mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-07-29 11:41:15 +03:00
Merge remote-tracking branch 'tls/development' into development
* origin/development: (113 commits)
Update query_config.c
Fix failure in SSLv3 per-version suites test
Adjust DES exclude lists in test scripts
Clarify 3DES changes in ChangeLog
Fix documentation for 3DES removal
Exclude 3DES tests in test scripts
Fix wording of ChangeLog and 3DES_REMOVE docs
Reduce priority of 3DES ciphersuites
Fix unused variable warning in ssl_parse_certificate_coordinate()
Update the crypto submodule to a78c958
Fix ChangeLog entry to correct release version
Fix typo in x509write test data
Add ChangeLog entry for unused bits in bitstrings
Improve docs for named bitstrings and their usage
Add tests for (named) bitstring to suite_asn1write
Add new function mbedtls_asn1_write_named_bitstring()
Add missing compile time guard in ssl_client2
Update programs/ssl/query_config.c
ssl_client2: Reset peer CRT info string on reconnect
Add further debug statements on assertion failures
...
This commit is contained in:
Jaeden Amero
@ -1869,8 +1869,10 @@ int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A,
|
||||
wsize = ( i > 671 ) ? 6 : ( i > 239 ) ? 5 :
|
||||
( i > 79 ) ? 4 : ( i > 23 ) ? 3 : 1;
|
||||
|
||||
#if( MBEDTLS_MPI_WINDOW_SIZE < 6 )
|
||||
if( wsize > MBEDTLS_MPI_WINDOW_SIZE )
|
||||
wsize = MBEDTLS_MPI_WINDOW_SIZE;
|
||||
#endif
|
||||
|
||||
j = N->n + 1;
|
||||
MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, j ) );
|
||||
|
||||
@ -80,7 +80,8 @@ int mbedtls_ccm_setkey( mbedtls_ccm_context *ctx,
|
||||
CCM_VALIDATE_RET( ctx != NULL );
|
||||
CCM_VALIDATE_RET( key != NULL );
|
||||
|
||||
cipher_info = mbedtls_cipher_info_from_values( cipher, keybits, MBEDTLS_MODE_ECB );
|
||||
cipher_info = mbedtls_cipher_info_from_values( cipher, keybits,
|
||||
MBEDTLS_MODE_ECB );
|
||||
if( cipher_info == NULL )
|
||||
return( MBEDTLS_ERR_CCM_BAD_INPUT );
|
||||
|
||||
@ -423,34 +424,34 @@ int mbedtls_ccm_auth_decrypt( mbedtls_ccm_context *ctx, size_t length,
|
||||
/*
|
||||
* The data is the same for all tests, only the used length changes
|
||||
*/
|
||||
static const unsigned char key[] = {
|
||||
static const unsigned char key_test_data[] = {
|
||||
0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47,
|
||||
0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f
|
||||
};
|
||||
|
||||
static const unsigned char iv[] = {
|
||||
static const unsigned char iv_test_data[] = {
|
||||
0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
|
||||
0x18, 0x19, 0x1a, 0x1b
|
||||
};
|
||||
|
||||
static const unsigned char ad[] = {
|
||||
static const unsigned char ad_test_data[] = {
|
||||
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
|
||||
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
|
||||
0x10, 0x11, 0x12, 0x13
|
||||
};
|
||||
|
||||
static const unsigned char msg[CCM_SELFTEST_PT_MAX_LEN] = {
|
||||
static const unsigned char msg_test_data[CCM_SELFTEST_PT_MAX_LEN] = {
|
||||
0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
|
||||
0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
|
||||
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
|
||||
};
|
||||
|
||||
static const size_t iv_len [NB_TESTS] = { 7, 8, 12 };
|
||||
static const size_t add_len[NB_TESTS] = { 8, 16, 20 };
|
||||
static const size_t msg_len[NB_TESTS] = { 4, 16, 24 };
|
||||
static const size_t tag_len[NB_TESTS] = { 4, 6, 8 };
|
||||
static const size_t iv_len_test_data [NB_TESTS] = { 7, 8, 12 };
|
||||
static const size_t add_len_test_data[NB_TESTS] = { 8, 16, 20 };
|
||||
static const size_t msg_len_test_data[NB_TESTS] = { 4, 16, 24 };
|
||||
static const size_t tag_len_test_data[NB_TESTS] = { 4, 6, 8 };
|
||||
|
||||
static const unsigned char res[NB_TESTS][CCM_SELFTEST_CT_MAX_LEN] = {
|
||||
static const unsigned char res_test_data[NB_TESTS][CCM_SELFTEST_CT_MAX_LEN] = {
|
||||
{ 0x71, 0x62, 0x01, 0x5b, 0x4d, 0xac, 0x25, 0x5d },
|
||||
{ 0xd2, 0xa1, 0xf0, 0xe0, 0x51, 0xea, 0x5f, 0x62,
|
||||
0x08, 0x1a, 0x77, 0x92, 0x07, 0x3d, 0x59, 0x3d,
|
||||
@ -476,7 +477,8 @@ int mbedtls_ccm_self_test( int verbose )
|
||||
|
||||
mbedtls_ccm_init( &ctx );
|
||||
|
||||
if( mbedtls_ccm_setkey( &ctx, MBEDTLS_CIPHER_ID_AES, key, 8 * sizeof key ) != 0 )
|
||||
if( mbedtls_ccm_setkey( &ctx, MBEDTLS_CIPHER_ID_AES, key_test_data,
|
||||
8 * sizeof key_test_data ) != 0 )
|
||||
{
|
||||
if( verbose != 0 )
|
||||
mbedtls_printf( " CCM: setup failed" );
|
||||
@ -491,15 +493,18 @@ int mbedtls_ccm_self_test( int verbose )
|
||||
|
||||
memset( plaintext, 0, CCM_SELFTEST_PT_MAX_LEN );
|
||||
memset( ciphertext, 0, CCM_SELFTEST_CT_MAX_LEN );
|
||||
memcpy( plaintext, msg, msg_len[i] );
|
||||
memcpy( plaintext, msg_test_data, msg_len_test_data[i] );
|
||||
|
||||
ret = mbedtls_ccm_encrypt_and_tag( &ctx, msg_len[i],
|
||||
iv, iv_len[i], ad, add_len[i],
|
||||
ret = mbedtls_ccm_encrypt_and_tag( &ctx, msg_len_test_data[i],
|
||||
iv_test_data, iv_len_test_data[i],
|
||||
ad_test_data, add_len_test_data[i],
|
||||
plaintext, ciphertext,
|
||||
ciphertext + msg_len[i], tag_len[i] );
|
||||
ciphertext + msg_len_test_data[i],
|
||||
tag_len_test_data[i] );
|
||||
|
||||
if( ret != 0 ||
|
||||
memcmp( ciphertext, res[i], msg_len[i] + tag_len[i] ) != 0 )
|
||||
memcmp( ciphertext, res_test_data[i],
|
||||
msg_len_test_data[i] + tag_len_test_data[i] ) != 0 )
|
||||
{
|
||||
if( verbose != 0 )
|
||||
mbedtls_printf( "failed\n" );
|
||||
@ -508,13 +513,15 @@ int mbedtls_ccm_self_test( int verbose )
|
||||
}
|
||||
memset( plaintext, 0, CCM_SELFTEST_PT_MAX_LEN );
|
||||
|
||||
ret = mbedtls_ccm_auth_decrypt( &ctx, msg_len[i],
|
||||
iv, iv_len[i], ad, add_len[i],
|
||||
ret = mbedtls_ccm_auth_decrypt( &ctx, msg_len_test_data[i],
|
||||
iv_test_data, iv_len_test_data[i],
|
||||
ad_test_data, add_len_test_data[i],
|
||||
ciphertext, plaintext,
|
||||
ciphertext + msg_len[i], tag_len[i] );
|
||||
ciphertext + msg_len_test_data[i],
|
||||
tag_len_test_data[i] );
|
||||
|
||||
if( ret != 0 ||
|
||||
memcmp( plaintext, msg, msg_len[i] ) != 0 )
|
||||
memcmp( plaintext, msg_test_data, msg_len_test_data[i] ) != 0 )
|
||||
{
|
||||
if( verbose != 0 )
|
||||
mbedtls_printf( "failed\n" );
|
||||
|
||||
@ -116,7 +116,6 @@ const size_t mbedtls_test_cli_key_ec_len = sizeof( mbedtls_test_cli_key_ec );
|
||||
#endif /* MBEDTLS_ECDSA_C */
|
||||
|
||||
#if defined(MBEDTLS_RSA_C)
|
||||
|
||||
#if defined(MBEDTLS_SHA256_C)
|
||||
#define TEST_CA_CRT_RSA_SHA256 \
|
||||
"-----BEGIN CERTIFICATE-----\r\n" \
|
||||
@ -141,13 +140,11 @@ const size_t mbedtls_test_cli_key_ec_len = sizeof( mbedtls_test_cli_key_ec );
|
||||
"n20NRVA1Vjs6GAROr4NqW4k/+LofY9y0LLDE+p0oIEKXIsIvhPr39swxSA==\r\n" \
|
||||
"-----END CERTIFICATE-----\r\n"
|
||||
|
||||
static const char mbedtls_test_ca_crt_rsa_sha256[] = TEST_CA_CRT_RSA_SHA256;
|
||||
const char mbedtls_test_ca_crt_rsa[] = TEST_CA_CRT_RSA_SHA256;
|
||||
const size_t mbedtls_test_ca_crt_rsa_len = sizeof( mbedtls_test_ca_crt_rsa );
|
||||
#define TEST_CA_CRT_RSA_SOME
|
||||
|
||||
static const char mbedtls_test_ca_crt_rsa_sha256[] = TEST_CA_CRT_RSA_SHA256;
|
||||
|
||||
#endif
|
||||
#endif /* MBEDTLS_SHA256_C */
|
||||
|
||||
#if !defined(TEST_CA_CRT_RSA_SOME) || defined(MBEDTLS_SHA1_C)
|
||||
#define TEST_CA_CRT_RSA_SHA1 \
|
||||
@ -173,14 +170,72 @@ static const char mbedtls_test_ca_crt_rsa_sha256[] = TEST_CA_CRT_RSA_SHA256;
|
||||
"7Z2mCGDNMhjQc+BYcdnl0lPXjdDK6V0qCg1dVewhUBcW5gZKzV7e9+DpVA==\r\n" \
|
||||
"-----END CERTIFICATE-----\r\n"
|
||||
|
||||
static const char mbedtls_test_ca_crt_rsa_sha1[] = TEST_CA_CRT_RSA_SHA1;
|
||||
|
||||
#if !defined (TEST_CA_CRT_RSA_SOME)
|
||||
const char mbedtls_test_ca_crt_rsa[] = TEST_CA_CRT_RSA_SHA1;
|
||||
const size_t mbedtls_test_ca_crt_rsa_len = sizeof( mbedtls_test_ca_crt_rsa );
|
||||
#endif
|
||||
#endif /* !TEST_CA_CRT_RSA_SOME */
|
||||
#endif /* !TEST_CA_CRT_RSA_COME || MBEDTLS_SHA1_C */
|
||||
|
||||
static const char mbedtls_test_ca_crt_rsa_sha1[] = TEST_CA_CRT_RSA_SHA1;
|
||||
#if defined(MBEDTLS_SHA256_C)
|
||||
/* tests/data_files/server2-sha256.crt */
|
||||
#define TEST_SRV_CRT_RSA_SHA256 \
|
||||
"-----BEGIN CERTIFICATE-----\r\n" \
|
||||
"MIIDNzCCAh+gAwIBAgIBAjANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER\r\n" \
|
||||
"MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n" \
|
||||
"MTEwMjEyMTQ0NDA2WhcNMjEwMjEyMTQ0NDA2WjA0MQswCQYDVQQGEwJOTDERMA8G\r\n" \
|
||||
"A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN\r\n" \
|
||||
"AQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTN\r\n" \
|
||||
"owCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKz\r\n" \
|
||||
"NtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kM\r\n" \
|
||||
"tQCQ4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8P\r\n" \
|
||||
"hYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjya\r\n" \
|
||||
"HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaNNMEswCQYD\r\n" \
|
||||
"VR0TBAIwADAdBgNVHQ4EFgQUpQXoZLjc32APUBJNYKhkr02LQ5MwHwYDVR0jBBgw\r\n" \
|
||||
"FoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDQYJKoZIhvcNAQELBQADggEBAGGEshT5\r\n" \
|
||||
"kvnRmLVScVeUEdwIrvW7ezbGbUvJ8VxeJ79/HSjlLiGbMc4uUathwtzEdi9R/4C5\r\n" \
|
||||
"DXBNeEPTkbB+fhG1W06iHYj/Dp8+aaG7fuDxKVKHVZSqBnmQLn73ymyclZNHii5A\r\n" \
|
||||
"3nTS8WUaHAzxN/rajOtoM7aH1P9tULpHrl+7HOeLMpxUnwI12ZqZaLIzxbcdJVcr\r\n" \
|
||||
"ra2F00aXCGkYVLvyvbZIq7LC+yVysej5gCeQYD7VFOEks0jhFjrS06gP0/XnWv6v\r\n" \
|
||||
"eBoPez9d+CCjkrhseiWzXOiriIMICX48EloO/DrsMRAtvlwq7EDz4QhILz6ffndm\r\n" \
|
||||
"e4K1cVANRPN2o9Y=\r\n" \
|
||||
"-----END CERTIFICATE-----\r\n"
|
||||
|
||||
#endif
|
||||
const char mbedtls_test_srv_crt_rsa[] = TEST_SRV_CRT_RSA_SHA256;
|
||||
const size_t mbedtls_test_srv_crt_rsa_len = sizeof( mbedtls_test_srv_crt_rsa );
|
||||
#define TEST_SRV_CRT_RSA_SOME
|
||||
#endif /* MBEDTLS_SHA256_C */
|
||||
|
||||
#if !defined(TEST_SRV_CRT_RSA_SOME) || defined(MBEDTLS_SHA1_C)
|
||||
/* tests/data_files/server2.crt */
|
||||
#define TEST_SRV_CRT_RSA_SHA1 \
|
||||
"-----BEGIN CERTIFICATE-----\r\n" \
|
||||
"MIIDNzCCAh+gAwIBAgIBAjANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER\r\n" \
|
||||
"MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n" \
|
||||
"MTEwMjEyMTQ0NDA2WhcNMjEwMjEyMTQ0NDA2WjA0MQswCQYDVQQGEwJOTDERMA8G\r\n" \
|
||||
"A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN\r\n" \
|
||||
"AQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTN\r\n" \
|
||||
"owCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKz\r\n" \
|
||||
"NtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kM\r\n" \
|
||||
"tQCQ4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8P\r\n" \
|
||||
"hYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjya\r\n" \
|
||||
"HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaNNMEswCQYD\r\n" \
|
||||
"VR0TBAIwADAdBgNVHQ4EFgQUpQXoZLjc32APUBJNYKhkr02LQ5MwHwYDVR0jBBgw\r\n" \
|
||||
"FoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDQYJKoZIhvcNAQEFBQADggEBAAFzC0rF\r\n" \
|
||||
"y6De8WMcdgQrEw3AhBHFjzqnxZw1ene4IBSC7lTw8rBSy3jOWQdPUWn+0y/pCeeF\r\n" \
|
||||
"kti6sevFdl1hLemGtd4q+T9TKEKGg3ND4ARfB5AUZZ9uEHq8WBkiwus5clGS17Qd\r\n" \
|
||||
"dS/TOisB59tQruLx1E1bPLtBKyqk4koC5WAULJwfpswGSyWJTpYwIpxcWE3D2tBu\r\n" \
|
||||
"UB6MZfXZFzWmWEOyKbeoXjXe8GBCGgHLywvYDsGQ36HSGtEsAvR2QaTLSxWYcfk1\r\n" \
|
||||
"fbDn4jSWkb4yZy1r01UEigFQtONieGwRFaUqEcFJHJvEEGVgh9keaVlOj2vrwf5r\r\n" \
|
||||
"4mN4lW7gLdenN6g=\r\n" \
|
||||
"-----END CERTIFICATE-----\r\n";
|
||||
|
||||
#if !defined(TEST_SRV_CRT_RSA_SOME)
|
||||
const char mbedtls_test_srv_crt_rsa[] = TEST_SRV_CRT_RSA_SHA1;
|
||||
const size_t mbedtls_test_srv_crt_rsa_len = sizeof( mbedtls_test_srv_crt_rsa );
|
||||
#endif /* TEST_SRV_CRT_RSA_SOME */
|
||||
#endif /* !TEST_CA_CRT_RSA_SOME || MBEDTLS_SHA1_C */
|
||||
|
||||
const char mbedtls_test_ca_key_rsa[] =
|
||||
"-----BEGIN RSA PRIVATE KEY-----\r\n"
|
||||
@ -218,31 +273,6 @@ const size_t mbedtls_test_ca_key_rsa_len = sizeof( mbedtls_test_ca_key_rsa );
|
||||
const char mbedtls_test_ca_pwd_rsa[] = "PolarSSLTest";
|
||||
const size_t mbedtls_test_ca_pwd_rsa_len = sizeof( mbedtls_test_ca_pwd_rsa ) - 1;
|
||||
|
||||
/* tests/data_files/server2.crt */
|
||||
const char mbedtls_test_srv_crt_rsa[] =
|
||||
"-----BEGIN CERTIFICATE-----\r\n"
|
||||
"MIIDNzCCAh+gAwIBAgIBAjANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER\r\n"
|
||||
"MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n"
|
||||
"MTEwMjEyMTQ0NDA2WhcNMjEwMjEyMTQ0NDA2WjA0MQswCQYDVQQGEwJOTDERMA8G\r\n"
|
||||
"A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN\r\n"
|
||||
"AQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTN\r\n"
|
||||
"owCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKz\r\n"
|
||||
"NtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kM\r\n"
|
||||
"tQCQ4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8P\r\n"
|
||||
"hYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjya\r\n"
|
||||
"HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaNNMEswCQYD\r\n"
|
||||
"VR0TBAIwADAdBgNVHQ4EFgQUpQXoZLjc32APUBJNYKhkr02LQ5MwHwYDVR0jBBgw\r\n"
|
||||
"FoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDQYJKoZIhvcNAQEFBQADggEBAAFzC0rF\r\n"
|
||||
"y6De8WMcdgQrEw3AhBHFjzqnxZw1ene4IBSC7lTw8rBSy3jOWQdPUWn+0y/pCeeF\r\n"
|
||||
"kti6sevFdl1hLemGtd4q+T9TKEKGg3ND4ARfB5AUZZ9uEHq8WBkiwus5clGS17Qd\r\n"
|
||||
"dS/TOisB59tQruLx1E1bPLtBKyqk4koC5WAULJwfpswGSyWJTpYwIpxcWE3D2tBu\r\n"
|
||||
"UB6MZfXZFzWmWEOyKbeoXjXe8GBCGgHLywvYDsGQ36HSGtEsAvR2QaTLSxWYcfk1\r\n"
|
||||
"fbDn4jSWkb4yZy1r01UEigFQtONieGwRFaUqEcFJHJvEEGVgh9keaVlOj2vrwf5r\r\n"
|
||||
"4mN4lW7gLdenN6g=\r\n"
|
||||
"-----END CERTIFICATE-----\r\n";
|
||||
const size_t mbedtls_test_srv_crt_rsa_len = sizeof( mbedtls_test_srv_crt_rsa );
|
||||
|
||||
/* tests/data_files/server2.key */
|
||||
const char mbedtls_test_srv_key_rsa[] =
|
||||
"-----BEGIN RSA PRIVATE KEY-----\r\n"
|
||||
"MIIEpAIBAAKCAQEAwU2j3efNHdEE10lyuJmsDnjkOjxKzzoTFtBa5M2jAIin7h5r\r\n"
|
||||
|
||||
@ -87,8 +87,13 @@ void mbedtls_debug_print_msg( const mbedtls_ssl_context *ssl, int level,
|
||||
char str[DEBUG_BUF_SIZE];
|
||||
int ret;
|
||||
|
||||
if( NULL == ssl || NULL == ssl->conf || NULL == ssl->conf->f_dbg || level > debug_threshold )
|
||||
if( NULL == ssl ||
|
||||
NULL == ssl->conf ||
|
||||
NULL == ssl->conf->f_dbg ||
|
||||
level > debug_threshold )
|
||||
{
|
||||
return;
|
||||
}
|
||||
|
||||
va_start( argp, format );
|
||||
ret = mbedtls_vsnprintf( str, DEBUG_BUF_SIZE, format, argp );
|
||||
@ -109,8 +114,13 @@ void mbedtls_debug_print_ret( const mbedtls_ssl_context *ssl, int level,
|
||||
{
|
||||
char str[DEBUG_BUF_SIZE];
|
||||
|
||||
if( ssl->conf == NULL || ssl->conf->f_dbg == NULL || level > debug_threshold )
|
||||
if( NULL == ssl ||
|
||||
NULL == ssl->conf ||
|
||||
NULL == ssl->conf->f_dbg ||
|
||||
level > debug_threshold )
|
||||
{
|
||||
return;
|
||||
}
|
||||
|
||||
/*
|
||||
* With non-blocking I/O and examples that just retry immediately,
|
||||
@ -134,8 +144,13 @@ void mbedtls_debug_print_buf( const mbedtls_ssl_context *ssl, int level,
|
||||
char txt[17];
|
||||
size_t i, idx = 0;
|
||||
|
||||
if( ssl->conf == NULL || ssl->conf->f_dbg == NULL || level > debug_threshold )
|
||||
if( NULL == ssl ||
|
||||
NULL == ssl->conf ||
|
||||
NULL == ssl->conf->f_dbg ||
|
||||
level > debug_threshold )
|
||||
{
|
||||
return;
|
||||
}
|
||||
|
||||
mbedtls_snprintf( str + idx, sizeof( str ) - idx, "dumping '%s' (%u bytes)\n",
|
||||
text, (unsigned int) len );
|
||||
@ -187,8 +202,13 @@ void mbedtls_debug_print_ecp( const mbedtls_ssl_context *ssl, int level,
|
||||
{
|
||||
char str[DEBUG_BUF_SIZE];
|
||||
|
||||
if( ssl->conf == NULL || ssl->conf->f_dbg == NULL || level > debug_threshold )
|
||||
if( NULL == ssl ||
|
||||
NULL == ssl->conf ||
|
||||
NULL == ssl->conf->f_dbg ||
|
||||
level > debug_threshold )
|
||||
{
|
||||
return;
|
||||
}
|
||||
|
||||
mbedtls_snprintf( str, sizeof( str ), "%s(X)", text );
|
||||
mbedtls_debug_print_mpi( ssl, level, file, line, str, &X->X );
|
||||
@ -207,8 +227,14 @@ void mbedtls_debug_print_mpi( const mbedtls_ssl_context *ssl, int level,
|
||||
int j, k, zeros = 1;
|
||||
size_t i, n, idx = 0;
|
||||
|
||||
if( ssl->conf == NULL || ssl->conf->f_dbg == NULL || X == NULL || level > debug_threshold )
|
||||
if( NULL == ssl ||
|
||||
NULL == ssl->conf ||
|
||||
NULL == ssl->conf->f_dbg ||
|
||||
NULL == X ||
|
||||
level > debug_threshold )
|
||||
{
|
||||
return;
|
||||
}
|
||||
|
||||
for( n = X->n - 1; n > 0; n-- )
|
||||
if( X->p[n] != 0 )
|
||||
@ -333,8 +359,14 @@ void mbedtls_debug_print_crt( const mbedtls_ssl_context *ssl, int level,
|
||||
char str[DEBUG_BUF_SIZE];
|
||||
int i = 0;
|
||||
|
||||
if( ssl->conf == NULL || ssl->conf->f_dbg == NULL || crt == NULL || level > debug_threshold )
|
||||
if( NULL == ssl ||
|
||||
NULL == ssl->conf ||
|
||||
NULL == ssl->conf->f_dbg ||
|
||||
NULL == crt ||
|
||||
level > debug_threshold )
|
||||
{
|
||||
return;
|
||||
}
|
||||
|
||||
while( crt != NULL )
|
||||
{
|
||||
|
||||
128
library/gcm.c
128
library/gcm.c
@ -175,7 +175,8 @@ int mbedtls_gcm_setkey( mbedtls_gcm_context *ctx,
|
||||
GCM_VALIDATE_RET( key != NULL );
|
||||
GCM_VALIDATE_RET( keybits == 128 || keybits == 192 || keybits == 256 );
|
||||
|
||||
cipher_info = mbedtls_cipher_info_from_values( cipher, keybits, MBEDTLS_MODE_ECB );
|
||||
cipher_info = mbedtls_cipher_info_from_values( cipher, keybits,
|
||||
MBEDTLS_MODE_ECB );
|
||||
if( cipher_info == NULL )
|
||||
return( MBEDTLS_ERR_GCM_BAD_INPUT );
|
||||
|
||||
@ -335,8 +336,8 @@ int mbedtls_gcm_starts( mbedtls_gcm_context *ctx,
|
||||
gcm_mult( ctx, ctx->y, ctx->y );
|
||||
}
|
||||
|
||||
if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, ctx->y, 16, ctx->base_ectr,
|
||||
&olen ) ) != 0 )
|
||||
if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, ctx->y, 16,
|
||||
ctx->base_ectr, &olen ) ) != 0 )
|
||||
{
|
||||
return( ret );
|
||||
}
|
||||
@ -557,10 +558,10 @@ void mbedtls_gcm_free( mbedtls_gcm_context *ctx )
|
||||
*/
|
||||
#define MAX_TESTS 6
|
||||
|
||||
static const int key_index[MAX_TESTS] =
|
||||
static const int key_index_test_data[MAX_TESTS] =
|
||||
{ 0, 0, 1, 1, 1, 1 };
|
||||
|
||||
static const unsigned char key[MAX_TESTS][32] =
|
||||
static const unsigned char key_test_data[MAX_TESTS][32] =
|
||||
{
|
||||
{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
||||
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
||||
@ -572,13 +573,13 @@ static const unsigned char key[MAX_TESTS][32] =
|
||||
0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08 },
|
||||
};
|
||||
|
||||
static const size_t iv_len[MAX_TESTS] =
|
||||
static const size_t iv_len_test_data[MAX_TESTS] =
|
||||
{ 12, 12, 12, 12, 8, 60 };
|
||||
|
||||
static const int iv_index[MAX_TESTS] =
|
||||
static const int iv_index_test_data[MAX_TESTS] =
|
||||
{ 0, 0, 1, 1, 1, 2 };
|
||||
|
||||
static const unsigned char iv[MAX_TESTS][64] =
|
||||
static const unsigned char iv_test_data[MAX_TESTS][64] =
|
||||
{
|
||||
{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
||||
0x00, 0x00, 0x00, 0x00 },
|
||||
@ -594,13 +595,13 @@ static const unsigned char iv[MAX_TESTS][64] =
|
||||
0xa6, 0x37, 0xb3, 0x9b },
|
||||
};
|
||||
|
||||
static const size_t add_len[MAX_TESTS] =
|
||||
static const size_t add_len_test_data[MAX_TESTS] =
|
||||
{ 0, 0, 0, 20, 20, 20 };
|
||||
|
||||
static const int add_index[MAX_TESTS] =
|
||||
static const int add_index_test_data[MAX_TESTS] =
|
||||
{ 0, 0, 0, 1, 1, 1 };
|
||||
|
||||
static const unsigned char additional[MAX_TESTS][64] =
|
||||
static const unsigned char additional_test_data[MAX_TESTS][64] =
|
||||
{
|
||||
{ 0x00 },
|
||||
{ 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
|
||||
@ -608,13 +609,13 @@ static const unsigned char additional[MAX_TESTS][64] =
|
||||
0xab, 0xad, 0xda, 0xd2 },
|
||||
};
|
||||
|
||||
static const size_t pt_len[MAX_TESTS] =
|
||||
static const size_t pt_len_test_data[MAX_TESTS] =
|
||||
{ 0, 16, 64, 60, 60, 60 };
|
||||
|
||||
static const int pt_index[MAX_TESTS] =
|
||||
static const int pt_index_test_data[MAX_TESTS] =
|
||||
{ 0, 0, 1, 1, 1, 1 };
|
||||
|
||||
static const unsigned char pt[MAX_TESTS][64] =
|
||||
static const unsigned char pt_test_data[MAX_TESTS][64] =
|
||||
{
|
||||
{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
||||
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
|
||||
@ -628,7 +629,7 @@ static const unsigned char pt[MAX_TESTS][64] =
|
||||
0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55 },
|
||||
};
|
||||
|
||||
static const unsigned char ct[MAX_TESTS * 3][64] =
|
||||
static const unsigned char ct_test_data[MAX_TESTS * 3][64] =
|
||||
{
|
||||
{ 0x00 },
|
||||
{ 0x03, 0x88, 0xda, 0xce, 0x60, 0xb6, 0xa3, 0x92,
|
||||
@ -737,7 +738,7 @@ static const unsigned char ct[MAX_TESTS * 3][64] =
|
||||
0x44, 0xae, 0x7e, 0x3f },
|
||||
};
|
||||
|
||||
static const unsigned char tag[MAX_TESTS * 3][16] =
|
||||
static const unsigned char tag_test_data[MAX_TESTS * 3][16] =
|
||||
{
|
||||
{ 0x58, 0xe2, 0xfc, 0xce, 0xfa, 0x7e, 0x30, 0x61,
|
||||
0x36, 0x7f, 0x1d, 0x57, 0xa4, 0xe7, 0x45, 0x5a },
|
||||
@ -797,7 +798,8 @@ int mbedtls_gcm_self_test( int verbose )
|
||||
mbedtls_printf( " AES-GCM-%3d #%d (%s): ",
|
||||
key_len, i, "enc" );
|
||||
|
||||
ret = mbedtls_gcm_setkey( &ctx, cipher, key[key_index[i]],
|
||||
ret = mbedtls_gcm_setkey( &ctx, cipher,
|
||||
key_test_data[key_index_test_data[i]],
|
||||
key_len );
|
||||
/*
|
||||
* AES-192 is an optional feature that may be unavailable when
|
||||
@ -815,15 +817,19 @@ int mbedtls_gcm_self_test( int verbose )
|
||||
}
|
||||
|
||||
ret = mbedtls_gcm_crypt_and_tag( &ctx, MBEDTLS_GCM_ENCRYPT,
|
||||
pt_len[i],
|
||||
iv[iv_index[i]], iv_len[i],
|
||||
additional[add_index[i]], add_len[i],
|
||||
pt[pt_index[i]], buf, 16, tag_buf );
|
||||
pt_len_test_data[i],
|
||||
iv_test_data[iv_index_test_data[i]],
|
||||
iv_len_test_data[i],
|
||||
additional_test_data[add_index_test_data[i]],
|
||||
add_len_test_data[i],
|
||||
pt_test_data[pt_index_test_data[i]],
|
||||
buf, 16, tag_buf );
|
||||
if( ret != 0 )
|
||||
goto exit;
|
||||
|
||||
if ( memcmp( buf, ct[j * 6 + i], pt_len[i] ) != 0 ||
|
||||
memcmp( tag_buf, tag[j * 6 + i], 16 ) != 0 )
|
||||
if ( memcmp( buf, ct_test_data[j * 6 + i],
|
||||
pt_len_test_data[i] ) != 0 ||
|
||||
memcmp( tag_buf, tag_test_data[j * 6 + i], 16 ) != 0 )
|
||||
{
|
||||
ret = 1;
|
||||
goto exit;
|
||||
@ -840,22 +846,26 @@ int mbedtls_gcm_self_test( int verbose )
|
||||
mbedtls_printf( " AES-GCM-%3d #%d (%s): ",
|
||||
key_len, i, "dec" );
|
||||
|
||||
ret = mbedtls_gcm_setkey( &ctx, cipher, key[key_index[i]],
|
||||
ret = mbedtls_gcm_setkey( &ctx, cipher,
|
||||
key_test_data[key_index_test_data[i]],
|
||||
key_len );
|
||||
if( ret != 0 )
|
||||
goto exit;
|
||||
|
||||
ret = mbedtls_gcm_crypt_and_tag( &ctx, MBEDTLS_GCM_DECRYPT,
|
||||
pt_len[i],
|
||||
iv[iv_index[i]], iv_len[i],
|
||||
additional[add_index[i]], add_len[i],
|
||||
ct[j * 6 + i], buf, 16, tag_buf );
|
||||
pt_len_test_data[i],
|
||||
iv_test_data[iv_index_test_data[i]],
|
||||
iv_len_test_data[i],
|
||||
additional_test_data[add_index_test_data[i]],
|
||||
add_len_test_data[i],
|
||||
ct_test_data[j * 6 + i], buf, 16, tag_buf );
|
||||
|
||||
if( ret != 0 )
|
||||
goto exit;
|
||||
|
||||
if( memcmp( buf, pt[pt_index[i]], pt_len[i] ) != 0 ||
|
||||
memcmp( tag_buf, tag[j * 6 + i], 16 ) != 0 )
|
||||
if( memcmp( buf, pt_test_data[pt_index_test_data[i]],
|
||||
pt_len_test_data[i] ) != 0 ||
|
||||
memcmp( tag_buf, tag_test_data[j * 6 + i], 16 ) != 0 )
|
||||
{
|
||||
ret = 1;
|
||||
goto exit;
|
||||
@ -872,32 +882,40 @@ int mbedtls_gcm_self_test( int verbose )
|
||||
mbedtls_printf( " AES-GCM-%3d #%d split (%s): ",
|
||||
key_len, i, "enc" );
|
||||
|
||||
ret = mbedtls_gcm_setkey( &ctx, cipher, key[key_index[i]],
|
||||
ret = mbedtls_gcm_setkey( &ctx, cipher,
|
||||
key_test_data[key_index_test_data[i]],
|
||||
key_len );
|
||||
if( ret != 0 )
|
||||
goto exit;
|
||||
|
||||
ret = mbedtls_gcm_starts( &ctx, MBEDTLS_GCM_ENCRYPT,
|
||||
iv[iv_index[i]], iv_len[i],
|
||||
additional[add_index[i]], add_len[i] );
|
||||
iv_test_data[iv_index_test_data[i]],
|
||||
iv_len_test_data[i],
|
||||
additional_test_data[add_index_test_data[i]],
|
||||
add_len_test_data[i] );
|
||||
if( ret != 0 )
|
||||
goto exit;
|
||||
|
||||
if( pt_len[i] > 32 )
|
||||
if( pt_len_test_data[i] > 32 )
|
||||
{
|
||||
size_t rest_len = pt_len[i] - 32;
|
||||
ret = mbedtls_gcm_update( &ctx, 32, pt[pt_index[i]], buf );
|
||||
size_t rest_len = pt_len_test_data[i] - 32;
|
||||
ret = mbedtls_gcm_update( &ctx, 32,
|
||||
pt_test_data[pt_index_test_data[i]],
|
||||
buf );
|
||||
if( ret != 0 )
|
||||
goto exit;
|
||||
|
||||
ret = mbedtls_gcm_update( &ctx, rest_len, pt[pt_index[i]] + 32,
|
||||
buf + 32 );
|
||||
ret = mbedtls_gcm_update( &ctx, rest_len,
|
||||
pt_test_data[pt_index_test_data[i]] + 32,
|
||||
buf + 32 );
|
||||
if( ret != 0 )
|
||||
goto exit;
|
||||
}
|
||||
else
|
||||
{
|
||||
ret = mbedtls_gcm_update( &ctx, pt_len[i], pt[pt_index[i]], buf );
|
||||
ret = mbedtls_gcm_update( &ctx, pt_len_test_data[i],
|
||||
pt_test_data[pt_index_test_data[i]],
|
||||
buf );
|
||||
if( ret != 0 )
|
||||
goto exit;
|
||||
}
|
||||
@ -906,8 +924,9 @@ int mbedtls_gcm_self_test( int verbose )
|
||||
if( ret != 0 )
|
||||
goto exit;
|
||||
|
||||
if( memcmp( buf, ct[j * 6 + i], pt_len[i] ) != 0 ||
|
||||
memcmp( tag_buf, tag[j * 6 + i], 16 ) != 0 )
|
||||
if( memcmp( buf, ct_test_data[j * 6 + i],
|
||||
pt_len_test_data[i] ) != 0 ||
|
||||
memcmp( tag_buf, tag_test_data[j * 6 + i], 16 ) != 0 )
|
||||
{
|
||||
ret = 1;
|
||||
goto exit;
|
||||
@ -924,32 +943,38 @@ int mbedtls_gcm_self_test( int verbose )
|
||||
mbedtls_printf( " AES-GCM-%3d #%d split (%s): ",
|
||||
key_len, i, "dec" );
|
||||
|
||||
ret = mbedtls_gcm_setkey( &ctx, cipher, key[key_index[i]],
|
||||
ret = mbedtls_gcm_setkey( &ctx, cipher,
|
||||
key_test_data[key_index_test_data[i]],
|
||||
key_len );
|
||||
if( ret != 0 )
|
||||
goto exit;
|
||||
|
||||
ret = mbedtls_gcm_starts( &ctx, MBEDTLS_GCM_DECRYPT,
|
||||
iv[iv_index[i]], iv_len[i],
|
||||
additional[add_index[i]], add_len[i] );
|
||||
iv_test_data[iv_index_test_data[i]],
|
||||
iv_len_test_data[i],
|
||||
additional_test_data[add_index_test_data[i]],
|
||||
add_len_test_data[i] );
|
||||
if( ret != 0 )
|
||||
goto exit;
|
||||
|
||||
if( pt_len[i] > 32 )
|
||||
if( pt_len_test_data[i] > 32 )
|
||||
{
|
||||
size_t rest_len = pt_len[i] - 32;
|
||||
ret = mbedtls_gcm_update( &ctx, 32, ct[j * 6 + i], buf );
|
||||
size_t rest_len = pt_len_test_data[i] - 32;
|
||||
ret = mbedtls_gcm_update( &ctx, 32, ct_test_data[j * 6 + i],
|
||||
buf );
|
||||
if( ret != 0 )
|
||||
goto exit;
|
||||
|
||||
ret = mbedtls_gcm_update( &ctx, rest_len, ct[j * 6 + i] + 32,
|
||||
ret = mbedtls_gcm_update( &ctx, rest_len,
|
||||
ct_test_data[j * 6 + i] + 32,
|
||||
buf + 32 );
|
||||
if( ret != 0 )
|
||||
goto exit;
|
||||
}
|
||||
else
|
||||
{
|
||||
ret = mbedtls_gcm_update( &ctx, pt_len[i], ct[j * 6 + i],
|
||||
ret = mbedtls_gcm_update( &ctx, pt_len_test_data[i],
|
||||
ct_test_data[j * 6 + i],
|
||||
buf );
|
||||
if( ret != 0 )
|
||||
goto exit;
|
||||
@ -959,8 +984,9 @@ int mbedtls_gcm_self_test( int verbose )
|
||||
if( ret != 0 )
|
||||
goto exit;
|
||||
|
||||
if( memcmp( buf, pt[pt_index[i]], pt_len[i] ) != 0 ||
|
||||
memcmp( tag_buf, tag[j * 6 + i], 16 ) != 0 )
|
||||
if( memcmp( buf, pt_test_data[pt_index_test_data[i]],
|
||||
pt_len_test_data[i] ) != 0 ||
|
||||
memcmp( tag_buf, tag_test_data[j * 6 + i], 16 ) != 0 )
|
||||
{
|
||||
ret = 1;
|
||||
goto exit;
|
||||
|
||||
@ -41,10 +41,6 @@
|
||||
#define mbedtls_snprintf snprintf
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_X509_USE_C) || defined(MBEDTLS_X509_CREATE_C)
|
||||
#include "mbedtls/x509.h"
|
||||
#endif
|
||||
|
||||
/*
|
||||
* Macro to automatically add the size of #define'd OIDs
|
||||
*/
|
||||
@ -152,7 +148,6 @@ int FN_NAME( ATTR1_TYPE ATTR1, ATTR2_TYPE ATTR2, const char **oid , \
|
||||
return( MBEDTLS_ERR_OID_NOT_FOUND ); \
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_X509_USE_C) || defined(MBEDTLS_X509_CREATE_C)
|
||||
/*
|
||||
* For X520 attribute types
|
||||
*/
|
||||
@ -260,23 +255,23 @@ static const oid_x509_ext_t oid_x509_ext[] =
|
||||
{
|
||||
{
|
||||
{ ADD_LEN( MBEDTLS_OID_BASIC_CONSTRAINTS ), "id-ce-basicConstraints", "Basic Constraints" },
|
||||
MBEDTLS_X509_EXT_BASIC_CONSTRAINTS,
|
||||
MBEDTLS_OID_X509_EXT_BASIC_CONSTRAINTS,
|
||||
},
|
||||
{
|
||||
{ ADD_LEN( MBEDTLS_OID_KEY_USAGE ), "id-ce-keyUsage", "Key Usage" },
|
||||
MBEDTLS_X509_EXT_KEY_USAGE,
|
||||
MBEDTLS_OID_X509_EXT_KEY_USAGE,
|
||||
},
|
||||
{
|
||||
{ ADD_LEN( MBEDTLS_OID_EXTENDED_KEY_USAGE ), "id-ce-extKeyUsage", "Extended Key Usage" },
|
||||
MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE,
|
||||
MBEDTLS_OID_X509_EXT_EXTENDED_KEY_USAGE,
|
||||
},
|
||||
{
|
||||
{ ADD_LEN( MBEDTLS_OID_SUBJECT_ALT_NAME ), "id-ce-subjectAltName", "Subject Alt Name" },
|
||||
MBEDTLS_X509_EXT_SUBJECT_ALT_NAME,
|
||||
MBEDTLS_OID_X509_EXT_SUBJECT_ALT_NAME,
|
||||
},
|
||||
{
|
||||
{ ADD_LEN( MBEDTLS_OID_NS_CERT_TYPE ), "id-netscape-certtype", "Netscape Certificate Type" },
|
||||
MBEDTLS_X509_EXT_NS_CERT_TYPE,
|
||||
MBEDTLS_OID_X509_EXT_NS_CERT_TYPE,
|
||||
},
|
||||
{
|
||||
{ NULL, 0, NULL, NULL },
|
||||
@ -300,7 +295,6 @@ static const mbedtls_oid_descriptor_t oid_ext_key_usage[] =
|
||||
|
||||
FN_OID_TYPED_FROM_ASN1(mbedtls_oid_descriptor_t, ext_key_usage, oid_ext_key_usage)
|
||||
FN_OID_GET_ATTR1(mbedtls_oid_get_extended_key_usage, mbedtls_oid_descriptor_t, ext_key_usage, const char *, description)
|
||||
#endif /* MBEDTLS_X509_USE_C || MBEDTLS_X509_CREATE_C */
|
||||
|
||||
#if defined(MBEDTLS_MD_C)
|
||||
/*
|
||||
|
||||
@ -76,7 +76,8 @@ static int pkcs5_parse_pbkdf2_params( const mbedtls_asn1_buf *params,
|
||||
* }
|
||||
*
|
||||
*/
|
||||
if( ( ret = mbedtls_asn1_get_tag( &p, end, &salt->len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 )
|
||||
if( ( ret = mbedtls_asn1_get_tag( &p, end, &salt->len,
|
||||
MBEDTLS_ASN1_OCTET_STRING ) ) != 0 )
|
||||
return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT + ret );
|
||||
|
||||
salt->p = p;
|
||||
@ -141,7 +142,8 @@ int mbedtls_pkcs5_pbes2( const mbedtls_asn1_buf *pbe_params, int mode,
|
||||
return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT +
|
||||
MBEDTLS_ERR_ASN1_UNEXPECTED_TAG );
|
||||
|
||||
if( ( ret = mbedtls_asn1_get_alg( &p, end, &kdf_alg_oid, &kdf_alg_params ) ) != 0 )
|
||||
if( ( ret = mbedtls_asn1_get_alg( &p, end, &kdf_alg_oid,
|
||||
&kdf_alg_params ) ) != 0 )
|
||||
return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT + ret );
|
||||
|
||||
// Only PBKDF2 supported at the moment
|
||||
@ -202,7 +204,8 @@ int mbedtls_pkcs5_pbes2( const mbedtls_asn1_buf *pbe_params, int mode,
|
||||
if( ( ret = mbedtls_cipher_setup( &cipher_ctx, cipher_info ) ) != 0 )
|
||||
goto exit;
|
||||
|
||||
if( ( ret = mbedtls_cipher_setkey( &cipher_ctx, key, 8 * keylen, (mbedtls_operation_t) mode ) ) != 0 )
|
||||
if( ( ret = mbedtls_cipher_setkey( &cipher_ctx, key, 8 * keylen,
|
||||
(mbedtls_operation_t) mode ) ) != 0 )
|
||||
goto exit;
|
||||
|
||||
if( ( ret = mbedtls_cipher_crypt( &cipher_ctx, iv, enc_scheme_params.len,
|
||||
@ -217,7 +220,8 @@ exit:
|
||||
}
|
||||
#endif /* MBEDTLS_ASN1_PARSE_C */
|
||||
|
||||
int mbedtls_pkcs5_pbkdf2_hmac( mbedtls_md_context_t *ctx, const unsigned char *password,
|
||||
int mbedtls_pkcs5_pbkdf2_hmac( mbedtls_md_context_t *ctx,
|
||||
const unsigned char *password,
|
||||
size_t plen, const unsigned char *salt, size_t slen,
|
||||
unsigned int iteration_count,
|
||||
uint32_t key_length, unsigned char *output )
|
||||
@ -304,10 +308,10 @@ int mbedtls_pkcs5_self_test( int verbose )
|
||||
|
||||
#define MAX_TESTS 6
|
||||
|
||||
static const size_t plen[MAX_TESTS] =
|
||||
static const size_t plen_test_data[MAX_TESTS] =
|
||||
{ 8, 8, 8, 24, 9 };
|
||||
|
||||
static const unsigned char password[MAX_TESTS][32] =
|
||||
static const unsigned char password_test_data[MAX_TESTS][32] =
|
||||
{
|
||||
"password",
|
||||
"password",
|
||||
@ -316,10 +320,10 @@ static const unsigned char password[MAX_TESTS][32] =
|
||||
"pass\0word",
|
||||
};
|
||||
|
||||
static const size_t slen[MAX_TESTS] =
|
||||
static const size_t slen_test_data[MAX_TESTS] =
|
||||
{ 4, 4, 4, 36, 5 };
|
||||
|
||||
static const unsigned char salt[MAX_TESTS][40] =
|
||||
static const unsigned char salt_test_data[MAX_TESTS][40] =
|
||||
{
|
||||
"salt",
|
||||
"salt",
|
||||
@ -328,13 +332,13 @@ static const unsigned char salt[MAX_TESTS][40] =
|
||||
"sa\0lt",
|
||||
};
|
||||
|
||||
static const uint32_t it_cnt[MAX_TESTS] =
|
||||
static const uint32_t it_cnt_test_data[MAX_TESTS] =
|
||||
{ 1, 2, 4096, 4096, 4096 };
|
||||
|
||||
static const uint32_t key_len[MAX_TESTS] =
|
||||
static const uint32_t key_len_test_data[MAX_TESTS] =
|
||||
{ 20, 20, 20, 25, 16 };
|
||||
|
||||
static const unsigned char result_key[MAX_TESTS][32] =
|
||||
static const unsigned char result_key_test_data[MAX_TESTS][32] =
|
||||
{
|
||||
{ 0x0c, 0x60, 0xc8, 0x0f, 0x96, 0x1f, 0x0e, 0x71,
|
||||
0xf3, 0xa9, 0xb5, 0x24, 0xaf, 0x60, 0x12, 0x06,
|
||||
@ -380,10 +384,12 @@ int mbedtls_pkcs5_self_test( int verbose )
|
||||
if( verbose != 0 )
|
||||
mbedtls_printf( " PBKDF2 (SHA1) #%d: ", i );
|
||||
|
||||
ret = mbedtls_pkcs5_pbkdf2_hmac( &sha1_ctx, password[i], plen[i], salt[i],
|
||||
slen[i], it_cnt[i], key_len[i], key );
|
||||
ret = mbedtls_pkcs5_pbkdf2_hmac( &sha1_ctx, password_test_data[i],
|
||||
plen_test_data[i], salt_test_data[i],
|
||||
slen_test_data[i], it_cnt_test_data[i],
|
||||
key_len_test_data[i], key );
|
||||
if( ret != 0 ||
|
||||
memcmp( result_key[i], key, key_len[i] ) != 0 )
|
||||
memcmp( result_key_test_data[i], key, key_len_test_data[i] ) != 0 )
|
||||
{
|
||||
if( verbose != 0 )
|
||||
mbedtls_printf( "failed\n" );
|
||||
|
||||
@ -40,6 +40,7 @@
|
||||
#endif
|
||||
|
||||
#include "mbedtls/ssl_cache.h"
|
||||
#include "mbedtls/ssl_internal.h"
|
||||
|
||||
#include <string.h>
|
||||
|
||||
@ -92,16 +93,24 @@ int mbedtls_ssl_cache_get( void *data, mbedtls_ssl_session *session )
|
||||
entry->session.id_len ) != 0 )
|
||||
continue;
|
||||
|
||||
memcpy( session->master, entry->session.master, 48 );
|
||||
ret = mbedtls_ssl_session_copy( session, &entry->session );
|
||||
if( ret != 0 )
|
||||
{
|
||||
ret = 1;
|
||||
goto exit;
|
||||
}
|
||||
|
||||
session->verify_result = entry->session.verify_result;
|
||||
|
||||
#if defined(MBEDTLS_X509_CRT_PARSE_C)
|
||||
#if defined(MBEDTLS_X509_CRT_PARSE_C) && \
|
||||
defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
|
||||
/*
|
||||
* Restore peer certificate (without rest of the original chain)
|
||||
*/
|
||||
if( entry->peer_cert.p != NULL )
|
||||
{
|
||||
/* `session->peer_cert` is NULL after the call to
|
||||
* mbedtls_ssl_session_copy(), because cache entries
|
||||
* have the `peer_cert` field set to NULL. */
|
||||
|
||||
if( ( session->peer_cert = mbedtls_calloc( 1,
|
||||
sizeof(mbedtls_x509_crt) ) ) == NULL )
|
||||
{
|
||||
@ -119,7 +128,7 @@ int mbedtls_ssl_cache_get( void *data, mbedtls_ssl_session *session )
|
||||
goto exit;
|
||||
}
|
||||
}
|
||||
#endif /* MBEDTLS_X509_CRT_PARSE_C */
|
||||
#endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
|
||||
|
||||
ret = 0;
|
||||
goto exit;
|
||||
@ -239,9 +248,8 @@ int mbedtls_ssl_cache_set( void *data, const mbedtls_ssl_session *session )
|
||||
#endif
|
||||
}
|
||||
|
||||
memcpy( &cur->session, session, sizeof( mbedtls_ssl_session ) );
|
||||
|
||||
#if defined(MBEDTLS_X509_CRT_PARSE_C)
|
||||
#if defined(MBEDTLS_X509_CRT_PARSE_C) && \
|
||||
defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
|
||||
/*
|
||||
* If we're reusing an entry, free its certificate first
|
||||
*/
|
||||
@ -250,26 +258,43 @@ int mbedtls_ssl_cache_set( void *data, const mbedtls_ssl_session *session )
|
||||
mbedtls_free( cur->peer_cert.p );
|
||||
memset( &cur->peer_cert, 0, sizeof(mbedtls_x509_buf) );
|
||||
}
|
||||
#endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
|
||||
|
||||
/*
|
||||
* Store peer certificate
|
||||
*/
|
||||
if( session->peer_cert != NULL )
|
||||
/* Copy the entire session; this temporarily makes a copy of the
|
||||
* X.509 CRT structure even though we only want to store the raw CRT.
|
||||
* This inefficiency will go away as soon as we implement on-demand
|
||||
* parsing of CRTs, in which case there's no need for the `peer_cert`
|
||||
* field anymore in the first place, and we're done after this call. */
|
||||
ret = mbedtls_ssl_session_copy( &cur->session, session );
|
||||
if( ret != 0 )
|
||||
{
|
||||
cur->peer_cert.p = mbedtls_calloc( 1, session->peer_cert->raw.len );
|
||||
ret = 1;
|
||||
goto exit;
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_X509_CRT_PARSE_C) && \
|
||||
defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
|
||||
/* If present, free the X.509 structure and only store the raw CRT data. */
|
||||
if( cur->session.peer_cert != NULL )
|
||||
{
|
||||
cur->peer_cert.p =
|
||||
mbedtls_calloc( 1, cur->session.peer_cert->raw.len );
|
||||
if( cur->peer_cert.p == NULL )
|
||||
{
|
||||
ret = 1;
|
||||
goto exit;
|
||||
}
|
||||
|
||||
memcpy( cur->peer_cert.p, session->peer_cert->raw.p,
|
||||
session->peer_cert->raw.len );
|
||||
memcpy( cur->peer_cert.p,
|
||||
cur->session.peer_cert->raw.p,
|
||||
cur->session.peer_cert->raw.len );
|
||||
cur->peer_cert.len = session->peer_cert->raw.len;
|
||||
|
||||
mbedtls_x509_crt_free( cur->session.peer_cert );
|
||||
mbedtls_free( cur->session.peer_cert );
|
||||
cur->session.peer_cert = NULL;
|
||||
}
|
||||
#endif /* MBEDTLS_X509_CRT_PARSE_C */
|
||||
#endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
|
||||
|
||||
ret = 0;
|
||||
|
||||
@ -311,9 +336,10 @@ void mbedtls_ssl_cache_free( mbedtls_ssl_cache_context *cache )
|
||||
|
||||
mbedtls_ssl_session_free( &prv->session );
|
||||
|
||||
#if defined(MBEDTLS_X509_CRT_PARSE_C)
|
||||
#if defined(MBEDTLS_X509_CRT_PARSE_C) && \
|
||||
defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
|
||||
mbedtls_free( prv->peer_cert.p );
|
||||
#endif /* MBEDTLS_X509_CRT_PARSE_C */
|
||||
#endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
|
||||
|
||||
mbedtls_free( prv );
|
||||
}
|
||||
|
||||
@ -43,11 +43,11 @@
|
||||
/*
|
||||
* Ordered from most preferred to least preferred in terms of security.
|
||||
*
|
||||
* Current rule (except rc4, weak and null which come last):
|
||||
* Current rule (except RC4 and 3DES, weak and null which come last):
|
||||
* 1. By key exchange:
|
||||
* Forward-secure non-PSK > forward-secure PSK > ECJPAKE > other non-PSK > other PSK
|
||||
* 2. By key length and cipher:
|
||||
* ChaCha > AES-256 > Camellia-256 > ARIA-256 > AES-128 > Camellia-128 > ARIA-128 > 3DES
|
||||
* ChaCha > AES-256 > Camellia-256 > ARIA-256 > AES-128 > Camellia-128 > ARIA-128
|
||||
* 3. By cipher mode when relevant GCM > CCM > CBC > CCM_8
|
||||
* 4. By hash function used when relevant
|
||||
* 5. By key exchange/auth again: EC > non-EC
|
||||
@ -126,11 +126,6 @@ static const int ciphersuite_preference[] =
|
||||
MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256,
|
||||
MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256,
|
||||
|
||||
/* All remaining >= 128-bit ephemeral suites */
|
||||
MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
|
||||
MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
|
||||
MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
|
||||
|
||||
/* The PSK ephemeral suites */
|
||||
MBEDTLS_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
|
||||
MBEDTLS_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
|
||||
@ -162,9 +157,6 @@ static const int ciphersuite_preference[] =
|
||||
MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256,
|
||||
MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256,
|
||||
|
||||
MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
|
||||
MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
|
||||
|
||||
/* The ECJPAKE suite */
|
||||
MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8,
|
||||
|
||||
@ -228,11 +220,6 @@ static const int ciphersuite_preference[] =
|
||||
MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256,
|
||||
MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256,
|
||||
|
||||
/* All remaining >= 128-bit suites */
|
||||
MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA,
|
||||
MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,
|
||||
MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,
|
||||
|
||||
/* The RSA PSK suites */
|
||||
MBEDTLS_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256,
|
||||
MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384,
|
||||
@ -251,8 +238,6 @@ static const int ciphersuite_preference[] =
|
||||
MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
|
||||
MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256,
|
||||
|
||||
MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
|
||||
|
||||
/* The PSK suites */
|
||||
MBEDTLS_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256,
|
||||
MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384,
|
||||
@ -275,6 +260,16 @@ static const int ciphersuite_preference[] =
|
||||
MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256,
|
||||
MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256,
|
||||
|
||||
/* 3DES suites */
|
||||
MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
|
||||
MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
|
||||
MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
|
||||
MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
|
||||
MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
|
||||
MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA,
|
||||
MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,
|
||||
MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,
|
||||
MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
|
||||
MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA,
|
||||
|
||||
/* RC4 suites */
|
||||
@ -2187,6 +2182,26 @@ const int *mbedtls_ssl_list_ciphersuites( void )
|
||||
static int supported_ciphersuites[MAX_CIPHERSUITES];
|
||||
static int supported_init = 0;
|
||||
|
||||
static int ciphersuite_is_removed( const mbedtls_ssl_ciphersuite_t *cs_info )
|
||||
{
|
||||
(void)cs_info;
|
||||
|
||||
#if defined(MBEDTLS_REMOVE_ARC4_CIPHERSUITES)
|
||||
if( cs_info->cipher == MBEDTLS_CIPHER_ARC4_128 )
|
||||
return( 1 );
|
||||
#endif /* MBEDTLS_REMOVE_ARC4_CIPHERSUITES */
|
||||
|
||||
#if defined(MBEDTLS_REMOVE_3DES_CIPHERSUITES)
|
||||
if( cs_info->cipher == MBEDTLS_CIPHER_DES_EDE3_ECB ||
|
||||
cs_info->cipher == MBEDTLS_CIPHER_DES_EDE3_CBC )
|
||||
{
|
||||
return( 1 );
|
||||
}
|
||||
#endif /* MBEDTLS_REMOVE_3DES_CIPHERSUITES */
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
const int *mbedtls_ssl_list_ciphersuites( void )
|
||||
{
|
||||
/*
|
||||
@ -2202,14 +2217,12 @@ const int *mbedtls_ssl_list_ciphersuites( void )
|
||||
*p != 0 && q < supported_ciphersuites + MAX_CIPHERSUITES - 1;
|
||||
p++ )
|
||||
{
|
||||
#if defined(MBEDTLS_REMOVE_ARC4_CIPHERSUITES)
|
||||
const mbedtls_ssl_ciphersuite_t *cs_info;
|
||||
if( ( cs_info = mbedtls_ssl_ciphersuite_from_id( *p ) ) != NULL &&
|
||||
cs_info->cipher != MBEDTLS_CIPHER_ARC4_128 )
|
||||
#else
|
||||
if( mbedtls_ssl_ciphersuite_from_id( *p ) != NULL )
|
||||
#endif
|
||||
!ciphersuite_is_removed( cs_info ) )
|
||||
{
|
||||
*(q++) = *p;
|
||||
}
|
||||
}
|
||||
*q = 0;
|
||||
|
||||
|
||||
@ -2265,6 +2265,7 @@ static int ssl_write_encrypted_pms( mbedtls_ssl_context *ssl,
|
||||
int ret;
|
||||
size_t len_bytes = ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ? 0 : 2;
|
||||
unsigned char *p = ssl->handshake->premaster + pms_offset;
|
||||
mbedtls_pk_context * peer_pk;
|
||||
|
||||
if( offset + len_bytes > MBEDTLS_SSL_OUT_CONTENT_LEN )
|
||||
{
|
||||
@ -2290,23 +2291,28 @@ static int ssl_write_encrypted_pms( mbedtls_ssl_context *ssl,
|
||||
|
||||
ssl->handshake->pmslen = 48;
|
||||
|
||||
#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
|
||||
peer_pk = &ssl->handshake->peer_pubkey;
|
||||
#else /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
|
||||
if( ssl->session_negotiate->peer_cert == NULL )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "certificate required" ) );
|
||||
return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE );
|
||||
/* Should never happen */
|
||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
|
||||
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
|
||||
}
|
||||
peer_pk = &ssl->session_negotiate->peer_cert->pk;
|
||||
#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
|
||||
|
||||
/*
|
||||
* Now write it out, encrypted
|
||||
*/
|
||||
if( ! mbedtls_pk_can_do( &ssl->session_negotiate->peer_cert->pk,
|
||||
MBEDTLS_PK_RSA ) )
|
||||
if( ! mbedtls_pk_can_do( peer_pk, MBEDTLS_PK_RSA ) )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "certificate key type mismatch" ) );
|
||||
return( MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH );
|
||||
}
|
||||
|
||||
if( ( ret = mbedtls_pk_encrypt( &ssl->session_negotiate->peer_cert->pk,
|
||||
if( ( ret = mbedtls_pk_encrypt( peer_pk,
|
||||
p, ssl->handshake->pmslen,
|
||||
ssl->out_msg + offset + len_bytes, olen,
|
||||
MBEDTLS_SSL_OUT_CONTENT_LEN - offset - len_bytes,
|
||||
@ -2326,6 +2332,10 @@ static int ssl_write_encrypted_pms( mbedtls_ssl_context *ssl,
|
||||
}
|
||||
#endif
|
||||
|
||||
#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
|
||||
/* We don't need the peer's public key anymore. Free it. */
|
||||
mbedtls_pk_free( peer_pk );
|
||||
#endif /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
|
||||
return( 0 );
|
||||
}
|
||||
#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED ||
|
||||
@ -2401,21 +2411,27 @@ static int ssl_get_ecdh_params_from_cert( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret;
|
||||
const mbedtls_ecp_keypair *peer_key;
|
||||
mbedtls_pk_context * peer_pk;
|
||||
|
||||
#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
|
||||
peer_pk = &ssl->handshake->peer_pubkey;
|
||||
#else /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
|
||||
if( ssl->session_negotiate->peer_cert == NULL )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "certificate required" ) );
|
||||
return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE );
|
||||
/* Should never happen */
|
||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
|
||||
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
|
||||
}
|
||||
peer_pk = &ssl->session_negotiate->peer_cert->pk;
|
||||
#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
|
||||
|
||||
if( ! mbedtls_pk_can_do( &ssl->session_negotiate->peer_cert->pk,
|
||||
MBEDTLS_PK_ECKEY ) )
|
||||
if( ! mbedtls_pk_can_do( peer_pk, MBEDTLS_PK_ECKEY ) )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "server key not ECDH capable" ) );
|
||||
return( MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH );
|
||||
}
|
||||
|
||||
peer_key = mbedtls_pk_ec( ssl->session_negotiate->peer_cert->pk );
|
||||
peer_key = mbedtls_pk_ec( *peer_pk );
|
||||
|
||||
if( ( ret = mbedtls_ecdh_get_params( &ssl->handshake->ecdh_ctx, peer_key,
|
||||
MBEDTLS_ECDH_THEIRS ) ) != 0 )
|
||||
@ -2430,6 +2446,13 @@ static int ssl_get_ecdh_params_from_cert( mbedtls_ssl_context *ssl )
|
||||
return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE );
|
||||
}
|
||||
|
||||
#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
|
||||
/* We don't need the peer's public key anymore. Free it,
|
||||
* so that more RAM is available for upcoming expensive
|
||||
* operations like ECDHE. */
|
||||
mbedtls_pk_free( peer_pk );
|
||||
#endif /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
|
||||
|
||||
return( ret );
|
||||
}
|
||||
#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) ||
|
||||
@ -2640,6 +2663,8 @@ start_processing:
|
||||
size_t params_len = p - params;
|
||||
void *rs_ctx = NULL;
|
||||
|
||||
mbedtls_pk_context * peer_pk;
|
||||
|
||||
/*
|
||||
* Handle the digitally-signed structure
|
||||
*/
|
||||
@ -2742,18 +2767,22 @@ start_processing:
|
||||
|
||||
MBEDTLS_SSL_DEBUG_BUF( 3, "parameters hash", hash, hashlen );
|
||||
|
||||
#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
|
||||
peer_pk = &ssl->handshake->peer_pubkey;
|
||||
#else /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
|
||||
if( ssl->session_negotiate->peer_cert == NULL )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "certificate required" ) );
|
||||
mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
|
||||
MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
|
||||
return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE );
|
||||
/* Should never happen */
|
||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
|
||||
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
|
||||
}
|
||||
peer_pk = &ssl->session_negotiate->peer_cert->pk;
|
||||
#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
|
||||
|
||||
/*
|
||||
* Verify signature
|
||||
*/
|
||||
if( ! mbedtls_pk_can_do( &ssl->session_negotiate->peer_cert->pk, pk_alg ) )
|
||||
if( !mbedtls_pk_can_do( peer_pk, pk_alg ) )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) );
|
||||
mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
|
||||
@ -2766,8 +2795,7 @@ start_processing:
|
||||
rs_ctx = &ssl->handshake->ecrs_ctx.pk;
|
||||
#endif
|
||||
|
||||
if( ( ret = mbedtls_pk_verify_restartable(
|
||||
&ssl->session_negotiate->peer_cert->pk,
|
||||
if( ( ret = mbedtls_pk_verify_restartable( peer_pk,
|
||||
md_alg, hash, hashlen, p, sig_len, rs_ctx ) ) != 0 )
|
||||
{
|
||||
#if defined(MBEDTLS_SSL__ECP_RESTARTABLE)
|
||||
@ -2782,6 +2810,13 @@ start_processing:
|
||||
#endif
|
||||
return( ret );
|
||||
}
|
||||
|
||||
#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
|
||||
/* We don't need the peer's public key anymore. Free it,
|
||||
* so that more RAM is available for upcoming expensive
|
||||
* operations like ECDHE. */
|
||||
mbedtls_pk_free( peer_pk );
|
||||
#endif /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
|
||||
}
|
||||
#endif /* MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED */
|
||||
|
||||
@ -3456,12 +3491,7 @@ ecdh_calc_secret:
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
#if !defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) && \
|
||||
!defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) && \
|
||||
!defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) && \
|
||||
!defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) && \
|
||||
!defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)&& \
|
||||
!defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
|
||||
#if !defined(MBEDTLS_KEY_EXCHANGE__CERT_REQ_ALLOWED__ENABLED)
|
||||
static int ssl_write_certificate_verify( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
|
||||
@ -3476,11 +3506,7 @@ static int ssl_write_certificate_verify( mbedtls_ssl_context *ssl )
|
||||
return( ret );
|
||||
}
|
||||
|
||||
if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ||
|
||||
ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ||
|
||||
ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
|
||||
ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
|
||||
ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
|
||||
if( !mbedtls_ssl_ciphersuite_cert_req_allowed( ciphersuite_info ) )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate verify" ) );
|
||||
ssl->state++;
|
||||
@ -3490,7 +3516,7 @@ static int ssl_write_certificate_verify( mbedtls_ssl_context *ssl )
|
||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
|
||||
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
|
||||
}
|
||||
#else
|
||||
#else /* !MBEDTLS_KEY_EXCHANGE__CERT_REQ_ALLOWED__ENABLED */
|
||||
static int ssl_write_certificate_verify( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
|
||||
@ -3519,11 +3545,7 @@ static int ssl_write_certificate_verify( mbedtls_ssl_context *ssl )
|
||||
return( ret );
|
||||
}
|
||||
|
||||
if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ||
|
||||
ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ||
|
||||
ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
|
||||
ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
|
||||
ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
|
||||
if( !mbedtls_ssl_ciphersuite_cert_req_allowed( ciphersuite_info ) )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate verify" ) );
|
||||
ssl->state++;
|
||||
@ -3666,12 +3688,7 @@ sign:
|
||||
|
||||
return( ret );
|
||||
}
|
||||
#endif /* !MBEDTLS_KEY_EXCHANGE_RSA_ENABLED &&
|
||||
!MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED &&
|
||||
!MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED &&
|
||||
!MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED &&
|
||||
!MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED &&
|
||||
!MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
|
||||
#endif /* MBEDTLS_KEY_EXCHANGE__CERT_REQ_ALLOWED__ENABLED */
|
||||
|
||||
#if defined(MBEDTLS_SSL_SESSION_TICKETS)
|
||||
static int ssl_parse_new_session_ticket( mbedtls_ssl_context *ssl )
|
||||
|
||||
@ -2680,12 +2680,7 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl )
|
||||
return( ret );
|
||||
}
|
||||
|
||||
#if !defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) && \
|
||||
!defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) && \
|
||||
!defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) && \
|
||||
!defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) && \
|
||||
!defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)&& \
|
||||
!defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
|
||||
#if !defined(MBEDTLS_KEY_EXCHANGE__CERT_REQ_ALLOWED__ENABLED)
|
||||
static int ssl_write_certificate_request( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
|
||||
@ -2693,11 +2688,7 @@ static int ssl_write_certificate_request( mbedtls_ssl_context *ssl )
|
||||
|
||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write certificate request" ) );
|
||||
|
||||
if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ||
|
||||
ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ||
|
||||
ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
|
||||
ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
|
||||
ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
|
||||
if( !mbedtls_ssl_ciphersuite_cert_req_allowed( ciphersuite_info ) )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate request" ) );
|
||||
ssl->state++;
|
||||
@ -2707,7 +2698,7 @@ static int ssl_write_certificate_request( mbedtls_ssl_context *ssl )
|
||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
|
||||
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
|
||||
}
|
||||
#else
|
||||
#else /* !MBEDTLS_KEY_EXCHANGE__CERT_REQ_ALLOWED__ENABLED */
|
||||
static int ssl_write_certificate_request( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
|
||||
@ -2731,11 +2722,7 @@ static int ssl_write_certificate_request( mbedtls_ssl_context *ssl )
|
||||
#endif
|
||||
authmode = ssl->conf->authmode;
|
||||
|
||||
if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ||
|
||||
ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ||
|
||||
ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
|
||||
ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
|
||||
ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ||
|
||||
if( !mbedtls_ssl_ciphersuite_cert_req_allowed( ciphersuite_info ) ||
|
||||
authmode == MBEDTLS_SSL_VERIFY_NONE )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate request" ) );
|
||||
@ -2874,12 +2861,7 @@ static int ssl_write_certificate_request( mbedtls_ssl_context *ssl )
|
||||
|
||||
return( ret );
|
||||
}
|
||||
#endif /* !MBEDTLS_KEY_EXCHANGE_RSA_ENABLED &&
|
||||
!MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED &&
|
||||
!MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED &&
|
||||
!MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED &&
|
||||
!MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED &&
|
||||
!MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
|
||||
#endif /* MBEDTLS_KEY_EXCHANGE__CERT_REQ_ALLOWED__ENABLED */
|
||||
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
|
||||
defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
|
||||
@ -4048,12 +4030,7 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl )
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
#if !defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) && \
|
||||
!defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) && \
|
||||
!defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) && \
|
||||
!defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) && \
|
||||
!defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)&& \
|
||||
!defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
|
||||
#if !defined(MBEDTLS_KEY_EXCHANGE__CERT_REQ_ALLOWED__ENABLED)
|
||||
static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
|
||||
@ -4061,11 +4038,7 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl )
|
||||
|
||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse certificate verify" ) );
|
||||
|
||||
if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ||
|
||||
ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ||
|
||||
ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
|
||||
ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
|
||||
ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
|
||||
if( !mbedtls_ssl_ciphersuite_cert_req_allowed( ciphersuite_info ) )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate verify" ) );
|
||||
ssl->state++;
|
||||
@ -4075,7 +4048,7 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl )
|
||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
|
||||
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
|
||||
}
|
||||
#else
|
||||
#else /* !MBEDTLS_KEY_EXCHANGE__CERT_REQ_ALLOWED__ENABLED */
|
||||
static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
|
||||
@ -4089,21 +4062,33 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl )
|
||||
mbedtls_md_type_t md_alg;
|
||||
const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
|
||||
ssl->transform_negotiate->ciphersuite_info;
|
||||
mbedtls_pk_context * peer_pk;
|
||||
|
||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse certificate verify" ) );
|
||||
|
||||
if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ||
|
||||
ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ||
|
||||
ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
|
||||
ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
|
||||
ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ||
|
||||
ssl->session_negotiate->peer_cert == NULL )
|
||||
if( !mbedtls_ssl_ciphersuite_cert_req_allowed( ciphersuite_info ) )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate verify" ) );
|
||||
ssl->state++;
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
|
||||
if( ssl->session_negotiate->peer_cert == NULL )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate verify" ) );
|
||||
ssl->state++;
|
||||
return( 0 );
|
||||
}
|
||||
#else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
|
||||
if( ssl->session_negotiate->peer_cert_digest == NULL )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate verify" ) );
|
||||
ssl->state++;
|
||||
return( 0 );
|
||||
}
|
||||
#endif /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
|
||||
|
||||
/* Read the message without adding it to the checksum */
|
||||
ret = mbedtls_ssl_read_record( ssl, 0 /* no checksum update */ );
|
||||
if( 0 != ret )
|
||||
@ -4124,6 +4109,17 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl )
|
||||
|
||||
i = mbedtls_ssl_hs_hdr_len( ssl );
|
||||
|
||||
#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
|
||||
peer_pk = &ssl->handshake->peer_pubkey;
|
||||
#else /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
|
||||
if( ssl->session_negotiate->peer_cert == NULL )
|
||||
{
|
||||
/* Should never happen */
|
||||
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
|
||||
}
|
||||
peer_pk = &ssl->session_negotiate->peer_cert->pk;
|
||||
#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
|
||||
|
||||
/*
|
||||
* struct {
|
||||
* SignatureAndHashAlgorithm algorithm; -- TLS 1.2 only
|
||||
@ -4138,8 +4134,7 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl )
|
||||
hashlen = 36;
|
||||
|
||||
/* For ECDSA, use SHA-1, not MD-5 + SHA-1 */
|
||||
if( mbedtls_pk_can_do( &ssl->session_negotiate->peer_cert->pk,
|
||||
MBEDTLS_PK_ECDSA ) )
|
||||
if( mbedtls_pk_can_do( peer_pk, MBEDTLS_PK_ECDSA ) )
|
||||
{
|
||||
hash_start += 16;
|
||||
hashlen -= 16;
|
||||
@ -4194,7 +4189,7 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl )
|
||||
/*
|
||||
* Check the certificate's key type matches the signature alg
|
||||
*/
|
||||
if( ! mbedtls_pk_can_do( &ssl->session_negotiate->peer_cert->pk, pk_alg ) )
|
||||
if( !mbedtls_pk_can_do( peer_pk, pk_alg ) )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "sig_alg doesn't match cert key" ) );
|
||||
return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY );
|
||||
@ -4227,7 +4222,7 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl )
|
||||
/* Calculate hash and verify signature */
|
||||
ssl->handshake->calc_verify( ssl, hash );
|
||||
|
||||
if( ( ret = mbedtls_pk_verify( &ssl->session_negotiate->peer_cert->pk,
|
||||
if( ( ret = mbedtls_pk_verify( peer_pk,
|
||||
md_alg, hash_start, hashlen,
|
||||
ssl->in_msg + i, sig_len ) ) != 0 )
|
||||
{
|
||||
@ -4241,12 +4236,7 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl )
|
||||
|
||||
return( ret );
|
||||
}
|
||||
#endif /* !MBEDTLS_KEY_EXCHANGE_RSA_ENABLED &&
|
||||
!MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED &&
|
||||
!MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED &&
|
||||
!MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED &&
|
||||
!MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED &&
|
||||
!MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
|
||||
#endif /* MBEDTLS_KEY_EXCHANGE__CERT_REQ_ALLOWED__ENABLED */
|
||||
|
||||
#if defined(MBEDTLS_SSL_SESSION_TICKETS)
|
||||
static int ssl_write_new_session_ticket( mbedtls_ssl_context *ssl )
|
||||
|
||||
@ -187,9 +187,16 @@ int mbedtls_ssl_ticket_setup( mbedtls_ssl_ticket_context *ctx,
|
||||
|
||||
/*
|
||||
* Serialize a session in the following format:
|
||||
* 0 . n-1 session structure, n = sizeof(mbedtls_ssl_session)
|
||||
* n . n+2 peer_cert length = m (0 if no certificate)
|
||||
* n+3 . n+2+m peer cert ASN.1
|
||||
*
|
||||
* - If MBEDTLS_SSL_KEEP_PEER_CERTIFICATE is enabled:
|
||||
* 0 . n-1 session structure, n = sizeof(mbedtls_ssl_session)
|
||||
* n . n+2 peer_cert length = m (0 if no certificate)
|
||||
* n+3 . n+2+m peer cert ASN.1
|
||||
*
|
||||
* - If MBEDTLS_SSL_KEEP_PEER_CERTIFICATE is disabled:
|
||||
* 0 . n-1 session structure, n = sizeof(mbedtls_ssl_session)
|
||||
* n . n length of peer certificate digest = k (0 if no digest)
|
||||
* n+1 . n+k peer certificate digest (digest type encoded in session)
|
||||
*/
|
||||
static int ssl_save_session( const mbedtls_ssl_session *session,
|
||||
unsigned char *buf, size_t buf_len,
|
||||
@ -198,17 +205,25 @@ static int ssl_save_session( const mbedtls_ssl_session *session,
|
||||
unsigned char *p = buf;
|
||||
size_t left = buf_len;
|
||||
#if defined(MBEDTLS_X509_CRT_PARSE_C)
|
||||
#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
|
||||
size_t cert_len;
|
||||
#else
|
||||
size_t cert_digest_len;
|
||||
#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
|
||||
#endif /* MBEDTLS_X509_CRT_PARSE_C */
|
||||
|
||||
if( left < sizeof( mbedtls_ssl_session ) )
|
||||
return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
|
||||
|
||||
/* This also copies the values of pointer fields in the
|
||||
* session to be serialized, but they'll be ignored when
|
||||
* loading the session through ssl_load_session(). */
|
||||
memcpy( p, session, sizeof( mbedtls_ssl_session ) );
|
||||
p += sizeof( mbedtls_ssl_session );
|
||||
left -= sizeof( mbedtls_ssl_session );
|
||||
|
||||
#if defined(MBEDTLS_X509_CRT_PARSE_C)
|
||||
#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
|
||||
if( session->peer_cert == NULL )
|
||||
cert_len = 0;
|
||||
else
|
||||
@ -220,11 +235,31 @@ static int ssl_save_session( const mbedtls_ssl_session *session,
|
||||
*p++ = (unsigned char)( ( cert_len >> 16 ) & 0xFF );
|
||||
*p++ = (unsigned char)( ( cert_len >> 8 ) & 0xFF );
|
||||
*p++ = (unsigned char)( ( cert_len ) & 0xFF );
|
||||
left -= 3;
|
||||
|
||||
if( session->peer_cert != NULL )
|
||||
memcpy( p, session->peer_cert->raw.p, cert_len );
|
||||
|
||||
p += cert_len;
|
||||
left -= cert_len;
|
||||
#else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
|
||||
if( session->peer_cert_digest != NULL )
|
||||
cert_digest_len = 0;
|
||||
else
|
||||
cert_digest_len = session->peer_cert_digest_len;
|
||||
|
||||
if( left < 1 + cert_digest_len )
|
||||
return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
|
||||
|
||||
*p++ = (unsigned char) cert_digest_len;
|
||||
left--;
|
||||
|
||||
if( session->peer_cert_digest != NULL )
|
||||
memcpy( p, session->peer_cert_digest, cert_digest_len );
|
||||
|
||||
p += cert_digest_len;
|
||||
left -= cert_digest_len;
|
||||
#endif /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
|
||||
#endif /* MBEDTLS_X509_CRT_PARSE_C */
|
||||
|
||||
*olen = p - buf;
|
||||
@ -241,7 +276,11 @@ static int ssl_load_session( mbedtls_ssl_session *session,
|
||||
const unsigned char *p = buf;
|
||||
const unsigned char * const end = buf + len;
|
||||
#if defined(MBEDTLS_X509_CRT_PARSE_C)
|
||||
#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
|
||||
size_t cert_len;
|
||||
#else
|
||||
size_t cert_digest_len;
|
||||
#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
|
||||
#endif /* MBEDTLS_X509_CRT_PARSE_C */
|
||||
|
||||
if( sizeof( mbedtls_ssl_session ) > (size_t)( end - p ) )
|
||||
@ -250,18 +289,29 @@ static int ssl_load_session( mbedtls_ssl_session *session,
|
||||
memcpy( session, p, sizeof( mbedtls_ssl_session ) );
|
||||
p += sizeof( mbedtls_ssl_session );
|
||||
|
||||
/* Non-NULL pointer fields of `session` are meaningless
|
||||
* and potentially harmful. Zeroize them for safety. */
|
||||
#if defined(MBEDTLS_X509_CRT_PARSE_C)
|
||||
#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
|
||||
session->peer_cert = NULL;
|
||||
#else
|
||||
session->peer_cert_digest = NULL;
|
||||
#endif /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
|
||||
#endif /* MBEDTLS_X509_CRT_PARSE_C */
|
||||
#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C)
|
||||
session->ticket = NULL;
|
||||
#endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */
|
||||
|
||||
#if defined(MBEDTLS_X509_CRT_PARSE_C)
|
||||
#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
|
||||
/* Deserialize CRT from the end of the ticket. */
|
||||
if( 3 > (size_t)( end - p ) )
|
||||
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
|
||||
|
||||
cert_len = ( p[0] << 16 ) | ( p[1] << 8 ) | p[2];
|
||||
p += 3;
|
||||
|
||||
if( cert_len == 0 )
|
||||
{
|
||||
session->peer_cert = NULL;
|
||||
}
|
||||
else
|
||||
if( cert_len != 0 )
|
||||
{
|
||||
int ret;
|
||||
|
||||
@ -286,6 +336,30 @@ static int ssl_load_session( mbedtls_ssl_session *session,
|
||||
|
||||
p += cert_len;
|
||||
}
|
||||
#else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
|
||||
/* Deserialize CRT digest from the end of the ticket. */
|
||||
if( 1 > (size_t)( end - p ) )
|
||||
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
|
||||
|
||||
cert_digest_len = (size_t) p[0];
|
||||
p++;
|
||||
|
||||
if( cert_digest_len != 0 )
|
||||
{
|
||||
if( cert_digest_len > (size_t)( end - p ) ||
|
||||
cert_digest_len != session->peer_cert_digest_len )
|
||||
{
|
||||
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
|
||||
}
|
||||
|
||||
session->peer_cert_digest = mbedtls_calloc( 1, cert_digest_len );
|
||||
if( session->peer_cert_digest == NULL )
|
||||
return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
|
||||
|
||||
memcpy( session->peer_cert_digest, p, cert_digest_len );
|
||||
p += cert_digest_len;
|
||||
}
|
||||
#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
|
||||
#endif /* MBEDTLS_X509_CRT_PARSE_C */
|
||||
|
||||
if( p != end )
|
||||
|
||||
File diff suppressed because it is too large
Load Diff
@ -303,6 +303,9 @@ static const char *features[] = {
|
||||
#if defined(MBEDTLS_REMOVE_ARC4_CIPHERSUITES)
|
||||
"MBEDTLS_REMOVE_ARC4_CIPHERSUITES",
|
||||
#endif /* MBEDTLS_REMOVE_ARC4_CIPHERSUITES */
|
||||
#if defined(MBEDTLS_REMOVE_3DES_CIPHERSUITES)
|
||||
"MBEDTLS_REMOVE_3DES_CIPHERSUITES",
|
||||
#endif /* MBEDTLS_REMOVE_3DES_CIPHERSUITES */
|
||||
#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
|
||||
"MBEDTLS_ECP_DP_SECP192R1_ENABLED",
|
||||
#endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */
|
||||
@ -462,6 +465,9 @@ static const char *features[] = {
|
||||
#if defined(MBEDTLS_SSL_FALLBACK_SCSV)
|
||||
"MBEDTLS_SSL_FALLBACK_SCSV",
|
||||
#endif /* MBEDTLS_SSL_FALLBACK_SCSV */
|
||||
#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
|
||||
"MBEDTLS_SSL_KEEP_PEER_CERTIFICATE",
|
||||
#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
|
||||
#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL)
|
||||
"MBEDTLS_SSL_HW_RECORD_ACCEL",
|
||||
#endif /* MBEDTLS_SSL_HW_RECORD_ACCEL */
|
||||
|
||||
@ -996,11 +996,13 @@ static int x509_crt_parse_der_core( mbedtls_x509_crt *crt,
|
||||
/*
|
||||
* SubjectPublicKeyInfo
|
||||
*/
|
||||
crt->pk_raw.p = p;
|
||||
if( ( ret = mbedtls_pk_parse_subpubkey( &p, end, &crt->pk ) ) != 0 )
|
||||
{
|
||||
mbedtls_x509_crt_free( crt );
|
||||
return( ret );
|
||||
}
|
||||
crt->pk_raw.len = p - crt->pk_raw.p;
|
||||
|
||||
/*
|
||||
* issuerUniqueID [1] IMPLICIT UniqueIdentifier OPTIONAL,
|
||||
|
||||
Reference in New Issue
Block a user