diff --git a/.github/workflows/ci_clang_format_check.yml b/.github/workflows/ci_clang_format_check.yml index 05c77bc76ae..71a86b5e6d8 100644 --- a/.github/workflows/ci_clang_format_check.yml +++ b/.github/workflows/ci_clang_format_check.yml @@ -22,7 +22,7 @@ jobs: - check: 'tests/unit' exclude: "s2n_[^3a-cd-kt-z].*\\.c" - check: 'tls' - exclude: "(tls\\/extensions)|(s2n_[a-h].*\\.[ch])" + exclude: '' - check: 'tls/extensions' exclude: '' - check: 'utils' diff --git a/tls/s2n_aead.c b/tls/s2n_aead.c index 16bbee133ba..61cbe78810d 100644 --- a/tls/s2n_aead.c +++ b/tls/s2n_aead.c @@ -14,16 +14,14 @@ */ #include "error/s2n_errno.h" - -#include "utils/s2n_safety.h" -#include "utils/s2n_mem.h" - #include "tls/s2n_connection.h" #include "tls/s2n_record.h" +#include "utils/s2n_mem.h" +#include "utils/s2n_safety.h" /* Derive the AAD for an AEAD mode cipher suite from the connection state, per * RFC 5246 section 6.2.3.3 */ -S2N_RESULT s2n_aead_aad_init(const struct s2n_connection *conn, uint8_t * sequence_number, uint8_t content_type, uint16_t record_length, struct s2n_blob *ad) +S2N_RESULT s2n_aead_aad_init(const struct s2n_connection *conn, uint8_t *sequence_number, uint8_t content_type, uint16_t record_length, struct s2n_blob *ad) { RESULT_ENSURE_REF(ad); RESULT_ENSURE_GTE(ad->size, S2N_TLS_MAX_AAD_LEN); @@ -34,7 +32,7 @@ S2N_RESULT s2n_aead_aad_init(const struct s2n_connection *conn, uint8_t * sequen /* ad = seq_num || record_type || version || length */ size_t idx = 0; - for(; idx < S2N_TLS_SEQUENCE_NUM_LEN; idx++) { + for (; idx < S2N_TLS_SEQUENCE_NUM_LEN; idx++) { data[idx] = sequence_number[idx]; } diff --git a/tls/s2n_alerts.c b/tls/s2n_alerts.c index 8431525276f..49fa3ffbe34 100644 --- a/tls/s2n_alerts.c +++ b/tls/s2n_alerts.c @@ -13,37 +13,36 @@ * permissions and limitations under the License. */ +#include "tls/s2n_alerts.h" + #include #include #include "error/s2n_errno.h" - -#include "tls/s2n_tls_parameters.h" #include "tls/s2n_connection.h" #include "tls/s2n_record.h" #include "tls/s2n_resume.h" -#include "tls/s2n_alerts.h" - -#include "utils/s2n_safety.h" +#include "tls/s2n_tls_parameters.h" #include "utils/s2n_blob.h" +#include "utils/s2n_safety.h" -#define S2N_TLS_ALERT_LEVEL_WARNING 1 -#define S2N_TLS_ALERT_LEVEL_FATAL 2 +#define S2N_TLS_ALERT_LEVEL_WARNING 1 +#define S2N_TLS_ALERT_LEVEL_FATAL 2 #define S2N_ALERT_CASE(error, alert_code) \ - case (error): \ - *alert = (alert_code); \ + case (error): \ + *alert = (alert_code); \ return S2N_RESULT_OK #define S2N_NO_ALERT(error) \ - case (error): \ + case (error): \ RESULT_BAIL(S2N_ERR_NO_ALERT) static S2N_RESULT s2n_translate_protocol_error_to_alert(int error_code, uint8_t *alert) { RESULT_ENSURE_REF(alert); - switch(error_code) { + switch (error_code) { S2N_ALERT_CASE(S2N_ERR_MISSING_EXTENSION, S2N_TLS_ALERT_MISSING_EXTENSION); /* TODO: The ERR_BAD_MESSAGE -> ALERT_UNEXPECTED_MESSAGE mapping @@ -179,7 +178,7 @@ int s2n_error_get_alert(int error, uint8_t *alert) POSIX_ENSURE_REF(alert); - switch(error_type) { + switch (error_type) { case S2N_ERR_T_OK: case S2N_ERR_T_CLOSED: case S2N_ERR_T_BLOCKED: @@ -219,7 +218,6 @@ int s2n_process_alert_fragment(struct s2n_connection *conn) POSIX_GUARD(s2n_stuffer_copy(&conn->in, &conn->alert_in, bytes_to_read)); if (s2n_stuffer_data_available(&conn->alert_in) == 2) { - /* Close notifications are handled as shutdowns */ if (conn->alert_in_data[1] == S2N_TLS_ALERT_CLOSE_NOTIFY) { conn->closed = 1; @@ -255,7 +253,7 @@ int s2n_queue_writer_close_alert_warning(struct s2n_connection *conn) alert[0] = S2N_TLS_ALERT_LEVEL_WARNING; alert[1] = S2N_TLS_ALERT_CLOSE_NOTIFY; - struct s2n_blob out = {.data = alert,.size = sizeof(alert) }; + struct s2n_blob out = { .data = alert, .size = sizeof(alert) }; /* If there is an alert pending or we've already sent a close_notify, do nothing */ if (s2n_stuffer_data_available(&conn->writer_alert_out) || conn->close_notify_queued) { @@ -280,7 +278,7 @@ static int s2n_queue_reader_alert(struct s2n_connection *conn, uint8_t level, ui alert[0] = level; alert[1] = error_code; - struct s2n_blob out = {.data = alert,.size = sizeof(alert) }; + struct s2n_blob out = { .data = alert, .size = sizeof(alert) }; /* If there is an alert pending, do nothing */ if (s2n_stuffer_data_available(&conn->reader_alert_out)) { diff --git a/tls/s2n_async_pkey.c b/tls/s2n_async_pkey.c index 1eb5611bd92..3010947086b 100644 --- a/tls/s2n_async_pkey.c +++ b/tls/s2n_async_pkey.c @@ -14,10 +14,10 @@ */ #include "tls/s2n_async_pkey.h" +#include "api/s2n.h" #include "crypto/s2n_hash.h" #include "crypto/s2n_signature.h" #include "error/s2n_errno.h" -#include "api/s2n.h" #include "tls/s2n_connection.h" #include "tls/s2n_handshake.h" #include "utils/s2n_blob.h" @@ -27,27 +27,27 @@ struct s2n_async_pkey_decrypt_data { s2n_async_pkey_decrypt_complete on_complete; - struct s2n_blob encrypted; - struct s2n_blob decrypted; - unsigned rsa_failed : 1; + struct s2n_blob encrypted; + struct s2n_blob decrypted; + unsigned rsa_failed : 1; }; struct s2n_async_pkey_sign_data { s2n_async_pkey_sign_complete on_complete; - struct s2n_hash_state digest; - s2n_signature_algorithm sig_alg; - struct s2n_blob signature; + struct s2n_hash_state digest; + s2n_signature_algorithm sig_alg; + struct s2n_blob signature; }; struct s2n_async_pkey_op { s2n_async_pkey_op_type type; struct s2n_connection *conn; s2n_async_pkey_validation_mode validation_mode; - unsigned complete : 1; - unsigned applied : 1; + unsigned complete : 1; + unsigned applied : 1; union { struct s2n_async_pkey_decrypt_data decrypt; - struct s2n_async_pkey_sign_data sign; + struct s2n_async_pkey_sign_data sign; } op; }; @@ -65,16 +65,16 @@ static S2N_RESULT s2n_async_get_actions(s2n_async_pkey_op_type type, const struc static S2N_RESULT s2n_async_pkey_op_allocate(struct s2n_async_pkey_op **op); static S2N_RESULT s2n_async_pkey_sign_async(struct s2n_connection *conn, s2n_signature_algorithm sig_alg, - struct s2n_hash_state *digest, s2n_async_pkey_sign_complete on_complete); + struct s2n_hash_state *digest, s2n_async_pkey_sign_complete on_complete); static S2N_RESULT s2n_async_pkey_sign_sync(struct s2n_connection *conn, s2n_signature_algorithm sig_alg, - struct s2n_hash_state *digest, s2n_async_pkey_sign_complete on_complete); + struct s2n_hash_state *digest, s2n_async_pkey_sign_complete on_complete); static S2N_RESULT s2n_async_pkey_decrypt_async(struct s2n_connection *conn, struct s2n_blob *encrypted, - struct s2n_blob * init_decrypted, - s2n_async_pkey_decrypt_complete on_complete); + struct s2n_blob *init_decrypted, + s2n_async_pkey_decrypt_complete on_complete); static S2N_RESULT s2n_async_pkey_decrypt_sync(struct s2n_connection *conn, struct s2n_blob *encrypted, - struct s2n_blob * init_decrypted, - s2n_async_pkey_decrypt_complete on_complete); + struct s2n_blob *init_decrypted, + s2n_async_pkey_decrypt_complete on_complete); static S2N_RESULT s2n_async_pkey_decrypt_perform(struct s2n_async_pkey_op *op, s2n_cert_private_key *pkey); static S2N_RESULT s2n_async_pkey_decrypt_apply(struct s2n_async_pkey_op *op, struct s2n_connection *conn); @@ -90,19 +90,23 @@ static S2N_RESULT s2n_async_pkey_get_input_sign(struct s2n_async_pkey_op *op, ui static S2N_RESULT s2n_async_pkey_op_set_output_sign(struct s2n_async_pkey_op *op, const uint8_t *data, uint32_t data_len); static S2N_RESULT s2n_async_pkey_sign_free(struct s2n_async_pkey_op *op); -static const struct s2n_async_pkey_op_actions s2n_async_pkey_decrypt_op = { .perform = &s2n_async_pkey_decrypt_perform, - .apply = &s2n_async_pkey_decrypt_apply, - .get_input_size = &s2n_async_pkey_get_input_size_decrypt, - .get_input = &s2n_async_pkey_get_input_decrypt, - .set_output = &s2n_async_pkey_op_set_output_decrypt, - .free = &s2n_async_pkey_decrypt_free }; +static const struct s2n_async_pkey_op_actions s2n_async_pkey_decrypt_op = { + .perform = &s2n_async_pkey_decrypt_perform, + .apply = &s2n_async_pkey_decrypt_apply, + .get_input_size = &s2n_async_pkey_get_input_size_decrypt, + .get_input = &s2n_async_pkey_get_input_decrypt, + .set_output = &s2n_async_pkey_op_set_output_decrypt, + .free = &s2n_async_pkey_decrypt_free +}; -static const struct s2n_async_pkey_op_actions s2n_async_pkey_sign_op = { .perform = &s2n_async_pkey_sign_perform, - .apply = &s2n_async_pkey_sign_apply, - .get_input_size = &s2n_async_pkey_get_input_size_sign, - .get_input = &s2n_async_pkey_get_input_sign, - .set_output = &s2n_async_pkey_op_set_output_sign, - .free = &s2n_async_pkey_sign_free }; +static const struct s2n_async_pkey_op_actions s2n_async_pkey_sign_op = { + .perform = &s2n_async_pkey_sign_perform, + .apply = &s2n_async_pkey_sign_apply, + .get_input_size = &s2n_async_pkey_get_input_size_sign, + .get_input = &s2n_async_pkey_get_input_sign, + .set_output = &s2n_async_pkey_op_set_output_sign, + .free = &s2n_async_pkey_sign_free +}; DEFINE_POINTER_CLEANUP_FUNC(struct s2n_async_pkey_op *, s2n_async_pkey_op_free); @@ -129,7 +133,7 @@ static S2N_RESULT s2n_async_pkey_op_allocate(struct s2n_async_pkey_op **op) RESULT_ENSURE(*op == NULL, S2N_ERR_SAFETY); /* allocate memory */ - DEFER_CLEANUP(struct s2n_blob mem = {0}, s2n_free); + DEFER_CLEANUP(struct s2n_blob mem = { 0 }, s2n_free); RESULT_GUARD_POSIX(s2n_alloc(&mem, sizeof(struct s2n_async_pkey_op))); RESULT_GUARD_POSIX(s2n_blob_zero(&mem)); @@ -142,7 +146,7 @@ static S2N_RESULT s2n_async_pkey_op_allocate(struct s2n_async_pkey_op **op) } S2N_RESULT s2n_async_pkey_decrypt(struct s2n_connection *conn, struct s2n_blob *encrypted, - struct s2n_blob *init_decrypted, s2n_async_pkey_decrypt_complete on_complete) + struct s2n_blob *init_decrypted, s2n_async_pkey_decrypt_complete on_complete) { RESULT_ENSURE_REF(conn); RESULT_ENSURE_REF(encrypted); @@ -184,7 +188,7 @@ S2N_RESULT s2n_async_cb_execute(struct s2n_connection *conn, struct s2n_async_pk } S2N_RESULT s2n_async_pkey_decrypt_async(struct s2n_connection *conn, struct s2n_blob *encrypted, - struct s2n_blob *init_decrypted, s2n_async_pkey_decrypt_complete on_complete) + struct s2n_blob *init_decrypted, s2n_async_pkey_decrypt_complete on_complete) { RESULT_ENSURE_REF(conn); RESULT_ENSURE_REF(encrypted); @@ -199,7 +203,7 @@ S2N_RESULT s2n_async_pkey_decrypt_async(struct s2n_connection *conn, struct s2n_ op->validation_mode = conn->config->async_pkey_validation_mode; struct s2n_async_pkey_decrypt_data *decrypt = &op->op.decrypt; - decrypt->on_complete = on_complete; + decrypt->on_complete = on_complete; RESULT_GUARD_POSIX(s2n_dup(encrypted, &decrypt->encrypted)); RESULT_GUARD_POSIX(s2n_dup(init_decrypted, &decrypt->decrypted)); @@ -209,7 +213,7 @@ S2N_RESULT s2n_async_pkey_decrypt_async(struct s2n_connection *conn, struct s2n_ } S2N_RESULT s2n_async_pkey_decrypt_sync(struct s2n_connection *conn, struct s2n_blob *encrypted, - struct s2n_blob *init_decrypted, s2n_async_pkey_decrypt_complete on_complete) + struct s2n_blob *init_decrypted, s2n_async_pkey_decrypt_complete on_complete) { RESULT_ENSURE_REF(conn); RESULT_ENSURE_REF(encrypted); @@ -225,7 +229,7 @@ S2N_RESULT s2n_async_pkey_decrypt_sync(struct s2n_connection *conn, struct s2n_b } S2N_RESULT s2n_async_pkey_sign(struct s2n_connection *conn, s2n_signature_algorithm sig_alg, - struct s2n_hash_state *digest, s2n_async_pkey_sign_complete on_complete) + struct s2n_hash_state *digest, s2n_async_pkey_sign_complete on_complete) { RESULT_ENSURE_REF(conn); RESULT_ENSURE_REF(digest); @@ -241,7 +245,7 @@ S2N_RESULT s2n_async_pkey_sign(struct s2n_connection *conn, s2n_signature_algori } S2N_RESULT s2n_async_pkey_sign_async(struct s2n_connection *conn, s2n_signature_algorithm sig_alg, - struct s2n_hash_state *digest, s2n_async_pkey_sign_complete on_complete) + struct s2n_hash_state *digest, s2n_async_pkey_sign_complete on_complete) { RESULT_ENSURE_REF(conn); RESULT_ENSURE_REF(digest); @@ -258,8 +262,8 @@ S2N_RESULT s2n_async_pkey_sign_async(struct s2n_connection *conn, s2n_signature_ } struct s2n_async_pkey_sign_data *sign = &op->op.sign; - sign->on_complete = on_complete; - sign->sig_alg = sig_alg; + sign->on_complete = on_complete; + sign->sig_alg = sig_alg; RESULT_GUARD_POSIX(s2n_hash_new(&sign->digest)); RESULT_GUARD_POSIX(s2n_hash_copy(&sign->digest, digest)); @@ -269,7 +273,7 @@ S2N_RESULT s2n_async_pkey_sign_async(struct s2n_connection *conn, s2n_signature_ } S2N_RESULT s2n_async_pkey_sign_sync(struct s2n_connection *conn, s2n_signature_algorithm sig_alg, - struct s2n_hash_state *digest, s2n_async_pkey_sign_complete on_complete) + struct s2n_hash_state *digest, s2n_async_pkey_sign_complete on_complete) { RESULT_ENSURE_REF(conn); RESULT_ENSURE_REF(digest); @@ -334,7 +338,7 @@ int s2n_async_pkey_op_apply(struct s2n_async_pkey_op *op, struct s2n_connection POSIX_GUARD_RESULT(actions->apply(op, conn)); - op->applied = true; + op->applied = true; conn->handshake.async_state = S2N_ASYNC_COMPLETE; /* Free up the decrypt/sign structs to avoid storing secrets for too long */ @@ -351,9 +355,11 @@ int s2n_async_pkey_op_free(struct s2n_async_pkey_op *op) POSIX_ENSURE_REF(actions); /* If applied the decrypt/sign structs were released in apply call */ - if (!op->applied) { POSIX_GUARD_RESULT(actions->free(op)); } + if (!op->applied) { + POSIX_GUARD_RESULT(actions->free(op)); + } - POSIX_GUARD(s2n_free_object(( uint8_t ** )&op, sizeof(struct s2n_async_pkey_op))); + POSIX_GUARD(s2n_free_object((uint8_t **) &op, sizeof(struct s2n_async_pkey_op))); return S2N_SUCCESS; } @@ -442,17 +448,18 @@ S2N_RESULT s2n_async_pkey_sign_apply(struct s2n_async_pkey_op *op, struct s2n_co } S2N_RESULT s2n_async_pkey_verify_signature(struct s2n_connection *conn, s2n_signature_algorithm sig_alg, - struct s2n_hash_state *digest, struct s2n_blob *signature) { + struct s2n_hash_state *digest, struct s2n_blob *signature) +{ RESULT_ENSURE_REF(conn); RESULT_ENSURE_REF(conn->handshake_params.our_chain_and_key); RESULT_ENSURE_REF(digest); RESULT_ENSURE_REF(signature); /* Parse public key for the cert */ - DEFER_CLEANUP(struct s2n_pkey public_key = {0}, s2n_pkey_free); + DEFER_CLEANUP(struct s2n_pkey public_key = { 0 }, s2n_pkey_free); s2n_pkey_type pkey_type = S2N_PKEY_TYPE_UNKNOWN; RESULT_GUARD_POSIX(s2n_asn1der_to_public_key_and_type(&public_key, &pkey_type, - &conn->handshake_params.our_chain_and_key->cert_chain->head->raw)); + &conn->handshake_params.our_chain_and_key->cert_chain->head->raw)); RESULT_ENSURE(s2n_pkey_verify(&public_key, sig_alg, digest, signature) == S2N_SUCCESS, S2N_ERR_VERIFY_SIGNATURE); return S2N_RESULT_OK; @@ -474,7 +481,7 @@ int s2n_async_pkey_op_set_validation_mode(struct s2n_async_pkey_op *op, s2n_asyn { POSIX_ENSURE_REF(op); - switch(mode) { + switch (mode) { case S2N_ASYNC_PKEY_VALIDATION_FAST: case S2N_ASYNC_PKEY_VALIDATION_STRICT: op->validation_mode = mode; diff --git a/tls/s2n_async_pkey.h b/tls/s2n_async_pkey.h index 631a186a9a2..509c39031b7 100644 --- a/tls/s2n_async_pkey.h +++ b/tls/s2n_async_pkey.h @@ -70,8 +70,8 @@ int s2n_async_pkey_op_set_output(struct s2n_async_pkey_op *op, const uint8_t *da int s2n_async_pkey_op_set_validation_mode(struct s2n_async_pkey_op *op, s2n_async_pkey_validation_mode mode); S2N_RESULT s2n_async_pkey_verify_signature(struct s2n_connection *conn, s2n_signature_algorithm sig_alg, - struct s2n_hash_state *digest, struct s2n_blob *signature); + struct s2n_hash_state *digest, struct s2n_blob *signature); S2N_RESULT s2n_async_pkey_decrypt(struct s2n_connection *conn, struct s2n_blob *encrypted, struct s2n_blob *init_decrypted, - s2n_async_pkey_decrypt_complete on_complete); + s2n_async_pkey_decrypt_complete on_complete); S2N_RESULT s2n_async_pkey_sign(struct s2n_connection *conn, s2n_signature_algorithm sig_alg, struct s2n_hash_state *digest, - s2n_async_pkey_sign_complete on_complete); + s2n_async_pkey_sign_complete on_complete); diff --git a/tls/s2n_auth_selection.c b/tls/s2n_auth_selection.c index 7d9656d4d48..830f9e50d0c 100644 --- a/tls/s2n_auth_selection.c +++ b/tls/s2n_auth_selection.c @@ -13,14 +13,13 @@ * permissions and limitations under the License. */ +#include "tls/s2n_auth_selection.h" + #include "crypto/s2n_certificate.h" #include "crypto/s2n_ecdsa.h" #include "crypto/s2n_signature.h" - #include "tls/s2n_cipher_suites.h" #include "tls/s2n_kex.h" -#include "tls/s2n_auth_selection.h" - #include "utils/s2n_safety.h" /* This module should contain any logic related to choosing a valid combination of @@ -42,7 +41,7 @@ int s2n_get_auth_method_for_cert_type(s2n_pkey_type cert_type, s2n_authentication_method *auth_method) { - switch(cert_type) { + switch (cert_type) { case S2N_PKEY_TYPE_RSA: case S2N_PKEY_TYPE_RSA_PSS: *auth_method = S2N_AUTHENTICATION_RSA; @@ -59,7 +58,7 @@ int s2n_get_auth_method_for_cert_type(s2n_pkey_type cert_type, s2n_authenticatio static int s2n_get_cert_type_for_sig_alg(s2n_signature_algorithm sig_alg, s2n_pkey_type *cert_type) { - switch(sig_alg) { + switch (sig_alg) { case S2N_SIGNATURE_RSA_PSS_RSAE: case S2N_SIGNATURE_RSA: *cert_type = S2N_PKEY_TYPE_RSA; diff --git a/tls/s2n_auth_selection.h b/tls/s2n_auth_selection.h index b52736d7f64..20426250dd1 100644 --- a/tls/s2n_auth_selection.h +++ b/tls/s2n_auth_selection.h @@ -15,14 +15,12 @@ #pragma once -#include "tls/s2n_cipher_suites.h" - #include "crypto/s2n_certificate.h" #include "crypto/s2n_signature.h" +#include "tls/s2n_cipher_suites.h" int s2n_get_auth_method_for_cert_type(s2n_pkey_type cert_type, s2n_authentication_method *auth_method); int s2n_is_cipher_suite_valid_for_auth(struct s2n_connection *conn, struct s2n_cipher_suite *cipher_suite); int s2n_is_sig_scheme_valid_for_auth(struct s2n_connection *conn, const struct s2n_signature_scheme *sig_scheme); int s2n_is_cert_type_valid_for_auth(struct s2n_connection *conn, s2n_pkey_type cert_type); int s2n_select_certs_for_server_auth(struct s2n_connection *conn, struct s2n_cert_chain_and_key **chosen_certs); - diff --git a/tls/s2n_cbc.c b/tls/s2n_cbc.c index 401ab76072f..4022d317827 100644 --- a/tls/s2n_cbc.c +++ b/tls/s2n_cbc.c @@ -13,18 +13,15 @@ * permissions and limitations under the License. */ -#include #include - -#include "error/s2n_errno.h" - -#include "utils/s2n_safety.h" -#include "utils/s2n_mem.h" +#include #include "crypto/s2n_hmac.h" - +#include "error/s2n_errno.h" #include "tls/s2n_connection.h" #include "tls/s2n_record.h" +#include "utils/s2n_mem.h" +#include "utils/s2n_safety.h" /* A TLS CBC record looks like .. * diff --git a/tls/s2n_change_cipher_spec.c b/tls/s2n_change_cipher_spec.c index 585be4ff54f..d8ba233290e 100644 --- a/tls/s2n_change_cipher_spec.c +++ b/tls/s2n_change_cipher_spec.c @@ -16,17 +16,14 @@ #include #include "error/s2n_errno.h" - +#include "stuffer/s2n_stuffer.h" #include "tls/s2n_cipher_suites.h" #include "tls/s2n_connection.h" #include "tls/s2n_tls.h" - -#include "stuffer/s2n_stuffer.h" - #include "utils/s2n_safety.h" /* From RFC5246 7.1: https://tools.ietf.org/html/rfc5246#section-7.1 */ -#define CHANGE_CIPHER_SPEC_TYPE 1 +#define CHANGE_CIPHER_SPEC_TYPE 1 int s2n_basic_ccs_recv(struct s2n_connection *conn) { @@ -46,7 +43,7 @@ int s2n_client_ccs_recv(struct s2n_connection *conn) POSIX_GUARD(s2n_basic_ccs_recv(conn)); /* Zero the sequence number */ - struct s2n_blob seq = {.data = conn->secure->client_sequence_number,.size = sizeof(conn->secure->client_sequence_number) }; + struct s2n_blob seq = { .data = conn->secure->client_sequence_number, .size = sizeof(conn->secure->client_sequence_number) }; POSIX_GUARD(s2n_blob_zero(&seq)); /* Update the client to use the cipher-suite */ @@ -68,7 +65,7 @@ int s2n_server_ccs_recv(struct s2n_connection *conn) POSIX_GUARD(s2n_basic_ccs_recv(conn)); /* Zero the sequence number */ - struct s2n_blob seq = {.data = conn->secure->server_sequence_number,.size = sizeof(conn->secure->server_sequence_number) }; + struct s2n_blob seq = { .data = conn->secure->server_sequence_number, .size = sizeof(conn->secure->server_sequence_number) }; POSIX_GUARD(s2n_blob_zero(&seq)); /* Compute the finished message */ diff --git a/tls/s2n_cipher_preferences.c b/tls/s2n_cipher_preferences.c index 11bf6d01418..e77ca8cadb2 100644 --- a/tls/s2n_cipher_preferences.c +++ b/tls/s2n_cipher_preferences.c @@ -14,14 +14,15 @@ */ #include "tls/s2n_cipher_preferences.h" -#include "api/s2n.h" + #include #include + +#include "api/s2n.h" +#include "error/s2n_errno.h" #include "tls/s2n_config.h" #include "tls/s2n_kem.h" #include "tls/s2n_kex.h" - -#include "error/s2n_errno.h" #include "utils/s2n_safety.h" /* clang-format off */ diff --git a/tls/s2n_cipher_preferences.h b/tls/s2n_cipher_preferences.h index e275b28f331..b52143623d3 100644 --- a/tls/s2n_cipher_preferences.h +++ b/tls/s2n_cipher_preferences.h @@ -16,6 +16,7 @@ #pragma once #include + #include "tls/s2n_cipher_suites.h" #include "tls/s2n_kem.h" #include "tls/s2n_tls13.h" diff --git a/tls/s2n_cipher_suites.c b/tls/s2n_cipher_suites.c index f6f3cce7104..c2a6e604403 100644 --- a/tls/s2n_cipher_suites.c +++ b/tls/s2n_cipher_suites.c @@ -13,23 +13,20 @@ * permissions and limitations under the License. */ -#include - #include - -#include "error/s2n_errno.h" +#include #include "crypto/s2n_cipher.h" #include "crypto/s2n_openssl.h" - +#include "error/s2n_errno.h" +#include "pq-crypto/s2n_pq.h" #include "tls/s2n_auth_selection.h" #include "tls/s2n_kex.h" +#include "tls/s2n_psk.h" #include "tls/s2n_security_policies.h" #include "tls/s2n_tls.h" #include "tls/s2n_tls13.h" #include "utils/s2n_safety.h" -#include "tls/s2n_psk.h" -#include "pq-crypto/s2n_pq.h" /************************* * S2n Record Algorithms * @@ -744,26 +741,26 @@ struct s2n_cipher_suite s2n_tls13_chacha20_poly1305_sha256 = { * properly initialized. */ static struct s2n_cipher_suite *s2n_all_cipher_suites[] = { - &s2n_rsa_with_rc4_128_md5, /* 0x00,0x04 */ - &s2n_rsa_with_rc4_128_sha, /* 0x00,0x05 */ - &s2n_rsa_with_3des_ede_cbc_sha, /* 0x00,0x0A */ - &s2n_dhe_rsa_with_3des_ede_cbc_sha, /* 0x00,0x16 */ - &s2n_rsa_with_aes_128_cbc_sha, /* 0x00,0x2F */ - &s2n_dhe_rsa_with_aes_128_cbc_sha, /* 0x00,0x33 */ - &s2n_rsa_with_aes_256_cbc_sha, /* 0x00,0x35 */ - &s2n_dhe_rsa_with_aes_256_cbc_sha, /* 0x00,0x39 */ - &s2n_rsa_with_aes_128_cbc_sha256, /* 0x00,0x3C */ - &s2n_rsa_with_aes_256_cbc_sha256, /* 0x00,0x3D */ - &s2n_dhe_rsa_with_aes_128_cbc_sha256, /* 0x00,0x67 */ - &s2n_dhe_rsa_with_aes_256_cbc_sha256, /* 0x00,0x6B */ - &s2n_rsa_with_aes_128_gcm_sha256, /* 0x00,0x9C */ - &s2n_rsa_with_aes_256_gcm_sha384, /* 0x00,0x9D */ - &s2n_dhe_rsa_with_aes_128_gcm_sha256, /* 0x00,0x9E */ - &s2n_dhe_rsa_with_aes_256_gcm_sha384, /* 0x00,0x9F */ - - &s2n_tls13_aes_128_gcm_sha256, /* 0x13,0x01 */ - &s2n_tls13_aes_256_gcm_sha384, /* 0x13,0x02 */ - &s2n_tls13_chacha20_poly1305_sha256, /* 0x13,0x03 */ + &s2n_rsa_with_rc4_128_md5, /* 0x00,0x04 */ + &s2n_rsa_with_rc4_128_sha, /* 0x00,0x05 */ + &s2n_rsa_with_3des_ede_cbc_sha, /* 0x00,0x0A */ + &s2n_dhe_rsa_with_3des_ede_cbc_sha, /* 0x00,0x16 */ + &s2n_rsa_with_aes_128_cbc_sha, /* 0x00,0x2F */ + &s2n_dhe_rsa_with_aes_128_cbc_sha, /* 0x00,0x33 */ + &s2n_rsa_with_aes_256_cbc_sha, /* 0x00,0x35 */ + &s2n_dhe_rsa_with_aes_256_cbc_sha, /* 0x00,0x39 */ + &s2n_rsa_with_aes_128_cbc_sha256, /* 0x00,0x3C */ + &s2n_rsa_with_aes_256_cbc_sha256, /* 0x00,0x3D */ + &s2n_dhe_rsa_with_aes_128_cbc_sha256, /* 0x00,0x67 */ + &s2n_dhe_rsa_with_aes_256_cbc_sha256, /* 0x00,0x6B */ + &s2n_rsa_with_aes_128_gcm_sha256, /* 0x00,0x9C */ + &s2n_rsa_with_aes_256_gcm_sha384, /* 0x00,0x9D */ + &s2n_dhe_rsa_with_aes_128_gcm_sha256, /* 0x00,0x9E */ + &s2n_dhe_rsa_with_aes_256_gcm_sha384, /* 0x00,0x9F */ + + &s2n_tls13_aes_128_gcm_sha256, /* 0x13,0x01 */ + &s2n_tls13_aes_256_gcm_sha384, /* 0x13,0x02 */ + &s2n_tls13_chacha20_poly1305_sha256, /* 0x13,0x03 */ &s2n_ecdhe_ecdsa_with_aes_128_cbc_sha, /* 0xC0,0x09 */ &s2n_ecdhe_ecdsa_with_aes_256_cbc_sha, /* 0xC0,0x0A */ @@ -794,22 +791,22 @@ const struct s2n_cipher_preferences cipher_preferences_test_all = { /* All TLS12 Cipher Suites */ static struct s2n_cipher_suite *s2n_all_tls12_cipher_suites[] = { - &s2n_rsa_with_rc4_128_md5, /* 0x00,0x04 */ - &s2n_rsa_with_rc4_128_sha, /* 0x00,0x05 */ - &s2n_rsa_with_3des_ede_cbc_sha, /* 0x00,0x0A */ - &s2n_dhe_rsa_with_3des_ede_cbc_sha, /* 0x00,0x16 */ - &s2n_rsa_with_aes_128_cbc_sha, /* 0x00,0x2F */ - &s2n_dhe_rsa_with_aes_128_cbc_sha, /* 0x00,0x33 */ - &s2n_rsa_with_aes_256_cbc_sha, /* 0x00,0x35 */ - &s2n_dhe_rsa_with_aes_256_cbc_sha, /* 0x00,0x39 */ - &s2n_rsa_with_aes_128_cbc_sha256, /* 0x00,0x3C */ - &s2n_rsa_with_aes_256_cbc_sha256, /* 0x00,0x3D */ - &s2n_dhe_rsa_with_aes_128_cbc_sha256, /* 0x00,0x67 */ - &s2n_dhe_rsa_with_aes_256_cbc_sha256, /* 0x00,0x6B */ - &s2n_rsa_with_aes_128_gcm_sha256, /* 0x00,0x9C */ - &s2n_rsa_with_aes_256_gcm_sha384, /* 0x00,0x9D */ - &s2n_dhe_rsa_with_aes_128_gcm_sha256, /* 0x00,0x9E */ - &s2n_dhe_rsa_with_aes_256_gcm_sha384, /* 0x00,0x9F */ + &s2n_rsa_with_rc4_128_md5, /* 0x00,0x04 */ + &s2n_rsa_with_rc4_128_sha, /* 0x00,0x05 */ + &s2n_rsa_with_3des_ede_cbc_sha, /* 0x00,0x0A */ + &s2n_dhe_rsa_with_3des_ede_cbc_sha, /* 0x00,0x16 */ + &s2n_rsa_with_aes_128_cbc_sha, /* 0x00,0x2F */ + &s2n_dhe_rsa_with_aes_128_cbc_sha, /* 0x00,0x33 */ + &s2n_rsa_with_aes_256_cbc_sha, /* 0x00,0x35 */ + &s2n_dhe_rsa_with_aes_256_cbc_sha, /* 0x00,0x39 */ + &s2n_rsa_with_aes_128_cbc_sha256, /* 0x00,0x3C */ + &s2n_rsa_with_aes_256_cbc_sha256, /* 0x00,0x3D */ + &s2n_dhe_rsa_with_aes_128_cbc_sha256, /* 0x00,0x67 */ + &s2n_dhe_rsa_with_aes_256_cbc_sha256, /* 0x00,0x6B */ + &s2n_rsa_with_aes_128_gcm_sha256, /* 0x00,0x9C */ + &s2n_rsa_with_aes_256_gcm_sha384, /* 0x00,0x9D */ + &s2n_dhe_rsa_with_aes_128_gcm_sha256, /* 0x00,0x9E */ + &s2n_dhe_rsa_with_aes_256_gcm_sha384, /* 0x00,0x9F */ &s2n_ecdhe_ecdsa_with_aes_128_cbc_sha, /* 0xC0,0x09 */ &s2n_ecdhe_ecdsa_with_aes_256_cbc_sha, /* 0xC0,0x0A */ @@ -840,25 +837,25 @@ const struct s2n_cipher_preferences cipher_preferences_test_all_tls12 = { * in order of IANA value. Exposed for the "test_all_fips" cipher preference list. */ static struct s2n_cipher_suite *s2n_all_fips_cipher_suites[] = { - &s2n_rsa_with_3des_ede_cbc_sha, /* 0x00,0x0A */ - &s2n_rsa_with_aes_128_cbc_sha, /* 0x00,0x2F */ - &s2n_rsa_with_aes_256_cbc_sha, /* 0x00,0x35 */ - &s2n_rsa_with_aes_128_cbc_sha256, /* 0x00,0x3C */ - &s2n_rsa_with_aes_256_cbc_sha256, /* 0x00,0x3D */ - &s2n_dhe_rsa_with_aes_128_cbc_sha256, /* 0x00,0x67 */ - &s2n_dhe_rsa_with_aes_256_cbc_sha256, /* 0x00,0x6B */ - &s2n_rsa_with_aes_128_gcm_sha256, /* 0x00,0x9C */ - &s2n_rsa_with_aes_256_gcm_sha384, /* 0x00,0x9D */ - &s2n_dhe_rsa_with_aes_128_gcm_sha256, /* 0x00,0x9E */ - &s2n_dhe_rsa_with_aes_256_gcm_sha384, /* 0x00,0x9F */ - &s2n_ecdhe_ecdsa_with_aes_128_cbc_sha256, /* 0xC0,0x23 */ - &s2n_ecdhe_ecdsa_with_aes_256_cbc_sha384, /* 0xC0,0x24 */ - &s2n_ecdhe_rsa_with_aes_128_cbc_sha256, /* 0xC0,0x27 */ - &s2n_ecdhe_rsa_with_aes_256_cbc_sha384, /* 0xC0,0x28 */ - &s2n_ecdhe_ecdsa_with_aes_128_gcm_sha256, /* 0xC0,0x2B */ - &s2n_ecdhe_ecdsa_with_aes_256_gcm_sha384, /* 0xC0,0x2C */ - &s2n_ecdhe_rsa_with_aes_128_gcm_sha256, /* 0xC0,0x2F */ - &s2n_ecdhe_rsa_with_aes_256_gcm_sha384, /* 0xC0,0x30 */ + &s2n_rsa_with_3des_ede_cbc_sha, /* 0x00,0x0A */ + &s2n_rsa_with_aes_128_cbc_sha, /* 0x00,0x2F */ + &s2n_rsa_with_aes_256_cbc_sha, /* 0x00,0x35 */ + &s2n_rsa_with_aes_128_cbc_sha256, /* 0x00,0x3C */ + &s2n_rsa_with_aes_256_cbc_sha256, /* 0x00,0x3D */ + &s2n_dhe_rsa_with_aes_128_cbc_sha256, /* 0x00,0x67 */ + &s2n_dhe_rsa_with_aes_256_cbc_sha256, /* 0x00,0x6B */ + &s2n_rsa_with_aes_128_gcm_sha256, /* 0x00,0x9C */ + &s2n_rsa_with_aes_256_gcm_sha384, /* 0x00,0x9D */ + &s2n_dhe_rsa_with_aes_128_gcm_sha256, /* 0x00,0x9E */ + &s2n_dhe_rsa_with_aes_256_gcm_sha384, /* 0x00,0x9F */ + &s2n_ecdhe_ecdsa_with_aes_128_cbc_sha256, /* 0xC0,0x23 */ + &s2n_ecdhe_ecdsa_with_aes_256_cbc_sha384, /* 0xC0,0x24 */ + &s2n_ecdhe_rsa_with_aes_128_cbc_sha256, /* 0xC0,0x27 */ + &s2n_ecdhe_rsa_with_aes_256_cbc_sha384, /* 0xC0,0x28 */ + &s2n_ecdhe_ecdsa_with_aes_128_gcm_sha256, /* 0xC0,0x2B */ + &s2n_ecdhe_ecdsa_with_aes_256_gcm_sha384, /* 0xC0,0x2C */ + &s2n_ecdhe_rsa_with_aes_128_gcm_sha256, /* 0xC0,0x2F */ + &s2n_ecdhe_rsa_with_aes_256_gcm_sha384, /* 0xC0,0x30 */ }; /* All supported FIPS ciphers. Exposed for integration testing. */ @@ -888,16 +885,16 @@ const struct s2n_cipher_preferences cipher_preferences_test_all_ecdsa = { /* All cipher suites that uses RSA key exchange. Exposed for unit or integration tests. */ static struct s2n_cipher_suite *s2n_all_rsa_kex_cipher_suites[] = { - &s2n_rsa_with_aes_128_cbc_sha, /* 0x00,0x2F */ - &s2n_rsa_with_rc4_128_md5, /* 0x00,0x04 */ - &s2n_rsa_with_rc4_128_sha, /* 0x00,0x05 */ - &s2n_rsa_with_3des_ede_cbc_sha, /* 0x00,0x0A */ - &s2n_rsa_with_aes_128_cbc_sha, /* 0x00,0x2F */ - &s2n_rsa_with_aes_256_cbc_sha, /* 0x00,0x35 */ - &s2n_rsa_with_aes_128_cbc_sha256, /* 0x00,0x3C */ - &s2n_rsa_with_aes_256_cbc_sha256, /* 0x00,0x3D */ - &s2n_rsa_with_aes_128_gcm_sha256, /* 0x00,0x9C */ - &s2n_rsa_with_aes_256_gcm_sha384, /* 0x00,0x9D */ + &s2n_rsa_with_aes_128_cbc_sha, /* 0x00,0x2F */ + &s2n_rsa_with_rc4_128_md5, /* 0x00,0x04 */ + &s2n_rsa_with_rc4_128_sha, /* 0x00,0x05 */ + &s2n_rsa_with_3des_ede_cbc_sha, /* 0x00,0x0A */ + &s2n_rsa_with_aes_128_cbc_sha, /* 0x00,0x2F */ + &s2n_rsa_with_aes_256_cbc_sha, /* 0x00,0x35 */ + &s2n_rsa_with_aes_128_cbc_sha256, /* 0x00,0x3C */ + &s2n_rsa_with_aes_256_cbc_sha256, /* 0x00,0x3D */ + &s2n_rsa_with_aes_128_gcm_sha256, /* 0x00,0x9C */ + &s2n_rsa_with_aes_256_gcm_sha384, /* 0x00,0x9D */ }; /* Cipher preferences with rsa key exchange. Exposed for unit and integration tests. */ @@ -952,9 +949,9 @@ const struct s2n_cipher_preferences cipher_preferences_test_ecdsa_priority = { }; static struct s2n_cipher_suite *s2n_all_tls13_cipher_suites[] = { - &s2n_tls13_aes_128_gcm_sha256, /* 0x13,0x01 */ - &s2n_tls13_aes_256_gcm_sha384, /* 0x13,0x02 */ - &s2n_tls13_chacha20_poly1305_sha256, /* 0x13,0x03 */ + &s2n_tls13_aes_128_gcm_sha256, /* 0x13,0x01 */ + &s2n_tls13_aes_256_gcm_sha384, /* 0x13,0x02 */ + &s2n_tls13_chacha20_poly1305_sha256, /* 0x13,0x03 */ }; const struct s2n_cipher_preferences cipher_preferences_test_all_tls13 = { @@ -964,7 +961,8 @@ const struct s2n_cipher_preferences cipher_preferences_test_all_tls13 = { static bool should_init_crypto = true; static bool crypto_initialized = false; -int s2n_crypto_disable_init(void) { +int s2n_crypto_disable_init(void) +{ POSIX_ENSURE(!crypto_initialized, S2N_ERR_INITIALIZED); should_init_crypto = false; return S2N_SUCCESS; @@ -1004,7 +1002,7 @@ int s2n_cipher_suites_init(void) struct s2n_blob new_suite_mem = { 0 }; POSIX_GUARD(s2n_dup(&cur_suite_mem, &new_suite_mem)); - struct s2n_cipher_suite *new_suite = (struct s2n_cipher_suite *)(void *)new_suite_mem.data; + struct s2n_cipher_suite *new_suite = (struct s2n_cipher_suite *) (void *) new_suite_mem.data; new_suite->available = 1; new_suite->record_alg = cur_suite->sslv3_record_alg; cur_suite->sslv3_cipher_suite = new_suite; @@ -1038,7 +1036,7 @@ S2N_RESULT s2n_cipher_suites_cleanup(void) /* Release custom SSLv3 cipher suites */ if (cur_suite->sslv3_cipher_suite != cur_suite) { - RESULT_GUARD_POSIX(s2n_free_object((uint8_t **)&cur_suite->sslv3_cipher_suite, sizeof(struct s2n_cipher_suite))); + RESULT_GUARD_POSIX(s2n_free_object((uint8_t **) &cur_suite->sslv3_cipher_suite, sizeof(struct s2n_cipher_suite))); } cur_suite->sslv3_cipher_suite = NULL; } @@ -1130,7 +1128,7 @@ int s2n_set_cipher_as_client(struct s2n_connection *conn, uint8_t wire[S2N_TLS_C **/ if (conn->psk_params.chosen_psk) { POSIX_ENSURE(cipher_suite->prf_alg == conn->psk_params.chosen_psk->hmac_alg, - S2N_ERR_CIPHER_NOT_SUPPORTED); + S2N_ERR_CIPHER_NOT_SUPPORTED); } /** @@ -1169,7 +1167,8 @@ static int s2n_wire_ciphers_contain(const uint8_t *match, const uint8_t *wire, u return 0; } -bool s2n_cipher_suite_uses_chacha20_alg(struct s2n_cipher_suite *cipher_suite) { +bool s2n_cipher_suite_uses_chacha20_alg(struct s2n_cipher_suite *cipher_suite) +{ return cipher_suite && cipher_suite->record_alg && cipher_suite->record_alg->cipher == &s2n_chacha20_poly1305; } @@ -1177,7 +1176,8 @@ bool s2n_cipher_suite_uses_chacha20_alg(struct s2n_cipher_suite *cipher_suite) { * preferred cipher suite, then we have mutual chacha20 boosting support. */ static S2N_RESULT s2n_validate_chacha20_boosting(const struct s2n_cipher_preferences *cipher_preferences, const uint8_t *wire, - uint32_t cipher_suite_len) { + uint32_t cipher_suite_len) +{ RESULT_ENSURE_REF(cipher_preferences); RESULT_ENSURE_REF(wire); @@ -1324,7 +1324,7 @@ static int s2n_set_cipher_as_server(struct s2n_connection *conn, uint8_t *wire, } continue; } - + conn->secure->cipher_suite = match; return S2N_SUCCESS; } @@ -1356,7 +1356,7 @@ int s2n_set_cipher_as_tls_server(struct s2n_connection *conn, uint8_t *wire, uin bool s2n_cipher_suite_requires_ecc_extension(struct s2n_cipher_suite *cipher) { - if(!cipher) { + if (!cipher) { return false; } @@ -1375,7 +1375,7 @@ bool s2n_cipher_suite_requires_ecc_extension(struct s2n_cipher_suite *cipher) bool s2n_cipher_suite_requires_pq_extension(struct s2n_cipher_suite *cipher) { - if(!cipher) { + if (!cipher) { return false; } diff --git a/tls/s2n_cipher_suites.h b/tls/s2n_cipher_suites.h index f00fa19a14f..0d51eefb33d 100644 --- a/tls/s2n_cipher_suites.h +++ b/tls/s2n_cipher_suites.h @@ -15,25 +15,24 @@ #pragma once -#include "tls/s2n_tls_parameters.h" -#include "tls/s2n_connection.h" -#include "tls/s2n_crypto.h" +#include #include "crypto/s2n_certificate.h" #include "crypto/s2n_cipher.h" #include "crypto/s2n_hmac.h" - -#include +#include "tls/s2n_connection.h" +#include "tls/s2n_crypto.h" +#include "tls/s2n_tls_parameters.h" /* Key exchange flags that can be OR'ed */ -#define S2N_KEY_EXCHANGE_DH 0x01 /* Diffie-Hellman key exchange, including ephemeral */ -#define S2N_KEY_EXCHANGE_EPH 0x02 /* Ephemeral key exchange */ -#define S2N_KEY_EXCHANGE_ECC 0x04 /* Elliptic curve cryptography */ +#define S2N_KEY_EXCHANGE_DH 0x01 /* Diffie-Hellman key exchange, including ephemeral */ +#define S2N_KEY_EXCHANGE_EPH 0x02 /* Ephemeral key exchange */ +#define S2N_KEY_EXCHANGE_ECC 0x04 /* Elliptic curve cryptography */ -#define S2N_MAX_POSSIBLE_RECORD_ALGS 2 +#define S2N_MAX_POSSIBLE_RECORD_ALGS 2 /* Kept up-to-date by s2n_cipher_suite_test */ -#define S2N_CIPHER_SUITE_COUNT 37 +#define S2N_CIPHER_SUITE_COUNT 37 /* Record algorithm flags that can be OR'ed */ #define S2N_TLS12_AES_GCM_AEAD_NONCE 0x01 @@ -88,7 +87,7 @@ extern const struct s2n_record_algorithm s2n_tls13_record_alg_chacha20_poly1305; struct s2n_cipher_suite { /* Is there an implementation available? Set in s2n_cipher_suites_init() */ - unsigned int available:1; + unsigned int available : 1; /* Cipher name in Openssl format */ const char *name; @@ -163,7 +162,7 @@ S2N_RESULT s2n_cipher_suites_cleanup(void); S2N_RESULT s2n_cipher_suite_from_iana(const uint8_t *iana, size_t iana_len, struct s2n_cipher_suite **cipher_suite); bool s2n_cipher_suite_uses_chacha20_alg(struct s2n_cipher_suite *cipher_suite); extern int s2n_set_cipher_as_client(struct s2n_connection *conn, uint8_t wire[S2N_TLS_CIPHER_SUITE_LEN]); -extern int s2n_set_cipher_as_sslv2_server(struct s2n_connection *conn, uint8_t * wire, uint16_t count); -extern int s2n_set_cipher_as_tls_server(struct s2n_connection *conn, uint8_t * wire, uint16_t count); +extern int s2n_set_cipher_as_sslv2_server(struct s2n_connection *conn, uint8_t *wire, uint16_t count); +extern int s2n_set_cipher_as_tls_server(struct s2n_connection *conn, uint8_t *wire, uint16_t count); bool s2n_cipher_suite_requires_ecc_extension(struct s2n_cipher_suite *cipher); bool s2n_cipher_suite_requires_pq_extension(struct s2n_cipher_suite *cipher); diff --git a/tls/s2n_client_cert.c b/tls/s2n_client_cert.c index 6795ea86260..d541537c543 100644 --- a/tls/s2n_client_cert.c +++ b/tls/s2n_client_cert.c @@ -14,16 +14,13 @@ */ #include "api/s2n.h" - #include "crypto/s2n_certificate.h" #include "error/s2n_errno.h" +#include "stuffer/s2n_stuffer.h" #include "tls/s2n_cipher_suites.h" -#include "tls/s2n_connection.h" #include "tls/s2n_config.h" +#include "tls/s2n_connection.h" #include "tls/s2n_tls.h" - -#include "stuffer/s2n_stuffer.h" - #include "utils/s2n_blob.h" #include "utils/s2n_safety.h" @@ -74,7 +71,7 @@ static S2N_RESULT s2n_client_cert_chain_store(struct s2n_connection *conn, struc uint32_t cert_size = 0; uint16_t extensions_size = 0; - while(s2n_stuffer_data_available(&cert_chain_in)) { + while (s2n_stuffer_data_available(&cert_chain_in)) { RESULT_GUARD_POSIX(s2n_stuffer_read_uint24(&cert_chain_in, &cert_size)); RESULT_GUARD_POSIX(s2n_stuffer_write_uint24(&cert_chain_out, cert_size)); RESULT_GUARD_POSIX(s2n_stuffer_copy(&cert_chain_in, &cert_chain_out, cert_size)); @@ -98,11 +95,11 @@ int s2n_client_cert_recv(struct s2n_connection *conn) if (conn->actual_protocol_version == S2N_TLS13) { uint8_t certificate_request_context_len; POSIX_GUARD(s2n_stuffer_read_uint8(&conn->handshake.io, &certificate_request_context_len)); - S2N_ERROR_IF(certificate_request_context_len != 0,S2N_ERR_BAD_MESSAGE); + S2N_ERROR_IF(certificate_request_context_len != 0, S2N_ERR_BAD_MESSAGE); } struct s2n_stuffer *in = &conn->handshake.io; - struct s2n_blob client_cert_chain = {0}; + struct s2n_blob client_cert_chain = { 0 }; POSIX_GUARD(s2n_stuffer_read_uint24(in, &client_cert_chain.size)); @@ -127,7 +124,7 @@ int s2n_client_cert_recv(struct s2n_connection *conn) conn->handshake_params.client_cert_pkey_type = pkey_type; POSIX_GUARD(s2n_pkey_setup_for_type(&public_key, pkey_type)); - + POSIX_GUARD(s2n_pkey_check_key_exists(&public_key)); POSIX_GUARD_RESULT(s2n_client_cert_chain_store(conn, &client_cert_chain)); conn->handshake_params.client_public_key = public_key; @@ -135,7 +132,6 @@ int s2n_client_cert_recv(struct s2n_connection *conn) return S2N_SUCCESS; } - int s2n_client_cert_send(struct s2n_connection *conn) { struct s2n_cert_chain_and_key *chain_and_key = conn->handshake_params.our_chain_and_key; diff --git a/tls/s2n_client_cert_verify.c b/tls/s2n_client_cert_verify.c index 5327b5bc7ec..d15b4d9f539 100644 --- a/tls/s2n_client_cert_verify.c +++ b/tls/s2n_client_cert_verify.c @@ -14,18 +14,14 @@ */ #include "api/s2n.h" - #include "error/s2n_errno.h" - -#include "tls/s2n_connection.h" +#include "stuffer/s2n_stuffer.h" +#include "tls/s2n_async_pkey.h" #include "tls/s2n_config.h" +#include "tls/s2n_connection.h" #include "tls/s2n_signature_algorithms.h" #include "tls/s2n_tls.h" - -#include "stuffer/s2n_stuffer.h" - #include "utils/s2n_safety.h" -#include "tls/s2n_async_pkey.h" static int s2n_client_cert_verify_send_complete(struct s2n_connection *conn, struct s2n_blob *signature); @@ -46,7 +42,7 @@ int s2n_client_cert_verify_recv(struct s2n_connection *conn) } uint16_t signature_size; - struct s2n_blob signature = {0}; + struct s2n_blob signature = { 0 }; POSIX_GUARD(s2n_stuffer_read_uint16(in, &signature_size)); signature.size = signature_size; signature.data = s2n_stuffer_raw_read(in, signature.size); diff --git a/tls/s2n_client_finished.c b/tls/s2n_client_finished.c index 306f9b9ad7b..b805a186a6f 100644 --- a/tls/s2n_client_finished.c +++ b/tls/s2n_client_finished.c @@ -16,13 +16,10 @@ #include #include "error/s2n_errno.h" - +#include "stuffer/s2n_stuffer.h" #include "tls/s2n_connection.h" #include "tls/s2n_tls.h" #include "tls/s2n_tls13_handshake.h" - -#include "stuffer/s2n_stuffer.h" - #include "utils/s2n_safety.h" S2N_RESULT s2n_finished_recv(struct s2n_connection *conn, uint8_t *our_version); @@ -51,14 +48,15 @@ int s2n_client_finished_send(struct s2n_connection *conn) return S2N_SUCCESS; } -int s2n_tls13_client_finished_recv(struct s2n_connection *conn) { +int s2n_tls13_client_finished_recv(struct s2n_connection *conn) +{ POSIX_ENSURE_EQ(conn->actual_protocol_version, S2N_TLS13); uint8_t length = s2n_stuffer_data_available(&conn->handshake.io); S2N_ERROR_IF(length == 0, S2N_ERR_BAD_MESSAGE); /* read finished mac from handshake */ - struct s2n_blob wire_finished_mac = {0}; + struct s2n_blob wire_finished_mac = { 0 }; s2n_blob_init(&wire_finished_mac, s2n_stuffer_raw_read(&conn->handshake.io, length), length); /* get tls13 keys */ @@ -69,7 +67,7 @@ int s2n_tls13_client_finished_recv(struct s2n_connection *conn) { struct s2n_hash_state *hash_state = &conn->handshake.hashes->hash_workspace; POSIX_GUARD_RESULT(s2n_handshake_copy_hash_state(conn, keys.hash_algorithm, hash_state)); - struct s2n_blob finished_key = {0}; + struct s2n_blob finished_key = { 0 }; POSIX_GUARD(s2n_blob_init(&finished_key, conn->handshake.client_finished, keys.size)); s2n_tls13_key_blob(client_finished_mac, keys.size); @@ -80,7 +78,8 @@ int s2n_tls13_client_finished_recv(struct s2n_connection *conn) { return 0; } -int s2n_tls13_client_finished_send(struct s2n_connection *conn) { +int s2n_tls13_client_finished_send(struct s2n_connection *conn) +{ POSIX_ENSURE_EQ(conn->actual_protocol_version, S2N_TLS13); /* get tls13 keys */ @@ -92,7 +91,7 @@ int s2n_tls13_client_finished_send(struct s2n_connection *conn) { POSIX_GUARD_RESULT(s2n_handshake_copy_hash_state(conn, keys.hash_algorithm, hash_state)); /* look up finished secret key */ - struct s2n_blob finished_key = {0}; + struct s2n_blob finished_key = { 0 }; POSIX_GUARD(s2n_blob_init(&finished_key, conn->handshake.client_finished, keys.size)); /* generate the hashed message authenticated code */ diff --git a/tls/s2n_client_hello.c b/tls/s2n_client_hello.c index e9d5bb6adf1..c4b67f85ebe 100644 --- a/tls/s2n_client_hello.c +++ b/tls/s2n_client_hello.c @@ -13,38 +13,35 @@ * permissions and limitations under the License. */ -#include -#include +#include "tls/s2n_client_hello.h" + #include #include +#include +#include #include "crypto/s2n_fips.h" - -#include "error/s2n_errno.h" #include "crypto/s2n_hash.h" #include "crypto/s2n_rsa_signing.h" - +#include "error/s2n_errno.h" +#include "stuffer/s2n_stuffer.h" #include "tls/extensions/s2n_extension_list.h" #include "tls/extensions/s2n_server_key_share.h" +#include "tls/s2n_alerts.h" #include "tls/s2n_auth_selection.h" #include "tls/s2n_cipher_preferences.h" -#include "tls/s2n_security_policies.h" #include "tls/s2n_cipher_suites.h" #include "tls/s2n_connection.h" -#include "tls/s2n_client_hello.h" -#include "tls/s2n_alerts.h" #include "tls/s2n_handshake_type.h" +#include "tls/s2n_security_policies.h" #include "tls/s2n_signature_algorithms.h" #include "tls/s2n_tls.h" -#include "tls/s2n_security_policies.h" - -#include "stuffer/s2n_stuffer.h" - #include "utils/s2n_bitmap.h" #include "utils/s2n_random.h" #include "utils/s2n_safety.h" -struct s2n_client_hello *s2n_connection_get_client_hello(struct s2n_connection *conn) { +struct s2n_client_hello *s2n_connection_get_client_hello(struct s2n_connection *conn) +{ if (conn->client_hello.callback_invoked != 1) { return NULL; } @@ -52,7 +49,8 @@ struct s2n_client_hello *s2n_connection_get_client_hello(struct s2n_connection * return &conn->client_hello; } -static uint32_t min_size(struct s2n_blob *blob, uint32_t max_length) { +static uint32_t min_size(struct s2n_blob *blob, uint32_t max_length) +{ return blob->size < max_length ? blob->size : max_length; } @@ -76,7 +74,7 @@ static S2N_RESULT s2n_generate_client_session_id(struct s2n_connection *conn) return S2N_RESULT_OK; } - struct s2n_blob session_id = {0}; + struct s2n_blob session_id = { 0 }; RESULT_GUARD_POSIX(s2n_blob_init(&session_id, conn->session_id, S2N_TLS_SESSION_ID_MAX_LEN)); RESULT_GUARD(s2n_get_public_random_data(&session_id)); conn->session_id_len = S2N_TLS_SESSION_ID_MAX_LEN; @@ -84,7 +82,8 @@ static S2N_RESULT s2n_generate_client_session_id(struct s2n_connection *conn) return S2N_RESULT_OK; } -ssize_t s2n_client_hello_get_raw_message_length(struct s2n_client_hello *ch) { +ssize_t s2n_client_hello_get_raw_message_length(struct s2n_client_hello *ch) +{ POSIX_ENSURE_REF(ch); return ch->raw_message.size; @@ -100,7 +99,8 @@ ssize_t s2n_client_hello_get_raw_message(struct s2n_client_hello *ch, uint8_t *o return len; } -ssize_t s2n_client_hello_get_cipher_suites_length(struct s2n_client_hello *ch) { +ssize_t s2n_client_hello_get_cipher_suites_length(struct s2n_client_hello *ch) +{ POSIX_ENSURE_REF(ch); return ch->cipher_suites.size; @@ -110,8 +110,7 @@ int s2n_client_hello_cb_done(struct s2n_connection *conn) { POSIX_ENSURE_REF(conn); POSIX_ENSURE_REF(conn->config); - POSIX_ENSURE(conn->config->client_hello_cb_mode == - S2N_CLIENT_HELLO_CB_NONBLOCKING, S2N_ERR_INVALID_STATE); + POSIX_ENSURE(conn->config->client_hello_cb_mode == S2N_CLIENT_HELLO_CB_NONBLOCKING, S2N_ERR_INVALID_STATE); POSIX_ENSURE(conn->client_hello.callback_invoked == 1, S2N_ERR_ASYNC_NOT_PERFORMED); POSIX_ENSURE(conn->client_hello.parsed == 1, S2N_ERR_INVALID_STATE); @@ -134,7 +133,8 @@ ssize_t s2n_client_hello_get_cipher_suites(struct s2n_client_hello *ch, uint8_t return len; } -ssize_t s2n_client_hello_get_extensions_length(struct s2n_client_hello *ch) { +ssize_t s2n_client_hello_get_extensions_length(struct s2n_client_hello *ch) +{ POSIX_ENSURE_REF(ch); return ch->extensions.raw.size; @@ -183,7 +183,6 @@ int s2n_collect_client_hello(struct s2n_connection *conn, struct s2n_stuffer *so return 0; } - static S2N_RESULT s2n_client_hello_verify_for_retry(struct s2n_connection *conn, struct s2n_client_hello *old_ch, struct s2n_client_hello *new_ch, uint8_t *previous_client_random) @@ -214,10 +213,10 @@ static S2N_RESULT s2n_client_hello_verify_for_retry(struct s2n_connection *conn, size_t verify_len = old_msg_len - old_extensions_len; RESULT_ENSURE_LTE(verify_len, new_ch->raw_message.size); RESULT_ENSURE(s2n_constant_time_equals( - old_ch->raw_message.data, - new_ch->raw_message.data, - verify_len - ), S2N_ERR_BAD_MESSAGE); + old_ch->raw_message.data, + new_ch->raw_message.data, + verify_len), + S2N_ERR_BAD_MESSAGE); /* * We need to verify the client random separately @@ -225,10 +224,10 @@ static S2N_RESULT s2n_client_hello_verify_for_retry(struct s2n_connection *conn, * Compare the old value to the current value. */ RESULT_ENSURE(s2n_constant_time_equals( - previous_client_random, - conn->handshake_params.client_random, - S2N_TLS_RANDOM_DATA_LEN - ), S2N_ERR_BAD_MESSAGE); + previous_client_random, + conn->handshake_params.client_random, + S2N_TLS_RANDOM_DATA_LEN), + S2N_ERR_BAD_MESSAGE); /* * Now enforce that the extensions also exactly match, @@ -252,7 +251,7 @@ static S2N_RESULT s2n_client_hello_verify_for_retry(struct s2n_connection *conn, continue; } - switch(extension_type) { + switch (extension_type) { /* *= https://tools.ietf.org/rfc/rfc8446#section-4.1.2 *# - If a "key_share" extension was supplied in the HelloRetryRequest, @@ -295,10 +294,10 @@ static S2N_RESULT s2n_client_hello_verify_for_retry(struct s2n_connection *conn, default: RESULT_ENSURE(old_size == new_size, S2N_ERR_BAD_MESSAGE); RESULT_ENSURE(s2n_constant_time_equals( - new_extension->extension.data, - old_extension->extension.data, - old_size - ), S2N_ERR_BAD_MESSAGE); + new_extension->extension.data, + old_extension->extension.data, + old_size), + S2N_ERR_BAD_MESSAGE); } } @@ -444,9 +443,7 @@ int s2n_process_client_hello(struct s2n_connection *conn) POSIX_GUARD(s2n_set_cipher_as_tls_server(conn, client_hello->cipher_suites.data, client_hello->cipher_suites.size / 2)); /* Check if this is the second client hello in a hello retry handshake */ - if (s2n_is_hello_retry_handshake(conn) && - conn->handshake.message_number > 0) { - + if (s2n_is_hello_retry_handshake(conn) && conn->handshake.message_number > 0) { /** *= https://tools.ietf.org/rfc/rfc8446#4.1.4 *# Servers MUST ensure that they negotiate the @@ -455,7 +452,8 @@ int s2n_process_client_hello(struct s2n_connection *conn) *# negotiation, then this will happen automatically). **/ POSIX_ENSURE(s2n_constant_time_equals(previous_cipher_suite_iana, conn->secure->cipher_suite->iana_value, - S2N_TLS_CIPHER_SUITE_LEN),S2N_ERR_BAD_MESSAGE); + S2N_TLS_CIPHER_SUITE_LEN), + S2N_ERR_BAD_MESSAGE); } /* If we're using a PSK, we don't need to choose a signature algorithm or certificate, @@ -466,8 +464,8 @@ int s2n_process_client_hello(struct s2n_connection *conn) /* And set the signature and hash algorithm used for key exchange signatures */ POSIX_GUARD(s2n_choose_sig_scheme_from_peer_preference_list(conn, - &conn->handshake_params.client_sig_hash_algs, - &conn->handshake_params.conn_sig_scheme)); + &conn->handshake_params.client_sig_hash_algs, + &conn->handshake_params.conn_sig_scheme)); /* And finally, set the certs specified by the final auth + sig_alg combo. */ POSIX_GUARD(s2n_select_certs_for_server_auth(conn, &conn->handshake_params.our_chain_and_key)); @@ -480,14 +478,14 @@ static S2N_RESULT s2n_client_hello_process_cb_response(struct s2n_connection *co if (rc < 0) { goto fail; } - switch(conn->config->client_hello_cb_mode) { - case S2N_CLIENT_HELLO_CB_BLOCKING : { - if(rc) { + switch (conn->config->client_hello_cb_mode) { + case S2N_CLIENT_HELLO_CB_BLOCKING: { + if (rc) { conn->server_name_used = 1; } return S2N_RESULT_OK; } - case S2N_CLIENT_HELLO_CB_NONBLOCKING : { + case S2N_CLIENT_HELLO_CB_NONBLOCKING: { if (conn->client_hello.callback_async_done) { return S2N_RESULT_OK; } @@ -501,7 +499,8 @@ static S2N_RESULT s2n_client_hello_process_cb_response(struct s2n_connection *co RESULT_BAIL(S2N_ERR_CANCELLED); } -bool s2n_client_hello_invoke_callback(struct s2n_connection *conn) { +bool s2n_client_hello_invoke_callback(struct s2n_connection *conn) +{ /* Invoke only if the callback has not been called or if polling mode is enabled */ bool invoke = !conn->client_hello.callback_invoked || conn->config->client_hello_cb_enable_poll; /* @@ -568,7 +567,7 @@ int s2n_client_hello_send(struct s2n_connection *conn) } struct s2n_stuffer *out = &conn->handshake.io; - uint8_t client_protocol_version[S2N_TLS_PROTOCOL_VERSION_LEN] = {0}; + uint8_t client_protocol_version[S2N_TLS_PROTOCOL_VERSION_LEN] = { 0 }; uint8_t reported_protocol_version = MIN(conn->client_protocol_version, S2N_TLS12); client_protocol_version[0] = reported_protocol_version / 10; @@ -703,7 +702,7 @@ int s2n_sslv2_client_hello_recv(struct s2n_connection *conn) conn->session_id_len = (uint8_t) session_id_length; } - struct s2n_blob b = {0}; + struct s2n_blob b = { 0 }; POSIX_GUARD(s2n_blob_init(&b, conn->handshake_params.client_random, S2N_TLS_RANDOM_DATA_LEN)); b.data += S2N_TLS_RANDOM_DATA_LEN - challenge_length; @@ -785,7 +784,7 @@ static S2N_RESULT s2n_client_hello_get_raw_extension(uint16_t extension_iana, RESULT_ENSURE_REF(raw_extensions); RESULT_ENSURE_REF(extension); - *extension = (struct s2n_blob) { 0 }; + *extension = (struct s2n_blob){ 0 }; struct s2n_stuffer raw_extensions_stuffer = { 0 }; RESULT_GUARD_POSIX(s2n_stuffer_init(&raw_extensions_stuffer, raw_extensions)); diff --git a/tls/s2n_client_hello.h b/tls/s2n_client_hello.h index 1d6afd95d5f..07a0cbf4786 100644 --- a/tls/s2n_client_hello.h +++ b/tls/s2n_client_hello.h @@ -16,11 +16,10 @@ #pragma once #include -#include "api/s2n.h" +#include "api/s2n.h" #include "stuffer/s2n_stuffer.h" #include "tls/extensions/s2n_extension_list.h" - #include "utils/s2n_array.h" /* * the 'data' pointers in the below blobs @@ -33,9 +32,9 @@ struct s2n_client_hello { struct s2n_blob cipher_suites; struct s2n_blob session_id; - unsigned int callback_invoked:1; - unsigned int callback_async_blocked:1; - unsigned int callback_async_done:1; + unsigned int callback_invoked : 1; + unsigned int callback_async_blocked : 1; + unsigned int callback_async_done : 1; /* * Marks if the client hello has been parsed. * @@ -43,7 +42,7 @@ struct s2n_client_hello { * two different client_hello during a single handshake if the server * issues a hello retry. */ - unsigned int parsed:1; + unsigned int parsed : 1; }; int s2n_client_hello_free(struct s2n_client_hello *client_hello); diff --git a/tls/s2n_client_hello_request.c b/tls/s2n_client_hello_request.c index 188f9440cc0..699018f575c 100644 --- a/tls/s2n_client_hello_request.c +++ b/tls/s2n_client_hello_request.c @@ -14,7 +14,6 @@ */ #include "api/s2n.h" - #include "tls/s2n_alerts.h" #include "tls/s2n_connection.h" #include "utils/s2n_safety.h" diff --git a/tls/s2n_client_key_exchange.c b/tls/s2n_client_key_exchange.c index 16704d17263..bfd22667f90 100644 --- a/tls/s2n_client_key_exchange.c +++ b/tls/s2n_client_key_exchange.c @@ -14,27 +14,23 @@ */ #include -#include "api/s2n.h" +#include "api/s2n.h" +#include "crypto/s2n_dhe.h" +#include "crypto/s2n_pkey.h" +#include "crypto/s2n_rsa.h" #include "error/s2n_errno.h" - +#include "stuffer/s2n_stuffer.h" #include "tls/s2n_async_pkey.h" -#include "tls/s2n_handshake.h" -#include "tls/s2n_kem.h" #include "tls/s2n_cipher_suites.h" #include "tls/s2n_connection.h" +#include "tls/s2n_handshake.h" +#include "tls/s2n_kem.h" #include "tls/s2n_kex.h" #include "tls/s2n_key_log.h" #include "tls/s2n_resume.h" - -#include "stuffer/s2n_stuffer.h" - -#include "crypto/s2n_dhe.h" -#include "crypto/s2n_rsa.h" -#include "crypto/s2n_pkey.h" - -#include "utils/s2n_safety.h" #include "utils/s2n_random.h" +#include "utils/s2n_safety.h" #define get_client_hello_protocol_version(conn) (conn->client_hello_version == S2N_SSLv2 ? conn->client_protocol_version : conn->client_hello_version) @@ -61,7 +57,7 @@ static int s2n_hybrid_client_action(struct s2n_connection *conn, struct s2n_blob POSIX_ENSURE_REF(client_key_exchange_message->data); const uint32_t start_cursor = *cursor; - DEFER_CLEANUP(struct s2n_blob shared_key_0 = {0}, s2n_free); + DEFER_CLEANUP(struct s2n_blob shared_key_0 = { 0 }, s2n_free); POSIX_GUARD_RESULT(kex_method(hybrid_kex_0, conn, &shared_key_0)); struct s2n_blob *shared_key_1 = &(conn->kex_params.kem_params.shared_secret); @@ -72,7 +68,7 @@ static int s2n_hybrid_client_action(struct s2n_connection *conn, struct s2n_blob client_key_exchange_message->size = end_cursor - start_cursor; POSIX_GUARD(s2n_alloc(combined_shared_key, shared_key_0.size + shared_key_1->size)); - struct s2n_stuffer stuffer_combiner = {0}; + struct s2n_stuffer stuffer_combiner = { 0 }; POSIX_GUARD(s2n_stuffer_init(&stuffer_combiner, combined_shared_key)); POSIX_GUARD(s2n_stuffer_write(&stuffer_combiner, &shared_key_0)); POSIX_GUARD(s2n_stuffer_write(&stuffer_combiner, shared_key_1)); @@ -134,7 +130,7 @@ int s2n_rsa_client_key_recv(struct s2n_connection *conn, struct s2n_blob *shared client_hello_protocol_version[1] = legacy_client_hello_protocol_version % 10; /* Decrypt the pre-master secret */ - struct s2n_blob encrypted = {.size = length, .data = s2n_stuffer_raw_read(in, length)}; + struct s2n_blob encrypted = { .size = length, .data = s2n_stuffer_raw_read(in, length) }; POSIX_ENSURE_REF(encrypted.data); POSIX_ENSURE_GT(encrypted.size, 0); @@ -279,7 +275,7 @@ int s2n_rsa_client_key_send(struct s2n_connection *conn, struct s2n_blob *shared POSIX_GUARD(s2n_stuffer_write_uint16(&conn->handshake.io, encrypted_size)); } - struct s2n_blob encrypted = {0}; + struct s2n_blob encrypted = { 0 }; encrypted.data = s2n_stuffer_raw_write(&conn->handshake.io, encrypted_size); encrypted.size = encrypted_size; POSIX_ENSURE_REF(encrypted.data); @@ -315,7 +311,7 @@ int s2n_kem_client_key_send(struct s2n_connection *conn, struct s2n_blob *shared int s2n_hybrid_client_key_send(struct s2n_connection *conn, struct s2n_blob *combined_shared_key) { return s2n_hybrid_client_action(conn, combined_shared_key, &s2n_kex_client_key_send, &conn->handshake.io.write_cursor, - s2n_stuffer_raw_write); + s2n_stuffer_raw_write); } int s2n_client_key_send(struct s2n_connection *conn) diff --git a/tls/s2n_client_key_exchange.h b/tls/s2n_client_key_exchange.h index 5389988dcc0..4b1f91f8f54 100644 --- a/tls/s2n_client_key_exchange.h +++ b/tls/s2n_client_key_exchange.h @@ -30,6 +30,6 @@ int s2n_rsa_client_key_recv(struct s2n_connection *conn, struct s2n_blob *shared int s2n_kem_client_key_recv(struct s2n_connection *conn, struct s2n_blob *shared_key); int s2n_hybrid_client_key_recv(struct s2n_connection *conn, struct s2n_blob *shared_key); -int s2n_dhe_client_key_external(struct s2n_connection * conn, struct s2n_blob* shared_key); -int s2n_ecdhe_client_key_external(struct s2n_connection * conn, struct s2n_blob* shared_key); +int s2n_dhe_client_key_external(struct s2n_connection *conn, struct s2n_blob *shared_key); +int s2n_ecdhe_client_key_external(struct s2n_connection *conn, struct s2n_blob *shared_key); int s2n_rsa_client_key_external(struct s2n_connection *conn, struct s2n_blob *shared_key); diff --git a/tls/s2n_config.c b/tls/s2n_config.c index f20cc634ce2..6d6d2c1b4f1 100644 --- a/tls/s2n_config.c +++ b/tls/s2n_config.c @@ -16,35 +16,33 @@ #include #include -#include "error/s2n_errno.h" - #include "crypto/s2n_certificate.h" #include "crypto/s2n_fips.h" - +#include "crypto/s2n_hkdf.h" +#include "error/s2n_errno.h" #include "tls/s2n_cipher_preferences.h" #include "tls/s2n_internal.h" #include "tls/s2n_security_policies.h" #include "tls/s2n_tls13.h" -#include "utils/s2n_safety.h" -#include "crypto/s2n_hkdf.h" -#include "utils/s2n_map.h" #include "utils/s2n_blob.h" +#include "utils/s2n_map.h" +#include "utils/s2n_safety.h" #if defined(CLOCK_MONOTONIC_RAW) -#define S2N_CLOCK_HW CLOCK_MONOTONIC_RAW + #define S2N_CLOCK_HW CLOCK_MONOTONIC_RAW #else -#define S2N_CLOCK_HW CLOCK_MONOTONIC + #define S2N_CLOCK_HW CLOCK_MONOTONIC #endif #define S2N_CLOCK_SYS CLOCK_REALTIME static int monotonic_clock(void *data, uint64_t *nanoseconds) { - struct timespec current_time = {0}; + struct timespec current_time = { 0 }; POSIX_GUARD(clock_gettime(S2N_CLOCK_HW, ¤t_time)); - *nanoseconds = (uint64_t)current_time.tv_sec * 1000000000ull; + *nanoseconds = (uint64_t) current_time.tv_sec * 1000000000ull; *nanoseconds += current_time.tv_nsec; return 0; @@ -52,19 +50,19 @@ static int monotonic_clock(void *data, uint64_t *nanoseconds) static int wall_clock(void *data, uint64_t *nanoseconds) { - struct timespec current_time = {0}; + struct timespec current_time = { 0 }; POSIX_GUARD(clock_gettime(S2N_CLOCK_SYS, ¤t_time)); - *nanoseconds = (uint64_t)current_time.tv_sec * 1000000000ull; + *nanoseconds = (uint64_t) current_time.tv_sec * 1000000000ull; *nanoseconds += current_time.tv_nsec; return 0; } -static struct s2n_config s2n_default_config = {0}; -static struct s2n_config s2n_default_fips_config = {0}; -static struct s2n_config s2n_default_tls13_config = {0}; +static struct s2n_config s2n_default_config = { 0 }; +static struct s2n_config s2n_default_fips_config = { 0 }; +static struct s2n_config s2n_default_tls13_config = { 0 }; static int s2n_config_setup_default(struct s2n_config *config) { @@ -135,8 +133,8 @@ static int s2n_config_cleanup(struct s2n_config *config) } static int s2n_config_update_domain_name_to_cert_map(struct s2n_config *config, - struct s2n_blob *name, - struct s2n_cert_chain_and_key *cert_key_pair) + struct s2n_blob *name, + struct s2n_cert_chain_and_key *cert_key_pair) { POSIX_ENSURE_REF(config); POSIX_ENSURE_REF(name); @@ -151,7 +149,7 @@ static int s2n_config_update_domain_name_to_cert_map(struct s2n_config *config, bool key_found = false; POSIX_GUARD_RESULT(s2n_map_lookup(domain_name_to_cert_map, name, &s2n_map_value, &key_found)); if (!key_found) { - struct certs_by_type value = {{ 0 }}; + struct certs_by_type value = { { 0 } }; value.certs[cert_type] = cert_key_pair; s2n_map_value.data = (uint8_t *) &value; s2n_map_value.size = sizeof(struct certs_by_type); @@ -185,7 +183,6 @@ static int s2n_config_update_domain_name_to_cert_map(struct s2n_config *config, static int s2n_config_build_domain_name_to_cert_map(struct s2n_config *config, struct s2n_cert_chain_and_key *cert_key_pair) { - uint32_t cn_len = 0; POSIX_GUARD_RESULT(s2n_array_num_elements(cert_key_pair->cn_names, &cn_len)); uint32_t san_len = 0; @@ -194,13 +191,13 @@ static int s2n_config_build_domain_name_to_cert_map(struct s2n_config *config, s if (san_len == 0) { for (uint32_t i = 0; i < cn_len; i++) { struct s2n_blob *cn_name = NULL; - POSIX_GUARD_RESULT(s2n_array_get(cert_key_pair->cn_names, i, (void **)&cn_name)); + POSIX_GUARD_RESULT(s2n_array_get(cert_key_pair->cn_names, i, (void **) &cn_name)); POSIX_GUARD(s2n_config_update_domain_name_to_cert_map(config, cn_name, cert_key_pair)); } } else { for (uint32_t i = 0; i < san_len; i++) { struct s2n_blob *san_name = NULL; - POSIX_GUARD_RESULT(s2n_array_get(cert_key_pair->san_names, i, (void **)&san_name)); + POSIX_GUARD_RESULT(s2n_array_get(cert_key_pair->san_names, i, (void **) &san_name)); POSIX_GUARD(s2n_config_update_domain_name_to_cert_map(config, san_name, cert_key_pair)); } } @@ -257,13 +254,13 @@ void s2n_wipe_static_configs(void) struct s2n_config *s2n_config_new(void) { - struct s2n_blob allocator = {0}; + struct s2n_blob allocator = { 0 }; struct s2n_config *new_config; PTR_GUARD_POSIX(s2n_alloc(&allocator, sizeof(struct s2n_config))); PTR_GUARD_POSIX(s2n_blob_zero(&allocator)); - new_config = (struct s2n_config *)(void *)allocator.data; + new_config = (struct s2n_config *) (void *) allocator.data; if (s2n_config_init(new_config) != S2N_SUCCESS) { s2n_free(&allocator); return NULL; @@ -289,11 +286,11 @@ static int s2n_verify_unique_ticket_key_comparator(const void *a, const void *b) int s2n_config_init_session_ticket_keys(struct s2n_config *config) { if (config->ticket_keys == NULL) { - POSIX_ENSURE_REF(config->ticket_keys = s2n_set_new(sizeof(struct s2n_ticket_key), s2n_config_store_ticket_key_comparator)); + POSIX_ENSURE_REF(config->ticket_keys = s2n_set_new(sizeof(struct s2n_ticket_key), s2n_config_store_ticket_key_comparator)); } if (config->ticket_key_hashes == NULL) { - POSIX_ENSURE_REF(config->ticket_key_hashes = s2n_set_new(SHA_DIGEST_LENGTH, s2n_verify_unique_ticket_key_comparator)); + POSIX_ENSURE_REF(config->ticket_key_hashes = s2n_set_new(SHA_DIGEST_LENGTH, s2n_verify_unique_ticket_key_comparator)); } return 0; @@ -343,7 +340,7 @@ int s2n_config_free_dhparams(struct s2n_config *config) POSIX_GUARD(s2n_dh_params_free(config->dhparams)); } - POSIX_GUARD(s2n_free_object((uint8_t **)&config->dhparams, sizeof(struct s2n_dh_params))); + POSIX_GUARD(s2n_free_object((uint8_t **) &config->dhparams, sizeof(struct s2n_dh_params))); return 0; } @@ -359,7 +356,7 @@ int s2n_config_free(struct s2n_config *config) { s2n_config_cleanup(config); - POSIX_GUARD(s2n_free_object((uint8_t **)&config, sizeof(struct s2n_config))); + POSIX_GUARD(s2n_free_object((uint8_t **) &config, sizeof(struct s2n_config))); return 0; } @@ -436,7 +433,6 @@ int s2n_config_set_max_cert_chain_depth(struct s2n_config *config, uint16_t max_ return 0; } - int s2n_config_set_status_request_type(struct s2n_config *config, s2n_status_request_type type) { S2N_ERROR_IF(type == S2N_STATUS_REQUEST_OCSP && !s2n_x509_ocsp_stapling_supported(), S2N_ERR_OCSP_NOT_SUPPORTED); @@ -563,8 +559,8 @@ static int s2n_config_clear_default_certificates(struct s2n_config *config) } int s2n_config_set_cert_chain_and_key_defaults(struct s2n_config *config, - struct s2n_cert_chain_and_key **cert_key_pairs, - uint32_t num_cert_key_pairs) + struct s2n_cert_chain_and_key **cert_key_pairs, + uint32_t num_cert_key_pairs) { POSIX_ENSURE_REF(config); POSIX_ENSURE_REF(cert_key_pairs); @@ -577,7 +573,7 @@ int s2n_config_set_cert_chain_and_key_defaults(struct s2n_config *config, POSIX_ENSURE(config->cert_ownership != S2N_LIB_OWNED, S2N_ERR_CERT_OWNERSHIP); /* Validate certs being set before clearing auto-chosen defaults or previously set defaults */ - struct certs_by_type new_defaults = {{ 0 }}; + struct certs_by_type new_defaults = { { 0 } }; for (uint32_t i = 0; i < num_cert_key_pairs; i++) { POSIX_ENSURE_REF(cert_key_pairs[i]); s2n_pkey_type cert_type = s2n_cert_chain_and_key_get_pkey_type(cert_key_pairs[i]); @@ -599,14 +595,14 @@ int s2n_config_set_cert_chain_and_key_defaults(struct s2n_config *config, int s2n_config_add_dhparams(struct s2n_config *config, const char *dhparams_pem) { - DEFER_CLEANUP(struct s2n_stuffer dhparams_in_stuffer = {0}, s2n_stuffer_free); - DEFER_CLEANUP(struct s2n_stuffer dhparams_out_stuffer = {0}, s2n_stuffer_free); - struct s2n_blob dhparams_blob = {0}; - struct s2n_blob mem = {0}; + DEFER_CLEANUP(struct s2n_stuffer dhparams_in_stuffer = { 0 }, s2n_stuffer_free); + DEFER_CLEANUP(struct s2n_stuffer dhparams_out_stuffer = { 0 }, s2n_stuffer_free); + struct s2n_blob dhparams_blob = { 0 }; + struct s2n_blob mem = { 0 }; /* Allocate the memory for the chain and key struct */ POSIX_GUARD(s2n_alloc(&mem, sizeof(struct s2n_dh_params))); - config->dhparams = (struct s2n_dh_params *)(void *)mem.data; + config->dhparams = (struct s2n_dh_params *) (void *) mem.data; if (s2n_stuffer_alloc_ro_from_string(&dhparams_in_stuffer, dhparams_pem) != S2N_SUCCESS) { s2n_free(&mem); @@ -716,8 +712,7 @@ int s2n_config_set_client_hello_cb(struct s2n_config *config, s2n_client_hello_f int s2n_config_set_client_hello_cb_mode(struct s2n_config *config, s2n_client_hello_cb_mode cb_mode) { POSIX_ENSURE_REF(config); - POSIX_ENSURE(cb_mode == S2N_CLIENT_HELLO_CB_BLOCKING || - cb_mode == S2N_CLIENT_HELLO_CB_NONBLOCKING, S2N_ERR_INVALID_STATE); + POSIX_ENSURE(cb_mode == S2N_CLIENT_HELLO_CB_BLOCKING || cb_mode == S2N_CLIENT_HELLO_CB_NONBLOCKING, S2N_ERR_INVALID_STATE); config->client_hello_cb_mode = cb_mode; return S2N_SUCCESS; @@ -744,7 +739,7 @@ int s2n_config_accept_max_fragment_length(struct s2n_config *config) } int s2n_config_set_session_state_lifetime(struct s2n_config *config, - uint64_t lifetime_in_secs) + uint64_t lifetime_in_secs) { POSIX_ENSURE_REF(config); @@ -785,8 +780,7 @@ int s2n_config_set_session_cache_onoff(struct s2n_config *config, uint8_t enable if (enabled && config->cache_store && config->cache_retrieve && config->cache_delete) { POSIX_GUARD(s2n_config_init_session_ticket_keys(config)); config->use_session_cache = 1; - } - else { + } else { if (!config->use_tickets) { POSIX_GUARD(s2n_config_free_session_ticket_keys(config)); } @@ -796,7 +790,7 @@ int s2n_config_set_session_cache_onoff(struct s2n_config *config, uint8_t enable } int s2n_config_set_ticket_encrypt_decrypt_key_lifetime(struct s2n_config *config, - uint64_t lifetime_in_secs) + uint64_t lifetime_in_secs) { POSIX_ENSURE_REF(config); @@ -805,7 +799,7 @@ int s2n_config_set_ticket_encrypt_decrypt_key_lifetime(struct s2n_config *config } int s2n_config_set_ticket_decrypt_key_lifetime(struct s2n_config *config, - uint64_t lifetime_in_secs) + uint64_t lifetime_in_secs) { POSIX_ENSURE_REF(config); @@ -814,9 +808,9 @@ int s2n_config_set_ticket_decrypt_key_lifetime(struct s2n_config *config, } int s2n_config_add_ticket_crypto_key(struct s2n_config *config, - const uint8_t *name, uint32_t name_len, - uint8_t *key, uint32_t key_len, - uint64_t intro_time_in_seconds_from_epoch) + const uint8_t *name, uint32_t name_len, + uint8_t *key, uint32_t key_len, + uint64_t intro_time_in_seconds_from_epoch) { POSIX_ENSURE_REF(config); POSIX_ENSURE_REF(name); @@ -944,7 +938,8 @@ int s2n_config_set_psk_selection_callback(struct s2n_config *config, s2n_psk_sel return S2N_SUCCESS; } -int s2n_config_set_key_log_cb(struct s2n_config *config, s2n_key_log_fn callback, void *ctx) { +int s2n_config_set_key_log_cb(struct s2n_config *config, s2n_key_log_fn callback, void *ctx) +{ POSIX_ENSURE_MUT(config); config->key_log_cb = callback; @@ -953,10 +948,11 @@ int s2n_config_set_key_log_cb(struct s2n_config *config, s2n_key_log_fn callback return S2N_SUCCESS; } -int s2n_config_set_async_pkey_validation_mode(struct s2n_config *config, s2n_async_pkey_validation_mode mode) { +int s2n_config_set_async_pkey_validation_mode(struct s2n_config *config, s2n_async_pkey_validation_mode mode) +{ POSIX_ENSURE_REF(config); - switch(mode) { + switch (mode) { case S2N_ASYNC_PKEY_VALIDATION_FAST: case S2N_ASYNC_PKEY_VALIDATION_STRICT: config->async_pkey_validation_mode = mode; @@ -966,7 +962,8 @@ int s2n_config_set_async_pkey_validation_mode(struct s2n_config *config, s2n_asy POSIX_BAIL(S2N_ERR_INVALID_ARGUMENT); } -int s2n_config_set_ctx(struct s2n_config *config, void *ctx) { +int s2n_config_set_ctx(struct s2n_config *config, void *ctx) +{ POSIX_ENSURE_REF(config); config->context = ctx; @@ -974,7 +971,8 @@ int s2n_config_set_ctx(struct s2n_config *config, void *ctx) { return S2N_SUCCESS; } -int s2n_config_get_ctx(struct s2n_config *config, void **ctx) { +int s2n_config_get_ctx(struct s2n_config *config, void **ctx) +{ POSIX_ENSURE_REF(config); POSIX_ENSURE_REF(ctx); @@ -988,7 +986,8 @@ int s2n_config_get_ctx(struct s2n_config *config, void **ctx) { * * Polling means that the callback function can be called multiple times. */ -int s2n_config_client_hello_cb_enable_poll(struct s2n_config *config) { +int s2n_config_client_hello_cb_enable_poll(struct s2n_config *config) +{ POSIX_ENSURE_REF(config); config->client_hello_cb_enable_poll = 1; @@ -996,7 +995,8 @@ int s2n_config_client_hello_cb_enable_poll(struct s2n_config *config) { return S2N_SUCCESS; } -int s2n_config_set_send_buffer_size(struct s2n_config *config, uint32_t size) { +int s2n_config_set_send_buffer_size(struct s2n_config *config, uint32_t size) +{ POSIX_ENSURE_REF(config); POSIX_ENSURE(size >= S2N_TLS_MAX_RECORD_LEN_FOR(S2N_MAX_FRAGMENT_LENGTH_MIN), S2N_ERR_INVALID_ARGUMENT); config->send_buffer_size_override = size; diff --git a/tls/s2n_config.h b/tls/s2n_config.h index d4117f6d79b..96969be9710 100644 --- a/tls/s2n_config.h +++ b/tls/s2n_config.h @@ -18,15 +18,15 @@ #include "api/s2n.h" #include "crypto/s2n_certificate.h" #include "crypto/s2n_dhe.h" +#include "tls/s2n_crl.h" #include "tls/s2n_psk.h" #include "tls/s2n_renegotiate.h" #include "tls/s2n_resume.h" #include "tls/s2n_x509_validator.h" #include "utils/s2n_blob.h" #include "utils/s2n_set.h" -#include "tls/s2n_crl.h" -#define S2N_MAX_TICKET_KEYS 48 +#define S2N_MAX_TICKET_KEYS 48 #define S2N_MAX_TICKET_KEY_HASHES 500 /* 10KB */ struct s2n_cipher_preferences; @@ -38,51 +38,51 @@ typedef enum { } s2n_cert_ownership; struct s2n_config { - unsigned use_tickets:1; + unsigned use_tickets : 1; /* Whether a connection can be used by a QUIC implementation. * See s2n_quic_support.h */ - unsigned quic_enabled:1; + unsigned quic_enabled : 1; - unsigned default_certs_are_explicit:1; - unsigned use_session_cache:1; + unsigned default_certs_are_explicit : 1; + unsigned use_session_cache : 1; /* if this is FALSE, server will ignore client's Maximum Fragment Length request */ - unsigned accept_mfl:1; - unsigned check_ocsp:1; - unsigned disable_x509_validation:1; - unsigned max_verify_cert_chain_depth_set:1; + unsigned accept_mfl : 1; + unsigned check_ocsp : 1; + unsigned disable_x509_validation : 1; + unsigned max_verify_cert_chain_depth_set : 1; /* Whether to add dss cert type during a server certificate request. * See https://github.com/aws/s2n-tls/blob/main/docs/USAGE-GUIDE.md */ - unsigned cert_req_dss_legacy_compat_enabled:1; + unsigned cert_req_dss_legacy_compat_enabled : 1; /* Whether any RSA certificates have been configured server-side to send to clients. This is needed so that the * server knows whether or not to self-downgrade to TLS 1.2 if the server is compiled with Openssl 1.0.2 and does * not support RSA PSS signing (which is required for TLS 1.3). */ - unsigned is_rsa_cert_configured:1; + unsigned is_rsa_cert_configured : 1; /* It's possible to use a certificate without loading the private key, * but async signing must be enabled. Use this flag to enforce that restriction. */ - unsigned no_signing_key:1; + unsigned no_signing_key : 1; /* * This option exists to allow for polling the client_hello callback. * * Note: This defaults to false to ensure backwards compatibility. */ - unsigned client_hello_cb_enable_poll:1; + unsigned client_hello_cb_enable_poll : 1; /* * Whether to verify signatures locally before sending them over the wire. * See s2n_config_set_verify_after_sign. */ - unsigned verify_after_sign:1; + unsigned verify_after_sign : 1; /* Indicates support for the npn extension */ - unsigned npn_supported:1; + unsigned npn_supported : 1; /* Indicates s2n_recv should read as much as it can into the output buffer * * Note: This defaults to false to ensure backwards compatability with * applications which relied on s2n_recv returning a single record. */ - unsigned recv_multi_record:1; + unsigned recv_multi_record : 1; struct s2n_dh_params *dhparams; /* Needed until we can deprecate s2n_config_add_cert_chain_and_key. This is diff --git a/tls/s2n_connection.c b/tls/s2n_connection.c index c7b5e699517..d599be86597 100644 --- a/tls/s2n_connection.c +++ b/tls/s2n_connection.c @@ -13,40 +13,36 @@ * permissions and limitations under the License. */ +#include "tls/s2n_connection.h" + +#include #include #include #include #include +#include #include #include -#include #include "api/s2n.h" -#include - +#include "crypto/s2n_certificate.h" +#include "crypto/s2n_cipher.h" +#include "crypto/s2n_crypto.h" #include "crypto/s2n_fips.h" - +#include "crypto/s2n_openssl_x509.h" #include "error/s2n_errno.h" - #include "tls/extensions/s2n_client_server_name.h" #include "tls/s2n_alerts.h" #include "tls/s2n_cipher_suites.h" -#include "tls/s2n_connection.h" #include "tls/s2n_handshake.h" -#include "tls/s2n_kem.h" #include "tls/s2n_internal.h" +#include "tls/s2n_kem.h" #include "tls/s2n_prf.h" #include "tls/s2n_record.h" #include "tls/s2n_resume.h" #include "tls/s2n_security_policies.h" #include "tls/s2n_tls.h" #include "tls/s2n_tls_parameters.h" - -#include "crypto/s2n_certificate.h" -#include "crypto/s2n_cipher.h" -#include "crypto/s2n_crypto.h" -#include "crypto/s2n_openssl_x509.h" - #include "utils/s2n_blob.h" #include "utils/s2n_compiler.h" #include "utils/s2n_mem.h" @@ -56,7 +52,7 @@ #include "utils/s2n_timer.h" #define S2N_SET_KEY_SHARE_LIST_EMPTY(keyshares) (keyshares |= 1) -#define S2N_SET_KEY_SHARE_REQUEST(keyshares, i) (keyshares |= ( 1 << ( i + 1 ))) +#define S2N_SET_KEY_SHARE_REQUEST(keyshares, i) (keyshares |= (1 << (i + 1))) /* Allocates and initializes memory for a new connection. * @@ -64,14 +60,14 @@ * initialized in `s2n_connection_wipe` where possible. */ struct s2n_connection *s2n_connection_new(s2n_mode mode) { - struct s2n_blob blob = {0}; + struct s2n_blob blob = { 0 }; PTR_GUARD_POSIX(s2n_alloc(&blob, sizeof(struct s2n_connection))); PTR_GUARD_POSIX(s2n_blob_zero(&blob)); /* Cast 'through' void to acknowledge that we are changing alignment, * which is ok, as blob.data is always aligned. */ - struct s2n_connection* conn = (struct s2n_connection *)(void *)blob.data; + struct s2n_connection *conn = (struct s2n_connection *) (void *) blob.data; PTR_GUARD_POSIX(s2n_connection_set_config(conn, s2n_fetch_default_config())); @@ -79,19 +75,19 @@ struct s2n_connection *s2n_connection_new(s2n_mode mode) conn->mode = mode; /* Allocate the fixed-size stuffers */ - blob = (struct s2n_blob) {0}; + blob = (struct s2n_blob){ 0 }; PTR_GUARD_POSIX(s2n_blob_init(&blob, conn->alert_in_data, S2N_ALERT_LENGTH)); PTR_GUARD_POSIX(s2n_stuffer_init(&conn->alert_in, &blob)); - blob = (struct s2n_blob) {0}; + blob = (struct s2n_blob){ 0 }; PTR_GUARD_POSIX(s2n_blob_init(&blob, conn->reader_alert_out_data, S2N_ALERT_LENGTH)); PTR_GUARD_POSIX(s2n_stuffer_init(&conn->reader_alert_out, &blob)); - blob = (struct s2n_blob) {0}; + blob = (struct s2n_blob){ 0 }; PTR_GUARD_POSIX(s2n_blob_init(&blob, conn->writer_alert_out_data, S2N_ALERT_LENGTH)); PTR_GUARD_POSIX(s2n_stuffer_init(&conn->writer_alert_out, &blob)); - blob = (struct s2n_blob) {0}; + blob = (struct s2n_blob){ 0 }; PTR_GUARD_POSIX(s2n_blob_init(&blob, conn->ticket_ext_data, S2N_TLS12_TICKET_SIZE_IN_BYTES)); PTR_GUARD_POSIX(s2n_stuffer_init(&conn->client_ticket_to_decrypt, &blob)); @@ -102,7 +98,7 @@ struct s2n_connection *s2n_connection_new(s2n_mode mode) /* Initialize the growable stuffers. Zero length at first, but the resize * in _wipe will fix that */ - blob = (struct s2n_blob) {0}; + blob = (struct s2n_blob){ 0 }; PTR_GUARD_POSIX(s2n_blob_init(&blob, conn->header_in_data, S2N_TLS_RECORD_HEADER_LENGTH)); PTR_GUARD_POSIX(s2n_stuffer_init(&conn->header_in, &blob)); PTR_GUARD_POSIX(s2n_stuffer_growable_alloc(&conn->out, 0)); @@ -169,7 +165,7 @@ static int s2n_connection_free_managed_recv_io(struct s2n_connection *conn) POSIX_ENSURE_REF(conn); if (conn->managed_recv_io) { - POSIX_GUARD(s2n_free_object((uint8_t **)&conn->recv_io_context, sizeof(struct s2n_socket_read_io_context))); + POSIX_GUARD(s2n_free_object((uint8_t **) &conn->recv_io_context, sizeof(struct s2n_socket_read_io_context))); conn->managed_recv_io = false; conn->recv = NULL; } @@ -181,7 +177,7 @@ static int s2n_connection_free_managed_send_io(struct s2n_connection *conn) POSIX_ENSURE_REF(conn); if (conn->managed_send_io) { - POSIX_GUARD(s2n_free_object((uint8_t **)&conn->send_io_context, sizeof(struct s2n_socket_write_io_context))); + POSIX_GUARD(s2n_free_object((uint8_t **) &conn->send_io_context, sizeof(struct s2n_socket_write_io_context))); conn->managed_send_io = false; conn->send = NULL; } @@ -197,10 +193,10 @@ static int s2n_connection_free_managed_io(struct s2n_connection *conn) static int s2n_connection_wipe_io(struct s2n_connection *conn) { - if (s2n_connection_is_managed_corked(conn) && conn->recv){ + if (s2n_connection_is_managed_corked(conn) && conn->recv) { POSIX_GUARD(s2n_socket_read_restore(conn)); } - if (s2n_connection_is_managed_corked(conn) && conn->send){ + if (s2n_connection_is_managed_corked(conn) && conn->send) { POSIX_GUARD(s2n_socket_write_restore(conn)); } @@ -222,8 +218,7 @@ static uint8_t s2n_default_verify_host(const char *host_name, size_t len, void * } /* complete match */ - if (strlen(conn->server_name) == len && - strncasecmp(conn->server_name, host_name, len) == 0) { + if (strlen(conn->server_name) == len && strncasecmp(conn->server_name, host_name, len) == 0) { return 1; } @@ -235,8 +230,7 @@ static uint8_t s2n_default_verify_host(const char *host_name, size_t len, void * return 0; } - if (strlen(suffix) == len - 1 && - strncasecmp(suffix, host_name + 1, len - 1) == 0) { + if (strlen(suffix) == len - 1 && strncasecmp(suffix, host_name + 1, len - 1) == 0) { return 1; } } @@ -278,7 +272,7 @@ int s2n_connection_free(struct s2n_connection *conn) POSIX_GUARD(s2n_free(&conn->cookie)); POSIX_GUARD_RESULT(s2n_crypto_parameters_free(&conn->initial)); POSIX_GUARD_RESULT(s2n_crypto_parameters_free(&conn->secure)); - POSIX_GUARD(s2n_free_object((uint8_t **)&conn, sizeof(struct s2n_connection))); + POSIX_GUARD(s2n_free_object((uint8_t **) &conn, sizeof(struct s2n_connection))); return 0; } @@ -309,8 +303,7 @@ int s2n_connection_set_config(struct s2n_connection *conn, struct s2n_config *co if (config->disable_x509_validation || dont_need_x509_validation) { POSIX_GUARD(s2n_x509_validator_init_no_x509_validation(&conn->x509_validator)); - } - else { + } else { POSIX_GUARD(s2n_x509_validator_init(&conn->x509_validator, &config->trust_store, config->check_ocsp)); if (!conn->verify_host_fn_overridden) { if (config->verify_host != NULL) { @@ -449,14 +442,14 @@ int s2n_connection_wipe(struct s2n_connection *conn) /* First make a copy of everything we'd like to save, which isn't very much. */ int mode = conn->mode; struct s2n_config *config = conn->config; - struct s2n_stuffer alert_in = {0}; - struct s2n_stuffer reader_alert_out = {0}; - struct s2n_stuffer writer_alert_out = {0}; - struct s2n_stuffer client_ticket_to_decrypt = {0}; - struct s2n_stuffer handshake_io = {0}; - struct s2n_stuffer header_in = {0}; - struct s2n_stuffer in = {0}; - struct s2n_stuffer out = {0}; + struct s2n_stuffer alert_in = { 0 }; + struct s2n_stuffer reader_alert_out = { 0 }; + struct s2n_stuffer writer_alert_out = { 0 }; + struct s2n_stuffer client_ticket_to_decrypt = { 0 }; + struct s2n_stuffer handshake_io = { 0 }; + struct s2n_stuffer header_in = { 0 }; + struct s2n_stuffer in = { 0 }; + struct s2n_stuffer out = { 0 }; /* Some required structures might have been freed to conserve memory between handshakes. * Restore them. @@ -531,9 +524,9 @@ int s2n_connection_wipe(struct s2n_connection *conn) /* Clone the stuffers */ /* ignore gcc 4.7 address warnings because dest is allocated on the stack */ /* pragma gcc diagnostic was added in gcc 4.6 */ -#if S2N_GCC_VERSION_AT_LEAST(4,6,0) -#pragma GCC diagnostic push -#pragma GCC diagnostic ignored "-Waddress" +#if S2N_GCC_VERSION_AT_LEAST(4, 6, 0) + #pragma GCC diagnostic push + #pragma GCC diagnostic ignored "-Waddress" #endif POSIX_CHECKED_MEMCPY(&alert_in, &conn->alert_in, sizeof(struct s2n_stuffer)); POSIX_CHECKED_MEMCPY(&reader_alert_out, &conn->reader_alert_out, sizeof(struct s2n_stuffer)); @@ -543,8 +536,8 @@ int s2n_connection_wipe(struct s2n_connection *conn) POSIX_CHECKED_MEMCPY(&header_in, &conn->header_in, sizeof(struct s2n_stuffer)); POSIX_CHECKED_MEMCPY(&in, &conn->in, sizeof(struct s2n_stuffer)); POSIX_CHECKED_MEMCPY(&out, &conn->out, sizeof(struct s2n_stuffer)); -#if S2N_GCC_VERSION_AT_LEAST(4,6,0) -#pragma GCC diagnostic pop +#if S2N_GCC_VERSION_AT_LEAST(4, 6, 0) + #pragma GCC diagnostic pop #endif POSIX_GUARD(s2n_connection_zero(conn, mode, config)); @@ -577,8 +570,7 @@ int s2n_connection_wipe(struct s2n_connection *conn) conn->server_protocol_version = s2n_highest_protocol_version; conn->client_protocol_version = s2n_unknown_protocol_version; conn->actual_protocol_version = s2n_unknown_protocol_version; - } - else { + } else { /* For clients, also set actual_protocol_version. Record generation uses that value for the initial */ /* ClientHello record version. Not all servers ignore the record version in ClientHello. */ conn->server_protocol_version = s2n_unknown_protocol_version; @@ -708,7 +700,6 @@ int s2n_connection_get_signature_preferences(struct s2n_connection *conn, const POSIX_ENSURE_REF(*signature_preferences); return 0; - } int s2n_connection_get_ecc_preferences(struct s2n_connection *conn, const struct s2n_ecc_preferences **ecc_preferences) @@ -727,7 +718,6 @@ int s2n_connection_get_ecc_preferences(struct s2n_connection *conn, const struct POSIX_ENSURE_REF(*ecc_preferences); return 0; - } int s2n_connection_get_protocol_preferences(struct s2n_connection *conn, struct s2n_blob **protocol_preferences) @@ -771,14 +761,14 @@ int s2n_connection_set_client_auth_type(struct s2n_connection *conn, s2n_cert_au int s2n_connection_set_read_fd(struct s2n_connection *conn, int rfd) { - struct s2n_blob ctx_mem = {0}; + struct s2n_blob ctx_mem = { 0 }; struct s2n_socket_read_io_context *peer_socket_ctx; POSIX_ENSURE_REF(conn); POSIX_GUARD(s2n_alloc(&ctx_mem, sizeof(struct s2n_socket_read_io_context))); POSIX_GUARD(s2n_blob_zero(&ctx_mem)); - peer_socket_ctx = (struct s2n_socket_read_io_context *)(void *)ctx_mem.data; + peer_socket_ctx = (struct s2n_socket_read_io_context *) (void *) ctx_mem.data; peer_socket_ctx->fd = rfd; POSIX_GUARD(s2n_connection_set_recv_cb(conn, s2n_socket_read)); @@ -806,13 +796,13 @@ int s2n_connection_get_read_fd(struct s2n_connection *conn, int *readfd) int s2n_connection_set_write_fd(struct s2n_connection *conn, int wfd) { - struct s2n_blob ctx_mem = {0}; + struct s2n_blob ctx_mem = { 0 }; struct s2n_socket_write_io_context *peer_socket_ctx; POSIX_ENSURE_REF(conn); POSIX_GUARD(s2n_alloc(&ctx_mem, sizeof(struct s2n_socket_write_io_context))); - peer_socket_ctx = (struct s2n_socket_write_io_context *)(void *)ctx_mem.data; + peer_socket_ctx = (struct s2n_socket_write_io_context *) (void *) ctx_mem.data; peer_socket_ctx->fd = wfd; POSIX_GUARD(s2n_connection_set_send_cb(conn, s2n_socket_write)); @@ -890,14 +880,10 @@ int s2n_connection_get_cipher_iana_value(struct s2n_connection *conn, uint8_t *f POSIX_ENSURE_MUT(second); /* ensure we've negotiated a cipher suite */ - POSIX_ENSURE( - memcmp( - conn->secure->cipher_suite->iana_value, - s2n_null_cipher_suite.iana_value, - sizeof(s2n_null_cipher_suite.iana_value) - ) != 0, - S2N_ERR_INVALID_STATE - ); + POSIX_ENSURE(memcmp(conn->secure->cipher_suite->iana_value, + s2n_null_cipher_suite.iana_value, sizeof(s2n_null_cipher_suite.iana_value)) + != 0, + S2N_ERR_INVALID_STATE); const uint8_t *iana_value = conn->secure->cipher_suite->iana_value; *first = iana_value[0]; @@ -1073,8 +1059,8 @@ int s2n_connection_set_blinding(struct s2n_connection *conn, s2n_blinding blindi return 0; } -#define ONE_S INT64_C(1000000000) -#define TEN_S INT64_C(10000000000) +#define ONE_S INT64_C(1000000000) +#define TEN_S INT64_C(10000000000) uint64_t s2n_connection_get_delay(struct s2n_connection *conn) { @@ -1103,7 +1089,7 @@ S2N_CLEANUP_RESULT s2n_connection_apply_error_blinding(struct s2n_connection **c int error_code = s2n_errno; int error_type = s2n_error_get_type(error_code); - switch(error_type) { + switch (error_type) { case S2N_ERR_T_OK: /* Ignore no error */ return S2N_RESULT_OK; @@ -1114,7 +1100,7 @@ S2N_CLEANUP_RESULT s2n_connection_apply_error_blinding(struct s2n_connection **c break; } - switch(error_code) { + switch (error_code) { /* Don't invoke blinding on some of the common errors. * * Be careful adding new errors here. Disabling blinding for an @@ -1156,19 +1142,18 @@ int s2n_connection_kill(struct s2n_connection *conn) POSIX_GUARD_RESULT(s2n_timer_start(conn->config, &conn->write_timer)); if (conn->blinding == S2N_BUILT_IN_BLINDING) { - struct timespec sleep_time = {.tv_sec = conn->delay / ONE_S,.tv_nsec = conn->delay % ONE_S }; + struct timespec sleep_time = { .tv_sec = conn->delay / ONE_S, .tv_nsec = conn->delay % ONE_S }; int r; do { r = nanosleep(&sleep_time, &sleep_time); - } - while (r != 0); + } while (r != 0); } return 0; } -const uint8_t *s2n_connection_get_ocsp_response(struct s2n_connection *conn, uint32_t * length) +const uint8_t *s2n_connection_get_ocsp_response(struct s2n_connection *conn, uint32_t *length) { PTR_ENSURE_REF(conn); PTR_ENSURE_REF(length); @@ -1234,7 +1219,8 @@ int s2n_connection_set_dynamic_record_threshold(struct s2n_connection *conn, uin return 0; } -int s2n_connection_set_verify_host_callback(struct s2n_connection *conn, s2n_verify_host_fn verify_host_fn, void *data) { +int s2n_connection_set_verify_host_callback(struct s2n_connection *conn, s2n_verify_host_fn verify_host_fn, void *data) +{ POSIX_ENSURE_REF(conn); conn->verify_host_fn = verify_host_fn; @@ -1354,7 +1340,7 @@ int s2n_connection_get_peer_cert_chain(const struct s2n_connection *conn, struct * https://www.openssl.org/docs/man1.0.2/man3/X509_STORE_CTX_get1_chain.html */ DEFER_CLEANUP(STACK_OF(X509) *cert_chain_validated = X509_STORE_CTX_get1_chain(validator->store_ctx), - s2n_openssl_x509_stack_pop_free); + s2n_openssl_x509_stack_pop_free); POSIX_ENSURE_REF(cert_chain_validated); for (size_t cert_idx = 0; cert_idx < sk_X509_num(cert_chain_validated); cert_idx++) { @@ -1367,7 +1353,7 @@ int s2n_connection_get_peer_cert_chain(const struct s2n_connection *conn, struct struct s2n_blob mem = { 0 }; POSIX_GUARD(s2n_alloc(&mem, sizeof(struct s2n_cert))); - struct s2n_cert *new_node = (struct s2n_cert *)(void *)mem.data; + struct s2n_cert *new_node = (struct s2n_cert *) (void *) mem.data; POSIX_ENSURE_REF(new_node); new_node->next = NULL; @@ -1486,7 +1472,8 @@ int s2n_connection_get_selected_client_cert_signature_algorithm(struct s2n_conne /* * Gets the config set on the connection. */ -int s2n_connection_get_config(struct s2n_connection *conn, struct s2n_config **config) { +int s2n_connection_get_config(struct s2n_connection *conn, struct s2n_config **config) +{ POSIX_ENSURE_REF(conn); POSIX_ENSURE_REF(config); diff --git a/tls/s2n_connection.h b/tls/s2n_connection.h index aed7d563149..555efe0af51 100644 --- a/tls/s2n_connection.h +++ b/tls/s2n_connection.h @@ -16,12 +16,13 @@ #pragma once #include -#include "api/s2n.h" #include #include +#include "api/s2n.h" +#include "crypto/s2n_hash.h" +#include "crypto/s2n_hmac.h" #include "stuffer/s2n_stuffer.h" - #include "tls/s2n_client_hello.h" #include "tls/s2n_config.h" #include "tls/s2n_crypto.h" @@ -37,14 +38,10 @@ #include "tls/s2n_security_policies.h" #include "tls/s2n_tls_parameters.h" #include "tls/s2n_x509_validator.h" - -#include "crypto/s2n_hash.h" -#include "crypto/s2n_hmac.h" - #include "utils/s2n_mem.h" #include "utils/s2n_timer.h" -#define S2N_TLS_PROTOCOL_VERSION_LEN 2 +#define S2N_TLS_PROTOCOL_VERSION_LEN 2 #define S2N_PEER_MODE(our_mode) ((our_mode + 1) % 2) @@ -60,16 +57,16 @@ struct s2n_connection { /* Is this connection using CORK/SO_RCVLOWAT optimizations? Only valid when the connection is using * managed_send_io */ - unsigned corked_io:1; + unsigned corked_io : 1; /* Session resumption indicator on client side */ - unsigned client_session_resumed:1; + unsigned client_session_resumed : 1; /* Connection can be used by a QUIC implementation */ - unsigned quic_enabled:1; + unsigned quic_enabled : 1; /* Determines if we're currently sending or receiving in s2n_shutdown */ - unsigned close_notify_queued:1; + unsigned close_notify_queued : 1; /* s2n does not support renegotiation. * RFC5746 Section 4.3 suggests servers implement a minimal version of the @@ -77,64 +74,64 @@ struct s2n_connection { * Some clients may fail the handshake if a corresponding renegotiation_info * extension is not sent back by the server. */ - unsigned secure_renegotiation:1; + unsigned secure_renegotiation : 1; /* Was the EC point formats sent by the client */ - unsigned ec_point_formats:1; + unsigned ec_point_formats : 1; /* whether the connection address is ipv6 or not */ - unsigned ipv6:1; + unsigned ipv6 : 1; /* Whether server_name extension was used to make a decision on cert selection. * RFC6066 Section 3 states that server which used server_name to make a decision * on certificate or security settings has to send an empty server_name. */ - unsigned server_name_used:1; + unsigned server_name_used : 1; /* If write fd is broken */ - unsigned write_fd_broken:1; + unsigned write_fd_broken : 1; /* Has the user set their own I/O callbacks or is this connection using the * default socket-based I/O set by s2n */ - unsigned managed_send_io:1; - unsigned managed_recv_io:1; + unsigned managed_send_io : 1; + unsigned managed_recv_io : 1; /* Key update data */ - unsigned key_update_pending:1; + unsigned key_update_pending : 1; /* Early data supported by caller. * If a caller does not use any APIs that support early data, * do not negotiate early data. */ - unsigned early_data_expected:1; + unsigned early_data_expected : 1; /* Connection overrides server_max_early_data_size */ - unsigned server_max_early_data_size_overridden:1; + unsigned server_max_early_data_size_overridden : 1; /* Connection overrides psk_mode. * This means that the connection will keep the existing value of psk_params->type, * even when setting a new config. */ - unsigned psk_mode_overridden:1; + unsigned psk_mode_overridden : 1; /* Have we received a close notify alert from the peer. */ - unsigned close_notify_received:1; + unsigned close_notify_received : 1; /* Connection negotiated an EMS */ - unsigned ems_negotiated:1; + unsigned ems_negotiated : 1; /* Connection successfully set a ticket on the connection */ - unsigned set_session:1; + unsigned set_session : 1; /* Buffer multiple records before flushing them. * This allows multiple records to be written with one socket send. */ - unsigned multirecord_send:1; + unsigned multirecord_send : 1; /* If enabled, this connection will free each of its IO buffers after all data * has been flushed */ - unsigned dynamic_buffers:1; + unsigned dynamic_buffers : 1; /* Indicates protocol negotiation will be done through the NPN extension * instead of the ALPN extension */ - unsigned npn_negotiated:1; + unsigned npn_negotiated : 1; /* The configuration (cert, key .. etc ) */ struct s2n_config *config; @@ -240,7 +237,10 @@ struct s2n_connection { struct s2n_stuffer header_in; struct s2n_stuffer in; struct s2n_stuffer out; - enum { ENCRYPTED, PLAINTEXT } in_status; + enum { + ENCRYPTED, + PLAINTEXT + } in_status; /* How much of the current user buffer have we already * encrypted and sent or have pending for the wire but have @@ -375,7 +375,7 @@ struct s2n_connection { bool send_in_use; bool recv_in_use; bool negotiate_in_use; - + uint16_t tickets_to_send; uint16_t tickets_sent; diff --git a/tls/s2n_crl.c b/tls/s2n_crl.c index a2b75fcbddc..f99cfc08966 100644 --- a/tls/s2n_crl.c +++ b/tls/s2n_crl.c @@ -14,6 +14,7 @@ */ #include "s2n_crl.h" + #include "tls/s2n_connection.h" struct s2n_crl *s2n_crl_new(void) @@ -22,7 +23,7 @@ struct s2n_crl *s2n_crl_new(void) PTR_GUARD_POSIX(s2n_alloc(&mem, sizeof(struct s2n_crl))); PTR_GUARD_POSIX(s2n_blob_zero(&mem)); - struct s2n_crl *crl = (struct s2n_crl *)(void*) mem.data; + struct s2n_crl *crl = (struct s2n_crl *) (void *) mem.data; ZERO_TO_DISABLE_DEFER_CLEANUP(mem); return crl; @@ -40,7 +41,7 @@ int s2n_crl_load_pem(struct s2n_crl *crl, uint8_t *pem, size_t len) POSIX_GUARD(s2n_stuffer_init(&pem_stuffer, &pem_blob)); POSIX_GUARD(s2n_stuffer_skip_write(&pem_stuffer, pem_blob.size)); - DEFER_CLEANUP(struct s2n_stuffer der_out_stuffer = {0}, s2n_stuffer_free); + DEFER_CLEANUP(struct s2n_stuffer der_out_stuffer = { 0 }, s2n_stuffer_free); POSIX_GUARD(s2n_stuffer_growable_alloc(&der_out_stuffer, len)); POSIX_GUARD(s2n_stuffer_crl_from_pem(&pem_stuffer, &der_out_stuffer)); @@ -198,13 +199,13 @@ S2N_RESULT s2n_crl_invoke_lookup_callbacks(struct s2n_connection *conn, struct s RESULT_ENSURE_REF(validator->cert_chain_from_wire); int cert_count = sk_X509_num(validator->cert_chain_from_wire); - DEFER_CLEANUP(struct s2n_array *crl_lookup_list = s2n_array_new_with_capacity(sizeof(struct s2n_crl_lookup), - cert_count), s2n_array_free_p); + DEFER_CLEANUP(struct s2n_array *crl_lookup_list = s2n_array_new_with_capacity(sizeof(struct s2n_crl_lookup), cert_count), + s2n_array_free_p); RESULT_ENSURE_REF(crl_lookup_list); for (int i = 0; i < cert_count; ++i) { - struct s2n_crl_lookup * lookup = NULL; - RESULT_GUARD(s2n_array_pushback(crl_lookup_list, (void**) &lookup)); + struct s2n_crl_lookup *lookup = NULL; + RESULT_GUARD(s2n_array_pushback(crl_lookup_list, (void **) &lookup)); X509 *cert = sk_X509_value(validator->cert_chain_from_wire, i); RESULT_ENSURE_REF(cert); @@ -221,7 +222,7 @@ S2N_RESULT s2n_crl_invoke_lookup_callbacks(struct s2n_connection *conn, struct s RESULT_GUARD(s2n_array_num_elements(validator->crl_lookup_list, &num_lookups)); for (uint32_t i = 0; i < num_lookups; i++) { struct s2n_crl_lookup *lookup = NULL; - RESULT_GUARD(s2n_array_get(validator->crl_lookup_list, i, (void**) &lookup)); + RESULT_GUARD(s2n_array_get(validator->crl_lookup_list, i, (void **) &lookup)); RESULT_ENSURE_REF(lookup); int result = conn->config->crl_lookup_cb(lookup, conn->config->crl_lookup_ctx); @@ -231,7 +232,8 @@ S2N_RESULT s2n_crl_invoke_lookup_callbacks(struct s2n_connection *conn, struct s return S2N_RESULT_OK; } -int s2n_crl_ossl_verify_callback(int default_ossl_ret, X509_STORE_CTX *ctx) { +int s2n_crl_ossl_verify_callback(int default_ossl_ret, X509_STORE_CTX *ctx) +{ int err = X509_STORE_CTX_get_error(ctx); switch (err) { case X509_V_ERR_CRL_NOT_YET_VALID: diff --git a/tls/s2n_crl.h b/tls/s2n_crl.h index b974ee15069..994e3109c8f 100644 --- a/tls/s2n_crl.h +++ b/tls/s2n_crl.h @@ -15,11 +15,11 @@ #pragma once +#include + #include "api/s2n.h" -#include "utils/s2n_result.h" #include "api/unstable/crl.h" - -#include +#include "utils/s2n_result.h" struct s2n_x509_validator; diff --git a/tls/s2n_crypto.c b/tls/s2n_crypto.c index 79712dded09..2e29b290a80 100644 --- a/tls/s2n_crypto.c +++ b/tls/s2n_crypto.c @@ -13,9 +13,9 @@ * permissions and limitations under the License. */ -#include "api/s2n.h" #include "tls/s2n_crypto.h" +#include "api/s2n.h" #include "tls/s2n_cipher_suites.h" #include "utils/s2n_result.h" #include "utils/s2n_safety.h" @@ -29,7 +29,7 @@ S2N_RESULT s2n_crypto_parameters_new(struct s2n_crypto_parameters **new_params) RESULT_GUARD_POSIX(s2n_alloc(&mem, sizeof(struct s2n_crypto_parameters))); RESULT_GUARD_POSIX(s2n_blob_zero(&mem)); - DEFER_CLEANUP(struct s2n_crypto_parameters *params = (struct s2n_crypto_parameters*)(void*) mem.data, + DEFER_CLEANUP(struct s2n_crypto_parameters *params = (struct s2n_crypto_parameters *) (void *) mem.data, s2n_crypto_parameters_free); ZERO_TO_DISABLE_DEFER_CLEANUP(mem); @@ -62,13 +62,15 @@ S2N_RESULT s2n_crypto_parameters_wipe(struct s2n_crypto_parameters *params) /* Wipe the keys for reuse */ struct s2n_session_key client_key = params->client_key; struct s2n_session_key server_key = params->server_key; - if (params->cipher_suite && params->cipher_suite->record_alg && - params->cipher_suite->record_alg->cipher && params->cipher_suite->record_alg->cipher->destroy_key) { + if (params->cipher_suite + && params->cipher_suite->record_alg + && params->cipher_suite->record_alg->cipher + && params->cipher_suite->record_alg->cipher->destroy_key) { RESULT_GUARD_POSIX(params->cipher_suite->record_alg->cipher->destroy_key(¶ms->client_key)); RESULT_GUARD_POSIX(params->cipher_suite->record_alg->cipher->destroy_key(¶ms->server_key)); } - *params = (struct s2n_crypto_parameters) { 0 }; + *params = (struct s2n_crypto_parameters){ 0 }; params->client_record_mac = client_state; params->server_record_mac = server_state; diff --git a/tls/s2n_crypto.h b/tls/s2n_crypto.h index 7c13afe6928..ac2e268e9bf 100644 --- a/tls/s2n_crypto.h +++ b/tls/s2n_crypto.h @@ -15,21 +15,20 @@ #pragma once -#include "tls/s2n_config.h" -#include "tls/s2n_signature_scheme.h" -#include "tls/s2n_crypto_constants.h" -#include "tls/s2n_kem.h" -#include "tls/s2n_tls13_secrets.h" - #include "crypto/s2n_certificate.h" #include "crypto/s2n_cipher.h" -#include "crypto/s2n_hmac.h" +#include "crypto/s2n_dhe.h" +#include "crypto/s2n_ecc_evp.h" #include "crypto/s2n_hash.h" +#include "crypto/s2n_hmac.h" #include "crypto/s2n_pkey.h" #include "crypto/s2n_signature.h" #include "crypto/s2n_tls13_keys.h" -#include "crypto/s2n_dhe.h" -#include "crypto/s2n_ecc_evp.h" +#include "tls/s2n_config.h" +#include "tls/s2n_crypto_constants.h" +#include "tls/s2n_kem.h" +#include "tls/s2n_signature_scheme.h" +#include "tls/s2n_tls13_secrets.h" struct s2n_kex_parameters { struct s2n_dh_params server_dh_params; diff --git a/tls/s2n_crypto_constants.h b/tls/s2n_crypto_constants.h index 52316e256e9..c58df93826b 100644 --- a/tls/s2n_crypto_constants.h +++ b/tls/s2n_crypto_constants.h @@ -15,36 +15,36 @@ #pragma once -#define S2N_TLS_SECRET_LEN 48 -#define S2N_TLS_RANDOM_DATA_LEN 32 -#define S2N_TLS_SEQUENCE_NUM_LEN 8 -#define S2N_TLS_CIPHER_SUITE_LEN 2 -#define S2N_SSLv2_CIPHER_SUITE_LEN 3 -#define S2N_TLS_FINISHED_LEN 12 -#define S2N_SSL_FINISHED_LEN 36 -#define S2N_TLS_MAX_IV_LEN 16 +#define S2N_TLS_SECRET_LEN 48 +#define S2N_TLS_RANDOM_DATA_LEN 32 +#define S2N_TLS_SEQUENCE_NUM_LEN 8 +#define S2N_TLS_CIPHER_SUITE_LEN 2 +#define S2N_SSLv2_CIPHER_SUITE_LEN 3 +#define S2N_TLS_FINISHED_LEN 12 +#define S2N_SSL_FINISHED_LEN 36 +#define S2N_TLS_MAX_IV_LEN 16 /* From RFC 5246 6.2.3.3 */ -#define S2N_TLS12_AAD_LEN 13 -#define S2N_TLS_MAX_AAD_LEN S2N_TLS12_AAD_LEN -#define S2N_TLS_GCM_FIXED_IV_LEN 4 -#define S2N_TLS_GCM_EXPLICIT_IV_LEN 8 -#define S2N_TLS_GCM_IV_LEN (S2N_TLS_GCM_FIXED_IV_LEN + S2N_TLS_GCM_EXPLICIT_IV_LEN) -#define S2N_TLS_GCM_TAG_LEN 16 -#define S2N_TLS_AES_128_GCM_KEY_LEN 16 -#define S2N_TLS_AES_256_GCM_KEY_LEN 32 +#define S2N_TLS12_AAD_LEN 13 +#define S2N_TLS_MAX_AAD_LEN S2N_TLS12_AAD_LEN +#define S2N_TLS_GCM_FIXED_IV_LEN 4 +#define S2N_TLS_GCM_EXPLICIT_IV_LEN 8 +#define S2N_TLS_GCM_IV_LEN (S2N_TLS_GCM_FIXED_IV_LEN + S2N_TLS_GCM_EXPLICIT_IV_LEN) +#define S2N_TLS_GCM_TAG_LEN 16 +#define S2N_TLS_AES_128_GCM_KEY_LEN 16 +#define S2N_TLS_AES_256_GCM_KEY_LEN 32 /* TLS 1.3 uses only implicit IVs - RFC 8446 5.3 */ -#define S2N_TLS13_AAD_LEN 5 -#define S2N_TLS13_RECORD_IV_LEN 0 -#define S2N_TLS13_FIXED_IV_LEN 12 +#define S2N_TLS13_AAD_LEN 5 +#define S2N_TLS13_RECORD_IV_LEN 0 +#define S2N_TLS13_FIXED_IV_LEN 12 /* From RFC 7905 */ #define S2N_TLS_CHACHA20_POLY1305_FIXED_IV_LEN 12 -#define S2N_TLS_CHACHA20_POLY1305_EXPLICIT_IV_LEN 0 +#define S2N_TLS_CHACHA20_POLY1305_EXPLICIT_IV_LEN 0 #define S2N_TLS_CHACHA20_POLY1305_IV_LEN 12 #define S2N_TLS_CHACHA20_POLY1305_KEY_LEN 32 #define S2N_TLS_CHACHA20_POLY1305_TAG_LEN 16 /* RFC 5246 7.4.1.2 */ -#define S2N_TLS_SESSION_ID_MAX_LEN 32 +#define S2N_TLS_SESSION_ID_MAX_LEN 32 diff --git a/tls/s2n_early_data.c b/tls/s2n_early_data.c index 84ba90f9b98..51083975d97 100644 --- a/tls/s2n_early_data.c +++ b/tls/s2n_early_data.c @@ -13,22 +13,22 @@ * permissions and limitations under the License. */ -#include - #include "tls/s2n_early_data.h" -#include "tls/s2n_connection.h" +#include + #include "tls/s2n_cipher_suites.h" +#include "tls/s2n_connection.h" #include "tls/s2n_psk.h" -#include "utils/s2n_safety.h" #include "utils/s2n_mem.h" +#include "utils/s2n_safety.h" const s2n_early_data_state valid_previous_states[] = { - [S2N_EARLY_DATA_REQUESTED] = S2N_UNKNOWN_EARLY_DATA_STATE, - [S2N_EARLY_DATA_NOT_REQUESTED] = S2N_UNKNOWN_EARLY_DATA_STATE, - [S2N_EARLY_DATA_REJECTED] = S2N_EARLY_DATA_REQUESTED, - [S2N_EARLY_DATA_ACCEPTED] = S2N_EARLY_DATA_REQUESTED, - [S2N_END_OF_EARLY_DATA] = S2N_EARLY_DATA_ACCEPTED, + [S2N_EARLY_DATA_REQUESTED] = S2N_UNKNOWN_EARLY_DATA_STATE, + [S2N_EARLY_DATA_NOT_REQUESTED] = S2N_UNKNOWN_EARLY_DATA_STATE, + [S2N_EARLY_DATA_REJECTED] = S2N_EARLY_DATA_REQUESTED, + [S2N_EARLY_DATA_ACCEPTED] = S2N_EARLY_DATA_REQUESTED, + [S2N_END_OF_EARLY_DATA] = S2N_EARLY_DATA_ACCEPTED, }; S2N_RESULT s2n_connection_set_early_data_state(struct s2n_connection *conn, s2n_early_data_state next_state) @@ -150,7 +150,7 @@ S2N_RESULT s2n_early_data_accept_or_reject(struct s2n_connection *conn) if (conn->config->early_data_cb) { conn->handshake.early_data_async_state.conn = conn; RESULT_ENSURE(conn->config->early_data_cb(conn, &conn->handshake.early_data_async_state) >= S2N_SUCCESS, - S2N_ERR_CANCELLED); + S2N_ERR_CANCELLED); if (conn->early_data_state == S2N_EARLY_DATA_REQUESTED) { RESULT_BAIL(S2N_ERR_ASYNC_BLOCKED); } @@ -277,7 +277,7 @@ int s2n_connection_get_early_data_status(struct s2n_connection *conn, s2n_early_ POSIX_ENSURE_REF(conn); POSIX_ENSURE_REF(status); - switch(conn->early_data_state) { + switch (conn->early_data_state) { case S2N_EARLY_DATA_STATES_COUNT: break; case S2N_EARLY_DATA_NOT_REQUESTED: @@ -319,7 +319,7 @@ int s2n_connection_get_remaining_early_data_size(struct s2n_connection *conn, ui POSIX_ENSURE_REF(allowed_early_data_size); *allowed_early_data_size = 0; - switch(conn->early_data_state) { + switch (conn->early_data_state) { case S2N_EARLY_DATA_STATES_COUNT: case S2N_EARLY_DATA_NOT_REQUESTED: case S2N_EARLY_DATA_REJECTED: @@ -360,7 +360,7 @@ int s2n_connection_get_max_early_data_size(struct s2n_connection *conn, uint32_t } struct s2n_psk *first_psk = NULL; - POSIX_GUARD_RESULT(s2n_array_get(&conn->psk_params.psk_list, 0, (void**) &first_psk)); + POSIX_GUARD_RESULT(s2n_array_get(&conn->psk_params.psk_list, 0, (void **) &first_psk)); POSIX_ENSURE_REF(first_psk); *max_early_data_size = first_psk->early_data_config.max_early_data_size; diff --git a/tls/s2n_early_data.h b/tls/s2n_early_data.h index eae7f843677..829e8c6fc05 100644 --- a/tls/s2n_early_data.h +++ b/tls/s2n_early_data.h @@ -16,7 +16,6 @@ #pragma once #include "api/s2n.h" - #include "tls/s2n_crypto_constants.h" #include "utils/s2n_blob.h" #include "utils/s2n_result.h" diff --git a/tls/s2n_early_data_io.c b/tls/s2n_early_data_io.c index 2af36c5a2f9..be2caaff4c8 100644 --- a/tls/s2n_early_data_io.c +++ b/tls/s2n_early_data_io.c @@ -15,11 +15,10 @@ #include -#include "tls/s2n_early_data.h" - #include "tls/s2n_connection.h" -#include "utils/s2n_safety.h" +#include "tls/s2n_early_data.h" #include "utils/s2n_mem.h" +#include "utils/s2n_safety.h" int s2n_end_of_early_data_send(struct s2n_connection *conn) { @@ -116,7 +115,8 @@ S2N_RESULT s2n_early_data_validate_send(struct s2n_connection *conn, uint32_t by RESULT_ENSURE(conn->early_data_expected, S2N_ERR_EARLY_DATA_NOT_ALLOWED); RESULT_ENSURE(conn->mode == S2N_CLIENT, S2N_ERR_EARLY_DATA_NOT_ALLOWED); RESULT_ENSURE(conn->early_data_state == S2N_EARLY_DATA_REQUESTED - || conn->early_data_state == S2N_EARLY_DATA_ACCEPTED, S2N_ERR_EARLY_DATA_NOT_ALLOWED); + || conn->early_data_state == S2N_EARLY_DATA_ACCEPTED, + S2N_ERR_EARLY_DATA_NOT_ALLOWED); uint32_t allowed_early_data_size = 0; RESULT_GUARD_POSIX(s2n_connection_get_remaining_early_data_size(conn, &allowed_early_data_size)); @@ -237,7 +237,7 @@ S2N_RESULT s2n_recv_early_data_impl(struct s2n_connection *conn, uint8_t *data, return S2N_RESULT_OK; } - while(s2n_negotiate(conn, blocked) < S2N_SUCCESS) { + while (s2n_negotiate(conn, blocked) < S2N_SUCCESS) { if (s2n_error_get_type(s2n_errno) != S2N_ERR_T_BLOCKED) { return S2N_RESULT_ERROR; } else if (max_data_len <= *data_received) { diff --git a/tls/s2n_ecc_preferences.c b/tls/s2n_ecc_preferences.c index 53b9e95a13b..8781afcc558 100644 --- a/tls/s2n_ecc_preferences.c +++ b/tls/s2n_ecc_preferences.c @@ -13,11 +13,11 @@ * permissions and limitations under the License. */ -#include "api/s2n.h" - #include "tls/s2n_ecc_preferences.h" -#include "tls/s2n_connection.h" + +#include "api/s2n.h" #include "crypto/s2n_ecc_evp.h" +#include "tls/s2n_connection.h" #include "utils/s2n_safety.h" const struct s2n_ecc_named_curve *const s2n_ecc_pref_list_20140601[] = { @@ -62,43 +62,44 @@ const struct s2n_ecc_named_curve *const s2n_ecc_pref_list_test_all[] = { }; const struct s2n_ecc_preferences s2n_ecc_preferences_20140601 = { - .count = s2n_array_len(s2n_ecc_pref_list_20140601), - .ecc_curves = s2n_ecc_pref_list_20140601, + .count = s2n_array_len(s2n_ecc_pref_list_20140601), + .ecc_curves = s2n_ecc_pref_list_20140601, }; const struct s2n_ecc_preferences s2n_ecc_preferences_20200310 = { - .count = s2n_array_len(s2n_ecc_pref_list_20200310), - .ecc_curves = s2n_ecc_pref_list_20200310, + .count = s2n_array_len(s2n_ecc_pref_list_20200310), + .ecc_curves = s2n_ecc_pref_list_20200310, }; const struct s2n_ecc_preferences s2n_ecc_preferences_default_fips = { - .count = s2n_array_len(s2n_ecc_pref_list_default_fips), - .ecc_curves = s2n_ecc_pref_list_default_fips, + .count = s2n_array_len(s2n_ecc_pref_list_default_fips), + .ecc_curves = s2n_ecc_pref_list_default_fips, }; const struct s2n_ecc_preferences s2n_ecc_preferences_20201021 = { - .count = s2n_array_len(s2n_ecc_pref_list_20201021), - .ecc_curves = s2n_ecc_pref_list_20201021, + .count = s2n_array_len(s2n_ecc_pref_list_20201021), + .ecc_curves = s2n_ecc_pref_list_20201021, }; const struct s2n_ecc_preferences s2n_ecc_preferences_20210816 = { - .count = s2n_array_len(s2n_ecc_pref_list_20210816), - .ecc_curves = s2n_ecc_pref_list_20210816, + .count = s2n_array_len(s2n_ecc_pref_list_20210816), + .ecc_curves = s2n_ecc_pref_list_20210816, }; const struct s2n_ecc_preferences s2n_ecc_preferences_test_all = { - .count = s2n_array_len(s2n_ecc_pref_list_test_all), - .ecc_curves = s2n_ecc_pref_list_test_all, + .count = s2n_array_len(s2n_ecc_pref_list_test_all), + .ecc_curves = s2n_ecc_pref_list_test_all, }; const struct s2n_ecc_preferences s2n_ecc_preferences_null = { - .count = 0, - .ecc_curves = NULL, + .count = 0, + .ecc_curves = NULL, }; /* Checks if the ecc_curves present in s2n_ecc_preferences list is a subset of s2n_all_supported_curves_list * maintained in s2n_ecc_evp.c */ -int s2n_check_ecc_preferences_curves_list(const struct s2n_ecc_preferences *ecc_preferences) { +int s2n_check_ecc_preferences_curves_list(const struct s2n_ecc_preferences *ecc_preferences) +{ int check = 1; for (int i = 0; i < ecc_preferences->count; i++) { const struct s2n_ecc_named_curve *named_curve = ecc_preferences->ecc_curves[i]; @@ -118,7 +119,8 @@ int s2n_check_ecc_preferences_curves_list(const struct s2n_ecc_preferences *ecc_ } /* Determines if query_iana_id corresponds to a curve for these ECC preferences. */ -bool s2n_ecc_preferences_includes_curve(const struct s2n_ecc_preferences *ecc_preferences, uint16_t query_iana_id) { +bool s2n_ecc_preferences_includes_curve(const struct s2n_ecc_preferences *ecc_preferences, uint16_t query_iana_id) +{ if (ecc_preferences == NULL) { return false; } @@ -131,4 +133,3 @@ bool s2n_ecc_preferences_includes_curve(const struct s2n_ecc_preferences *ecc_pr return false; } - diff --git a/tls/s2n_ecc_preferences.h b/tls/s2n_ecc_preferences.h index 3d4a168264f..988991755a9 100644 --- a/tls/s2n_ecc_preferences.h +++ b/tls/s2n_ecc_preferences.h @@ -15,10 +15,10 @@ #pragma once -#include "api/s2n.h" -#include #include +#include +#include "api/s2n.h" #include "crypto/s2n_ecc_evp.h" struct s2n_ecc_preferences { diff --git a/tls/s2n_encrypted_extensions.c b/tls/s2n_encrypted_extensions.c index 9f47acd8fda..7c27c0b10d1 100644 --- a/tls/s2n_encrypted_extensions.c +++ b/tls/s2n_encrypted_extensions.c @@ -14,13 +14,11 @@ */ #include "error/s2n_errno.h" -#include "utils/s2n_safety.h" #include "stuffer/s2n_stuffer.h" - +#include "tls/extensions/s2n_extension_list.h" #include "tls/s2n_tls.h" #include "tls/s2n_tls13.h" - -#include "tls/extensions/s2n_extension_list.h" +#include "utils/s2n_safety.h" /** * Specified in https://tools.ietf.org/html/rfc8446#section-4.3.1 diff --git a/tls/s2n_establish_session.c b/tls/s2n_establish_session.c index 18c4fcc8bf1..ebb3245dc53 100644 --- a/tls/s2n_establish_session.c +++ b/tls/s2n_establish_session.c @@ -14,18 +14,14 @@ */ #include -#include "api/s2n.h" +#include "api/s2n.h" #include "error/s2n_errno.h" - #include "stuffer/s2n_stuffer.h" - #include "tls/s2n_connection.h" #include "tls/s2n_tls.h" - #include "utils/s2n_array.h" - /* Establishing a session requires reading the CLIENT_HELLO message and then generating security parameters. * * S2N supports resuming sessions under TLS1.2 if the client sends a session ID. The server can lookup a @@ -41,12 +37,10 @@ int s2n_establish_session(struct s2n_connection *conn) POSIX_GUARD_RESULT(s2n_early_data_accept_or_reject(conn)); POSIX_GUARD(s2n_conn_set_handshake_type(conn)); - if (conn->client_hello_version != S2N_SSLv2) - { + if (conn->client_hello_version != S2N_SSLv2) { /* We've selected the parameters for the handshake, update the required hashes for this connection */ POSIX_GUARD(s2n_conn_update_required_handshake_hashes(conn)); } return 0; } - diff --git a/tls/s2n_handshake.c b/tls/s2n_handshake.c index e622fb8f515..0168a758f03 100644 --- a/tls/s2n_handshake.c +++ b/tls/s2n_handshake.c @@ -16,16 +16,13 @@ #include #include "error/s2n_errno.h" - +#include "stuffer/s2n_stuffer.h" +#include "tls/s2n_cipher_suites.h" #include "tls/s2n_connection.h" #include "tls/s2n_record.h" -#include "tls/s2n_cipher_suites.h" #include "tls/s2n_tls.h" - -#include "stuffer/s2n_stuffer.h" - -#include "utils/s2n_safety.h" #include "utils/s2n_map.h" +#include "utils/s2n_safety.h" int s2n_handshake_write_header(struct s2n_stuffer *out, uint8_t message_type) { @@ -57,7 +54,7 @@ int s2n_handshake_finish_header(struct s2n_stuffer *out) return S2N_SUCCESS; } -S2N_RESULT s2n_handshake_parse_header(struct s2n_stuffer *io, uint8_t * message_type, uint32_t * length) +S2N_RESULT s2n_handshake_parse_header(struct s2n_stuffer *io, uint8_t *message_type, uint32_t *length) { RESULT_ENSURE(s2n_stuffer_data_available(io) >= TLS_HANDSHAKE_HEADER_LENGTH, S2N_ERR_SIZE_MISMATCH); @@ -74,30 +71,30 @@ static int s2n_handshake_get_hash_state_ptr(struct s2n_connection *conn, s2n_has POSIX_ENSURE_REF(conn->handshake.hashes); switch (hash_alg) { - case S2N_HASH_MD5: - *hash_state = &conn->handshake.hashes->md5; - break; - case S2N_HASH_SHA1: - *hash_state = &conn->handshake.hashes->sha1; - break; - case S2N_HASH_SHA224: - *hash_state = &conn->handshake.hashes->sha224; - break; - case S2N_HASH_SHA256: - *hash_state = &conn->handshake.hashes->sha256; - break; - case S2N_HASH_SHA384: - *hash_state = &conn->handshake.hashes->sha384; - break; - case S2N_HASH_SHA512: - *hash_state = &conn->handshake.hashes->sha512; - break; - case S2N_HASH_MD5_SHA1: - *hash_state = &conn->handshake.hashes->md5_sha1; - break; - default: - POSIX_BAIL(S2N_ERR_HASH_INVALID_ALGORITHM); - break; + case S2N_HASH_MD5: + *hash_state = &conn->handshake.hashes->md5; + break; + case S2N_HASH_SHA1: + *hash_state = &conn->handshake.hashes->sha1; + break; + case S2N_HASH_SHA224: + *hash_state = &conn->handshake.hashes->sha224; + break; + case S2N_HASH_SHA256: + *hash_state = &conn->handshake.hashes->sha256; + break; + case S2N_HASH_SHA384: + *hash_state = &conn->handshake.hashes->sha384; + break; + case S2N_HASH_SHA512: + *hash_state = &conn->handshake.hashes->sha512; + break; + case S2N_HASH_MD5_SHA1: + *hash_state = &conn->handshake.hashes->md5_sha1; + break; + default: + POSIX_BAIL(S2N_ERR_HASH_INVALID_ALGORITHM); + break; } return S2N_SUCCESS; @@ -162,23 +159,22 @@ int s2n_conn_update_required_handshake_hashes(struct s2n_connection *conn) /* We don't need all of the hashes. Set the hash alg(s) required for the PRF */ switch (conn->actual_protocol_version) { - case S2N_SSLv3: - case S2N_TLS10: - case S2N_TLS11: - POSIX_GUARD(s2n_handshake_require_hash(&conn->handshake, S2N_HASH_MD5)); - POSIX_GUARD(s2n_handshake_require_hash(&conn->handshake, S2N_HASH_SHA1)); - break; - case S2N_TLS12: - /* fall through */ - case S2N_TLS13: - { - /* For TLS 1.2 and TLS 1.3, the cipher suite defines the PRF hash alg */ - s2n_hmac_algorithm prf_alg = conn->secure->cipher_suite->prf_alg; - s2n_hash_algorithm hash_alg; - POSIX_GUARD(s2n_hmac_hash_alg(prf_alg, &hash_alg)); - POSIX_GUARD(s2n_handshake_require_hash(&conn->handshake, hash_alg)); - break; - } + case S2N_SSLv3: + case S2N_TLS10: + case S2N_TLS11: + POSIX_GUARD(s2n_handshake_require_hash(&conn->handshake, S2N_HASH_MD5)); + POSIX_GUARD(s2n_handshake_require_hash(&conn->handshake, S2N_HASH_SHA1)); + break; + case S2N_TLS12: + /* fall through */ + case S2N_TLS13: { + /* For TLS 1.2 and TLS 1.3, the cipher suite defines the PRF hash alg */ + s2n_hmac_algorithm prf_alg = conn->secure->cipher_suite->prf_alg; + s2n_hash_algorithm hash_alg; + POSIX_GUARD(s2n_hmac_hash_alg(prf_alg, &hash_alg)); + POSIX_GUARD(s2n_handshake_require_hash(&conn->handshake, hash_alg)); + break; + } } return S2N_SUCCESS; @@ -267,9 +263,9 @@ int s2n_conn_find_name_matching_certs(struct s2n_connection *conn) /* Find the exact matches for the ServerName */ POSIX_GUARD(s2n_find_cert_matches(conn->config->domain_name_to_cert_map, - &normalized_name, - conn->handshake_params.exact_sni_matches, - &(conn->handshake_params.exact_sni_match_exists))); + &normalized_name, + conn->handshake_params.exact_sni_matches, + &(conn->handshake_params.exact_sni_match_exists))); if (!conn->handshake_params.exact_sni_match_exists) { /* We have not yet found an exact domain match. Try to find wildcard matches. */ @@ -288,17 +284,17 @@ int s2n_conn_find_name_matching_certs(struct s2n_connection *conn) /* The client's SNI is wildcardified, do an exact match against the set of server certs. */ wildcard_blob.size = wildcard_len; POSIX_GUARD(s2n_find_cert_matches(conn->config->domain_name_to_cert_map, - &wildcard_blob, - conn->handshake_params.wc_sni_matches, - &(conn->handshake_params.wc_sni_match_exists))); + &wildcard_blob, + conn->handshake_params.wc_sni_matches, + &(conn->handshake_params.wc_sni_match_exists))); } /* If we found a suitable cert, we should send back the ServerName extension. * Note that this may have already been set by the client hello callback, so we won't override its value */ conn->server_name_used = conn->server_name_used - || conn->handshake_params.exact_sni_match_exists - || conn->handshake_params.wc_sni_match_exists; + || conn->handshake_params.exact_sni_match_exists + || conn->handshake_params.wc_sni_match_exists; return S2N_SUCCESS; } @@ -313,7 +309,8 @@ struct s2n_cert_chain_and_key *s2n_get_compatible_cert_chain_and_key(struct s2n_ if (conn->handshake_params.exact_sni_match_exists) { /* This may return NULL if there was an SNI match, but not a match the cipher_suite's authentication type. */ return conn->handshake_params.exact_sni_matches[cert_type]; - } if (conn->handshake_params.wc_sni_match_exists) { + } + if (conn->handshake_params.wc_sni_match_exists) { return conn->handshake_params.wc_sni_matches[cert_type]; } else { /* We don't have any name matches. Use the default certificate that works with the key type. */ diff --git a/tls/s2n_handshake.h b/tls/s2n_handshake.h index c417bcb2fd0..5831afd9ac8 100644 --- a/tls/s2n_handshake.h +++ b/tls/s2n_handshake.h @@ -16,26 +16,24 @@ #pragma once #include -#include "api/s2n.h" +#include "api/s2n.h" +#include "crypto/s2n_certificate.h" +#include "crypto/s2n_hash.h" +#include "stuffer/s2n_stuffer.h" #include "tls/s2n_crypto.h" #include "tls/s2n_handshake_hashes.h" #include "tls/s2n_handshake_type.h" #include "tls/s2n_signature_algorithms.h" #include "tls/s2n_tls_parameters.h" -#include "stuffer/s2n_stuffer.h" - -#include "crypto/s2n_certificate.h" -#include "crypto/s2n_hash.h" - /* From RFC 8446: https://tools.ietf.org/html/rfc8446#appendix-B.3 */ -#define TLS_HELLO_REQUEST 0 -#define TLS_CLIENT_HELLO 1 -#define TLS_SERVER_HELLO 2 -#define TLS_SERVER_NEW_SESSION_TICKET 4 -#define TLS_END_OF_EARLY_DATA 5 -#define TLS_ENCRYPTED_EXTENSIONS 8 +#define TLS_HELLO_REQUEST 0 +#define TLS_CLIENT_HELLO 1 +#define TLS_SERVER_HELLO 2 +#define TLS_SERVER_NEW_SESSION_TICKET 4 +#define TLS_END_OF_EARLY_DATA 5 +#define TLS_ENCRYPTED_EXTENSIONS 8 #define TLS_CERTIFICATE 11 #define TLS_SERVER_KEY 12 #define TLS_CERT_REQ 13 @@ -47,11 +45,11 @@ #define TLS_SERVER_SESSION_LOOKUP 23 #define TLS_KEY_UPDATE 24 #define TLS_NPN 67 -#define TLS_MESSAGE_HASH 254 +#define TLS_MESSAGE_HASH 254 /* This is the list of message types that we support */ typedef enum { - CLIENT_HELLO=0, + CLIENT_HELLO = 0, SERVER_HELLO, SERVER_CERT, SERVER_NEW_SESSION_TICKET, @@ -176,16 +174,16 @@ struct s2n_handshake { struct s2n_offered_early_data early_data_async_state; /* Indicates the CLIENT_HELLO message has been completely received */ - unsigned client_hello_received:1; + unsigned client_hello_received : 1; /* Indicates the handshake blocked while trying to read or write data, and has been paused */ - unsigned paused:1; + unsigned paused : 1; /* Set to 1 if the RSA verification failed */ - unsigned rsa_failed:1; + unsigned rsa_failed : 1; /* Indicates that this is a renegotiation handshake */ - unsigned renegotiation:1; + unsigned renegotiation : 1; }; /* Only used in our test cases. */ diff --git a/tls/s2n_handshake_hashes.c b/tls/s2n_handshake_hashes.c index 538c7422150..591e2251f48 100644 --- a/tls/s2n_handshake_hashes.c +++ b/tls/s2n_handshake_hashes.c @@ -101,7 +101,7 @@ S2N_RESULT s2n_handshake_hashes_new(struct s2n_handshake_hashes **hashes) DEFER_CLEANUP(struct s2n_blob data = { 0 }, s2n_free); RESULT_GUARD_POSIX(s2n_realloc(&data, sizeof(struct s2n_handshake_hashes))); RESULT_GUARD_POSIX(s2n_blob_zero(&data)); - *hashes = (struct s2n_handshake_hashes*)(void*) data.data; + *hashes = (struct s2n_handshake_hashes *) (void *) data.data; ZERO_TO_DISABLE_DEFER_CLEANUP(data); RESULT_GUARD(s2n_handshake_hashes_new_hashes(*hashes)); @@ -120,6 +120,6 @@ S2N_CLEANUP_RESULT s2n_handshake_hashes_free(struct s2n_handshake_hashes **hashe { RESULT_ENSURE_REF(hashes); RESULT_GUARD(s2n_handshake_hashes_free_hashes(*hashes)); - RESULT_GUARD_POSIX(s2n_free_object((uint8_t**) hashes, sizeof(struct s2n_handshake_hashes))); + RESULT_GUARD_POSIX(s2n_free_object((uint8_t **) hashes, sizeof(struct s2n_handshake_hashes))); return S2N_RESULT_OK; } diff --git a/tls/s2n_handshake_hashes.h b/tls/s2n_handshake_hashes.h index 22d157deb46..3011c6ef20f 100644 --- a/tls/s2n_handshake_hashes.h +++ b/tls/s2n_handshake_hashes.h @@ -16,7 +16,6 @@ #pragma once #include "api/s2n.h" - #include "crypto/s2n_hash.h" #include "crypto/s2n_tls13_keys.h" diff --git a/tls/s2n_handshake_io.c b/tls/s2n_handshake_io.c index fb7de64ae8f..08656c98b1c 100644 --- a/tls/s2n_handshake_io.c +++ b/tls/s2n_handshake_io.c @@ -13,34 +13,29 @@ * permissions and limitations under the License. */ +#include #include -#include #include "api/s2n.h" - -#include "error/s2n_errno.h" - #include "crypto/s2n_fips.h" - +#include "error/s2n_errno.h" +#include "stuffer/s2n_stuffer.h" +#include "tls/s2n_alerts.h" #include "tls/s2n_async_pkey.h" #include "tls/s2n_cipher_suites.h" #include "tls/s2n_connection.h" +#include "tls/s2n_kex.h" +#include "tls/s2n_post_handshake.h" #include "tls/s2n_record.h" #include "tls/s2n_resume.h" -#include "tls/s2n_alerts.h" #include "tls/s2n_tls.h" #include "tls/s2n_tls13.h" #include "tls/s2n_tls13_handshake.h" #include "tls/s2n_tls13_key_schedule.h" -#include "tls/s2n_kex.h" -#include "tls/s2n_post_handshake.h" - -#include "stuffer/s2n_stuffer.h" - +#include "utils/s2n_bitmap.h" +#include "utils/s2n_random.h" #include "utils/s2n_safety.h" #include "utils/s2n_socket.h" -#include "utils/s2n_random.h" -#include "utils/s2n_bitmap.h" /* clang-format off */ struct s2n_handshake_action { @@ -805,9 +800,9 @@ static message_type_t tls13_handshakes[S2N_HANDSHAKES_COUNT][S2N_MAX_HANDSHAKE_L /* clang-format on */ #define MAX_HANDSHAKE_TYPE_LEN 142 -static char handshake_type_str[S2N_HANDSHAKES_COUNT][MAX_HANDSHAKE_TYPE_LEN] = {0}; +static char handshake_type_str[S2N_HANDSHAKES_COUNT][MAX_HANDSHAKE_TYPE_LEN] = { 0 }; -static const char* tls12_handshake_type_names[] = { +static const char *tls12_handshake_type_names[] = { "NEGOTIATED|", "FULL_HANDSHAKE|", "CLIENT_AUTH|", @@ -818,7 +813,7 @@ static const char* tls12_handshake_type_names[] = { "WITH_NPN|", }; -static const char* tls13_handshake_type_names[] = { +static const char *tls13_handshake_type_names[] = { "NEGOTIATED|", "FULL_HANDSHAKE|", "CLIENT_AUTH|", @@ -829,22 +824,24 @@ static const char* tls13_handshake_type_names[] = { "EARLY_CLIENT_CCS|", }; -#define IS_TLS13_HANDSHAKE( conn ) ((conn)->actual_protocol_version == S2N_TLS13) +#define IS_TLS13_HANDSHAKE(conn) ((conn)->actual_protocol_version == S2N_TLS13) -#define ACTIVE_STATE_MACHINE( conn ) (IS_TLS13_HANDSHAKE(conn) ? tls13_state_machine : state_machine) -#define ACTIVE_HANDSHAKES( conn ) (IS_TLS13_HANDSHAKE(conn) ? tls13_handshakes : handshakes) +#define ACTIVE_STATE_MACHINE(conn) (IS_TLS13_HANDSHAKE(conn) ? tls13_state_machine : state_machine) +#define ACTIVE_HANDSHAKES(conn) (IS_TLS13_HANDSHAKE(conn) ? tls13_handshakes : handshakes) -#define ACTIVE_MESSAGE( conn ) ACTIVE_HANDSHAKES(conn)[ (conn)->handshake.handshake_type ][ (conn)->handshake.message_number ] +#define ACTIVE_MESSAGE(conn) ACTIVE_HANDSHAKES(conn)[(conn)->handshake.handshake_type][(conn)->handshake.message_number] -#define ACTIVE_STATE( conn ) ACTIVE_STATE_MACHINE(conn)[ ACTIVE_MESSAGE( (conn) ) ] -#define CCS_STATE( conn ) (((conn)->mode == S2N_CLIENT) ? ACTIVE_STATE_MACHINE(conn)[SERVER_CHANGE_CIPHER_SPEC] \ - : ACTIVE_STATE_MACHINE(conn)[CLIENT_CHANGE_CIPHER_SPEC] ) +#define ACTIVE_STATE(conn) ACTIVE_STATE_MACHINE(conn)[ACTIVE_MESSAGE((conn))] -#define EXPECTED_RECORD_TYPE( conn ) ACTIVE_STATE( conn ).record_type -#define EXPECTED_MESSAGE_TYPE( conn ) ACTIVE_STATE( conn ).message_type +#define CCS_STATE(conn) (((conn)->mode == S2N_CLIENT) ? \ + ACTIVE_STATE_MACHINE(conn)[SERVER_CHANGE_CIPHER_SPEC] : \ + ACTIVE_STATE_MACHINE(conn)[CLIENT_CHANGE_CIPHER_SPEC]) -#define CONNECTION_WRITER( conn ) (conn->mode == S2N_CLIENT ? 'C' : 'S') -#define CONNECTION_IS_WRITER( conn ) (ACTIVE_STATE(conn).writer == CONNECTION_WRITER(conn)) +#define EXPECTED_RECORD_TYPE(conn) ACTIVE_STATE(conn).record_type +#define EXPECTED_MESSAGE_TYPE(conn) ACTIVE_STATE(conn).message_type + +#define CONNECTION_WRITER(conn) (conn->mode == S2N_CLIENT ? 'C' : 'S') +#define CONNECTION_IS_WRITER(conn) (ACTIVE_STATE(conn).writer == CONNECTION_WRITER(conn)) /* Only used in our test cases. */ message_type_t s2n_conn_get_current_message_type(struct s2n_connection *conn) @@ -862,9 +859,7 @@ static int s2n_advance_message(struct s2n_connection *conn) conn->handshake.message_number++; /* When reading and using TLS1.3, skip optional change_cipher_spec states. */ - if (ACTIVE_STATE(conn).writer != this_mode && - EXPECTED_RECORD_TYPE(conn) == TLS_CHANGE_CIPHER_SPEC && - IS_TLS13_HANDSHAKE(conn)) { + if (ACTIVE_STATE(conn).writer != this_mode && EXPECTED_RECORD_TYPE(conn) == TLS_CHANGE_CIPHER_SPEC && IS_TLS13_HANDSHAKE(conn)) { conn->handshake.message_number++; } @@ -942,9 +937,7 @@ int s2n_set_hello_retry_required(struct s2n_connection *conn) bool s2n_is_hello_retry_message(struct s2n_connection *conn) { - return (conn != NULL && - s2n_result_is_ok(s2n_handshake_validate(&(conn->handshake))) && - ACTIVE_MESSAGE(conn) == HELLO_RETRY_MSG); + return (conn != NULL && s2n_result_is_ok(s2n_handshake_validate(&(conn->handshake))) && ACTIVE_MESSAGE(conn) == HELLO_RETRY_MSG); } bool s2n_is_hello_retry_handshake(struct s2n_connection *conn) @@ -952,7 +945,8 @@ bool s2n_is_hello_retry_handshake(struct s2n_connection *conn) return IS_HELLO_RETRY_HANDSHAKE(conn); } -static S2N_RESULT s2n_conn_set_tls13_handshake_type(struct s2n_connection *conn) { +static S2N_RESULT s2n_conn_set_tls13_handshake_type(struct s2n_connection *conn) +{ RESULT_ENSURE_REF(conn); /* Most handshake type flags should be reset before we calculate the handshake type, @@ -1132,7 +1126,7 @@ const char *s2n_connection_get_handshake_type_name(struct s2n_connection *conn) return "INITIAL"; } - const char** handshake_type_names = tls13_handshake_type_names; + const char **handshake_type_names = tls13_handshake_type_names; size_t handshake_type_names_len = s2n_array_len(tls13_handshake_type_names); if (s2n_connection_get_protocol_version(conn) < S2N_TLS13) { handshake_type_names = tls12_handshake_type_names; @@ -1190,14 +1184,14 @@ static int s2n_handshake_write_io(struct s2n_connection *conn) if (record_type == TLS_HANDSHAKE) { POSIX_GUARD(s2n_handshake_write_header(&conn->handshake.io, ACTIVE_STATE(conn).message_type)); } - POSIX_GUARD(ACTIVE_STATE(conn).handler[conn->mode] (conn)); + POSIX_GUARD(ACTIVE_STATE(conn).handler[conn->mode](conn)); if (record_type == TLS_HANDSHAKE) { POSIX_GUARD(s2n_handshake_finish_header(&conn->handshake.io)); } } /* Write the handshake data to records in fragment sized chunks */ - struct s2n_blob out = {0}; + struct s2n_blob out = { 0 }; while (s2n_stuffer_data_available(&conn->handshake.io) > 0) { uint16_t max_payload_size = 0; POSIX_GUARD_RESULT(s2n_record_max_write_payload_size(conn, &max_payload_size)); @@ -1287,7 +1281,7 @@ static int s2n_handshake_conn_update_hashes(struct s2n_connection *conn) POSIX_GUARD(s2n_stuffer_reread(&conn->handshake.io)); POSIX_GUARD_RESULT(s2n_handshake_parse_header(&conn->handshake.io, &message_type, &handshake_message_length)); - struct s2n_blob handshake_record = {0}; + struct s2n_blob handshake_record = { 0 }; handshake_record.data = conn->handshake.io.blob.data; handshake_record.size = TLS_HANDSHAKE_HEADER_LENGTH + handshake_message_length; POSIX_ENSURE_REF(handshake_record.data); @@ -1303,7 +1297,7 @@ static int s2n_handshake_handle_sslv2(struct s2n_connection *conn) S2N_ERROR_IF(ACTIVE_MESSAGE(conn) != CLIENT_HELLO, S2N_ERR_BAD_MESSAGE); /* Add the message to our handshake hashes */ - struct s2n_blob hashed = {.data = conn->header_in.blob.data + 2,.size = 3 }; + struct s2n_blob hashed = { .data = conn->header_in.blob.data + 2, .size = 3 }; POSIX_GUARD(s2n_conn_update_handshake_hashes(conn, &hashed)); hashed.data = conn->in.blob.data; @@ -1452,7 +1446,7 @@ static int s2n_handshake_read_io(struct s2n_connection *conn) S2N_ERROR_IF(s2n_stuffer_data_available(&conn->in) != 1, S2N_ERR_BAD_MESSAGE); POSIX_GUARD(s2n_stuffer_copy(&conn->in, &conn->handshake.io, s2n_stuffer_data_available(&conn->in))); - POSIX_GUARD(CCS_STATE(conn).handler[conn->mode] (conn)); + POSIX_GUARD(CCS_STATE(conn).handler[conn->mode](conn)); POSIX_GUARD(s2n_stuffer_wipe(&conn->handshake.io)); /* We're done with the record, wipe it */ @@ -1531,7 +1525,7 @@ static int s2n_handshake_read_io(struct s2n_connection *conn) POSIX_ENSURE(!CONNECTION_IS_WRITER(conn), S2N_ERR_BAD_MESSAGE); /* Call the relevant handler */ - WITH_ERROR_BLINDING(conn, POSIX_GUARD(ACTIVE_STATE(conn).handler[conn->mode] (conn))); + WITH_ERROR_BLINDING(conn, POSIX_GUARD(ACTIVE_STATE(conn).handler[conn->mode](conn))); /* Advance the state machine */ POSIX_GUARD_RESULT(s2n_finish_read(conn)); @@ -1549,7 +1543,7 @@ static int s2n_handle_retry_state(struct s2n_connection *conn) * handler right away. We aren't going to read more handshake data yet or proceed * to the next handler because the current message has not finished processing. */ s2n_errno = S2N_ERR_OK; - const int r = ACTIVE_STATE(conn).handler[conn->mode] (conn); + const int r = ACTIVE_STATE(conn).handler[conn->mode](conn); if (r < S2N_SUCCESS && S2N_ERROR_IS_BLOCKING(s2n_errno)) { /* If the handler is still waiting for data, return control to the caller. */ diff --git a/tls/s2n_handshake_transcript.c b/tls/s2n_handshake_transcript.c index d0eb448f410..5475a10ca69 100644 --- a/tls/s2n_handshake_transcript.c +++ b/tls/s2n_handshake_transcript.c @@ -13,16 +13,14 @@ * permissions and limitations under the License. */ +#include "stuffer/s2n_stuffer.h" #include "tls/s2n_connection.h" #include "tls/s2n_tls.h" #include "tls/s2n_tls13_handshake.h" - -#include "stuffer/s2n_stuffer.h" - #include "utils/s2n_blob.h" /* Length of the synthetic message header */ -#define MESSAGE_HASH_HEADER_LENGTH 4 +#define MESSAGE_HASH_HEADER_LENGTH 4 int s2n_conn_update_handshake_hashes(struct s2n_connection *conn, struct s2n_blob *data) { @@ -45,8 +43,9 @@ int s2n_conn_update_handshake_hashes(struct s2n_connection *conn, struct s2n_blo POSIX_GUARD(s2n_hash_update(&hashes->sha1, data->data, data->size)); } - const uint8_t md5_sha1_required = (s2n_handshake_is_hash_required(&conn->handshake, S2N_HASH_MD5) && - s2n_handshake_is_hash_required(&conn->handshake, S2N_HASH_SHA1)); + const uint8_t md5_sha1_required = + (s2n_handshake_is_hash_required(&conn->handshake, S2N_HASH_MD5) + && s2n_handshake_is_hash_required(&conn->handshake, S2N_HASH_SHA1)); if (md5_sha1_required) { /* The MD5_SHA1 hash can still be used for TLS 1.0 and 1.1 in FIPS mode for @@ -91,7 +90,7 @@ int s2n_server_hello_retry_recreate_transcript(struct s2n_connection *conn) uint8_t hash_digest_length = keys.size; /* Create the MessageHash (our synthetic message) */ - uint8_t msghdr[MESSAGE_HASH_HEADER_LENGTH] = {0}; + uint8_t msghdr[MESSAGE_HASH_HEADER_LENGTH] = { 0 }; msghdr[0] = TLS_MESSAGE_HASH; msghdr[MESSAGE_HASH_HEADER_LENGTH - 1] = hash_digest_length; @@ -105,7 +104,7 @@ int s2n_server_hello_retry_recreate_transcript(struct s2n_connection *conn) POSIX_GUARD_RESULT(s2n_handshake_reset_hash_state(conn, keys.hash_algorithm)); /* Step 2: Update the transcript with the synthetic message */ - struct s2n_blob msg_blob = {0}; + struct s2n_blob msg_blob = { 0 }; POSIX_GUARD(s2n_blob_init(&msg_blob, msghdr, MESSAGE_HASH_HEADER_LENGTH)); POSIX_GUARD(s2n_conn_update_handshake_hashes(conn, &msg_blob)); diff --git a/tls/s2n_handshake_type.c b/tls/s2n_handshake_type.c index 1ba27a36848..46d24ddaf3f 100644 --- a/tls/s2n_handshake_type.c +++ b/tls/s2n_handshake_type.c @@ -13,8 +13,9 @@ * permissions and limitations under the License. */ -#include "tls/s2n_connection.h" #include "tls/s2n_handshake_type.h" + +#include "tls/s2n_connection.h" #include "utils/s2n_safety.h" S2N_RESULT s2n_handshake_type_set_flag(struct s2n_connection *conn, s2n_handshake_type_flag flag) diff --git a/tls/s2n_handshake_type.h b/tls/s2n_handshake_type.h index 28199f8ef8d..12cdc6810a6 100644 --- a/tls/s2n_handshake_type.h +++ b/tls/s2n_handshake_type.h @@ -18,63 +18,63 @@ #include "utils/s2n_result.h" /* Maximum number of valid handshakes */ -#define S2N_HANDSHAKES_COUNT 256 +#define S2N_HANDSHAKES_COUNT 256 -#define IS_NEGOTIATED(conn) \ - ( s2n_handshake_type_check_flag(conn, NEGOTIATED) ) +#define IS_NEGOTIATED(conn) \ + (s2n_handshake_type_check_flag(conn, NEGOTIATED)) -#define IS_FULL_HANDSHAKE(conn) \ - ( s2n_handshake_type_check_flag(conn, FULL_HANDSHAKE) ) +#define IS_FULL_HANDSHAKE(conn) \ + (s2n_handshake_type_check_flag(conn, FULL_HANDSHAKE)) -#define IS_RESUMPTION_HANDSHAKE(conn) \ - ( !IS_FULL_HANDSHAKE(conn) && IS_NEGOTIATED(conn) ) +#define IS_RESUMPTION_HANDSHAKE(conn) \ + (!IS_FULL_HANDSHAKE(conn) && IS_NEGOTIATED(conn)) -#define IS_CLIENT_AUTH_HANDSHAKE(conn) \ - ( s2n_handshake_type_check_flag(conn, CLIENT_AUTH) ) +#define IS_CLIENT_AUTH_HANDSHAKE(conn) \ + (s2n_handshake_type_check_flag(conn, CLIENT_AUTH)) -#define IS_CLIENT_AUTH_NO_CERT(conn) \ - ( IS_CLIENT_AUTH_HANDSHAKE(conn) && s2n_handshake_type_check_flag(conn, NO_CLIENT_CERT) ) +#define IS_CLIENT_AUTH_NO_CERT(conn) \ + (IS_CLIENT_AUTH_HANDSHAKE(conn) && s2n_handshake_type_check_flag(conn, NO_CLIENT_CERT)) #define IS_TLS12_PERFECT_FORWARD_SECRECY_HANDSHAKE(conn) \ - ( s2n_handshake_type_check_tls12_flag(conn, TLS12_PERFECT_FORWARD_SECRECY) ) + (s2n_handshake_type_check_tls12_flag(conn, TLS12_PERFECT_FORWARD_SECRECY)) -#define IS_OCSP_STAPLED(conn) \ - ( s2n_handshake_type_check_tls12_flag(conn, OCSP_STATUS) ) +#define IS_OCSP_STAPLED(conn) \ + (s2n_handshake_type_check_tls12_flag(conn, OCSP_STATUS)) #define IS_ISSUING_NEW_SESSION_TICKET(conn) \ - ( s2n_handshake_type_check_tls12_flag(conn, WITH_SESSION_TICKET) ) + (s2n_handshake_type_check_tls12_flag(conn, WITH_SESSION_TICKET)) -#define IS_NPN_HANDSHAKE(conn) \ - ( s2n_handshake_type_check_tls12_flag(conn, WITH_NPN) ) +#define IS_NPN_HANDSHAKE(conn) \ + (s2n_handshake_type_check_tls12_flag(conn, WITH_NPN)) -#define IS_HELLO_RETRY_HANDSHAKE(conn) \ - ( s2n_handshake_type_check_tls13_flag(conn, HELLO_RETRY_REQUEST) ) +#define IS_HELLO_RETRY_HANDSHAKE(conn) \ + (s2n_handshake_type_check_tls13_flag(conn, HELLO_RETRY_REQUEST)) -#define IS_MIDDLEBOX_COMPAT_MODE(conn) \ - ( s2n_handshake_type_check_tls13_flag(conn, MIDDLEBOX_COMPAT) ) +#define IS_MIDDLEBOX_COMPAT_MODE(conn) \ + (s2n_handshake_type_check_tls13_flag(conn, MIDDLEBOX_COMPAT)) -#define WITH_EARLY_DATA(conn) \ - ( s2n_handshake_type_check_tls13_flag(conn, WITH_EARLY_DATA) ) +#define WITH_EARLY_DATA(conn) \ + (s2n_handshake_type_check_tls13_flag(conn, WITH_EARLY_DATA)) -#define WITH_EARLY_CLIENT_CCS(conn) \ - ( s2n_handshake_type_check_tls13_flag(conn, EARLY_CLIENT_CCS) ) +#define WITH_EARLY_CLIENT_CCS(conn) \ + (s2n_handshake_type_check_tls13_flag(conn, EARLY_CLIENT_CCS)) typedef enum { - INITIAL = 0, - NEGOTIATED = 1, - FULL_HANDSHAKE = 2, - CLIENT_AUTH = 4, - NO_CLIENT_CERT = 8, + INITIAL = 0, + NEGOTIATED = 1, + FULL_HANDSHAKE = 2, + CLIENT_AUTH = 4, + NO_CLIENT_CERT = 8, } s2n_handshake_type_flag; S2N_RESULT s2n_handshake_type_set_flag(struct s2n_connection *conn, s2n_handshake_type_flag flag); bool s2n_handshake_type_check_flag(struct s2n_connection *conn, s2n_handshake_type_flag flag); typedef enum { - TLS12_PERFECT_FORWARD_SECRECY = 16, - OCSP_STATUS = 32, - WITH_SESSION_TICKET = 64, - WITH_NPN = 128, + TLS12_PERFECT_FORWARD_SECRECY = 16, + OCSP_STATUS = 32, + WITH_SESSION_TICKET = 64, + WITH_NPN = 128, } s2n_tls12_handshake_type_flag; S2N_RESULT s2n_handshake_type_set_tls12_flag(struct s2n_connection *conn, s2n_tls12_handshake_type_flag flag); @@ -82,10 +82,10 @@ S2N_RESULT s2n_handshake_type_unset_tls12_flag(struct s2n_connection *conn, s2n_ bool s2n_handshake_type_check_tls12_flag(struct s2n_connection *conn, s2n_tls12_handshake_type_flag flag); typedef enum { - HELLO_RETRY_REQUEST = 16, - MIDDLEBOX_COMPAT = 32, - WITH_EARLY_DATA = 64, - EARLY_CLIENT_CCS = 128, + HELLO_RETRY_REQUEST = 16, + MIDDLEBOX_COMPAT = 32, + WITH_EARLY_DATA = 64, + EARLY_CLIENT_CCS = 128, } s2n_tls13_handshake_type_flag; S2N_RESULT s2n_handshake_type_set_tls13_flag(struct s2n_connection *conn, s2n_tls13_handshake_type_flag flag);