Re: [TLS] Clarification on vectors required
"neil.young" <neil.young@freenet.de> Thu, 01 April 2010 16:27 UTC
Return-Path: <neil.young@freenet.de>
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id ECC103A69C3 for <tls@core3.amsl.com>; Thu, 1 Apr 2010 09:27:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.783
X-Spam-Level:
X-Spam-Status: No, score=0.783 tagged_above=-999 required=5 tests=[AWL=-0.763, BAYES_40=-0.185, DNS_FROM_OPENWHOIS=1.13, HTML_MESSAGE=0.001, J_CHICKENPOX_45=0.6]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SQy6fxTmTLRt for <tls@core3.amsl.com>; Thu, 1 Apr 2010 09:27:03 -0700 (PDT)
Received: from mout3.freenet.de (mout3.freenet.de [IPv6:2001:748:100:40::2:5]) by core3.amsl.com (Postfix) with ESMTP id 636A63A6A2E for <tls@ietf.org>; Thu, 1 Apr 2010 09:26:43 -0700 (PDT)
Received: from [195.4.92.21] (helo=11.mx.freenet.de) by mout3.freenet.de with esmtpa (ID roland.klabunde@freenet.de) (port 25) (Exim 4.72 #3) id 1NxNEf-0006r1-95; Thu, 01 Apr 2010 18:27:13 +0200
Received: from p54be0e6e.dip0.t-ipconnect.de ([84.190.14.110]:54841 helo=[192.168.178.38]) by 11.mx.freenet.de with esmtpa (ID roland.klabunde@freenet.de) (port 25) (Exim 4.72 #3) id 1NxNEe-0008Sl-Nb; Thu, 01 Apr 2010 18:27:13 +0200
Message-ID: <4BB4C960.1000403@freenet.de>
Date: Thu, 01 Apr 2010 18:27:12 +0200
From: "neil.young" <neil.young@freenet.de>
User-Agent: Thunderbird 2.0.0.24 (Windows/20100228)
MIME-Version: 1.0
To: Marsh Ray <marsh@extendedsubset.com>
References: <4BB49475.5060701@Freenet.de> <4BB4A65B.4000403@freenet.de> <4BB4ACEA.5050109@extendedsubset.com>
In-Reply-To: <4BB4ACEA.5050109@extendedsubset.com>
Content-Type: multipart/alternative; boundary="------------040209030609060403060705"
Cc: tls@ietf.org
Subject: Re: [TLS] Clarification on vectors required
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: neil.young@freenet.de
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 01 Apr 2010 16:27:05 -0000
Hi Marsh, thanks for the response. Meanwhile I got a similar answer from real TLS experts :) Their statement was "Hmm, no. The above rule states that the encoded size value (that is put to the first three bytes in your case) must be a multiple of the vector element's size (two in your case). E.g. if a type is defined as uint16 data<0..2^24-1>, then the sizes encoded as 00 00 01, 00 00 FF and 00 FF FF are illegal (as neither of them is a multiple of two). If the type is defined as uint16<0..2^24-1>, then the 0x4711 value (one uint16 element) will be encoded as 00 00 02 47 11" This is exactly what you said. The "size" _element_ has to be an even multiple of the element size. A bit confusing, but logical finally. Regards Marsh Ray schrieb: > On 4/1/2010 8:57 AM, neil.young wrote: > >>> Given the following declaration: >>> >>> opaque config_data<2^24-1>; >>> > > >> Is this understanding correct: >> >> 1) The declaration is slightly incorrect, because the "floor" element >> is missing. I tend to treat it to be 0 >> > > Looks like the lower bound is specified everywhere else. > > >> 2) The number of bytes expressing the length of the vector is 3, >> large enough to count for 2**24-1 bytes >> > > Sounds right to me. > > >> 3) If e.g. the size of the vector's data is 2 bytes, do I really have >> to add a pad byte in order to meet the "even multiple" demand? >> > > No. The length field does not need to be the same as the size of an > element and it is not included in the "even multiple" requrirement. > > >> Is this correct? 00 00 02 47 11 0 >> >> Or this? 00 00 02 47 11 >> > > Either is correct, you defined it as 'opaque'. The opaque type is for > "single byte entities containing uninterpreted data". > > It's only when vectors contain a defined type that this rule applies: > "The length of an encoded vector must be an even multiple of the length > of a single element (for example, a 17 byte vector of uint16 would be > illegal)." > > Obviously, if the defined type is itself one byte in size then the even > multiple requirement is always met. > > The example in the RFC: > >> opaque Datum[3]; /* three uninterpreted bytes */ >> Datum Data[9]; /* 3 consecutive 3 byte vectors */ >> > > The 9 must be a multiple of 3. > > The size of the length field does not need to be the same as the size of > an element of the vector. > > There appears to be an unstated exception to the even multiple > requirement for element types that may themselves be of variable length. > > This is just my interpretation, however. :-) > > - Marsh >
- [TLS] Clarification on vectors required Neil.Young
- Re: [TLS] Clarification on vectors required neil.young
- Re: [TLS] Clarification on vectors required Marsh Ray
- Re: [TLS] Clarification on vectors required Stefan Santesson
- Re: [TLS] Clarification on vectors required neil.young