Fix use of bitfield unsupported by Windows compilers #508
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
* Incorporate mbedtls in cmake * include find mbedtls * Add cmake module path * Add find package * Update MbedTLS find * Add missing endif * Check mbedtls found condition * Struggling with Found condition. * Remove error condition for debug * update mbedtls test * fix typo * Add github action for mbedtls * Debugging github action. * Decomposing the build steps * More debugging of github action * Build mbedtls parallel to picotls * Add sha512 and sha384 * Update sha384 definitions and test * Add aes256gcm * Add chachapoly * Add test definition. * Fix copy paste errors * Another typo to fix * Fix declarations * use chacha20 test * Fix chacha20 declaration * One last typo, hopefully * That's for coding when half asleep * Provide capability to segment session resumption using user-supplied value * Fix initialization of chacha20-ctr * Add mbedtls to ptlsbench * Fix debug message * Condition fusion to PTLS_HAVE_FUSION * Declare cipher suites * Add support for MbedTLS random * typo * [minicrypto] x25519 key derivation must fail when output is all-zero * use high level PSA API * msvc compatibility * here also * Fix test random * Fix typo * Add code of sec256r1 * [boringssl] check x25519 bad key * clear secret * use macro to avoid compile errors * Simplify aead setup * Add x25519 * Add test of mbedtls key exchanges * Fix reference to test_key_exchange * [evp_keyex_init] keep refcount unchanged when the function fails * add the failing case * extensions block is optional in TLS/1.2 also * even though we do not test what is recorded, clear it otherwise tests that follow fail * [fusion] unify detection scheme to the best one that we have (which we have had in h2o) * maybe `_mm_insert_epi64` is unavailable on i386? * clang-format * rename files following the convention that backends use just the backend name * `()` in a prototype means any number of args, no zero * ensure that MBEDTLS_SHA384_C is detected regardless of include order * API doc goes into .h * add capability to define custom clone functions for hash contexts * [xcode] add files * rename (amends 08e5319) * these files are included by `crypto.h` * when building picotls, picotls is not part of the system * when building picotls, picotls is not part of the system, whereas mbedtls is * define hash implementations using `ptls_define_hash` * mbedtls is dependency * it is our convention to let the user initialize the crypto backends (see openssl) * PRNG might fail too * reduce state of symmentric ciphers; no need to set key for every IV * engines can be tested using `test_picotls` * report error in detail * have ones own * amend 2106299 * `ptls_cipher_init` is not called in ECB mode * key_schedule_new might fail due to malloc failing * limit scope of `psa_key_attributes_t` * move useful comments to `.h`, as they are not specific to the mbedtls backend * simply AEAD code by only supporting the mandatory operation types * update test code to not rely on init-update-final cycle that is now optional (see doc-comment of ptls_aead_context_t) * fail the same way * expand doc-comment in picotls.h instead * reduce state, release memory regardless of errors * add missing `static` * no need to have prefix for static functions * consolidate duplicated constants into `const struct` * reduce state * ... and we find a bug * update the hidden chacha20 backend * no need to have a wrapper for CTR mode * remove verbose doc comments * [xcode] add files * use standard names (e.g., <LIB>_ROOT_DIR), and UNIX-style search paths (/usr/local, lib) * sha384 might not be available * mbedtls of ubuntu2204 does not have these files, we can remove them and still refer to `MBEDTLS_SHA384_C` at least on homebrew * run mbedtls test as part of the main CI (builds on top of h2o/h2o#3311) * remove non-standard directory * Replace the TLS_AEGIS_256_SHA384 ciphersuite with TLS_AEGIS_256_SHA512 The latest AEGIS draft, as well as the IANA TLS registry [1] have been updated to replace TLS_AEGIS_256_SHA384 with TLS_AEGIS_256_SHA512. This follows the recommendations from [2] for new cipher suites. [1] https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-4 [2] https://eprint.iacr.org/2023/913.pdf * core does not depend on any crypto backend * minicrypto symbols can be found in the header files * add aegis files to xcode * raise error if a TLS struct does not fit * add test * fix errors in tests * cannot test if `capacity` is equal to or greater than size_t * add support for CERTIFICATE_AUTHORITIES extension * adjust comments --------- Co-authored-by: Christian Huitema <[email protected]> Co-authored-by: Roberto Guimaraes <[email protected]> Co-authored-by: Kazuho Oku <[email protected]> Co-authored-by: Frank Denis <[email protected]> Co-authored-by: ha0li <[email protected]>
Co-authored-by: Kazuho Oku <[email protected]>
|
@kazuho I have accepted your changes. I considered that too, but I was wondering whether there was some good reason for the uint8_t. Will merge the PR once the CI tests have passed. |
Merged
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The current definition of "ticket context" in
picotls.huses an unsupported construct:This creates a fatal error when
picotls.his included in applications compiled in Visual Studio, like in this run of picoquic:Changing to:
Note that on Windows compilers, "unsigned int is_set : 1;" occupies a single byte, so there is no cost to that typing.
I also needed to remove a stray character that somehow made it into mbedtls.c.