Merge pull request #6170 from yuhaoth/pr/tls13-cleanup-extensions-parser
TLS 1.3: Add extension check for message parsers
This commit is contained in:
commit
aeb8bf2ab0
10 changed files with 1024 additions and 429 deletions
|
@ -106,6 +106,9 @@ static int ssl_write_hostname_ext( mbedtls_ssl_context *ssl,
|
|||
|
||||
*olen = hostname_len + 9;
|
||||
|
||||
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
|
||||
mbedtls_ssl_tls13_set_hs_sent_ext_mask( ssl, MBEDTLS_TLS_EXT_SERVERNAME );
|
||||
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
|
||||
return( 0 );
|
||||
}
|
||||
#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */
|
||||
|
@ -177,6 +180,9 @@ static int ssl_write_alpn_ext( mbedtls_ssl_context *ssl,
|
|||
/* Extension length = *out_len - 2 (ext_type) - 2 (ext_len) */
|
||||
MBEDTLS_PUT_UINT16_BE( *out_len - 4, buf, 2 );
|
||||
|
||||
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
|
||||
mbedtls_ssl_tls13_set_hs_sent_ext_mask( ssl, MBEDTLS_TLS_EXT_ALPN );
|
||||
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
|
||||
return( 0 );
|
||||
}
|
||||
#endif /* MBEDTLS_SSL_ALPN */
|
||||
|
@ -296,7 +302,8 @@ static int ssl_write_supported_groups_ext( mbedtls_ssl_context *ssl,
|
|||
*out_len = p - buf;
|
||||
|
||||
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
|
||||
ssl->handshake->extensions_present |= MBEDTLS_SSL_EXT_SUPPORTED_GROUPS;
|
||||
mbedtls_ssl_tls13_set_hs_sent_ext_mask(
|
||||
ssl, MBEDTLS_TLS_EXT_SUPPORTED_GROUPS );
|
||||
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
|
||||
|
||||
return( 0 );
|
||||
|
@ -557,7 +564,7 @@ static int ssl_write_client_hello_body( mbedtls_ssl_context *ssl,
|
|||
|
||||
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
|
||||
/* Keeping track of the included extensions */
|
||||
handshake->extensions_present = MBEDTLS_SSL_EXT_NONE;
|
||||
handshake->sent_extensions = MBEDTLS_SSL_EXT_MASK_NONE;
|
||||
#endif
|
||||
|
||||
/* First write extensions, then the total length */
|
||||
|
@ -667,6 +674,11 @@ static int ssl_write_client_hello_body( mbedtls_ssl_context *ssl,
|
|||
p_extensions_len, extensions_len );
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
|
||||
MBEDTLS_SSL_PRINT_EXTS(
|
||||
3, MBEDTLS_SSL_HS_CLIENT_HELLO, handshake->sent_extensions );
|
||||
#endif
|
||||
|
||||
*out_len = p - buf;
|
||||
return( 0 );
|
||||
}
|
||||
|
|
|
@ -43,6 +43,32 @@ const char *mbedtls_ssl_sig_alg_to_str( uint16_t in );
|
|||
|
||||
const char *mbedtls_ssl_named_group_to_str( uint16_t in );
|
||||
|
||||
const char *mbedtls_ssl_get_extension_name( unsigned int extension_type );
|
||||
|
||||
void mbedtls_ssl_print_extensions( const mbedtls_ssl_context *ssl,
|
||||
int level, const char *file, int line,
|
||||
int hs_msg_type, uint32_t extensions_mask,
|
||||
const char *extra );
|
||||
|
||||
void mbedtls_ssl_print_extension( const mbedtls_ssl_context *ssl,
|
||||
int level, const char *file, int line,
|
||||
int hs_msg_type, unsigned int extension_type,
|
||||
const char *extra_msg0, const char *extra_msg1 );
|
||||
|
||||
#define MBEDTLS_SSL_PRINT_EXTS( level, hs_msg_type, extensions_mask ) \
|
||||
mbedtls_ssl_print_extensions( ssl, level, __FILE__, __LINE__, \
|
||||
hs_msg_type, extensions_mask, NULL )
|
||||
|
||||
#define MBEDTLS_SSL_PRINT_EXT( level, hs_msg_type, extension_type, extra ) \
|
||||
mbedtls_ssl_print_extension( ssl, level, __FILE__, __LINE__, \
|
||||
hs_msg_type, extension_type, \
|
||||
extra, NULL )
|
||||
#else
|
||||
|
||||
#define MBEDTLS_SSL_PRINT_EXTS( level, hs_msg_type, extension_mask )
|
||||
|
||||
#define MBEDTLS_SSL_PRINT_EXT( level, hs_msg_type, extension_type, extra )
|
||||
|
||||
#endif /* MBEDTLS_DEBUG_C */
|
||||
|
||||
#endif /* SSL_DEBUG_HELPERS_H */
|
||||
#endif /* MBEDTLS_SSL_DEBUG_HELPERS_H */
|
||||
|
|
|
@ -74,34 +74,147 @@
|
|||
#define MBEDTLS_SSL_RENEGOTIATION_DONE 2 /* Done or aborted */
|
||||
#define MBEDTLS_SSL_RENEGOTIATION_PENDING 3 /* Requested (server only) */
|
||||
|
||||
/*
|
||||
* Mask of TLS 1.3 handshake extensions used in extensions_present
|
||||
* of mbedtls_ssl_handshake_params.
|
||||
*/
|
||||
#define MBEDTLS_SSL_EXT_NONE 0
|
||||
/* Faked handshake message identity for HelloRetryRequest. */
|
||||
#define MBEDTLS_SSL_TLS1_3_HS_HELLO_RETRY_REQUEST ( -MBEDTLS_SSL_HS_SERVER_HELLO )
|
||||
|
||||
#define MBEDTLS_SSL_EXT_SERVERNAME ( 1 << 0 )
|
||||
#define MBEDTLS_SSL_EXT_MAX_FRAGMENT_LENGTH ( 1 << 1 )
|
||||
#define MBEDTLS_SSL_EXT_STATUS_REQUEST ( 1 << 2 )
|
||||
#define MBEDTLS_SSL_EXT_SUPPORTED_GROUPS ( 1 << 3 )
|
||||
#define MBEDTLS_SSL_EXT_SIG_ALG ( 1 << 4 )
|
||||
#define MBEDTLS_SSL_EXT_USE_SRTP ( 1 << 5 )
|
||||
#define MBEDTLS_SSL_EXT_HEARTBEAT ( 1 << 6 )
|
||||
#define MBEDTLS_SSL_EXT_ALPN ( 1 << 7 )
|
||||
#define MBEDTLS_SSL_EXT_SCT ( 1 << 8 )
|
||||
#define MBEDTLS_SSL_EXT_CLI_CERT_TYPE ( 1 << 9 )
|
||||
#define MBEDTLS_SSL_EXT_SERV_CERT_TYPE ( 1 << 10 )
|
||||
#define MBEDTLS_SSL_EXT_PADDING ( 1 << 11 )
|
||||
#define MBEDTLS_SSL_EXT_PRE_SHARED_KEY ( 1 << 12 )
|
||||
#define MBEDTLS_SSL_EXT_EARLY_DATA ( 1 << 13 )
|
||||
#define MBEDTLS_SSL_EXT_SUPPORTED_VERSIONS ( 1 << 14 )
|
||||
#define MBEDTLS_SSL_EXT_COOKIE ( 1 << 15 )
|
||||
#define MBEDTLS_SSL_EXT_PSK_KEY_EXCHANGE_MODES ( 1 << 16 )
|
||||
#define MBEDTLS_SSL_EXT_CERT_AUTH ( 1 << 17 )
|
||||
#define MBEDTLS_SSL_EXT_OID_FILTERS ( 1 << 18 )
|
||||
#define MBEDTLS_SSL_EXT_POST_HANDSHAKE_AUTH ( 1 << 19 )
|
||||
#define MBEDTLS_SSL_EXT_SIG_ALG_CERT ( 1 << 20 )
|
||||
#define MBEDTLS_SSL_EXT_KEY_SHARE ( 1 << 21 )
|
||||
/*
|
||||
* Internal identity of handshake extensions
|
||||
*/
|
||||
#define MBEDTLS_SSL_EXT_ID_UNRECOGNIZED 0
|
||||
#define MBEDTLS_SSL_EXT_ID_SERVERNAME 1
|
||||
#define MBEDTLS_SSL_EXT_ID_SERVERNAME_HOSTNAME 1
|
||||
#define MBEDTLS_SSL_EXT_ID_MAX_FRAGMENT_LENGTH 2
|
||||
#define MBEDTLS_SSL_EXT_ID_STATUS_REQUEST 3
|
||||
#define MBEDTLS_SSL_EXT_ID_SUPPORTED_GROUPS 4
|
||||
#define MBEDTLS_SSL_EXT_ID_SUPPORTED_ELLIPTIC_CURVES 4
|
||||
#define MBEDTLS_SSL_EXT_ID_SIG_ALG 5
|
||||
#define MBEDTLS_SSL_EXT_ID_USE_SRTP 6
|
||||
#define MBEDTLS_SSL_EXT_ID_HEARTBEAT 7
|
||||
#define MBEDTLS_SSL_EXT_ID_ALPN 8
|
||||
#define MBEDTLS_SSL_EXT_ID_SCT 9
|
||||
#define MBEDTLS_SSL_EXT_ID_CLI_CERT_TYPE 10
|
||||
#define MBEDTLS_SSL_EXT_ID_SERV_CERT_TYPE 11
|
||||
#define MBEDTLS_SSL_EXT_ID_PADDING 12
|
||||
#define MBEDTLS_SSL_EXT_ID_PRE_SHARED_KEY 13
|
||||
#define MBEDTLS_SSL_EXT_ID_EARLY_DATA 14
|
||||
#define MBEDTLS_SSL_EXT_ID_SUPPORTED_VERSIONS 15
|
||||
#define MBEDTLS_SSL_EXT_ID_COOKIE 16
|
||||
#define MBEDTLS_SSL_EXT_ID_PSK_KEY_EXCHANGE_MODES 17
|
||||
#define MBEDTLS_SSL_EXT_ID_CERT_AUTH 18
|
||||
#define MBEDTLS_SSL_EXT_ID_OID_FILTERS 19
|
||||
#define MBEDTLS_SSL_EXT_ID_POST_HANDSHAKE_AUTH 20
|
||||
#define MBEDTLS_SSL_EXT_ID_SIG_ALG_CERT 21
|
||||
#define MBEDTLS_SSL_EXT_ID_KEY_SHARE 22
|
||||
#define MBEDTLS_SSL_EXT_ID_TRUNCATED_HMAC 23
|
||||
#define MBEDTLS_SSL_EXT_ID_SUPPORTED_POINT_FORMATS 24
|
||||
#define MBEDTLS_SSL_EXT_ID_ENCRYPT_THEN_MAC 25
|
||||
#define MBEDTLS_SSL_EXT_ID_EXTENDED_MASTER_SECRET 26
|
||||
#define MBEDTLS_SSL_EXT_ID_SESSION_TICKET 27
|
||||
|
||||
/* Utility for translating IANA extension type. */
|
||||
uint32_t mbedtls_ssl_get_extension_id( unsigned int extension_type );
|
||||
uint32_t mbedtls_ssl_get_extension_mask( unsigned int extension_type );
|
||||
/* Macros used to define mask constants */
|
||||
#define MBEDTLS_SSL_EXT_MASK( id ) ( 1ULL << ( MBEDTLS_SSL_EXT_ID_##id ) )
|
||||
/* Reset value of extension mask */
|
||||
#define MBEDTLS_SSL_EXT_MASK_NONE 0
|
||||
|
||||
/* In messages containing extension requests, we should ignore unrecognized
|
||||
* extensions. In messages containing extension responses, unrecognized
|
||||
* extensions should result in handshake abortion. Messages containing
|
||||
* extension requests include ClientHello, CertificateRequest and
|
||||
* NewSessionTicket. Messages containing extension responses include
|
||||
* ServerHello, HelloRetryRequest, EncryptedExtensions and Certificate.
|
||||
*
|
||||
* RFC 8446 section 4.1.3
|
||||
*
|
||||
* The ServerHello MUST only include extensions which are required to establish
|
||||
* the cryptographic context and negotiate the protocol version.
|
||||
*
|
||||
* RFC 8446 section 4.2
|
||||
*
|
||||
* If an implementation receives an extension which it recognizes and which is
|
||||
* not specified for the message in which it appears, it MUST abort the handshake
|
||||
* with an "illegal_parameter" alert.
|
||||
*/
|
||||
|
||||
/* Extensions that are not recognized by TLS 1.3 */
|
||||
#define MBEDTLS_SSL_TLS1_3_EXT_MASK_UNRECOGNIZED \
|
||||
( MBEDTLS_SSL_EXT_MASK( SUPPORTED_POINT_FORMATS ) | \
|
||||
MBEDTLS_SSL_EXT_MASK( ENCRYPT_THEN_MAC ) | \
|
||||
MBEDTLS_SSL_EXT_MASK( EXTENDED_MASTER_SECRET ) | \
|
||||
MBEDTLS_SSL_EXT_MASK( SESSION_TICKET ) | \
|
||||
MBEDTLS_SSL_EXT_MASK( TRUNCATED_HMAC ) | \
|
||||
MBEDTLS_SSL_EXT_MASK( UNRECOGNIZED ) )
|
||||
|
||||
/* RFC 8446 section 4.2. Allowed extensions for ClienHello */
|
||||
#define MBEDTLS_SSL_TLS1_3_ALLOWED_EXTS_OF_CH \
|
||||
( MBEDTLS_SSL_EXT_MASK( SERVERNAME ) | \
|
||||
MBEDTLS_SSL_EXT_MASK( MAX_FRAGMENT_LENGTH ) | \
|
||||
MBEDTLS_SSL_EXT_MASK( STATUS_REQUEST ) | \
|
||||
MBEDTLS_SSL_EXT_MASK( SUPPORTED_GROUPS ) | \
|
||||
MBEDTLS_SSL_EXT_MASK( SIG_ALG ) | \
|
||||
MBEDTLS_SSL_EXT_MASK( USE_SRTP ) | \
|
||||
MBEDTLS_SSL_EXT_MASK( HEARTBEAT ) | \
|
||||
MBEDTLS_SSL_EXT_MASK( ALPN ) | \
|
||||
MBEDTLS_SSL_EXT_MASK( SCT ) | \
|
||||
MBEDTLS_SSL_EXT_MASK( CLI_CERT_TYPE ) | \
|
||||
MBEDTLS_SSL_EXT_MASK( SERV_CERT_TYPE ) | \
|
||||
MBEDTLS_SSL_EXT_MASK( PADDING ) | \
|
||||
MBEDTLS_SSL_EXT_MASK( KEY_SHARE ) | \
|
||||
MBEDTLS_SSL_EXT_MASK( PRE_SHARED_KEY ) | \
|
||||
MBEDTLS_SSL_EXT_MASK( PSK_KEY_EXCHANGE_MODES ) | \
|
||||
MBEDTLS_SSL_EXT_MASK( EARLY_DATA ) | \
|
||||
MBEDTLS_SSL_EXT_MASK( COOKIE ) | \
|
||||
MBEDTLS_SSL_EXT_MASK( SUPPORTED_VERSIONS ) | \
|
||||
MBEDTLS_SSL_EXT_MASK( CERT_AUTH ) | \
|
||||
MBEDTLS_SSL_EXT_MASK( POST_HANDSHAKE_AUTH ) | \
|
||||
MBEDTLS_SSL_EXT_MASK( SIG_ALG_CERT ) | \
|
||||
MBEDTLS_SSL_TLS1_3_EXT_MASK_UNRECOGNIZED )
|
||||
|
||||
/* RFC 8446 section 4.2. Allowed extensions for EncryptedExtensions */
|
||||
#define MBEDTLS_SSL_TLS1_3_ALLOWED_EXTS_OF_EE \
|
||||
( MBEDTLS_SSL_EXT_MASK( SERVERNAME ) | \
|
||||
MBEDTLS_SSL_EXT_MASK( MAX_FRAGMENT_LENGTH ) | \
|
||||
MBEDTLS_SSL_EXT_MASK( SUPPORTED_GROUPS ) | \
|
||||
MBEDTLS_SSL_EXT_MASK( USE_SRTP ) | \
|
||||
MBEDTLS_SSL_EXT_MASK( HEARTBEAT ) | \
|
||||
MBEDTLS_SSL_EXT_MASK( ALPN ) | \
|
||||
MBEDTLS_SSL_EXT_MASK( CLI_CERT_TYPE ) | \
|
||||
MBEDTLS_SSL_EXT_MASK( SERV_CERT_TYPE ) | \
|
||||
MBEDTLS_SSL_EXT_MASK( EARLY_DATA ) )
|
||||
|
||||
/* RFC 8446 section 4.2. Allowed extensions for CertificateRequest */
|
||||
#define MBEDTLS_SSL_TLS1_3_ALLOWED_EXTS_OF_CR \
|
||||
( MBEDTLS_SSL_EXT_MASK( STATUS_REQUEST ) | \
|
||||
MBEDTLS_SSL_EXT_MASK( SIG_ALG ) | \
|
||||
MBEDTLS_SSL_EXT_MASK( SCT ) | \
|
||||
MBEDTLS_SSL_EXT_MASK( CERT_AUTH ) | \
|
||||
MBEDTLS_SSL_EXT_MASK( OID_FILTERS ) | \
|
||||
MBEDTLS_SSL_EXT_MASK( SIG_ALG_CERT ) | \
|
||||
MBEDTLS_SSL_TLS1_3_EXT_MASK_UNRECOGNIZED )
|
||||
|
||||
/* RFC 8446 section 4.2. Allowed extensions for Certificate */
|
||||
#define MBEDTLS_SSL_TLS1_3_ALLOWED_EXTS_OF_CT \
|
||||
( MBEDTLS_SSL_EXT_MASK( STATUS_REQUEST ) | \
|
||||
MBEDTLS_SSL_EXT_MASK( SCT ) )
|
||||
|
||||
/* RFC 8446 section 4.2. Allowed extensions for ServerHello */
|
||||
#define MBEDTLS_SSL_TLS1_3_ALLOWED_EXTS_OF_SH \
|
||||
( MBEDTLS_SSL_EXT_MASK( KEY_SHARE ) | \
|
||||
MBEDTLS_SSL_EXT_MASK( PRE_SHARED_KEY ) | \
|
||||
MBEDTLS_SSL_EXT_MASK( SUPPORTED_VERSIONS ) )
|
||||
|
||||
/* RFC 8446 section 4.2. Allowed extensions for HelloRetryRequest */
|
||||
#define MBEDTLS_SSL_TLS1_3_ALLOWED_EXTS_OF_HRR \
|
||||
( MBEDTLS_SSL_EXT_MASK( KEY_SHARE ) | \
|
||||
MBEDTLS_SSL_EXT_MASK( COOKIE ) | \
|
||||
MBEDTLS_SSL_EXT_MASK( SUPPORTED_VERSIONS ) )
|
||||
|
||||
/* RFC 8446 section 4.2. Allowed extensions for NewSessionTicket */
|
||||
#define MBEDTLS_SSL_TLS1_3_ALLOWED_EXTS_OF_NST \
|
||||
( MBEDTLS_SSL_EXT_MASK( EARLY_DATA ) | \
|
||||
MBEDTLS_SSL_TLS1_3_EXT_MASK_UNRECOGNIZED )
|
||||
|
||||
/*
|
||||
* Helper macros for function call with return check.
|
||||
|
@ -858,9 +971,8 @@ struct mbedtls_ssl_handshake_params
|
|||
#endif
|
||||
|
||||
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
|
||||
int extensions_present; /*!< extension presence; Each bitfield
|
||||
represents an extension and defined
|
||||
as \c MBEDTLS_SSL_EXT_XXX */
|
||||
uint32_t sent_extensions; /*!< extensions sent by endpoint */
|
||||
uint32_t received_extensions; /*!< extensions received by endpoint */
|
||||
|
||||
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
|
||||
unsigned char certificate_request_context_len;
|
||||
|
@ -1838,6 +1950,24 @@ static inline int mbedtls_ssl_tls13_some_psk_enabled( mbedtls_ssl_context *ssl )
|
|||
#endif /* MBEDTLS_SSL_SRV_C &&
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED */
|
||||
|
||||
/*
|
||||
* Helper functions for extensions checking.
|
||||
*/
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_tls13_check_received_extension(
|
||||
mbedtls_ssl_context *ssl,
|
||||
int hs_msg_type,
|
||||
unsigned int received_extension_type,
|
||||
uint32_t hs_msg_allowed_extensions_mask );
|
||||
|
||||
static inline void mbedtls_ssl_tls13_set_hs_sent_ext_mask(
|
||||
mbedtls_ssl_context *ssl, unsigned int extension_type )
|
||||
{
|
||||
ssl->handshake->sent_extensions |=
|
||||
mbedtls_ssl_get_extension_mask( extension_type );
|
||||
}
|
||||
|
||||
/*
|
||||
* Helper functions to check the selected key exchange mode.
|
||||
*/
|
||||
|
|
|
@ -521,6 +521,245 @@ static void ssl_clear_peer_cert( mbedtls_ssl_session *session )
|
|||
}
|
||||
#endif /* MBEDTLS_X509_CRT_PARSE_C */
|
||||
|
||||
uint32_t mbedtls_ssl_get_extension_id( unsigned int extension_type )
|
||||
{
|
||||
switch( extension_type )
|
||||
{
|
||||
case MBEDTLS_TLS_EXT_SERVERNAME:
|
||||
return( MBEDTLS_SSL_EXT_ID_SERVERNAME );
|
||||
|
||||
case MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH:
|
||||
return( MBEDTLS_SSL_EXT_ID_MAX_FRAGMENT_LENGTH );
|
||||
|
||||
case MBEDTLS_TLS_EXT_STATUS_REQUEST:
|
||||
return( MBEDTLS_SSL_EXT_ID_STATUS_REQUEST );
|
||||
|
||||
case MBEDTLS_TLS_EXT_SUPPORTED_GROUPS:
|
||||
return( MBEDTLS_SSL_EXT_ID_SUPPORTED_GROUPS );
|
||||
|
||||
case MBEDTLS_TLS_EXT_SIG_ALG:
|
||||
return( MBEDTLS_SSL_EXT_ID_SIG_ALG );
|
||||
|
||||
case MBEDTLS_TLS_EXT_USE_SRTP:
|
||||
return( MBEDTLS_SSL_EXT_ID_USE_SRTP );
|
||||
|
||||
case MBEDTLS_TLS_EXT_HEARTBEAT:
|
||||
return( MBEDTLS_SSL_EXT_ID_HEARTBEAT );
|
||||
|
||||
case MBEDTLS_TLS_EXT_ALPN:
|
||||
return( MBEDTLS_SSL_EXT_ID_ALPN );
|
||||
|
||||
case MBEDTLS_TLS_EXT_SCT:
|
||||
return( MBEDTLS_SSL_EXT_ID_SCT );
|
||||
|
||||
case MBEDTLS_TLS_EXT_CLI_CERT_TYPE:
|
||||
return( MBEDTLS_SSL_EXT_ID_CLI_CERT_TYPE );
|
||||
|
||||
case MBEDTLS_TLS_EXT_SERV_CERT_TYPE:
|
||||
return( MBEDTLS_SSL_EXT_ID_SERV_CERT_TYPE );
|
||||
|
||||
case MBEDTLS_TLS_EXT_PADDING:
|
||||
return( MBEDTLS_SSL_EXT_ID_PADDING );
|
||||
|
||||
case MBEDTLS_TLS_EXT_PRE_SHARED_KEY:
|
||||
return( MBEDTLS_SSL_EXT_ID_PRE_SHARED_KEY );
|
||||
|
||||
case MBEDTLS_TLS_EXT_EARLY_DATA:
|
||||
return( MBEDTLS_SSL_EXT_ID_EARLY_DATA );
|
||||
|
||||
case MBEDTLS_TLS_EXT_SUPPORTED_VERSIONS:
|
||||
return( MBEDTLS_SSL_EXT_ID_SUPPORTED_VERSIONS );
|
||||
|
||||
case MBEDTLS_TLS_EXT_COOKIE:
|
||||
return( MBEDTLS_SSL_EXT_ID_COOKIE );
|
||||
|
||||
case MBEDTLS_TLS_EXT_PSK_KEY_EXCHANGE_MODES:
|
||||
return( MBEDTLS_SSL_EXT_ID_PSK_KEY_EXCHANGE_MODES );
|
||||
|
||||
case MBEDTLS_TLS_EXT_CERT_AUTH:
|
||||
return( MBEDTLS_SSL_EXT_ID_CERT_AUTH );
|
||||
|
||||
case MBEDTLS_TLS_EXT_OID_FILTERS:
|
||||
return( MBEDTLS_SSL_EXT_ID_OID_FILTERS );
|
||||
|
||||
case MBEDTLS_TLS_EXT_POST_HANDSHAKE_AUTH:
|
||||
return( MBEDTLS_SSL_EXT_ID_POST_HANDSHAKE_AUTH );
|
||||
|
||||
case MBEDTLS_TLS_EXT_SIG_ALG_CERT:
|
||||
return( MBEDTLS_SSL_EXT_ID_SIG_ALG_CERT );
|
||||
|
||||
case MBEDTLS_TLS_EXT_KEY_SHARE:
|
||||
return( MBEDTLS_SSL_EXT_ID_KEY_SHARE );
|
||||
|
||||
case MBEDTLS_TLS_EXT_TRUNCATED_HMAC:
|
||||
return( MBEDTLS_SSL_EXT_ID_TRUNCATED_HMAC );
|
||||
|
||||
case MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS:
|
||||
return( MBEDTLS_SSL_EXT_ID_SUPPORTED_POINT_FORMATS );
|
||||
|
||||
case MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC:
|
||||
return( MBEDTLS_SSL_EXT_ID_ENCRYPT_THEN_MAC );
|
||||
|
||||
case MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET:
|
||||
return( MBEDTLS_SSL_EXT_ID_EXTENDED_MASTER_SECRET );
|
||||
|
||||
case MBEDTLS_TLS_EXT_SESSION_TICKET:
|
||||
return( MBEDTLS_SSL_EXT_ID_SESSION_TICKET );
|
||||
|
||||
}
|
||||
|
||||
return( MBEDTLS_SSL_EXT_ID_UNRECOGNIZED );
|
||||
}
|
||||
|
||||
uint32_t mbedtls_ssl_get_extension_mask( unsigned int extension_type )
|
||||
{
|
||||
return( 1 << mbedtls_ssl_get_extension_id( extension_type ) );
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_DEBUG_C)
|
||||
static const char *extension_name_table[] = {
|
||||
[MBEDTLS_SSL_EXT_ID_UNRECOGNIZED] = "unrecognized",
|
||||
[MBEDTLS_SSL_EXT_ID_SERVERNAME] = "server_name",
|
||||
[MBEDTLS_SSL_EXT_ID_MAX_FRAGMENT_LENGTH] = "max_fragment_length",
|
||||
[MBEDTLS_SSL_EXT_ID_STATUS_REQUEST] = "status_request",
|
||||
[MBEDTLS_SSL_EXT_ID_SUPPORTED_GROUPS] = "supported_groups",
|
||||
[MBEDTLS_SSL_EXT_ID_SIG_ALG] = "signature_algorithms",
|
||||
[MBEDTLS_SSL_EXT_ID_USE_SRTP] = "use_srtp",
|
||||
[MBEDTLS_SSL_EXT_ID_HEARTBEAT] = "heartbeat",
|
||||
[MBEDTLS_SSL_EXT_ID_ALPN] = "application_layer_protocol_negotiation",
|
||||
[MBEDTLS_SSL_EXT_ID_SCT] = "signed_certificate_timestamp",
|
||||
[MBEDTLS_SSL_EXT_ID_CLI_CERT_TYPE] = "client_certificate_type",
|
||||
[MBEDTLS_SSL_EXT_ID_SERV_CERT_TYPE] = "server_certificate_type",
|
||||
[MBEDTLS_SSL_EXT_ID_PADDING] = "padding",
|
||||
[MBEDTLS_SSL_EXT_ID_PRE_SHARED_KEY] = "pre_shared_key",
|
||||
[MBEDTLS_SSL_EXT_ID_EARLY_DATA] = "early_data",
|
||||
[MBEDTLS_SSL_EXT_ID_SUPPORTED_VERSIONS] = "supported_versions",
|
||||
[MBEDTLS_SSL_EXT_ID_COOKIE] = "cookie",
|
||||
[MBEDTLS_SSL_EXT_ID_PSK_KEY_EXCHANGE_MODES] = "psk_key_exchange_modes",
|
||||
[MBEDTLS_SSL_EXT_ID_CERT_AUTH] = "certificate_authorities",
|
||||
[MBEDTLS_SSL_EXT_ID_OID_FILTERS] = "oid_filters",
|
||||
[MBEDTLS_SSL_EXT_ID_POST_HANDSHAKE_AUTH] = "post_handshake_auth",
|
||||
[MBEDTLS_SSL_EXT_ID_SIG_ALG_CERT] = "signature_algorithms_cert",
|
||||
[MBEDTLS_SSL_EXT_ID_KEY_SHARE] = "key_share",
|
||||
[MBEDTLS_SSL_EXT_ID_TRUNCATED_HMAC] = "truncated_hmac",
|
||||
[MBEDTLS_SSL_EXT_ID_SUPPORTED_POINT_FORMATS] = "supported_point_formats",
|
||||
[MBEDTLS_SSL_EXT_ID_ENCRYPT_THEN_MAC] = "encrypt_then_mac",
|
||||
[MBEDTLS_SSL_EXT_ID_EXTENDED_MASTER_SECRET] = "extended_master_secret",
|
||||
[MBEDTLS_SSL_EXT_ID_SESSION_TICKET] = "session_ticket"
|
||||
};
|
||||
|
||||
static unsigned int extension_type_table[]={
|
||||
[MBEDTLS_SSL_EXT_ID_UNRECOGNIZED] = 0xff,
|
||||
[MBEDTLS_SSL_EXT_ID_SERVERNAME] = MBEDTLS_TLS_EXT_SERVERNAME,
|
||||
[MBEDTLS_SSL_EXT_ID_MAX_FRAGMENT_LENGTH] = MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH,
|
||||
[MBEDTLS_SSL_EXT_ID_STATUS_REQUEST] = MBEDTLS_TLS_EXT_STATUS_REQUEST,
|
||||
[MBEDTLS_SSL_EXT_ID_SUPPORTED_GROUPS] = MBEDTLS_TLS_EXT_SUPPORTED_GROUPS,
|
||||
[MBEDTLS_SSL_EXT_ID_SIG_ALG] = MBEDTLS_TLS_EXT_SIG_ALG,
|
||||
[MBEDTLS_SSL_EXT_ID_USE_SRTP] = MBEDTLS_TLS_EXT_USE_SRTP,
|
||||
[MBEDTLS_SSL_EXT_ID_HEARTBEAT] = MBEDTLS_TLS_EXT_HEARTBEAT,
|
||||
[MBEDTLS_SSL_EXT_ID_ALPN] = MBEDTLS_TLS_EXT_ALPN,
|
||||
[MBEDTLS_SSL_EXT_ID_SCT] = MBEDTLS_TLS_EXT_SCT,
|
||||
[MBEDTLS_SSL_EXT_ID_CLI_CERT_TYPE] = MBEDTLS_TLS_EXT_CLI_CERT_TYPE,
|
||||
[MBEDTLS_SSL_EXT_ID_SERV_CERT_TYPE] = MBEDTLS_TLS_EXT_SERV_CERT_TYPE,
|
||||
[MBEDTLS_SSL_EXT_ID_PADDING] = MBEDTLS_TLS_EXT_PADDING,
|
||||
[MBEDTLS_SSL_EXT_ID_PRE_SHARED_KEY] = MBEDTLS_TLS_EXT_PRE_SHARED_KEY,
|
||||
[MBEDTLS_SSL_EXT_ID_EARLY_DATA] = MBEDTLS_TLS_EXT_EARLY_DATA,
|
||||
[MBEDTLS_SSL_EXT_ID_SUPPORTED_VERSIONS] = MBEDTLS_TLS_EXT_SUPPORTED_VERSIONS,
|
||||
[MBEDTLS_SSL_EXT_ID_COOKIE] = MBEDTLS_TLS_EXT_COOKIE,
|
||||
[MBEDTLS_SSL_EXT_ID_PSK_KEY_EXCHANGE_MODES] = MBEDTLS_TLS_EXT_PSK_KEY_EXCHANGE_MODES,
|
||||
[MBEDTLS_SSL_EXT_ID_CERT_AUTH] = MBEDTLS_TLS_EXT_CERT_AUTH,
|
||||
[MBEDTLS_SSL_EXT_ID_OID_FILTERS] = MBEDTLS_TLS_EXT_OID_FILTERS,
|
||||
[MBEDTLS_SSL_EXT_ID_POST_HANDSHAKE_AUTH] = MBEDTLS_TLS_EXT_POST_HANDSHAKE_AUTH,
|
||||
[MBEDTLS_SSL_EXT_ID_SIG_ALG_CERT] = MBEDTLS_TLS_EXT_SIG_ALG_CERT,
|
||||
[MBEDTLS_SSL_EXT_ID_KEY_SHARE] = MBEDTLS_TLS_EXT_KEY_SHARE,
|
||||
[MBEDTLS_SSL_EXT_ID_TRUNCATED_HMAC] = MBEDTLS_TLS_EXT_TRUNCATED_HMAC,
|
||||
[MBEDTLS_SSL_EXT_ID_SUPPORTED_POINT_FORMATS] = MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS,
|
||||
[MBEDTLS_SSL_EXT_ID_ENCRYPT_THEN_MAC] = MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC,
|
||||
[MBEDTLS_SSL_EXT_ID_EXTENDED_MASTER_SECRET] = MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET,
|
||||
[MBEDTLS_SSL_EXT_ID_SESSION_TICKET] = MBEDTLS_TLS_EXT_SESSION_TICKET
|
||||
};
|
||||
|
||||
const char *mbedtls_ssl_get_extension_name( unsigned int extension_type )
|
||||
{
|
||||
return( extension_name_table[
|
||||
mbedtls_ssl_get_extension_id( extension_type ) ] );
|
||||
}
|
||||
|
||||
static const char *ssl_tls13_get_hs_msg_name( int hs_msg_type )
|
||||
{
|
||||
switch( hs_msg_type )
|
||||
{
|
||||
case MBEDTLS_SSL_HS_CLIENT_HELLO:
|
||||
return( "ClientHello" );
|
||||
case MBEDTLS_SSL_HS_SERVER_HELLO:
|
||||
return( "ServerHello" );
|
||||
case MBEDTLS_SSL_TLS1_3_HS_HELLO_RETRY_REQUEST:
|
||||
return( "HelloRetryRequest" );
|
||||
case MBEDTLS_SSL_HS_NEW_SESSION_TICKET:
|
||||
return( "NewSessionTicket" );
|
||||
case MBEDTLS_SSL_HS_ENCRYPTED_EXTENSIONS:
|
||||
return( "EncryptedExtensions" );
|
||||
case MBEDTLS_SSL_HS_CERTIFICATE:
|
||||
return( "Certificate" );
|
||||
case MBEDTLS_SSL_HS_CERTIFICATE_REQUEST:
|
||||
return( "CertificateRequest" );
|
||||
}
|
||||
return( "Unknown" );
|
||||
}
|
||||
|
||||
void mbedtls_ssl_print_extension( const mbedtls_ssl_context *ssl,
|
||||
int level, const char *file, int line,
|
||||
int hs_msg_type, unsigned int extension_type,
|
||||
const char *extra_msg0, const char *extra_msg1 )
|
||||
{
|
||||
const char *extra_msg;
|
||||
if( extra_msg0 && extra_msg1 )
|
||||
{
|
||||
mbedtls_debug_print_msg(
|
||||
ssl, level, file, line,
|
||||
"%s: %s(%u) extension %s %s.",
|
||||
ssl_tls13_get_hs_msg_name( hs_msg_type ),
|
||||
mbedtls_ssl_get_extension_name( extension_type ),
|
||||
extension_type,
|
||||
extra_msg0, extra_msg1 );
|
||||
return;
|
||||
}
|
||||
|
||||
extra_msg = extra_msg0 ? extra_msg0 : extra_msg1;
|
||||
if( extra_msg )
|
||||
{
|
||||
mbedtls_debug_print_msg(
|
||||
ssl, level, file, line,
|
||||
"%s: %s(%u) extension %s.", ssl_tls13_get_hs_msg_name( hs_msg_type ),
|
||||
mbedtls_ssl_get_extension_name( extension_type ), extension_type,
|
||||
extra_msg );
|
||||
return;
|
||||
}
|
||||
|
||||
mbedtls_debug_print_msg(
|
||||
ssl, level, file, line,
|
||||
"%s: %s(%u) extension.", ssl_tls13_get_hs_msg_name( hs_msg_type ),
|
||||
mbedtls_ssl_get_extension_name( extension_type ), extension_type );
|
||||
}
|
||||
|
||||
void mbedtls_ssl_print_extensions( const mbedtls_ssl_context *ssl,
|
||||
int level, const char *file, int line,
|
||||
int hs_msg_type, uint32_t extensions_mask,
|
||||
const char *extra )
|
||||
{
|
||||
|
||||
for( unsigned i = 0;
|
||||
i < sizeof( extension_name_table ) / sizeof( extension_name_table[0] );
|
||||
i++ )
|
||||
{
|
||||
mbedtls_ssl_print_extension(
|
||||
ssl, level, file, line, hs_msg_type, extension_type_table[i],
|
||||
extensions_mask & ( 1 << i ) ? "exists" : "does not exist", extra );
|
||||
}
|
||||
}
|
||||
|
||||
#endif /* MBEDTLS_DEBUG_C */
|
||||
|
||||
void mbedtls_ssl_optimize_checksum( mbedtls_ssl_context *ssl,
|
||||
const mbedtls_ssl_ciphersuite_t *ciphersuite_info )
|
||||
{
|
||||
|
@ -8744,8 +8983,9 @@ int mbedtls_ssl_write_sig_alg_ext( mbedtls_ssl_context *ssl, unsigned char *buf,
|
|||
*out_len = p - buf;
|
||||
|
||||
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
|
||||
ssl->handshake->extensions_present |= MBEDTLS_SSL_EXT_SIG_ALG;
|
||||
mbedtls_ssl_tls13_set_hs_sent_ext_mask( ssl, MBEDTLS_TLS_EXT_SIG_ALG );
|
||||
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
|
||||
|
@ -8944,6 +9184,11 @@ int mbedtls_ssl_write_alpn_ext( mbedtls_ssl_context *ssl,
|
|||
p[6] = MBEDTLS_BYTE_0( protocol_name_len );
|
||||
|
||||
memcpy( p + 7, ssl->alpn_chosen, protocol_name_len );
|
||||
|
||||
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
|
||||
mbedtls_ssl_tls13_set_hs_sent_ext_mask( ssl, MBEDTLS_TLS_EXT_ALPN );
|
||||
#endif
|
||||
|
||||
return ( 0 );
|
||||
}
|
||||
#endif /* MBEDTLS_SSL_ALPN */
|
||||
|
|
|
@ -32,6 +32,7 @@
|
|||
#include "ssl_misc.h"
|
||||
#include "ssl_client.h"
|
||||
#include "ssl_tls13_keys.h"
|
||||
#include "ssl_debug_helpers.h"
|
||||
|
||||
/* Write extensions */
|
||||
|
||||
|
@ -89,6 +90,9 @@ static int ssl_tls13_write_supported_versions_ext( mbedtls_ssl_context *ssl,
|
|||
|
||||
*out_len = 5 + versions_len;
|
||||
|
||||
mbedtls_ssl_tls13_set_hs_sent_ext_mask(
|
||||
ssl, MBEDTLS_TLS_EXT_SUPPORTED_VERSIONS );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
|
@ -359,7 +363,7 @@ static int ssl_tls13_write_key_share_ext( mbedtls_ssl_context *ssl,
|
|||
|
||||
MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, key_share extension", buf, *out_len );
|
||||
|
||||
ssl->handshake->extensions_present |= MBEDTLS_SSL_EXT_KEY_SHARE;
|
||||
mbedtls_ssl_tls13_set_hs_sent_ext_mask( ssl, MBEDTLS_TLS_EXT_KEY_SHARE );
|
||||
|
||||
cleanup:
|
||||
|
||||
|
@ -512,7 +516,6 @@ static int ssl_tls13_parse_key_share_ext( mbedtls_ssl_context *ssl,
|
|||
else
|
||||
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
|
||||
|
||||
ssl->handshake->extensions_present |= MBEDTLS_SSL_EXT_KEY_SHARE;
|
||||
return( ret );
|
||||
}
|
||||
|
||||
|
@ -600,6 +603,8 @@ static int ssl_tls13_write_cookie_ext( mbedtls_ssl_context *ssl,
|
|||
|
||||
*out_len = handshake->hrr_cookie_len + 6;
|
||||
|
||||
mbedtls_ssl_tls13_set_hs_sent_ext_mask( ssl, MBEDTLS_TLS_EXT_COOKIE );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
|
@ -669,7 +674,10 @@ static int ssl_tls13_write_psk_key_exchange_modes_ext( mbedtls_ssl_context *ssl,
|
|||
buf[4] = ke_modes_len;
|
||||
|
||||
*out_len = p - buf;
|
||||
ssl->handshake->extensions_present |= MBEDTLS_SSL_EXT_PSK_KEY_EXCHANGE_MODES;
|
||||
|
||||
mbedtls_ssl_tls13_set_hs_sent_ext_mask(
|
||||
ssl, MBEDTLS_TLS_EXT_PSK_KEY_EXCHANGE_MODES );
|
||||
|
||||
return ( 0 );
|
||||
}
|
||||
|
||||
|
@ -981,8 +989,6 @@ int mbedtls_ssl_tls13_write_identities_of_pre_shared_key_ext(
|
|||
|
||||
MBEDTLS_SSL_DEBUG_BUF( 3, "pre_shared_key identities", buf, p - buf );
|
||||
|
||||
ssl->handshake->extensions_present |= MBEDTLS_SSL_EXT_PRE_SHARED_KEY;
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
|
@ -1037,6 +1043,9 @@ int mbedtls_ssl_tls13_write_binders_of_pre_shared_key_ext(
|
|||
|
||||
MBEDTLS_SSL_DEBUG_BUF( 3, "pre_shared_key binders", buf, p - buf );
|
||||
|
||||
mbedtls_ssl_tls13_set_hs_sent_ext_mask(
|
||||
ssl, MBEDTLS_TLS_EXT_PRE_SHARED_KEY );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
|
@ -1109,8 +1118,6 @@ static int ssl_tls13_parse_server_pre_shared_key_ext( mbedtls_ssl_context *ssl,
|
|||
return( ret );
|
||||
}
|
||||
|
||||
ssl->handshake->extensions_present |= MBEDTLS_SSL_EXT_PRE_SHARED_KEY;
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
#endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED */
|
||||
|
@ -1388,7 +1395,7 @@ static int ssl_tls13_preprocess_server_hello( mbedtls_ssl_context *ssl,
|
|||
ssl->session_negotiate->tls_version = ssl->tls_version;
|
||||
#endif /* MBEDTLS_SSL_SESSION_TICKETS */
|
||||
|
||||
handshake->extensions_present = MBEDTLS_SSL_EXT_NONE;
|
||||
handshake->received_extensions = MBEDTLS_SSL_EXT_MASK_NONE;
|
||||
|
||||
ret = ssl_server_hello_is_hrr( ssl, buf, end );
|
||||
switch( ret )
|
||||
|
@ -1498,6 +1505,9 @@ static int ssl_tls13_parse_server_hello( mbedtls_ssl_context *ssl,
|
|||
uint16_t cipher_suite;
|
||||
const mbedtls_ssl_ciphersuite_t *ciphersuite_info;
|
||||
int fatal_alert = 0;
|
||||
uint32_t allowed_extensions_mask;
|
||||
int hs_msg_type = is_hrr ? MBEDTLS_SSL_TLS1_3_HS_HELLO_RETRY_REQUEST :
|
||||
MBEDTLS_SSL_HS_SERVER_HELLO;
|
||||
|
||||
/*
|
||||
* Check there is space for minimal fields
|
||||
|
@ -1640,6 +1650,11 @@ static int ssl_tls13_parse_server_hello( mbedtls_ssl_context *ssl,
|
|||
|
||||
MBEDTLS_SSL_DEBUG_BUF( 3, "server hello extensions", p, extensions_len );
|
||||
|
||||
handshake->received_extensions = MBEDTLS_SSL_EXT_MASK_NONE;
|
||||
allowed_extensions_mask = is_hrr ?
|
||||
MBEDTLS_SSL_TLS1_3_ALLOWED_EXTS_OF_HRR :
|
||||
MBEDTLS_SSL_TLS1_3_ALLOWED_EXTS_OF_SH;
|
||||
|
||||
while( p < extensions_end )
|
||||
{
|
||||
unsigned int extension_type;
|
||||
|
@ -1654,16 +1669,15 @@ static int ssl_tls13_parse_server_hello( mbedtls_ssl_context *ssl,
|
|||
MBEDTLS_SSL_CHK_BUF_READ_PTR( p, extensions_end, extension_data_len );
|
||||
extension_data_end = p + extension_data_len;
|
||||
|
||||
ret = mbedtls_ssl_tls13_check_received_extension(
|
||||
ssl, hs_msg_type, extension_type, allowed_extensions_mask );
|
||||
if( ret != 0 )
|
||||
return( ret );
|
||||
|
||||
switch( extension_type )
|
||||
{
|
||||
case MBEDTLS_TLS_EXT_COOKIE:
|
||||
|
||||
if( !is_hrr )
|
||||
{
|
||||
fatal_alert = MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT;
|
||||
goto cleanup;
|
||||
}
|
||||
|
||||
ret = ssl_tls13_parse_cookie_ext( ssl,
|
||||
p, extension_data_end );
|
||||
if( ret != 0 )
|
||||
|
@ -1686,11 +1700,6 @@ static int ssl_tls13_parse_server_hello( mbedtls_ssl_context *ssl,
|
|||
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED)
|
||||
case MBEDTLS_TLS_EXT_PRE_SHARED_KEY:
|
||||
MBEDTLS_SSL_DEBUG_MSG( 3, ( "found pre_shared_key extension" ) );
|
||||
if( is_hrr )
|
||||
{
|
||||
fatal_alert = MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT;
|
||||
goto cleanup;
|
||||
}
|
||||
|
||||
if( ( ret = ssl_tls13_parse_server_pre_shared_key_ext(
|
||||
ssl, p, extension_data_end ) ) != 0 )
|
||||
|
@ -1726,18 +1735,15 @@ static int ssl_tls13_parse_server_hello( mbedtls_ssl_context *ssl,
|
|||
break;
|
||||
|
||||
default:
|
||||
MBEDTLS_SSL_DEBUG_MSG(
|
||||
3,
|
||||
( "unknown extension found: %u ( ignoring )",
|
||||
extension_type ) );
|
||||
|
||||
fatal_alert = MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT;
|
||||
ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR;
|
||||
goto cleanup;
|
||||
}
|
||||
|
||||
p += extension_data_len;
|
||||
}
|
||||
|
||||
MBEDTLS_SSL_PRINT_EXTS( 3, hs_msg_type, handshake->received_extensions );
|
||||
|
||||
cleanup:
|
||||
|
||||
if( fatal_alert == MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT )
|
||||
|
@ -1786,21 +1792,21 @@ static int ssl_tls13_postprocess_server_hello( mbedtls_ssl_context *ssl )
|
|||
* 3) If only the key_share extension was received then the key
|
||||
* exchange mode is EPHEMERAL-only.
|
||||
*/
|
||||
switch( handshake->extensions_present &
|
||||
( MBEDTLS_SSL_EXT_PRE_SHARED_KEY | MBEDTLS_SSL_EXT_KEY_SHARE ) )
|
||||
switch( handshake->received_extensions &
|
||||
( MBEDTLS_SSL_EXT_MASK( PRE_SHARED_KEY ) | MBEDTLS_SSL_EXT_MASK( KEY_SHARE ) ) )
|
||||
{
|
||||
/* Only the pre_shared_key extension was received */
|
||||
case MBEDTLS_SSL_EXT_PRE_SHARED_KEY:
|
||||
case MBEDTLS_SSL_EXT_MASK( PRE_SHARED_KEY ):
|
||||
handshake->key_exchange_mode = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK;
|
||||
break;
|
||||
|
||||
/* Only the key_share extension was received */
|
||||
case MBEDTLS_SSL_EXT_KEY_SHARE:
|
||||
case MBEDTLS_SSL_EXT_MASK( KEY_SHARE ):
|
||||
handshake->key_exchange_mode = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL;
|
||||
break;
|
||||
|
||||
/* Both the pre_shared_key and key_share extensions were received */
|
||||
case ( MBEDTLS_SSL_EXT_PRE_SHARED_KEY | MBEDTLS_SSL_EXT_KEY_SHARE ):
|
||||
case ( MBEDTLS_SSL_EXT_MASK( PRE_SHARED_KEY ) | MBEDTLS_SSL_EXT_MASK( KEY_SHARE ) ):
|
||||
handshake->key_exchange_mode = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL;
|
||||
break;
|
||||
|
||||
|
@ -1969,6 +1975,7 @@ static int ssl_tls13_parse_encrypted_extensions( mbedtls_ssl_context *ssl,
|
|||
size_t extensions_len;
|
||||
const unsigned char *p = buf;
|
||||
const unsigned char *extensions_end;
|
||||
mbedtls_ssl_handshake_params *handshake = ssl->handshake;
|
||||
|
||||
MBEDTLS_SSL_CHK_BUF_READ_PTR( p, end, 2 );
|
||||
extensions_len = MBEDTLS_GET_UINT16_BE( p, 0 );
|
||||
|
@ -1978,6 +1985,8 @@ static int ssl_tls13_parse_encrypted_extensions( mbedtls_ssl_context *ssl,
|
|||
MBEDTLS_SSL_CHK_BUF_READ_PTR( p, end, extensions_len );
|
||||
extensions_end = p + extensions_len;
|
||||
|
||||
handshake->received_extensions = MBEDTLS_SSL_EXT_MASK_NONE;
|
||||
|
||||
while( p < extensions_end )
|
||||
{
|
||||
unsigned int extension_type;
|
||||
|
@ -1996,22 +2005,14 @@ static int ssl_tls13_parse_encrypted_extensions( mbedtls_ssl_context *ssl,
|
|||
|
||||
MBEDTLS_SSL_CHK_BUF_READ_PTR( p, extensions_end, extension_data_len );
|
||||
|
||||
/* The client MUST check EncryptedExtensions for the
|
||||
* presence of any forbidden extensions and if any are found MUST abort
|
||||
* the handshake with an "unsupported_extension" alert.
|
||||
*/
|
||||
ret = mbedtls_ssl_tls13_check_received_extension(
|
||||
ssl, MBEDTLS_SSL_HS_ENCRYPTED_EXTENSIONS, extension_type,
|
||||
MBEDTLS_SSL_TLS1_3_ALLOWED_EXTS_OF_EE );
|
||||
if( ret != 0 )
|
||||
return( ret );
|
||||
|
||||
switch( extension_type )
|
||||
{
|
||||
case MBEDTLS_TLS_EXT_SERVERNAME:
|
||||
MBEDTLS_SSL_DEBUG_MSG( 3, ( "found server_name extension" ) );
|
||||
|
||||
/* The server_name extension should be an empty extension */
|
||||
|
||||
break;
|
||||
case MBEDTLS_TLS_EXT_SUPPORTED_GROUPS:
|
||||
MBEDTLS_SSL_DEBUG_MSG( 3, ( "found extensions supported groups" ) );
|
||||
break;
|
||||
|
||||
#if defined(MBEDTLS_SSL_ALPN)
|
||||
case MBEDTLS_TLS_EXT_ALPN:
|
||||
MBEDTLS_SSL_DEBUG_MSG( 3, ( "found alpn extension" ) );
|
||||
|
@ -2024,17 +2025,18 @@ static int ssl_tls13_parse_encrypted_extensions( mbedtls_ssl_context *ssl,
|
|||
break;
|
||||
#endif /* MBEDTLS_SSL_ALPN */
|
||||
default:
|
||||
MBEDTLS_SSL_DEBUG_MSG(
|
||||
3, ( "unsupported extension found: %u ", extension_type) );
|
||||
MBEDTLS_SSL_PEND_FATAL_ALERT(
|
||||
MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT,
|
||||
MBEDTLS_ERR_SSL_UNSUPPORTED_EXTENSION );
|
||||
return ( MBEDTLS_ERR_SSL_UNSUPPORTED_EXTENSION );
|
||||
MBEDTLS_SSL_PRINT_EXT(
|
||||
3, MBEDTLS_SSL_HS_ENCRYPTED_EXTENSIONS,
|
||||
extension_type, "( ignored )" );
|
||||
break;
|
||||
}
|
||||
|
||||
p += extension_data_len;
|
||||
}
|
||||
|
||||
MBEDTLS_SSL_PRINT_EXTS( 3, MBEDTLS_SSL_HS_ENCRYPTED_EXTENSIONS,
|
||||
handshake->received_extensions );
|
||||
|
||||
/* Check that we consumed all the message. */
|
||||
if( p != end )
|
||||
{
|
||||
|
@ -2140,7 +2142,7 @@ static int ssl_tls13_parse_certificate_request( mbedtls_ssl_context *ssl,
|
|||
size_t certificate_request_context_len = 0;
|
||||
size_t extensions_len = 0;
|
||||
const unsigned char *extensions_end;
|
||||
unsigned char sig_alg_ext_found = 0;
|
||||
mbedtls_ssl_handshake_params *handshake = ssl->handshake;
|
||||
|
||||
/* ...
|
||||
* opaque certificate_request_context<0..2^8-1>
|
||||
|
@ -2156,7 +2158,6 @@ static int ssl_tls13_parse_certificate_request( mbedtls_ssl_context *ssl,
|
|||
MBEDTLS_SSL_DEBUG_BUF( 3, "Certificate Request Context",
|
||||
p, certificate_request_context_len );
|
||||
|
||||
mbedtls_ssl_handshake_params *handshake = ssl->handshake;
|
||||
handshake->certificate_request_context =
|
||||
mbedtls_calloc( 1, certificate_request_context_len );
|
||||
if( handshake->certificate_request_context == NULL )
|
||||
|
@ -2180,6 +2181,8 @@ static int ssl_tls13_parse_certificate_request( mbedtls_ssl_context *ssl,
|
|||
MBEDTLS_SSL_CHK_BUF_READ_PTR( p, end, extensions_len );
|
||||
extensions_end = p + extensions_len;
|
||||
|
||||
handshake->received_extensions = MBEDTLS_SSL_EXT_MASK_NONE;
|
||||
|
||||
while( p < extensions_end )
|
||||
{
|
||||
unsigned int extension_type;
|
||||
|
@ -2192,6 +2195,12 @@ static int ssl_tls13_parse_certificate_request( mbedtls_ssl_context *ssl,
|
|||
|
||||
MBEDTLS_SSL_CHK_BUF_READ_PTR( p, extensions_end, extension_data_len );
|
||||
|
||||
ret = mbedtls_ssl_tls13_check_received_extension(
|
||||
ssl, MBEDTLS_SSL_HS_CERTIFICATE_REQUEST, extension_type,
|
||||
MBEDTLS_SSL_TLS1_3_ALLOWED_EXTS_OF_CR );
|
||||
if( ret != 0 )
|
||||
return( ret );
|
||||
|
||||
switch( extension_type )
|
||||
{
|
||||
case MBEDTLS_TLS_EXT_SIG_ALG:
|
||||
|
@ -2201,25 +2210,22 @@ static int ssl_tls13_parse_certificate_request( mbedtls_ssl_context *ssl,
|
|||
p + extension_data_len );
|
||||
if( ret != 0 )
|
||||
return( ret );
|
||||
if( ! sig_alg_ext_found )
|
||||
sig_alg_ext_found = 1;
|
||||
else
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 3,
|
||||
( "Duplicate signature algorithms extensions found" ) );
|
||||
goto decode_error;
|
||||
}
|
||||
|
||||
break;
|
||||
|
||||
default:
|
||||
MBEDTLS_SSL_DEBUG_MSG(
|
||||
3,
|
||||
( "unknown extension found: %u ( ignoring )",
|
||||
extension_type ) );
|
||||
MBEDTLS_SSL_PRINT_EXT(
|
||||
3, MBEDTLS_SSL_HS_CERTIFICATE_REQUEST,
|
||||
extension_type, "( ignored )" );
|
||||
break;
|
||||
}
|
||||
|
||||
p += extension_data_len;
|
||||
}
|
||||
|
||||
MBEDTLS_SSL_PRINT_EXTS( 3, MBEDTLS_SSL_HS_CERTIFICATE_REQUEST,
|
||||
handshake->received_extensions );
|
||||
|
||||
/* Check that we consumed all the message. */
|
||||
if( p != end )
|
||||
{
|
||||
|
@ -2227,8 +2233,12 @@ static int ssl_tls13_parse_certificate_request( mbedtls_ssl_context *ssl,
|
|||
( "CertificateRequest misaligned" ) );
|
||||
goto decode_error;
|
||||
}
|
||||
/* Check that we found signature algorithms extension */
|
||||
if( ! sig_alg_ext_found )
|
||||
|
||||
/* RFC 8446 section 4.3.2
|
||||
*
|
||||
* The "signature_algorithms" extension MUST be specified
|
||||
*/
|
||||
if( ( handshake->received_extensions & MBEDTLS_SSL_EXT_MASK( SIG_ALG ) ) == 0 )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 3,
|
||||
( "no signature algorithms extension found" ) );
|
||||
|
@ -2468,14 +2478,17 @@ static int ssl_tls13_parse_new_session_ticket_exts( mbedtls_ssl_context *ssl,
|
|||
const unsigned char *buf,
|
||||
const unsigned char *end )
|
||||
{
|
||||
mbedtls_ssl_handshake_params *handshake = ssl->handshake;
|
||||
const unsigned char *p = buf;
|
||||
|
||||
((void) ssl);
|
||||
|
||||
handshake->received_extensions = MBEDTLS_SSL_EXT_MASK_NONE;
|
||||
|
||||
while( p < end )
|
||||
{
|
||||
unsigned int extension_type;
|
||||
size_t extension_data_len;
|
||||
int ret;
|
||||
|
||||
MBEDTLS_SSL_CHK_BUF_READ_PTR( p, end, 4 );
|
||||
extension_type = MBEDTLS_GET_UINT16_BE( p, 0 );
|
||||
|
@ -2484,18 +2497,27 @@ static int ssl_tls13_parse_new_session_ticket_exts( mbedtls_ssl_context *ssl,
|
|||
|
||||
MBEDTLS_SSL_CHK_BUF_READ_PTR( p, end, extension_data_len );
|
||||
|
||||
ret = mbedtls_ssl_tls13_check_received_extension(
|
||||
ssl, MBEDTLS_SSL_HS_NEW_SESSION_TICKET, extension_type,
|
||||
MBEDTLS_SSL_TLS1_3_ALLOWED_EXTS_OF_NST );
|
||||
if( ret != 0 )
|
||||
return( ret );
|
||||
|
||||
switch( extension_type )
|
||||
{
|
||||
case MBEDTLS_TLS_EXT_EARLY_DATA:
|
||||
MBEDTLS_SSL_DEBUG_MSG( 4, ( "early_data extension received" ) );
|
||||
break;
|
||||
|
||||
default:
|
||||
MBEDTLS_SSL_PRINT_EXT(
|
||||
3, MBEDTLS_SSL_HS_NEW_SESSION_TICKET,
|
||||
extension_type, "( ignored )" );
|
||||
break;
|
||||
}
|
||||
|
||||
p += extension_data_len;
|
||||
}
|
||||
|
||||
MBEDTLS_SSL_PRINT_EXTS( 3, MBEDTLS_SSL_HS_NEW_SESSION_TICKET,
|
||||
handshake->received_extensions );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
|
|
|
@ -398,6 +398,7 @@ int mbedtls_ssl_tls13_parse_certificate( mbedtls_ssl_context *ssl,
|
|||
size_t certificate_list_len = 0;
|
||||
const unsigned char *p = buf;
|
||||
const unsigned char *certificate_list_end;
|
||||
mbedtls_ssl_handshake_params *handshake = ssl->handshake;
|
||||
|
||||
MBEDTLS_SSL_CHK_BUF_READ_PTR( p, end, 4 );
|
||||
certificate_request_context_len = p[0];
|
||||
|
@ -447,6 +448,7 @@ int mbedtls_ssl_tls13_parse_certificate( mbedtls_ssl_context *ssl,
|
|||
while( p < certificate_list_end )
|
||||
{
|
||||
size_t cert_data_len, extensions_len;
|
||||
const unsigned char *extensions_end;
|
||||
|
||||
MBEDTLS_SSL_CHK_BUF_READ_PTR( p, certificate_list_end, 3 );
|
||||
cert_data_len = MBEDTLS_GET_UINT24_BE( p, 0 );
|
||||
|
@ -504,7 +506,48 @@ int mbedtls_ssl_tls13_parse_certificate( mbedtls_ssl_context *ssl,
|
|||
extensions_len = MBEDTLS_GET_UINT16_BE( p, 0 );
|
||||
p += 2;
|
||||
MBEDTLS_SSL_CHK_BUF_READ_PTR( p, certificate_list_end, extensions_len );
|
||||
p += extensions_len;
|
||||
|
||||
extensions_end = p + extensions_len;
|
||||
handshake->received_extensions = MBEDTLS_SSL_EXT_MASK_NONE;
|
||||
|
||||
while( p < extensions_end )
|
||||
{
|
||||
unsigned int extension_type;
|
||||
size_t extension_data_len;
|
||||
|
||||
/*
|
||||
* struct {
|
||||
* ExtensionType extension_type; (2 bytes)
|
||||
* opaque extension_data<0..2^16-1>;
|
||||
* } Extension;
|
||||
*/
|
||||
MBEDTLS_SSL_CHK_BUF_READ_PTR( p, extensions_end, 4 );
|
||||
extension_type = MBEDTLS_GET_UINT16_BE( p, 0 );
|
||||
extension_data_len = MBEDTLS_GET_UINT16_BE( p, 2 );
|
||||
p += 4;
|
||||
|
||||
MBEDTLS_SSL_CHK_BUF_READ_PTR( p, extensions_end, extension_data_len );
|
||||
|
||||
ret = mbedtls_ssl_tls13_check_received_extension(
|
||||
ssl, MBEDTLS_SSL_HS_CERTIFICATE, extension_type,
|
||||
MBEDTLS_SSL_TLS1_3_ALLOWED_EXTS_OF_CT );
|
||||
if( ret != 0 )
|
||||
return( ret );
|
||||
|
||||
switch( extension_type )
|
||||
{
|
||||
default:
|
||||
MBEDTLS_SSL_PRINT_EXT(
|
||||
3, MBEDTLS_SSL_HS_CERTIFICATE,
|
||||
extension_type, "( ignored )" );
|
||||
break;
|
||||
}
|
||||
|
||||
p += extension_data_len;
|
||||
}
|
||||
|
||||
MBEDTLS_SSL_PRINT_EXTS( 3, MBEDTLS_SSL_HS_CERTIFICATE,
|
||||
handshake->received_extensions );
|
||||
}
|
||||
|
||||
exit:
|
||||
|
@ -512,7 +555,7 @@ exit:
|
|||
if( p != end )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad Certificate message" ) );
|
||||
MBEDTLS_SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR, \
|
||||
MBEDTLS_SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR,
|
||||
MBEDTLS_ERR_SSL_DECODE_ERROR );
|
||||
return( MBEDTLS_ERR_SSL_DECODE_ERROR );
|
||||
}
|
||||
|
@ -843,6 +886,9 @@ static int ssl_tls13_write_certificate_body( mbedtls_ssl_context *ssl,
|
|||
|
||||
*out_len = p - buf;
|
||||
|
||||
MBEDTLS_SSL_PRINT_EXTS(
|
||||
3, MBEDTLS_SSL_HS_CERTIFICATE, ssl->handshake->sent_extensions );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
|
@ -1485,4 +1531,61 @@ int mbedtls_ssl_tls13_generate_and_write_ecdh_key_exchange(
|
|||
}
|
||||
#endif /* MBEDTLS_ECDH_C */
|
||||
|
||||
/* RFC 8446 section 4.2
|
||||
*
|
||||
* If an implementation receives an extension which it recognizes and which is
|
||||
* not specified for the message in which it appears, it MUST abort the handshake
|
||||
* with an "illegal_parameter" alert.
|
||||
*
|
||||
*/
|
||||
int mbedtls_ssl_tls13_check_received_extension(
|
||||
mbedtls_ssl_context *ssl,
|
||||
int hs_msg_type,
|
||||
unsigned int received_extension_type,
|
||||
uint32_t hs_msg_allowed_extensions_mask )
|
||||
{
|
||||
uint32_t extension_mask = mbedtls_ssl_get_extension_mask(
|
||||
received_extension_type );
|
||||
|
||||
MBEDTLS_SSL_PRINT_EXT(
|
||||
3, hs_msg_type, received_extension_type, "received" );
|
||||
|
||||
if( ( extension_mask & hs_msg_allowed_extensions_mask ) == 0 )
|
||||
{
|
||||
MBEDTLS_SSL_PRINT_EXT(
|
||||
3, hs_msg_type, received_extension_type, "is illegal" );
|
||||
MBEDTLS_SSL_PEND_FATAL_ALERT(
|
||||
MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER,
|
||||
MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER );
|
||||
return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER );
|
||||
}
|
||||
|
||||
ssl->handshake->received_extensions |= extension_mask;
|
||||
/*
|
||||
* If it is a message containing extension responses, check that we
|
||||
* previously sent the extension.
|
||||
*/
|
||||
switch( hs_msg_type )
|
||||
{
|
||||
case MBEDTLS_SSL_HS_SERVER_HELLO:
|
||||
case MBEDTLS_SSL_TLS1_3_HS_HELLO_RETRY_REQUEST:
|
||||
case MBEDTLS_SSL_HS_ENCRYPTED_EXTENSIONS:
|
||||
case MBEDTLS_SSL_HS_CERTIFICATE:
|
||||
/* Check if the received extension is sent by peer message.*/
|
||||
if( ( ssl->handshake->sent_extensions & extension_mask ) != 0 )
|
||||
return( 0 );
|
||||
break;
|
||||
default:
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
MBEDTLS_SSL_PRINT_EXT(
|
||||
3, hs_msg_type, received_extension_type, "is unsupported" );
|
||||
MBEDTLS_SSL_PEND_FATAL_ALERT(
|
||||
MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT,
|
||||
MBEDTLS_ERR_SSL_UNSUPPORTED_EXTENSION );
|
||||
return( MBEDTLS_ERR_SSL_UNSUPPORTED_EXTENSION );
|
||||
}
|
||||
|
||||
#endif /* MBEDTLS_SSL_TLS_C && MBEDTLS_SSL_PROTO_TLS1_3 */
|
||||
|
||||
|
|
|
@ -700,6 +700,8 @@ static int ssl_tls13_write_server_pre_shared_key_ext( mbedtls_ssl_context *ssl,
|
|||
MBEDTLS_SSL_DEBUG_MSG( 4, ( "sent selected_identity: %u",
|
||||
ssl->handshake->selected_identity ) );
|
||||
|
||||
mbedtls_ssl_tls13_set_hs_sent_ext_mask( ssl, MBEDTLS_TLS_EXT_PRE_SHARED_KEY );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
|
@ -926,110 +928,69 @@ static int ssl_tls13_parse_key_shares_ext( mbedtls_ssl_context *ssl,
|
|||
}
|
||||
#endif /* MBEDTLS_ECDH_C */
|
||||
|
||||
#if defined(MBEDTLS_DEBUG_C)
|
||||
static void ssl_tls13_debug_print_client_hello_exts( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
((void) ssl);
|
||||
|
||||
MBEDTLS_SSL_DEBUG_MSG( 3, ( "Supported Extensions:" ) );
|
||||
MBEDTLS_SSL_DEBUG_MSG( 3,
|
||||
( "- KEY_SHARE_EXTENSION ( %s )",
|
||||
( ( ssl->handshake->extensions_present
|
||||
& MBEDTLS_SSL_EXT_KEY_SHARE ) > 0 ) ? "TRUE" : "FALSE" ) );
|
||||
MBEDTLS_SSL_DEBUG_MSG( 3,
|
||||
( "- PSK_KEY_EXCHANGE_MODES_EXTENSION ( %s )",
|
||||
( ( ssl->handshake->extensions_present
|
||||
& MBEDTLS_SSL_EXT_PSK_KEY_EXCHANGE_MODES ) > 0 ) ?
|
||||
"TRUE" : "FALSE" ) );
|
||||
MBEDTLS_SSL_DEBUG_MSG( 3,
|
||||
( "- PRE_SHARED_KEY_EXTENSION ( %s )",
|
||||
( ( ssl->handshake->extensions_present
|
||||
& MBEDTLS_SSL_EXT_PRE_SHARED_KEY ) > 0 ) ? "TRUE" : "FALSE" ) );
|
||||
MBEDTLS_SSL_DEBUG_MSG( 3,
|
||||
( "- SIGNATURE_ALGORITHM_EXTENSION ( %s )",
|
||||
( ( ssl->handshake->extensions_present
|
||||
& MBEDTLS_SSL_EXT_SIG_ALG ) > 0 ) ? "TRUE" : "FALSE" ) );
|
||||
MBEDTLS_SSL_DEBUG_MSG( 3,
|
||||
( "- SUPPORTED_GROUPS_EXTENSION ( %s )",
|
||||
( ( ssl->handshake->extensions_present
|
||||
& MBEDTLS_SSL_EXT_SUPPORTED_GROUPS ) >0 ) ?
|
||||
"TRUE" : "FALSE" ) );
|
||||
MBEDTLS_SSL_DEBUG_MSG( 3,
|
||||
( "- SUPPORTED_VERSION_EXTENSION ( %s )",
|
||||
( ( ssl->handshake->extensions_present
|
||||
& MBEDTLS_SSL_EXT_SUPPORTED_VERSIONS ) > 0 ) ?
|
||||
"TRUE" : "FALSE" ) );
|
||||
#if defined ( MBEDTLS_SSL_SERVER_NAME_INDICATION )
|
||||
MBEDTLS_SSL_DEBUG_MSG( 3,
|
||||
( "- SERVERNAME_EXTENSION ( %s )",
|
||||
( ( ssl->handshake->extensions_present
|
||||
& MBEDTLS_SSL_EXT_SERVERNAME ) > 0 ) ?
|
||||
"TRUE" : "FALSE" ) );
|
||||
#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */
|
||||
#if defined ( MBEDTLS_SSL_ALPN )
|
||||
MBEDTLS_SSL_DEBUG_MSG( 3,
|
||||
( "- ALPN_EXTENSION ( %s )",
|
||||
( ( ssl->handshake->extensions_present
|
||||
& MBEDTLS_SSL_EXT_ALPN ) > 0 ) ?
|
||||
"TRUE" : "FALSE" ) );
|
||||
#endif /* MBEDTLS_SSL_ALPN */
|
||||
}
|
||||
#endif /* MBEDTLS_DEBUG_C */
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_client_hello_has_exts( mbedtls_ssl_context *ssl,
|
||||
int exts_mask )
|
||||
{
|
||||
int masked = ssl->handshake->extensions_present & exts_mask;
|
||||
int masked = ssl->handshake->received_extensions & exts_mask;
|
||||
return( masked == exts_mask );
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_client_hello_has_exts_for_ephemeral_key_exchange(
|
||||
mbedtls_ssl_context *ssl )
|
||||
{
|
||||
return( ssl_tls13_client_hello_has_exts(
|
||||
ssl,
|
||||
MBEDTLS_SSL_EXT_SUPPORTED_GROUPS |
|
||||
MBEDTLS_SSL_EXT_KEY_SHARE |
|
||||
MBEDTLS_SSL_EXT_SIG_ALG ) );
|
||||
MBEDTLS_SSL_EXT_MASK( SUPPORTED_GROUPS ) |
|
||||
MBEDTLS_SSL_EXT_MASK( KEY_SHARE ) |
|
||||
MBEDTLS_SSL_EXT_MASK( SIG_ALG ) ) );
|
||||
}
|
||||
#endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED */
|
||||
|
||||
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED)
|
||||
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_client_hello_has_exts_for_psk_key_exchange(
|
||||
mbedtls_ssl_context *ssl )
|
||||
{
|
||||
return( ssl_tls13_client_hello_has_exts(
|
||||
ssl,
|
||||
MBEDTLS_SSL_EXT_PRE_SHARED_KEY |
|
||||
MBEDTLS_SSL_EXT_PSK_KEY_EXCHANGE_MODES ) );
|
||||
MBEDTLS_SSL_EXT_MASK( PRE_SHARED_KEY ) |
|
||||
MBEDTLS_SSL_EXT_MASK( PSK_KEY_EXCHANGE_MODES ) ) );
|
||||
}
|
||||
#endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED */
|
||||
|
||||
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_client_hello_has_exts_for_psk_ephemeral_key_exchange(
|
||||
mbedtls_ssl_context *ssl )
|
||||
{
|
||||
return( ssl_tls13_client_hello_has_exts(
|
||||
ssl,
|
||||
MBEDTLS_SSL_EXT_SUPPORTED_GROUPS |
|
||||
MBEDTLS_SSL_EXT_KEY_SHARE |
|
||||
MBEDTLS_SSL_EXT_PRE_SHARED_KEY |
|
||||
MBEDTLS_SSL_EXT_PSK_KEY_EXCHANGE_MODES ) );
|
||||
MBEDTLS_SSL_EXT_MASK( SUPPORTED_GROUPS ) |
|
||||
MBEDTLS_SSL_EXT_MASK( KEY_SHARE ) |
|
||||
MBEDTLS_SSL_EXT_MASK( PRE_SHARED_KEY ) |
|
||||
MBEDTLS_SSL_EXT_MASK( PSK_KEY_EXCHANGE_MODES ) ) );
|
||||
}
|
||||
#endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED */
|
||||
#endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED */
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_check_ephemeral_key_exchange( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED)
|
||||
return( mbedtls_ssl_conf_tls13_ephemeral_enabled( ssl ) &&
|
||||
ssl_tls13_client_hello_has_exts_for_ephemeral_key_exchange( ssl ) );
|
||||
#else
|
||||
((void) ssl);
|
||||
return( 0 );
|
||||
#endif
|
||||
}
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_check_psk_key_exchange( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED)
|
||||
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED)
|
||||
return( mbedtls_ssl_conf_tls13_psk_enabled( ssl ) &&
|
||||
mbedtls_ssl_tls13_psk_enabled( ssl ) &&
|
||||
ssl_tls13_client_hello_has_exts_for_psk_key_exchange( ssl ) );
|
||||
|
@ -1042,7 +1003,7 @@ static int ssl_tls13_check_psk_key_exchange( mbedtls_ssl_context *ssl )
|
|||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_check_psk_ephemeral_key_exchange( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED)
|
||||
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED)
|
||||
return( mbedtls_ssl_conf_tls13_psk_ephemeral_enabled( ssl ) &&
|
||||
mbedtls_ssl_tls13_psk_ephemeral_enabled( ssl ) &&
|
||||
ssl_tls13_client_hello_has_exts_for_psk_ephemeral_key_exchange( ssl ) );
|
||||
|
@ -1289,6 +1250,7 @@ static int ssl_tls13_parse_client_hello( mbedtls_ssl_context *ssl,
|
|||
const unsigned char *cipher_suites_end;
|
||||
size_t extensions_len;
|
||||
const unsigned char *extensions_end;
|
||||
mbedtls_ssl_handshake_params *handshake = ssl->handshake;
|
||||
int hrr_required = 0;
|
||||
|
||||
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED)
|
||||
|
@ -1297,8 +1259,6 @@ static int ssl_tls13_parse_client_hello( mbedtls_ssl_context *ssl,
|
|||
const unsigned char *pre_shared_key_ext_end = NULL;
|
||||
#endif
|
||||
|
||||
ssl->handshake->extensions_present = MBEDTLS_SSL_EXT_NONE;
|
||||
|
||||
/*
|
||||
* ClientHello layout:
|
||||
* 0 . 1 protocol version
|
||||
|
@ -1356,7 +1316,7 @@ static int ssl_tls13_parse_client_hello( mbedtls_ssl_context *ssl,
|
|||
MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, random bytes",
|
||||
p, MBEDTLS_CLIENT_HELLO_RANDOM_LEN );
|
||||
|
||||
memcpy( &ssl->handshake->randbytes[0], p, MBEDTLS_CLIENT_HELLO_RANDOM_LEN );
|
||||
memcpy( &handshake->randbytes[0], p, MBEDTLS_CLIENT_HELLO_RANDOM_LEN );
|
||||
p += MBEDTLS_CLIENT_HELLO_RANDOM_LEN;
|
||||
|
||||
/* ...
|
||||
|
@ -1426,13 +1386,13 @@ static int ssl_tls13_parse_client_hello( mbedtls_ssl_context *ssl,
|
|||
continue;
|
||||
|
||||
ssl->session_negotiate->ciphersuite = cipher_suite;
|
||||
ssl->handshake->ciphersuite_info = ciphersuite_info;
|
||||
handshake->ciphersuite_info = ciphersuite_info;
|
||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "selected ciphersuite: %04x - %s",
|
||||
cipher_suite,
|
||||
ciphersuite_info->name ) );
|
||||
}
|
||||
|
||||
if( ssl->handshake->ciphersuite_info == NULL )
|
||||
if( handshake->ciphersuite_info == NULL )
|
||||
{
|
||||
MBEDTLS_SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE,
|
||||
MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE );
|
||||
|
@ -1468,27 +1428,29 @@ static int ssl_tls13_parse_client_hello( mbedtls_ssl_context *ssl,
|
|||
|
||||
MBEDTLS_SSL_DEBUG_BUF( 3, "client hello extensions", p, extensions_len );
|
||||
|
||||
handshake->received_extensions = MBEDTLS_SSL_EXT_MASK_NONE;
|
||||
|
||||
while( p < extensions_end )
|
||||
{
|
||||
unsigned int extension_type;
|
||||
size_t extension_data_len;
|
||||
const unsigned char *extension_data_end;
|
||||
|
||||
/* RFC 8446, page 57
|
||||
/* RFC 8446, section 4.2.11
|
||||
*
|
||||
* The "pre_shared_key" extension MUST be the last extension in the
|
||||
* ClientHello (this facilitates implementation as described below).
|
||||
* Servers MUST check that it is the last extension and otherwise fail
|
||||
* the handshake with an "illegal_parameter" alert.
|
||||
*/
|
||||
if( ssl->handshake->extensions_present & MBEDTLS_SSL_EXT_PRE_SHARED_KEY )
|
||||
if( handshake->received_extensions & MBEDTLS_SSL_EXT_MASK( PRE_SHARED_KEY ) )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG(
|
||||
3, ( "pre_shared_key is not last extension." ) );
|
||||
MBEDTLS_SSL_PEND_FATAL_ALERT(
|
||||
MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER,
|
||||
MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE );
|
||||
return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE );
|
||||
MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER );
|
||||
return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER );
|
||||
}
|
||||
|
||||
MBEDTLS_SSL_CHK_BUF_READ_PTR( p, extensions_end, 4 );
|
||||
|
@ -1499,6 +1461,12 @@ static int ssl_tls13_parse_client_hello( mbedtls_ssl_context *ssl,
|
|||
MBEDTLS_SSL_CHK_BUF_READ_PTR( p, extensions_end, extension_data_len );
|
||||
extension_data_end = p + extension_data_len;
|
||||
|
||||
ret = mbedtls_ssl_tls13_check_received_extension(
|
||||
ssl, MBEDTLS_SSL_HS_CLIENT_HELLO, extension_type,
|
||||
MBEDTLS_SSL_TLS1_3_ALLOWED_EXTS_OF_CH );
|
||||
if( ret != 0 )
|
||||
return( ret );
|
||||
|
||||
switch( extension_type )
|
||||
{
|
||||
#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
|
||||
|
@ -1512,7 +1480,6 @@ static int ssl_tls13_parse_client_hello( mbedtls_ssl_context *ssl,
|
|||
1, "mbedtls_ssl_parse_servername_ext", ret );
|
||||
return( ret );
|
||||
}
|
||||
ssl->handshake->extensions_present |= MBEDTLS_SSL_EXT_SERVERNAME;
|
||||
break;
|
||||
#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */
|
||||
|
||||
|
@ -1535,7 +1502,6 @@ static int ssl_tls13_parse_client_hello( mbedtls_ssl_context *ssl,
|
|||
return( ret );
|
||||
}
|
||||
|
||||
ssl->handshake->extensions_present |= MBEDTLS_SSL_EXT_SUPPORTED_GROUPS;
|
||||
break;
|
||||
#endif /* MBEDTLS_ECDH_C */
|
||||
|
||||
|
@ -1565,7 +1531,6 @@ static int ssl_tls13_parse_client_hello( mbedtls_ssl_context *ssl,
|
|||
return( ret );
|
||||
}
|
||||
|
||||
ssl->handshake->extensions_present |= MBEDTLS_SSL_EXT_KEY_SHARE;
|
||||
break;
|
||||
#endif /* MBEDTLS_ECDH_C */
|
||||
|
||||
|
@ -1580,7 +1545,6 @@ static int ssl_tls13_parse_client_hello( mbedtls_ssl_context *ssl,
|
|||
( "ssl_tls13_parse_supported_versions_ext" ), ret );
|
||||
return( ret );
|
||||
}
|
||||
ssl->handshake->extensions_present |= MBEDTLS_SSL_EXT_SUPPORTED_VERSIONS;
|
||||
break;
|
||||
|
||||
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED)
|
||||
|
@ -1596,19 +1560,18 @@ static int ssl_tls13_parse_client_hello( mbedtls_ssl_context *ssl,
|
|||
return( ret );
|
||||
}
|
||||
|
||||
ssl->handshake->extensions_present |= MBEDTLS_SSL_EXT_PSK_KEY_EXCHANGE_MODES;
|
||||
break;
|
||||
#endif
|
||||
|
||||
case MBEDTLS_TLS_EXT_PRE_SHARED_KEY:
|
||||
MBEDTLS_SSL_DEBUG_MSG( 3, ( "found pre_shared_key extension" ) );
|
||||
if( ( ssl->handshake->extensions_present &
|
||||
MBEDTLS_SSL_EXT_PSK_KEY_EXCHANGE_MODES ) == 0 )
|
||||
if( ( handshake->received_extensions &
|
||||
MBEDTLS_SSL_EXT_MASK( PSK_KEY_EXCHANGE_MODES ) ) == 0 )
|
||||
{
|
||||
MBEDTLS_SSL_PEND_FATAL_ALERT(
|
||||
MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER,
|
||||
MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE );
|
||||
return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE );
|
||||
MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER );
|
||||
return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER );
|
||||
}
|
||||
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED)
|
||||
/* Delay processing of the PSK identity once we have
|
||||
|
@ -1617,8 +1580,7 @@ static int ssl_tls13_parse_client_hello( mbedtls_ssl_context *ssl,
|
|||
*/
|
||||
pre_shared_key_ext = p;
|
||||
pre_shared_key_ext_end = extension_data_end;
|
||||
#endif
|
||||
ssl->handshake->extensions_present |= MBEDTLS_SSL_EXT_PRE_SHARED_KEY;
|
||||
#endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED */
|
||||
break;
|
||||
|
||||
#if defined(MBEDTLS_SSL_ALPN)
|
||||
|
@ -1632,7 +1594,6 @@ static int ssl_tls13_parse_client_hello( mbedtls_ssl_context *ssl,
|
|||
1, ( "mbedtls_ssl_parse_alpn_ext" ), ret );
|
||||
return( ret );
|
||||
}
|
||||
ssl->handshake->extensions_present |= MBEDTLS_SSL_EXT_ALPN;
|
||||
break;
|
||||
#endif /* MBEDTLS_SSL_ALPN */
|
||||
|
||||
|
@ -1649,23 +1610,21 @@ static int ssl_tls13_parse_client_hello( mbedtls_ssl_context *ssl,
|
|||
ret ) );
|
||||
return( ret );
|
||||
}
|
||||
ssl->handshake->extensions_present |= MBEDTLS_SSL_EXT_SIG_ALG;
|
||||
break;
|
||||
#endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED */
|
||||
|
||||
default:
|
||||
MBEDTLS_SSL_DEBUG_MSG( 3,
|
||||
( "unknown extension found: %ud ( ignoring )",
|
||||
extension_type ) );
|
||||
MBEDTLS_SSL_PRINT_EXT(
|
||||
3, MBEDTLS_SSL_HS_CLIENT_HELLO,
|
||||
extension_type, "( ignored )" );
|
||||
break;
|
||||
}
|
||||
|
||||
p += extension_data_len;
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_DEBUG_C)
|
||||
/* List all the extensions we have received */
|
||||
ssl_tls13_debug_print_client_hello_exts( ssl );
|
||||
#endif /* MBEDTLS_DEBUG_C */
|
||||
MBEDTLS_SSL_PRINT_EXTS( 3, MBEDTLS_SSL_HS_CLIENT_HELLO,
|
||||
handshake->received_extensions );
|
||||
|
||||
mbedtls_ssl_add_hs_hdr_to_checksum( ssl,
|
||||
MBEDTLS_SSL_HS_CLIENT_HELLO,
|
||||
|
@ -1679,9 +1638,9 @@ static int ssl_tls13_parse_client_hello( mbedtls_ssl_context *ssl,
|
|||
/* If we've settled on a PSK-based exchange, parse PSK identity ext */
|
||||
if( mbedtls_ssl_tls13_some_psk_enabled( ssl ) &&
|
||||
mbedtls_ssl_conf_tls13_some_psk_enabled( ssl ) &&
|
||||
( ssl->handshake->extensions_present & MBEDTLS_SSL_EXT_PRE_SHARED_KEY ) )
|
||||
( handshake->received_extensions & MBEDTLS_SSL_EXT_MASK( PRE_SHARED_KEY ) ) )
|
||||
{
|
||||
ssl->handshake->update_checksum( ssl, buf,
|
||||
handshake->update_checksum( ssl, buf,
|
||||
pre_shared_key_ext - buf );
|
||||
ret = ssl_tls13_parse_pre_shared_key_ext( ssl,
|
||||
pre_shared_key_ext,
|
||||
|
@ -1690,26 +1649,26 @@ static int ssl_tls13_parse_client_hello( mbedtls_ssl_context *ssl,
|
|||
cipher_suites_end );
|
||||
if( ret == MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY )
|
||||
{
|
||||
ssl->handshake->extensions_present &= ~MBEDTLS_SSL_EXT_PRE_SHARED_KEY;
|
||||
handshake->received_extensions &= ~MBEDTLS_SSL_EXT_MASK( PRE_SHARED_KEY );
|
||||
}
|
||||
else if( ret != 0 )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_tls13_parse_pre_shared_key_ext" ),
|
||||
ret );
|
||||
MBEDTLS_SSL_DEBUG_RET(
|
||||
1, "ssl_tls13_parse_pre_shared_key_ext" , ret );
|
||||
return( ret );
|
||||
}
|
||||
}
|
||||
else
|
||||
#endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED */
|
||||
{
|
||||
ssl->handshake->update_checksum( ssl, buf, p - buf );
|
||||
handshake->update_checksum( ssl, buf, p - buf );
|
||||
}
|
||||
|
||||
ret = ssl_tls13_determine_key_exchange_mode( ssl );
|
||||
if( ret < 0 )
|
||||
return( ret );
|
||||
|
||||
mbedtls_ssl_optimize_checksum( ssl, ssl->handshake->ciphersuite_info );
|
||||
mbedtls_ssl_optimize_checksum( ssl, handshake->ciphersuite_info );
|
||||
|
||||
return( hrr_required ? SSL_CLIENT_HELLO_HRR_REQUIRED : SSL_CLIENT_HELLO_OK );
|
||||
}
|
||||
|
@ -1856,6 +1815,9 @@ static int ssl_tls13_write_server_hello_supported_versions_ext(
|
|||
|
||||
*out_len = 6;
|
||||
|
||||
mbedtls_ssl_tls13_set_hs_sent_ext_mask(
|
||||
ssl, MBEDTLS_TLS_EXT_SUPPORTED_VERSIONS );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
|
@ -1962,6 +1924,8 @@ static int ssl_tls13_write_key_share_ext( mbedtls_ssl_context *ssl,
|
|||
|
||||
*out_len = p - buf;
|
||||
|
||||
mbedtls_ssl_tls13_set_hs_sent_ext_mask( ssl, MBEDTLS_TLS_EXT_KEY_SHARE );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
|
@ -2026,6 +1990,8 @@ static int ssl_tls13_write_hrr_key_share_ext( mbedtls_ssl_context *ssl,
|
|||
|
||||
*out_len = 6;
|
||||
|
||||
mbedtls_ssl_tls13_set_hs_sent_ext_mask( ssl, MBEDTLS_TLS_EXT_KEY_SHARE );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
|
@ -2054,6 +2020,7 @@ static int ssl_tls13_write_server_hello_body( mbedtls_ssl_context *ssl,
|
|||
size_t output_len;
|
||||
|
||||
*out_len = 0;
|
||||
ssl->handshake->sent_extensions = MBEDTLS_SSL_EXT_MASK_NONE;
|
||||
|
||||
/* ...
|
||||
* ProtocolVersion legacy_version = 0x0303; // TLS 1.2
|
||||
|
@ -2179,6 +2146,11 @@ static int ssl_tls13_write_server_hello_body( mbedtls_ssl_context *ssl,
|
|||
|
||||
MBEDTLS_SSL_DEBUG_BUF( 3, "server hello", buf, *out_len );
|
||||
|
||||
MBEDTLS_SSL_PRINT_EXTS(
|
||||
3, is_hrr ? MBEDTLS_SSL_TLS1_3_HS_HELLO_RETRY_REQUEST :
|
||||
MBEDTLS_SSL_HS_SERVER_HELLO,
|
||||
ssl->handshake->sent_extensions );
|
||||
|
||||
return( ret );
|
||||
}
|
||||
|
||||
|
@ -2363,6 +2335,9 @@ static int ssl_tls13_write_encrypted_extensions_body( mbedtls_ssl_context *ssl,
|
|||
|
||||
MBEDTLS_SSL_DEBUG_BUF( 4, "encrypted extensions", buf, *out_len );
|
||||
|
||||
MBEDTLS_SSL_PRINT_EXTS(
|
||||
3, MBEDTLS_SSL_HS_ENCRYPTED_EXTENSIONS, ssl->handshake->sent_extensions );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
|
@ -2492,6 +2467,9 @@ static int ssl_tls13_write_certificate_request_body( mbedtls_ssl_context *ssl,
|
|||
|
||||
*out_len = p - buf;
|
||||
|
||||
MBEDTLS_SSL_PRINT_EXTS(
|
||||
3, MBEDTLS_SSL_HS_CERTIFICATE_REQUEST, ssl->handshake->sent_extensions );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
|
@ -2877,6 +2855,8 @@ static int ssl_tls13_write_new_session_ticket_body( mbedtls_ssl_context *ssl,
|
|||
* Note: We currently don't have any extensions.
|
||||
* Set length to zero.
|
||||
*/
|
||||
ssl->handshake->sent_extensions = MBEDTLS_SSL_EXT_MASK_NONE;
|
||||
|
||||
MBEDTLS_SSL_CHK_BUF_PTR( p, end, 2 );
|
||||
MBEDTLS_PUT_UINT16_BE( 0, p, 0 );
|
||||
p += 2;
|
||||
|
@ -2885,6 +2865,9 @@ static int ssl_tls13_write_new_session_ticket_body( mbedtls_ssl_context *ssl,
|
|||
MBEDTLS_SSL_DEBUG_BUF( 4, "ticket", buf, *out_len );
|
||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write new session ticket" ) );
|
||||
|
||||
MBEDTLS_SSL_PRINT_EXTS(
|
||||
3, MBEDTLS_SSL_HS_NEW_SESSION_TICKET, ssl->handshake->sent_extensions );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
|
|
|
@ -18,228 +18,8 @@
|
|||
# limitations under the License.
|
||||
#
|
||||
|
||||
get_srv_psk_list ()
|
||||
{
|
||||
case $(( TESTS % 3 )) in
|
||||
0) echo "psk_list=abc,dead,def,beef,Client_identity,6162636465666768696a6b6c6d6e6f70";;
|
||||
1) echo "psk_list=abc,dead,Client_identity,6162636465666768696a6b6c6d6e6f70,def,beef";;
|
||||
2) echo "psk_list=Client_identity,6162636465666768696a6b6c6d6e6f70,abc,dead,def,beef";;
|
||||
esac
|
||||
}
|
||||
|
||||
requires_gnutls_tls1_3
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
|
||||
requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
|
||||
requires_config_enabled MBEDTLS_SSL_SRV_C
|
||||
requires_config_enabled MBEDTLS_DEBUG_C
|
||||
requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
|
||||
|
||||
run_test "TLS 1.3: PSK: No valid ciphersuite. G->m" \
|
||||
"$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
|
||||
"$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-CIPHER-ALL:+AES-256-GCM:+AEAD:+SHA384:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
|
||||
--pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
|
||||
localhost" \
|
||||
1 \
|
||||
-s "found psk key exchange modes extension" \
|
||||
-s "found pre_shared_key extension" \
|
||||
-s "Found PSK_EPHEMERAL KEX MODE" \
|
||||
-s "Found PSK KEX MODE" \
|
||||
-s "No matched ciphersuite"
|
||||
|
||||
requires_openssl_tls1_3
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
|
||||
requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
|
||||
requires_config_enabled MBEDTLS_SSL_SRV_C
|
||||
requires_config_enabled MBEDTLS_DEBUG_C
|
||||
requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
|
||||
|
||||
run_test "TLS 1.3: PSK: No valid ciphersuite. O->m" \
|
||||
"$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
|
||||
"$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -ciphersuites TLS_AES_256_GCM_SHA384\
|
||||
-psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
|
||||
1 \
|
||||
-s "found psk key exchange modes extension" \
|
||||
-s "found pre_shared_key extension" \
|
||||
-s "Found PSK_EPHEMERAL KEX MODE" \
|
||||
-s "Found PSK KEX MODE" \
|
||||
-s "No matched ciphersuite"
|
||||
|
||||
requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \
|
||||
MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME
|
||||
requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
|
||||
MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
|
||||
requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
|
||||
MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
|
||||
run_test "TLS 1.3 m->m: Multiple PSKs: valid ticket, reconnect with ticket" \
|
||||
"$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70 tickets=8" \
|
||||
"$P_CLI force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70 reco_mode=1 reconnect=1" \
|
||||
0 \
|
||||
-c "Pre-configured PSK number = 2" \
|
||||
-s "sent selected_identity: 0" \
|
||||
-s "key exchange mode: psk_ephemeral" \
|
||||
-S "key exchange mode: psk$" \
|
||||
-S "key exchange mode: ephemeral$" \
|
||||
-S "ticket is not authentic"
|
||||
|
||||
requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \
|
||||
MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME
|
||||
requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
|
||||
MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
|
||||
requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
|
||||
MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
|
||||
run_test "TLS 1.3 m->m: Multiple PSKs: invalid ticket, reconnect with PSK" \
|
||||
"$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70 tickets=8 dummy_ticket=1" \
|
||||
"$P_CLI force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70 reco_mode=1 reconnect=1" \
|
||||
0 \
|
||||
-c "Pre-configured PSK number = 2" \
|
||||
-s "sent selected_identity: 1" \
|
||||
-s "key exchange mode: psk_ephemeral" \
|
||||
-S "key exchange mode: psk$" \
|
||||
-S "key exchange mode: ephemeral$" \
|
||||
-s "ticket is not authentic"
|
||||
|
||||
requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \
|
||||
MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME
|
||||
requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
|
||||
MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
|
||||
requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
|
||||
MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
|
||||
run_test "TLS 1.3 m->m: Session resumption failure, ticket authentication failed." \
|
||||
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=8 dummy_ticket=1" \
|
||||
"$P_CLI debug_level=4 reco_mode=1 reconnect=1" \
|
||||
0 \
|
||||
-c "Pre-configured PSK number = 1" \
|
||||
-S "sent selected_identity:" \
|
||||
-s "key exchange mode: ephemeral" \
|
||||
-S "key exchange mode: psk_ephemeral" \
|
||||
-S "key exchange mode: psk$" \
|
||||
-s "ticket is not authentic" \
|
||||
-S "ticket is expired" \
|
||||
-S "Invalid ticket start time" \
|
||||
-S "Ticket age exceeds limitation" \
|
||||
-S "Ticket age outside tolerance window"
|
||||
|
||||
requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \
|
||||
MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME
|
||||
requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
|
||||
MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
|
||||
requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
|
||||
MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
|
||||
run_test "TLS 1.3 m->m: Session resumption failure, ticket expired." \
|
||||
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=8 dummy_ticket=2" \
|
||||
"$P_CLI debug_level=4 reco_mode=1 reconnect=1" \
|
||||
0 \
|
||||
-c "Pre-configured PSK number = 1" \
|
||||
-S "sent selected_identity:" \
|
||||
-s "key exchange mode: ephemeral" \
|
||||
-S "key exchange mode: psk_ephemeral" \
|
||||
-S "key exchange mode: psk$" \
|
||||
-S "ticket is not authentic" \
|
||||
-s "ticket is expired" \
|
||||
-S "Invalid ticket start time" \
|
||||
-S "Ticket age exceeds limitation" \
|
||||
-S "Ticket age outside tolerance window"
|
||||
|
||||
requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \
|
||||
MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME
|
||||
requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
|
||||
MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
|
||||
requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
|
||||
MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
|
||||
run_test "TLS 1.3 m->m: Session resumption failure, invalid start time." \
|
||||
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=8 dummy_ticket=3" \
|
||||
"$P_CLI debug_level=4 reco_mode=1 reconnect=1" \
|
||||
0 \
|
||||
-c "Pre-configured PSK number = 1" \
|
||||
-S "sent selected_identity:" \
|
||||
-s "key exchange mode: ephemeral" \
|
||||
-S "key exchange mode: psk_ephemeral" \
|
||||
-S "key exchange mode: psk$" \
|
||||
-S "ticket is not authentic" \
|
||||
-S "ticket is expired" \
|
||||
-s "Invalid ticket start time" \
|
||||
-S "Ticket age exceeds limitation" \
|
||||
-S "Ticket age outside tolerance window"
|
||||
|
||||
requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \
|
||||
MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME
|
||||
requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
|
||||
MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
|
||||
requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
|
||||
MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
|
||||
run_test "TLS 1.3 m->m: Session resumption failure, ticket expired. too old" \
|
||||
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=8 dummy_ticket=4" \
|
||||
"$P_CLI debug_level=4 reco_mode=1 reconnect=1" \
|
||||
0 \
|
||||
-c "Pre-configured PSK number = 1" \
|
||||
-S "sent selected_identity:" \
|
||||
-s "key exchange mode: ephemeral" \
|
||||
-S "key exchange mode: psk_ephemeral" \
|
||||
-S "key exchange mode: psk$" \
|
||||
-S "ticket is not authentic" \
|
||||
-S "ticket is expired" \
|
||||
-S "Invalid ticket start time" \
|
||||
-s "Ticket age exceeds limitation" \
|
||||
-S "Ticket age outside tolerance window"
|
||||
|
||||
requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \
|
||||
MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME
|
||||
requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
|
||||
MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
|
||||
requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
|
||||
MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
|
||||
run_test "TLS 1.3 m->m: Session resumption failure, age outside tolerance window, too young." \
|
||||
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=8 dummy_ticket=5" \
|
||||
"$P_CLI debug_level=4 reco_mode=1 reconnect=1" \
|
||||
0 \
|
||||
-c "Pre-configured PSK number = 1" \
|
||||
-S "sent selected_identity:" \
|
||||
-s "key exchange mode: ephemeral" \
|
||||
-S "key exchange mode: psk_ephemeral" \
|
||||
-S "key exchange mode: psk$" \
|
||||
-S "ticket is not authentic" \
|
||||
-S "ticket is expired" \
|
||||
-S "Invalid ticket start time" \
|
||||
-S "Ticket age exceeds limitation" \
|
||||
-s "Ticket age outside tolerance window"
|
||||
|
||||
requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \
|
||||
MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME
|
||||
requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
|
||||
MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
|
||||
requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
|
||||
MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
|
||||
run_test "TLS 1.3 m->m: Session resumption failure, age outside tolerance window, too old." \
|
||||
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=8 dummy_ticket=6" \
|
||||
"$P_CLI debug_level=4 reco_mode=1 reconnect=1" \
|
||||
0 \
|
||||
-c "Pre-configured PSK number = 1" \
|
||||
-S "sent selected_identity:" \
|
||||
-s "key exchange mode: ephemeral" \
|
||||
-S "key exchange mode: psk_ephemeral" \
|
||||
-S "key exchange mode: psk$" \
|
||||
-S "ticket is not authentic" \
|
||||
-S "ticket is expired" \
|
||||
-S "Invalid ticket start time" \
|
||||
-S "Ticket age exceeds limitation" \
|
||||
-s "Ticket age outside tolerance window"
|
||||
|
||||
requires_gnutls_tls1_3
|
||||
requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
|
||||
requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
|
||||
run_test "TLS 1.3: G->m: ephemeral_all/psk, fail, no common kex mode" \
|
||||
"$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
|
||||
"$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
|
||||
--pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
|
||||
localhost" \
|
||||
1 \
|
||||
-s "found psk key exchange modes extension" \
|
||||
-s "found pre_shared_key extension" \
|
||||
-s "Found PSK_EPHEMERAL KEX MODE" \
|
||||
-S "Found PSK KEX MODE" \
|
||||
-S "key exchange mode: psk$" \
|
||||
-S "key exchange mode: psk_ephemeral" \
|
||||
-S "key exchange mode: ephemeral"
|
||||
# DO NOT ADD NEW TEST CASES INTO THIS FILE. The left cases will be generated by
|
||||
# scripts in future(#6280)
|
||||
|
||||
requires_gnutls_tls1_3
|
||||
requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
|
||||
|
|
284
tests/opt-testcases/tls13-misc.sh
Executable file
284
tests/opt-testcases/tls13-misc.sh
Executable file
|
@ -0,0 +1,284 @@
|
|||
#!/bin/sh
|
||||
|
||||
# tls13-misc.sh
|
||||
#
|
||||
# Copyright The Mbed TLS Contributors
|
||||
# SPDX-License-Identifier: Apache-2.0
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
requires_gnutls_tls1_3
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
|
||||
requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
|
||||
requires_config_enabled MBEDTLS_SSL_SRV_C
|
||||
requires_config_enabled MBEDTLS_DEBUG_C
|
||||
requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
|
||||
|
||||
run_test "TLS 1.3: PSK: No valid ciphersuite. G->m" \
|
||||
"$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
|
||||
"$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-CIPHER-ALL:+AES-256-GCM:+AEAD:+SHA384:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
|
||||
--pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
|
||||
localhost" \
|
||||
1 \
|
||||
-s "found psk key exchange modes extension" \
|
||||
-s "found pre_shared_key extension" \
|
||||
-s "Found PSK_EPHEMERAL KEX MODE" \
|
||||
-s "Found PSK KEX MODE" \
|
||||
-s "No matched ciphersuite"
|
||||
|
||||
requires_openssl_tls1_3
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
|
||||
requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
|
||||
requires_config_enabled MBEDTLS_SSL_SRV_C
|
||||
requires_config_enabled MBEDTLS_DEBUG_C
|
||||
requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
|
||||
|
||||
run_test "TLS 1.3: PSK: No valid ciphersuite. O->m" \
|
||||
"$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
|
||||
"$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -ciphersuites TLS_AES_256_GCM_SHA384\
|
||||
-psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
|
||||
1 \
|
||||
-s "found psk key exchange modes extension" \
|
||||
-s "found pre_shared_key extension" \
|
||||
-s "Found PSK_EPHEMERAL KEX MODE" \
|
||||
-s "Found PSK KEX MODE" \
|
||||
-s "No matched ciphersuite"
|
||||
|
||||
requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \
|
||||
MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME
|
||||
requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
|
||||
MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
|
||||
requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
|
||||
MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
|
||||
run_test "TLS 1.3 m->m: Multiple PSKs: valid ticket, reconnect with ticket" \
|
||||
"$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70 tickets=8" \
|
||||
"$P_CLI force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70 reco_mode=1 reconnect=1" \
|
||||
0 \
|
||||
-c "Pre-configured PSK number = 2" \
|
||||
-s "sent selected_identity: 0" \
|
||||
-s "key exchange mode: psk_ephemeral" \
|
||||
-S "key exchange mode: psk$" \
|
||||
-S "key exchange mode: ephemeral$" \
|
||||
-S "ticket is not authentic"
|
||||
|
||||
requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \
|
||||
MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME
|
||||
requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
|
||||
MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
|
||||
requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
|
||||
MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
|
||||
run_test "TLS 1.3 m->m: Multiple PSKs: invalid ticket, reconnect with PSK" \
|
||||
"$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70 tickets=8 dummy_ticket=1" \
|
||||
"$P_CLI force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70 reco_mode=1 reconnect=1" \
|
||||
0 \
|
||||
-c "Pre-configured PSK number = 2" \
|
||||
-s "sent selected_identity: 1" \
|
||||
-s "key exchange mode: psk_ephemeral" \
|
||||
-S "key exchange mode: psk$" \
|
||||
-S "key exchange mode: ephemeral$" \
|
||||
-s "ticket is not authentic"
|
||||
|
||||
requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \
|
||||
MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME
|
||||
requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
|
||||
MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
|
||||
requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
|
||||
MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
|
||||
run_test "TLS 1.3 m->m: Session resumption failure, ticket authentication failed." \
|
||||
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=8 dummy_ticket=1" \
|
||||
"$P_CLI debug_level=4 reco_mode=1 reconnect=1" \
|
||||
0 \
|
||||
-c "Pre-configured PSK number = 1" \
|
||||
-S "sent selected_identity:" \
|
||||
-s "key exchange mode: ephemeral" \
|
||||
-S "key exchange mode: psk_ephemeral" \
|
||||
-S "key exchange mode: psk$" \
|
||||
-s "ticket is not authentic" \
|
||||
-S "ticket is expired" \
|
||||
-S "Invalid ticket start time" \
|
||||
-S "Ticket age exceeds limitation" \
|
||||
-S "Ticket age outside tolerance window"
|
||||
|
||||
requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \
|
||||
MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME
|
||||
requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
|
||||
MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
|
||||
requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
|
||||
MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
|
||||
run_test "TLS 1.3 m->m: Session resumption failure, ticket expired." \
|
||||
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=8 dummy_ticket=2" \
|
||||
"$P_CLI debug_level=4 reco_mode=1 reconnect=1" \
|
||||
0 \
|
||||
-c "Pre-configured PSK number = 1" \
|
||||
-S "sent selected_identity:" \
|
||||
-s "key exchange mode: ephemeral" \
|
||||
-S "key exchange mode: psk_ephemeral" \
|
||||
-S "key exchange mode: psk$" \
|
||||
-S "ticket is not authentic" \
|
||||
-s "ticket is expired" \
|
||||
-S "Invalid ticket start time" \
|
||||
-S "Ticket age exceeds limitation" \
|
||||
-S "Ticket age outside tolerance window"
|
||||
|
||||
requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \
|
||||
MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME
|
||||
requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
|
||||
MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
|
||||
requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
|
||||
MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
|
||||
run_test "TLS 1.3 m->m: Session resumption failure, invalid start time." \
|
||||
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=8 dummy_ticket=3" \
|
||||
"$P_CLI debug_level=4 reco_mode=1 reconnect=1" \
|
||||
0 \
|
||||
-c "Pre-configured PSK number = 1" \
|
||||
-S "sent selected_identity:" \
|
||||
-s "key exchange mode: ephemeral" \
|
||||
-S "key exchange mode: psk_ephemeral" \
|
||||
-S "key exchange mode: psk$" \
|
||||
-S "ticket is not authentic" \
|
||||
-S "ticket is expired" \
|
||||
-s "Invalid ticket start time" \
|
||||
-S "Ticket age exceeds limitation" \
|
||||
-S "Ticket age outside tolerance window"
|
||||
|
||||
requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \
|
||||
MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME
|
||||
requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
|
||||
MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
|
||||
requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
|
||||
MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
|
||||
run_test "TLS 1.3 m->m: Session resumption failure, ticket expired. too old" \
|
||||
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=8 dummy_ticket=4" \
|
||||
"$P_CLI debug_level=4 reco_mode=1 reconnect=1" \
|
||||
0 \
|
||||
-c "Pre-configured PSK number = 1" \
|
||||
-S "sent selected_identity:" \
|
||||
-s "key exchange mode: ephemeral" \
|
||||
-S "key exchange mode: psk_ephemeral" \
|
||||
-S "key exchange mode: psk$" \
|
||||
-S "ticket is not authentic" \
|
||||
-S "ticket is expired" \
|
||||
-S "Invalid ticket start time" \
|
||||
-s "Ticket age exceeds limitation" \
|
||||
-S "Ticket age outside tolerance window"
|
||||
|
||||
requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \
|
||||
MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME
|
||||
requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
|
||||
MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
|
||||
requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
|
||||
MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
|
||||
run_test "TLS 1.3 m->m: Session resumption failure, age outside tolerance window, too young." \
|
||||
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=8 dummy_ticket=5" \
|
||||
"$P_CLI debug_level=4 reco_mode=1 reconnect=1" \
|
||||
0 \
|
||||
-c "Pre-configured PSK number = 1" \
|
||||
-S "sent selected_identity:" \
|
||||
-s "key exchange mode: ephemeral" \
|
||||
-S "key exchange mode: psk_ephemeral" \
|
||||
-S "key exchange mode: psk$" \
|
||||
-S "ticket is not authentic" \
|
||||
-S "ticket is expired" \
|
||||
-S "Invalid ticket start time" \
|
||||
-S "Ticket age exceeds limitation" \
|
||||
-s "Ticket age outside tolerance window"
|
||||
|
||||
requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \
|
||||
MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME
|
||||
requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
|
||||
MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
|
||||
requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
|
||||
MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
|
||||
run_test "TLS 1.3 m->m: Session resumption failure, age outside tolerance window, too old." \
|
||||
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=8 dummy_ticket=6" \
|
||||
"$P_CLI debug_level=4 reco_mode=1 reconnect=1" \
|
||||
0 \
|
||||
-c "Pre-configured PSK number = 1" \
|
||||
-S "sent selected_identity:" \
|
||||
-s "key exchange mode: ephemeral" \
|
||||
-S "key exchange mode: psk_ephemeral" \
|
||||
-S "key exchange mode: psk$" \
|
||||
-S "ticket is not authentic" \
|
||||
-S "ticket is expired" \
|
||||
-S "Invalid ticket start time" \
|
||||
-S "Ticket age exceeds limitation" \
|
||||
-s "Ticket age outside tolerance window"
|
||||
|
||||
requires_gnutls_tls1_3
|
||||
requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
|
||||
requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
|
||||
run_test "TLS 1.3: G->m: ephemeral_all/psk, fail, no common kex mode" \
|
||||
"$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
|
||||
"$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
|
||||
--pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
|
||||
localhost" \
|
||||
1 \
|
||||
-s "found psk key exchange modes extension" \
|
||||
-s "found pre_shared_key extension" \
|
||||
-s "Found PSK_EPHEMERAL KEX MODE" \
|
||||
-S "Found PSK KEX MODE" \
|
||||
-S "key exchange mode: psk$" \
|
||||
-S "key exchange mode: psk_ephemeral" \
|
||||
-S "key exchange mode: ephemeral"
|
||||
|
||||
requires_gnutls_tls1_3
|
||||
requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C \
|
||||
MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
|
||||
requires_all_configs_disabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED \
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
|
||||
run_test "TLS 1.3: G->m: PSK: configured psk only, good." \
|
||||
"$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
|
||||
"$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:+GROUP-ALL \
|
||||
--pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
|
||||
localhost" \
|
||||
0 \
|
||||
-s "found psk key exchange modes extension" \
|
||||
-s "found pre_shared_key extension" \
|
||||
-s "Found PSK_EPHEMERAL KEX MODE" \
|
||||
-s "Found PSK KEX MODE" \
|
||||
-s "key exchange mode: psk$"
|
||||
|
||||
requires_gnutls_tls1_3
|
||||
requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C \
|
||||
MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
|
||||
requires_all_configs_disabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED \
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
|
||||
run_test "TLS 1.3: G->m: PSK: configured psk_ephemeral only, good." \
|
||||
"$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
|
||||
"$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:+GROUP-ALL \
|
||||
--pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
|
||||
localhost" \
|
||||
0 \
|
||||
-s "found psk key exchange modes extension" \
|
||||
-s "found pre_shared_key extension" \
|
||||
-s "Found PSK_EPHEMERAL KEX MODE" \
|
||||
-s "Found PSK KEX MODE" \
|
||||
-s "key exchange mode: psk_ephemeral$"
|
||||
|
||||
requires_gnutls_tls1_3
|
||||
requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C \
|
||||
MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
|
||||
requires_all_configs_disabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED \
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
|
||||
run_test "TLS 1.3: G->m: PSK: configured ephemeral only, good." \
|
||||
"$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
|
||||
"$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:+GROUP-ALL \
|
||||
--pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
|
||||
localhost" \
|
||||
0 \
|
||||
-s "key exchange mode: ephemeral$"
|
||||
|
|
@ -1024,6 +1024,16 @@ is_gnutls() {
|
|||
esac
|
||||
}
|
||||
|
||||
# Generate random psk_list argument for ssl_server2
|
||||
get_srv_psk_list ()
|
||||
{
|
||||
case $(( TESTS % 3 )) in
|
||||
0) echo "psk_list=abc,dead,def,beef,Client_identity,6162636465666768696a6b6c6d6e6f70";;
|
||||
1) echo "psk_list=abc,dead,Client_identity,6162636465666768696a6b6c6d6e6f70,def,beef";;
|
||||
2) echo "psk_list=Client_identity,6162636465666768696a6b6c6d6e6f70,abc,dead,def,beef";;
|
||||
esac
|
||||
}
|
||||
|
||||
# Determine what calc_verify trace is to be expected, if any.
|
||||
#
|
||||
# calc_verify is only called for two things: to calculate the
|
||||
|
|
Loading…
Reference in a new issue