From 920db4581835b2144edaf188455b394e7e0927eb Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Tue, 14 Nov 2023 17:20:16 +0800 Subject: [PATCH 01/10] tls13: early_data: support to parse max_early_data_size ext Signed-off-by: Yanray Wang --- library/ssl_tls13_client.c | 51 +++++++++++++++++++++++++++++++------- 1 file changed, 42 insertions(+), 9 deletions(-) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index 44814b99f..361f0c0af 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -2647,6 +2647,43 @@ static int ssl_tls13_handshake_wrapup(mbedtls_ssl_context *ssl) #if defined(MBEDTLS_SSL_SESSION_TICKETS) +#if defined(MBEDTLS_SSL_EARLY_DATA) +/* From RFC 8446 section 4.2.10 + * + * struct { + * select (Handshake.msg_type) { + * case new_session_ticket: uint32 max_early_data_size; + * ... + * }; + * } EarlyDataIndication; + */ +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_tls13_parse_nst_early_data_ext(mbedtls_ssl_context *ssl, + const unsigned char *buf, + const unsigned char *end) +{ + MBEDTLS_SSL_CHK_BUF_READ_PTR(buf, end, 4); + if ((end - buf) != 4) { + MBEDTLS_SSL_PEND_FATAL_ALERT( + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR, + MBEDTLS_ERR_SSL_DECODE_ERROR); + return MBEDTLS_ERR_SSL_DECODE_ERROR; + } + + if (ssl->session != NULL) { + ssl->session->max_early_data_size = MBEDTLS_GET_UINT32_BE(buf, 0); + mbedtls_ssl_session_set_ticket_flags( + ssl->session, MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_EARLY_DATA); + MBEDTLS_SSL_DEBUG_MSG( + 3, ("received max_early_data_size: %u", + (unsigned int) ssl->session->max_early_data_size)); + return 0; + } + + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; +} +#endif /* MBEDTLS_SSL_EARLY_DATA */ + MBEDTLS_CHECK_RETURN_CRITICAL static int ssl_tls13_parse_new_session_ticket_exts(mbedtls_ssl_context *ssl, const unsigned char *buf, @@ -2680,15 +2717,11 @@ static int ssl_tls13_parse_new_session_ticket_exts(mbedtls_ssl_context *ssl, switch (extension_type) { #if defined(MBEDTLS_SSL_EARLY_DATA) case MBEDTLS_TLS_EXT_EARLY_DATA: - if (extension_data_len != 4) { - MBEDTLS_SSL_PEND_FATAL_ALERT( - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR, - MBEDTLS_ERR_SSL_DECODE_ERROR); - return MBEDTLS_ERR_SSL_DECODE_ERROR; - } - if (ssl->session != NULL) { - ssl->session->ticket_flags |= - MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_EARLY_DATA; + ret = ssl_tls13_parse_nst_early_data_ext( + ssl, p, p + extension_data_len); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET( + 1, "ssl_tls13_parse_max_early_data_size_ext", ret); } break; #endif /* MBEDTLS_SSL_EARLY_DATA */ From 951b3cb400c200fcf72af6791980108ef15a43b0 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Tue, 21 Nov 2023 11:13:31 +0800 Subject: [PATCH 02/10] tls13-misc: cli: check parser of max_early_data_size ext Signed-off-by: Yanray Wang --- tests/opt-testcases/tls13-misc.sh | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/tests/opt-testcases/tls13-misc.sh b/tests/opt-testcases/tls13-misc.sh index 920838449..f03a386a0 100755 --- a/tests/opt-testcases/tls13-misc.sh +++ b/tests/opt-testcases/tls13-misc.sh @@ -261,9 +261,11 @@ requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ requires_any_configs_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED run_test "TLS 1.3 m->G: EarlyData: basic check, good" \ - "$G_NEXT_SRV -d 10 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:+ECDHE-PSK:+PSK --earlydata --disable-client-cert" \ + "$G_NEXT_SRV -d 10 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:+ECDHE-PSK:+PSK \ + --earlydata --maxearlydata 16384 --disable-client-cert" \ "$P_CLI debug_level=4 early_data=1 reco_mode=1 reconnect=1 reco_delay=900" \ 0 \ + -c "received max_early_data_size: 16384" \ -c "Reconnecting with saved session" \ -c "NewSessionTicket: early_data(42) extension received." \ -c "ClientHello: early_data(42) extension exists." \ From 365ee3eaa953b559ed2ffebc66f761aac90b1160 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Wed, 22 Nov 2023 10:28:28 +0800 Subject: [PATCH 03/10] ssl_tls: return correct error code if mbedtls_calloc fails Signed-off-by: Yanray Wang --- library/ssl_tls.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index b163e93c2..348894b45 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -306,7 +306,7 @@ static int resize_buffer(unsigned char **buffer, size_t len_new, size_t *len_old { unsigned char *resized_buffer = mbedtls_calloc(1, len_new); if (resized_buffer == NULL) { - return -1; + return MBEDTLS_ERR_SSL_ALLOC_FAILED; } /* We want to copy len_new bytes when downsizing the buffer, and From fd25654311c5c6f275c6e62f49fa7588b8026fe7 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Wed, 22 Nov 2023 10:32:03 +0800 Subject: [PATCH 04/10] ssl_tls: remove unnecessary guard Signed-off-by: Yanray Wang --- library/ssl_tls.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 348894b45..4364c1f2d 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -2623,8 +2623,7 @@ static int ssl_tls13_session_load(mbedtls_ssl_session *session, #if defined(MBEDTLS_SSL_CLI_C) if (session->endpoint == MBEDTLS_SSL_IS_CLIENT) { -#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) && \ - defined(MBEDTLS_SSL_SESSION_TICKETS) +#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) size_t hostname_len; /* load host name */ if (end - p < 2) { @@ -2644,8 +2643,7 @@ static int ssl_tls13_session_load(mbedtls_ssl_session *session, memcpy(session->hostname, p, hostname_len); p += hostname_len; } -#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION && - MBEDTLS_SSL_SESSION_TICKETS */ +#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ #if defined(MBEDTLS_HAVE_TIME) if (end - p < 8) { From 5da8ecffe6c2e278d2e85a66ed4deb27bf9c8bdc Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Wed, 22 Nov 2023 18:52:19 +0800 Subject: [PATCH 05/10] tls13: nst early_data: remove duplicate code Signed-off-by: Yanray Wang --- library/ssl_tls13_client.c | 6 ------ 1 file changed, 6 deletions(-) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index 361f0c0af..c9680c2eb 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -2663,12 +2663,6 @@ static int ssl_tls13_parse_nst_early_data_ext(mbedtls_ssl_context *ssl, const unsigned char *end) { MBEDTLS_SSL_CHK_BUF_READ_PTR(buf, end, 4); - if ((end - buf) != 4) { - MBEDTLS_SSL_PEND_FATAL_ALERT( - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR, - MBEDTLS_ERR_SSL_DECODE_ERROR); - return MBEDTLS_ERR_SSL_DECODE_ERROR; - } if (ssl->session != NULL) { ssl->session->max_early_data_size = MBEDTLS_GET_UINT32_BE(buf, 0); From 554ee62fbae40e98a34721a1b9591c9e9b42062b Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Wed, 22 Nov 2023 18:55:01 +0800 Subject: [PATCH 06/10] tls13: early_data: fix wrong debug_ret message Signed-off-by: Yanray Wang --- library/ssl_tls13_client.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index c9680c2eb..068676cde 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -2715,7 +2715,7 @@ static int ssl_tls13_parse_new_session_ticket_exts(mbedtls_ssl_context *ssl, ssl, p, p + extension_data_len); if (ret != 0) { MBEDTLS_SSL_DEBUG_RET( - 1, "ssl_tls13_parse_max_early_data_size_ext", ret); + 1, "ssl_tls13_parse_nst_early_data_ext", ret); } break; #endif /* MBEDTLS_SSL_EARLY_DATA */ From d012084e91bb12a2743eee0fa10e7a2bc284feed Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Thu, 23 Nov 2023 16:35:54 +0800 Subject: [PATCH 07/10] tls13: early_data: cli: optimize code - remove unnecessary check - using local variable session Signed-off-by: Yanray Wang --- library/ssl_tls13_client.c | 19 +++++++++---------- 1 file changed, 9 insertions(+), 10 deletions(-) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index 068676cde..a62d2bcd3 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -2662,19 +2662,18 @@ static int ssl_tls13_parse_nst_early_data_ext(mbedtls_ssl_context *ssl, const unsigned char *buf, const unsigned char *end) { + mbedtls_ssl_session *session = ssl->session; + MBEDTLS_SSL_CHK_BUF_READ_PTR(buf, end, 4); - if (ssl->session != NULL) { - ssl->session->max_early_data_size = MBEDTLS_GET_UINT32_BE(buf, 0); - mbedtls_ssl_session_set_ticket_flags( - ssl->session, MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_EARLY_DATA); - MBEDTLS_SSL_DEBUG_MSG( - 3, ("received max_early_data_size: %u", - (unsigned int) ssl->session->max_early_data_size)); - return 0; - } + session->max_early_data_size = MBEDTLS_GET_UINT32_BE(buf, 0); + mbedtls_ssl_session_set_ticket_flags( + session, MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_EARLY_DATA); + MBEDTLS_SSL_DEBUG_MSG( + 3, ("received max_early_data_size: %u", + (unsigned int) session->max_early_data_size)); - return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + return 0; } #endif /* MBEDTLS_SSL_EARLY_DATA */ From 3781ab40fb24c06ca7401bcecc3e1aa31d669a55 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Thu, 23 Nov 2023 18:17:11 +0800 Subject: [PATCH 08/10] tls13: early_data: cli: remove nst_ prefix Signed-off-by: Yanray Wang --- library/ssl_tls13_client.c | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index a62d2bcd3..fec4a7d58 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -2658,10 +2658,16 @@ static int ssl_tls13_handshake_wrapup(mbedtls_ssl_context *ssl) * } EarlyDataIndication; */ MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_tls13_parse_nst_early_data_ext(mbedtls_ssl_context *ssl, - const unsigned char *buf, - const unsigned char *end) +static int ssl_tls13_parse_early_data_ext(mbedtls_ssl_context *ssl, + const unsigned char *buf, + const unsigned char *end) { + /* Make sure early data indication extension is received from + * NewSessionTicket. */ + if (!mbedtls_ssl_is_handshake_over(ssl)) { + return MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER; + } + mbedtls_ssl_session *session = ssl->session; MBEDTLS_SSL_CHK_BUF_READ_PTR(buf, end, 4); @@ -2710,11 +2716,11 @@ static int ssl_tls13_parse_new_session_ticket_exts(mbedtls_ssl_context *ssl, switch (extension_type) { #if defined(MBEDTLS_SSL_EARLY_DATA) case MBEDTLS_TLS_EXT_EARLY_DATA: - ret = ssl_tls13_parse_nst_early_data_ext( + ret = ssl_tls13_parse_early_data_ext( ssl, p, p + extension_data_len); if (ret != 0) { MBEDTLS_SSL_DEBUG_RET( - 1, "ssl_tls13_parse_nst_early_data_ext", ret); + 1, "ssl_tls13_parse_early_data_ext", ret); } break; #endif /* MBEDTLS_SSL_EARLY_DATA */ From 0790041dc6d8f629d2b858fbe1f8bd04ee98de78 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Thu, 30 Nov 2023 16:44:44 +0800 Subject: [PATCH 09/10] Revert "tls13: early_data: cli: remove nst_ prefix" This reverts commit 3781ab40fb24c06ca7401bcecc3e1aa31d669a55. Signed-off-by: Yanray Wang --- library/ssl_tls13_client.c | 16 +++++----------- 1 file changed, 5 insertions(+), 11 deletions(-) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index fec4a7d58..a62d2bcd3 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -2658,16 +2658,10 @@ static int ssl_tls13_handshake_wrapup(mbedtls_ssl_context *ssl) * } EarlyDataIndication; */ MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_tls13_parse_early_data_ext(mbedtls_ssl_context *ssl, - const unsigned char *buf, - const unsigned char *end) +static int ssl_tls13_parse_nst_early_data_ext(mbedtls_ssl_context *ssl, + const unsigned char *buf, + const unsigned char *end) { - /* Make sure early data indication extension is received from - * NewSessionTicket. */ - if (!mbedtls_ssl_is_handshake_over(ssl)) { - return MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER; - } - mbedtls_ssl_session *session = ssl->session; MBEDTLS_SSL_CHK_BUF_READ_PTR(buf, end, 4); @@ -2716,11 +2710,11 @@ static int ssl_tls13_parse_new_session_ticket_exts(mbedtls_ssl_context *ssl, switch (extension_type) { #if defined(MBEDTLS_SSL_EARLY_DATA) case MBEDTLS_TLS_EXT_EARLY_DATA: - ret = ssl_tls13_parse_early_data_ext( + ret = ssl_tls13_parse_nst_early_data_ext( ssl, p, p + extension_data_len); if (ret != 0) { MBEDTLS_SSL_DEBUG_RET( - 1, "ssl_tls13_parse_early_data_ext", ret); + 1, "ssl_tls13_parse_nst_early_data_ext", ret); } break; #endif /* MBEDTLS_SSL_EARLY_DATA */ From b3e207d762567fee6a8cc835b717f6ab92a37b07 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Thu, 30 Nov 2023 16:49:49 +0800 Subject: [PATCH 10/10] tls13: early_data: cli: rename early_data parser in nst Signed-off-by: Yanray Wang --- library/ssl_tls13_client.c | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index a62d2bcd3..08cfe221b 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -2658,9 +2658,10 @@ static int ssl_tls13_handshake_wrapup(mbedtls_ssl_context *ssl) * } EarlyDataIndication; */ MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_tls13_parse_nst_early_data_ext(mbedtls_ssl_context *ssl, - const unsigned char *buf, - const unsigned char *end) +static int ssl_tls13_parse_new_session_ticket_early_data_ext( + mbedtls_ssl_context *ssl, + const unsigned char *buf, + const unsigned char *end) { mbedtls_ssl_session *session = ssl->session; @@ -2710,11 +2711,12 @@ static int ssl_tls13_parse_new_session_ticket_exts(mbedtls_ssl_context *ssl, switch (extension_type) { #if defined(MBEDTLS_SSL_EARLY_DATA) case MBEDTLS_TLS_EXT_EARLY_DATA: - ret = ssl_tls13_parse_nst_early_data_ext( + ret = ssl_tls13_parse_new_session_ticket_early_data_ext( ssl, p, p + extension_data_len); if (ret != 0) { MBEDTLS_SSL_DEBUG_RET( - 1, "ssl_tls13_parse_nst_early_data_ext", ret); + 1, "ssl_tls13_parse_new_session_ticket_early_data_ext", + ret); } break; #endif /* MBEDTLS_SSL_EARLY_DATA */