TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls.git / db084d16ea71e32312b3442ab3a5b523a8dfa7a3 / . / library / mps_reader.c
blob: dc2a91cbcee7acd55bfc1efb669adaffe5786896 [file] [log] [blame]
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]1/*
2 * Message Processing Stack, Reader implementation
3 *
4 * Copyright The Mbed TLS Contributors
5 * SPDX-License-Identifier: Apache-2.0
6 *
7 * Licensed under the Apache License, Version 2.0 (the "License"); you may
8 * not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
10 *
11 * http://www.apache.org/licenses/LICENSE-2.0
12 *
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
15 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 *
19 * This file is part of Mbed TLS (https://tls.mbed.org)
20 */
21
Hanno Becker43c8f8c2021-03-05 05:16:45 +0000[diff] [blame]22#include "common.h"
23
Ronald Cron6f135e12021-12-08 16:57:54 +0100[diff] [blame]24#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
Hanno Becker43c8f8c2021-03-05 05:16:45 +0000[diff] [blame]25
Hanno Beckerc518c3b2021-01-28 07:08:08 +0000[diff] [blame]26#include "mps_reader.h"
27#include "mps_common.h"
28#include "mps_trace.h"
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]29
30#include <string.h>
31
Hanno Becker984fbde2021-01-28 09:02:18 +0000[diff] [blame]32#if defined(MBEDTLS_MPS_ENABLE_TRACE)
33static int mbedtls_mps_trace_id = MBEDTLS_MPS_TRACE_BIT_READER;
34#endif /* MBEDTLS_MPS_ENABLE_TRACE */
Hanno Beckerb9100162021-01-12 09:46:03 +0000[diff] [blame]35
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]36/*
37 * GENERAL NOTE ON CODING STYLE
38 *
39 * The following code intentionally separates memory loads
40 * and stores from other operations (arithmetic or branches).
41 * This leads to the introduction of many local variables
42 * and significantly increases the C-code line count, but
43 * should not increase the size of generated assembly.
44 *
Hanno Beckerfea81b32021-02-22 15:18:11 +0000[diff] [blame]45 * The reason for this is twofold:
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]46 * (1) It will ease verification efforts using the VST
Hanno Beckerfea81b32021-02-22 15:18:11 +0000[diff] [blame]47 * (Verified Software Toolchain)
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]48 * whose program logic cannot directly reason
49 * about instructions containing a load or store in
50 * addition to other operations (e.g. *p = *q or
51 * tmp = *p + 42).
52 * (2) Operating on local variables and writing the results
53 * back to the target contexts on success only
54 * allows to maintain structure invariants even
55 * on failure - this in turn has two benefits:
56 * (2.a) If for some reason an error code is not caught
57 * and operation continues, functions are nonetheless
58 * called with sane contexts, reducing the risk
59 * of dangerous behavior.
60 * (2.b) Randomized testing is easier if structures
61 * remain intact even in the face of failing
62 * and/or non-sensical calls.
63 * Moreover, it might even reduce code-size because
64 * the compiler need not write back temporary results
65 * to memory in case of failure.
66 *
67 */
68
Hanno Beckerf81e41f2021-02-08 08:04:01 +0000[diff] [blame]69static inline int mps_reader_is_accumulating(
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]70 mbedtls_mps_reader const *rd)
Hanno Beckerf81e41f2021-02-08 08:04:01 +0000[diff] [blame]71{
Hanno Becker1682a8b2021-02-22 16:38:56 +0000[diff] [blame]72 mbedtls_mps_size_t acc_remaining;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]73 if (rd->acc == NULL) {
74 return 0;
75 }
Hanno Beckerf81e41f2021-02-08 08:04:01 +0000[diff] [blame]76
Hanno Becker1682a8b2021-02-22 16:38:56 +0000[diff] [blame]77 acc_remaining = rd->acc_share.acc_remaining;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]78 return acc_remaining > 0;
Hanno Beckerf81e41f2021-02-08 08:04:01 +0000[diff] [blame]79}
80
81static inline int mps_reader_is_producing(
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]82 mbedtls_mps_reader const *rd)
Hanno Beckerf81e41f2021-02-08 08:04:01 +0000[diff] [blame]83{
84 unsigned char *frag = rd->frag;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]85 return frag == NULL;
Hanno Beckerf81e41f2021-02-08 08:04:01 +0000[diff] [blame]86}
87
88static inline int mps_reader_is_consuming(
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]89 mbedtls_mps_reader const *rd)
Hanno Beckerf81e41f2021-02-08 08:04:01 +0000[diff] [blame]90{
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]91 return !mps_reader_is_producing(rd);
Hanno Beckerf81e41f2021-02-08 08:04:01 +0000[diff] [blame]92}
93
94static inline mbedtls_mps_size_t mps_reader_get_fragment_offset(
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]95 mbedtls_mps_reader const *rd)
Hanno Beckerf81e41f2021-02-08 08:04:01 +0000[diff] [blame]96{
97 unsigned char *acc = rd->acc;
Hanno Becker1682a8b2021-02-22 16:38:56 +0000[diff] [blame]98 mbedtls_mps_size_t frag_offset;
Hanno Beckerf81e41f2021-02-08 08:04:01 +0000[diff] [blame]99
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]100 if (acc == NULL) {
101 return 0;
102 }
Hanno Beckerf81e41f2021-02-08 08:04:01 +0000[diff] [blame]103
Hanno Becker1682a8b2021-02-22 16:38:56 +0000[diff] [blame]104 frag_offset = rd->acc_share.frag_offset;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]105 return frag_offset;
Hanno Beckerf81e41f2021-02-08 08:04:01 +0000[diff] [blame]106}
107
108static inline mbedtls_mps_size_t mps_reader_serving_from_accumulator(
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]109 mbedtls_mps_reader const *rd)
Hanno Beckerf81e41f2021-02-08 08:04:01 +0000[diff] [blame]110{
Hanno Becker1682a8b2021-02-22 16:38:56 +0000[diff] [blame]111 mbedtls_mps_size_t frag_offset, end;
Hanno Beckerf81e41f2021-02-08 08:04:01 +0000[diff] [blame]112
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]113 frag_offset = mps_reader_get_fragment_offset(rd);
Hanno Beckerf81e41f2021-02-08 08:04:01 +0000[diff] [blame]114 end = rd->end;
115
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]116 return end < frag_offset;
Hanno Beckerf81e41f2021-02-08 08:04:01 +0000[diff] [blame]117}
118
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]119static inline void mps_reader_zero(mbedtls_mps_reader *rd)
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]120{
121 /* A plain memset() would likely be more efficient,
122 * but the current way of zeroing makes it harder
123 * to overlook fields which should not be zero-initialized.
Hanno Becker0bea62f2021-02-08 07:54:19 +0000[diff] [blame]124 * It's also more suitable for FV efforts since it
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]125 * doesn't require reasoning about structs being
126 * interpreted as unstructured binary blobs. */
Hanno Becker88993962021-01-28 09:45:47 +0000[diff] [blame]127 static mbedtls_mps_reader const zero =
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]128 { .frag = NULL,
129 .frag_len = 0,
130 .commit = 0,
131 .end = 0,
132 .pending = 0,
133 .acc = NULL,
134 .acc_len = 0,
135 .acc_available = 0,
136 .acc_share = { .acc_remaining = 0 } };
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]137 *rd = zero;
138}
139
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]140int mbedtls_mps_reader_init(mbedtls_mps_reader *rd,
141 unsigned char *acc,
142 mbedtls_mps_size_t acc_len)
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]143{
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]144 MBEDTLS_MPS_TRACE_INIT("mbedtls_mps_reader_init");
145 MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT,
146 "* Accumulator size: %u bytes", (unsigned) acc_len);
147 mps_reader_zero(rd);
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]148 rd->acc = acc;
149 rd->acc_len = acc_len;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]150 MBEDTLS_MPS_TRACE_RETURN(0);
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]151}
152
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]153int mbedtls_mps_reader_free(mbedtls_mps_reader *rd)
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]154{
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]155 MBEDTLS_MPS_TRACE_INIT("mbedtls_mps_reader_free");
156 mps_reader_zero(rd);
157 MBEDTLS_MPS_TRACE_RETURN(0);
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]158}
159
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]160int mbedtls_mps_reader_feed(mbedtls_mps_reader *rd,
161 unsigned char *new_frag,
162 mbedtls_mps_size_t new_frag_len)
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]163{
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]164 mbedtls_mps_size_t copy_to_acc;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]165 MBEDTLS_MPS_TRACE_INIT("mbedtls_mps_reader_feed");
166 MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT,
167 "* Fragment length: %u bytes", (unsigned) new_frag_len);
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]168
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]169 if (new_frag == NULL) {
170 MBEDTLS_MPS_TRACE_RETURN(MBEDTLS_ERR_MPS_READER_INVALID_ARG);
171 }
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]172
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]173 MBEDTLS_MPS_STATE_VALIDATE_RAW(mps_reader_is_producing(
174 rd),
175 "mbedtls_mps_reader_feed() requires reader to be in producing mode");
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]176
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]177 if (mps_reader_is_accumulating(rd)) {
Hanno Beckerf81e41f2021-02-08 08:04:01 +0000[diff] [blame]178 unsigned char *acc = rd->acc;
Hanno Becker032b3522021-03-08 16:23:26 +0000[diff] [blame]179 mbedtls_mps_size_t acc_remaining = rd->acc_share.acc_remaining;
180 mbedtls_mps_size_t acc_available = rd->acc_available;
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]181
Hanno Beckerf81e41f2021-02-08 08:04:01 +0000[diff] [blame]182 /* Skip over parts of the accumulator that have already been filled. */
Hanno Becker032b3522021-03-08 16:23:26 +0000[diff] [blame]183 acc += acc_available;
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]184
Hanno Becker032b3522021-03-08 16:23:26 +0000[diff] [blame]185 copy_to_acc = acc_remaining;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]186 if (copy_to_acc > new_frag_len) {
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]187 copy_to_acc = new_frag_len;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]188 }
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]189
Hanno Beckerf81e41f2021-02-08 08:04:01 +0000[diff] [blame]190 /* Copy new contents to accumulator. */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]191 memcpy(acc, new_frag, copy_to_acc);
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]192
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]193 MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT,
194 "Copy new data of size %u of %u into accumulator at offset %u",
195 (unsigned) copy_to_acc, (unsigned) new_frag_len,
196 (unsigned) acc_available);
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]197
198 /* Check if, with the new fragment, we have enough data. */
Hanno Becker032b3522021-03-08 16:23:26 +0000[diff] [blame]199 acc_remaining -= copy_to_acc;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]200 if (acc_remaining > 0) {
Hanno Beckerf81e41f2021-02-08 08:04:01 +0000[diff] [blame]201 /* We need to accumulate more data. Stay in producing mode. */
Hanno Becker032b3522021-03-08 16:23:26 +0000[diff] [blame]202 acc_available += copy_to_acc;
203 rd->acc_share.acc_remaining = acc_remaining;
204 rd->acc_available = acc_available;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]205 MBEDTLS_MPS_TRACE_RETURN(MBEDTLS_ERR_MPS_READER_NEED_MORE);
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]206 }
207
Hanno Beckerf81e41f2021-02-08 08:04:01 +0000[diff] [blame]208 /* We have filled the accumulator: Move to consuming mode. */
209
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]210 MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT,
211 "Enough data available to serve user request");
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]212
Hanno Beckerf81e41f2021-02-08 08:04:01 +0000[diff] [blame]213 /* Remember overlap of accumulator and fragment. */
Hanno Becker032b3522021-03-08 16:23:26 +0000[diff] [blame]214 rd->acc_share.frag_offset = acc_available;
215 acc_available += copy_to_acc;
216 rd->acc_available = acc_available;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]217 } else { /* Not accumulating */
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]218 rd->acc_share.frag_offset = 0;
219 }
220
221 rd->frag = new_frag;
222 rd->frag_len = new_frag_len;
223 rd->commit = 0;
224 rd->end = 0;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]225 MBEDTLS_MPS_TRACE_RETURN(0);
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]226}
227
228
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]229int mbedtls_mps_reader_get(mbedtls_mps_reader *rd,
230 mbedtls_mps_size_t desired,
231 unsigned char **buffer,
232 mbedtls_mps_size_t *buflen)
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]233{
Hanno Beckerf81e41f2021-02-08 08:04:01 +0000[diff] [blame]234 unsigned char *frag;
Hanno Becker1682a8b2021-02-22 16:38:56 +0000[diff] [blame]235 mbedtls_mps_size_t frag_len, frag_offset, end, frag_fetched, frag_remaining;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]236 MBEDTLS_MPS_TRACE_INIT("mbedtls_mps_reader_get");
237 MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT,
238 "* Bytes requested: %u", (unsigned) desired);
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]239
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]240 MBEDTLS_MPS_STATE_VALIDATE_RAW(mps_reader_is_consuming(
241 rd),
242 "mbedtls_mps_reader_get() requires reader to be in consuming mode");
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]243
Hanno Beckerf81e41f2021-02-08 08:04:01 +0000[diff] [blame]244 end = rd->end;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]245 frag_offset = mps_reader_get_fragment_offset(rd);
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]246
247 /* Check if we're still serving from the accumulator. */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]248 if (mps_reader_serving_from_accumulator(rd)) {
Hanno Becker77e4f482021-02-22 16:46:06 +0000[diff] [blame]249 /* Illustration of supported and unsupported cases:
250 *
251 * - Allowed #1
252 *
253 * +-----------------------------------+
254 * | frag |
255 * +-----------------------------------+
256 *
257 * end end+desired
258 * | |
259 * +-----v-------v-------------+
260 * | acc |
261 * +---------------------------+
262 * | |
Hanno Beckerecb02fb2021-03-26 19:20:49 +0000[diff] [blame]263 * frag_offset acc_available
Hanno Becker77e4f482021-02-22 16:46:06 +0000[diff] [blame]264 *
265 * - Allowed #2
266 *
267 * +-----------------------------------+
268 * | frag |
269 * +-----------------------------------+
270 *
271 * end end+desired
272 * | |
273 * +----------v----------------v
274 * | acc |
275 * +---------------------------+
276 * | |
Hanno Beckerecb02fb2021-03-26 19:20:49 +0000[diff] [blame]277 * frag_offset acc_available
Hanno Becker77e4f482021-02-22 16:46:06 +0000[diff] [blame]278 *
279 * - Not allowed #1 (could be served, but we don't actually use it):
280 *
281 * +-----------------------------------+
282 * | frag |
283 * +-----------------------------------+
284 *
285 * end end+desired
286 * | |
287 * +------v-------------v------+
288 * | acc |
289 * +---------------------------+
290 * | |
Hanno Beckerecb02fb2021-03-26 19:20:49 +0000[diff] [blame]291 * frag_offset acc_available
Hanno Becker77e4f482021-02-22 16:46:06 +0000[diff] [blame]292 *
293 *
294 * - Not allowed #2 (can't be served with a contiguous buffer):
295 *
296 * +-----------------------------------+
297 * | frag |
298 * +-----------------------------------+
299 *
300 * end end + desired
301 * | |
302 * +------v--------------------+ v
303 * | acc |
304 * +---------------------------+
305 * | |
Hanno Beckerecb02fb2021-03-26 19:20:49 +0000[diff] [blame]306 * frag_offset acc_available
Hanno Becker77e4f482021-02-22 16:46:06 +0000[diff] [blame]307 *
308 * In case of Allowed #2 we're switching to serve from
309 * `frag` starting from the next call to mbedtls_mps_reader_get().
310 */
311
Hanno Beckerf81e41f2021-02-08 08:04:01 +0000[diff] [blame]312 unsigned char *acc;
313
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]314 MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT,
315 "Serve the request from the accumulator");
316 if (frag_offset - end < desired) {
Hanno Becker1682a8b2021-02-22 16:38:56 +0000[diff] [blame]317 mbedtls_mps_size_t acc_available;
318 acc_available = rd->acc_available;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]319 if (acc_available - end != desired) {
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]320 /* It might be possible to serve some of these situations by
321 * making additional space in the accumulator, removing those
322 * parts that have already been committed.
323 * On the other hand, this brings additional complexity and
324 * enlarges the code size, while there doesn't seem to be a use
325 * case where we don't attempt exactly the same `get` calls when
326 * resuming on a reader than what we tried before pausing it.
327 * If we believe we adhere to this restricted usage throughout
328 * the library, this check is a good opportunity to
329 * validate this. */
Hanno Becker984fbde2021-01-28 09:02:18 +0000[diff] [blame]330 MBEDTLS_MPS_TRACE_RETURN(
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]331 MBEDTLS_ERR_MPS_READER_INCONSISTENT_REQUESTS);
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]332 }
333 }
334
Hanno Beckerf81e41f2021-02-08 08:04:01 +0000[diff] [blame]335 acc = rd->acc;
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]336 acc += end;
Hanno Beckerf81e41f2021-02-08 08:04:01 +0000[diff] [blame]337
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]338 *buffer = acc;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]339 if (buflen != NULL) {
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]340 *buflen = desired;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]341 }
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]342
343 end += desired;
344 rd->end = end;
345 rd->pending = 0;
346
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]347 MBEDTLS_MPS_TRACE_RETURN(0);
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]348 }
349
350 /* Attempt to serve the request from the current fragment */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]351 MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT,
352 "Serve the request from the current fragment.");
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]353
Hanno Becker1682a8b2021-02-22 16:38:56 +0000[diff] [blame]354 frag_len = rd->frag_len;
355 frag_fetched = end - frag_offset; /* The amount of data from the current
356 * fragment that has already been passed
357 * to the user. */
358 frag_remaining = frag_len - frag_fetched; /* Remaining data in fragment */
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]359
360 /* Check if we can serve the read request from the fragment. */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]361 if (frag_remaining < desired) {
362 MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT,
363 "There's not enough data in the current fragment "
364 "to serve the request.");
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]365 /* There's not enough data in the current fragment,
366 * so either just RETURN what we have or fail. */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]367 if (buflen == NULL) {
368 if (frag_remaining > 0) {
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]369 rd->pending = desired - frag_remaining;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]370 MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT,
371 "Remember to collect %u bytes before re-opening",
372 (unsigned) rd->pending);
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]373 }
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]374 MBEDTLS_MPS_TRACE_RETURN(MBEDTLS_ERR_MPS_READER_OUT_OF_DATA);
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]375 }
376
377 desired = frag_remaining;
378 }
379
380 /* There's enough data in the current fragment to serve the
381 * (potentially modified) read request. */
Hanno Beckerf81e41f2021-02-08 08:04:01 +0000[diff] [blame]382
383 frag = rd->frag;
384 frag += frag_fetched;
385
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]386 *buffer = frag;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]387 if (buflen != NULL) {
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]388 *buflen = desired;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]389 }
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]390
391 end += desired;
392 rd->end = end;
393 rd->pending = 0;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]394 MBEDTLS_MPS_TRACE_RETURN(0);
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]395}
396
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]397int mbedtls_mps_reader_commit(mbedtls_mps_reader *rd)
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]398{
Hanno Becker4f84e202021-02-08 06:54:30 +0000[diff] [blame]399 mbedtls_mps_size_t end;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]400 MBEDTLS_MPS_TRACE_INIT("mbedtls_mps_reader_commit");
401 MBEDTLS_MPS_STATE_VALIDATE_RAW(mps_reader_is_consuming(
402 rd),
403 "mbedtls_mps_reader_commit() requires reader to be in consuming mode");
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]404
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]405 end = rd->end;
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]406 rd->commit = end;
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]407
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]408 MBEDTLS_MPS_TRACE_RETURN(0);
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]409}
410
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]411int mbedtls_mps_reader_reclaim(mbedtls_mps_reader *rd,
412 int *paused)
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]413{
414 unsigned char *frag, *acc;
415 mbedtls_mps_size_t pending, commit;
Hanno Becker1682a8b2021-02-22 16:38:56 +0000[diff] [blame]416 mbedtls_mps_size_t acc_len, frag_offset, frag_len;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]417 MBEDTLS_MPS_TRACE_INIT("mbedtls_mps_reader_reclaim");
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]418
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]419 if (paused != NULL) {
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]420 *paused = 0;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]421 }
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]422
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]423 MBEDTLS_MPS_STATE_VALIDATE_RAW(mps_reader_is_consuming(
424 rd),
425 "mbedtls_mps_reader_reclaim() requires reader to be in consuming mode");
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]426
Hanno Becker1682a8b2021-02-22 16:38:56 +0000[diff] [blame]427 frag = rd->frag;
428 acc = rd->acc;
429 pending = rd->pending;
430 commit = rd->commit;
431 frag_len = rd->frag_len;
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]432
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]433 frag_offset = mps_reader_get_fragment_offset(rd);
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]434
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]435 if (pending == 0) {
436 MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT,
437 "No unsatisfied read-request has been logged.");
Hanno Becker4f84e202021-02-08 06:54:30 +0000[diff] [blame]438
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]439 /* Check if there's data left to be consumed. */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]440 if (commit < frag_offset || commit - frag_offset < frag_len) {
441 MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT,
442 "There is data left to be consumed.");
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]443 rd->end = commit;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]444 MBEDTLS_MPS_TRACE_RETURN(MBEDTLS_ERR_MPS_READER_DATA_LEFT);
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]445 }
Hanno Becker4f84e202021-02-08 06:54:30 +0000[diff] [blame]446
Hanno Beckerb1855432021-02-08 08:07:35 +0000[diff] [blame]447 rd->acc_available = 0;
Hanno Becker4f84e202021-02-08 06:54:30 +0000[diff] [blame]448 rd->acc_share.acc_remaining = 0;
449
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]450 MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT,
451 "Fragment has been fully processed and committed.");
452 } else {
Hanno Becker4f84e202021-02-08 06:54:30 +0000[diff] [blame]453 int overflow;
454
455 mbedtls_mps_size_t acc_backup_offset;
456 mbedtls_mps_size_t acc_backup_len;
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]457 mbedtls_mps_size_t frag_backup_offset;
458 mbedtls_mps_size_t frag_backup_len;
Hanno Becker4f84e202021-02-08 06:54:30 +0000[diff] [blame]459
460 mbedtls_mps_size_t backup_len;
461 mbedtls_mps_size_t acc_len_needed;
462
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]463 MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT,
464 "There has been an unsatisfied read with %u bytes overhead.",
465 (unsigned) pending);
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]466
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]467 if (acc == NULL) {
468 MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT,
469 "No accumulator present");
Hanno Becker984fbde2021-01-28 09:02:18 +0000[diff] [blame]470 MBEDTLS_MPS_TRACE_RETURN(
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]471 MBEDTLS_ERR_MPS_READER_NEED_ACCUMULATOR);
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]472 }
Hanno Becker1682a8b2021-02-22 16:38:56 +0000[diff] [blame]473 acc_len = rd->acc_len;
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]474
475 /* Check if the upper layer has already fetched
476 * and committed the contents of the accumulator. */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]477 if (commit < frag_offset) {
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]478 /* No, accumulator is still being processed. */
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]479 frag_backup_offset = 0;
Hanno Becker1682a8b2021-02-22 16:38:56 +0000[diff] [blame]480 frag_backup_len = frag_len;
Hanno Becker4f84e202021-02-08 06:54:30 +0000[diff] [blame]481 acc_backup_offset = commit;
Hanno Becker1682a8b2021-02-22 16:38:56 +0000[diff] [blame]482 acc_backup_len = frag_offset - commit;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]483 } else {
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]484 /* Yes, the accumulator is already processed. */
Hanno Becker1682a8b2021-02-22 16:38:56 +0000[diff] [blame]485 frag_backup_offset = commit - frag_offset;
486 frag_backup_len = frag_len - frag_backup_offset;
Hanno Becker4f84e202021-02-08 06:54:30 +0000[diff] [blame]487 acc_backup_offset = 0;
488 acc_backup_len = 0;
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]489 }
490
Hanno Becker4f84e202021-02-08 06:54:30 +0000[diff] [blame]491 backup_len = acc_backup_len + frag_backup_len;
492 acc_len_needed = backup_len + pending;
493
494 overflow = 0;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]495 overflow |= (backup_len < acc_backup_len);
496 overflow |= (acc_len_needed < backup_len);
Hanno Becker4f84e202021-02-08 06:54:30 +0000[diff] [blame]497
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]498 if (overflow || acc_len < acc_len_needed) {
Hanno Becker4f84e202021-02-08 06:54:30 +0000[diff] [blame]499 /* Except for the different return code, we behave as if
500 * there hadn't been a call to mbedtls_mps_reader_get()
501 * since the last commit. */
502 rd->end = commit;
503 rd->pending = 0;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]504 MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_ERROR,
505 "The accumulator is too small to handle the backup.");
506 MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_ERROR,
507 "* Size: %u", (unsigned) acc_len);
508 MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_ERROR,
509 "* Needed: %u (%u + %u)",
510 (unsigned) acc_len_needed,
511 (unsigned) backup_len, (unsigned) pending);
Hanno Becker4f84e202021-02-08 06:54:30 +0000[diff] [blame]512 MBEDTLS_MPS_TRACE_RETURN(
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]513 MBEDTLS_ERR_MPS_READER_ACCUMULATOR_TOO_SMALL);
Hanno Becker4f84e202021-02-08 06:54:30 +0000[diff] [blame]514 }
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]515
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]516 MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT,
517 "Fragment backup: %u", (unsigned) frag_backup_len);
518 MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT,
519 "Accumulator backup: %u", (unsigned) acc_backup_len);
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]520
Hanno Becker4f84e202021-02-08 06:54:30 +0000[diff] [blame]521 /* Move uncommitted parts from the accumulator to the front
522 * of the accumulator. */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]523 memmove(acc, acc + acc_backup_offset, acc_backup_len);
Hanno Becker4f84e202021-02-08 06:54:30 +0000[diff] [blame]524
Tom Cosgrove1797b052022-12-04 17:19:59 +0000[diff] [blame]525 /* Copy uncommitted parts of the current fragment to the
Hanno Becker4f84e202021-02-08 06:54:30 +0000[diff] [blame]526 * accumulator. */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]527 memcpy(acc + acc_backup_len,
528 frag + frag_backup_offset, frag_backup_len);
Hanno Becker4f84e202021-02-08 06:54:30 +0000[diff] [blame]529
Hanno Beckerb1855432021-02-08 08:07:35 +0000[diff] [blame]530 rd->acc_available = backup_len;
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]531 rd->acc_share.acc_remaining = pending;
532
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]533 if (paused != NULL) {
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]534 *paused = 1;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]535 }
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]536 }
537
538 rd->frag = NULL;
539 rd->frag_len = 0;
540
Hanno Becker4f84e202021-02-08 06:54:30 +0000[diff] [blame]541 rd->commit = 0;
542 rd->end = 0;
543 rd->pending = 0;
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]544
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]545 MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT,
546 "Final state: aa %u, al %u, ar %u",
547 (unsigned) rd->acc_available, (unsigned) rd->acc_len,
548 (unsigned) rd->acc_share.acc_remaining);
549 MBEDTLS_MPS_TRACE_RETURN(0);
Hanno Becker13cd7842021-01-12 07:08:33 +0000[diff] [blame]550}
Hanno Becker43c8f8c2021-03-05 05:16:45 +0000[diff] [blame]551
Ronald Cron6f135e12021-12-08 16:57:54 +0100[diff] [blame]552#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */