Dtls13GetRnMask: Correctly get chacha counter on BE systems

julek-wolfssl · julek-wolfssl · commit 56fc5bbf879d · 2023-07-24T09:13:10.000+02:00
The issue was that BIG_ENDIAN is defined in endian.h (on linux). Our define is BIG_ENDIAN_ORDER.
diff --git a/src/dtls13.c b/src/dtls13.c
@@ -274,13 +274,7 @@ static int Dtls13GetRnMask(WOLFSSL* ssl, const byte* ciphertext, byte* mask,
         if (c->chacha == NULL)
             return BAD_STATE_E;
 
-        /* assuming CIPHER[0..3] should be interpreted as little endian 32-bits
-           integer. The draft rfc isn't really clear on that. See sec 4.2.3 of
-           the draft. See also Section 2.3 of the Chacha RFC. */
-        XMEMCPY(&counter, ciphertext, sizeof(counter));
-#ifdef BIG_ENDIAN
-        counter = ByteReverseWord32(counter);
-#endif /* BIG_ENDIAN */
+        ato32le(ciphertext, &counter);
 
         ret = wc_Chacha_SetIV(c->chacha, &ciphertext[4], counter);
         if (ret != 0)
diff --git a/wolfcrypt/src/misc.c b/wolfcrypt/src/misc.c
@@ -472,6 +472,15 @@ WC_MISC_STATIC WC_INLINE void ato32(const byte* c, word32* wc_u32)
                (word32)c[3];
 }
 
+/* convert opaque to 32 bit integer. Interpret as little endian. */
+WC_MISC_STATIC WC_INLINE void ato32le(const byte* c, word32* wc_u32)
+{
+    *wc_u32 =  (word32)c[0] |
+              ((word32)c[1] << 8) |
+              ((word32)c[2] << 16) |
+              ((word32)c[3] << 24);
+}
+
 
 WC_MISC_STATIC WC_INLINE word32 btoi(byte b)
 {
diff --git a/wolfssl/wolfcrypt/misc.h b/wolfssl/wolfcrypt/misc.h
@@ -102,12 +102,13 @@ void   ByteReverseWords64(word64* out, const word64* in, word32 byteCount);
 
 
 void c32to24(word32 in, word24 out);
-void c16toa(word16 u16, byte* c);
-void c32toa(word32 u32, byte* c);
-void c24to32(const word24 u24, word32* u32);
-void ato16(const byte* c, word16* u16);
-void ato24(const byte* c, word32* u24);
-void ato32(const byte* c, word32* u32);
+void c16toa(word16 wc_u16, byte* c);
+void c32toa(word32 wc_u32, byte* c);
+void c24to32(const word24 wc_u24, word32* wc_u32);
+void ato16(const byte* c, word16* wc_u16);
+void ato24(const byte* c, word32* wc_u24);
+void ato32(const byte* c, word32* wc_u32);
+void ato32le(const byte* c, word32* wc_u32);
 word32 btoi(byte b);
 
 WOLFSSL_LOCAL signed char HexCharToByte(char ch);

Original file line number	Diff line number	Diff line change
`@@ -472,6 +472,15 @@ WC_MISC_STATIC WC_INLINE void ato32(const byte* c, word32* wc_u32)`
`472`	`472`	`(word32)c[3];`
`473`	`473`	`}`
`474`	`474`
	`475`	`+/* convert opaque to 32 bit integer. Interpret as little endian. */`
	`476`	`+WC_MISC_STATIC WC_INLINE void ato32le(const byte* c, word32* wc_u32)`
	`477`	`+{`
	`478`	`+ *wc_u32 = (word32)c[0] \|`
	`479`	`+ ((word32)c[1] << 8) \|`
	`480`	`+ ((word32)c[2] << 16) \|`
	`481`	`+ ((word32)c[3] << 24);`
	`482`	`+}`
	`483`	`+`
`475`	`484`
`476`	`485`	`WC_MISC_STATIC WC_INLINE word32 btoi(byte b)`
`477`	`486`	`{`