Merge pull request #6194 from xkqian/tls13_add_psk_client_cases

TLS 1.3: Add PSK client cases
2025-08-07 06:42:56 +03:00 · 2022-09-28 17:08:06 +02:00
parent e3358e14b2 a70bd9108a
commit 77c691f099
4 changed files with 1463 additions and 50 deletions
--- a/library/ssl_tls13_client.c
+++ b/library/ssl_tls13_client.c
@@ -1327,11 +1327,11 @@ static int ssl_tls13_parse_server_pre_shared_key_ext( mbedtls_ssl_context *ssl,
    int ret = 0;
    size_t selected_identity;
    int psk_type;
    const unsigned char *psk;
    size_t psk_len;
    const unsigned char *psk_identity;
    size_t psk_identity_len;
    int psk_type;
    /* Check which PSK we've offered.
     *
@@ -1667,6 +1667,23 @@ cleanup:
    return( ret );
 }
 #if defined(MBEDTLS_DEBUG_C)
 static const char *ssl_tls13_get_kex_mode_str(int mode)
 {
    switch( mode )
    {
        case MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK:
            return "psk";
        case MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL:
            return "ephemeral";
        case MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL:
            return "psk_ephemeral";
        default:
            return "unknown mode";
    }
 }
 #endif /* MBEDTLS_DEBUG_C */
 MBEDTLS_CHECK_RETURN_CRITICAL
 static int ssl_tls13_postprocess_server_hello( mbedtls_ssl_context *ssl )
 {
@@ -1687,19 +1704,16 @@ static int ssl_tls13_postprocess_server_hello( mbedtls_ssl_context *ssl )
        /* Only the pre_shared_key extension was received */
        case MBEDTLS_SSL_EXT_PRE_SHARED_KEY:
            handshake->key_exchange_mode = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK;
            MBEDTLS_SSL_DEBUG_MSG( 2, ( "key exchange mode: psk" ) );
            break;
        /* Only the key_share extension was received */
        case MBEDTLS_SSL_EXT_KEY_SHARE:
            handshake->key_exchange_mode = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL;
            MBEDTLS_SSL_DEBUG_MSG( 2, ( "key exchange mode: ephemeral" ) );
            break;
        /* Both the pre_shared_key and key_share extensions were received */
        case ( MBEDTLS_SSL_EXT_PRE_SHARED_KEY | MBEDTLS_SSL_EXT_KEY_SHARE ):
            handshake->key_exchange_mode = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL;
            MBEDTLS_SSL_DEBUG_MSG( 2, ( "key exchange mode: psk_ephemeral" ) );
            break;
        /* Neither pre_shared_key nor key_share extension was received */
@@ -1709,6 +1723,19 @@ static int ssl_tls13_postprocess_server_hello( mbedtls_ssl_context *ssl )
            goto cleanup;
    }
    if( !mbedtls_ssl_conf_tls13_check_kex_modes( ssl, handshake->key_exchange_mode ) )
    {
        ret = MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE;
        MBEDTLS_SSL_DEBUG_MSG( 2,
                ( "Key exchange mode(%s) is not supported.",
                ssl_tls13_get_kex_mode_str( handshake->key_exchange_mode ) ) );
        goto cleanup;
    }
    MBEDTLS_SSL_DEBUG_MSG( 3,
            ( "Selected key exchange mode: %s",
              ssl_tls13_get_kex_mode_str( handshake->key_exchange_mode ) ) );
    /* Start the TLS 1.3 key schedule: Set the PSK and derive early secret.
     *
     * TODO: We don't have to do this in case we offered 0-RTT and the
--- a/tests/data_files/simplepass.psk
+++ b/tests/data_files/simplepass.psk
@@ -0,0 +1 @@
 0a0b0c:010203
--- a/tests/opt-testcases/tls13-kex-modes.sh
+++ b/tests/opt-testcases/tls13-kex-modes.sh
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -12143,52 +12143,6 @@ run_test    "TLS 1.3: Server side check - mbedtls with sni" \
            -s "parse ServerName extension" \
            -s "HTTP/1.0 200 OK"
 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
 requires_config_enabled MBEDTLS_SSL_SRV_C
 requires_config_enabled MBEDTLS_SSL_CLI_C
 run_test    "TLS 1.3, default suite, PSK" \
            "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
            "$P_CLI nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
            0 \
            -c "=> write client hello" \
            -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
            -c "client hello, adding psk_key_exchange_modes extension" \
            -c "client hello, adding PSK binder list" \
            -c "<= write client hello"
 requires_openssl_tls1_3
 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
 requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
 requires_config_enabled MBEDTLS_DEBUG_C
 requires_config_enabled MBEDTLS_SSL_CLI_C
 run_test    "TLS 1.3, default suite, PSK - openssl" \
            "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \
            "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
            0 \
            -c "=> write client hello" \
            -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
            -c "client hello, adding psk_key_exchange_modes extension" \
            -c "client hello, adding PSK binder list" \
            -c "<= write client hello"
 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
 requires_gnutls_tls1_3
 requires_gnutls_next_no_ticket
 requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
 requires_config_enabled MBEDTLS_DEBUG_C
 requires_config_enabled MBEDTLS_SSL_CLI_C
 run_test    "TLS 1.3, default suite, PSK - gnutls" \
            "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+PSK:+CIPHER-ALL:%NO_TICKETS --pskhint=0a0b0c" \
            "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
            1 \
            -c "=> write client hello" \
            -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
            -c "client hello, adding psk_key_exchange_modes extension" \
            -c "client hello, adding PSK binder list" \
            -s "Parsing extension 'PSK Key Exchange Modes/45'" \
            -s "Parsing extension 'Pre Shared Key/41'" \
            -c "<= write client hello"
 for i in opt-testcases/*.sh
 do
    TEST_SUITE_NAME=${i##*/}