Add server extension parsing
Only accept EC J-PAKE ciphersuite if extension was present and OK (single flag for both), and ignore extension if we have no password.
This commit is contained in:
Manuel Pégourié-Gonnard
parent
e511b4e7cb
commit
bf57be690e
3 changed files with 57 additions and 3 deletions
|
|
@ -150,6 +150,7 @@
|
||||||
* of state of the renegotiation flag, so no indicator is required)
|
* of state of the renegotiation flag, so no indicator is required)
|
||||||
*/
|
*/
|
||||||
#define MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS_PRESENT (1 << 0)
|
#define MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS_PRESENT (1 << 0)
|
||||||
|
#define MBEDTLS_TLS_EXT_ECJPAKE_KKPP_OK (1 << 1)
|
||||||
|
|
||||||
#ifdef __cplusplus
|
#ifdef __cplusplus
|
||||||
extern "C" {
|
extern "C" {
|
||||||
|
|
|
||||||
|
|
@ -318,6 +318,33 @@ static int ssl_parse_supported_point_formats( mbedtls_ssl_context *ssl,
|
||||||
}
|
}
|
||||||
#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C */
|
#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C */
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
|
||||||
|
static int ssl_parse_ecjpake_kkpp( mbedtls_ssl_context *ssl,
|
||||||
|
const unsigned char *buf,
|
||||||
|
size_t len )
|
||||||
|
{
|
||||||
|
int ret;
|
||||||
|
|
||||||
|
if( mbedtls_ecjpake_check( &ssl->handshake->ecjpake_ctx ) != 0 )
|
||||||
|
{
|
||||||
|
MBEDTLS_SSL_DEBUG_MSG( 3, ( "skip ecjpake kkpp extension" ) );
|
||||||
|
return( 0 );
|
||||||
|
}
|
||||||
|
|
||||||
|
if( ( ret = mbedtls_ecjpake_read_round_one( &ssl->handshake->ecjpake_ctx,
|
||||||
|
buf, len ) ) != 0 )
|
||||||
|
{
|
||||||
|
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecjpake_read_round_one", ret );
|
||||||
|
return( ret );
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Only mark the extension as OK when we're sure it is */
|
||||||
|
ssl->handshake->cli_exts |= MBEDTLS_TLS_EXT_ECJPAKE_KKPP_OK;
|
||||||
|
|
||||||
|
return( 0 );
|
||||||
|
}
|
||||||
|
#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
|
||||||
|
|
||||||
#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
|
#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
|
||||||
static int ssl_parse_max_fragment_length_ext( mbedtls_ssl_context *ssl,
|
static int ssl_parse_max_fragment_length_ext( mbedtls_ssl_context *ssl,
|
||||||
const unsigned char *buf,
|
const unsigned char *buf,
|
||||||
|
|
@ -709,10 +736,10 @@ static int ssl_ciphersuite_match( mbedtls_ssl_context *ssl, int suite_id,
|
||||||
|
|
||||||
#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
|
#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
|
||||||
if( suite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE &&
|
if( suite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE &&
|
||||||
mbedtls_ecjpake_check( &ssl->handshake->ecjpake_ctx ) != 0 )
|
( ssl->handshake->cli_exts & MBEDTLS_TLS_EXT_ECJPAKE_KKPP_OK ) == 0 )
|
||||||
{
|
{
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: "
|
MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: ecjpake "
|
||||||
"ecjpake not configured" ) );
|
"not configured or ext missing" ) );
|
||||||
return( 0 );
|
return( 0 );
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
@ -1571,6 +1598,16 @@ read_record_header:
|
||||||
break;
|
break;
|
||||||
#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C */
|
#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C */
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
|
||||||
|
case MBEDTLS_TLS_EXT_ECJPAKE_KKPP:
|
||||||
|
MBEDTLS_SSL_DEBUG_MSG( 3, ( "found ecjpake kkpp extension" ) );
|
||||||
|
|
||||||
|
ret = ssl_parse_ecjpake_kkpp( ssl, ext + 4, ext_size );
|
||||||
|
if( ret != 0 )
|
||||||
|
return( ret );
|
||||||
|
break;
|
||||||
|
#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
|
||||||
|
|
||||||
#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
|
#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
|
||||||
case MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH:
|
case MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH:
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 3, ( "found max fragment length extension" ) );
|
MBEDTLS_SSL_DEBUG_MSG( 3, ( "found max fragment length extension" ) );
|
||||||
|
|
|
||||||
|
|
@ -2507,6 +2507,8 @@ run_test "ECJPAKE: client not configured" \
|
||||||
0 \
|
0 \
|
||||||
-C "add ciphersuite: c0ff" \
|
-C "add ciphersuite: c0ff" \
|
||||||
-C "adding ecjpake_kkpp extension" \
|
-C "adding ecjpake_kkpp extension" \
|
||||||
|
-S "found ecjpake kkpp extension" \
|
||||||
|
-S "skip ecjpake kkpp extension" \
|
||||||
-S "ciphersuite mismatch: ecjpake not configured" \
|
-S "ciphersuite mismatch: ecjpake not configured" \
|
||||||
-S "None of the common ciphersuites is usable"
|
-S "None of the common ciphersuites is usable"
|
||||||
|
|
||||||
|
|
@ -2517,9 +2519,23 @@ run_test "ECJPAKE: server not configured" \
|
||||||
1 \
|
1 \
|
||||||
-c "add ciphersuite: c0ff" \
|
-c "add ciphersuite: c0ff" \
|
||||||
-c "adding ecjpake_kkpp extension" \
|
-c "adding ecjpake_kkpp extension" \
|
||||||
|
-s "found ecjpake kkpp extension" \
|
||||||
|
-s "skip ecjpake kkpp extension" \
|
||||||
-s "ciphersuite mismatch: ecjpake not configured" \
|
-s "ciphersuite mismatch: ecjpake not configured" \
|
||||||
-s "None of the common ciphersuites is usable"
|
-s "None of the common ciphersuites is usable"
|
||||||
|
|
||||||
|
run_test "ECJPAKE: working, TLS" \
|
||||||
|
"$P_SRV debug_level=3 ecjpake_pw=bla" \
|
||||||
|
"$P_CLI debug_level=3 ecjpake_pw=bla \
|
||||||
|
force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \
|
||||||
|
1 \
|
||||||
|
-c "add ciphersuite: c0ff" \
|
||||||
|
-c "adding ecjpake_kkpp extension" \
|
||||||
|
-s "found ecjpake kkpp extension" \
|
||||||
|
-S "skip ecjpake kkpp extension" \
|
||||||
|
-S "ciphersuite mismatch: ecjpake not configured" \
|
||||||
|
-S "None of the common ciphersuites is usable"
|
||||||
|
|
||||||
# Tests for ciphersuites per version
|
# Tests for ciphersuites per version
|
||||||
|
|
||||||
run_test "Per-version suites: SSL3" \
|
run_test "Per-version suites: SSL3" \
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue