ktls_allocate_write_buffers,
ktls_initialise_write_packets,
NULL,
- ktls_prepare_record_header
+ ktls_prepare_record_header,
+ NULL
};
const OSSL_RECORD_METHOD ossl_ktls_record_method = {
OSSL_RECORD_TEMPLATE *templ,
unsigned int rectype,
unsigned char **recdata);
+
+ int (*add_record_padding)(OSSL_RECORD_LAYER *rl,
+ OSSL_RECORD_TEMPLATE *thistempl,
+ WPACKET *thispkt,
+ SSL3_RECORD *thiswr);
};
struct ossl_record_layer_st
tls1_allocate_write_buffers,
tls1_initialise_write_packets,
NULL,
- tls_prepare_record_header_default
+ tls_prepare_record_header_default,
+ NULL
};
return SSL3_RT_APPLICATION_DATA;
}
+static int tls13_add_record_padding(OSSL_RECORD_LAYER *rl,
+ OSSL_RECORD_TEMPLATE *thistempl,
+ WPACKET *thispkt,
+ SSL3_RECORD *thiswr)
+{
+ size_t rlen;
+
+ /* Nothing to be done in the case of a plaintext alert */
+ if (rl->allow_plain_alerts && thistempl->type != SSL3_RT_ALERT)
+ return 1;
+
+ if (!WPACKET_put_bytes_u8(thispkt, thistempl->type)) {
+ RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
+ return 0;
+ }
+ SSL3_RECORD_add_length(thiswr, 1);
+
+ /* Add TLS1.3 padding */
+ rlen = SSL3_RECORD_get_length(thiswr);
+ if (rlen < rl->max_frag_len) {
+ size_t padding = 0;
+ size_t max_padding = rl->max_frag_len - rlen;
+
+ if (rl->padding != NULL) {
+ padding = rl->padding(rl->cbarg, thistempl->type, rlen);
+ } else if (rl->block_padding > 0) {
+ size_t mask = rl->block_padding - 1;
+ size_t remainder;
+
+ /* optimize for power of 2 */
+ if ((rl->block_padding & mask) == 0)
+ remainder = rlen & mask;
+ else
+ remainder = rlen % rl->block_padding;
+ /* don't want to add a block of padding if we don't have to */
+ if (remainder == 0)
+ padding = 0;
+ else
+ padding = rl->block_padding - remainder;
+ }
+ if (padding > 0) {
+ /* do not allow the record to exceed max plaintext length */
+ if (padding > max_padding)
+ padding = max_padding;
+ if (!WPACKET_memset(thispkt, 0, padding)) {
+ RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR,
+ ERR_R_INTERNAL_ERROR);
+ return 0;
+ }
+ SSL3_RECORD_add_length(thiswr, padding);
+ }
+ }
+
+ return 1;
+}
+
struct record_functions_st tls_1_3_funcs = {
tls13_set_crypto_state,
tls13_cipher,
tls_allocate_write_buffers_default,
tls_initialise_write_packets_default,
tls13_get_record_type,
- tls_prepare_record_header_default
+ tls_prepare_record_header_default,
+ tls13_add_record_padding
};
tls1_allocate_write_buffers,
tls1_initialise_write_packets,
NULL,
- tls_prepare_record_header_default
+ tls_prepare_record_header_default,
+ NULL
};
struct record_functions_st dtls_1_funcs = {
NULL,
NULL,
NULL,
+ NULL,
NULL
};
if (!rl->funcs->prepare_record_header(rl, thispkt, thistempl, rectype,
&compressdata)) {
- RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
+ /* RLAYERfatal() already called */
goto err;
}
SSL3_RECORD_reset_input(&wr[j]);
}
- if (rl->version == TLS1_3_VERSION
- && !using_ktls
- && rl->enc_ctx != NULL
- && (!rl->allow_plain_alerts
- || thistempl->type != SSL3_RT_ALERT)) {
- size_t rlen;
-
- if (!WPACKET_put_bytes_u8(thispkt, thistempl->type)) {
- RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
- goto err;
- }
- SSL3_RECORD_add_length(thiswr, 1);
-
- /* Add TLS1.3 padding */
- rlen = SSL3_RECORD_get_length(thiswr);
- if (rlen < rl->max_frag_len) {
- size_t padding = 0;
- size_t max_padding = rl->max_frag_len - rlen;
-
- if (rl->padding != NULL) {
- padding = rl->padding(rl->cbarg, thistempl->type, rlen);
- } else if (rl->block_padding > 0) {
- size_t mask = rl->block_padding - 1;
- size_t remainder;
-
- /* optimize for power of 2 */
- if ((rl->block_padding & mask) == 0)
- remainder = rlen & mask;
- else
- remainder = rlen % rl->block_padding;
- /* don't want to add a block of padding if we don't have to */
- if (remainder == 0)
- padding = 0;
- else
- padding = rl->block_padding - remainder;
- }
- if (padding > 0) {
- /* do not allow the record to exceed max plaintext length */
- if (padding > max_padding)
- padding = max_padding;
- if (!WPACKET_memset(thispkt, 0, padding)) {
- RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR,
- ERR_R_INTERNAL_ERROR);
- goto err;
- }
- SSL3_RECORD_add_length(thiswr, padding);
- }
- }
+ if (rl->funcs->add_record_padding != NULL
+ && !rl->funcs->add_record_padding(rl, thistempl, thispkt,
+ thiswr)) {
+ /* RLAYERfatal() already called */
+ goto err;
}
/*
tls_allocate_write_buffers_default,
tls_initialise_write_packets_default,
NULL,
- tls_prepare_record_header_default
+ tls_prepare_record_header_default,
+ NULL
};
static int dtls_any_set_protocol_version(OSSL_RECORD_LAYER *rl, int vers)
NULL,
NULL,
NULL,
+ NULL,
NULL
};
projects / thirdparty / openssl.git / commitdiff
