Add structure representing TLS records
This commit adds a structure `mbedtls_record` whose instances represent (D)TLS records. This structure will be used in the subsequent adaptions of the record encryption and decryption routines `ssl_decrypt_buf` and `ssl_encrypt_buf`, which currently take the entire SSL context as input, but should only use the record to be acted on as well as the record transformation to use.
This commit is contained in:
parent
34f88afdf1
commit
12a3a86b2d
@ -504,6 +504,42 @@ struct mbedtls_ssl_transform
|
|||||||
#endif
|
#endif
|
||||||
};
|
};
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Internal representation of record frames
|
||||||
|
*
|
||||||
|
* The header layout is chosen to facilitate the computation of
|
||||||
|
* authentication tags which often use the header bytes laid out
|
||||||
|
* exactly as in the struct; note that it does not match what's
|
||||||
|
* transferred on the wire.
|
||||||
|
*
|
||||||
|
* Instances come in two flavors:
|
||||||
|
* (1) Encrypted
|
||||||
|
* These always have data_offset = 0
|
||||||
|
* (2) Unencrypted
|
||||||
|
* These have data_offset set to the length of the
|
||||||
|
* fixed part of the IV used for encryption.
|
||||||
|
*
|
||||||
|
* The reason for the data_offset in the unencrypted case
|
||||||
|
* is to allow for in-place conversion of an unencrypted to
|
||||||
|
* an encrypted record. If the offset wasn't included, the
|
||||||
|
* encrypted content would need to be shifted afterwards to
|
||||||
|
* make space for the fixed IV.
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
typedef struct
|
||||||
|
{
|
||||||
|
uint8_t ctr[8]; /*!< Record sequence number */
|
||||||
|
uint8_t type; /*!< Record type */
|
||||||
|
uint8_t ver[2]; /*!< SSL/TLS version */
|
||||||
|
uint8_t len[2]; /*!< Content length, little endian */
|
||||||
|
|
||||||
|
unsigned char *buf; /*!< Memory buffer enclosing the record content */
|
||||||
|
size_t buf_len; /*!< Buffer length */
|
||||||
|
size_t data_offset; /*!< Offset of record content */
|
||||||
|
size_t data_len; /*!< Length of record content */
|
||||||
|
|
||||||
|
} mbedtls_record;
|
||||||
|
|
||||||
#if defined(MBEDTLS_X509_CRT_PARSE_C)
|
#if defined(MBEDTLS_X509_CRT_PARSE_C)
|
||||||
/*
|
/*
|
||||||
* List of certificate + private key pairs
|
* List of certificate + private key pairs
|
||||||
|
Loading…
Reference in New Issue
Block a user