lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-28 00:21:48 +03:00
Code Activity

Merge pull request #5573 from superna9999/5176-5177-5178-5179-tsl-record-hmac

Browse Source 
TLS record HMAC
This commit is contained in:
Manuel Pégourié-Gonnard
2022-03-21 11:36:44 +01:00
committed by GitHub
parent 706f6bae27 0ab7a232b5
commit f4042f076b
8 changed files with 477 additions and 1625 deletions
Download Patch File Download Diff File Expand all files Collapse all files

106
library/ssl_msg.c
View File

@ -673,11 +673,35 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl,
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
unsigned char mac[MBEDTLS_SSL_MAC_ADD];
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
#if defined(MBEDTLS_USE_PSA_CRYPTO)
psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT;
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
size_t sign_mac_length = 0;
#endif /* MBEDTLS_USE_PSA_CRYPTO */
ssl_extract_add_data_from_record( add_data, &add_data_len, rec,
transform->minor_ver,
transform->taglen );
#if defined(MBEDTLS_USE_PSA_CRYPTO)
status = psa_mac_sign_setup( &operation, transform->psa_mac_enc,
transform->psa_mac_alg );
if( status != PSA_SUCCESS )
goto hmac_failed_etm_disabled;
status = psa_mac_update( &operation, add_data, add_data_len );
if( status != PSA_SUCCESS )
goto hmac_failed_etm_disabled;
status = psa_mac_update( &operation, data, rec->data_len );
if( status != PSA_SUCCESS )
goto hmac_failed_etm_disabled;
status = psa_mac_sign_finish( &operation, mac, MBEDTLS_SSL_MAC_ADD,
&sign_mac_length );
if( status != PSA_SUCCESS )
goto hmac_failed_etm_disabled;
#else
ret = mbedtls_md_hmac_update( &transform->md_ctx_enc, add_data,
add_data_len );
if( ret != 0 )
@ -691,6 +715,7 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl,
ret = mbedtls_md_hmac_reset( &transform->md_ctx_enc );
if( ret != 0 )
goto hmac_failed_etm_disabled;
#endif /* MBEDTLS_USE_PSA_CRYPTO */
memcpy( data + rec->data_len, mac, transform->maclen );
#endif
@ -704,6 +729,12 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl,
hmac_failed_etm_disabled:
mbedtls_platform_zeroize( mac, transform->maclen );
#if defined(MBEDTLS_USE_PSA_CRYPTO)
ret = psa_ssl_status_to_mbedtls( status );
status = psa_mac_abort( &operation );
if( ret == 0 && status != PSA_SUCCESS )
ret = psa_ssl_status_to_mbedtls( status );
#endif /* MBEDTLS_USE_PSA_CRYPTO */
if( ret != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md_hmac_xxx", ret );
@ -998,6 +1029,10 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl,
if( auth_done == 0 )
{
unsigned char mac[MBEDTLS_SSL_MAC_ADD];
#if defined(MBEDTLS_USE_PSA_CRYPTO)
psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT;
size_t sign_mac_length = 0;
#endif /* MBEDTLS_USE_PSA_CRYPTO */
/*
* MAC(MAC_write_key, seq_num +
@ -1021,6 +1056,25 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl,
MBEDTLS_SSL_DEBUG_MSG( 3, ( "using encrypt then mac" ) );
MBEDTLS_SSL_DEBUG_BUF( 4, "MAC'd meta-data", add_data,
add_data_len );
#if defined(MBEDTLS_USE_PSA_CRYPTO)
status = psa_mac_sign_setup( &operation, transform->psa_mac_enc,
transform->psa_mac_alg );
if( status != PSA_SUCCESS )
goto hmac_failed_etm_enabled;
status = psa_mac_update( &operation, add_data, add_data_len );
if( status != PSA_SUCCESS )
goto hmac_failed_etm_enabled;
status = psa_mac_update( &operation, data, rec->data_len );
if( status != PSA_SUCCESS )
goto hmac_failed_etm_enabled;
status = psa_mac_sign_finish( &operation, mac, MBEDTLS_SSL_MAC_ADD,
&sign_mac_length );
if( status != PSA_SUCCESS )
goto hmac_failed_etm_enabled;
#else
ret = mbedtls_md_hmac_update( &transform->md_ctx_enc, add_data,
add_data_len );
@ -1036,6 +1090,7 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl,
ret = mbedtls_md_hmac_reset( &transform->md_ctx_enc );
if( ret != 0 )
goto hmac_failed_etm_enabled;
#endif /* MBEDTLS_USE_PSA_CRYPTO */
memcpy( data + rec->data_len, mac, transform->maclen );
@ -1045,6 +1100,12 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl,
hmac_failed_etm_enabled:
mbedtls_platform_zeroize( mac, transform->maclen );
#if defined(MBEDTLS_USE_PSA_CRYPTO)
ret = psa_ssl_status_to_mbedtls( status );
status = psa_mac_abort( &operation );
if( ret == 0 && status != PSA_SUCCESS )
ret = psa_ssl_status_to_mbedtls( status );
#endif /* MBEDTLS_USE_PSA_CRYPTO */
if( ret != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "HMAC calculation failed", ret );
@ -1331,7 +1392,11 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl,
#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
if( transform->encrypt_then_mac == MBEDTLS_SSL_ETM_ENABLED )
{
#if defined(MBEDTLS_USE_PSA_CRYPTO)
psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT;
#else
unsigned char mac_expect[MBEDTLS_SSL_MAC_ADD];
#endif /* MBEDTLS_USE_PSA_CRYPTO */
MBEDTLS_SSL_DEBUG_MSG( 3, ( "using encrypt then mac" ) );
@ -1353,6 +1418,26 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl,
/* Calculate expected MAC. */
MBEDTLS_SSL_DEBUG_BUF( 4, "MAC'd meta-data", add_data,
add_data_len );
#if defined(MBEDTLS_USE_PSA_CRYPTO)
status = psa_mac_verify_setup( &operation, transform->psa_mac_dec,
transform->psa_mac_alg );
if( status != PSA_SUCCESS )
goto hmac_failed_etm_enabled;
status = psa_mac_update( &operation, add_data, add_data_len );
if( status != PSA_SUCCESS )
goto hmac_failed_etm_enabled;
status = psa_mac_update( &operation, data, rec->data_len );
if( status != PSA_SUCCESS )
goto hmac_failed_etm_enabled;
/* Compare expected MAC with MAC at the end of the record. */
status = psa_mac_verify_finish( &operation, data + rec->data_len,
transform->maclen );
if( status != PSA_SUCCESS )
goto hmac_failed_etm_enabled;
#else
ret = mbedtls_md_hmac_update( &transform->md_ctx_dec, add_data,
add_data_len );
if( ret != 0 )
@ -1381,10 +1466,18 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl,
ret = MBEDTLS_ERR_SSL_INVALID_MAC;
goto hmac_failed_etm_enabled;
}
#endif /* MBEDTLS_USE_PSA_CRYPTO */
auth_done++;
hmac_failed_etm_enabled:
#if defined(MBEDTLS_USE_PSA_CRYPTO)
ret = psa_ssl_status_to_mbedtls( status );
status = psa_mac_abort( &operation );
if( ret == 0 && status != PSA_SUCCESS )
ret = psa_ssl_status_to_mbedtls( status );
#else
mbedtls_platform_zeroize( mac_expect, transform->maclen );
#endif /* MBEDTLS_USE_PSA_CRYPTO */
if( ret != 0 )
{
if( ret != MBEDTLS_ERR_SSL_INVALID_MAC )
@ -1621,10 +1714,18 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl,
const size_t max_len = rec->data_len + padlen;
const size_t min_len = ( max_len > 256 ) ? max_len - 256 : 0;
#if defined(MBEDTLS_USE_PSA_CRYPTO)
ret = mbedtls_ct_hmac( transform->psa_mac_dec,
transform->psa_mac_alg,
add_data, add_data_len,
data, rec->data_len, min_len, max_len,
mac_expect );
#else
ret = mbedtls_ct_hmac( &transform->md_ctx_dec,
add_data, add_data_len,
data, rec->data_len, min_len, max_len,
mac_expect );
#endif /* MBEDTLS_USE_PSA_CRYPTO */
if( ret != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ct_hmac", ret );
@ -5612,8 +5713,13 @@ void mbedtls_ssl_transform_free( mbedtls_ssl_transform *transform )
#endif /* MBEDTLS_USE_PSA_CRYPTO */
#if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC)
#if defined(MBEDTLS_USE_PSA_CRYPTO)
psa_destroy_key( transform->psa_mac_enc );
psa_destroy_key( transform->psa_mac_dec );
#else
mbedtls_md_free( &transform->md_ctx_enc );
mbedtls_md_free( &transform->md_ctx_dec );
#endif /* MBEDTLS_USE_PSA_CRYPTO */
#endif
mbedtls_platform_zeroize( transform, sizeof( mbedtls_ssl_transform ) );