Merge pull request Mbed-TLS#325 from hanno-arm/mps_remove_ext_rd_wr

MPS: Remove extended reader/writer from MPS, part 2

include/mbedtls/mps/common.h

@@ -290,8 +290,10 @@ typedef uint8_t mbedtls_mps_epoch_offset_t;
 
 #else /* MBEDTLS_MPS_ENABLE_ASSERTIONS */
 
-#define MBEDTLS_MPS_ASSERT( cond, string )     do {} while( 0 )
-#define MBEDTLS_MPS_ASSERT_RAW( cond, string ) do {} while( 0 )
+#define MBEDTLS_MPS_ASSERT( cond, string )              \
+    do { int val = (cond); ((void) val); } while( 0 )
+#define MBEDTLS_MPS_ASSERT_RAW( cond, string )          \
+    do { int val = (cond); ((void) val); } while( 0 )
 
 #endif /* MBEDTLS_MPS_ENABLE_ASSERTIONS */
 
@@ -376,41 +378,29 @@ typedef uint8_t mbedtls_mps_transport_type;
  /* MBEDTLS_SSL_TRANSPORT_DATAGRAM */
 #define MBEDTLS_MPS_MODE_DATAGRAM ((mbedtls_mps_transport_type) 1)
 
+/* Helper macros to check whether TLS/DTLS are enabled. */
 #if defined(MBEDTLS_MPS_PROTO_TLS)
-
 #if defined(MBEDTLS_MPS_PROTO_BOTH)
-#define MBEDTLS_MPS_IS_TLS( mode )               \
-    ( (mode) == MBEDTLS_MPS_MODE_STREAM )
+#define MBEDTLS_MPS_IS_TLS(mode)         ((mode) == MBEDTLS_MPS_MODE_STREAM)
 #else
-/* Define `1` in a roundabout way using `mode` to avoid unused
- * variable warnings. */
-#define MBEDTLS_MPS_IS_TLS( mode ) ( ((void) mode), 1 )
+#define MBEDTLS_MPS_IS_TLS(mode)         (((void) mode), 1)
 #endif /* MBEDTLS_MPS_PROTO_BOTH */
-
-#define MBEDTLS_MPS_IF_TLS( mode ) if( MBEDTLS_MPS_IS_TLS( mode ) )
-
-#else /* MBEDTLS_MPS_PROTO_TLS */
-
-#define MBEDTLS_MPS_IS_TLS( mode ) 0
-
+#else  /* MBEDTLS_MPS_PROTO_TLS */
+#define MBEDTLS_MPS_IS_TLS(mode)         (((void) mode), 0)
 #endif /* MBEDTLS_MPS_PROTO_TLS  */
-
+#define MBEDTLS_MPS_IF_TLS(mode)         if( MBEDTLS_MPS_IS_TLS( mode ) )
 #if defined(MBEDTLS_MPS_PROTO_DTLS)
 #if defined(MBEDTLS_MPS_PROTO_BOTH)
-#define MBEDTLS_MPS_IS_DTLS( mode )               \
-    ( (mode) == MBEDTLS_MPS_MODE_DATAGRAM )
-#define MBEDTLS_MPS_ELSE_IF_DTLS( mode )         \
-    else if( ((void)mode), 1 )
-#else
-/* Define `1` in a roundabout way using `mode` to avoid unused
- * variable warnings. */
-#define MBEDTLS_MPS_IS_DTLS( mode ) ( ((void) mode), 1 )
-#define MBEDTLS_MPS_ELSE_IF_DTLS( mode )        \
-    if( MBEDTLS_MPS_IS_DTLS( mode ) )
+#define MBEDTLS_MPS_IS_DTLS(mode)        ((mode) == MBEDTLS_MPS_MODE_DATAGRAM)
+#define MBEDTLS_MPS_ELSE_IF_DTLS(mode)   else if(((void)mode), 1)
+#else /* MBEDTLS_MPS_PROTO_BOTH */
+#define MBEDTLS_MPS_IS_DTLS(mode)        (((void) mode), 1)
+#define MBEDTLS_MPS_ELSE_IF_DTLS( mode ) if( MBEDTLS_MPS_IS_DTLS( mode ) )
 #endif /* MBEDTLS_MPS_PROTO_BOTH */
-
-#define MBEDTLS_MPS_IF_DTLS( mode ) if( MBEDTLS_MPS_IS_DTLS( mode ) )
+#else  /* MBEDTLS_MPS_PROTO_DTLS  */
+#define MBEDTLS_MPS_IS_DTLS(mode)        (((void) mode), 0 )
 #endif /* MBEDTLS_MPS_PROTO_DTLS  */
+#define MBEDTLS_MPS_IF_DTLS( mode )      if(MBEDTLS_MPS_IS_DTLS(mode))
 
 /*! The enumeration of record content types recognized by MPS.
  *

include/mbedtls/mps/layer3.h

@@ -92,39 +92,39 @@ typedef enum mps_l3_hs_state
 } mps_l3_hs_state;
 
 /**
- * \brief    This structure represents handles to
- *           outgoing handshake messages.
- *
- *           It is used in the following way:
- *           When the user wants to prepare an outgoing
- *           handshake message, he creates an instance
- *           of this structure and sets fields indicating
- *           the intended epoch, handshake type, and
- *           handshake message length. The user then calls
- *           mps_l3_write_handshake() which, on success,
- *           sets the \c wr_ext within this struct to point
- *           to a valid writer that can be used to provide
- *           the actual message contents.
- *
- *           When the writing is done, the user calls
- *           mps_l3_dispatch() to prepare the message for
- *           delivery; if the writing cannot be completed
- *           because the provided writer does not provide
- *           enough space for outgoing data, the write can
- *           be paused via mps_l3_pause_handshake(), and
- *           subsequently be continued via another call to
- *           mps_l3_write_handshake() which must use the
- *           the same epoch, handshake type and length
- *           parameters as the initial one.
- *
- *           The handshake message length must be known
- *           in advance if pausing is needed for the message.
- *           If pausing is not needed, the length field can
- *           be set to #MBEDTLS_MPS_SIZE_UNKNOWN and will be
- *           be determined automatically on closing.
+ * \brief    This structure represents handles to outgoing handshake messages.
+ *
+ *           It is used in the following way: When users want to prepare
+ *           an outgoing handshake message, they create an instance of this
+ *           structure and set fields indicating the intended epoch,
+ *           handshake type, and handshake message length. They then call
+ *           mps_l3_write_handshake() which, on success, sets the \c wr
+ *           within this struct to point to a valid writer that can be used
+ *           to provide the actual message contents.
+ *
+ *           When the writing is done, users call mps_l3_dispatch() to prepare
+ *           the message for delivery; if the writing cannot be completed
+ *           because the provided writer does not provide enough space for
+ *           outgoing data, the write can be paused via mps_l3_pause_handshake()
+ *           and subsequently be continued via another call to
+ *           mps_l3_write_handshake() which must use the the same epoch,
+ *           handshake type and length parameters as the initial one.
+ *
+ *           The handshake message length must be known in advance if pausing
+ *           is needed for the message. If pausing is not needed, the length
+ *           field can be set to #MBEDTLS_MPS_SIZE_UNKNOWN and will be be
+ *           determined automatically on closing.
  */
 struct mps_l3_handshake_out
 {
+    /*! The total length of the handshake message (regardless of fragmentation),
+     *  or #MBEDTLS_MPS_SIZE_UNKNOWN if the length will be determined at
+     *  write-time. In this case, pausing is not possible for the handshake
+     *  message (because the headers for handshake fragments include the total
+     *  length of the handshake message). This must be set by the user
+     *  before calling mps_l3_write_handshake(). */
+    mbedtls_mps_stored_opt_size_t len;
+
     /*! The epoch to use to protect the handshake message.
      *  This must be set by the user before calling mps_l3_write_handshake(). */
     mbedtls_mps_stored_epoch_id epoch;
@@ -133,30 +133,24 @@ struct mps_l3_handshake_out
      *  the user before calling mps_l3_write_handshake().*/
     mbedtls_mps_stored_hs_type type;
 
+#if defined(MBEDTLS_MPS_PROTO_DTLS)
     /*! The handshake sequence number. */
     mbedtls_mps_stored_hs_seq_nr_t seq_nr;
 
-    /*! The total length of the handshake message (regardless of fragmentation),
-     *  or #MBEDTLS_MPS_SIZE_UNKNOWN if the length will be determined at
-     *  write-time. In this case, pausing is not possible for the handshake
-     *  message (because the headers for handshake fragments include the total
-     *  length of the handshake message). This must be set by the user
-     *  before calling mps_l3_write_handshake(). */
-    mbedtls_mps_stored_opt_size_t len;
-
     /*! The length of the current handshake fragment, or
      *  #MBEDTLS_MPS_SIZE_UNKNOWN if the will be determined at write-time. */
     mbedtls_mps_stored_opt_size_t frag_len;
 
      /*! The offset of the current fragment from the
       *  beginning of the handshake message.*/
     mbedtls_mps_stored_size_t frag_offset;
+#endif /* MBEDTLS_MPS_PROTO_DTLS */
 
-    /*! The extended writer providing buffers to which the message
+    /*! The writer providing buffers to which the message
      *  contents can be written, and keeping track of message bounds.
      *  This must be \c NULL when the user calls mps_l3_write_handshake(), which
-     *  will modify it to point to a valid extended writer on success. */
-    mbedtls_writer_ext *wr_ext;
+     *  will modify it to point to a valid writer on success. */
+    mbedtls_writer *wr;
 };
 
 /**
@@ -205,9 +199,8 @@ struct mps_l3_handshake_in
     /*! The handshake sequence number.*/
     mbedtls_mps_stored_hs_seq_nr_t seq_nr;
 
-    /*!< The extended reader giving access to the message contents, and
-     *   keeping track of message bounds. */
-    mbedtls_mps_reader_ext *rd_ext;
+    /*!< The reader giving access to the message contents. */
+    mbedtls_mps_reader *rd;
 };
 
 /**
@@ -338,10 +331,6 @@ struct mps_l3_hs_in_internal
 
     /*!< The handshake sequence number. */
     mbedtls_mps_stored_hs_seq_nr_t seq_nr;
-
-    mbedtls_mps_reader_ext rd_ext;  /*!< The extended reader giving access to
-                                 *   the message contents, but also keeping
-                                 *   track of message bounds.                */
 };
 
 struct mps_l3_hs_out_internal
@@ -369,14 +358,7 @@ struct mps_l3_hs_out_internal
     /*! The size of the header buffer. */
     mbedtls_mps_stored_size_t hdr_len;
 
-    /*! The extended writer providing buffers to which the message
-     *  contents can be written, and keeping track of message bounds. */
-
-    /* OPTIMIZATION:
-     * Consider removing the extended writer from Layer 3 and
-     * performing bounds checks for handshake messages at Layer 4.
-     * See the corresponding comment in mps.h. */
-    mbedtls_writer_ext wr_ext;
+    mbedtls_mps_stored_size_t hdr_offset;
 
     /* DTLS-specific fields. */
 

include/mbedtls/mps/mps.h

@@ -433,7 +433,7 @@ typedef void mbedtls_mps_write_cb_ctx_t;
  *              that was used to write the message in the first place.
  */
 typedef int (*mbedtls_mps_write_cb_t)( mbedtls_mps_write_cb_ctx_t const *ctx,
-                                       mbedtls_writer_ext *writer );
+                                       mbedtls_writer *writer );
 
 /*! Enumeration of states of ::mbedtls_mps_handshake_out_internal. */
 typedef uint8_t mbedtls_mps_hs_state;
@@ -445,13 +445,14 @@ typedef uint8_t mbedtls_mps_hs_state;
     writing-mode. */
 #define MBEDTLS_MPS_HS_ACTIVE ( (mbedtls_mps_hs_state) 1 )
 /*! This state indicates an initialized structure representing
- *  an outgoing handshake message whose user-facing writer is in
- *  providing mode. That's the case if the message is not yet
- *  completely written and another message buffer is needed to
- *  hold the next chunk of message contents; or it might be that
- *  the message has been entirely written, but parts or all of its
- *  content are still buffered and need to be dispatched. */
-#define MBEDTLS_MPS_HS_PAUSED ( (mbedtls_mps_hs_state) 2 )
+ *  an outgoing handshake message has been completely written
+ *  by the user, but which still needs to be dispatched to
+ *  Layer 3. */
+#define MBEDTLS_MPS_HS_QUEUED ( (mbedtls_mps_hs_state) 2 )
+/*! This state indicates an initialized structure representing
+ *  an outgoing handshake message which has not yet been fully
+ *  written by the user */
+#define MBEDTLS_MPS_HS_PAUSED ( (mbedtls_mps_hs_state) 3 )
 
 /*
  * \brief Internal structure representing an outgoing handshake message.
@@ -542,8 +543,8 @@ struct mbedtls_mps_handshake_out_internal
      * we'd safe a pointer to a raw writer here (which, however,
      * might be removed due to the previous optimization
      * opportunity). */
-    mbedtls_writer_ext *wr_ext_l3;  /*!< The writer obtained from Layer 3 to
-                                     *   write the next handshake fragment.*/
+    mbedtls_writer *wr_l3;  /*!< The writer obtained from Layer 3 to
+                             *   write the next handshake fragment.*/
 
     /*
      * User-facing writers
@@ -554,9 +555,7 @@ struct mbedtls_mps_handshake_out_internal
      * and one should be able to avoid duplicating them here. */
     mbedtls_mps_stored_size_t queue_len;
     unsigned char            *queue;
-    mbedtls_writer         wr;
-    mbedtls_writer_ext wr_ext; /*!< The write-handle to the handshake message
-                                *   content that's passed to the user.        */
+    mbedtls_writer            wr;
 
 };
 
@@ -1043,8 +1042,7 @@ struct mbedtls_mps
                      *
                      *  TODO: Document in which states this is valid.
                      */
-                    mbedtls_mps_reader         rd;
-                    mbedtls_mps_reader_ext rd_ext;
+                    mbedtls_mps_reader rd;
 
                     /*! The array of structures representing future and/or
                      *  partially received handshake messages. */
@@ -1089,7 +1087,7 @@ struct mbedtls_mps
                             /*! The extended reader owned by Layer 3 giving rise to the
                              *  contents of the handshake message. This is valid if and
                              *  only if \c status is #MPS_REASSEMBLY_NO_FRAGMENTATION */
-                            mbedtls_mps_reader_ext *rd_ext_l3;
+                            mbedtls_mps_reader *rd_l3;
 
                             /*! The reassembly buffer holding the partially received
                              *  handshake message. This is valid if and only if
@@ -1290,7 +1288,7 @@ typedef struct
 {
     uint8_t   type;             /*!< Type of handshake message           */
     size_t  length;             /*!< Length of entire handshake message  */
-    mbedtls_mps_reader_ext *handle; /*!< Reader to retrieve message contents */
+    mbedtls_mps_reader *handle; /*!< Reader to retrieve message contents */
 
     uint8_t add[8];             /*!< Opaque, additional data to be used for
                                  *   checksum calculations. */
@@ -1405,7 +1403,7 @@ int mbedtls_mps_read_set_flags( mbedtls_mps *mps, mbedtls_mps_msg_flags flags );
  * \brief          Pause the reading of an incoming handshake message.
  *
  *                 When a handshake message has been received, the user of the
- *                 MPS can query its contents through mbedtls_mps_reader_get_ext(),
+ *                 MPS can query its contents through mbedtls_mps_reader_get(),
  *                 using the reader returned from mbedtls_mps_read_handshake().
  *                 If the handshake message is only partially available - for
  *                 example, because it was fragments on the TLS record layer -
@@ -1535,7 +1533,7 @@ struct mbedtls_mps_handshake_out
     *  calling mbedtls_mps_write_handshake(). */
     mbedtls_mps_stored_opt_size_t length;
 
-    mbedtls_writer_ext *handle; /*!< Write-handle to handshake message content.
+    mbedtls_writer *handle;     /*!< Write-handle to handshake message content.
                                  *
                                  *   This field is set by the MPS implementation
                                  *   of mbedtls_mps_write_handshake(). Any

include/mbedtls/mps/trace.h

@@ -37,8 +37,6 @@
 #define mbedtls_vsnprintf vsnprintf
 #endif /* MBEDTLS_PLATFORM_C */
 
-#if defined(MBEDTLS_MPS_ENABLE_TRACE)
-
 /*
  * Adapt this to enable/disable tracing output
  * from the various layers of the MPS.
@@ -115,6 +113,8 @@ typedef enum
                                  MBEDTLS_MPS_TRACE_MASK_READER  |       \
                                  MBEDTLS_MPS_TRACE_MASK_WRITER )
 
+#if defined(MBEDTLS_MPS_ENABLE_TRACE)
+
 /* We have to avoid globals because E-ACSL chokes on them...
  * Wrap everything in stub functions. */
 int  mbedtls_mps_trace_get_depth( void );
@@ -163,8 +163,16 @@ void mbedtls_mps_trace_print_msg( int id, int line, const char *format, ... );
 
 #else /* MBEDTLS_MPS_TRACE */
 
-#define MBEDTLS_MPS_TRACE( type, ... ) do { } while( 0 )
-#define MBEDTLS_MPS_TRACE_INIT( ... )  do { } while( 0 )
+static inline void mps_trace_variable_sink( const char* fmt, ...)
+{
+    ((void) fmt);
+}
+
+/* Make sure to "use" arguments, to avoid unused variable warnings. */
+#define MBEDTLS_MPS_TRACE( type, ... ) \
+    do { ((void) type); mps_trace_variable_sink( __VA_ARGS__ ); } while( 0 )
+#define MBEDTLS_MPS_TRACE_INIT( ... )  \
+    do { mps_trace_variable_sink( __VA_ARGS__ ); } while( 0 )
 #define MBEDTLS_MPS_TRACE_END          do { } while( 0 )
 
 #define MBEDTLS_MPS_TRACE_RETURN( val ) return( val );