Merge pull request #6112 from ronald-cron-arm/tls13-negotiated-key-exchange-mode
TLS 1.3: Add specific field to store the selected key exchange mode Validated by the internal CI merge job.
This commit is contained in:
commit
892747015d
4 changed files with 39 additions and 15 deletions
|
@ -611,14 +611,19 @@ struct mbedtls_ssl_handshake_params
|
||||||
* Handshake specific crypto variables
|
* Handshake specific crypto variables
|
||||||
*/
|
*/
|
||||||
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
|
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
|
||||||
int tls13_kex_modes; /*!< key exchange modes for TLS 1.3 */
|
uint8_t key_exchange_mode; /*!< Selected key exchange mode */
|
||||||
|
|
||||||
/** Number of HelloRetryRequest messages received/sent from/to the server. */
|
/** Number of HelloRetryRequest messages received/sent from/to the server. */
|
||||||
int hello_retry_request_count;
|
int hello_retry_request_count;
|
||||||
|
|
||||||
#if defined(MBEDTLS_SSL_SRV_C)
|
#if defined(MBEDTLS_SSL_SRV_C)
|
||||||
/** selected_group of key_share extension in HelloRetryRequest message. */
|
/** selected_group of key_share extension in HelloRetryRequest message. */
|
||||||
uint16_t hrr_selected_group;
|
uint16_t hrr_selected_group;
|
||||||
|
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
|
||||||
|
uint8_t tls13_kex_modes; /*!< Key exchange modes supported by the client */
|
||||||
|
#endif
|
||||||
#endif /* MBEDTLS_SSL_SRV_C */
|
#endif /* MBEDTLS_SSL_SRV_C */
|
||||||
|
|
||||||
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
|
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
|
||||||
|
|
||||||
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
|
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
|
||||||
|
@ -1769,6 +1774,7 @@ static inline int mbedtls_ssl_conf_tls13_some_psk_enabled( mbedtls_ssl_context *
|
||||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL ) );
|
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL ) );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_SSL_SRV_C) && defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
|
||||||
/**
|
/**
|
||||||
* Given a list of key exchange modes, check if at least one of them is
|
* Given a list of key exchange modes, check if at least one of them is
|
||||||
* supported.
|
* supported.
|
||||||
|
@ -1815,6 +1821,30 @@ static inline int mbedtls_ssl_tls13_some_psk_enabled( mbedtls_ssl_context *ssl )
|
||||||
return( ! mbedtls_ssl_tls13_check_kex_modes( ssl,
|
return( ! mbedtls_ssl_tls13_check_kex_modes( ssl,
|
||||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL ) );
|
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL ) );
|
||||||
}
|
}
|
||||||
|
#endif /* MBEDTLS_SSL_SRV_C && MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Helper functions to check the selected key exchange mode.
|
||||||
|
*/
|
||||||
|
static inline int mbedtls_ssl_tls13_key_exchange_mode_check(
|
||||||
|
mbedtls_ssl_context *ssl, int kex_mask )
|
||||||
|
{
|
||||||
|
return( ( ssl->handshake->key_exchange_mode & kex_mask ) != 0 );
|
||||||
|
}
|
||||||
|
|
||||||
|
static inline int mbedtls_ssl_tls13_key_exchange_mode_with_psk(
|
||||||
|
mbedtls_ssl_context *ssl )
|
||||||
|
{
|
||||||
|
return( mbedtls_ssl_tls13_key_exchange_mode_check( ssl,
|
||||||
|
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL ) );
|
||||||
|
}
|
||||||
|
|
||||||
|
static inline int mbedtls_ssl_tls13_key_exchange_mode_with_ephemeral(
|
||||||
|
mbedtls_ssl_context *ssl )
|
||||||
|
{
|
||||||
|
return( mbedtls_ssl_tls13_key_exchange_mode_check( ssl,
|
||||||
|
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ALL ) );
|
||||||
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Fetch TLS 1.3 handshake message header
|
* Fetch TLS 1.3 handshake message header
|
||||||
|
|
|
@ -1218,17 +1218,17 @@ static int ssl_tls13_postprocess_server_hello( mbedtls_ssl_context *ssl )
|
||||||
{
|
{
|
||||||
/* Only the pre_shared_key extension was received */
|
/* Only the pre_shared_key extension was received */
|
||||||
case MBEDTLS_SSL_EXT_PRE_SHARED_KEY:
|
case MBEDTLS_SSL_EXT_PRE_SHARED_KEY:
|
||||||
handshake->tls13_kex_modes = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK;
|
handshake->key_exchange_mode = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK;
|
||||||
break;
|
break;
|
||||||
|
|
||||||
/* Only the key_share extension was received */
|
/* Only the key_share extension was received */
|
||||||
case MBEDTLS_SSL_EXT_KEY_SHARE:
|
case MBEDTLS_SSL_EXT_KEY_SHARE:
|
||||||
handshake->tls13_kex_modes = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL;
|
handshake->key_exchange_mode = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL;
|
||||||
break;
|
break;
|
||||||
|
|
||||||
/* Both the pre_shared_key and key_share extensions were received */
|
/* Both the pre_shared_key and key_share extensions were received */
|
||||||
case ( MBEDTLS_SSL_EXT_PRE_SHARED_KEY | MBEDTLS_SSL_EXT_KEY_SHARE ):
|
case ( MBEDTLS_SSL_EXT_PRE_SHARED_KEY | MBEDTLS_SSL_EXT_KEY_SHARE ):
|
||||||
handshake->tls13_kex_modes = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL;
|
handshake->key_exchange_mode = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL;
|
||||||
break;
|
break;
|
||||||
|
|
||||||
/* Neither pre_shared_key nor key_share extension was received */
|
/* Neither pre_shared_key nor key_share extension was received */
|
||||||
|
@ -1477,7 +1477,7 @@ static int ssl_tls13_process_encrypted_extensions( mbedtls_ssl_context *ssl )
|
||||||
buf, buf_len );
|
buf, buf_len );
|
||||||
|
|
||||||
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
|
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
|
||||||
if( mbedtls_ssl_tls13_some_psk_enabled( ssl ) )
|
if( mbedtls_ssl_tls13_key_exchange_mode_with_psk( ssl ) )
|
||||||
mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SERVER_FINISHED );
|
mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SERVER_FINISHED );
|
||||||
else
|
else
|
||||||
mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CERTIFICATE_REQUEST );
|
mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CERTIFICATE_REQUEST );
|
||||||
|
@ -1512,12 +1512,6 @@ static int ssl_tls13_certificate_request_coordinate( mbedtls_ssl_context *ssl )
|
||||||
{
|
{
|
||||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||||
|
|
||||||
if( mbedtls_ssl_tls13_some_psk_enabled( ssl ) )
|
|
||||||
{
|
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 3, ( "<= skip parse certificate request" ) );
|
|
||||||
return( SSL_CERTIFICATE_REQUEST_SKIP );
|
|
||||||
}
|
|
||||||
|
|
||||||
if( ( ret = mbedtls_ssl_read_record( ssl, 0 ) ) != 0 )
|
if( ( ret = mbedtls_ssl_read_record( ssl, 0 ) ) != 0 )
|
||||||
{
|
{
|
||||||
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret );
|
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret );
|
||||||
|
|
|
@ -1237,7 +1237,7 @@ int mbedtls_ssl_tls13_key_schedule_stage_handshake( mbedtls_ssl_context *ssl )
|
||||||
* client_handshake_traffic_secret and server_handshake_traffic_secret
|
* client_handshake_traffic_secret and server_handshake_traffic_secret
|
||||||
* are derived in the handshake secret derivation stage.
|
* are derived in the handshake secret derivation stage.
|
||||||
*/
|
*/
|
||||||
if( mbedtls_ssl_tls13_ephemeral_enabled( ssl ) )
|
if( mbedtls_ssl_tls13_key_exchange_mode_with_ephemeral( ssl ) )
|
||||||
{
|
{
|
||||||
if( mbedtls_ssl_tls13_named_group_is_ecdhe( handshake->offered_group_id ) )
|
if( mbedtls_ssl_tls13_named_group_is_ecdhe( handshake->offered_group_id ) )
|
||||||
{
|
{
|
||||||
|
|
|
@ -397,7 +397,7 @@ static int ssl_tls13_check_ephemeral_key_exchange( mbedtls_ssl_context *ssl )
|
||||||
if( !ssl_tls13_client_hello_has_exts_for_ephemeral_key_exchange( ssl ) )
|
if( !ssl_tls13_client_hello_has_exts_for_ephemeral_key_exchange( ssl ) )
|
||||||
return( 0 );
|
return( 0 );
|
||||||
|
|
||||||
ssl->handshake->tls13_kex_modes =
|
ssl->handshake->key_exchange_mode =
|
||||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL;
|
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL;
|
||||||
return( 1 );
|
return( 1 );
|
||||||
}
|
}
|
||||||
|
@ -1167,7 +1167,7 @@ static int ssl_tls13_write_hrr_key_share_ext( mbedtls_ssl_context *ssl,
|
||||||
* of the HRR is then to transmit a cookie to force the client to demonstrate
|
* of the HRR is then to transmit a cookie to force the client to demonstrate
|
||||||
* reachability at their apparent network address (primarily useful for DTLS).
|
* reachability at their apparent network address (primarily useful for DTLS).
|
||||||
*/
|
*/
|
||||||
if( ! mbedtls_ssl_tls13_some_ephemeral_enabled( ssl ) )
|
if( ! mbedtls_ssl_tls13_key_exchange_mode_with_ephemeral( ssl ) )
|
||||||
return( 0 );
|
return( 0 );
|
||||||
|
|
||||||
/* We should only send the key_share extension if the client's initial
|
/* We should only send the key_share extension if the client's initial
|
||||||
|
@ -1555,7 +1555,7 @@ static int ssl_tls13_write_encrypted_extensions( mbedtls_ssl_context *ssl )
|
||||||
ssl, buf_len, msg_len ) );
|
ssl, buf_len, msg_len ) );
|
||||||
|
|
||||||
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
|
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
|
||||||
if( mbedtls_ssl_tls13_some_psk_enabled( ssl ) )
|
if( mbedtls_ssl_tls13_key_exchange_mode_with_psk( ssl ) )
|
||||||
mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SERVER_FINISHED );
|
mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SERVER_FINISHED );
|
||||||
else
|
else
|
||||||
mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CERTIFICATE_REQUEST );
|
mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CERTIFICATE_REQUEST );
|
||||||
|
|
Loading…
Reference in a new issue