From 01c7356944a03756b5c686b1545830fdb4b2a685 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Fri, 27 Oct 2023 17:03:20 +0800 Subject: [PATCH 01/27] Add deprecated flag in document for sig_hashes Signed-off-by: Jerry Yu --- include/mbedtls/ssl.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 03a8b1f142..ed54926dcc 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -3751,6 +3751,8 @@ void mbedtls_ssl_conf_groups(mbedtls_ssl_config *conf, * used for certificate signature are controlled by the * verification profile, see \c mbedtls_ssl_conf_cert_profile(). * + * \deprecated Superseded by mbedtls_ssl_conf_sig_algs(). + * * \note This list should be ordered by decreasing preference * (preferred hash first). * From 83536c23f334ec30c28ab56f99f194fca5a32e9f Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Mon, 30 Oct 2023 16:17:34 +0800 Subject: [PATCH 02/27] Add translation ruler into document Signed-off-by: Jerry Yu --- include/mbedtls/ssl.h | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index ed54926dcc..8a35c2b898 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -3751,7 +3751,8 @@ void mbedtls_ssl_conf_groups(mbedtls_ssl_config *conf, * used for certificate signature are controlled by the * verification profile, see \c mbedtls_ssl_conf_cert_profile(). * - * \deprecated Superseded by mbedtls_ssl_conf_sig_algs(). + * \deprecated Superseded by `mbedtls_ssl_conf_sig_algs()`. See + * `mbedtls_ssl_conf_sig_algs()` also. * * \note This list should be ordered by decreasing preference * (preferred hash first). @@ -3783,7 +3784,9 @@ void MBEDTLS_DEPRECATED mbedtls_ssl_conf_sig_hashes(mbedtls_ssl_config *conf, * \param sig_algs List of allowed IANA values for TLS 1.3 signature algorithms, * terminated by \c MBEDTLS_TLS1_3_SIG_NONE. The list must remain * available throughout the lifetime of the conf object. Supported - * values are available as \c MBEDTLS_TLS1_3_SIG_XXXX + * values are available as \c MBEDTLS_TLS1_3_SIG_XXXX . Using + * this for TLS 1.2, items in this parameter should be + * `(HashAlgorithm << 8) | SignatureAlgorithm`. */ void mbedtls_ssl_conf_sig_algs(mbedtls_ssl_config *conf, const uint16_t *sig_algs); From 2c46ca3474e585ab6f0dacb6ef1245123b1d2cde Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Mon, 30 Oct 2023 17:32:20 +0800 Subject: [PATCH 03/27] fix various issues Signed-off-by: Jerry Yu --- include/mbedtls/ssl.h | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 8a35c2b898..5ebb00f7d5 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -3751,8 +3751,7 @@ void mbedtls_ssl_conf_groups(mbedtls_ssl_config *conf, * used for certificate signature are controlled by the * verification profile, see \c mbedtls_ssl_conf_cert_profile(). * - * \deprecated Superseded by `mbedtls_ssl_conf_sig_algs()`. See - * `mbedtls_ssl_conf_sig_algs()` also. + * \deprecated Superseded by mbedtls_ssl_conf_sig_algs(). * * \note This list should be ordered by decreasing preference * (preferred hash first). @@ -3778,7 +3777,7 @@ void MBEDTLS_DEPRECATED mbedtls_ssl_conf_sig_hashes(mbedtls_ssl_config *conf, #endif /* !MBEDTLS_DEPRECATED_REMOVED && MBEDTLS_SSL_PROTO_TLS1_2 */ /** - * \brief Configure allowed signature algorithms for use in TLS 1.3 + * \brief Configure allowed signature algorithms * * \param conf The SSL configuration to use. * \param sig_algs List of allowed IANA values for TLS 1.3 signature algorithms, @@ -3786,7 +3785,7 @@ void MBEDTLS_DEPRECATED mbedtls_ssl_conf_sig_hashes(mbedtls_ssl_config *conf, * available throughout the lifetime of the conf object. Supported * values are available as \c MBEDTLS_TLS1_3_SIG_XXXX . Using * this for TLS 1.2, items in this parameter should be - * `(HashAlgorithm << 8) | SignatureAlgorithm`. + * "(HashAlgorithm << 8) | SignatureAlgorithm". */ void mbedtls_ssl_conf_sig_algs(mbedtls_ssl_config *conf, const uint16_t *sig_algs); From 53c4a0da071d7351a807206a41e700bc2d1aae9d Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Thu, 9 Nov 2023 10:38:17 +0800 Subject: [PATCH 04/27] Improve documents Signed-off-by: Jerry Yu --- include/mbedtls/ssl.h | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 5ebb00f7d5..67ca192320 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -3781,11 +3781,12 @@ void MBEDTLS_DEPRECATED mbedtls_ssl_conf_sig_hashes(mbedtls_ssl_config *conf, * * \param conf The SSL configuration to use. * \param sig_algs List of allowed IANA values for TLS 1.3 signature algorithms, - * terminated by \c MBEDTLS_TLS1_3_SIG_NONE. The list must remain - * available throughout the lifetime of the conf object. Supported - * values are available as \c MBEDTLS_TLS1_3_SIG_XXXX . Using - * this for TLS 1.2, items in this parameter should be - * "(HashAlgorithm << 8) | SignatureAlgorithm". + * terminated by #MBEDTLS_TLS1_3_SIG_NONE. The list must remain + * available throughout the lifetime of the conf object. + * - For TLS 1.3, values of \c MBEDTLS_TLS1_3_SIG_XXXX should be + * used. + * - For TLS 1.2, values should be given as + * "(HashAlgorithm << 8) | SignatureAlgorithm". */ void mbedtls_ssl_conf_sig_algs(mbedtls_ssl_config *conf, const uint16_t *sig_algs); From 1b23bce4a27c55fac791256feeb126d00d67b31d Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Mon, 13 Nov 2023 13:45:14 +0800 Subject: [PATCH 05/27] improve brief description of conf_sig_algs Signed-off-by: Jerry Yu --- include/mbedtls/ssl.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 67ca192320..6cb7035239 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -3777,7 +3777,7 @@ void MBEDTLS_DEPRECATED mbedtls_ssl_conf_sig_hashes(mbedtls_ssl_config *conf, #endif /* !MBEDTLS_DEPRECATED_REMOVED && MBEDTLS_SSL_PROTO_TLS1_2 */ /** - * \brief Configure allowed signature algorithms + * \brief Configure allowed signature algorithms for use in TLS * * \param conf The SSL configuration to use. * \param sig_algs List of allowed IANA values for TLS 1.3 signature algorithms, From fb0f47b1f8c7dc79a4ac550747796f02b76949b9 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Mon, 4 Dec 2023 15:27:28 +0800 Subject: [PATCH 06/27] tls13: srv: check tls version in ClientHello with min_tls_version When server is configured as TLS 1.3 only and receives ClientHello from a TLS 1.2 only client, it's expected to abort the handshake instead of downgrading protocol to TLS 1.2 and continuing handshake. This commit adds a check to make sure server min_tls_version always larger than received version in ClientHello. Signed-off-by: Yanray Wang --- library/ssl_tls13_server.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index d983a00395..b3f25b5e87 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -1920,6 +1920,15 @@ static int ssl_tls13_process_client_hello(mbedtls_ssl_context *ssl) * will dispatch to the TLS 1.2 state machine. */ if (SSL_CLIENT_HELLO_TLS1_2 == parse_client_hello_ret) { + /* Check if server supports TLS 1.2 */ + if (ssl->conf->min_tls_version > MBEDTLS_SSL_VERSION_TLS1_2) { + MBEDTLS_SSL_DEBUG_MSG( + 1, ("Unsupported version of TLS 1.2 was received")); + MBEDTLS_SSL_PEND_FATAL_ALERT( + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER, + MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER); + return MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER; + } ssl->keep_current_message = 1; ssl->tls_version = MBEDTLS_SSL_VERSION_TLS1_2; return 0; From 3d82ffce5bd6c00d3b96f214326b8c3c0b91c6ec Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Mon, 4 Dec 2023 15:32:20 +0800 Subject: [PATCH 07/27] ssl-opt: test handshake for TLS 1.2 only cli with TLS 1.3 only srv Signed-off-by: Yanray Wang --- tests/ssl-opt.sh | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 4762285b00..e67cf02f08 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -11613,6 +11613,22 @@ run_test "TLS 1.3: Not supported version check:openssl: srv max TLS 1.2" \ -S "Version: TLS1.2" \ -C "Protocol : TLSv1.2" +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 +requires_config_enabled MBEDTLS_SSL_SRV_C +run_test "TLS 1.3 m->m: Not supported version check: cli TLS 1.2 only, srv TLS 1.3 only, fail" \ + "$P_SRV debug_level=4 max_version=tls13 min_version=tls13" \ + "$P_CLI debug_level=4 max_version=tls12 min_version=tls12" \ + 1 \ + -c "The SSL configuration is tls12 only" \ + -c "supported_versions(43) extension does not exist." \ + -c "A fatal alert message was received from our peer" \ + -s "The SSL configuration is tls13 only" \ + -s "Unsupported version of TLS 1.2 was received" \ + -s "! mbedtls_ssl_handshake returned" + requires_openssl_tls1_3_with_compatible_ephemeral requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C From 631e6bd221a75bf46cc9baaaaf5a9feefff56a49 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Tue, 5 Dec 2023 15:34:49 +0800 Subject: [PATCH 08/27] ChangeLog: add fix-tls13-server-min-version-check.txt Signed-off-by: Yanray Wang --- ChangeLog.d/fix-tls13-server-min-version-check.txt | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 ChangeLog.d/fix-tls13-server-min-version-check.txt diff --git a/ChangeLog.d/fix-tls13-server-min-version-check.txt b/ChangeLog.d/fix-tls13-server-min-version-check.txt new file mode 100644 index 0000000000..b05ad7c542 --- /dev/null +++ b/ChangeLog.d/fix-tls13-server-min-version-check.txt @@ -0,0 +1,4 @@ +Bugfix + * Add missing check for `min_tls_version` in TLS 1.3 server-side. + Without this, TLS 1.3 server may downgrade protocol to a TLS version + below its supported minimum TLS version. Fixes #8593. From 981ec147448829de901b75d1756867506ee42a1a Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Wed, 25 Oct 2023 11:39:49 +0800 Subject: [PATCH 09/27] tls13: rename ssl_tls13_check_*_key_exchange functions Signed-off-by: Pengyu Lv --- library/ssl_tls13_server.c | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index fe7a674d66..6c42b73f42 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -95,9 +95,9 @@ static int ssl_tls13_parse_key_exchange_modes_ext(mbedtls_ssl_context *ssl, #if defined(MBEDTLS_SSL_SESSION_TICKETS) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_tls13_check_psk_key_exchange(mbedtls_ssl_context *ssl); +static int ssl_tls13_key_exchange_psk_available(mbedtls_ssl_context *ssl); MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_tls13_check_psk_ephemeral_key_exchange(mbedtls_ssl_context *ssl); +static int ssl_tls13_key_exchange_psk_ephemeral_available(mbedtls_ssl_context *ssl); MBEDTLS_CHECK_RETURN_CRITICAL static int ssl_tls13_offered_psks_check_identity_match_ticket( @@ -176,11 +176,11 @@ static int ssl_tls13_offered_psks_check_identity_match_ticket( key_exchanges = 0; if (mbedtls_ssl_session_ticket_allow_psk_ephemeral(session) && - ssl_tls13_check_psk_ephemeral_key_exchange(ssl)) { + ssl_tls13_key_exchange_psk_ephemeral_available(ssl)) { key_exchanges |= MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL; } if (mbedtls_ssl_session_ticket_allow_psk(session) && - ssl_tls13_check_psk_key_exchange(ssl)) { + ssl_tls13_key_exchange_psk_available(ssl)) { key_exchanges |= MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK; } @@ -1022,7 +1022,7 @@ static int ssl_tls13_ticket_permission_check(mbedtls_ssl_context *ssl, #endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED */ MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_tls13_check_ephemeral_key_exchange(mbedtls_ssl_context *ssl) +static int ssl_tls13_key_exchange_ephemeral_available(mbedtls_ssl_context *ssl) { #if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED) return mbedtls_ssl_conf_tls13_ephemeral_enabled(ssl) && @@ -1034,7 +1034,7 @@ static int ssl_tls13_check_ephemeral_key_exchange(mbedtls_ssl_context *ssl) } MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_tls13_check_psk_key_exchange(mbedtls_ssl_context *ssl) +static int ssl_tls13_key_exchange_psk_available(mbedtls_ssl_context *ssl) { #if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED) return ssl_tls13_ticket_permission_check( @@ -1049,7 +1049,7 @@ static int ssl_tls13_check_psk_key_exchange(mbedtls_ssl_context *ssl) } MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_tls13_check_psk_ephemeral_key_exchange(mbedtls_ssl_context *ssl) +static int ssl_tls13_key_exchange_psk_ephemeral_available(mbedtls_ssl_context *ssl) { #if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED) return ssl_tls13_ticket_permission_check( @@ -1083,17 +1083,17 @@ static int ssl_tls13_determine_key_exchange_mode(mbedtls_ssl_context *ssl) ssl->handshake->key_exchange_mode = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_NONE; - if (ssl_tls13_check_psk_ephemeral_key_exchange(ssl)) { + if (ssl_tls13_key_exchange_psk_ephemeral_available(ssl)) { ssl->handshake->key_exchange_mode = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL; MBEDTLS_SSL_DEBUG_MSG(2, ("key exchange mode: psk_ephemeral")); } else - if (ssl_tls13_check_ephemeral_key_exchange(ssl)) { + if (ssl_tls13_key_exchange_ephemeral_available(ssl)) { ssl->handshake->key_exchange_mode = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL; MBEDTLS_SSL_DEBUG_MSG(2, ("key exchange mode: ephemeral")); } else - if (ssl_tls13_check_psk_key_exchange(ssl)) { + if (ssl_tls13_key_exchange_psk_available(ssl)) { ssl->handshake->key_exchange_mode = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK; MBEDTLS_SSL_DEBUG_MSG(2, ("key exchange mode: psk")); @@ -1737,8 +1737,8 @@ static int ssl_tls13_parse_client_hello(mbedtls_ssl_context *ssl, * - The content up to but excluding the PSK extension, if present. */ /* If we've settled on a PSK-based exchange, parse PSK identity ext */ - if (ssl_tls13_check_psk_key_exchange(ssl) || - ssl_tls13_check_psk_ephemeral_key_exchange(ssl)) { + if (ssl_tls13_key_exchange_psk_available(ssl) || + ssl_tls13_key_exchange_psk_ephemeral_available(ssl)) { ret = handshake->update_checksum(ssl, buf, pre_shared_key_ext - buf); if (0 != ret) { From 60a22567e42fa05a93ae8f1cdca4a7d5d69bddb7 Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Wed, 25 Oct 2023 11:41:02 +0800 Subject: [PATCH 10/27] tls13: change return value of mbedtls_ssl_conf_tls13_check_kex_modes To keep the convention in TLS code, check functions should return 0 when check is successful. Signed-off-by: Pengyu Lv --- library/ssl_misc.h | 22 +++++++++++----------- library/ssl_tls13_client.c | 4 ++-- 2 files changed, 13 insertions(+), 13 deletions(-) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index b9801a06c3..08741bc05b 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -1904,37 +1904,37 @@ int mbedtls_ssl_tls13_handshake_server_step(mbedtls_ssl_context *ssl); static inline unsigned mbedtls_ssl_conf_tls13_check_kex_modes(mbedtls_ssl_context *ssl, int kex_mode_mask) { - return (ssl->conf->tls13_kex_modes & kex_mode_mask) != 0; + return (ssl->conf->tls13_kex_modes & kex_mode_mask) == 0; } static inline int mbedtls_ssl_conf_tls13_psk_enabled(mbedtls_ssl_context *ssl) { - return mbedtls_ssl_conf_tls13_check_kex_modes(ssl, - MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK); + return !mbedtls_ssl_conf_tls13_check_kex_modes(ssl, + MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK); } static inline int mbedtls_ssl_conf_tls13_psk_ephemeral_enabled(mbedtls_ssl_context *ssl) { - return mbedtls_ssl_conf_tls13_check_kex_modes(ssl, - MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL); + return !mbedtls_ssl_conf_tls13_check_kex_modes(ssl, + MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL); } static inline int mbedtls_ssl_conf_tls13_ephemeral_enabled(mbedtls_ssl_context *ssl) { - return mbedtls_ssl_conf_tls13_check_kex_modes(ssl, - MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL); + return !mbedtls_ssl_conf_tls13_check_kex_modes(ssl, + MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL); } static inline int mbedtls_ssl_conf_tls13_some_ephemeral_enabled(mbedtls_ssl_context *ssl) { - return mbedtls_ssl_conf_tls13_check_kex_modes(ssl, - MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ALL); + return !mbedtls_ssl_conf_tls13_check_kex_modes(ssl, + MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ALL); } static inline int mbedtls_ssl_conf_tls13_some_psk_enabled(mbedtls_ssl_context *ssl) { - return mbedtls_ssl_conf_tls13_check_kex_modes(ssl, - MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL); + return !mbedtls_ssl_conf_tls13_check_kex_modes(ssl, + MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL); } #if defined(MBEDTLS_SSL_SRV_C) && \ diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index ae1136431e..7844cedbec 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -684,7 +684,7 @@ static int ssl_tls13_has_configured_ticket(mbedtls_ssl_context *ssl) mbedtls_ssl_session *session = ssl->session_negotiate; return ssl->handshake->resume && session != NULL && session->ticket != NULL && - mbedtls_ssl_conf_tls13_check_kex_modes( + !mbedtls_ssl_conf_tls13_check_kex_modes( ssl, mbedtls_ssl_session_get_ticket_flags( session, MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL)); } @@ -1879,7 +1879,7 @@ static int ssl_tls13_postprocess_server_hello(mbedtls_ssl_context *ssl) goto cleanup; } - if (!mbedtls_ssl_conf_tls13_check_kex_modes( + if (mbedtls_ssl_conf_tls13_check_kex_modes( ssl, handshake->key_exchange_mode)) { ret = MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE; MBEDTLS_SSL_DEBUG_MSG( From fc2cb9632bb43f585c697bd499aec8b780ee6601 Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Fri, 10 Nov 2023 10:22:36 +0800 Subject: [PATCH 11/27] tls13: rename mbedtls_ssl_conf_tls13_check_kex_modes The function is renamed to mbedtls_ssl_conf_tls13_is_kex_mode_enabled. Signed-off-by: Pengyu Lv --- library/ssl_misc.h | 26 +++++++++++++------------- library/ssl_tls13_client.c | 4 ++-- 2 files changed, 15 insertions(+), 15 deletions(-) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 08741bc05b..8628384333 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -1901,40 +1901,40 @@ int mbedtls_ssl_tls13_handshake_server_step(mbedtls_ssl_context *ssl); /* * Helper functions around key exchange modes. */ -static inline unsigned mbedtls_ssl_conf_tls13_check_kex_modes(mbedtls_ssl_context *ssl, - int kex_mode_mask) +static inline int mbedtls_ssl_conf_tls13_is_kex_mode_enabled(mbedtls_ssl_context *ssl, + int kex_mode_mask) { - return (ssl->conf->tls13_kex_modes & kex_mode_mask) == 0; + return (ssl->conf->tls13_kex_modes & kex_mode_mask) != 0; } static inline int mbedtls_ssl_conf_tls13_psk_enabled(mbedtls_ssl_context *ssl) { - return !mbedtls_ssl_conf_tls13_check_kex_modes(ssl, - MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK); + return mbedtls_ssl_conf_tls13_is_kex_mode_enabled(ssl, + MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK); } static inline int mbedtls_ssl_conf_tls13_psk_ephemeral_enabled(mbedtls_ssl_context *ssl) { - return !mbedtls_ssl_conf_tls13_check_kex_modes(ssl, - MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL); + return mbedtls_ssl_conf_tls13_is_kex_mode_enabled(ssl, + MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL); } static inline int mbedtls_ssl_conf_tls13_ephemeral_enabled(mbedtls_ssl_context *ssl) { - return !mbedtls_ssl_conf_tls13_check_kex_modes(ssl, - MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL); + return mbedtls_ssl_conf_tls13_is_kex_mode_enabled(ssl, + MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL); } static inline int mbedtls_ssl_conf_tls13_some_ephemeral_enabled(mbedtls_ssl_context *ssl) { - return !mbedtls_ssl_conf_tls13_check_kex_modes(ssl, - MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ALL); + return mbedtls_ssl_conf_tls13_is_kex_mode_enabled(ssl, + MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ALL); } static inline int mbedtls_ssl_conf_tls13_some_psk_enabled(mbedtls_ssl_context *ssl) { - return !mbedtls_ssl_conf_tls13_check_kex_modes(ssl, - MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL); + return mbedtls_ssl_conf_tls13_is_kex_mode_enabled(ssl, + MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL); } #if defined(MBEDTLS_SSL_SRV_C) && \ diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index 7844cedbec..c2cd18d920 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -684,7 +684,7 @@ static int ssl_tls13_has_configured_ticket(mbedtls_ssl_context *ssl) mbedtls_ssl_session *session = ssl->session_negotiate; return ssl->handshake->resume && session != NULL && session->ticket != NULL && - !mbedtls_ssl_conf_tls13_check_kex_modes( + mbedtls_ssl_conf_tls13_is_kex_mode_enabled( ssl, mbedtls_ssl_session_get_ticket_flags( session, MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL)); } @@ -1879,7 +1879,7 @@ static int ssl_tls13_postprocess_server_hello(mbedtls_ssl_context *ssl) goto cleanup; } - if (mbedtls_ssl_conf_tls13_check_kex_modes( + if (!mbedtls_ssl_conf_tls13_is_kex_mode_enabled( ssl, handshake->key_exchange_mode)) { ret = MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE; MBEDTLS_SSL_DEBUG_MSG( From d72e858fd154a6ec37edf0a32ef5063feb9f922d Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Fri, 10 Nov 2023 10:37:18 +0800 Subject: [PATCH 12/27] tls13: srv: rename ssl_tls13_ticket_permission_check The function is renamed to ssl_tls13_ticket_is_kex_mode_permitted Signed-off-by: Pengyu Lv --- library/ssl_tls13_server.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 6c42b73f42..6995f47145 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -1003,8 +1003,8 @@ static int ssl_tls13_client_hello_has_exts_for_psk_ephemeral_key_exchange( #if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_tls13_ticket_permission_check(mbedtls_ssl_context *ssl, - unsigned int kex_mode) +static int ssl_tls13_ticket_is_kex_mode_permitted(mbedtls_ssl_context *ssl, + unsigned int kex_mode) { #if defined(MBEDTLS_SSL_SESSION_TICKETS) if (ssl->handshake->resume) { @@ -1037,7 +1037,7 @@ MBEDTLS_CHECK_RETURN_CRITICAL static int ssl_tls13_key_exchange_psk_available(mbedtls_ssl_context *ssl) { #if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED) - return ssl_tls13_ticket_permission_check( + return ssl_tls13_ticket_is_kex_mode_permitted( ssl, MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK) && mbedtls_ssl_conf_tls13_psk_enabled(ssl) && mbedtls_ssl_tls13_psk_enabled(ssl) && @@ -1052,7 +1052,7 @@ MBEDTLS_CHECK_RETURN_CRITICAL static int ssl_tls13_key_exchange_psk_ephemeral_available(mbedtls_ssl_context *ssl) { #if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED) - return ssl_tls13_ticket_permission_check( + return ssl_tls13_ticket_is_kex_mode_permitted( ssl, MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL) && mbedtls_ssl_conf_tls13_psk_ephemeral_enabled(ssl) && mbedtls_ssl_tls13_psk_ephemeral_enabled(ssl) && From 4f537f73fa11ae22bfa9df0fb672e34be9c08e2a Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Mon, 13 Nov 2023 18:07:22 +0800 Subject: [PATCH 13/27] tls13: rename mbedtls_ssl_session_check_ticket_flags The function is renamed to mbedtls_ssl_session_ticket_has_flags. Descriptions are added. Signed-off-by: Pengyu Lv --- library/ssl_misc.h | 22 ++++++++++++++-------- library/ssl_tls13_server.c | 2 +- 2 files changed, 15 insertions(+), 9 deletions(-) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 8628384333..b6f213ef02 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -2776,24 +2776,30 @@ static inline unsigned int mbedtls_ssl_session_get_ticket_flags( (flags & MBEDTLS_SSL_TLS1_3_TICKET_FLAGS_MASK); } -static inline unsigned int mbedtls_ssl_session_check_ticket_flags( +/** + * Check if at least one of the given flags is set in + * the session ticket. See the definition of + * `MBEDTLS_SSL_TLS1_3_TICKET_FLAGS_MASK` to get all + * permitted flags. + */ +static inline int mbedtls_ssl_session_ticket_has_flags( mbedtls_ssl_session *session, unsigned int flags) { - return mbedtls_ssl_session_get_ticket_flags(session, flags) == 0; + return mbedtls_ssl_session_get_ticket_flags(session, flags) != 0; } -static inline unsigned int mbedtls_ssl_session_ticket_allow_psk( +static inline int mbedtls_ssl_session_ticket_allow_psk( mbedtls_ssl_session *session) { - return !mbedtls_ssl_session_check_ticket_flags(session, - MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_PSK_RESUMPTION); + return mbedtls_ssl_session_ticket_has_flags(session, + MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_PSK_RESUMPTION); } -static inline unsigned int mbedtls_ssl_session_ticket_allow_psk_ephemeral( +static inline int mbedtls_ssl_session_ticket_allow_psk_ephemeral( mbedtls_ssl_session *session) { - return !mbedtls_ssl_session_check_ticket_flags(session, - MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_PSK_EPHEMERAL_RESUMPTION); + return mbedtls_ssl_session_ticket_has_flags(session, + MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_PSK_EPHEMERAL_RESUMPTION); } static inline unsigned int mbedtls_ssl_session_ticket_allow_early_data( diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 6995f47145..53a01cf71f 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -1008,7 +1008,7 @@ static int ssl_tls13_ticket_is_kex_mode_permitted(mbedtls_ssl_context *ssl, { #if defined(MBEDTLS_SSL_SESSION_TICKETS) if (ssl->handshake->resume) { - if (mbedtls_ssl_session_check_ticket_flags( + if (!mbedtls_ssl_session_ticket_has_flags( ssl->session_negotiate, kex_mode)) { return 0; } From 0a1ff2b969d9750d66185bbf6ff61e94f2a0b476 Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Tue, 14 Nov 2023 11:03:32 +0800 Subject: [PATCH 14/27] Consistent renaming Signed-off-by: Pengyu Lv --- library/ssl_client.c | 6 +++--- library/ssl_misc.h | 10 +++++----- library/ssl_tls.c | 2 +- library/ssl_tls13_client.c | 16 ++++++++-------- library/ssl_tls13_server.c | 6 +++--- 5 files changed, 20 insertions(+), 20 deletions(-) diff --git a/library/ssl_client.c b/library/ssl_client.c index 270db41683..d585ca5246 100644 --- a/library/ssl_client.c +++ b/library/ssl_client.c @@ -609,7 +609,7 @@ static int ssl_write_client_hello_body(mbedtls_ssl_context *ssl, int ssl_write_supported_groups_ext_flags = 0; #if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_EPHEMERAL_ENABLED) - if (propose_tls13 && mbedtls_ssl_conf_tls13_some_ephemeral_enabled(ssl)) { + if (propose_tls13 && mbedtls_ssl_conf_tls13_is_some_ephemeral_enabled(ssl)) { ssl_write_supported_groups_ext_flags |= SSL_WRITE_SUPPORTED_GROUPS_EXT_TLS1_3_FLAG; } @@ -637,7 +637,7 @@ static int ssl_write_client_hello_body(mbedtls_ssl_context *ssl, int write_sig_alg_ext = 0; #if defined(MBEDTLS_SSL_PROTO_TLS1_3) write_sig_alg_ext = write_sig_alg_ext || - (propose_tls13 && mbedtls_ssl_conf_tls13_ephemeral_enabled(ssl)); + (propose_tls13 && mbedtls_ssl_conf_tls13_is_ephemeral_enabled(ssl)); #endif #if defined(MBEDTLS_SSL_PROTO_TLS1_2) write_sig_alg_ext = write_sig_alg_ext || propose_tls12; @@ -668,7 +668,7 @@ static int ssl_write_client_hello_body(mbedtls_ssl_context *ssl, /* The "pre_shared_key" extension (RFC 8446 Section 4.2.11) * MUST be the last extension in the ClientHello. */ - if (propose_tls13 && mbedtls_ssl_conf_tls13_some_psk_enabled(ssl)) { + if (propose_tls13 && mbedtls_ssl_conf_tls13_is_some_psk_enabled(ssl)) { ret = mbedtls_ssl_tls13_write_identities_of_pre_shared_key_ext( ssl, p, end, &output_len, binders_len); if (ret != 0) { diff --git a/library/ssl_misc.h b/library/ssl_misc.h index b6f213ef02..e362ebd9d2 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -1907,31 +1907,31 @@ static inline int mbedtls_ssl_conf_tls13_is_kex_mode_enabled(mbedtls_ssl_context return (ssl->conf->tls13_kex_modes & kex_mode_mask) != 0; } -static inline int mbedtls_ssl_conf_tls13_psk_enabled(mbedtls_ssl_context *ssl) +static inline int mbedtls_ssl_conf_tls13_is_psk_enabled(mbedtls_ssl_context *ssl) { return mbedtls_ssl_conf_tls13_is_kex_mode_enabled(ssl, MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK); } -static inline int mbedtls_ssl_conf_tls13_psk_ephemeral_enabled(mbedtls_ssl_context *ssl) +static inline int mbedtls_ssl_conf_tls13_is_psk_ephemeral_enabled(mbedtls_ssl_context *ssl) { return mbedtls_ssl_conf_tls13_is_kex_mode_enabled(ssl, MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL); } -static inline int mbedtls_ssl_conf_tls13_ephemeral_enabled(mbedtls_ssl_context *ssl) +static inline int mbedtls_ssl_conf_tls13_is_ephemeral_enabled(mbedtls_ssl_context *ssl) { return mbedtls_ssl_conf_tls13_is_kex_mode_enabled(ssl, MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL); } -static inline int mbedtls_ssl_conf_tls13_some_ephemeral_enabled(mbedtls_ssl_context *ssl) +static inline int mbedtls_ssl_conf_tls13_is_some_ephemeral_enabled(mbedtls_ssl_context *ssl) { return mbedtls_ssl_conf_tls13_is_kex_mode_enabled(ssl, MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ALL); } -static inline int mbedtls_ssl_conf_tls13_some_psk_enabled(mbedtls_ssl_context *ssl) +static inline int mbedtls_ssl_conf_tls13_is_some_psk_enabled(mbedtls_ssl_context *ssl) { return mbedtls_ssl_conf_tls13_is_kex_mode_enabled(ssl, MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL); diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 4daf2e7eec..1a66d915fc 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -1342,7 +1342,7 @@ static int ssl_conf_check(const mbedtls_ssl_context *ssl) * bad config. * */ - if (mbedtls_ssl_conf_tls13_ephemeral_enabled( + if (mbedtls_ssl_conf_tls13_is_ephemeral_enabled( (mbedtls_ssl_context *) ssl) && ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT && ssl->conf->max_tls_version == MBEDTLS_SSL_VERSION_TLS1_3 && diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index c2cd18d920..82ebe7e60e 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -621,7 +621,7 @@ static int ssl_tls13_write_psk_key_exchange_modes_ext(mbedtls_ssl_context *ssl, /* Skip writing extension if no PSK key exchange mode * is enabled in the config. */ - if (!mbedtls_ssl_conf_tls13_some_psk_enabled(ssl)) { + if (!mbedtls_ssl_conf_tls13_is_some_psk_enabled(ssl)) { MBEDTLS_SSL_DEBUG_MSG(3, ("skip psk_key_exchange_modes extension")); return 0; } @@ -640,14 +640,14 @@ static int ssl_tls13_write_psk_key_exchange_modes_ext(mbedtls_ssl_context *ssl, */ p += 5; - if (mbedtls_ssl_conf_tls13_psk_ephemeral_enabled(ssl)) { + if (mbedtls_ssl_conf_tls13_is_psk_ephemeral_enabled(ssl)) { *p++ = MBEDTLS_SSL_TLS1_3_PSK_MODE_ECDHE; ke_modes_len++; MBEDTLS_SSL_DEBUG_MSG(4, ("Adding PSK-ECDHE key exchange mode")); } - if (mbedtls_ssl_conf_tls13_psk_enabled(ssl)) { + if (mbedtls_ssl_conf_tls13_is_psk_enabled(ssl)) { *p++ = MBEDTLS_SSL_TLS1_3_PSK_MODE_PURE; ke_modes_len++; @@ -1161,7 +1161,7 @@ int mbedtls_ssl_tls13_write_client_hello_exts(mbedtls_ssl_context *ssl, p += ext_len; #if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_EPHEMERAL_ENABLED) - if (mbedtls_ssl_conf_tls13_some_ephemeral_enabled(ssl)) { + if (mbedtls_ssl_conf_tls13_is_some_ephemeral_enabled(ssl)) { ret = ssl_tls13_write_key_share_ext(ssl, p, end, &ext_len); if (ret != 0) { return ret; @@ -1171,7 +1171,7 @@ int mbedtls_ssl_tls13_write_client_hello_exts(mbedtls_ssl_context *ssl, #endif #if defined(MBEDTLS_SSL_EARLY_DATA) - if (mbedtls_ssl_conf_tls13_some_psk_enabled(ssl) && + if (mbedtls_ssl_conf_tls13_is_some_psk_enabled(ssl) && ssl_tls13_early_data_has_valid_ticket(ssl) && ssl->conf->early_data_enabled == MBEDTLS_SSL_EARLY_DATA_ENABLED) { @@ -1457,7 +1457,7 @@ static int ssl_tls13_preprocess_server_hello(mbedtls_ssl_context *ssl, ssl, MBEDTLS_SSL_HS_SERVER_HELLO, buf, (size_t) (end - buf))); - if (mbedtls_ssl_conf_tls13_some_ephemeral_enabled(ssl)) { + if (mbedtls_ssl_conf_tls13_is_some_ephemeral_enabled(ssl)) { ret = ssl_tls13_reset_key_share(ssl); if (ret != 0) { return ret; @@ -1499,7 +1499,7 @@ static int ssl_tls13_preprocess_server_hello(mbedtls_ssl_context *ssl, * in the ClientHello. * In a PSK only key exchange that what we expect. */ - if (!mbedtls_ssl_conf_tls13_some_ephemeral_enabled(ssl)) { + if (!mbedtls_ssl_conf_tls13_is_some_ephemeral_enabled(ssl)) { MBEDTLS_SSL_DEBUG_MSG(1, ("Unexpected HRR in pure PSK key exchange.")); MBEDTLS_SSL_PEND_FATAL_ALERT( @@ -1776,7 +1776,7 @@ static int ssl_tls13_parse_server_hello(mbedtls_ssl_context *ssl, case MBEDTLS_TLS_EXT_KEY_SHARE: MBEDTLS_SSL_DEBUG_MSG(3, ("found key_shares extension")); - if (!mbedtls_ssl_conf_tls13_some_ephemeral_enabled(ssl)) { + if (!mbedtls_ssl_conf_tls13_is_some_ephemeral_enabled(ssl)) { fatal_alert = MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT; goto cleanup; } diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 53a01cf71f..4fff15d7f1 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -1025,7 +1025,7 @@ MBEDTLS_CHECK_RETURN_CRITICAL static int ssl_tls13_key_exchange_ephemeral_available(mbedtls_ssl_context *ssl) { #if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED) - return mbedtls_ssl_conf_tls13_ephemeral_enabled(ssl) && + return mbedtls_ssl_conf_tls13_is_ephemeral_enabled(ssl) && ssl_tls13_client_hello_has_exts_for_ephemeral_key_exchange(ssl); #else ((void) ssl); @@ -1039,7 +1039,7 @@ static int ssl_tls13_key_exchange_psk_available(mbedtls_ssl_context *ssl) #if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED) return ssl_tls13_ticket_is_kex_mode_permitted( ssl, MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK) && - mbedtls_ssl_conf_tls13_psk_enabled(ssl) && + mbedtls_ssl_conf_tls13_is_psk_enabled(ssl) && mbedtls_ssl_tls13_psk_enabled(ssl) && ssl_tls13_client_hello_has_exts_for_psk_key_exchange(ssl); #else @@ -1054,7 +1054,7 @@ static int ssl_tls13_key_exchange_psk_ephemeral_available(mbedtls_ssl_context *s #if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED) return ssl_tls13_ticket_is_kex_mode_permitted( ssl, MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL) && - mbedtls_ssl_conf_tls13_psk_ephemeral_enabled(ssl) && + mbedtls_ssl_conf_tls13_is_psk_ephemeral_enabled(ssl) && mbedtls_ssl_tls13_psk_ephemeral_enabled(ssl) && ssl_tls13_client_hello_has_exts_for_psk_ephemeral_key_exchange(ssl); #else From 2333b826f4e33bf233e617914866f19990e1d0bc Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Tue, 14 Nov 2023 12:03:49 +0800 Subject: [PATCH 15/27] tls13: srv: rename mbedtls_ssl_tls13_check_kex_modes The function is renamed to `mbedtls_ssl_tls13_is_kex_mode_supported` and the behaviour is reversed. Signed-off-by: Pengyu Lv --- library/ssl_misc.h | 32 ++++++++++++++++---------------- 1 file changed, 16 insertions(+), 16 deletions(-) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index e362ebd9d2..1439ca0f16 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -1941,49 +1941,49 @@ static inline int mbedtls_ssl_conf_tls13_is_some_psk_enabled(mbedtls_ssl_context defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED) /** * Given a list of key exchange modes, check if at least one of them is - * supported. + * supported by peer. * * \param[in] ssl SSL context * \param kex_modes_mask Mask of the key exchange modes to check * - * \return 0 if at least one of the key exchange modes is supported, - * !=0 otherwise. + * \return True, if at least one of the key exchange modes is supported, + * False, otherwise. */ -static inline unsigned mbedtls_ssl_tls13_check_kex_modes(mbedtls_ssl_context *ssl, - int kex_modes_mask) +static inline int mbedtls_ssl_tls13_is_kex_mode_supported(mbedtls_ssl_context *ssl, + int kex_modes_mask) { - return (ssl->handshake->tls13_kex_modes & kex_modes_mask) == 0; + return (ssl->handshake->tls13_kex_modes & kex_modes_mask) != 0; } static inline int mbedtls_ssl_tls13_psk_enabled(mbedtls_ssl_context *ssl) { - return !mbedtls_ssl_tls13_check_kex_modes(ssl, - MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK); + return mbedtls_ssl_tls13_is_kex_mode_supported(ssl, + MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK); } static inline int mbedtls_ssl_tls13_psk_ephemeral_enabled( mbedtls_ssl_context *ssl) { - return !mbedtls_ssl_tls13_check_kex_modes(ssl, - MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL); + return mbedtls_ssl_tls13_is_kex_mode_supported(ssl, + MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL); } static inline int mbedtls_ssl_tls13_ephemeral_enabled(mbedtls_ssl_context *ssl) { - return !mbedtls_ssl_tls13_check_kex_modes(ssl, - MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL); + return mbedtls_ssl_tls13_is_kex_mode_supported(ssl, + MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL); } static inline int mbedtls_ssl_tls13_some_ephemeral_enabled(mbedtls_ssl_context *ssl) { - return !mbedtls_ssl_tls13_check_kex_modes(ssl, - MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ALL); + return mbedtls_ssl_tls13_is_kex_mode_supported(ssl, + MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ALL); } static inline int mbedtls_ssl_tls13_some_psk_enabled(mbedtls_ssl_context *ssl) { - return !mbedtls_ssl_tls13_check_kex_modes(ssl, - MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL); + return mbedtls_ssl_tls13_is_kex_mode_supported(ssl, + MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL); } #endif /* MBEDTLS_SSL_SRV_C && MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED */ From b2cfafbb9e65e98b98f2d53bdff6824782bdc5a8 Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Tue, 14 Nov 2023 13:56:13 +0800 Subject: [PATCH 16/27] Consistent renaming Signed-off-by: Pengyu Lv --- library/ssl_misc.h | 10 +++++----- library/ssl_tls13_server.c | 6 +++--- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 1439ca0f16..e756c9aed6 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -1955,32 +1955,32 @@ static inline int mbedtls_ssl_tls13_is_kex_mode_supported(mbedtls_ssl_context *s return (ssl->handshake->tls13_kex_modes & kex_modes_mask) != 0; } -static inline int mbedtls_ssl_tls13_psk_enabled(mbedtls_ssl_context *ssl) +static inline int mbedtls_ssl_tls13_is_psk_supported(mbedtls_ssl_context *ssl) { return mbedtls_ssl_tls13_is_kex_mode_supported(ssl, MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK); } -static inline int mbedtls_ssl_tls13_psk_ephemeral_enabled( +static inline int mbedtls_ssl_tls13_is_psk_ephemeral_supported( mbedtls_ssl_context *ssl) { return mbedtls_ssl_tls13_is_kex_mode_supported(ssl, MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL); } -static inline int mbedtls_ssl_tls13_ephemeral_enabled(mbedtls_ssl_context *ssl) +static inline int mbedtls_ssl_tls13_is_ephemeral_supported(mbedtls_ssl_context *ssl) { return mbedtls_ssl_tls13_is_kex_mode_supported(ssl, MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL); } -static inline int mbedtls_ssl_tls13_some_ephemeral_enabled(mbedtls_ssl_context *ssl) +static inline int mbedtls_ssl_tls13_is_some_ephemeral_supported(mbedtls_ssl_context *ssl) { return mbedtls_ssl_tls13_is_kex_mode_supported(ssl, MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ALL); } -static inline int mbedtls_ssl_tls13_some_psk_enabled(mbedtls_ssl_context *ssl) +static inline int mbedtls_ssl_tls13_is_some_psk_supported(mbedtls_ssl_context *ssl) { return mbedtls_ssl_tls13_is_kex_mode_supported(ssl, MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL); diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 4fff15d7f1..5c4f2ea81d 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -1040,7 +1040,7 @@ static int ssl_tls13_key_exchange_psk_available(mbedtls_ssl_context *ssl) return ssl_tls13_ticket_is_kex_mode_permitted( ssl, MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK) && mbedtls_ssl_conf_tls13_is_psk_enabled(ssl) && - mbedtls_ssl_tls13_psk_enabled(ssl) && + mbedtls_ssl_tls13_is_psk_supported(ssl) && ssl_tls13_client_hello_has_exts_for_psk_key_exchange(ssl); #else ((void) ssl); @@ -1055,7 +1055,7 @@ static int ssl_tls13_key_exchange_psk_ephemeral_available(mbedtls_ssl_context *s return ssl_tls13_ticket_is_kex_mode_permitted( ssl, MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL) && mbedtls_ssl_conf_tls13_is_psk_ephemeral_enabled(ssl) && - mbedtls_ssl_tls13_psk_ephemeral_enabled(ssl) && + mbedtls_ssl_tls13_is_psk_ephemeral_supported(ssl) && ssl_tls13_client_hello_has_exts_for_psk_ephemeral_key_exchange(ssl); #else ((void) ssl); @@ -3072,7 +3072,7 @@ static int ssl_tls13_handshake_wrapup(mbedtls_ssl_context *ssl) * expected to be resolved with issue#6395. */ /* Sent NewSessionTicket message only when client supports PSK */ - if (mbedtls_ssl_tls13_some_psk_enabled(ssl)) { + if (mbedtls_ssl_tls13_is_some_psk_supported(ssl)) { mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_TLS1_3_NEW_SESSION_TICKET); } else From bc4aab7673ac6946f34563b99e6cd6d0757691b8 Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Fri, 1 Dec 2023 15:37:24 +0800 Subject: [PATCH 17/27] Add "_is_" to functions ssl_tls13_key_exchange_.*_available Done by command: ``` sed -i \ "s/ssl_tls13_key_exchange_\(.*\)_available/ssl_tls13_key_exchange_is_\1_available/g" \ library/*.[ch] ``` Signed-off-by: Pengyu Lv --- library/ssl_tls13_server.c | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 5c4f2ea81d..e5e510ba3a 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -95,9 +95,9 @@ static int ssl_tls13_parse_key_exchange_modes_ext(mbedtls_ssl_context *ssl, #if defined(MBEDTLS_SSL_SESSION_TICKETS) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_tls13_key_exchange_psk_available(mbedtls_ssl_context *ssl); +static int ssl_tls13_key_exchange_is_psk_available(mbedtls_ssl_context *ssl); MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_tls13_key_exchange_psk_ephemeral_available(mbedtls_ssl_context *ssl); +static int ssl_tls13_key_exchange_is_psk_ephemeral_available(mbedtls_ssl_context *ssl); MBEDTLS_CHECK_RETURN_CRITICAL static int ssl_tls13_offered_psks_check_identity_match_ticket( @@ -176,11 +176,11 @@ static int ssl_tls13_offered_psks_check_identity_match_ticket( key_exchanges = 0; if (mbedtls_ssl_session_ticket_allow_psk_ephemeral(session) && - ssl_tls13_key_exchange_psk_ephemeral_available(ssl)) { + ssl_tls13_key_exchange_is_psk_ephemeral_available(ssl)) { key_exchanges |= MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL; } if (mbedtls_ssl_session_ticket_allow_psk(session) && - ssl_tls13_key_exchange_psk_available(ssl)) { + ssl_tls13_key_exchange_is_psk_available(ssl)) { key_exchanges |= MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK; } @@ -1022,7 +1022,7 @@ static int ssl_tls13_ticket_is_kex_mode_permitted(mbedtls_ssl_context *ssl, #endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED */ MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_tls13_key_exchange_ephemeral_available(mbedtls_ssl_context *ssl) +static int ssl_tls13_key_exchange_is_ephemeral_available(mbedtls_ssl_context *ssl) { #if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED) return mbedtls_ssl_conf_tls13_is_ephemeral_enabled(ssl) && @@ -1034,7 +1034,7 @@ static int ssl_tls13_key_exchange_ephemeral_available(mbedtls_ssl_context *ssl) } MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_tls13_key_exchange_psk_available(mbedtls_ssl_context *ssl) +static int ssl_tls13_key_exchange_is_psk_available(mbedtls_ssl_context *ssl) { #if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED) return ssl_tls13_ticket_is_kex_mode_permitted( @@ -1049,7 +1049,7 @@ static int ssl_tls13_key_exchange_psk_available(mbedtls_ssl_context *ssl) } MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_tls13_key_exchange_psk_ephemeral_available(mbedtls_ssl_context *ssl) +static int ssl_tls13_key_exchange_is_psk_ephemeral_available(mbedtls_ssl_context *ssl) { #if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED) return ssl_tls13_ticket_is_kex_mode_permitted( @@ -1083,17 +1083,17 @@ static int ssl_tls13_determine_key_exchange_mode(mbedtls_ssl_context *ssl) ssl->handshake->key_exchange_mode = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_NONE; - if (ssl_tls13_key_exchange_psk_ephemeral_available(ssl)) { + if (ssl_tls13_key_exchange_is_psk_ephemeral_available(ssl)) { ssl->handshake->key_exchange_mode = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL; MBEDTLS_SSL_DEBUG_MSG(2, ("key exchange mode: psk_ephemeral")); } else - if (ssl_tls13_key_exchange_ephemeral_available(ssl)) { + if (ssl_tls13_key_exchange_is_ephemeral_available(ssl)) { ssl->handshake->key_exchange_mode = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL; MBEDTLS_SSL_DEBUG_MSG(2, ("key exchange mode: ephemeral")); } else - if (ssl_tls13_key_exchange_psk_available(ssl)) { + if (ssl_tls13_key_exchange_is_psk_available(ssl)) { ssl->handshake->key_exchange_mode = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK; MBEDTLS_SSL_DEBUG_MSG(2, ("key exchange mode: psk")); @@ -1737,8 +1737,8 @@ static int ssl_tls13_parse_client_hello(mbedtls_ssl_context *ssl, * - The content up to but excluding the PSK extension, if present. */ /* If we've settled on a PSK-based exchange, parse PSK identity ext */ - if (ssl_tls13_key_exchange_psk_available(ssl) || - ssl_tls13_key_exchange_psk_ephemeral_available(ssl)) { + if (ssl_tls13_key_exchange_is_psk_available(ssl) || + ssl_tls13_key_exchange_is_psk_ephemeral_available(ssl)) { ret = handshake->update_checksum(ssl, buf, pre_shared_key_ext - buf); if (0 != ret) { From 02e72f65da309885c4ae8e0b816cc269e0c1eba2 Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Mon, 4 Dec 2023 16:11:51 +0800 Subject: [PATCH 18/27] Reword return value description for mbedtls_ssl_tls13_is_kex_mode_supported Signed-off-by: Pengyu Lv --- library/ssl_misc.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index e756c9aed6..5e2aa60964 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -1946,8 +1946,8 @@ static inline int mbedtls_ssl_conf_tls13_is_some_psk_enabled(mbedtls_ssl_context * \param[in] ssl SSL context * \param kex_modes_mask Mask of the key exchange modes to check * - * \return True, if at least one of the key exchange modes is supported, - * False, otherwise. + * \return Non-zero, if at least one of the key exchange modes is supported by + * the peer, otherwise \0. */ static inline int mbedtls_ssl_tls13_is_kex_mode_supported(mbedtls_ssl_context *ssl, int kex_modes_mask) From abd844f379884cde62e07b36546b2aff07277fdd Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Tue, 5 Dec 2023 15:28:58 +0800 Subject: [PATCH 19/27] Fix wrong format in the function doc Signed-off-by: Pengyu Lv --- library/ssl_misc.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 5e2aa60964..32bef110e5 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -1946,8 +1946,8 @@ static inline int mbedtls_ssl_conf_tls13_is_some_psk_enabled(mbedtls_ssl_context * \param[in] ssl SSL context * \param kex_modes_mask Mask of the key exchange modes to check * - * \return Non-zero, if at least one of the key exchange modes is supported by - * the peer, otherwise \0. + * \return Non-zero if at least one of the key exchange modes is supported by + * the peer, otherwise \c 0. */ static inline int mbedtls_ssl_tls13_is_kex_mode_supported(mbedtls_ssl_context *ssl, int kex_modes_mask) From 408ba6f7b8cdd8180972e2ed2af8fad234a36416 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Fri, 8 Dec 2023 10:18:03 +0800 Subject: [PATCH 20/27] tls13: srv: replace with internal API to check is_tls12_enabled Signed-off-by: Yanray Wang --- library/ssl_tls13_server.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index b3f25b5e87..eb0b5281af 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -1921,7 +1921,7 @@ static int ssl_tls13_process_client_hello(mbedtls_ssl_context *ssl) */ if (SSL_CLIENT_HELLO_TLS1_2 == parse_client_hello_ret) { /* Check if server supports TLS 1.2 */ - if (ssl->conf->min_tls_version > MBEDTLS_SSL_VERSION_TLS1_2) { + if (!mbedtls_ssl_conf_is_tls12_enabled(ssl->conf)) { MBEDTLS_SSL_DEBUG_MSG( 1, ("Unsupported version of TLS 1.2 was received")); MBEDTLS_SSL_PEND_FATAL_ALERT( From 177e49ad7a2e1827089ff28484b985068a626985 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Fri, 8 Dec 2023 10:51:04 +0800 Subject: [PATCH 21/27] tls13: srv: improve DEBUG_MSG in case of TLS 1.2 disabled Signed-off-by: Yanray Wang --- library/ssl_tls13_server.c | 2 +- tests/ssl-opt.sh | 3 +-- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index eb0b5281af..52d2db6e77 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -1923,7 +1923,7 @@ static int ssl_tls13_process_client_hello(mbedtls_ssl_context *ssl) /* Check if server supports TLS 1.2 */ if (!mbedtls_ssl_conf_is_tls12_enabled(ssl->conf)) { MBEDTLS_SSL_DEBUG_MSG( - 1, ("Unsupported version of TLS 1.2 was received")); + 1, ("TLS 1.2 not supported.")); MBEDTLS_SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER, MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER); diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index e67cf02f08..764fb4a948 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -11626,8 +11626,7 @@ run_test "TLS 1.3 m->m: Not supported version check: cli TLS 1.2 only, srv TLS 1 -c "supported_versions(43) extension does not exist." \ -c "A fatal alert message was received from our peer" \ -s "The SSL configuration is tls13 only" \ - -s "Unsupported version of TLS 1.2 was received" \ - -s "! mbedtls_ssl_handshake returned" + -s "TLS 1.2 not supported." requires_openssl_tls1_3_with_compatible_ephemeral requires_config_enabled MBEDTLS_DEBUG_C From 2bef917a3c11090d063aa2ebd59d445e185dbdb7 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Fri, 8 Dec 2023 10:21:53 +0800 Subject: [PATCH 22/27] tls13: srv: return BAD_PROTOCOL_VERSION if chosen unsupported version Signed-off-by: Yanray Wang --- library/ssl_tls13_server.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 52d2db6e77..3baff36e7d 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -1925,9 +1925,9 @@ static int ssl_tls13_process_client_hello(mbedtls_ssl_context *ssl) MBEDTLS_SSL_DEBUG_MSG( 1, ("TLS 1.2 not supported.")); MBEDTLS_SSL_PEND_FATAL_ALERT( - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER, - MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER); - return MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER; + MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION, + MBEDTLS_ERR_SSL_BAD_PROTOCOL_VERSION); + return MBEDTLS_ERR_SSL_BAD_PROTOCOL_VERSION; } ssl->keep_current_message = 1; ssl->tls_version = MBEDTLS_SSL_VERSION_TLS1_2; From 90acdc65e582151a58189ac0651036568316155e Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Fri, 8 Dec 2023 10:29:42 +0800 Subject: [PATCH 23/27] tl13: srv: improve comment Improve comment when received version 1.2 of the protocol while TLS 1.2 is disabled on server side. Signed-off-by: Yanray Wang --- library/ssl_tls13_server.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 3baff36e7d..67bf6daaee 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -1913,7 +1913,8 @@ static int ssl_tls13_process_client_hello(mbedtls_ssl_context *ssl) * by MBEDTLS_SSL_PROC_CHK_NEG. */ /* - * Version 1.2 of the protocol has been chosen, set the + * Version 1.2 of the protocol has to be used for the handshake. + * If TLS 1.2 is not supported, abort the handshake. Otherwise, set the * ssl->keep_current_message flag for the ClientHello to be kept and parsed * as a TLS 1.2 ClientHello. We also change ssl->tls_version to * MBEDTLS_SSL_VERSION_TLS1_2 thus from now on mbedtls_ssl_handshake_step() From e9be2a259e831e6de4eec5808d0c328a5f9e5258 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Fri, 8 Dec 2023 10:38:13 +0800 Subject: [PATCH 24/27] fix-tls13-server-min-version-check.txt: rephrase ChangeLog Signed-off-by: Yanray Wang --- ChangeLog.d/fix-tls13-server-min-version-check.txt | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/ChangeLog.d/fix-tls13-server-min-version-check.txt b/ChangeLog.d/fix-tls13-server-min-version-check.txt index b05ad7c542..258ec6d38c 100644 --- a/ChangeLog.d/fix-tls13-server-min-version-check.txt +++ b/ChangeLog.d/fix-tls13-server-min-version-check.txt @@ -1,4 +1,3 @@ Bugfix - * Add missing check for `min_tls_version` in TLS 1.3 server-side. - Without this, TLS 1.3 server may downgrade protocol to a TLS version - below its supported minimum TLS version. Fixes #8593. + * Fix TLS server accepting TLS 1.2 handshake while TLS 1.2 + is disabled at runtime. Fixes #8593. From 94a42ccb3e26554498c6e4a3e78c6822036fc931 Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Wed, 6 Dec 2023 10:04:17 +0800 Subject: [PATCH 25/27] Add tls13 in ticket flags helper function names ``` sed -i \ "s/\(mbedtls_ssl\)_\(session_\(\w*_\)\?ticket\)/\1_tls13_\2/g" \ library/*.[ch] ``` Signed-off-by: Pengyu Lv --- library/ssl_misc.h | 28 ++++++++++++++-------------- library/ssl_tls13_client.c | 10 +++++----- library/ssl_tls13_server.c | 16 ++++++++-------- 3 files changed, 27 insertions(+), 27 deletions(-) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 32bef110e5..71d1407614 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -2769,7 +2769,7 @@ int mbedtls_ssl_session_set_hostname(mbedtls_ssl_session *session, #define MBEDTLS_SSL_TLS1_3_MAX_ALLOWED_TICKET_LIFETIME (604800) -static inline unsigned int mbedtls_ssl_session_get_ticket_flags( +static inline unsigned int mbedtls_ssl_tls13_session_get_ticket_flags( mbedtls_ssl_session *session, unsigned int flags) { return session->ticket_flags & @@ -2782,40 +2782,40 @@ static inline unsigned int mbedtls_ssl_session_get_ticket_flags( * `MBEDTLS_SSL_TLS1_3_TICKET_FLAGS_MASK` to get all * permitted flags. */ -static inline int mbedtls_ssl_session_ticket_has_flags( +static inline int mbedtls_ssl_tls13_session_ticket_has_flags( mbedtls_ssl_session *session, unsigned int flags) { - return mbedtls_ssl_session_get_ticket_flags(session, flags) != 0; + return mbedtls_ssl_tls13_session_get_ticket_flags(session, flags) != 0; } -static inline int mbedtls_ssl_session_ticket_allow_psk( +static inline int mbedtls_ssl_tls13_session_ticket_allow_psk( mbedtls_ssl_session *session) { - return mbedtls_ssl_session_ticket_has_flags(session, - MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_PSK_RESUMPTION); + return mbedtls_ssl_tls13_session_ticket_has_flags( + session, MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_PSK_RESUMPTION); } -static inline int mbedtls_ssl_session_ticket_allow_psk_ephemeral( +static inline int mbedtls_ssl_tls13_session_ticket_allow_psk_ephemeral( mbedtls_ssl_session *session) { - return mbedtls_ssl_session_ticket_has_flags(session, - MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_PSK_EPHEMERAL_RESUMPTION); + return mbedtls_ssl_tls13_session_ticket_has_flags( + session, MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_PSK_EPHEMERAL_RESUMPTION); } -static inline unsigned int mbedtls_ssl_session_ticket_allow_early_data( +static inline unsigned int mbedtls_ssl_tls13_session_ticket_allow_early_data( mbedtls_ssl_session *session) { - return !mbedtls_ssl_session_check_ticket_flags(session, - MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_EARLY_DATA); + return mbedtls_ssl_tls13_session_ticket_has_flags( + session, MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_EARLY_DATA); } -static inline void mbedtls_ssl_session_set_ticket_flags( +static inline void mbedtls_ssl_tls13_session_set_ticket_flags( mbedtls_ssl_session *session, unsigned int flags) { session->ticket_flags |= (flags & MBEDTLS_SSL_TLS1_3_TICKET_FLAGS_MASK); } -static inline void mbedtls_ssl_session_clear_ticket_flags( +static inline void mbedtls_ssl_tls13_session_clear_ticket_flags( mbedtls_ssl_session *session, unsigned int flags) { session->ticket_flags &= ~(flags & MBEDTLS_SSL_TLS1_3_TICKET_FLAGS_MASK); diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index 82ebe7e60e..e418ee01bd 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -685,7 +685,7 @@ static int ssl_tls13_has_configured_ticket(mbedtls_ssl_context *ssl) return ssl->handshake->resume && session != NULL && session->ticket != NULL && mbedtls_ssl_conf_tls13_is_kex_mode_enabled( - ssl, mbedtls_ssl_session_get_ticket_flags( + ssl, mbedtls_ssl_tls13_session_get_ticket_flags( session, MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL)); } @@ -695,7 +695,7 @@ static int ssl_tls13_early_data_has_valid_ticket(mbedtls_ssl_context *ssl) mbedtls_ssl_session *session = ssl->session_negotiate; return ssl->handshake->resume && session->tls_version == MBEDTLS_SSL_VERSION_TLS1_3 && - mbedtls_ssl_session_ticket_allow_early_data(session) && + mbedtls_ssl_tls13_session_ticket_allow_early_data(session) && mbedtls_ssl_tls13_cipher_suite_is_offered(ssl, session->ciphersuite); } #endif @@ -2685,7 +2685,7 @@ static int ssl_tls13_parse_new_session_ticket_early_data_ext( MBEDTLS_SSL_CHK_BUF_READ_PTR(buf, end, 4); session->max_early_data_size = MBEDTLS_GET_UINT32_BE(buf, 0); - mbedtls_ssl_session_set_ticket_flags( + mbedtls_ssl_tls13_session_set_ticket_flags( session, MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_EARLY_DATA); MBEDTLS_SSL_DEBUG_MSG( 3, ("received max_early_data_size: %u", @@ -2836,7 +2836,7 @@ static int ssl_tls13_parse_new_session_ticket(mbedtls_ssl_context *ssl, session->ticket_len = ticket_len; /* Clear all flags in ticket_flags */ - mbedtls_ssl_session_clear_ticket_flags( + mbedtls_ssl_tls13_session_clear_ticket_flags( session, MBEDTLS_SSL_TLS1_3_TICKET_FLAGS_MASK); MBEDTLS_SSL_CHK_BUF_READ_PTR(p, end, 2); @@ -2923,7 +2923,7 @@ static int ssl_tls13_postprocess_new_session_ticket(mbedtls_ssl_context *ssl, session->resumption_key_len); /* Set ticket_flags depends on the selected key exchange modes */ - mbedtls_ssl_session_set_ticket_flags( + mbedtls_ssl_tls13_session_set_ticket_flags( session, ssl->conf->tls13_kex_modes); MBEDTLS_SSL_PRINT_TICKET_FLAGS(4, session->ticket_flags); diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index e5e510ba3a..9f3b39897e 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -175,11 +175,11 @@ static int ssl_tls13_offered_psks_check_identity_match_ticket( MBEDTLS_SSL_PRINT_TICKET_FLAGS(4, session->ticket_flags); key_exchanges = 0; - if (mbedtls_ssl_session_ticket_allow_psk_ephemeral(session) && + if (mbedtls_ssl_tls13_session_ticket_allow_psk_ephemeral(session) && ssl_tls13_key_exchange_is_psk_ephemeral_available(ssl)) { key_exchanges |= MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL; } - if (mbedtls_ssl_session_ticket_allow_psk(session) && + if (mbedtls_ssl_tls13_session_ticket_allow_psk(session) && ssl_tls13_key_exchange_is_psk_available(ssl)) { key_exchanges |= MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK; } @@ -1008,7 +1008,7 @@ static int ssl_tls13_ticket_is_kex_mode_permitted(mbedtls_ssl_context *ssl, { #if defined(MBEDTLS_SSL_SESSION_TICKETS) if (ssl->handshake->resume) { - if (!mbedtls_ssl_session_ticket_has_flags( + if (!mbedtls_ssl_tls13_session_ticket_has_flags( ssl->session_negotiate, kex_mode)) { return 0; } @@ -1845,7 +1845,7 @@ static void ssl_tls13_update_early_data_status(mbedtls_ssl_context *ssl) } - if (!mbedtls_ssl_session_ticket_allow_early_data(ssl->session_negotiate)) { + if (!mbedtls_ssl_tls13_session_ticket_allow_early_data(ssl->session_negotiate)) { MBEDTLS_SSL_DEBUG_MSG( 1, ("EarlyData: rejected, early_data not allowed in ticket " @@ -3131,17 +3131,17 @@ static int ssl_tls13_prepare_new_session_ticket(mbedtls_ssl_context *ssl, #endif /* Set ticket_flags depends on the advertised psk key exchange mode */ - mbedtls_ssl_session_clear_ticket_flags( + mbedtls_ssl_tls13_session_clear_ticket_flags( session, MBEDTLS_SSL_TLS1_3_TICKET_FLAGS_MASK); #if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED) - mbedtls_ssl_session_set_ticket_flags( + mbedtls_ssl_tls13_session_set_ticket_flags( session, ssl->handshake->tls13_kex_modes); #endif #if defined(MBEDTLS_SSL_EARLY_DATA) if (ssl->conf->early_data_enabled == MBEDTLS_SSL_EARLY_DATA_ENABLED && ssl->conf->max_early_data_size > 0) { - mbedtls_ssl_session_set_ticket_flags( + mbedtls_ssl_tls13_session_set_ticket_flags( session, MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_EARLY_DATA); } #endif /* MBEDTLS_SSL_EARLY_DATA */ @@ -3321,7 +3321,7 @@ static int ssl_tls13_write_new_session_ticket_body(mbedtls_ssl_context *ssl, p += 2; #if defined(MBEDTLS_SSL_EARLY_DATA) - if (mbedtls_ssl_session_ticket_allow_early_data(session)) { + if (mbedtls_ssl_tls13_session_ticket_allow_early_data(session)) { size_t output_len; if ((ret = mbedtls_ssl_tls13_write_early_data_ext( From 89dd5c0654f6ed0c44d893b807ca2df14bf42d00 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bence=20Sz=C3=A9pk=C3=BAti?= Date: Fri, 15 Dec 2023 17:05:15 +0100 Subject: [PATCH 26/27] Document release components in all.sh MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Bence Szépkúti --- tests/scripts/all.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 10a76ec182..e68ad2016c 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -74,6 +74,7 @@ # * component_check_XXX: quick tests that aren't worth parallelizing. # * component_build_XXX: build things but don't run them. # * component_test_XXX: build and test. +# * component_release_XXX: tests that the CI should skip during PR testing. # * support_XXX: if support_XXX exists and returns false then # component_XXX is not run by default. # * post_XXX: things to do after running the tests. From bbb5af9eae7b35a8f10ef6e5d3db919de55374ff Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bence=20Sz=C3=A9pk=C3=BAti?= Date: Fri, 15 Dec 2023 20:58:15 +0100 Subject: [PATCH 27/27] Set OpenSSL/GnuTLS variables in release components MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Bence Szépkúti --- tests/scripts/all.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index e68ad2016c..442bd7ae0d 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -748,7 +748,7 @@ pre_check_tools () { # Require OpenSSL and GnuTLS if running any tests (as opposed to # only doing builds). Not all tests run OpenSSL and GnuTLS, but this # is a good enough approximation in practice. - *" test_"*) + *" test_"* | *" release_test_"*) # To avoid setting OpenSSL and GnuTLS for each call to compat.sh # and ssl-opt.sh, we just export the variables they require. export OPENSSL="$OPENSSL"