reads a 14-bit number from the given buffer in the
+ * big endian format and returns it to the caller.
+ *
+ * \param buf Buffer where the 24-bit number locates.
+ *
+ * \return Converted number.
+ */
+size_t mbedtls_platform_get_uint24_be( const unsigned char *buf );
+
+/**
+ * \brief Convert a 16-bit number from the big endian format.
+ *
+ * The function reads a 16-bit number from the given buffer in the
+ * big endian format and returns it to the caller.
+ *
+ * \param buf Buffer where the 16-bit number locates.
+ *
+ * \return Converted number.
+ */
+size_t mbedtls_platform_get_uint16_be( const unsigned char *buf );
+
#ifdef __cplusplus
}
#endif
diff --git a/library/platform_util.c b/library/platform_util.c
index 756e226..8f8a3aa 100644
--- a/library/platform_util.c
+++ b/library/platform_util.c
@@ -134,3 +134,54 @@
#endif /* _WIN32 && !EFIX64 && !EFI32 */
}
#endif /* MBEDTLS_HAVE_TIME_DATE && MBEDTLS_PLATFORM_GMTIME_R_ALT */
+
+unsigned char* mbedtls_platform_put_uint32_be( unsigned char *buf,
+ size_t num )
+{
+ *buf++ = (unsigned char) ( num >> 24 );
+ *buf++ = (unsigned char) ( num >> 16 );
+ *buf++ = (unsigned char) ( num >> 8 );
+ *buf++ = (unsigned char) ( num );
+
+ return buf;
+}
+
+unsigned char* mbedtls_platform_put_uint24_be( unsigned char *buf,
+ size_t num )
+{
+ *buf++ = (unsigned char) ( num >> 16 );
+ *buf++ = (unsigned char) ( num >> 8 );
+ *buf++ = (unsigned char) ( num );
+
+ return buf;
+}
+
+unsigned char* mbedtls_platform_put_uint16_be( unsigned char *buf,
+ size_t num )
+{
+ *buf++ = (unsigned char) ( num >> 8 );
+ *buf++ = (unsigned char) ( num );
+
+ return buf;
+}
+
+size_t mbedtls_platform_get_uint32_be( const unsigned char *buf )
+{
+ return ( ( (unsigned int) buf[0] << 24 ) |
+ ( (unsigned int) buf[1] << 16 ) |
+ ( (unsigned int) buf[2] << 8 ) |
+ ( (unsigned int) buf[3] ) );
+}
+
+size_t mbedtls_platform_get_uint24_be( const unsigned char *buf )
+{
+ return ( ( buf[0] << 16 ) |
+ ( buf[1] << 8) |
+ ( buf[2] ) );
+}
+
+size_t mbedtls_platform_get_uint16_be( const unsigned char *buf )
+{
+ return ( ( buf[0] << 8 ) |
+ ( buf[1] ) );
+}
diff --git a/library/sha256.c b/library/sha256.c
index c576a03..98965f7 100644
--- a/library/sha256.c
+++ b/library/sha256.c
@@ -49,40 +49,12 @@
#endif /* MBEDTLS_PLATFORM_C */
#endif /* MBEDTLS_SELF_TEST */
-#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
- !defined(inline) && !defined(__cplusplus)
-#define inline __inline
-#endif
-
#define SHA256_VALIDATE_RET(cond) \
MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_SHA256_BAD_INPUT_DATA )
#define SHA256_VALIDATE(cond) MBEDTLS_INTERNAL_VALIDATE( cond )
#if !defined(MBEDTLS_SHA256_ALT)
-/*
- * 32-bit integer manipulation (big endian)
- */
-#ifndef GET_UINT32_BE
-#define GET_UINT32_BE(n,b,i) \
-do { \
- (n) = ( (uint32_t) (b)[(i) ] << 24 ) \
- | ( (uint32_t) (b)[(i) + 1] << 16 ) \
- | ( (uint32_t) (b)[(i) + 2] << 8 ) \
- | ( (uint32_t) (b)[(i) + 3] ); \
-} while( 0 )
-#endif
-
-static inline void sha256_put_uint32_be( uint32_t n,
- unsigned char *b,
- uint8_t i )
-{
- b[i ] = (unsigned char) ( n >> 24 );
- b[i + 1] = (unsigned char) ( n >> 16 );
- b[i + 2] = (unsigned char) ( n >> 8 );
- b[i + 3] = (unsigned char) ( n );
-}
-
void mbedtls_sha256_init( mbedtls_sha256_context *ctx )
{
SHA256_VALIDATE( ctx != NULL );
@@ -227,7 +199,7 @@
for( i = 0; i < 64; i++ )
{
if( i < 16 )
- GET_UINT32_BE( W[i], data, 4 * i );
+ W[i] = (uint32_t)mbedtls_platform_get_uint32_be( &data[4 * i] );
else
R( i );
@@ -238,7 +210,7 @@
}
#else /* MBEDTLS_SHA256_SMALLER */
for( i = 0; i < 16; i++ )
- GET_UINT32_BE( W[i], data, 4 * i );
+ W[i] = (uint32_t)mbedtls_platform_get_uint32_be( &data[4 * i] );
for( i = 0; i < 16; i += 8 )
{
@@ -348,7 +320,7 @@
int mbedtls_sha256_finish_ret( mbedtls_sha256_context *ctx,
unsigned char output[32] )
{
- int ret;
+ int ret, s_pos, o_pos;
uint32_t used;
uint32_t high, low;
@@ -385,8 +357,8 @@
| ( ctx->total[1] << 3 );
low = ( ctx->total[0] << 3 );
- sha256_put_uint32_be( high, ctx->buffer, 56 );
- sha256_put_uint32_be( low, ctx->buffer, 60 );
+ (void)mbedtls_platform_put_uint32_be( ctx->buffer + 56, high );
+ (void)mbedtls_platform_put_uint32_be( ctx->buffer + 60, low );
if( ( ret = mbedtls_internal_sha256_process( ctx, ctx->buffer ) ) != 0 )
return( ret );
@@ -394,18 +366,17 @@
/*
* Output final state
*/
- sha256_put_uint32_be( ctx->state[0], output, 0 );
- sha256_put_uint32_be( ctx->state[1], output, 4 );
- sha256_put_uint32_be( ctx->state[2], output, 8 );
- sha256_put_uint32_be( ctx->state[3], output, 12 );
- sha256_put_uint32_be( ctx->state[4], output, 16 );
- sha256_put_uint32_be( ctx->state[5], output, 20 );
- sha256_put_uint32_be( ctx->state[6], output, 24 );
+
+ for( s_pos = 0, o_pos = 0; s_pos < 7; s_pos++, o_pos += 4 )
+ {
+ (void)mbedtls_platform_put_uint32_be( &output[o_pos],
+ ctx->state[s_pos] );
+ }
#if !defined(MBEDTLS_SHA256_NO_SHA224)
if( ctx->is224 == 0 )
#endif
- sha256_put_uint32_be( ctx->state[7], output, 28 );
+ (void)mbedtls_platform_put_uint32_be( &output[28], ctx->state[7] );
return( 0 );
}
diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index 84d5bbe..0a1322a 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -102,18 +102,14 @@
* } ServerNameList;
*
*/
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SERVERNAME >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SERVERNAME ) & 0xFF );
- *p++ = (unsigned char)( ( (hostname_len + 5) >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( (hostname_len + 5) ) & 0xFF );
-
- *p++ = (unsigned char)( ( (hostname_len + 3) >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( (hostname_len + 3) ) & 0xFF );
+ p = mbedtls_platform_put_uint16_be( p, MBEDTLS_TLS_EXT_SERVERNAME );
+ p = mbedtls_platform_put_uint16_be( p, hostname_len + 5 );
+ p = mbedtls_platform_put_uint16_be( p, hostname_len + 3 );
*p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SERVERNAME_HOSTNAME ) & 0xFF );
- *p++ = (unsigned char)( ( hostname_len >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( hostname_len ) & 0xFF );
+
+ p = mbedtls_platform_put_uint16_be( p, hostname_len );
memcpy( p, ssl->hostname, hostname_len );
@@ -148,8 +144,7 @@
/*
* Secure renegotiation
*/
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ) & 0xFF );
+ p = mbedtls_platform_put_uint16_be( p, MBEDTLS_TLS_EXT_RENEGOTIATION_INFO );
*p++ = 0x00;
*p++ = ( ssl->verify_data_len + 1 ) & 0xFF;
@@ -237,15 +232,10 @@
* SignatureAndHashAlgorithm
* supported_signature_algorithms<2..2^16-2>;
*/
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SIG_ALG >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SIG_ALG ) & 0xFF );
- *p++ = (unsigned char)( ( ( sig_alg_len + 2 ) >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( ( sig_alg_len + 2 ) ) & 0xFF );
-
- *p++ = (unsigned char)( ( sig_alg_len >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( sig_alg_len ) & 0xFF );
-
+ p = mbedtls_platform_put_uint16_be( p, MBEDTLS_TLS_EXT_SIG_ALG );
+ p = mbedtls_platform_put_uint16_be( p, ( sig_alg_len + 2 ) );
+ p = mbedtls_platform_put_uint16_be( p, sig_alg_len );
*olen = 6 + sig_alg_len;
}
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 &&
@@ -290,18 +280,13 @@
return;
}
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES ) & 0xFF );
-
- *p++ = (unsigned char)( ( ( elliptic_curve_len + 2 ) >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( ( elliptic_curve_len + 2 ) ) & 0xFF );
-
- *p++ = (unsigned char)( ( ( elliptic_curve_len ) >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( ( elliptic_curve_len ) ) & 0xFF );
+ p = mbedtls_platform_put_uint16_be( p, MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES );
+ p = mbedtls_platform_put_uint16_be( p, elliptic_curve_len + 2 );
+ p = mbedtls_platform_put_uint16_be( p, elliptic_curve_len );
MBEDTLS_SSL_BEGIN_FOR_EACH_SUPPORTED_EC_TLS_ID( tls_id )
- *p++ = tls_id >> 8;
- *p++ = tls_id & 0xFF;
+ p = mbedtls_platform_put_uint16_be( p, tls_id );
+
MBEDTLS_SSL_END_FOR_EACH_SUPPORTED_EC_TLS_ID
*olen = 6 + elliptic_curve_len;
@@ -324,8 +309,7 @@
return;
}
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ) & 0xFF );
+ p = mbedtls_platform_put_uint16_be( p, MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS );
*p++ = 0x00;
*p++ = 2;
@@ -362,8 +346,7 @@
return;
}
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ECJPAKE_KKPP >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ) & 0xFF );
+ p = mbedtls_platform_put_uint16_be( p, MBEDTLS_TLS_EXT_ECJPAKE_KKPP );
/*
* We may need to send ClientHello multiple times for Hello verification.
@@ -410,8 +393,7 @@
memcpy( p + 2, ssl->handshake->ecjpake_cache, kkpp_len );
}
- *p++ = (unsigned char)( ( kkpp_len >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( kkpp_len ) & 0xFF );
+ p = mbedtls_platform_put_uint16_be( p, kkpp_len );
*olen = kkpp_len + 4;
}
@@ -452,11 +434,10 @@
}
/* Add extension ID + size */
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_CID >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_CID ) & 0xFF );
+ p = mbedtls_platform_put_uint16_be( p, MBEDTLS_TLS_EXT_CID );
ext_len = (size_t) ssl->own_cid_len + 1;
- *p++ = (unsigned char)( ( ext_len >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( ext_len ) & 0xFF );
+
+ p = mbedtls_platform_put_uint16_be( p, ext_len );
*p++ = (uint8_t) ssl->own_cid_len;
memcpy( p, ssl->own_cid, ssl->own_cid_len );
@@ -487,8 +468,7 @@
return;
}
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ) & 0xFF );
+ p = mbedtls_platform_put_uint16_be( p, MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH );
*p++ = 0x00;
*p++ = 1;
@@ -521,8 +501,7 @@
return;
}
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_TRUNCATED_HMAC >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_TRUNCATED_HMAC ) & 0xFF );
+ p = mbedtls_platform_put_uint16_be( p, MBEDTLS_TLS_EXT_TRUNCATED_HMAC );
*p++ = 0x00;
*p++ = 0x00;
@@ -556,8 +535,7 @@
return;
}
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ) & 0xFF );
+ p = mbedtls_platform_put_uint16_be( p, MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC );
*p++ = 0x00;
*p++ = 0x00;
@@ -592,8 +570,7 @@
return;
}
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ) & 0xFF );
+ p = mbedtls_platform_put_uint16_be( p, MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET );
*p++ = 0x00;
*p++ = 0x00;
@@ -625,11 +602,8 @@
return;
}
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SESSION_TICKET >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SESSION_TICKET ) & 0xFF );
-
- *p++ = (unsigned char)( ( tlen >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( tlen ) & 0xFF );
+ p = mbedtls_platform_put_uint16_be( p, MBEDTLS_TLS_EXT_SESSION_TICKET );
+ p = mbedtls_platform_put_uint16_be( p, tlen );
*olen = 4;
@@ -673,8 +647,7 @@
return;
}
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ALPN >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ALPN ) & 0xFF );
+ p = mbedtls_platform_put_uint16_be( p, MBEDTLS_TLS_EXT_ALPN );
/*
* opaque ProtocolName<1..2^8-1>;
@@ -697,12 +670,9 @@
*olen = p - buf;
/* List length = olen - 2 (ext_type) - 2 (ext_len) - 2 (list_len) */
- buf[4] = (unsigned char)( ( ( *olen - 6 ) >> 8 ) & 0xFF );
- buf[5] = (unsigned char)( ( ( *olen - 6 ) ) & 0xFF );
-
+ (void)mbedtls_platform_put_uint16_be( &buf[4], ( *olen - 6 ) );
/* Extension length = olen - 2 (ext_type) - 2 (ext_len) */
- buf[2] = (unsigned char)( ( ( *olen - 4 ) >> 8 ) & 0xFF );
- buf[3] = (unsigned char)( ( ( *olen - 4 ) ) & 0xFF );
+ (void)mbedtls_platform_put_uint16_be( &buf[2], ( *olen - 4 ) );
}
#endif /* MBEDTLS_SSL_ALPN */
@@ -730,11 +700,7 @@
#if defined(MBEDTLS_HAVE_TIME)
t = mbedtls_time( NULL );
- *p++ = (unsigned char)( t >> 24 );
- *p++ = (unsigned char)( t >> 16 );
- *p++ = (unsigned char)( t >> 8 );
- *p++ = (unsigned char)( t );
-
+ p = mbedtls_platform_put_uint32_be( p, (uint32_t) t );
MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, current time: %lu", t ) );
#else
if( ( ret = mbedtls_ssl_conf_get_frng( ssl->conf )
@@ -1004,8 +970,7 @@
if( mbedtls_ssl_get_renego_status( ssl ) == MBEDTLS_SSL_INITIAL_HANDSHAKE )
{
MBEDTLS_SSL_DEBUG_MSG( 3, ( "adding EMPTY_RENEGOTIATION_INFO_SCSV" ) );
- *p++ = (unsigned char)( MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO >> 8 );
- *p++ = (unsigned char)( MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO );
+ p = mbedtls_platform_put_uint16_be( p, MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO );
n++;
}
@@ -1014,8 +979,7 @@
if( ssl->conf->fallback == MBEDTLS_SSL_IS_FALLBACK )
{
MBEDTLS_SSL_DEBUG_MSG( 3, ( "adding FALLBACK_SCSV" ) );
- *p++ = (unsigned char)( MBEDTLS_SSL_FALLBACK_SCSV_VALUE >> 8 );
- *p++ = (unsigned char)( MBEDTLS_SSL_FALLBACK_SCSV_VALUE );
+ p = mbedtls_platform_put_uint16_be( p, MBEDTLS_SSL_FALLBACK_SCSV_VALUE );
n++;
}
#endif
@@ -1143,8 +1107,7 @@
if( ext_len > 0 )
{
- *p++ = (unsigned char)( ( ext_len >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( ext_len ) & 0xFF );
+ p = mbedtls_platform_put_uint16_be( p, ext_len );
p += ext_len;
}
@@ -1499,7 +1462,7 @@
return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
}
- list_len = ( buf[0] << 8 ) | buf[1];
+ list_len = mbedtls_platform_get_uint16_be( buf );
if( list_len != len - 2 )
{
mbedtls_ssl_pend_fatal_alert( ssl,
@@ -1752,10 +1715,7 @@
}
MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, current time: %lu",
- ( (uint32_t) buf[2] << 24 ) |
- ( (uint32_t) buf[3] << 16 ) |
- ( (uint32_t) buf[4] << 8 ) |
- ( (uint32_t) buf[5] ) ) );
+ (unsigned long)mbedtls_platform_get_uint32_be( &buf[2] ) ) );
memcpy( ssl->handshake->randbytes + 32, buf + 2, 32 );
@@ -1773,8 +1733,7 @@
if( ssl->in_hslen > mbedtls_ssl_hs_hdr_len( ssl ) + 39 + n )
{
- ext_len = ( ( buf[38 + n] << 8 )
- | ( buf[39 + n] ) );
+ ext_len = mbedtls_platform_get_uint16_be( &buf[38 + n] );
if( ( ext_len > 0 && ext_len < 4 ) ||
ssl->in_hslen != mbedtls_ssl_hs_hdr_len( ssl ) + 40 + n + ext_len )
@@ -1798,7 +1757,7 @@
}
/* ciphersuite (used later) */
- i = ( buf[35 + n] << 8 ) | buf[36 + n];
+ i = (int)mbedtls_platform_get_uint16_be( &buf[ 35 + n ] );
/*
* Read and check compression
@@ -1962,10 +1921,10 @@
while( ext_len )
{
- unsigned int ext_id = ( ( ext[0] << 8 )
- | ( ext[1] ) );
- unsigned int ext_size = ( ( ext[2] << 8 )
- | ( ext[3] ) );
+ unsigned int ext_id = (unsigned int)
+ mbedtls_platform_get_uint16_be( ext );
+ unsigned int ext_size = (unsigned int)
+ mbedtls_platform_get_uint16_be( &ext[2] );
if( ext_size + 4 > ext_len )
{
@@ -2335,7 +2294,7 @@
"(psk_identity_hint length)" ) );
return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
}
- len = (*p)[0] << 8 | (*p)[1];
+ len = mbedtls_platform_get_uint16_be( *p );
*p += 2;
if( end - (*p) < (int) len )
@@ -2470,8 +2429,7 @@
defined(MBEDTLS_SSL_PROTO_TLS1_2)
if( len_bytes == 2 )
{
- out[0] = (unsigned char)( *olen >> 8 );
- out[1] = (unsigned char)( *olen );
+ (void)mbedtls_platform_put_uint16_be( out, *olen );
*olen += 2;
}
#endif
@@ -2986,7 +2944,8 @@
MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
}
- sig_len = ( p[0] << 8 ) | p[1];
+
+ sig_len = mbedtls_platform_get_uint16_be( p );
p += 2;
if( p != end - sig_len )
@@ -3297,8 +3256,7 @@
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
if( mbedtls_ssl_get_minor_ver( ssl ) == MBEDTLS_SSL_MINOR_VERSION_3 )
{
- size_t sig_alg_len = ( ( buf[mbedtls_ssl_hs_hdr_len( ssl ) + 1 + n] << 8 )
- | ( buf[mbedtls_ssl_hs_hdr_len( ssl ) + 2 + n] ) );
+ size_t sig_alg_len = mbedtls_platform_get_uint16_be( &buf[mbedtls_ssl_hs_hdr_len( ssl ) + 1 + n] );
#if defined(MBEDTLS_DEBUG_C)
unsigned char* sig_alg;
size_t i;
@@ -3338,8 +3296,7 @@
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
/* certificate_authorities */
- dn_len = ( ( buf[mbedtls_ssl_hs_hdr_len( ssl ) + 1 + n] << 8 )
- | ( buf[mbedtls_ssl_hs_hdr_len( ssl ) + 2 + n] ) );
+ dn_len = mbedtls_platform_get_uint16_be( &buf[mbedtls_ssl_hs_hdr_len( ssl ) + 1 + n] );
n += dn_len;
if( ssl->in_hslen != mbedtls_ssl_hs_hdr_len( ssl ) + 3 + n )
@@ -3582,9 +3539,7 @@
if( (size_t)( end - p ) < n + 2 )
return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
- p[0] = (unsigned char)( n >> 8 );
- p[1] = (unsigned char)( n );
- p += 2;
+ p = mbedtls_platform_put_uint16_be( p, n );
ret = mbedtls_dhm_make_public( &ssl->handshake->dhm_ctx,
(int) mbedtls_mpi_size( &ssl->handshake->dhm_ctx.P ),
@@ -3699,9 +3654,7 @@
return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
}
- p[0] = (unsigned char)( n >> 8 );
- p[1] = (unsigned char)( n );
- p += 2;
+ p = mbedtls_platform_put_uint16_be( p, n );
memcpy( p, ssl->conf->psk_identity, n );
p += ssl->conf->psk_identity_len;
@@ -3745,9 +3698,7 @@
return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
}
- p[0] = (unsigned char)( n >> 8 );
- p[1] = (unsigned char)( n );
- p += 2;
+ p = mbedtls_platform_put_uint16_be( p, n );
ret = mbedtls_dhm_make_public( &ssl->handshake->dhm_ctx,
(int) mbedtls_mpi_size( &ssl->handshake->dhm_ctx.P ),
@@ -4045,8 +3996,7 @@
return( ret );
}
- ssl->out_msg[4 + offset] = (unsigned char)( n >> 8 );
- ssl->out_msg[5 + offset] = (unsigned char)( n );
+ (void)mbedtls_platform_put_uint16_be( &ssl->out_msg[4 + offset], n );
ssl->out_msglen = 6 + n + offset;
ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE;
@@ -4112,10 +4062,9 @@
msg = ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl );
- lifetime = ( ((uint32_t) msg[0]) << 24 ) | ( msg[1] << 16 ) |
- ( msg[2] << 8 ) | ( msg[3] );
+ lifetime = (uint32_t)mbedtls_platform_get_uint32_be( msg );
- ticket_len = ( msg[4] << 8 ) | ( msg[5] );
+ ticket_len = mbedtls_platform_get_uint16_be( &msg[4] );
if( ticket_len + 6 + mbedtls_ssl_hs_hdr_len( ssl ) != ssl->in_hslen )
{
diff --git a/library/ssl_cookie.c b/library/ssl_cookie.c
index 6f0be8a..67f9114 100644
--- a/library/ssl_cookie.c
+++ b/library/ssl_cookie.c
@@ -172,12 +172,7 @@
#else
t = ctx->serial++;
#endif
-
- (*p)[0] = (unsigned char)( t >> 24 );
- (*p)[1] = (unsigned char)( t >> 16 );
- (*p)[2] = (unsigned char)( t >> 8 );
- (*p)[3] = (unsigned char)( t );
- *p += 4;
+ *p = mbedtls_platform_put_uint32_be( *p, t );
#if defined(MBEDTLS_THREADING_C)
if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 )
@@ -243,10 +238,7 @@
cur_time = ctx->serial;
#endif
- cookie_time = ( (unsigned long) cookie[0] << 24 ) |
- ( (unsigned long) cookie[1] << 16 ) |
- ( (unsigned long) cookie[2] << 8 ) |
- ( (unsigned long) cookie[3] );
+ cookie_time = (unsigned long)mbedtls_platform_get_uint32_be( cookie );
if( ctx->timeout != 0 && cur_time - cookie_time > ctx->timeout )
return( -1 );
diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index 0fa7c0e..69af317 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -98,7 +98,8 @@
MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
}
- servername_list_size = ( ( buf[0] << 8 ) | ( buf[1] ) );
+ servername_list_size = mbedtls_platform_get_uint16_be( buf );
+
if( servername_list_size + 2 != len )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
@@ -110,7 +111,7 @@
p = buf + 2;
while( servername_list_size > 2 )
{
- hostname_len = ( ( p[1] << 8 ) | p[2] );
+ hostname_len = mbedtls_platform_get_uint16_be( &p[1] );
if( hostname_len + 3 > servername_list_size )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
@@ -218,7 +219,9 @@
MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
}
- sig_alg_list_size = ( ( buf[0] << 8 ) | ( buf[1] ) );
+
+ sig_alg_list_size = mbedtls_platform_get_uint16_be( buf );
+
if( sig_alg_list_size + 2 != len ||
sig_alg_list_size % 2 != 0 )
{
@@ -293,7 +296,8 @@
MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
}
- list_size = ( ( buf[0] << 8 ) | ( buf[1] ) );
+
+ list_size = mbedtls_platform_get_uint16_be( buf );
if( list_size + 2 != len ||
list_size % 2 != 0 )
{
@@ -311,7 +315,8 @@
while( list_size > 0 )
{
- uint16_t const peer_tls_id = ( p[0] << 8 ) | p[1];
+ uint16_t const peer_tls_id = (uint16_t)
+ mbedtls_platform_get_uint16_be( p );
MBEDTLS_SSL_BEGIN_FOR_EACH_SUPPORTED_EC_TLS_ID( own_tls_id )
if( own_tls_id == peer_tls_id &&
@@ -657,7 +662,8 @@
return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
}
- list_len = ( buf[0] << 8 ) | buf[1];
+ list_len = mbedtls_platform_get_uint16_be ( buf );
+
if( list_len != len - 2 )
{
mbedtls_ssl_pend_fatal_alert( ssl,
@@ -751,8 +757,8 @@
while( ec_tls_ids_len-- != 0 )
{
- uint16_t const cur_tls_id =
- ( acceptable_ec_tls_ids[0] << 8 ) | acceptable_ec_tls_ids[1];
+ uint16_t const cur_tls_id = (uint16_t)
+ mbedtls_platform_get_uint16_be( acceptable_ec_tls_ids );
if( cur_tls_id == tls_id )
return( 0 );
@@ -1105,7 +1111,7 @@
return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
}
- n = ( ( buf[0] << 8 ) | buf[1] ) & 0x7FFF;
+ n = mbedtls_platform_get_uint16_be( buf );
if( n < 17 || n > 512 )
{
@@ -1166,9 +1172,9 @@
*/
MBEDTLS_SSL_DEBUG_BUF( 4, "record contents", buf, n );
- ciph_len = ( buf[0] << 8 ) | buf[1];
- sess_len = ( buf[2] << 8 ) | buf[3];
- chal_len = ( buf[4] << 8 ) | buf[5];
+ ciph_len = (unsigned int)mbedtls_platform_get_uint16_be( &buf[0] );
+ sess_len = (unsigned int)mbedtls_platform_get_uint16_be( &buf[2] );
+ chal_len = (unsigned int)mbedtls_platform_get_uint16_be( &buf[4] );
MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciph_len: %d, sess_len: %d, chal_len: %d",
ciph_len, sess_len, chal_len ) );
@@ -1447,7 +1453,7 @@
}
MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, message len.: %d",
- ( ssl->in_len[0] << 8 ) | ssl->in_len[1] ) );
+ (int)mbedtls_platform_get_uint16_be( ssl->in_len ) ) );
MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, protocol version: [%d:%d]",
buf[1], buf[2] ) );
@@ -1494,7 +1500,7 @@
}
#endif /* MBEDTLS_SSL_PROTO_DTLS */
- msg_len = ( ssl->in_len[0] << 8 ) | ssl->in_len[1];
+ msg_len = mbedtls_platform_get_uint16_be( ssl->in_len );
#if defined(MBEDTLS_SSL_RENEGOTIATION)
if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE )
@@ -1562,11 +1568,12 @@
}
MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, handshake len.: %d",
- ( buf[1] << 16 ) | ( buf[2] << 8 ) | buf[3] ) );
+ (int)mbedtls_platform_get_uint24_be( &buf[1]) ) );
/* We don't support fragmentation of ClientHello (yet?) */
if( buf[1] != 0 ||
- msg_len != mbedtls_ssl_hs_hdr_len( ssl ) + ( ( buf[2] << 8 ) | buf[3] ) )
+ msg_len != ( mbedtls_ssl_hs_hdr_len( ssl ) +
+ mbedtls_platform_get_uint16_be( &buf[2]) ) )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
@@ -1583,8 +1590,8 @@
if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS )
{
/* This couldn't be done in ssl_prepare_handshake_record() */
- unsigned int cli_msg_seq = ( ssl->in_msg[4] << 8 ) |
- ssl->in_msg[5];
+ unsigned int cli_msg_seq = (unsigned int)
+ mbedtls_platform_get_uint16_be( &ssl->in_msg[4] );
if( cli_msg_seq != ssl->handshake->in_msg_seq )
{
@@ -1599,8 +1606,9 @@
else
#endif
{
- unsigned int cli_msg_seq = ( ssl->in_msg[4] << 8 ) |
- ssl->in_msg[5];
+ unsigned int cli_msg_seq = (unsigned int)
+ mbedtls_platform_get_uint16_be( &ssl->in_msg[4] );
+
ssl->handshake->out_msg_seq = cli_msg_seq;
ssl->handshake->in_msg_seq = cli_msg_seq + 1;
}
@@ -1796,8 +1804,8 @@
}
#endif /* MBEDTLS_SSL_PROTO_TLS */
- ciph_len = ( buf[ciph_offset + 0] << 8 )
- | ( buf[ciph_offset + 1] );
+
+ ciph_len = mbedtls_platform_get_uint16_be( &buf[ciph_offset + 0] );
if( ciph_len < 2 ||
ciph_len + 2 + ciph_offset + 1 > msg_len || /* 1 for comp. alg. len */
@@ -1870,8 +1878,7 @@
return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
}
- ext_len = ( buf[ext_offset + 0] << 8 )
- | ( buf[ext_offset + 1] );
+ ext_len = mbedtls_platform_get_uint16_be( &buf[ext_offset + 0] );
if( ( ext_len > 0 && ext_len < 4 ) ||
msg_len != ext_offset + 2 + ext_len )
@@ -1898,8 +1905,8 @@
MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
}
- ext_id = ( ( ext[0] << 8 ) | ( ext[1] ) );
- ext_size = ( ( ext[2] << 8 ) | ( ext[3] ) );
+ ext_id = (unsigned int)mbedtls_platform_get_uint16_be( ext );
+ ext_size = (unsigned int)mbedtls_platform_get_uint16_be( &ext[2] );
if( ext_size + 4 > ext_len )
{
@@ -2337,9 +2344,7 @@
MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding truncated hmac extension" ) );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_TRUNCATED_HMAC >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_TRUNCATED_HMAC ) & 0xFF );
-
+ p = mbedtls_platform_put_uint16_be( p, MBEDTLS_TLS_EXT_TRUNCATED_HMAC );
*p++ = 0x00;
*p++ = 0x00;
@@ -2381,13 +2386,9 @@
* opaque cid<0..2^8-1>;
* } ConnectionId;
*/
-
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_CID >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_CID ) & 0xFF );
+ p = mbedtls_platform_put_uint16_be( p, MBEDTLS_TLS_EXT_CID );
ext_len = (size_t) ssl->own_cid_len + 1;
- *p++ = (unsigned char)( ( ext_len >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( ext_len ) & 0xFF );
-
+ p = mbedtls_platform_put_uint16_be( p, ext_len );
*p++ = (uint8_t) ssl->own_cid_len;
memcpy( p, ssl->own_cid, ssl->own_cid_len );
@@ -2437,9 +2438,7 @@
MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding encrypt then mac extension" ) );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ) & 0xFF );
-
+ p = mbedtls_platform_put_uint16_be( p, MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC );
*p++ = 0x00;
*p++ = 0x00;
@@ -2465,8 +2464,7 @@
MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding extended master secret "
"extension" ) );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ) & 0xFF );
+ p = mbedtls_platform_put_uint16_be( p, MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET );
*p++ = 0x00;
*p++ = 0x00;
@@ -2490,9 +2488,7 @@
MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding session ticket extension" ) );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SESSION_TICKET >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SESSION_TICKET ) & 0xFF );
-
+ p = mbedtls_platform_put_uint16_be( p, MBEDTLS_TLS_EXT_SESSION_TICKET );
*p++ = 0x00;
*p++ = 0x00;
@@ -2514,8 +2510,7 @@
MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, secure renegotiation extension" ) );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ) & 0xFF );
+ p = mbedtls_platform_put_uint16_be( p, MBEDTLS_TLS_EXT_RENEGOTIATION_INFO );
#if defined(MBEDTLS_SSL_RENEGOTIATION)
if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE )
@@ -2555,9 +2550,7 @@
MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, max_fragment_length extension" ) );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ) & 0xFF );
-
+ p = mbedtls_platform_put_uint16_be( p, MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH );
*p++ = 0x00;
*p++ = 1;
@@ -2586,8 +2579,7 @@
MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, supported_point_formats extension" ) );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ) & 0xFF );
+ p = mbedtls_platform_put_uint16_be( p, MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS );
*p++ = 0x00;
*p++ = 2;
@@ -2627,8 +2619,7 @@
return;
}
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ECJPAKE_KKPP >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ) & 0xFF );
+ p = mbedtls_platform_put_uint16_be( p, MBEDTLS_TLS_EXT_ECJPAKE_KKPP );
ret = mbedtls_ecjpake_write_round_one( &ssl->handshake->ecjpake_ctx,
p + 2, end - p - 2, &kkpp_len,
@@ -2640,9 +2631,7 @@
return;
}
- *p++ = (unsigned char)( ( kkpp_len >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( kkpp_len ) & 0xFF );
-
+ p = mbedtls_platform_put_uint16_be( p, kkpp_len );
*olen = kkpp_len + 4;
}
#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
@@ -2666,16 +2655,11 @@
* 6 . 6 protocol name length
* 7 . 7+n protocol name
*/
- buf[0] = (unsigned char)( ( MBEDTLS_TLS_EXT_ALPN >> 8 ) & 0xFF );
- buf[1] = (unsigned char)( ( MBEDTLS_TLS_EXT_ALPN ) & 0xFF );
+ (void)mbedtls_platform_put_uint16_be( &buf[0], MBEDTLS_TLS_EXT_ALPN );
*olen = 7 + strlen( ssl->alpn_chosen );
-
- buf[2] = (unsigned char)( ( ( *olen - 4 ) >> 8 ) & 0xFF );
- buf[3] = (unsigned char)( ( ( *olen - 4 ) ) & 0xFF );
-
- buf[4] = (unsigned char)( ( ( *olen - 6 ) >> 8 ) & 0xFF );
- buf[5] = (unsigned char)( ( ( *olen - 6 ) ) & 0xFF );
+ (void)mbedtls_platform_put_uint16_be( &buf[2], ( *olen - 4 ) );
+ (void)mbedtls_platform_put_uint16_be( &buf[4], ( *olen - 6 ) );
buf[6] = (unsigned char)( ( ( *olen - 7 ) ) & 0xFF );
@@ -2805,10 +2789,7 @@
#if defined(MBEDTLS_HAVE_TIME)
t = mbedtls_time( NULL );
- *p++ = (unsigned char)( t >> 24 );
- *p++ = (unsigned char)( t >> 16 );
- *p++ = (unsigned char)( t >> 8 );
- *p++ = (unsigned char)( t );
+ p = mbedtls_platform_put_uint32_be( p, (uint32_t) t );
MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, current time: %lu", t ) );
#else
@@ -2914,8 +2895,7 @@
mbedtls_ssl_handshake_get_resume( ssl->handshake ) ? "a" : "no" ) );
ciphersuite = mbedtls_ssl_session_get_ciphersuite( ssl->session_negotiate );
- *p++ = (unsigned char)( ciphersuite >> 8 );
- *p++ = (unsigned char)( ciphersuite );
+ p = mbedtls_platform_put_uint16_be( p, ciphersuite );
*p++ = (unsigned char)(
mbedtls_ssl_session_get_compression( ssl->session_negotiate ) );
@@ -2992,8 +2972,7 @@
if( ext_len > 0 )
{
- *p++ = (unsigned char)( ( ext_len >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( ext_len ) & 0xFF );
+ p = mbedtls_platform_put_uint16_be( p, ext_len );
p += ext_len;
}
@@ -3135,8 +3114,7 @@
}
MBEDTLS_SSL_END_FOR_EACH_SIG_HASH_TLS
- p[0] = (unsigned char)( sa_len >> 8 );
- p[1] = (unsigned char)( sa_len );
+ (void)mbedtls_platform_put_uint16_be( p, sa_len );
sa_len += 2;
p += sa_len;
}
@@ -3181,8 +3159,7 @@
break;
}
- *p++ = (unsigned char)( dn_size >> 8 );
- *p++ = (unsigned char)( dn_size );
+ p = mbedtls_platform_put_uint16_be( p, dn_size );
memcpy( p, frame->subject_raw.p, dn_size );
p += dn_size;
@@ -3199,8 +3176,8 @@
ssl->out_msglen = p - buf;
ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE;
ssl->out_msg[0] = MBEDTLS_SSL_HS_CERTIFICATE_REQUEST;
- ssl->out_msg[4 + ct_len + sa_len] = (unsigned char)( total_dn_size >> 8 );
- ssl->out_msg[5 + ct_len + sa_len] = (unsigned char)( total_dn_size );
+ (void)mbedtls_platform_put_uint16_be( &ssl->out_msg[4 + ct_len + sa_len],
+ total_dn_size );
ret = mbedtls_ssl_write_handshake_msg( ssl );
@@ -3754,8 +3731,9 @@
#if defined(MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED)
if( signature_len != 0 )
{
- ssl->out_msg[ssl->out_msglen++] = (unsigned char)( signature_len >> 8 );
- ssl->out_msg[ssl->out_msglen++] = (unsigned char)( signature_len );
+ (void)mbedtls_platform_put_uint16_be( &ssl->out_msg[ssl->out_msglen],
+ signature_len );
+ ssl->out_msglen += 2;
MBEDTLS_SSL_DEBUG_BUF( 3, "my signature",
ssl->out_msg + ssl->out_msglen,
@@ -3836,7 +3814,7 @@
return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE );
}
- n = ( (*p)[0] << 8 ) | (*p)[1];
+ n = mbedtls_platform_get_uint16_be ( *p );
*p += 2;
if( *p + n > end )
@@ -4092,7 +4070,7 @@
return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE );
}
- n = ( (*p)[0] << 8 ) | (*p)[1];
+ n = mbedtls_platform_get_uint16_be( *p );
*p += 2;
if( n < 1 || n > 65535 || n > (size_t) ( end - *p ) )
@@ -4624,7 +4602,7 @@
goto exit;
}
- sig_len = ( ssl->in_msg[i] << 8 ) | ssl->in_msg[i+1];
+ sig_len = mbedtls_platform_get_uint16_be( &ssl->in_msg[i] );
i += 2;
if( i + sig_len != ssl->in_hslen )
@@ -4696,15 +4674,9 @@
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_ticket_write", ret );
tlen = 0;
}
+ (void)mbedtls_platform_put_uint32_be( &ssl->out_msg[4], lifetime );
- ssl->out_msg[4] = ( lifetime >> 24 ) & 0xFF;
- ssl->out_msg[5] = ( lifetime >> 16 ) & 0xFF;
- ssl->out_msg[6] = ( lifetime >> 8 ) & 0xFF;
- ssl->out_msg[7] = ( lifetime ) & 0xFF;
-
- ssl->out_msg[8] = (unsigned char)( ( tlen >> 8 ) & 0xFF );
- ssl->out_msg[9] = (unsigned char)( ( tlen ) & 0xFF );
-
+ (void)mbedtls_platform_put_uint16_be( &ssl->out_msg[8], tlen );
ssl->out_msglen = 10 + tlen;
/*
diff --git a/library/ssl_ticket.c b/library/ssl_ticket.c
index 5fe693c..285e736 100644
--- a/library/ssl_ticket.c
+++ b/library/ssl_ticket.c
@@ -221,8 +221,8 @@
{
goto cleanup;
}
- state_len_bytes[0] = ( clear_len >> 8 ) & 0xff;
- state_len_bytes[1] = ( clear_len ) & 0xff;
+
+ (void)mbedtls_platform_put_uint16_be( state_len_bytes, clear_len );
/* Encrypt and authenticate */
tag = state + clear_len;
@@ -298,7 +298,7 @@
if( ( ret = ssl_ticket_update_keys( ctx ) ) != 0 )
goto cleanup;
- enc_len = ( enc_len_p[0] << 8 ) | enc_len_p[1];
+ enc_len = mbedtls_platform_get_uint16_be( enc_len_p );
tag = ticket + enc_len;
if( len != 4 + 12 + 2 + enc_len + 16 )
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index e9f6634..850bcb1 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -497,7 +497,7 @@
switch( mfl )
{
case MBEDTLS_SSL_MAX_FRAG_LEN_NONE:
- return ( MBEDTLS_TLS_EXT_ADV_CONTENT_LEN );
+ return( MBEDTLS_TLS_EXT_ADV_CONTENT_LEN );
case MBEDTLS_SSL_MAX_FRAG_LEN_512:
return 512;
case MBEDTLS_SSL_MAX_FRAG_LEN_1024:
@@ -507,7 +507,7 @@
case MBEDTLS_SSL_MAX_FRAG_LEN_4096:
return 4096;
default:
- return ( MBEDTLS_TLS_EXT_ADV_CONTENT_LEN );
+ return( MBEDTLS_TLS_EXT_ADV_CONTENT_LEN );
}
}
#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
@@ -2111,8 +2111,7 @@
if( end - p < 2 )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
- *(p++) = (unsigned char)( psk_len >> 8 );
- *(p++) = (unsigned char)( psk_len );
+ p = mbedtls_platform_put_uint16_be( p, psk_len );
if( end < p || (size_t)( end - p ) < psk_len )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
@@ -2153,8 +2152,7 @@
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_calc_secret", ret );
return( ret );
}
- *(p++) = (unsigned char)( len >> 8 );
- *(p++) = (unsigned char)( len );
+ p = mbedtls_platform_put_uint16_be( p, len );
p += len;
MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: K ", &ssl->handshake->dhm_ctx.K );
@@ -2194,10 +2192,8 @@
MBEDTLS_DEBUG_ECDH_Z );
#endif /* MBEDTLS_USE_TINYCRYPT */
- *(p++) = (unsigned char)( zlen >> 8 );
- *(p++) = (unsigned char)( zlen );
+ p = mbedtls_platform_put_uint16_be( p, zlen );
p += zlen;
-
}
else
#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
@@ -2210,8 +2206,7 @@
if( end - p < 2 )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
- *(p++) = (unsigned char)( psk_len >> 8 );
- *(p++) = (unsigned char)( psk_len );
+ p = mbedtls_platform_put_uint16_be( p, psk_len );
if( end < p || (size_t)( end - p ) < psk_len )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
@@ -2249,9 +2244,8 @@
padlen = 40;
memcpy( header, ctr, 8 );
- header[ 8] = (unsigned char) type;
- header[ 9] = (unsigned char)( len >> 8 );
- header[10] = (unsigned char)( len );
+ header[8] = (unsigned char) type;
+ (void)mbedtls_platform_put_uint16_be( &header[9], len );
memset( padding, 0x36, padlen );
mbedtls_md_starts( md_ctx );
@@ -2403,15 +2397,14 @@
{
memcpy( add_data + 11, rec->cid, rec->cid_len );
add_data[11 + rec->cid_len + 0] = rec->cid_len;
- add_data[11 + rec->cid_len + 1] = ( rec->data_len >> 8 ) & 0xFF;
- add_data[11 + rec->cid_len + 2] = ( rec->data_len >> 0 ) & 0xFF;
+ (void)mbedtls_platform_put_uint16_be( &add_data[11 + rec->cid_len + 1],
+ rec->data_len );
*add_data_len = 13 + 1 + rec->cid_len;
}
else
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
{
- add_data[11 + 0] = ( rec->data_len >> 8 ) & 0xFF;
- add_data[11 + 1] = ( rec->data_len >> 0 ) & 0xFF;
+ (void)mbedtls_platform_put_uint16_be( &add_data[11], rec->data_len );
*add_data_len = 13;
}
}
@@ -4168,13 +4161,9 @@
* Handshake headers: type(1) len(3) seq(2) f_off(3) f_len(3) */
memcpy( ssl->out_msg, cur->p, 6 );
- ssl->out_msg[6] = ( ( frag_off >> 16 ) & 0xff );
- ssl->out_msg[7] = ( ( frag_off >> 8 ) & 0xff );
- ssl->out_msg[8] = ( ( frag_off ) & 0xff );
-
- ssl->out_msg[ 9] = ( ( cur_hs_frag_len >> 16 ) & 0xff );
- ssl->out_msg[10] = ( ( cur_hs_frag_len >> 8 ) & 0xff );
- ssl->out_msg[11] = ( ( cur_hs_frag_len ) & 0xff );
+ (void)mbedtls_platform_put_uint24_be( &ssl->out_msg[6], frag_off );
+ (void)mbedtls_platform_put_uint24_be( &ssl->out_msg[9],
+ cur_hs_frag_len );
MBEDTLS_SSL_DEBUG_BUF( 3, "handshake header", ssl->out_msg, 12 );
@@ -4371,9 +4360,7 @@
*/
if( ssl->out_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE )
{
- ssl->out_msg[1] = (unsigned char)( hs_len >> 16 );
- ssl->out_msg[2] = (unsigned char)( hs_len >> 8 );
- ssl->out_msg[3] = (unsigned char)( hs_len );
+ (void)mbedtls_platform_put_uint24_be( &ssl->out_msg[1], hs_len );
/*
* DTLS has additional fields in the Handshake layer,
@@ -4401,8 +4388,8 @@
/* Write message_seq and update it, except for HelloRequest */
if( hs_type != MBEDTLS_SSL_HS_HELLO_REQUEST )
{
- ssl->out_msg[4] = ( ssl->handshake->out_msg_seq >> 8 ) & 0xFF;
- ssl->out_msg[5] = ( ssl->handshake->out_msg_seq ) & 0xFF;
+ (void)mbedtls_platform_put_uint16_be( &ssl->out_msg[4],
+ ssl->handshake->out_msg_seq );
++( ssl->handshake->out_msg_seq );
}
else
@@ -4513,8 +4500,7 @@
ssl->conf->transport, ssl->out_hdr + 1 );
memcpy( ssl->out_ctr, ssl->cur_out_ctr, 8 );
- ssl->out_len[0] = (unsigned char)( len >> 8 );
- ssl->out_len[1] = (unsigned char)( len );
+ (void)mbedtls_platform_put_uint16_be( ssl->out_len, len );
if( ssl->transform_out != NULL )
{
@@ -4557,8 +4543,7 @@
memcpy( ssl->out_cid, rec.cid, rec.cid_len );
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
ssl->out_msglen = len = rec.data_len;
- ssl->out_len[0] = (unsigned char)( rec.data_len >> 8 );
- ssl->out_len[1] = (unsigned char)( rec.data_len );
+ (void)mbedtls_platform_put_uint16_be( ssl->out_len, rec.data_len );
}
protected_record_size = len + mbedtls_ssl_out_hdr_len( ssl );
@@ -4659,16 +4644,12 @@
static uint32_t ssl_get_hs_frag_len( mbedtls_ssl_context const *ssl )
{
- return( ( ssl->in_msg[9] << 16 ) |
- ( ssl->in_msg[10] << 8 ) |
- ssl->in_msg[11] );
+ return( (uint32_t)mbedtls_platform_get_uint24_be( &ssl->in_msg[9] ) );
}
static uint32_t ssl_get_hs_frag_off( mbedtls_ssl_context const *ssl )
{
- return( ( ssl->in_msg[6] << 16 ) |
- ( ssl->in_msg[7] << 8 ) |
- ssl->in_msg[8] );
+ return( (uint32_t)mbedtls_platform_get_uint24_be( &ssl->in_msg[6] ) );
}
static int ssl_check_hs_header( mbedtls_ssl_context const *ssl )
@@ -4771,9 +4752,7 @@
static uint32_t ssl_get_hs_total_len( mbedtls_ssl_context const *ssl )
{
- return( ( ssl->in_msg[1] << 16 ) |
- ( ssl->in_msg[2] << 8 ) |
- ssl->in_msg[3] );
+ return( (uint32_t)mbedtls_platform_get_uint24_be( &ssl->in_msg[1] ) );
}
int mbedtls_ssl_prepare_handshake_record( mbedtls_ssl_context *ssl )
@@ -4795,7 +4774,8 @@
if( MBEDTLS_SSL_TRANSPORT_IS_DTLS( ssl->conf->transport ) )
{
int ret;
- unsigned int recv_msg_seq = ( ssl->in_msg[4] << 8 ) | ssl->in_msg[5];
+ unsigned int recv_msg_seq = (unsigned int)
+ mbedtls_platform_get_uint16_be( &ssl->in_msg[4] );
if( ssl_check_hs_header( ssl ) != 0 )
{
@@ -5122,12 +5102,12 @@
/* Go back and fill length fields */
obuf[27] = (unsigned char)( *olen - 28 );
- obuf[14] = obuf[22] = (unsigned char)( ( *olen - 25 ) >> 16 );
- obuf[15] = obuf[23] = (unsigned char)( ( *olen - 25 ) >> 8 );
- obuf[16] = obuf[24] = (unsigned char)( ( *olen - 25 ) );
+ (void)mbedtls_platform_put_uint24_be( &obuf[14], ( *olen - 25 ) );
+ obuf[22] = obuf[14];
+ obuf[23] = obuf[15];
+ obuf[24] = obuf[16];
- obuf[11] = (unsigned char)( ( *olen - 13 ) >> 8 );
- obuf[12] = (unsigned char)( ( *olen - 13 ) );
+ (void)mbedtls_platform_put_uint16_be( &obuf[11], ( *olen - 13 ) );
return( MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED );
}
@@ -5390,8 +5370,7 @@
*/
rec->data_offset = rec_hdr_len_offset + rec_hdr_len_len;
- rec->data_len = ( (size_t) buf[ rec_hdr_len_offset + 0 ] << 8 ) |
- ( (size_t) buf[ rec_hdr_len_offset + 1 ] << 0 );
+ rec->data_len = mbedtls_platform_get_uint16_be( &buf[rec_hdr_len_offset] );
MBEDTLS_SSL_DEBUG_BUF( 4, "input record header", buf, rec->data_offset );
MBEDTLS_SSL_DEBUG_MSG( 3, ( "input record: msgtype = %d, "
@@ -5420,7 +5399,7 @@
#if defined(MBEDTLS_SSL_PROTO_DTLS)
if( MBEDTLS_SSL_TRANSPORT_IS_DTLS( ssl->conf->transport ) )
{
- rec_epoch = ( rec->ctr[0] << 8 ) | rec->ctr[1];
+ rec_epoch = (uint32_t)mbedtls_platform_get_uint16_be( rec->ctr );
/* Check that the datagram is large enough to contain a record
* of the advertised length. */
@@ -5470,7 +5449,8 @@
#if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) && defined(MBEDTLS_SSL_SRV_C)
static int ssl_check_client_reconnect( mbedtls_ssl_context *ssl )
{
- unsigned int rec_epoch = ( ssl->in_ctr[0] << 8 ) | ssl->in_ctr[1];
+ unsigned int rec_epoch = (unsigned int)
+ mbedtls_platform_get_uint16_be( &ssl->in_ctr[0] );
/*
* Check for an epoch 0 ClientHello. We can't use in_msg here to
@@ -5817,9 +5797,7 @@
if( ( hs_buf->is_valid == 1 ) && ( hs_buf->is_complete == 1 ) )
{
/* Synthesize a record containing the buffered HS message. */
- size_t msg_len = ( hs_buf->data[1] << 16 ) |
- ( hs_buf->data[2] << 8 ) |
- hs_buf->data[3];
+ size_t msg_len = mbedtls_platform_get_uint24_be( &hs_buf->data[1] );
/* Double-check that we haven't accidentally buffered
* a message that doesn't fit into the input buffer. */
@@ -5918,7 +5896,9 @@
case MBEDTLS_SSL_MSG_HANDSHAKE:
{
unsigned recv_msg_seq_offset;
- unsigned recv_msg_seq = ( ssl->in_msg[4] << 8 ) | ssl->in_msg[5];
+ unsigned recv_msg_seq = (unsigned)
+ mbedtls_platform_get_uint16_be( &ssl->in_msg[4] );
+
mbedtls_ssl_hs_buffer *hs_buf;
size_t msg_len = ssl->in_hslen - 12;
@@ -6516,8 +6496,7 @@
ssl->in_hdr[0] = rec.type;
ssl->in_msg = rec.buf + rec.data_offset;
ssl->in_msglen = rec.data_len;
- ssl->in_len[0] = (unsigned char)( rec.data_len >> 8 );
- ssl->in_len[1] = (unsigned char)( rec.data_len );
+ (void)mbedtls_platform_put_uint16_be( ssl->in_len, rec.data_len );
return( 0 );
}
@@ -6849,17 +6828,13 @@
return( MBEDTLS_ERR_SSL_CERTIFICATE_TOO_LARGE );
}
- ssl->out_msg[i ] = (unsigned char)( n >> 16 );
- ssl->out_msg[i + 1] = (unsigned char)( n >> 8 );
- ssl->out_msg[i + 2] = (unsigned char)( n );
+ (void)mbedtls_platform_put_uint24_be( &ssl->out_msg[i], n );
i += 3; memcpy( ssl->out_msg + i, crt->raw.p, n );
i += n; crt = crt->next;
}
- ssl->out_msg[4] = (unsigned char)( ( i - 7 ) >> 16 );
- ssl->out_msg[5] = (unsigned char)( ( i - 7 ) >> 8 );
- ssl->out_msg[6] = (unsigned char)( ( i - 7 ) );
+ (void)mbedtls_platform_put_uint24_be( &ssl->out_msg[4], ( i - 7 ) );
ssl->out_msglen = i;
ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE;
@@ -6969,7 +6944,7 @@
/*
* Same message structure as in mbedtls_ssl_write_certificate()
*/
- n = ( ssl->in_msg[i+1] << 8 ) | ssl->in_msg[i+2];
+ n = mbedtls_platform_get_uint16_be( &ssl->in_msg[i + 1] );
if( ssl->in_msg[i] != 0 ||
ssl->in_hslen != n + 3 + mbedtls_ssl_hs_hdr_len( ssl ) )
@@ -7004,8 +6979,7 @@
}
/* Read length of the next CRT in the chain. */
- n = ( (unsigned int) ssl->in_msg[i + 1] << 8 )
- | (unsigned int) ssl->in_msg[i + 2];
+ n = mbedtls_platform_get_uint16_be( &ssl->in_msg[i + 1] );
i += 3;
if( n < 128 || i + n > ssl->in_hslen )
@@ -9513,7 +9487,7 @@
if( mbedtls_ssl_conf_get_endpoint( ssl->conf ) == MBEDTLS_SSL_IS_CLIENT &&
( ssl->state == MBEDTLS_SSL_CLIENT_HELLO ||
ssl->state == MBEDTLS_SSL_SERVER_HELLO ) )
- return ( 0 );
+ return( 0 );
if( ssl->handshake == NULL || ssl->handshake->mtu == 0 )
return( ssl->mtu );
@@ -9825,8 +9799,7 @@
{
const int ciphersuite =
mbedtls_ssl_session_get_ciphersuite( session );
- *p++ = (unsigned char)( ( ciphersuite >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( ciphersuite ) & 0xFF );
+ p = mbedtls_platform_put_uint16_be( p, ciphersuite );
#if defined(MBEDTLS_ZLIB_SUPPORT)
*p++ = (unsigned char)(
@@ -9839,11 +9812,7 @@
memcpy( p, session->master, 48 );
p += 48;
-
- *p++ = (unsigned char)( ( session->verify_result >> 24 ) & 0xFF );
- *p++ = (unsigned char)( ( session->verify_result >> 16 ) & 0xFF );
- *p++ = (unsigned char)( ( session->verify_result >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( session->verify_result ) & 0xFF );
+ p = mbedtls_platform_put_uint32_be( p, session->verify_result );
}
/*
@@ -9860,9 +9829,7 @@
if( used <= buf_len )
{
- *p++ = (unsigned char)( ( cert_len >> 16 ) & 0xFF );
- *p++ = (unsigned char)( ( cert_len >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( cert_len ) & 0xFF );
+ p = mbedtls_platform_put_uint24_be( p, cert_len );
if( session->peer_cert != NULL )
{
@@ -9905,9 +9872,7 @@
if( used <= buf_len )
{
- *p++ = (unsigned char)( ( session->ticket_len >> 16 ) & 0xFF );
- *p++ = (unsigned char)( ( session->ticket_len >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( session->ticket_len ) & 0xFF );
+ p = mbedtls_platform_put_uint24_be( p, session->ticket_len );
if( session->ticket != NULL )
{
@@ -9915,10 +9880,7 @@
p += session->ticket_len;
}
- *p++ = (unsigned char)( ( session->ticket_lifetime >> 24 ) & 0xFF );
- *p++ = (unsigned char)( ( session->ticket_lifetime >> 16 ) & 0xFF );
- *p++ = (unsigned char)( ( session->ticket_lifetime >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( session->ticket_lifetime ) & 0xFF );
+ p = mbedtls_platform_put_uint32_be( p, session->ticket_lifetime );
}
#endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */
@@ -10053,7 +10015,7 @@
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
}
- ciphersuite = ( p[0] << 8 ) | p[1];
+ ciphersuite = (int)mbedtls_platform_get_uint16_be( p );
p += 2;
#if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE)
@@ -10077,10 +10039,7 @@
memcpy( session->master, p, 48 );
p += 48;
- session->verify_result = ( (uint32_t) p[0] << 24 ) |
- ( (uint32_t) p[1] << 16 ) |
- ( (uint32_t) p[2] << 8 ) |
- ( (uint32_t) p[3] );
+ session->verify_result = (uint32_t)mbedtls_platform_get_uint32_be( p );
p += 4;
/* Immediately clear invalid pointer values that have been read, in case
@@ -10104,7 +10063,8 @@
if( 3 > (size_t)( end - p ) )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
- cert_len = ( p[0] << 16 ) | ( p[1] << 8 ) | p[2];
+ cert_len = mbedtls_platform_get_uint24_be( &p[0] );
+
p += 3;
if( cert_len == 0 )
@@ -10175,7 +10135,7 @@
if( 3 > (size_t)( end - p ) )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
- session->ticket_len = ( p[0] << 16 ) | ( p[1] << 8 ) | p[2];
+ session->ticket_len = mbedtls_platform_get_uint24_be( &p[0] );
p += 3;
if( session->ticket_len != 0 )
@@ -10194,10 +10154,7 @@
if( 4 > (size_t)( end - p ) )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
- session->ticket_lifetime = ( (uint32_t) p[0] << 24 ) |
- ( (uint32_t) p[1] << 16 ) |
- ( (uint32_t) p[2] << 8 ) |
- ( (uint32_t) p[3] );
+ session->ticket_lifetime = (uint32_t)mbedtls_platform_get_uint32_be( p );
p += 4;
#endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */
@@ -11307,10 +11264,7 @@
used += 4 + session_len;
if( used <= buf_len )
{
- *p++ = (unsigned char)( ( session_len >> 24 ) & 0xFF );
- *p++ = (unsigned char)( ( session_len >> 16 ) & 0xFF );
- *p++ = (unsigned char)( ( session_len >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( session_len ) & 0xFF );
+ p = mbedtls_platform_put_uint32_be( p, session_len );
ret = ssl_session_save( ssl->session, 1,
p, session_len, &session_len );
@@ -11352,10 +11306,7 @@
used += 4;
if( used <= buf_len )
{
- *p++ = (unsigned char)( ( ssl->badmac_seen >> 24 ) & 0xFF );
- *p++ = (unsigned char)( ( ssl->badmac_seen >> 16 ) & 0xFF );
- *p++ = (unsigned char)( ( ssl->badmac_seen >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( ssl->badmac_seen ) & 0xFF );
+ p = mbedtls_platform_put_uint32_be( p, ssl->badmac_seen );
}
#endif /* MBEDTLS_SSL_DTLS_BADMAC_LIMIT */
@@ -11402,8 +11353,7 @@
used += 2;
if( used <= buf_len )
{
- *p++ = (unsigned char)( ( ssl->mtu >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( ssl->mtu ) & 0xFF );
+ p = mbedtls_platform_put_uint16_be( p, ssl->mtu );
}
#endif /* MBEDTLS_SSL_PROTO_DTLS */
@@ -11510,10 +11460,7 @@
if( (size_t)( end - p ) < 4 )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
- session_len = ( (size_t) p[0] << 24 ) |
- ( (size_t) p[1] << 16 ) |
- ( (size_t) p[2] << 8 ) |
- ( (size_t) p[3] );
+ session_len = mbedtls_platform_get_uint32_be( p );
p += 4;
/* This has been allocated by ssl_handshake_init(), called by
@@ -11602,10 +11549,7 @@
if( (size_t)( end - p ) < 4 )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
- ssl->badmac_seen = ( (uint32_t) p[0] << 24 ) |
- ( (uint32_t) p[1] << 16 ) |
- ( (uint32_t) p[2] << 8 ) |
- ( (uint32_t) p[3] );
+ ssl->badmac_seen = (unsigned)mbedtls_platform_get_uint32_be( p );
p += 4;
#endif /* MBEDTLS_SSL_DTLS_BADMAC_LIMIT */
@@ -11650,8 +11594,7 @@
#if defined(MBEDTLS_SSL_PROTO_DTLS)
if( (size_t)( end - p ) < 2 )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
- ssl->mtu = ( p[0] << 8 ) | p[1];
+ ssl->mtu = (uint16_t)mbedtls_platform_get_uint16_be( p );
p += 2;
#endif /* MBEDTLS_SSL_PROTO_DTLS */