From 54413b10c2350cbf6a637bdb0fc244b931a7bb08 Mon Sep 17 00:00:00 2001 From: Xiaokang Qian Date: Thu, 20 Oct 2022 05:57:03 +0000 Subject: [PATCH 1/8] Add early data support preparatory work Add MBEDTLS_SSL_EARLY_DATA configuration option Define early_data_enabled field in mbedtls_ssl_config Add function mbedtls_ssl_conf_early_data Signed-off-by: Xiaokang Qian --- include/mbedtls/mbedtls_config.h | 8 +++++++ include/mbedtls/ssl.h | 38 ++++++++++++++++++++++++++++++++ library/ssl_misc.h | 3 +++ library/ssl_tls13_generic.c | 8 +++++++ 4 files changed, 57 insertions(+) diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 9588ca4b41..8e45726194 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -1632,6 +1632,14 @@ */ #define MBEDTLS_SSL_TLS1_3_DEFAULT_NEW_SESSION_TICKETS 1 +/** +* \def MBEDTLS_SSL_EARLY_DATA +* +* Allows to add functionality for TLS/DTLS 1.3 early data. +* +*/ +//#define MBEDTLS_SSL_EARLY_DATA + /** * \def MBEDTLS_SSL_PROTO_DTLS * diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 9677c71635..57c07b4d00 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -329,6 +329,12 @@ #define MBEDTLS_SSL_CERT_REQ_CA_LIST_ENABLED 1 #define MBEDTLS_SSL_CERT_REQ_CA_LIST_DISABLED 0 +#define MBEDTLS_SSL_EARLY_DATA_DISABLED 0 +#define MBEDTLS_SSL_EARLY_DATA_ENABLED 1 + +#define MBEDTLS_SSL_EARLY_DATA_OFF 0 +#define MBEDTLS_SSL_EARLY_DATA_ON 1 + #define MBEDTLS_SSL_DTLS_SRTP_MKI_UNSUPPORTED 0 #define MBEDTLS_SSL_DTLS_SRTP_MKI_SUPPORTED 1 @@ -1496,6 +1502,12 @@ struct mbedtls_ssl_config * is not \c 0. */ #endif /* MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED */ +#if defined(MBEDTLS_SSL_EARLY_DATA) + int early_data_enabled; /*!< Early data indication: + * - MBEDTLS_SSL_EARLY_DATA_DISABLED, + * - MBEDTLS_SSL_EARLY_DATA_ENABLED */ +#endif /* MBEDTLS_SSL_EARLY_DATA */ + #if defined(MBEDTLS_SSL_ALPN) const char **MBEDTLS_PRIVATE(alpn_list); /*!< ordered list of protocols */ #endif @@ -1905,6 +1917,32 @@ void mbedtls_ssl_conf_transport( mbedtls_ssl_config *conf, int transport ); */ void mbedtls_ssl_conf_authmode( mbedtls_ssl_config *conf, int authmode ); +/** +* \brief Set the early_data mode +* Default: disabled on server and client +* +* \param ssl SSL context +* \param early_data can be: +* +* MBEDTLS_SSL_EARLY_DATA_DISABLED: early data functionality will not be used +* (default on server) +* (default on client) +* +* MBEDTLS_SSL_EARLY_DATA_ENABLED: early data functionality is enabled and +* may be negotiated in the handshake. Application using +* early data functionality needs to be aware of the +* lack of replay protection of the early data application +* payloads. +* +* \param max_early_data Max number of bytes allowed for early data (server only). +* \param early_data_callback Callback function when early data is received (server +* only). +*/ +#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && defined(MBEDTLS_SSL_EARLY_DATA) +void mbedtls_ssl_conf_early_data( mbedtls_ssl_config *conf, + int early_data_enabled ); +#endif /* MBEDTLS_SSL_PROTO_TLS1_3 && MBEDTLS_SSL_EARLY_DATA */ + #if defined(MBEDTLS_X509_CRT_PARSE_C) /** * \brief Set the verification callback (Optional). diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 41bb9c514d..c02ff58b57 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -243,6 +243,9 @@ /* Maximum size in bytes of list in supported elliptic curve ext., RFC 4492 */ #define MBEDTLS_SSL_MAX_CURVE_LIST_LEN 65535 +/* Maximum amount of early data to buffer on the server. */ +#define MBEDTLS_SSL_MAX_EARLY_DATA 1024 + #define MBEDTLS_RECEIVED_SIG_ALGS_SIZE 20 #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c index 48e3675820..5f895932a5 100644 --- a/library/ssl_tls13_generic.c +++ b/library/ssl_tls13_generic.c @@ -1080,6 +1080,14 @@ cleanup: #endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED */ +#if defined(MBEDTLS_SSL_EARLY_DATA) +void mbedtls_ssl_conf_early_data( mbedtls_ssl_config *conf, + int early_data_enabled ) +{ + conf->early_data_enabled = early_data; +} +#endif /* MBEDTLS_SSL_EARLY_DATA */ + /* * * STATE HANDLING: Incoming Finished message. From 600804b0e7b7755e77fe9d48dc1b74d678c37c66 Mon Sep 17 00:00:00 2001 From: Xiaokang Qian Date: Thu, 20 Oct 2022 09:22:38 +0000 Subject: [PATCH 2/8] Remove useless early data related macros for the time being Signed-off-by: Xiaokang Qian --- include/mbedtls/mbedtls_config.h | 5 ++++- include/mbedtls/ssl.h | 10 ++-------- library/ssl_misc.h | 3 --- library/ssl_tls13_generic.c | 2 +- 4 files changed, 7 insertions(+), 13 deletions(-) diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 8e45726194..9480de0066 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -1635,8 +1635,11 @@ /** * \def MBEDTLS_SSL_EARLY_DATA * -* Allows to add functionality for TLS/DTLS 1.3 early data. +* Enable support for RFC 8446 TLS 1.3 early data. * +* Requires: MBEDTLS_SSL_PROTO_TLS1_3 +* +* Comment this to disable support for early data. */ //#define MBEDTLS_SSL_EARLY_DATA diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 57c07b4d00..b8e12ecbac 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -332,9 +332,6 @@ #define MBEDTLS_SSL_EARLY_DATA_DISABLED 0 #define MBEDTLS_SSL_EARLY_DATA_ENABLED 1 -#define MBEDTLS_SSL_EARLY_DATA_OFF 0 -#define MBEDTLS_SSL_EARLY_DATA_ON 1 - #define MBEDTLS_SSL_DTLS_SRTP_MKI_UNSUPPORTED 0 #define MBEDTLS_SSL_DTLS_SRTP_MKI_SUPPORTED 1 @@ -1921,8 +1918,8 @@ void mbedtls_ssl_conf_authmode( mbedtls_ssl_config *conf, int authmode ); * \brief Set the early_data mode * Default: disabled on server and client * -* \param ssl SSL context -* \param early_data can be: +* \param conf The SSL configuration to use. +* \param early_data_enabled can be: * * MBEDTLS_SSL_EARLY_DATA_DISABLED: early data functionality will not be used * (default on server) @@ -1934,9 +1931,6 @@ void mbedtls_ssl_conf_authmode( mbedtls_ssl_config *conf, int authmode ); * lack of replay protection of the early data application * payloads. * -* \param max_early_data Max number of bytes allowed for early data (server only). -* \param early_data_callback Callback function when early data is received (server -* only). */ #if defined(MBEDTLS_SSL_PROTO_TLS1_3) && defined(MBEDTLS_SSL_EARLY_DATA) void mbedtls_ssl_conf_early_data( mbedtls_ssl_config *conf, diff --git a/library/ssl_misc.h b/library/ssl_misc.h index c02ff58b57..41bb9c514d 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -243,9 +243,6 @@ /* Maximum size in bytes of list in supported elliptic curve ext., RFC 4492 */ #define MBEDTLS_SSL_MAX_CURVE_LIST_LEN 65535 -/* Maximum amount of early data to buffer on the server. */ -#define MBEDTLS_SSL_MAX_EARLY_DATA 1024 - #define MBEDTLS_RECEIVED_SIG_ALGS_SIZE 20 #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c index 5f895932a5..976a13471a 100644 --- a/library/ssl_tls13_generic.c +++ b/library/ssl_tls13_generic.c @@ -1084,7 +1084,7 @@ cleanup: void mbedtls_ssl_conf_early_data( mbedtls_ssl_config *conf, int early_data_enabled ) { - conf->early_data_enabled = early_data; + conf->early_data_enabled = early_data_enabled; } #endif /* MBEDTLS_SSL_EARLY_DATA */ From 72de95dcf53a50691d85dcd166bc584f3a293c1c Mon Sep 17 00:00:00 2001 From: Xiaokang Qian Date: Tue, 25 Oct 2022 02:54:33 +0000 Subject: [PATCH 3/8] Move function mbedtls_ssl_tls13_conf_early_data to ssl_tls.c Signed-off-by: Xiaokang Qian --- include/mbedtls/ssl.h | 21 +++++++++++---------- library/ssl_tls.c | 8 ++++++++ library/ssl_tls13_generic.c | 8 -------- 3 files changed, 19 insertions(+), 18 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index b8e12ecbac..78842a12b5 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -1500,9 +1500,9 @@ struct mbedtls_ssl_config #endif /* MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED */ #if defined(MBEDTLS_SSL_EARLY_DATA) - int early_data_enabled; /*!< Early data indication: - * - MBEDTLS_SSL_EARLY_DATA_DISABLED, - * - MBEDTLS_SSL_EARLY_DATA_ENABLED */ + int MBEDTLS_PRIVATE(early_data_enabled); /*!< Early data enablement: + * - MBEDTLS_SSL_EARLY_DATA_DISABLED, + * - MBEDTLS_SSL_EARLY_DATA_ENABLED */ #endif /* MBEDTLS_SSL_EARLY_DATA */ #if defined(MBEDTLS_SSL_ALPN) @@ -1915,15 +1915,14 @@ void mbedtls_ssl_conf_transport( mbedtls_ssl_config *conf, int transport ); void mbedtls_ssl_conf_authmode( mbedtls_ssl_config *conf, int authmode ); /** -* \brief Set the early_data mode -* Default: disabled on server and client +* \brief Set the early data mode +* Default: disabled on server and client * -* \param conf The SSL configuration to use. +* \param conf The SSL configuration to use. * \param early_data_enabled can be: * -* MBEDTLS_SSL_EARLY_DATA_DISABLED: early data functionality will not be used -* (default on server) -* (default on client) +* MBEDTLS_SSL_EARLY_DATA_DISABLED: early data functionality is disabled +* This is the default on client and server. * * MBEDTLS_SSL_EARLY_DATA_ENABLED: early data functionality is enabled and * may be negotiated in the handshake. Application using @@ -1931,9 +1930,11 @@ void mbedtls_ssl_conf_authmode( mbedtls_ssl_config *conf, int authmode ); * lack of replay protection of the early data application * payloads. * +* \warning This interface is experimental and may change without notice. +* */ #if defined(MBEDTLS_SSL_PROTO_TLS1_3) && defined(MBEDTLS_SSL_EARLY_DATA) -void mbedtls_ssl_conf_early_data( mbedtls_ssl_config *conf, +void mbedtls_ssl_tls13_conf_early_data( mbedtls_ssl_config *conf, int early_data_enabled ); #endif /* MBEDTLS_SSL_PROTO_TLS1_3 && MBEDTLS_SSL_EARLY_DATA */ diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 63a433dbeb..f385f5d4b9 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -1425,6 +1425,14 @@ void mbedtls_ssl_conf_tls13_key_exchange_modes( mbedtls_ssl_config *conf, { conf->tls13_kex_modes = kex_modes & MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_ALL; } + +#if defined(MBEDTLS_SSL_EARLY_DATA) +void mbedtls_ssl_tls13_conf_early_data( mbedtls_ssl_config *conf, + int early_data_enabled ) +{ + conf->early_data_enabled = early_data_enabled; +} +#endif /* MBEDTLS_SSL_EARLY_DATA */ #endif /* MBEDTLS_SSL_PROTO_TLS1_3 */ #if defined(MBEDTLS_X509_CRT_PARSE_C) diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c index 976a13471a..48e3675820 100644 --- a/library/ssl_tls13_generic.c +++ b/library/ssl_tls13_generic.c @@ -1080,14 +1080,6 @@ cleanup: #endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED */ -#if defined(MBEDTLS_SSL_EARLY_DATA) -void mbedtls_ssl_conf_early_data( mbedtls_ssl_config *conf, - int early_data_enabled ) -{ - conf->early_data_enabled = early_data_enabled; -} -#endif /* MBEDTLS_SSL_EARLY_DATA */ - /* * * STATE HANDLING: Incoming Finished message. From 95a0730f178980085c8f7acfd3b26c5c67511464 Mon Sep 17 00:00:00 2001 From: Xiaokang Qian Date: Tue, 25 Oct 2022 02:56:00 +0000 Subject: [PATCH 4/8] Change prerequisites of MBEDTLS_SSL_EARLY_DATA and add related check Signed-off-by: Xiaokang Qian --- include/mbedtls/check_config.h | 7 +++++++ include/mbedtls/mbedtls_config.h | 4 ++++ 2 files changed, 11 insertions(+) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 6a96479947..d36db4a9ec 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -842,6 +842,13 @@ "but no key exchange methods defined with MBEDTLS_KEY_EXCHANGE_xxxx" #endif +/* Early data requires PSK related mode defined */ +#if defined(MBEDTLS_SSL_EARLY_DATA) && \ + ( !defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED) && \ + !defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED)) +#error "MBEDTLS_SSL_EARLY_DATA defined, but not all prerequisites" +#endif + #if defined(MBEDTLS_SSL_PROTO_DTLS) && \ !defined(MBEDTLS_SSL_PROTO_TLS1_2) #error "MBEDTLS_SSL_PROTO_DTLS defined, but not all prerequisites" diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 9480de0066..7ce8083d46 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -1640,6 +1640,10 @@ * Requires: MBEDTLS_SSL_PROTO_TLS1_3 * * Comment this to disable support for early data. +* +* This feature is experimental, not completed and thus not ready for +* production. +* */ //#define MBEDTLS_SSL_EARLY_DATA From d69d06fffa726594a18ecb97f27c8f979ac09211 Mon Sep 17 00:00:00 2001 From: Xiaokang Qian Date: Tue, 25 Oct 2022 06:51:25 +0000 Subject: [PATCH 5/8] Improve format issue Signed-off-by: Xiaokang Qian --- include/mbedtls/ssl.h | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 78842a12b5..a07c723262 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -1501,8 +1501,8 @@ struct mbedtls_ssl_config #if defined(MBEDTLS_SSL_EARLY_DATA) int MBEDTLS_PRIVATE(early_data_enabled); /*!< Early data enablement: - * - MBEDTLS_SSL_EARLY_DATA_DISABLED, - * - MBEDTLS_SSL_EARLY_DATA_ENABLED */ + * - MBEDTLS_SSL_EARLY_DATA_DISABLED, + * - MBEDTLS_SSL_EARLY_DATA_ENABLED */ #endif /* MBEDTLS_SSL_EARLY_DATA */ #if defined(MBEDTLS_SSL_ALPN) @@ -1914,6 +1914,7 @@ void mbedtls_ssl_conf_transport( mbedtls_ssl_config *conf, int transport ); */ void mbedtls_ssl_conf_authmode( mbedtls_ssl_config *conf, int authmode ); +#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && defined(MBEDTLS_SSL_EARLY_DATA) /** * \brief Set the early data mode * Default: disabled on server and client @@ -1933,7 +1934,6 @@ void mbedtls_ssl_conf_authmode( mbedtls_ssl_config *conf, int authmode ); * \warning This interface is experimental and may change without notice. * */ -#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && defined(MBEDTLS_SSL_EARLY_DATA) void mbedtls_ssl_tls13_conf_early_data( mbedtls_ssl_config *conf, int early_data_enabled ); #endif /* MBEDTLS_SSL_PROTO_TLS1_3 && MBEDTLS_SSL_EARLY_DATA */ From 65fc0de894b1a9c195010652580abcb92c65fe1f Mon Sep 17 00:00:00 2001 From: Xiaokang Qian Date: Tue, 25 Oct 2022 09:08:57 +0000 Subject: [PATCH 6/8] Improve the prerequisites for early data Signed-off-by: Xiaokang Qian --- include/mbedtls/mbedtls_config.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 7ce8083d46..2524133786 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -1637,7 +1637,8 @@ * * Enable support for RFC 8446 TLS 1.3 early data. * -* Requires: MBEDTLS_SSL_PROTO_TLS1_3 +* Requires: MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED or +* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED * * Comment this to disable support for early data. * From 4ef4c89af20c267ad858232c8c5345b318814ffb Mon Sep 17 00:00:00 2001 From: Xiaokang Qian Date: Tue, 25 Oct 2022 13:39:16 +0000 Subject: [PATCH 7/8] Fix CI failure in build_info.h Signed-off-by: Xiaokang Qian --- include/mbedtls/build_info.h | 1 + include/mbedtls/mbedtls_config.h | 3 ++- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/include/mbedtls/build_info.h b/include/mbedtls/build_info.h index 9c9a345465..006233a377 100644 --- a/include/mbedtls/build_info.h +++ b/include/mbedtls/build_info.h @@ -96,6 +96,7 @@ #undef MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED #undef MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED #undef MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED +#undef MBEDTLS_SSL_EARLY_DATA #endif #if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED) || \ diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 2524133786..fcdd5782aa 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -1640,7 +1640,8 @@ * Requires: MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED or * MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED * -* Comment this to disable support for early data. +* Comment this to disable support for early data. If MBEDTLS_SSL_PROTO_TLS1_3 +* is not enabled, this option does not have any effect on the build. * * This feature is experimental, not completed and thus not ready for * production. From 72dbfef6e4b48d02327f663dcc695cc2abadfa75 Mon Sep 17 00:00:00 2001 From: Xiaokang Qian Date: Wed, 26 Oct 2022 06:33:57 +0000 Subject: [PATCH 8/8] Improve coding styles Signed-off-by: Xiaokang Qian --- include/mbedtls/ssl.h | 2 +- library/ssl_tls.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index a07c723262..01ede4088d 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -1935,7 +1935,7 @@ void mbedtls_ssl_conf_authmode( mbedtls_ssl_config *conf, int authmode ); * */ void mbedtls_ssl_tls13_conf_early_data( mbedtls_ssl_config *conf, - int early_data_enabled ); + int early_data_enabled ); #endif /* MBEDTLS_SSL_PROTO_TLS1_3 && MBEDTLS_SSL_EARLY_DATA */ #if defined(MBEDTLS_X509_CRT_PARSE_C) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index f385f5d4b9..6b545a6f3e 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -1428,7 +1428,7 @@ void mbedtls_ssl_conf_tls13_key_exchange_modes( mbedtls_ssl_config *conf, #if defined(MBEDTLS_SSL_EARLY_DATA) void mbedtls_ssl_tls13_conf_early_data( mbedtls_ssl_config *conf, - int early_data_enabled ) + int early_data_enabled ) { conf->early_data_enabled = early_data_enabled; }