Merge remote-tracking branch 'mbedtls-restricted/development-restricted' into mbedtls-3.2.0rc0-pr
This commit is contained in:
commit
ce7d76e2ee
47 changed files with 1283 additions and 94 deletions
11
ChangeLog.d/add_mbedtls_setbuf.txt
Normal file
11
ChangeLog.d/add_mbedtls_setbuf.txt
Normal file
|
@ -0,0 +1,11 @@
|
|||
Security
|
||||
* Add the platform function mbedtls_setbuf() to allow buffering to be
|
||||
disabled on stdio files, to stop secrets loaded from said files being
|
||||
potentially left in memory after file operations. Reported by
|
||||
Glenn Strauss.
|
||||
Requirement changes
|
||||
* The library will no longer compile out of the box on a platform without
|
||||
setbuf(). If your platform does not have setbuf(), you can configure an
|
||||
alternative function by enabling MBEDTLS_PLATFORM_SETBUF_ALT or
|
||||
MBEDTLS_PLATFORM_SETBUF_MACRO.
|
||||
|
4
ChangeLog.d/bignum-0-mod-2.txt
Normal file
4
ChangeLog.d/bignum-0-mod-2.txt
Normal file
|
@ -0,0 +1,4 @@
|
|||
Bugfix
|
||||
* Fix a null pointer dereference when performing some operations on zero
|
||||
represented with 0 limbs (specifically mbedtls_mpi_mod_int() dividing
|
||||
by 2, and mbedtls_mpi_write_string() in base 2).
|
6
ChangeLog.d/buf-overread-use-psa-static-ecdh.txt
Normal file
6
ChangeLog.d/buf-overread-use-psa-static-ecdh.txt
Normal file
|
@ -0,0 +1,6 @@
|
|||
Security
|
||||
* Fix a potential heap buffer overread in TLS 1.2 server-side when
|
||||
MBEDTLS_USE_PSA_CRYPTO is enabled, an opaque key (created with
|
||||
mbedtls_pk_setup_opaque()) is provisioned, and a static ECDH ciphersuite
|
||||
is selected. This may result in an application crash or potentially an
|
||||
information leak.
|
9
ChangeLog.d/cookie_parsing_bug.txt
Normal file
9
ChangeLog.d/cookie_parsing_bug.txt
Normal file
|
@ -0,0 +1,9 @@
|
|||
Security
|
||||
* Fix a buffer overread in DTLS ClientHello parsing in servers with
|
||||
MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE enabled. An unauthenticated client
|
||||
or a man-in-the-middle could cause a DTLS server to read up to 255 bytes
|
||||
after the end of the SSL input buffer. The buffer overread only happens
|
||||
when MBEDTLS_SSL_IN_CONTENT_LEN is less than a threshold that depends on
|
||||
the exact configuration: 258 bytes if using mbedtls_ssl_cookie_check(),
|
||||
and possibly up to 571 bytes with a custom cookie check function.
|
||||
Reported by the Cybeats PSI Team.
|
4
ChangeLog.d/fix_tls_record_size_check.txt
Normal file
4
ChangeLog.d/fix_tls_record_size_check.txt
Normal file
|
@ -0,0 +1,4 @@
|
|||
Bugfix
|
||||
* Fix record sizes larger than 16384 being sometimes accepted despite being
|
||||
non-compliant. This could not lead to a buffer overflow. In particular,
|
||||
application data size was already checked correctly.
|
8
ChangeLog.d/tls13-add-missing-overread-check.txt
Normal file
8
ChangeLog.d/tls13-add-missing-overread-check.txt
Normal file
|
@ -0,0 +1,8 @@
|
|||
Security
|
||||
* Fix a buffer overread in TLS 1.3 Certificate parsing. An unauthenticated
|
||||
client or server could cause an MbedTLS server or client to overread up
|
||||
to 64 kBytes of data and potentially overread the input buffer by that
|
||||
amount minus the size of the input buffer. As overread data undergoes
|
||||
various checks, the likelihood of reaching the boundary of the input
|
||||
buffer is rather small but increases as its size
|
||||
MBEDTLS_SSL_IN_CONTENT_LEN decreases.
|
7
ChangeLog.d/tls13-fix-key-usage-checks.txt
Normal file
7
ChangeLog.d/tls13-fix-key-usage-checks.txt
Normal file
|
@ -0,0 +1,7 @@
|
|||
Security
|
||||
* Fix check of certificate key usage in TLS 1.3. The usage of the public key
|
||||
provided by a client or server certificate for authentication was not
|
||||
checked properly when validating the certificate. This could cause a
|
||||
client or server to be able to authenticate itself through a certificate
|
||||
to an Mbed TLS TLS 1.3 server or client while it does not own a proper
|
||||
certificate to do so.
|
|
@ -385,6 +385,20 @@
|
|||
#error "MBEDTLS_PLATFORM_EXIT_MACRO and MBEDTLS_PLATFORM_STD_EXIT/MBEDTLS_PLATFORM_EXIT_ALT cannot be defined simultaneously"
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_PLATFORM_SETBUF_ALT) && !defined(MBEDTLS_PLATFORM_C)
|
||||
#error "MBEDTLS_PLATFORM_SETBUF_ALT defined, but not all prerequisites"
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_PLATFORM_SETBUF_MACRO) && !defined(MBEDTLS_PLATFORM_C)
|
||||
#error "MBEDTLS_PLATFORM_SETBUF_MACRO defined, but not all prerequisites"
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_PLATFORM_SETBUF_MACRO) &&\
|
||||
( defined(MBEDTLS_PLATFORM_STD_SETBUF) ||\
|
||||
defined(MBEDTLS_PLATFORM_SETBUF_ALT) )
|
||||
#error "MBEDTLS_PLATFORM_SETBUF_MACRO and MBEDTLS_PLATFORM_STD_SETBUF/MBEDTLS_PLATFORM_SETBUF_ALT cannot be defined simultaneously"
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_PLATFORM_TIME_ALT) &&\
|
||||
( !defined(MBEDTLS_PLATFORM_C) ||\
|
||||
!defined(MBEDTLS_HAVE_TIME) )
|
||||
|
|
|
@ -225,6 +225,7 @@
|
|||
* Uncomment a macro to enable alternate implementation of specific base
|
||||
* platform function
|
||||
*/
|
||||
//#define MBEDTLS_PLATFORM_SETBUF_ALT
|
||||
//#define MBEDTLS_PLATFORM_EXIT_ALT
|
||||
//#define MBEDTLS_PLATFORM_TIME_ALT
|
||||
//#define MBEDTLS_PLATFORM_FPRINTF_ALT
|
||||
|
@ -3328,6 +3329,7 @@
|
|||
//#define MBEDTLS_PLATFORM_STD_MEM_HDR <stdlib.h> /**< Header to include if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */
|
||||
//#define MBEDTLS_PLATFORM_STD_CALLOC calloc /**< Default allocator to use, can be undefined */
|
||||
//#define MBEDTLS_PLATFORM_STD_FREE free /**< Default free to use, can be undefined */
|
||||
//#define MBEDTLS_PLATFORM_STD_SETBUF setbuf /**< Default setbuf to use, can be undefined */
|
||||
//#define MBEDTLS_PLATFORM_STD_EXIT exit /**< Default exit to use, can be undefined */
|
||||
//#define MBEDTLS_PLATFORM_STD_TIME time /**< Default time to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
|
||||
//#define MBEDTLS_PLATFORM_STD_FPRINTF fprintf /**< Default fprintf to use, can be undefined */
|
||||
|
@ -3345,6 +3347,7 @@
|
|||
//#define MBEDTLS_PLATFORM_CALLOC_MACRO calloc /**< Default allocator macro to use, can be undefined */
|
||||
//#define MBEDTLS_PLATFORM_FREE_MACRO free /**< Default free macro to use, can be undefined */
|
||||
//#define MBEDTLS_PLATFORM_EXIT_MACRO exit /**< Default exit macro to use, can be undefined */
|
||||
//#define MBEDTLS_PLATFORM_SETBUF_MACRO setbuf /**< Default setbuf macro to use, can be undefined */
|
||||
//#define MBEDTLS_PLATFORM_TIME_MACRO time /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
|
||||
//#define MBEDTLS_PLATFORM_TIME_TYPE_MACRO time_t /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
|
||||
//#define MBEDTLS_PLATFORM_FPRINTF_MACRO fprintf /**< Default fprintf macro to use, can be undefined */
|
||||
|
|
|
@ -216,32 +216,6 @@ typedef struct
|
|||
typedef void mbedtls_pk_restart_ctx;
|
||||
#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
|
||||
|
||||
#if defined(MBEDTLS_RSA_C)
|
||||
/**
|
||||
* Quick access to an RSA context inside a PK context.
|
||||
*
|
||||
* \warning You must make sure the PK context actually holds an RSA context
|
||||
* before using this function!
|
||||
*/
|
||||
static inline mbedtls_rsa_context *mbedtls_pk_rsa( const mbedtls_pk_context pk )
|
||||
{
|
||||
return( (mbedtls_rsa_context *) (pk).MBEDTLS_PRIVATE(pk_ctx) );
|
||||
}
|
||||
#endif /* MBEDTLS_RSA_C */
|
||||
|
||||
#if defined(MBEDTLS_ECP_C)
|
||||
/**
|
||||
* Quick access to an EC context inside a PK context.
|
||||
*
|
||||
* \warning You must make sure the PK context actually holds an EC context
|
||||
* before using this function!
|
||||
*/
|
||||
static inline mbedtls_ecp_keypair *mbedtls_pk_ec( const mbedtls_pk_context pk )
|
||||
{
|
||||
return( (mbedtls_ecp_keypair *) (pk).MBEDTLS_PRIVATE(pk_ctx) );
|
||||
}
|
||||
#endif /* MBEDTLS_ECP_C */
|
||||
|
||||
#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
|
||||
/**
|
||||
* \brief Types for RSA-alt abstraction
|
||||
|
@ -735,6 +709,55 @@ const char * mbedtls_pk_get_name( const mbedtls_pk_context *ctx );
|
|||
*/
|
||||
mbedtls_pk_type_t mbedtls_pk_get_type( const mbedtls_pk_context *ctx );
|
||||
|
||||
#if defined(MBEDTLS_RSA_C)
|
||||
/**
|
||||
* Quick access to an RSA context inside a PK context.
|
||||
*
|
||||
* \warning This function can only be used when the type of the context, as
|
||||
* returned by mbedtls_pk_get_type(), is #MBEDTLS_PK_RSA.
|
||||
* Ensuring that is the caller's responsibility.
|
||||
* Alternatively, you can check whether this function returns NULL.
|
||||
*
|
||||
* \return The internal RSA context held by the PK context, or NULL.
|
||||
*/
|
||||
static inline mbedtls_rsa_context *mbedtls_pk_rsa( const mbedtls_pk_context pk )
|
||||
{
|
||||
switch( mbedtls_pk_get_type( &pk ) )
|
||||
{
|
||||
case MBEDTLS_PK_RSA:
|
||||
return( (mbedtls_rsa_context *) (pk).MBEDTLS_PRIVATE(pk_ctx) );
|
||||
default:
|
||||
return( NULL );
|
||||
}
|
||||
}
|
||||
#endif /* MBEDTLS_RSA_C */
|
||||
|
||||
#if defined(MBEDTLS_ECP_C)
|
||||
/**
|
||||
* Quick access to an EC context inside a PK context.
|
||||
*
|
||||
* \warning This function can only be used when the type of the context, as
|
||||
* returned by mbedtls_pk_get_type(), is #MBEDTLS_PK_ECKEY,
|
||||
* #MBEDTLS_PK_ECKEY_DH, or #MBEDTLS_PK_ECDSA.
|
||||
* Ensuring that is the caller's responsibility.
|
||||
* Alternatively, you can check whether this function returns NULL.
|
||||
*
|
||||
* \return The internal EC context held by the PK context, or NULL.
|
||||
*/
|
||||
static inline mbedtls_ecp_keypair *mbedtls_pk_ec( const mbedtls_pk_context pk )
|
||||
{
|
||||
switch( mbedtls_pk_get_type( &pk ) )
|
||||
{
|
||||
case MBEDTLS_PK_ECKEY:
|
||||
case MBEDTLS_PK_ECKEY_DH:
|
||||
case MBEDTLS_PK_ECDSA:
|
||||
return( (mbedtls_ecp_keypair *) (pk).MBEDTLS_PRIVATE(pk_ctx) );
|
||||
default:
|
||||
return( NULL );
|
||||
}
|
||||
}
|
||||
#endif /* MBEDTLS_ECP_C */
|
||||
|
||||
#if defined(MBEDTLS_PK_PARSE_C)
|
||||
/** \ingroup pk_module */
|
||||
/**
|
||||
|
|
|
@ -91,6 +91,9 @@ extern "C" {
|
|||
#if !defined(MBEDTLS_PLATFORM_STD_FREE)
|
||||
#define MBEDTLS_PLATFORM_STD_FREE free /**< The default \c free function to use. */
|
||||
#endif
|
||||
#if !defined(MBEDTLS_PLATFORM_STD_SETBUF)
|
||||
#define MBEDTLS_PLATFORM_STD_SETBUF setbuf /**< The default \c setbuf function to use. */
|
||||
#endif
|
||||
#if !defined(MBEDTLS_PLATFORM_STD_EXIT)
|
||||
#define MBEDTLS_PLATFORM_STD_EXIT exit /**< The default \c exit function to use. */
|
||||
#endif
|
||||
|
@ -276,6 +279,56 @@ int mbedtls_platform_set_vsnprintf( int (*vsnprintf_func)( char * s, size_t n,
|
|||
#endif /* MBEDTLS_PLATFORM_VSNPRINTF_MACRO */
|
||||
#endif /* MBEDTLS_PLATFORM_VSNPRINTF_ALT */
|
||||
|
||||
/*
|
||||
* The function pointers for setbuf
|
||||
*/
|
||||
#if defined(MBEDTLS_PLATFORM_SETBUF_ALT)
|
||||
#include <stdio.h>
|
||||
/**
|
||||
* \brief Function pointer to call for `setbuf()` functionality
|
||||
* (changing the internal buffering on stdio calls).
|
||||
*
|
||||
* \note The library calls this function to disable
|
||||
* buffering when reading or writing sensitive data,
|
||||
* to avoid having extra copies of sensitive data
|
||||
* remaining in stdio buffers after the file is
|
||||
* closed. If this is not a concern, for example if
|
||||
* your platform's stdio doesn't have any buffering,
|
||||
* you can set mbedtls_setbuf to a function that
|
||||
* does nothing.
|
||||
*
|
||||
* The library always calls this function with
|
||||
* `buf` equal to `NULL`.
|
||||
*/
|
||||
extern void (*mbedtls_setbuf)( FILE *stream, char *buf );
|
||||
|
||||
/**
|
||||
* \brief Dynamically configure the function that is called
|
||||
* when the mbedtls_setbuf() function is called by the
|
||||
* library.
|
||||
*
|
||||
* \param setbuf_func The \c setbuf function implementation
|
||||
*
|
||||
* \return \c 0
|
||||
*/
|
||||
int mbedtls_platform_set_setbuf( void (*setbuf_func)(
|
||||
FILE *stream, char *buf ) );
|
||||
#elif defined(MBEDTLS_PLATFORM_SETBUF_MACRO)
|
||||
/**
|
||||
* \brief Macro defining the function for the library to
|
||||
* call for `setbuf` functionality (changing the
|
||||
* internal buffering on stdio calls).
|
||||
*
|
||||
* \note See extra comments on the mbedtls_setbuf() function
|
||||
* pointer above.
|
||||
*
|
||||
* \return \c 0 on success, negative on error.
|
||||
*/
|
||||
#define mbedtls_setbuf MBEDTLS_PLATFORM_SETBUF_MACRO
|
||||
#else
|
||||
#define mbedtls_setbuf setbuf
|
||||
#endif /* MBEDTLS_PLATFORM_SETBUF_ALT / MBEDTLS_PLATFORM_SETBUF_MACRO */
|
||||
|
||||
/*
|
||||
* The function pointers for exit
|
||||
*/
|
||||
|
|
|
@ -1785,7 +1785,7 @@ int mbedtls_mpi_mod_int( mbedtls_mpi_uint *r, const mbedtls_mpi *A, mbedtls_mpi_
|
|||
/*
|
||||
* handle trivial cases
|
||||
*/
|
||||
if( b == 1 )
|
||||
if( b == 1 || A->n == 0 )
|
||||
{
|
||||
*r = 0;
|
||||
return( 0 );
|
||||
|
|
|
@ -607,6 +607,9 @@ int mbedtls_ctr_drbg_write_seed_file( mbedtls_ctr_drbg_context *ctx,
|
|||
if( ( f = fopen( path, "wb" ) ) == NULL )
|
||||
return( MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR );
|
||||
|
||||
/* Ensure no stdio buffering of secrets, as such buffers cannot be wiped. */
|
||||
mbedtls_setbuf( f, NULL );
|
||||
|
||||
if( ( ret = mbedtls_ctr_drbg_random( ctx, buf,
|
||||
MBEDTLS_CTR_DRBG_MAX_INPUT ) ) != 0 )
|
||||
goto exit;
|
||||
|
@ -640,6 +643,9 @@ int mbedtls_ctr_drbg_update_seed_file( mbedtls_ctr_drbg_context *ctx,
|
|||
if( ( f = fopen( path, "rb" ) ) == NULL )
|
||||
return( MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR );
|
||||
|
||||
/* Ensure no stdio buffering of secrets, as such buffers cannot be wiped. */
|
||||
mbedtls_setbuf( f, NULL );
|
||||
|
||||
n = fread( buf, 1, sizeof( buf ), f );
|
||||
if( fread( &c, 1, 1, f ) != 0 )
|
||||
{
|
||||
|
|
|
@ -620,6 +620,7 @@ static int load_file( const char *path, unsigned char **buf, size_t *n )
|
|||
|
||||
if( ( f = fopen( path, "rb" ) ) == NULL )
|
||||
return( MBEDTLS_ERR_DHM_FILE_IO_ERROR );
|
||||
/* The data loaded here is public, so don't bother disabling buffering. */
|
||||
|
||||
fseek( f, 0, SEEK_END );
|
||||
if( ( size = ftell( f ) ) == -1 )
|
||||
|
|
|
@ -457,6 +457,9 @@ int mbedtls_entropy_write_seed_file( mbedtls_entropy_context *ctx, const char *p
|
|||
goto exit;
|
||||
}
|
||||
|
||||
/* Ensure no stdio buffering of secrets, as such buffers cannot be wiped. */
|
||||
mbedtls_setbuf( f, NULL );
|
||||
|
||||
if( fwrite( buf, 1, MBEDTLS_ENTROPY_BLOCK_SIZE, f ) != MBEDTLS_ENTROPY_BLOCK_SIZE )
|
||||
{
|
||||
ret = MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR;
|
||||
|
@ -484,6 +487,9 @@ int mbedtls_entropy_update_seed_file( mbedtls_entropy_context *ctx, const char *
|
|||
if( ( f = fopen( path, "rb" ) ) == NULL )
|
||||
return( MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR );
|
||||
|
||||
/* Ensure no stdio buffering of secrets, as such buffers cannot be wiped. */
|
||||
mbedtls_setbuf( f, NULL );
|
||||
|
||||
fseek( f, 0, SEEK_END );
|
||||
n = (size_t) ftell( f );
|
||||
fseek( f, 0, SEEK_SET );
|
||||
|
|
|
@ -35,7 +35,7 @@
|
|||
#if defined(MBEDTLS_TIMING_C)
|
||||
#include "mbedtls/timing.h"
|
||||
#endif
|
||||
#if defined(MBEDTLS_ENTROPY_NV_SEED)
|
||||
#if defined(MBEDTLS_ENTROPY_NV_SEED) || !defined(HAVE_SYSCTL_ARND)
|
||||
#include "mbedtls/platform.h"
|
||||
#endif
|
||||
|
||||
|
@ -195,6 +195,9 @@ int mbedtls_platform_entropy_poll( void *data,
|
|||
if( file == NULL )
|
||||
return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
|
||||
|
||||
/* Ensure no stdio buffering of secrets, as such buffers cannot be wiped. */
|
||||
mbedtls_setbuf( file, NULL );
|
||||
|
||||
read_len = fread( output, 1, len, file );
|
||||
if( read_len != len )
|
||||
{
|
||||
|
|
|
@ -436,6 +436,9 @@ int mbedtls_hmac_drbg_write_seed_file( mbedtls_hmac_drbg_context *ctx, const cha
|
|||
if( ( f = fopen( path, "wb" ) ) == NULL )
|
||||
return( MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR );
|
||||
|
||||
/* Ensure no stdio buffering of secrets, as such buffers cannot be wiped. */
|
||||
mbedtls_setbuf( f, NULL );
|
||||
|
||||
if( ( ret = mbedtls_hmac_drbg_random( ctx, buf, sizeof( buf ) ) ) != 0 )
|
||||
goto exit;
|
||||
|
||||
|
@ -465,6 +468,9 @@ int mbedtls_hmac_drbg_update_seed_file( mbedtls_hmac_drbg_context *ctx, const ch
|
|||
if( ( f = fopen( path, "rb" ) ) == NULL )
|
||||
return( MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR );
|
||||
|
||||
/* Ensure no stdio buffering of secrets, as such buffers cannot be wiped. */
|
||||
mbedtls_setbuf( f, NULL );
|
||||
|
||||
n = fread( buf, 1, sizeof( buf ), f );
|
||||
if( fread( &c, 1, 1, f ) != 0 )
|
||||
{
|
||||
|
|
|
@ -605,6 +605,9 @@ int mbedtls_md_file( const mbedtls_md_info_t *md_info, const char *path, unsigne
|
|||
if( ( f = fopen( path, "rb" ) ) == NULL )
|
||||
return( MBEDTLS_ERR_MD_FILE_IO_ERROR );
|
||||
|
||||
/* Ensure no stdio buffering of secrets, as such buffers cannot be wiped. */
|
||||
mbedtls_setbuf( f, NULL );
|
||||
|
||||
mbedtls_md_init( &ctx );
|
||||
|
||||
if( ( ret = mbedtls_md_setup( &ctx, md_info, 0 ) ) != 0 )
|
||||
|
|
|
@ -82,6 +82,9 @@ int mbedtls_pk_load_file( const char *path, unsigned char **buf, size_t *n )
|
|||
if( ( f = fopen( path, "rb" ) ) == NULL )
|
||||
return( MBEDTLS_ERR_PK_FILE_IO_ERROR );
|
||||
|
||||
/* Ensure no stdio buffering of secrets, as such buffers cannot be wiped. */
|
||||
mbedtls_setbuf( f, NULL );
|
||||
|
||||
fseek( f, 0, SEEK_END );
|
||||
if( ( size = ftell( f ) ) == -1 )
|
||||
{
|
||||
|
|
|
@ -226,6 +226,28 @@ int mbedtls_platform_set_fprintf( int (*fprintf_func)( FILE *, const char *, ...
|
|||
}
|
||||
#endif /* MBEDTLS_PLATFORM_FPRINTF_ALT */
|
||||
|
||||
#if defined(MBEDTLS_PLATFORM_SETBUF_ALT)
|
||||
#if !defined(MBEDTLS_PLATFORM_STD_SETBUF)
|
||||
/*
|
||||
* Make dummy function to prevent NULL pointer dereferences
|
||||
*/
|
||||
static void platform_setbuf_uninit( FILE *stream, char *buf )
|
||||
{
|
||||
((void) stream);
|
||||
((void) buf);
|
||||
}
|
||||
|
||||
#define MBEDTLS_PLATFORM_STD_SETBUF platform_setbuf_uninit
|
||||
#endif /* !MBEDTLS_PLATFORM_STD_SETBUF */
|
||||
void (*mbedtls_setbuf)( FILE *stream, char *buf ) = MBEDTLS_PLATFORM_STD_SETBUF;
|
||||
|
||||
int mbedtls_platform_set_setbuf( void (*setbuf_func)( FILE *stream, char *buf ) )
|
||||
{
|
||||
mbedtls_setbuf = setbuf_func;
|
||||
return( 0 );
|
||||
}
|
||||
#endif /* MBEDTLS_PLATFORM_SETBUF_ALT */
|
||||
|
||||
#if defined(MBEDTLS_PLATFORM_EXIT_ALT)
|
||||
#if !defined(MBEDTLS_PLATFORM_STD_EXIT)
|
||||
/*
|
||||
|
@ -288,6 +310,9 @@ int mbedtls_platform_std_nv_seed_read( unsigned char *buf, size_t buf_len )
|
|||
if( ( file = fopen( MBEDTLS_PLATFORM_STD_NV_SEED_FILE, "rb" ) ) == NULL )
|
||||
return( -1 );
|
||||
|
||||
/* Ensure no stdio buffering of secrets, as such buffers cannot be wiped. */
|
||||
mbedtls_setbuf( file, NULL );
|
||||
|
||||
if( ( n = fread( buf, 1, buf_len, file ) ) != buf_len )
|
||||
{
|
||||
fclose( file );
|
||||
|
@ -307,6 +332,9 @@ int mbedtls_platform_std_nv_seed_write( unsigned char *buf, size_t buf_len )
|
|||
if( ( file = fopen( MBEDTLS_PLATFORM_STD_NV_SEED_FILE, "w" ) ) == NULL )
|
||||
return -1;
|
||||
|
||||
/* Ensure no stdio buffering of secrets, as such buffers cannot be wiped. */
|
||||
mbedtls_setbuf( file, NULL );
|
||||
|
||||
if( ( n = fwrite( buf, 1, buf_len, file ) ) != buf_len )
|
||||
{
|
||||
fclose( file );
|
||||
|
|
|
@ -102,6 +102,9 @@ static psa_status_t psa_its_read_file( psa_storage_uid_t uid,
|
|||
if( *p_stream == NULL )
|
||||
return( PSA_ERROR_DOES_NOT_EXIST );
|
||||
|
||||
/* Ensure no stdio buffering of secrets, as such buffers cannot be wiped. */
|
||||
mbedtls_setbuf( *p_stream, NULL );
|
||||
|
||||
n = fread( &header, 1, sizeof( header ), *p_stream );
|
||||
if( n != sizeof( header ) )
|
||||
return( PSA_ERROR_DATA_CORRUPT );
|
||||
|
@ -201,9 +204,13 @@ psa_status_t psa_its_set( psa_storage_uid_t uid,
|
|||
|
||||
psa_its_fill_filename( uid, filename );
|
||||
stream = fopen( PSA_ITS_STORAGE_TEMP, "wb" );
|
||||
|
||||
if( stream == NULL )
|
||||
goto exit;
|
||||
|
||||
/* Ensure no stdio buffering of secrets, as such buffers cannot be wiped. */
|
||||
mbedtls_setbuf( stream, NULL );
|
||||
|
||||
status = PSA_ERROR_INSUFFICIENT_STORAGE;
|
||||
n = fwrite( &header, 1, sizeof( header ), stream );
|
||||
if( n != sizeof( header ) )
|
||||
|
|
|
@ -50,6 +50,7 @@ void mbedtls_ssl_cache_init( mbedtls_ssl_cache_context *cache )
|
|||
#endif
|
||||
}
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_cache_find_entry( mbedtls_ssl_cache_context *cache,
|
||||
unsigned char const *session_id,
|
||||
size_t session_id_len,
|
||||
|
@ -124,6 +125,7 @@ exit:
|
|||
return( ret );
|
||||
}
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_cache_pick_writing_slot( mbedtls_ssl_cache_context *cache,
|
||||
unsigned char const *session_id,
|
||||
size_t session_id_len,
|
||||
|
|
|
@ -1778,6 +1778,7 @@ const int *mbedtls_ssl_list_ciphersuites( void )
|
|||
static int supported_ciphersuites[MAX_CIPHERSUITES];
|
||||
static int supported_init = 0;
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ciphersuite_is_removed( const mbedtls_ssl_ciphersuite_t *cs_info )
|
||||
{
|
||||
(void)cs_info;
|
||||
|
|
|
@ -46,6 +46,7 @@
|
|||
#include "ssl_debug_helpers.h"
|
||||
|
||||
#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_write_hostname_ext( mbedtls_ssl_context *ssl,
|
||||
unsigned char *buf,
|
||||
const unsigned char *end,
|
||||
|
@ -129,6 +130,7 @@ static int ssl_write_hostname_ext( mbedtls_ssl_context *ssl,
|
|||
* } ProtocolNameList;
|
||||
*
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_write_alpn_ext( mbedtls_ssl_context *ssl,
|
||||
unsigned char *buf,
|
||||
const unsigned char *end,
|
||||
|
@ -226,6 +228,7 @@ static int ssl_write_alpn_ext( mbedtls_ssl_context *ssl,
|
|||
*
|
||||
* DHE groups are not supported yet.
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_write_supported_groups_ext( mbedtls_ssl_context *ssl,
|
||||
unsigned char *buf,
|
||||
const unsigned char *end,
|
||||
|
@ -308,6 +311,7 @@ static int ssl_write_supported_groups_ext( mbedtls_ssl_context *ssl,
|
|||
#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C ||
|
||||
MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_write_client_hello_cipher_suites(
|
||||
mbedtls_ssl_context *ssl,
|
||||
unsigned char *buf,
|
||||
|
@ -424,6 +428,7 @@ static int ssl_write_client_hello_cipher_suites(
|
|||
* };
|
||||
* } ClientHello;
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_write_client_hello_body( mbedtls_ssl_context *ssl,
|
||||
unsigned char *buf,
|
||||
unsigned char *end,
|
||||
|
@ -654,6 +659,7 @@ static int ssl_write_client_hello_body( mbedtls_ssl_context *ssl,
|
|||
return( 0 );
|
||||
}
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_generate_random( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
@ -691,6 +697,7 @@ static int ssl_generate_random( mbedtls_ssl_context *ssl )
|
|||
return( ret );
|
||||
}
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_prepare_client_hello( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret;
|
||||
|
|
|
@ -28,6 +28,7 @@
|
|||
|
||||
#include <stddef.h>
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_write_client_hello( mbedtls_ssl_context *ssl );
|
||||
|
||||
#endif /* MBEDTLS_SSL_CLIENT_H */
|
||||
|
|
|
@ -160,6 +160,7 @@ int mbedtls_ssl_cookie_setup( mbedtls_ssl_cookie_ctx *ctx,
|
|||
/*
|
||||
* Generate the HMAC part of a cookie
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_cookie_hmac( mbedtls_md_context_t *hmac_ctx,
|
||||
const unsigned char time[4],
|
||||
unsigned char **p, unsigned char *end,
|
||||
|
|
|
@ -381,11 +381,38 @@ static inline size_t mbedtls_ssl_get_input_buflen( const mbedtls_ssl_context *ct
|
|||
* \return Zero if the needed space is available in the buffer, non-zero
|
||||
* otherwise.
|
||||
*/
|
||||
#if ! defined(MBEDTLS_TEST_HOOKS)
|
||||
static inline int mbedtls_ssl_chk_buf_ptr( const uint8_t *cur,
|
||||
const uint8_t *end, size_t need )
|
||||
{
|
||||
return( ( cur > end ) || ( need > (size_t)( end - cur ) ) );
|
||||
}
|
||||
#else
|
||||
typedef struct
|
||||
{
|
||||
const uint8_t *cur;
|
||||
const uint8_t *end;
|
||||
size_t need;
|
||||
} mbedtls_ssl_chk_buf_ptr_args;
|
||||
|
||||
void mbedtls_ssl_set_chk_buf_ptr_fail_args(
|
||||
const uint8_t *cur, const uint8_t *end, size_t need );
|
||||
void mbedtls_ssl_reset_chk_buf_ptr_fail_args( void );
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_cmp_chk_buf_ptr_fail_args( mbedtls_ssl_chk_buf_ptr_args *args );
|
||||
|
||||
static inline int mbedtls_ssl_chk_buf_ptr( const uint8_t *cur,
|
||||
const uint8_t *end, size_t need )
|
||||
{
|
||||
if( ( cur > end ) || ( need > (size_t)( end - cur ) ) )
|
||||
{
|
||||
mbedtls_ssl_set_chk_buf_ptr_fail_args( cur, end, need );
|
||||
return( 1 );
|
||||
}
|
||||
return( 0 );
|
||||
}
|
||||
#endif /* MBEDTLS_TEST_HOOKS */
|
||||
|
||||
/**
|
||||
* \brief This macro checks if the remaining size in a buffer is
|
||||
|
@ -1102,6 +1129,7 @@ struct mbedtls_ssl_flight_item
|
|||
* (<> 0) or not ( 0 ).
|
||||
* \param[out] out_len Length of the data written into the buffer \p buf
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_tls12_write_client_hello_exts( mbedtls_ssl_context *ssl,
|
||||
unsigned char *buf,
|
||||
const unsigned char *end,
|
||||
|
@ -1153,7 +1181,9 @@ void mbedtls_ssl_set_inbound_transform( mbedtls_ssl_context *ssl,
|
|||
void mbedtls_ssl_set_outbound_transform( mbedtls_ssl_context *ssl,
|
||||
mbedtls_ssl_transform *transform );
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl );
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl );
|
||||
void mbedtls_ssl_handshake_wrapup( mbedtls_ssl_context *ssl );
|
||||
static inline void mbedtls_ssl_handshake_set_state( mbedtls_ssl_context *ssl,
|
||||
|
@ -1162,15 +1192,19 @@ static inline void mbedtls_ssl_handshake_set_state( mbedtls_ssl_context *ssl,
|
|||
ssl->state = ( int ) state;
|
||||
}
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_send_fatal_handshake_failure( mbedtls_ssl_context *ssl );
|
||||
|
||||
void mbedtls_ssl_reset_checksum( mbedtls_ssl_context *ssl );
|
||||
|
||||
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl );
|
||||
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_handle_message_type( mbedtls_ssl_context *ssl );
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_prepare_handshake_record( mbedtls_ssl_context *ssl );
|
||||
void mbedtls_ssl_update_handshake_status( mbedtls_ssl_context *ssl );
|
||||
|
||||
|
@ -1250,16 +1284,20 @@ void mbedtls_ssl_update_handshake_status( mbedtls_ssl_context *ssl );
|
|||
* following the above definition.
|
||||
*
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl,
|
||||
unsigned update_hs_digest );
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_fetch_input( mbedtls_ssl_context *ssl, size_t nb_want );
|
||||
|
||||
/*
|
||||
* Write handshake message header
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_start_handshake_msg( mbedtls_ssl_context *ssl, unsigned hs_type,
|
||||
unsigned char **buf, size_t *buf_len );
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_write_handshake_msg_ext( mbedtls_ssl_context *ssl,
|
||||
int update_checksum,
|
||||
int force_flush );
|
||||
|
@ -1271,19 +1309,28 @@ static inline int mbedtls_ssl_write_handshake_msg( mbedtls_ssl_context *ssl )
|
|||
/*
|
||||
* Write handshake message tail
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_finish_handshake_msg( mbedtls_ssl_context *ssl,
|
||||
size_t buf_len, size_t msg_len );
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl, int force_flush );
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_flush_output( mbedtls_ssl_context *ssl );
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl );
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_write_certificate( mbedtls_ssl_context *ssl );
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_parse_change_cipher_spec( mbedtls_ssl_context *ssl );
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_write_change_cipher_spec( mbedtls_ssl_context *ssl );
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_parse_finished( mbedtls_ssl_context *ssl );
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_write_finished( mbedtls_ssl_context *ssl );
|
||||
|
||||
void mbedtls_ssl_optimize_checksum( mbedtls_ssl_context *ssl,
|
||||
|
@ -1299,10 +1346,12 @@ void mbedtls_ssl_add_hs_msg_to_checksum( mbedtls_ssl_context *ssl,
|
|||
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
|
||||
#if !defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl,
|
||||
mbedtls_key_exchange_type_t key_ex );
|
||||
#endif /* !MBEDTLS_USE_PSA_CRYPTO */
|
||||
#if defined(MBEDTLS_SSL_CLI_C) && defined(MBEDTLS_SSL_PROTO_TLS1_2)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_conf_has_static_psk( mbedtls_ssl_config const *conf );
|
||||
#endif
|
||||
|
||||
|
@ -1370,11 +1419,14 @@ mbedtls_md_type_t mbedtls_ssl_md_alg_from_hash( unsigned char hash );
|
|||
unsigned char mbedtls_ssl_hash_from_md_alg( int md );
|
||||
|
||||
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_set_calc_verify_md( mbedtls_ssl_context *ssl, int md );
|
||||
#endif
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_check_curve_tls_id( const mbedtls_ssl_context *ssl, uint16_t tls_id );
|
||||
#if defined(MBEDTLS_ECP_C)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_check_curve( const mbedtls_ssl_context *ssl, mbedtls_ecp_group_id grp_id );
|
||||
#endif
|
||||
|
||||
|
@ -1429,6 +1481,7 @@ static inline mbedtls_x509_crt *mbedtls_ssl_own_cert( mbedtls_ssl_context *ssl )
|
|||
*
|
||||
* Return 0 if everything is OK, -1 if not.
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_check_cert_usage( const mbedtls_x509_crt *cert,
|
||||
const mbedtls_ssl_ciphersuite_t *ciphersuite,
|
||||
int cert_endpoint,
|
||||
|
@ -1477,21 +1530,26 @@ static inline size_t mbedtls_ssl_hs_hdr_len( const mbedtls_ssl_context *ssl )
|
|||
#if defined(MBEDTLS_SSL_PROTO_DTLS)
|
||||
void mbedtls_ssl_send_flight_completed( mbedtls_ssl_context *ssl );
|
||||
void mbedtls_ssl_recv_flight_completed( mbedtls_ssl_context *ssl );
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_resend( mbedtls_ssl_context *ssl );
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_flight_transmit( mbedtls_ssl_context *ssl );
|
||||
#endif
|
||||
|
||||
/* Visible for testing purposes only */
|
||||
#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_dtls_replay_check( mbedtls_ssl_context const *ssl );
|
||||
void mbedtls_ssl_dtls_replay_update( mbedtls_ssl_context *ssl );
|
||||
#endif
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_session_copy( mbedtls_ssl_session *dst,
|
||||
const mbedtls_ssl_session *src );
|
||||
|
||||
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
|
||||
/* The hash buffer must have at least MBEDTLS_MD_MAX_SIZE bytes of length. */
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_get_key_exchange_md_tls1_2( mbedtls_ssl_context *ssl,
|
||||
unsigned char *hash, size_t *hashlen,
|
||||
unsigned char *data, size_t data_len,
|
||||
|
@ -1503,11 +1561,13 @@ int mbedtls_ssl_get_key_exchange_md_tls1_2( mbedtls_ssl_context *ssl,
|
|||
#endif
|
||||
|
||||
void mbedtls_ssl_transform_init( mbedtls_ssl_transform *transform );
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl,
|
||||
mbedtls_ssl_transform *transform,
|
||||
mbedtls_record *rec,
|
||||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng );
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl,
|
||||
mbedtls_ssl_transform *transform,
|
||||
mbedtls_record *rec );
|
||||
|
@ -1525,10 +1585,12 @@ static inline size_t mbedtls_ssl_ep_len( const mbedtls_ssl_context *ssl )
|
|||
}
|
||||
|
||||
#if defined(MBEDTLS_SSL_PROTO_DTLS)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_resend_hello_request( mbedtls_ssl_context *ssl );
|
||||
#endif /* MBEDTLS_SSL_PROTO_DTLS */
|
||||
|
||||
void mbedtls_ssl_set_timer( mbedtls_ssl_context *ssl, uint32_t millisecs );
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_check_timer( mbedtls_ssl_context *ssl );
|
||||
|
||||
void mbedtls_ssl_reset_in_out_pointers( mbedtls_ssl_context *ssl );
|
||||
|
@ -1536,6 +1598,7 @@ void mbedtls_ssl_update_out_pointers( mbedtls_ssl_context *ssl,
|
|||
mbedtls_ssl_transform *transform );
|
||||
void mbedtls_ssl_update_in_pointers( mbedtls_ssl_context *ssl );
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_session_reset_int( mbedtls_ssl_context *ssl, int partial );
|
||||
void mbedtls_ssl_session_reset_msg_layer( mbedtls_ssl_context *ssl,
|
||||
int partial );
|
||||
|
@ -1543,6 +1606,7 @@ void mbedtls_ssl_session_reset_msg_layer( mbedtls_ssl_context *ssl,
|
|||
/*
|
||||
* Send pending alert
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_handle_pending_alert( mbedtls_ssl_context *ssl );
|
||||
|
||||
/*
|
||||
|
@ -1563,6 +1627,7 @@ void mbedtls_ssl_dtls_replay_reset( mbedtls_ssl_context *ssl );
|
|||
void mbedtls_ssl_handshake_wrapup_free_hs_transform( mbedtls_ssl_context *ssl );
|
||||
|
||||
#if defined(MBEDTLS_SSL_RENEGOTIATION)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_start_renegotiation( mbedtls_ssl_context *ssl );
|
||||
#endif /* MBEDTLS_SSL_RENEGOTIATION */
|
||||
|
||||
|
@ -1627,7 +1692,9 @@ static inline int mbedtls_ssl_conf_is_hybrid_tls12_tls13( const mbedtls_ssl_conf
|
|||
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
|
||||
extern const uint8_t mbedtls_ssl_tls13_hello_retry_request_magic[
|
||||
MBEDTLS_SERVER_HELLO_RANDOM_LEN ];
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_tls13_process_finished_message( mbedtls_ssl_context *ssl );
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_tls13_write_finished_message( mbedtls_ssl_context *ssl );
|
||||
void mbedtls_ssl_tls13_handshake_wrapup( mbedtls_ssl_context *ssl );
|
||||
|
||||
|
@ -1640,6 +1707,7 @@ void mbedtls_ssl_tls13_handshake_wrapup( mbedtls_ssl_context *ssl );
|
|||
* \param[in] end End address of the buffer where to write the extensions
|
||||
* \param[out] out_len Length of the data written into the buffer \p buf
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_tls13_write_client_hello_exts( mbedtls_ssl_context *ssl,
|
||||
unsigned char *buf,
|
||||
unsigned char *end,
|
||||
|
@ -1650,6 +1718,7 @@ int mbedtls_ssl_tls13_write_client_hello_exts( mbedtls_ssl_context *ssl,
|
|||
*
|
||||
* \param ssl SSL context
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_tls13_handshake_client_step( mbedtls_ssl_context *ssl );
|
||||
|
||||
/**
|
||||
|
@ -1657,6 +1726,7 @@ int mbedtls_ssl_tls13_handshake_client_step( mbedtls_ssl_context *ssl );
|
|||
*
|
||||
* \param ssl SSL context
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_tls13_handshake_server_step( mbedtls_ssl_context *ssl );
|
||||
|
||||
|
||||
|
@ -1749,6 +1819,7 @@ static inline int mbedtls_ssl_tls13_some_psk_enabled( mbedtls_ssl_context *ssl )
|
|||
/*
|
||||
* Fetch TLS 1.3 handshake message header
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_tls13_fetch_handshake_msg( mbedtls_ssl_context *ssl,
|
||||
unsigned hs_type,
|
||||
unsigned char **buf,
|
||||
|
@ -1757,17 +1828,20 @@ int mbedtls_ssl_tls13_fetch_handshake_msg( mbedtls_ssl_context *ssl,
|
|||
/*
|
||||
* Handler of TLS 1.3 server certificate message
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_tls13_process_certificate( mbedtls_ssl_context *ssl );
|
||||
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
|
||||
/*
|
||||
* Handler of TLS 1.3 write Certificate message
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_tls13_write_certificate( mbedtls_ssl_context *ssl );
|
||||
|
||||
/*
|
||||
* Handler of TLS 1.3 write Certificate Verify message
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_tls13_write_certificate_verify( mbedtls_ssl_context *ssl );
|
||||
|
||||
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
|
||||
|
@ -1775,16 +1849,20 @@ int mbedtls_ssl_tls13_write_certificate_verify( mbedtls_ssl_context *ssl );
|
|||
/*
|
||||
* Generic handler of Certificate Verify
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_tls13_process_certificate_verify( mbedtls_ssl_context *ssl );
|
||||
|
||||
/*
|
||||
* Write of dummy-CCS's for middlebox compatibility
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_tls13_write_change_cipher_spec( mbedtls_ssl_context *ssl );
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_reset_transcript_for_hrr( mbedtls_ssl_context *ssl );
|
||||
|
||||
#if defined(MBEDTLS_ECDH_C)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_tls13_generate_and_write_ecdh_key_exchange(
|
||||
mbedtls_ssl_context *ssl,
|
||||
uint16_t named_group,
|
||||
|
@ -1800,12 +1878,14 @@ int mbedtls_ssl_tls13_generate_and_write_ecdh_key_exchange(
|
|||
/*
|
||||
* Parse TLS Signature Algorithm extension
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_parse_sig_alg_ext( mbedtls_ssl_context *ssl,
|
||||
const unsigned char *buf,
|
||||
const unsigned char *end );
|
||||
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
|
||||
|
||||
/* Get handshake transcript */
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_get_handshake_transcript( mbedtls_ssl_context *ssl,
|
||||
const mbedtls_md_type_t md,
|
||||
unsigned char *dst,
|
||||
|
@ -2172,6 +2252,7 @@ static inline int mbedtls_ssl_sig_alg_is_supported(
|
|||
|
||||
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_tls13_check_sig_alg_cert_key_match( uint16_t sig_alg,
|
||||
mbedtls_pk_context *key );
|
||||
|
||||
|
@ -2265,6 +2346,7 @@ mbedtls_ssl_mode_t mbedtls_ssl_get_mode_from_ciphersuite(
|
|||
|
||||
#if defined(MBEDTLS_ECDH_C)
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_tls13_read_public_ecdhe_share( mbedtls_ssl_context *ssl,
|
||||
const unsigned char *buf,
|
||||
size_t buf_len );
|
||||
|
@ -2297,31 +2379,44 @@ static inline int mbedtls_ssl_tls13_cipher_suite_is_offered(
|
|||
*
|
||||
* \return 0 if valid, negative value otherwise.
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_validate_ciphersuite(
|
||||
const mbedtls_ssl_context *ssl,
|
||||
const mbedtls_ssl_ciphersuite_t *suite_info,
|
||||
mbedtls_ssl_protocol_version min_tls_version,
|
||||
mbedtls_ssl_protocol_version max_tls_version );
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_write_sig_alg_ext( mbedtls_ssl_context *ssl, unsigned char *buf,
|
||||
const unsigned char *end, size_t *out_len );
|
||||
|
||||
#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_parse_server_name_ext( mbedtls_ssl_context *ssl,
|
||||
const unsigned char *buf,
|
||||
const unsigned char *end );
|
||||
#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */
|
||||
|
||||
#if defined(MBEDTLS_SSL_ALPN)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_parse_alpn_ext( mbedtls_ssl_context *ssl,
|
||||
const unsigned char *buf,
|
||||
const unsigned char *end );
|
||||
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_write_alpn_ext( mbedtls_ssl_context *ssl,
|
||||
unsigned char *buf,
|
||||
unsigned char *end,
|
||||
size_t *out_len );
|
||||
#endif /* MBEDTLS_SSL_ALPN */
|
||||
|
||||
#if defined(MBEDTLS_TEST_HOOKS)
|
||||
int mbedtls_ssl_check_dtls_clihlo_cookie(
|
||||
mbedtls_ssl_context *ssl,
|
||||
const unsigned char *cli_id, size_t cli_id_len,
|
||||
const unsigned char *in, size_t in_len,
|
||||
unsigned char *obuf, size_t buf_len, size_t *olen );
|
||||
#endif
|
||||
|
||||
#endif /* ssl_misc.h */
|
||||
|
|
|
@ -86,6 +86,7 @@ int mbedtls_ssl_check_timer( mbedtls_ssl_context *ssl )
|
|||
return( 0 );
|
||||
}
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_parse_record_header( mbedtls_ssl_context const *ssl,
|
||||
unsigned char *buf,
|
||||
size_t len,
|
||||
|
@ -157,11 +158,16 @@ exit:
|
|||
static void ssl_buffering_free_slot( mbedtls_ssl_context *ssl,
|
||||
uint8_t slot );
|
||||
static void ssl_free_buffered_record( mbedtls_ssl_context *ssl );
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_load_buffered_message( mbedtls_ssl_context *ssl );
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_load_buffered_record( mbedtls_ssl_context *ssl );
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_buffer_message( mbedtls_ssl_context *ssl );
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_buffer_future_record( mbedtls_ssl_context *ssl,
|
||||
mbedtls_record const *rec );
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_next_record_is_in_datagram( mbedtls_ssl_context *ssl );
|
||||
|
||||
static size_t ssl_get_maximum_datagram_size( mbedtls_ssl_context const *ssl )
|
||||
|
@ -179,6 +185,7 @@ static size_t ssl_get_maximum_datagram_size( mbedtls_ssl_context const *ssl )
|
|||
return( out_buf_len );
|
||||
}
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_get_remaining_space_in_datagram( mbedtls_ssl_context const *ssl )
|
||||
{
|
||||
size_t const bytes_written = ssl->out_left;
|
||||
|
@ -195,6 +202,7 @@ static int ssl_get_remaining_space_in_datagram( mbedtls_ssl_context const *ssl )
|
|||
return( (int) ( mtu - bytes_written ) );
|
||||
}
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_get_remaining_payload_in_datagram( mbedtls_ssl_context const *ssl )
|
||||
{
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
@ -246,6 +254,7 @@ static int ssl_get_remaining_payload_in_datagram( mbedtls_ssl_context const *ssl
|
|||
* Double the retransmit timeout value, within the allowed range,
|
||||
* returning -1 if the maximum value has already been reached.
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_double_retransmit_timeout( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
uint32_t new_timeout;
|
||||
|
@ -329,6 +338,7 @@ static size_t ssl_compute_padding_length( size_t len,
|
|||
* - A negative error code if `max_len` didn't offer enough space
|
||||
* for the expansion.
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_build_inner_plaintext( unsigned char *content,
|
||||
size_t *content_size,
|
||||
size_t remaining,
|
||||
|
@ -356,6 +366,7 @@ static int ssl_build_inner_plaintext( unsigned char *content,
|
|||
|
||||
/* This function parses a (D)TLSInnerPlaintext structure.
|
||||
* See ssl_build_inner_plaintext() for details. */
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_parse_inner_plaintext( unsigned char const *content,
|
||||
size_t *content_size,
|
||||
uint8_t *rec_type )
|
||||
|
@ -469,6 +480,7 @@ static void ssl_extract_add_data_from_record( unsigned char* add_data,
|
|||
#if defined(MBEDTLS_GCM_C) || \
|
||||
defined(MBEDTLS_CCM_C) || \
|
||||
defined(MBEDTLS_CHACHAPOLY_C)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_transform_aead_dynamic_iv_is_explicit(
|
||||
mbedtls_ssl_transform const *transform )
|
||||
{
|
||||
|
@ -2066,6 +2078,7 @@ int mbedtls_ssl_flush_output( mbedtls_ssl_context *ssl )
|
|||
/*
|
||||
* Append current handshake message to current outgoing flight
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_flight_append( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
mbedtls_ssl_flight_item *msg;
|
||||
|
@ -2132,6 +2145,7 @@ void mbedtls_ssl_flight_free( mbedtls_ssl_flight_item *flight )
|
|||
/*
|
||||
* Swap transform_out and out_ctr with the alternative ones
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_swap_epochs( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
mbedtls_ssl_transform *tmp_transform;
|
||||
|
@ -2767,6 +2781,7 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl, int force_flush )
|
|||
|
||||
#if defined(MBEDTLS_SSL_PROTO_DTLS)
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_hs_is_proper_fragment( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
if( ssl->in_msglen < ssl->in_hslen ||
|
||||
|
@ -2792,6 +2807,7 @@ static uint32_t ssl_get_hs_frag_off( mbedtls_ssl_context const *ssl )
|
|||
ssl->in_msg[8] );
|
||||
}
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_check_hs_header( mbedtls_ssl_context const *ssl )
|
||||
{
|
||||
uint32_t msg_len, frag_off, frag_len;
|
||||
|
@ -2858,6 +2874,7 @@ static void ssl_bitmask_set( unsigned char *mask, size_t offset, size_t len )
|
|||
/*
|
||||
* Check that bitmask is full
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_bitmask_check( unsigned char *mask, size_t len )
|
||||
{
|
||||
size_t i;
|
||||
|
@ -3057,6 +3074,7 @@ static inline uint64_t ssl_load_six_bytes( unsigned char *buf )
|
|||
( (uint64_t) buf[5] ) );
|
||||
}
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int mbedtls_ssl_dtls_record_replay_check( mbedtls_ssl_context *ssl, uint8_t *record_in_ctr )
|
||||
{
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
@ -3139,8 +3157,8 @@ void mbedtls_ssl_dtls_replay_update( mbedtls_ssl_context *ssl )
|
|||
|
||||
#if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) && defined(MBEDTLS_SSL_SRV_C)
|
||||
/*
|
||||
* Without any SSL context, check if a datagram looks like a ClientHello with
|
||||
* a valid cookie, and if it doesn't, generate a HelloVerifyRequest message.
|
||||
* Check if a datagram looks like a ClientHello with a valid cookie,
|
||||
* and if it doesn't, generate a HelloVerifyRequest message.
|
||||
* Both input and output include full DTLS headers.
|
||||
*
|
||||
* - if cookie is valid, return 0
|
||||
|
@ -3149,15 +3167,15 @@ void mbedtls_ssl_dtls_replay_update( mbedtls_ssl_context *ssl )
|
|||
* return MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED
|
||||
* - otherwise return a specific error code
|
||||
*/
|
||||
static int ssl_check_dtls_clihlo_cookie(
|
||||
mbedtls_ssl_cookie_write_t *f_cookie_write,
|
||||
mbedtls_ssl_cookie_check_t *f_cookie_check,
|
||||
void *p_cookie,
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
MBEDTLS_STATIC_TESTABLE
|
||||
int mbedtls_ssl_check_dtls_clihlo_cookie(
|
||||
mbedtls_ssl_context *ssl,
|
||||
const unsigned char *cli_id, size_t cli_id_len,
|
||||
const unsigned char *in, size_t in_len,
|
||||
unsigned char *obuf, size_t buf_len, size_t *olen )
|
||||
{
|
||||
size_t sid_len, cookie_len;
|
||||
size_t sid_len, cookie_len, epoch, fragment_offset;
|
||||
unsigned char *p;
|
||||
|
||||
/*
|
||||
|
@ -3186,26 +3204,55 @@ static int ssl_check_dtls_clihlo_cookie(
|
|||
*
|
||||
* Minimum length is 61 bytes.
|
||||
*/
|
||||
if( in_len < 61 ||
|
||||
in[0] != MBEDTLS_SSL_MSG_HANDSHAKE ||
|
||||
in[3] != 0 || in[4] != 0 ||
|
||||
in[19] != 0 || in[20] != 0 || in[21] != 0 )
|
||||
MBEDTLS_SSL_DEBUG_MSG( 4, ( "check cookie: in_len=%u",
|
||||
(unsigned) in_len ) );
|
||||
MBEDTLS_SSL_DEBUG_BUF( 4, "cli_id", cli_id, cli_id_len );
|
||||
if( in_len < 61 )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 4, ( "check cookie: record too short" ) );
|
||||
return( MBEDTLS_ERR_SSL_DECODE_ERROR );
|
||||
}
|
||||
|
||||
epoch = MBEDTLS_GET_UINT16_BE( in, 3 );
|
||||
fragment_offset = MBEDTLS_GET_UINT24_BE( in, 19 );
|
||||
|
||||
if( in[0] != MBEDTLS_SSL_MSG_HANDSHAKE || epoch != 0 ||
|
||||
fragment_offset != 0 )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 4, ( "check cookie: not a good ClientHello" ) );
|
||||
MBEDTLS_SSL_DEBUG_MSG( 4, ( " type=%u epoch=%u fragment_offset=%u",
|
||||
in[0], (unsigned) epoch,
|
||||
(unsigned) fragment_offset ) );
|
||||
return( MBEDTLS_ERR_SSL_DECODE_ERROR );
|
||||
}
|
||||
|
||||
sid_len = in[59];
|
||||
if( sid_len > in_len - 61 )
|
||||
if( 59 + 1 + sid_len + 1 > in_len )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 4, ( "check cookie: sid_len=%u > %u",
|
||||
(unsigned) sid_len,
|
||||
(unsigned) in_len - 61 ) );
|
||||
return( MBEDTLS_ERR_SSL_DECODE_ERROR );
|
||||
}
|
||||
MBEDTLS_SSL_DEBUG_BUF( 4, "sid received from network",
|
||||
in + 60, sid_len );
|
||||
|
||||
cookie_len = in[60 + sid_len];
|
||||
if( cookie_len > in_len - 60 )
|
||||
return( MBEDTLS_ERR_SSL_DECODE_ERROR );
|
||||
|
||||
if( f_cookie_check( p_cookie, in + sid_len + 61, cookie_len,
|
||||
cli_id, cli_id_len ) == 0 )
|
||||
if( 59 + 1 + sid_len + 1 + cookie_len > in_len )
|
||||
{
|
||||
/* Valid cookie */
|
||||
MBEDTLS_SSL_DEBUG_MSG( 4, ( "check cookie: cookie_len=%u > %u",
|
||||
(unsigned) cookie_len,
|
||||
(unsigned) ( in_len - sid_len - 61 ) ) );
|
||||
return( MBEDTLS_ERR_SSL_DECODE_ERROR );
|
||||
}
|
||||
|
||||
MBEDTLS_SSL_DEBUG_BUF( 4, "cookie received from network",
|
||||
in + sid_len + 61, cookie_len );
|
||||
if( ssl->conf->f_cookie_check( ssl->conf->p_cookie,
|
||||
in + sid_len + 61, cookie_len,
|
||||
cli_id, cli_id_len ) == 0 )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 4, ( "check cookie: valid" ) );
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
|
@ -3240,8 +3287,9 @@ static int ssl_check_dtls_clihlo_cookie(
|
|||
|
||||
/* Generate and write actual cookie */
|
||||
p = obuf + 28;
|
||||
if( f_cookie_write( p_cookie,
|
||||
&p, obuf + buf_len, cli_id, cli_id_len ) != 0 )
|
||||
if( ssl->conf->f_cookie_write( ssl->conf->p_cookie,
|
||||
&p, obuf + buf_len,
|
||||
cli_id, cli_id_len ) != 0 )
|
||||
{
|
||||
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
|
||||
}
|
||||
|
@ -3280,6 +3328,7 @@ static int ssl_check_dtls_clihlo_cookie(
|
|||
* includes the case of MBEDTLS_ERR_SSL_CLIENT_RECONNECT and of unexpected
|
||||
* errors, and is the right thing to do in both cases).
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_handle_possible_reconnect( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
@ -3295,15 +3344,13 @@ static int ssl_handle_possible_reconnect( mbedtls_ssl_context *ssl )
|
|||
return( 0 );
|
||||
}
|
||||
|
||||
ret = ssl_check_dtls_clihlo_cookie(
|
||||
ssl->conf->f_cookie_write,
|
||||
ssl->conf->f_cookie_check,
|
||||
ssl->conf->p_cookie,
|
||||
ret = mbedtls_ssl_check_dtls_clihlo_cookie(
|
||||
ssl,
|
||||
ssl->cli_id, ssl->cli_id_len,
|
||||
ssl->in_buf, ssl->in_left,
|
||||
ssl->out_buf, MBEDTLS_SSL_OUT_CONTENT_LEN, &len );
|
||||
|
||||
MBEDTLS_SSL_DEBUG_RET( 2, "ssl_check_dtls_clihlo_cookie", ret );
|
||||
MBEDTLS_SSL_DEBUG_RET( 2, "mbedtls_ssl_check_dtls_clihlo_cookie", ret );
|
||||
|
||||
if( ret == MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED )
|
||||
{
|
||||
|
@ -3337,6 +3384,7 @@ static int ssl_handle_possible_reconnect( mbedtls_ssl_context *ssl )
|
|||
}
|
||||
#endif /* MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE && MBEDTLS_SSL_SRV_C */
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_check_record_type( uint8_t record_type )
|
||||
{
|
||||
if( record_type != MBEDTLS_SSL_MSG_HANDSHAKE &&
|
||||
|
@ -3369,6 +3417,7 @@ static int ssl_check_record_type( uint8_t record_type )
|
|||
* Point 2 is needed when the peer is resending, and we have already received
|
||||
* the first record from a datagram but are still waiting for the others.
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_parse_record_header( mbedtls_ssl_context const *ssl,
|
||||
unsigned char *buf,
|
||||
size_t len,
|
||||
|
@ -3481,7 +3530,6 @@ static int ssl_parse_record_header( mbedtls_ssl_context const *ssl,
|
|||
/*
|
||||
* Parse and validate record version
|
||||
*/
|
||||
|
||||
rec->ver[0] = buf[ rec_hdr_version_offset + 0 ];
|
||||
rec->ver[1] = buf[ rec_hdr_version_offset + 1 ];
|
||||
tls_version = mbedtls_ssl_read_version( buf + rec_hdr_version_offset,
|
||||
|
@ -3489,10 +3537,12 @@ static int ssl_parse_record_header( mbedtls_ssl_context const *ssl,
|
|||
|
||||
if( tls_version > ssl->conf->max_tls_version )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "TLS version mismatch" ) );
|
||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "TLS version mismatch: got %u, expected max %u",
|
||||
(unsigned) tls_version,
|
||||
(unsigned) ssl->conf->max_tls_version) );
|
||||
|
||||
return( MBEDTLS_ERR_SSL_INVALID_RECORD );
|
||||
}
|
||||
|
||||
/*
|
||||
* Parse/Copy record sequence number.
|
||||
*/
|
||||
|
@ -3594,6 +3644,7 @@ static int ssl_parse_record_header( mbedtls_ssl_context const *ssl,
|
|||
|
||||
|
||||
#if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) && defined(MBEDTLS_SSL_SRV_C)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_check_client_reconnect( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
unsigned int rec_epoch = ( ssl->in_ctr[0] << 8 ) | ssl->in_ctr[1];
|
||||
|
@ -3623,6 +3674,7 @@ static int ssl_check_client_reconnect( mbedtls_ssl_context *ssl )
|
|||
/*
|
||||
* If applicable, decrypt record content
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_prepare_record_content( mbedtls_ssl_context *ssl,
|
||||
mbedtls_record *rec )
|
||||
{
|
||||
|
@ -3757,7 +3809,7 @@ static int ssl_prepare_record_content( mbedtls_ssl_context *ssl,
|
|||
|
||||
/* Check actual (decrypted) record content length against
|
||||
* configured maximum. */
|
||||
if( ssl->in_msglen > MBEDTLS_SSL_IN_CONTENT_LEN )
|
||||
if( rec->data_len > MBEDTLS_SSL_IN_CONTENT_LEN )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad message length" ) );
|
||||
return( MBEDTLS_ERR_SSL_INVALID_RECORD );
|
||||
|
@ -3775,8 +3827,11 @@ static int ssl_prepare_record_content( mbedtls_ssl_context *ssl,
|
|||
*/
|
||||
|
||||
/* Helper functions for mbedtls_ssl_read_record(). */
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_consume_current_message( mbedtls_ssl_context *ssl );
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_get_next_record( mbedtls_ssl_context *ssl );
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_record_is_in_progress( mbedtls_ssl_context *ssl );
|
||||
|
||||
int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl,
|
||||
|
@ -3864,6 +3919,7 @@ int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl,
|
|||
}
|
||||
|
||||
#if defined(MBEDTLS_SSL_PROTO_DTLS)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_next_record_is_in_datagram( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
if( ssl->in_left > ssl->next_record_offset )
|
||||
|
@ -3872,6 +3928,7 @@ static int ssl_next_record_is_in_datagram( mbedtls_ssl_context *ssl )
|
|||
return( 0 );
|
||||
}
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_load_buffered_message( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
mbedtls_ssl_handshake_params * const hs = ssl->handshake;
|
||||
|
@ -3969,6 +4026,7 @@ exit:
|
|||
return( ret );
|
||||
}
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_buffer_make_space( mbedtls_ssl_context *ssl,
|
||||
size_t desired )
|
||||
{
|
||||
|
@ -4011,6 +4069,7 @@ static int ssl_buffer_make_space( mbedtls_ssl_context *ssl,
|
|||
return( -1 );
|
||||
}
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_buffer_message( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret = 0;
|
||||
|
@ -4215,6 +4274,7 @@ exit:
|
|||
}
|
||||
#endif /* MBEDTLS_SSL_PROTO_DTLS */
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_consume_current_message( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
/*
|
||||
|
@ -4302,6 +4362,7 @@ static int ssl_consume_current_message( mbedtls_ssl_context *ssl )
|
|||
return( 0 );
|
||||
}
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_record_is_in_progress( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
if( ssl->in_msglen > 0 )
|
||||
|
@ -4328,6 +4389,7 @@ static void ssl_free_buffered_record( mbedtls_ssl_context *ssl )
|
|||
}
|
||||
}
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_load_buffered_record( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
mbedtls_ssl_handshake_params * const hs = ssl->handshake;
|
||||
|
@ -4385,6 +4447,7 @@ exit:
|
|||
return( 0 );
|
||||
}
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_buffer_future_record( mbedtls_ssl_context *ssl,
|
||||
mbedtls_record const *rec )
|
||||
{
|
||||
|
@ -4443,6 +4506,7 @@ static int ssl_buffer_future_record( mbedtls_ssl_context *ssl,
|
|||
|
||||
#endif /* MBEDTLS_SSL_PROTO_DTLS */
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_get_next_record( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
@ -5193,6 +5257,7 @@ int mbedtls_ssl_get_record_expansion( const mbedtls_ssl_context *ssl )
|
|||
/*
|
||||
* Check record counters and renegotiate if they're above the limit.
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_check_ctr_renegotiate( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
size_t ep_len = mbedtls_ssl_ep_len( ssl );
|
||||
|
@ -5232,6 +5297,7 @@ static int ssl_check_ctr_renegotiate( mbedtls_ssl_context *ssl )
|
|||
* and having a helper function allows to distinguish between TLS <= 1.2 and
|
||||
* TLS 1.3 in the future without bloating the logic of mbedtls_ssl_read().
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_handle_hs_message_post_handshake( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
@ -5549,6 +5615,7 @@ int mbedtls_ssl_read( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len )
|
|||
* Therefore, it is possible that the input message length is 0 and the
|
||||
* corresponding return code is 0 on success.
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_write_real( mbedtls_ssl_context *ssl,
|
||||
const unsigned char *buf, size_t len )
|
||||
{
|
||||
|
|
|
@ -66,6 +66,7 @@ void mbedtls_ssl_ticket_init( mbedtls_ssl_ticket_context *ctx )
|
|||
/*
|
||||
* Generate/update a key
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_ticket_gen_key( mbedtls_ssl_ticket_context *ctx,
|
||||
unsigned char index )
|
||||
{
|
||||
|
@ -113,6 +114,7 @@ static int ssl_ticket_gen_key( mbedtls_ssl_ticket_context *ctx,
|
|||
/*
|
||||
* Rotate/generate keys if necessary
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_ticket_update_keys( mbedtls_ssl_ticket_context *ctx )
|
||||
{
|
||||
#if !defined(MBEDTLS_HAVE_TIME)
|
||||
|
|
|
@ -58,6 +58,30 @@
|
|||
#include "mbedtls/oid.h"
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_TEST_HOOKS)
|
||||
static mbedtls_ssl_chk_buf_ptr_args chk_buf_ptr_fail_args;
|
||||
|
||||
void mbedtls_ssl_set_chk_buf_ptr_fail_args(
|
||||
const uint8_t *cur, const uint8_t *end, size_t need )
|
||||
{
|
||||
chk_buf_ptr_fail_args.cur = cur;
|
||||
chk_buf_ptr_fail_args.end = end;
|
||||
chk_buf_ptr_fail_args.need = need;
|
||||
}
|
||||
|
||||
void mbedtls_ssl_reset_chk_buf_ptr_fail_args( void )
|
||||
{
|
||||
memset( &chk_buf_ptr_fail_args, 0, sizeof( chk_buf_ptr_fail_args ) );
|
||||
}
|
||||
|
||||
int mbedtls_ssl_cmp_chk_buf_ptr_fail_args( mbedtls_ssl_chk_buf_ptr_args *args )
|
||||
{
|
||||
return( ( chk_buf_ptr_fail_args.cur != args->cur ) ||
|
||||
( chk_buf_ptr_fail_args.end != args->end ) ||
|
||||
( chk_buf_ptr_fail_args.need != args->need ) );
|
||||
}
|
||||
#endif /* MBEDTLS_TEST_HOOKS */
|
||||
|
||||
#if defined(MBEDTLS_SSL_PROTO_DTLS)
|
||||
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
|
@ -275,6 +299,7 @@ int mbedtls_ssl_session_copy( mbedtls_ssl_session *dst,
|
|||
}
|
||||
|
||||
#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int resize_buffer( unsigned char **buffer, size_t len_new, size_t *len_old )
|
||||
{
|
||||
unsigned char* resized_buffer = mbedtls_calloc( 1, len_new );
|
||||
|
@ -380,6 +405,7 @@ typedef int ssl_tls_prf_t(const unsigned char *, size_t, const char *,
|
|||
const unsigned char *, size_t,
|
||||
unsigned char *, size_t);
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls12_populate_transform( mbedtls_ssl_transform *transform,
|
||||
int ciphersuite,
|
||||
const unsigned char master[48],
|
||||
|
@ -393,6 +419,7 @@ static int ssl_tls12_populate_transform( mbedtls_ssl_transform *transform,
|
|||
const mbedtls_ssl_context *ssl );
|
||||
|
||||
#if defined(MBEDTLS_SHA256_C)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int tls_prf_sha256( const unsigned char *secret, size_t slen,
|
||||
const char *label,
|
||||
const unsigned char *random, size_t rlen,
|
||||
|
@ -403,6 +430,7 @@ static void ssl_calc_finished_tls_sha256( mbedtls_ssl_context *,unsigned char *,
|
|||
#endif /* MBEDTLS_SHA256_C */
|
||||
|
||||
#if defined(MBEDTLS_SHA384_C)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int tls_prf_sha384( const unsigned char *secret, size_t slen,
|
||||
const char *label,
|
||||
const unsigned char *random, size_t rlen,
|
||||
|
@ -415,6 +443,7 @@ static void ssl_calc_finished_tls_sha384( mbedtls_ssl_context *, unsigned char *
|
|||
static size_t ssl_session_save_tls12( const mbedtls_ssl_session *session,
|
||||
unsigned char *buf,
|
||||
size_t buf_len );
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_session_load_tls12( mbedtls_ssl_session *session,
|
||||
const unsigned char *buf,
|
||||
size_t len );
|
||||
|
@ -672,6 +701,7 @@ void mbedtls_ssl_session_init( mbedtls_ssl_session *session )
|
|||
memset( session, 0, sizeof(mbedtls_ssl_session) );
|
||||
}
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_handshake_init( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
/* Clear old handshake information if present */
|
||||
|
@ -862,6 +892,7 @@ static int ssl_handshake_init( mbedtls_ssl_context *ssl )
|
|||
|
||||
#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C)
|
||||
/* Dummy cookie callbacks for defaults */
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_cookie_write_dummy( void *ctx,
|
||||
unsigned char **p, unsigned char *end,
|
||||
const unsigned char *cli_id, size_t cli_id_len )
|
||||
|
@ -875,6 +906,7 @@ static int ssl_cookie_write_dummy( void *ctx,
|
|||
return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
|
||||
}
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_cookie_check_dummy( void *ctx,
|
||||
const unsigned char *cookie, size_t cookie_len,
|
||||
const unsigned char *cli_id, size_t cli_id_len )
|
||||
|
@ -897,6 +929,7 @@ void mbedtls_ssl_init( mbedtls_ssl_context *ssl )
|
|||
memset( ssl, 0, sizeof( mbedtls_ssl_context ) );
|
||||
}
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_conf_version_check( const mbedtls_ssl_context *ssl )
|
||||
{
|
||||
const mbedtls_ssl_config *conf = ssl->conf;
|
||||
|
@ -948,6 +981,7 @@ static int ssl_conf_version_check( const mbedtls_ssl_context *ssl )
|
|||
return( MBEDTLS_ERR_SSL_BAD_CONFIG );
|
||||
}
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_conf_check(const mbedtls_ssl_context *ssl)
|
||||
{
|
||||
int ret;
|
||||
|
@ -1092,6 +1126,8 @@ void mbedtls_ssl_session_reset_msg_layer( mbedtls_ssl_context *ssl,
|
|||
memset( ssl->in_buf, 0, in_buf_len );
|
||||
}
|
||||
|
||||
ssl->send_alert = 0;
|
||||
|
||||
/* Reset outgoing message writing */
|
||||
ssl->out_msgtype = 0;
|
||||
ssl->out_msglen = 0;
|
||||
|
@ -1371,6 +1407,7 @@ static void ssl_key_cert_free( mbedtls_ssl_key_cert *key_cert )
|
|||
}
|
||||
|
||||
/* Append a new keycert entry to a (possibly empty) list */
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_append_key_cert( mbedtls_ssl_key_cert **head,
|
||||
mbedtls_x509_crt *cert,
|
||||
mbedtls_pk_context *key )
|
||||
|
@ -1524,6 +1561,7 @@ int mbedtls_ssl_set_hs_ecjpake_password( mbedtls_ssl_context *ssl,
|
|||
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_conf_psk_is_configured( mbedtls_ssl_config const *conf )
|
||||
{
|
||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||
|
@ -1569,6 +1607,7 @@ static void ssl_conf_remove_psk( mbedtls_ssl_config *conf )
|
|||
* It checks that the provided identity is well-formed and attempts
|
||||
* to make a copy of it in the SSL config.
|
||||
* On failure, the PSK identity in the config remains unset. */
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_conf_set_psk_identity( mbedtls_ssl_config *conf,
|
||||
unsigned char const *psk_identity,
|
||||
size_t psk_identity_len )
|
||||
|
@ -2763,6 +2802,7 @@ static unsigned char ssl_serialized_session_header[] = {
|
|||
*
|
||||
*/
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_session_save( const mbedtls_ssl_session *session,
|
||||
unsigned char omit_header,
|
||||
unsigned char *buf,
|
||||
|
@ -2837,6 +2877,7 @@ int mbedtls_ssl_session_save( const mbedtls_ssl_session *session,
|
|||
* This internal version is wrapped by a public function that cleans up in
|
||||
* case of error, and has an extra option omit_header.
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_session_load( mbedtls_ssl_session *session,
|
||||
unsigned char omit_header,
|
||||
const unsigned char *buf,
|
||||
|
@ -2903,6 +2944,7 @@ int mbedtls_ssl_session_load( mbedtls_ssl_session *session,
|
|||
/*
|
||||
* Perform a single step of the SSL handshake
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_prepare_handshake_step( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
@ -3061,6 +3103,7 @@ int mbedtls_ssl_handshake( mbedtls_ssl_context *ssl )
|
|||
/*
|
||||
* Write HelloRequest to request renegotiation on server
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_write_hello_request( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
@ -3659,6 +3702,7 @@ int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl,
|
|||
* This internal version is wrapped by a public function that cleans up in
|
||||
* case of error.
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_context_load( mbedtls_ssl_context *ssl,
|
||||
const unsigned char *buf,
|
||||
size_t len )
|
||||
|
@ -4224,6 +4268,7 @@ static uint16_t ssl_preset_suiteb_groups[] = {
|
|||
#if defined(MBEDTLS_DEBUG_C) && defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
|
||||
/* Function for checking `ssl_preset_*_sig_algs` and `ssl_tls12_preset_*_sig_algs`
|
||||
* to make sure there are no duplicated signature algorithm entries. */
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_check_no_sig_alg_duplication( uint16_t * sig_algs )
|
||||
{
|
||||
size_t i, j;
|
||||
|
@ -4769,6 +4814,7 @@ exit:
|
|||
#else /* MBEDTLS_USE_PSA_CRYPTO */
|
||||
|
||||
#if defined(MBEDTLS_SHA384_C)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_get_handshake_transcript_sha384( mbedtls_ssl_context *ssl,
|
||||
unsigned char *dst,
|
||||
size_t dst_len,
|
||||
|
@ -4799,6 +4845,7 @@ exit:
|
|||
#endif /* MBEDTLS_SHA384_C */
|
||||
|
||||
#if defined(MBEDTLS_SHA256_C)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_get_handshake_transcript_sha256( mbedtls_ssl_context *ssl,
|
||||
unsigned char *dst,
|
||||
size_t dst_len,
|
||||
|
@ -5034,6 +5081,7 @@ static psa_status_t setup_psa_key_derivation( psa_key_derivation_operation_t* de
|
|||
return( PSA_SUCCESS );
|
||||
}
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int tls_prf_generic( mbedtls_md_type_t md_type,
|
||||
const unsigned char *secret, size_t slen,
|
||||
const char *label,
|
||||
|
@ -5110,6 +5158,7 @@ static int tls_prf_generic( mbedtls_md_type_t md_type,
|
|||
|
||||
#else /* MBEDTLS_USE_PSA_CRYPTO */
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int tls_prf_generic( mbedtls_md_type_t md_type,
|
||||
const unsigned char *secret, size_t slen,
|
||||
const char *label,
|
||||
|
@ -5202,6 +5251,7 @@ exit:
|
|||
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
||||
|
||||
#if defined(MBEDTLS_SHA256_C)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int tls_prf_sha256( const unsigned char *secret, size_t slen,
|
||||
const char *label,
|
||||
const unsigned char *random, size_t rlen,
|
||||
|
@ -5213,6 +5263,7 @@ static int tls_prf_sha256( const unsigned char *secret, size_t slen,
|
|||
#endif /* MBEDTLS_SHA256_C */
|
||||
|
||||
#if defined(MBEDTLS_SHA384_C)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int tls_prf_sha384( const unsigned char *secret, size_t slen,
|
||||
const char *label,
|
||||
const unsigned char *random, size_t rlen,
|
||||
|
@ -5232,6 +5283,7 @@ static int tls_prf_sha384( const unsigned char *secret, size_t slen,
|
|||
* Outputs:
|
||||
* - the tls_prf, calc_verify and calc_finished members of handshake structure
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_set_handshake_prfs( mbedtls_ssl_handshake_params *handshake,
|
||||
mbedtls_md_type_t hash )
|
||||
{
|
||||
|
@ -5276,6 +5328,7 @@ static int ssl_set_handshake_prfs( mbedtls_ssl_handshake_params *handshake,
|
|||
* EMS: passed to calc_verify (debug + session_negotiate)
|
||||
* PSA-PSA: conf
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_compute_master( mbedtls_ssl_handshake_params *handshake,
|
||||
unsigned char *master,
|
||||
const mbedtls_ssl_context *ssl )
|
||||
|
@ -5744,6 +5797,7 @@ int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exch
|
|||
#endif /* !MBEDTLS_USE_PSA_CRYPTO && MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
|
||||
|
||||
#if defined(MBEDTLS_SSL_SRV_C) && defined(MBEDTLS_SSL_RENEGOTIATION)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_write_hello_request( mbedtls_ssl_context *ssl );
|
||||
|
||||
#if defined(MBEDTLS_SSL_PROTO_DTLS)
|
||||
|
@ -5915,6 +5969,7 @@ int mbedtls_ssl_write_certificate( mbedtls_ssl_context *ssl )
|
|||
#if defined(MBEDTLS_SSL_RENEGOTIATION) && defined(MBEDTLS_SSL_CLI_C)
|
||||
|
||||
#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_check_peer_crt_unchanged( mbedtls_ssl_context *ssl,
|
||||
unsigned char *crt_buf,
|
||||
size_t crt_buf_len )
|
||||
|
@ -5930,6 +5985,7 @@ static int ssl_check_peer_crt_unchanged( mbedtls_ssl_context *ssl,
|
|||
return( memcmp( peer_crt->raw.p, crt_buf, peer_crt->raw.len ) );
|
||||
}
|
||||
#else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_check_peer_crt_unchanged( mbedtls_ssl_context *ssl,
|
||||
unsigned char *crt_buf,
|
||||
size_t crt_buf_len )
|
||||
|
@ -5964,6 +6020,7 @@ static int ssl_check_peer_crt_unchanged( mbedtls_ssl_context *ssl,
|
|||
* Once the certificate message is read, parse it into a cert chain and
|
||||
* perform basic checks, but leave actual verification to the caller
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_parse_certificate_chain( mbedtls_ssl_context *ssl,
|
||||
mbedtls_x509_crt *chain )
|
||||
{
|
||||
|
@ -6119,6 +6176,7 @@ static int ssl_parse_certificate_chain( mbedtls_ssl_context *ssl,
|
|||
}
|
||||
|
||||
#if defined(MBEDTLS_SSL_SRV_C)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_srv_check_client_no_crt_notification( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT )
|
||||
|
@ -6144,6 +6202,7 @@ static int ssl_srv_check_client_no_crt_notification( mbedtls_ssl_context *ssl )
|
|||
*/
|
||||
#define SSL_CERTIFICATE_EXPECTED 0
|
||||
#define SSL_CERTIFICATE_SKIP 1
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_parse_certificate_coordinate( mbedtls_ssl_context *ssl,
|
||||
int authmode )
|
||||
{
|
||||
|
@ -6173,6 +6232,7 @@ static int ssl_parse_certificate_coordinate( mbedtls_ssl_context *ssl,
|
|||
return( SSL_CERTIFICATE_EXPECTED );
|
||||
}
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl,
|
||||
int authmode,
|
||||
mbedtls_x509_crt *chain,
|
||||
|
@ -6270,7 +6330,9 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl,
|
|||
{
|
||||
const mbedtls_pk_context *pk = &chain->pk;
|
||||
|
||||
/* If certificate uses an EC key, make sure the curve is OK */
|
||||
/* If certificate uses an EC key, make sure the curve is OK.
|
||||
* This is a public key, so it can't be opaque, so can_do() is a good
|
||||
* enough check to ensure pk_ec() is safe to use here. */
|
||||
if( mbedtls_pk_can_do( pk, MBEDTLS_PK_ECKEY ) &&
|
||||
mbedtls_ssl_check_curve( ssl, mbedtls_pk_ec( *pk )->grp.id ) != 0 )
|
||||
{
|
||||
|
@ -6361,6 +6423,7 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl,
|
|||
}
|
||||
|
||||
#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_remember_peer_crt_digest( mbedtls_ssl_context *ssl,
|
||||
unsigned char *start, size_t len )
|
||||
{
|
||||
|
@ -6392,6 +6455,7 @@ static int ssl_remember_peer_crt_digest( mbedtls_ssl_context *ssl,
|
|||
return( ret );
|
||||
}
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_remember_peer_pubkey( mbedtls_ssl_context *ssl,
|
||||
unsigned char *start, size_t len )
|
||||
{
|
||||
|
@ -7060,6 +7124,7 @@ static mbedtls_tls_prf_types tls_prf_get_type( mbedtls_ssl_tls_prf_cb *tls_prf )
|
|||
* [in] optionally used for:
|
||||
* - MBEDTLS_DEBUG_C: ssl->conf->{f,p}_dbg
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls12_populate_transform( mbedtls_ssl_transform *transform,
|
||||
int ciphersuite,
|
||||
const unsigned char master[48],
|
||||
|
@ -7889,6 +7954,7 @@ static size_t ssl_session_save_tls12( const mbedtls_ssl_session *session,
|
|||
return( used );
|
||||
}
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_session_load_tls12( mbedtls_ssl_session *session,
|
||||
const unsigned char *buf,
|
||||
size_t len )
|
||||
|
@ -8254,6 +8320,7 @@ int mbedtls_ssl_write_sig_alg_ext( mbedtls_ssl_context *ssl, unsigned char *buf,
|
|||
* ServerName server_name_list<1..2^16-1>
|
||||
* } ServerNameList;
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_parse_server_name_ext( mbedtls_ssl_context *ssl,
|
||||
const unsigned char *buf,
|
||||
const unsigned char *end )
|
||||
|
@ -8309,6 +8376,7 @@ int mbedtls_ssl_parse_server_name_ext( mbedtls_ssl_context *ssl,
|
|||
#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */
|
||||
|
||||
#if defined(MBEDTLS_SSL_ALPN)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_parse_alpn_ext( mbedtls_ssl_context *ssl,
|
||||
const unsigned char *buf,
|
||||
const unsigned char *end )
|
||||
|
|
|
@ -75,6 +75,7 @@ int mbedtls_ssl_conf_has_static_psk( mbedtls_ssl_config const *conf )
|
|||
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
|
||||
|
||||
#if defined(MBEDTLS_SSL_RENEGOTIATION)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_write_renegotiation_ext( mbedtls_ssl_context *ssl,
|
||||
unsigned char *buf,
|
||||
const unsigned char *end,
|
||||
|
@ -116,6 +117,7 @@ static int ssl_write_renegotiation_ext( mbedtls_ssl_context *ssl,
|
|||
#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
|
||||
defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_write_supported_point_formats_ext( mbedtls_ssl_context *ssl,
|
||||
unsigned char *buf,
|
||||
const unsigned char *end,
|
||||
|
@ -147,6 +149,7 @@ static int ssl_write_supported_point_formats_ext( mbedtls_ssl_context *ssl,
|
|||
MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
|
||||
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl,
|
||||
unsigned char *buf,
|
||||
const unsigned char *end,
|
||||
|
@ -220,6 +223,7 @@ static int ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl,
|
|||
#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
|
||||
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_write_cid_ext( mbedtls_ssl_context *ssl,
|
||||
unsigned char *buf,
|
||||
const unsigned char *end,
|
||||
|
@ -266,6 +270,7 @@ static int ssl_write_cid_ext( mbedtls_ssl_context *ssl,
|
|||
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||
|
||||
#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl,
|
||||
unsigned char *buf,
|
||||
const unsigned char *end,
|
||||
|
@ -298,6 +303,7 @@ static int ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl,
|
|||
#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
|
||||
|
||||
#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_write_encrypt_then_mac_ext( mbedtls_ssl_context *ssl,
|
||||
unsigned char *buf,
|
||||
const unsigned char *end,
|
||||
|
@ -328,6 +334,7 @@ static int ssl_write_encrypt_then_mac_ext( mbedtls_ssl_context *ssl,
|
|||
#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */
|
||||
|
||||
#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_write_extended_ms_ext( mbedtls_ssl_context *ssl,
|
||||
unsigned char *buf,
|
||||
const unsigned char *end,
|
||||
|
@ -358,6 +365,7 @@ static int ssl_write_extended_ms_ext( mbedtls_ssl_context *ssl,
|
|||
#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */
|
||||
|
||||
#if defined(MBEDTLS_SSL_SESSION_TICKETS)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_write_session_ticket_ext( mbedtls_ssl_context *ssl,
|
||||
unsigned char *buf,
|
||||
const unsigned char *end,
|
||||
|
@ -400,6 +408,7 @@ static int ssl_write_session_ticket_ext( mbedtls_ssl_context *ssl,
|
|||
#endif /* MBEDTLS_SSL_SESSION_TICKETS */
|
||||
|
||||
#if defined(MBEDTLS_SSL_DTLS_SRTP)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl,
|
||||
unsigned char *buf,
|
||||
const unsigned char *end,
|
||||
|
@ -629,6 +638,7 @@ int mbedtls_ssl_tls12_write_client_hello_exts( mbedtls_ssl_context *ssl,
|
|||
return( 0 );
|
||||
}
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_parse_renegotiation_info( mbedtls_ssl_context *ssl,
|
||||
const unsigned char *buf,
|
||||
size_t len )
|
||||
|
@ -673,6 +683,7 @@ static int ssl_parse_renegotiation_info( mbedtls_ssl_context *ssl,
|
|||
}
|
||||
|
||||
#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_parse_max_fragment_length_ext( mbedtls_ssl_context *ssl,
|
||||
const unsigned char *buf,
|
||||
size_t len )
|
||||
|
@ -699,6 +710,7 @@ static int ssl_parse_max_fragment_length_ext( mbedtls_ssl_context *ssl,
|
|||
#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
|
||||
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_parse_cid_ext( mbedtls_ssl_context *ssl,
|
||||
const unsigned char *buf,
|
||||
size_t len )
|
||||
|
@ -755,6 +767,7 @@ static int ssl_parse_cid_ext( mbedtls_ssl_context *ssl,
|
|||
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||
|
||||
#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_parse_encrypt_then_mac_ext( mbedtls_ssl_context *ssl,
|
||||
const unsigned char *buf,
|
||||
size_t len )
|
||||
|
@ -780,6 +793,7 @@ static int ssl_parse_encrypt_then_mac_ext( mbedtls_ssl_context *ssl,
|
|||
#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */
|
||||
|
||||
#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_parse_extended_ms_ext( mbedtls_ssl_context *ssl,
|
||||
const unsigned char *buf,
|
||||
size_t len )
|
||||
|
@ -805,6 +819,7 @@ static int ssl_parse_extended_ms_ext( mbedtls_ssl_context *ssl,
|
|||
#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */
|
||||
|
||||
#if defined(MBEDTLS_SSL_SESSION_TICKETS)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_parse_session_ticket_ext( mbedtls_ssl_context *ssl,
|
||||
const unsigned char *buf,
|
||||
size_t len )
|
||||
|
@ -831,6 +846,7 @@ static int ssl_parse_session_ticket_ext( mbedtls_ssl_context *ssl,
|
|||
|
||||
#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
|
||||
defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_parse_supported_point_formats_ext( mbedtls_ssl_context *ssl,
|
||||
const unsigned char *buf,
|
||||
size_t len )
|
||||
|
@ -879,6 +895,7 @@ static int ssl_parse_supported_point_formats_ext( mbedtls_ssl_context *ssl,
|
|||
MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
|
||||
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_parse_ecjpake_kkpp( mbedtls_ssl_context *ssl,
|
||||
const unsigned char *buf,
|
||||
size_t len )
|
||||
|
@ -913,6 +930,7 @@ static int ssl_parse_ecjpake_kkpp( mbedtls_ssl_context *ssl,
|
|||
#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
|
||||
|
||||
#if defined(MBEDTLS_SSL_ALPN)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_parse_alpn_ext( mbedtls_ssl_context *ssl,
|
||||
const unsigned char *buf, size_t len )
|
||||
{
|
||||
|
@ -983,6 +1001,7 @@ static int ssl_parse_alpn_ext( mbedtls_ssl_context *ssl,
|
|||
#endif /* MBEDTLS_SSL_ALPN */
|
||||
|
||||
#if defined(MBEDTLS_SSL_DTLS_SRTP)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_parse_use_srtp_ext( mbedtls_ssl_context *ssl,
|
||||
const unsigned char *buf,
|
||||
size_t len )
|
||||
|
@ -1103,6 +1122,7 @@ static int ssl_parse_use_srtp_ext( mbedtls_ssl_context *ssl,
|
|||
* Parse HelloVerifyRequest. Only called after verifying the HS type.
|
||||
*/
|
||||
#if defined(MBEDTLS_SSL_PROTO_DTLS)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_parse_hello_verify_request( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
const unsigned char *p = ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl );
|
||||
|
@ -1184,6 +1204,7 @@ static int ssl_parse_hello_verify_request( mbedtls_ssl_context *ssl )
|
|||
}
|
||||
#endif /* MBEDTLS_SSL_PROTO_DTLS */
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_parse_server_hello( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret, i;
|
||||
|
@ -1716,6 +1737,7 @@ static int ssl_parse_server_hello( mbedtls_ssl_context *ssl )
|
|||
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
|
||||
defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_parse_server_dh_params( mbedtls_ssl_context *ssl,
|
||||
unsigned char **p,
|
||||
unsigned char *end )
|
||||
|
@ -1761,6 +1783,7 @@ static int ssl_parse_server_dh_params( mbedtls_ssl_context *ssl,
|
|||
defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \
|
||||
defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
|
||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_parse_server_ecdh_params( mbedtls_ssl_context *ssl,
|
||||
unsigned char **p,
|
||||
unsigned char *end )
|
||||
|
@ -1825,6 +1848,7 @@ static int ssl_parse_server_ecdh_params( mbedtls_ssl_context *ssl,
|
|||
return( 0 );
|
||||
}
|
||||
#else
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_check_server_ecdh_params( const mbedtls_ssl_context *ssl )
|
||||
{
|
||||
const mbedtls_ecp_curve_info *curve_info;
|
||||
|
@ -1853,6 +1877,7 @@ static int ssl_check_server_ecdh_params( const mbedtls_ssl_context *ssl )
|
|||
return( 0 );
|
||||
}
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_parse_server_ecdh_params( mbedtls_ssl_context *ssl,
|
||||
unsigned char **p,
|
||||
unsigned char *end )
|
||||
|
@ -1893,6 +1918,7 @@ static int ssl_parse_server_ecdh_params( mbedtls_ssl_context *ssl,
|
|||
MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
|
||||
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_parse_server_psk_hint( mbedtls_ssl_context *ssl,
|
||||
unsigned char **p,
|
||||
unsigned char *end )
|
||||
|
@ -1939,6 +1965,7 @@ static int ssl_parse_server_psk_hint( mbedtls_ssl_context *ssl,
|
|||
/*
|
||||
* Generate a pre-master secret and encrypt it with the server's RSA key
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_write_encrypted_pms( mbedtls_ssl_context *ssl,
|
||||
size_t offset, size_t *olen,
|
||||
size_t pms_offset )
|
||||
|
@ -2021,6 +2048,7 @@ static int ssl_write_encrypted_pms( mbedtls_ssl_context *ssl,
|
|||
#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
|
||||
defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
|
||||
defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_parse_signature_algorithm( mbedtls_ssl_context *ssl,
|
||||
unsigned char **p,
|
||||
unsigned char *end,
|
||||
|
@ -2079,6 +2107,7 @@ static int ssl_parse_signature_algorithm( mbedtls_ssl_context *ssl,
|
|||
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
|
||||
defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_get_ecdh_params_from_cert( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
@ -2097,6 +2126,8 @@ static int ssl_get_ecdh_params_from_cert( mbedtls_ssl_context *ssl )
|
|||
peer_pk = &ssl->session_negotiate->peer_cert->pk;
|
||||
#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
|
||||
|
||||
/* This is a public key, so it can't be opaque, so can_do() is a good
|
||||
* enough check to ensure pk_ec() is safe to use below. */
|
||||
if( ! mbedtls_pk_can_do( peer_pk, MBEDTLS_PK_ECKEY ) )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "server key not ECDH capable" ) );
|
||||
|
@ -2166,6 +2197,7 @@ static int ssl_get_ecdh_params_from_cert( mbedtls_ssl_context *ssl )
|
|||
#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) ||
|
||||
MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_parse_server_key_exchange( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
@ -2513,6 +2545,7 @@ exit:
|
|||
}
|
||||
|
||||
#if ! defined(MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_parse_certificate_request( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
|
||||
|
@ -2531,6 +2564,7 @@ static int ssl_parse_certificate_request( mbedtls_ssl_context *ssl )
|
|||
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
|
||||
}
|
||||
#else /* MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED */
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_parse_certificate_request( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
@ -2734,6 +2768,7 @@ exit:
|
|||
}
|
||||
#endif /* MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED */
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_parse_server_hello_done( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
@ -2773,6 +2808,7 @@ static int ssl_parse_server_hello_done( mbedtls_ssl_context *ssl )
|
|||
return( 0 );
|
||||
}
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
@ -3295,6 +3331,7 @@ ecdh_calc_secret:
|
|||
}
|
||||
|
||||
#if !defined(MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_write_certificate_verify( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
|
||||
|
@ -3320,6 +3357,7 @@ static int ssl_write_certificate_verify( mbedtls_ssl_context *ssl )
|
|||
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
|
||||
}
|
||||
#else /* !MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED */
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_write_certificate_verify( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
|
||||
|
@ -3459,6 +3497,7 @@ sign:
|
|||
#endif /* MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED */
|
||||
|
||||
#if defined(MBEDTLS_SSL_SESSION_TICKETS)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_parse_new_session_ticket( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
|
|
@ -78,6 +78,7 @@ void mbedtls_ssl_conf_dtls_cookies( mbedtls_ssl_config *conf,
|
|||
#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */
|
||||
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_conf_has_psk_or_cb( mbedtls_ssl_config const *conf )
|
||||
{
|
||||
if( conf->f_psk != NULL )
|
||||
|
@ -99,6 +100,7 @@ static int ssl_conf_has_psk_or_cb( mbedtls_ssl_config const *conf )
|
|||
}
|
||||
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_parse_renegotiation_info( mbedtls_ssl_context *ssl,
|
||||
const unsigned char *buf,
|
||||
size_t len )
|
||||
|
@ -176,6 +178,7 @@ static int ssl_parse_renegotiation_info( mbedtls_ssl_context *ssl,
|
|||
*
|
||||
* DHE groups are not supported yet.
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_parse_supported_groups_ext( mbedtls_ssl_context *ssl,
|
||||
const unsigned char *buf,
|
||||
size_t len )
|
||||
|
@ -242,6 +245,7 @@ static int ssl_parse_supported_groups_ext( mbedtls_ssl_context *ssl,
|
|||
return( 0 );
|
||||
}
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_parse_supported_point_formats( mbedtls_ssl_context *ssl,
|
||||
const unsigned char *buf,
|
||||
size_t len )
|
||||
|
@ -287,6 +291,7 @@ static int ssl_parse_supported_point_formats( mbedtls_ssl_context *ssl,
|
|||
MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
|
||||
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_parse_ecjpake_kkpp( mbedtls_ssl_context *ssl,
|
||||
const unsigned char *buf,
|
||||
size_t len )
|
||||
|
@ -316,6 +321,7 @@ static int ssl_parse_ecjpake_kkpp( mbedtls_ssl_context *ssl,
|
|||
#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
|
||||
|
||||
#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_parse_max_fragment_length_ext( mbedtls_ssl_context *ssl,
|
||||
const unsigned char *buf,
|
||||
size_t len )
|
||||
|
@ -335,6 +341,7 @@ static int ssl_parse_max_fragment_length_ext( mbedtls_ssl_context *ssl,
|
|||
#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
|
||||
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_parse_cid_ext( mbedtls_ssl_context *ssl,
|
||||
const unsigned char *buf,
|
||||
size_t len )
|
||||
|
@ -407,6 +414,7 @@ static int ssl_parse_cid_ext( mbedtls_ssl_context *ssl,
|
|||
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||
|
||||
#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_parse_encrypt_then_mac_ext( mbedtls_ssl_context *ssl,
|
||||
const unsigned char *buf,
|
||||
size_t len )
|
||||
|
@ -431,6 +439,7 @@ static int ssl_parse_encrypt_then_mac_ext( mbedtls_ssl_context *ssl,
|
|||
#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */
|
||||
|
||||
#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_parse_extended_ms_ext( mbedtls_ssl_context *ssl,
|
||||
const unsigned char *buf,
|
||||
size_t len )
|
||||
|
@ -455,6 +464,7 @@ static int ssl_parse_extended_ms_ext( mbedtls_ssl_context *ssl,
|
|||
#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */
|
||||
|
||||
#if defined(MBEDTLS_SSL_SESSION_TICKETS)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_parse_session_ticket_ext( mbedtls_ssl_context *ssl,
|
||||
unsigned char *buf,
|
||||
size_t len )
|
||||
|
@ -529,6 +539,7 @@ static int ssl_parse_session_ticket_ext( mbedtls_ssl_context *ssl,
|
|||
#endif /* MBEDTLS_SSL_SESSION_TICKETS */
|
||||
|
||||
#if defined(MBEDTLS_SSL_DTLS_SRTP)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_parse_use_srtp_ext( mbedtls_ssl_context *ssl,
|
||||
const unsigned char *buf,
|
||||
size_t len )
|
||||
|
@ -657,6 +668,7 @@ static int ssl_parse_use_srtp_ext( mbedtls_ssl_context *ssl,
|
|||
* Return 0 if the given key uses one of the acceptable curves, -1 otherwise
|
||||
*/
|
||||
#if defined(MBEDTLS_ECDSA_C)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_check_key_curve( mbedtls_pk_context *pk,
|
||||
const mbedtls_ecp_curve_info **curves )
|
||||
{
|
||||
|
@ -678,6 +690,7 @@ static int ssl_check_key_curve( mbedtls_pk_context *pk,
|
|||
* Try picking a certificate for this ciphersuite,
|
||||
* return 0 on success and -1 on failure.
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_pick_cert( mbedtls_ssl_context *ssl,
|
||||
const mbedtls_ssl_ciphersuite_t * ciphersuite_info )
|
||||
{
|
||||
|
@ -784,6 +797,7 @@ static int ssl_pick_cert( mbedtls_ssl_context *ssl,
|
|||
* Check if a given ciphersuite is suitable for use with our config/keys/etc
|
||||
* Sets ciphersuite_info only if the suite matches.
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_ciphersuite_match( mbedtls_ssl_context *ssl, int suite_id,
|
||||
const mbedtls_ssl_ciphersuite_t **ciphersuite_info )
|
||||
{
|
||||
|
@ -881,6 +895,7 @@ static int ssl_ciphersuite_match( mbedtls_ssl_context *ssl, int suite_id,
|
|||
/* This function doesn't alert on errors that happen early during
|
||||
ClientHello parsing because they might indicate that the client is
|
||||
not talking SSL/TLS at all and would not understand our alert. */
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_parse_client_hello( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret, got_common_suite;
|
||||
|
@ -1049,16 +1064,29 @@ read_record_header:
|
|||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
|
||||
return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE );
|
||||
}
|
||||
|
||||
MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, handshake len.: %d",
|
||||
( buf[1] << 16 ) | ( buf[2] << 8 ) | buf[3] ) );
|
||||
|
||||
/* We don't support fragmentation of ClientHello (yet?) */
|
||||
if( buf[1] != 0 ||
|
||||
msg_len != mbedtls_ssl_hs_hdr_len( ssl ) + ( ( buf[2] << 8 ) | buf[3] ) )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
|
||||
return( MBEDTLS_ERR_SSL_DECODE_ERROR );
|
||||
size_t handshake_len = MBEDTLS_GET_UINT24_BE( buf, 1 );
|
||||
MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, handshake len.: %u",
|
||||
( unsigned ) handshake_len ) );
|
||||
|
||||
/* The record layer has a record size limit of 2^14 - 1 and
|
||||
* fragmentation is not supported, so buf[1] should be zero. */
|
||||
if( buf[1] != 0 )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message: %u != 0",
|
||||
(unsigned) buf[1] ) );
|
||||
return( MBEDTLS_ERR_SSL_DECODE_ERROR );
|
||||
}
|
||||
|
||||
/* We don't support fragmentation of ClientHello (yet?) */
|
||||
if( msg_len != mbedtls_ssl_hs_hdr_len( ssl ) + handshake_len )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message: %u != %u + %u",
|
||||
(unsigned) msg_len,
|
||||
(unsigned) mbedtls_ssl_hs_hdr_len( ssl ),
|
||||
(unsigned) handshake_len ) );
|
||||
return( MBEDTLS_ERR_SSL_DECODE_ERROR );
|
||||
}
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_SSL_PROTO_DTLS)
|
||||
|
@ -1093,16 +1121,24 @@ read_record_header:
|
|||
ssl->handshake->out_msg_seq = cli_msg_seq;
|
||||
ssl->handshake->in_msg_seq = cli_msg_seq + 1;
|
||||
}
|
||||
|
||||
/*
|
||||
* For now we don't support fragmentation, so make sure
|
||||
* fragment_offset == 0 and fragment_length == length
|
||||
*/
|
||||
if( ssl->in_msg[6] != 0 || ssl->in_msg[7] != 0 || ssl->in_msg[8] != 0 ||
|
||||
memcmp( ssl->in_msg + 1, ssl->in_msg + 9, 3 ) != 0 )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "ClientHello fragmentation not supported" ) );
|
||||
return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
|
||||
/*
|
||||
* For now we don't support fragmentation, so make sure
|
||||
* fragment_offset == 0 and fragment_length == length
|
||||
*/
|
||||
size_t fragment_offset, fragment_length, length;
|
||||
fragment_offset = MBEDTLS_GET_UINT24_BE( ssl->in_msg, 6 );
|
||||
fragment_length = MBEDTLS_GET_UINT24_BE( ssl->in_msg, 9 );
|
||||
length = MBEDTLS_GET_UINT24_BE( ssl->in_msg, 1 );
|
||||
MBEDTLS_SSL_DEBUG_MSG(
|
||||
4, ( "fragment_offset=%u fragment_length=%u length=%u",
|
||||
(unsigned) fragment_offset, (unsigned) fragment_length,
|
||||
(unsigned) length ) );
|
||||
if( fragment_offset != 0 || length != fragment_length )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "ClientHello fragmentation not supported" ) );
|
||||
return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
|
||||
}
|
||||
}
|
||||
}
|
||||
#endif /* MBEDTLS_SSL_PROTO_DTLS */
|
||||
|
@ -2045,6 +2081,7 @@ static void ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl,
|
|||
#endif /* MBEDTLS_SSL_DTLS_SRTP */
|
||||
|
||||
#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_write_hello_verify_request( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
@ -2163,6 +2200,7 @@ exit:
|
|||
mbedtls_ssl_session_free( &session_tmp );
|
||||
}
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_write_server_hello( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
#if defined(MBEDTLS_HAVE_TIME)
|
||||
|
@ -2379,6 +2417,7 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl )
|
|||
}
|
||||
|
||||
#if !defined(MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_write_certificate_request( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
|
||||
|
@ -2397,6 +2436,7 @@ static int ssl_write_certificate_request( mbedtls_ssl_context *ssl )
|
|||
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
|
||||
}
|
||||
#else /* !MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED */
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_write_certificate_request( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
|
||||
|
@ -2568,6 +2608,7 @@ static int ssl_write_certificate_request( mbedtls_ssl_context *ssl )
|
|||
#if defined(MBEDTLS_USE_PSA_CRYPTO) && \
|
||||
( defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
|
||||
defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) )
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_get_ecdh_params_from_cert( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
@ -2662,6 +2703,7 @@ cleanup:
|
|||
}
|
||||
#elif defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
|
||||
defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_get_ecdh_params_from_cert( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
@ -2694,6 +2736,7 @@ static int ssl_get_ecdh_params_from_cert( mbedtls_ssl_context *ssl )
|
|||
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED) && \
|
||||
defined(MBEDTLS_SSL_ASYNC_PRIVATE)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_resume_server_key_exchange( mbedtls_ssl_context *ssl,
|
||||
size_t *signature_len )
|
||||
{
|
||||
|
@ -2721,6 +2764,7 @@ static int ssl_resume_server_key_exchange( mbedtls_ssl_context *ssl,
|
|||
/* Prepare the ServerKeyExchange message, up to and including
|
||||
* calculating the signature if any, but excluding formatting the
|
||||
* signature and sending the message. */
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_prepare_server_key_exchange( mbedtls_ssl_context *ssl,
|
||||
size_t *signature_len )
|
||||
{
|
||||
|
@ -3148,6 +3192,7 @@ curve_matching_done:
|
|||
* that do not include a ServerKeyExchange message, do nothing. Either
|
||||
* way, if successful, move on to the next step in the SSL state
|
||||
* machine. */
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_write_server_key_exchange( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
@ -3169,7 +3214,12 @@ static int ssl_write_server_key_exchange( mbedtls_ssl_context *ssl )
|
|||
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_ENABLED)
|
||||
if( mbedtls_ssl_ciphersuite_uses_ecdh( ciphersuite_info ) )
|
||||
{
|
||||
ssl_get_ecdh_params_from_cert( ssl );
|
||||
ret = ssl_get_ecdh_params_from_cert( ssl );
|
||||
if( ret != 0 )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_RET( 1, "ssl_get_ecdh_params_from_cert", ret );
|
||||
return( ret );
|
||||
}
|
||||
}
|
||||
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDH_ENABLED */
|
||||
|
||||
|
@ -3245,6 +3295,7 @@ static int ssl_write_server_key_exchange( mbedtls_ssl_context *ssl )
|
|||
return( 0 );
|
||||
}
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_write_server_hello_done( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
@ -3284,6 +3335,7 @@ static int ssl_write_server_hello_done( mbedtls_ssl_context *ssl )
|
|||
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
|
||||
defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_parse_client_dh_public( mbedtls_ssl_context *ssl, unsigned char **p,
|
||||
const unsigned char *end )
|
||||
{
|
||||
|
@ -3327,6 +3379,7 @@ static int ssl_parse_client_dh_public( mbedtls_ssl_context *ssl, unsigned char *
|
|||
defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
|
||||
|
||||
#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_resume_decrypt_pms( mbedtls_ssl_context *ssl,
|
||||
unsigned char *peer_pms,
|
||||
size_t *peer_pmslen,
|
||||
|
@ -3344,6 +3397,7 @@ static int ssl_resume_decrypt_pms( mbedtls_ssl_context *ssl,
|
|||
}
|
||||
#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_decrypt_encrypted_pms( mbedtls_ssl_context *ssl,
|
||||
const unsigned char *p,
|
||||
const unsigned char *end,
|
||||
|
@ -3429,6 +3483,7 @@ static int ssl_decrypt_encrypted_pms( mbedtls_ssl_context *ssl,
|
|||
return( ret );
|
||||
}
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_parse_encrypted_pms( mbedtls_ssl_context *ssl,
|
||||
const unsigned char *p,
|
||||
const unsigned char *end,
|
||||
|
@ -3517,6 +3572,7 @@ static int ssl_parse_encrypted_pms( mbedtls_ssl_context *ssl,
|
|||
MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
|
||||
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_parse_client_psk_identity( mbedtls_ssl_context *ssl, unsigned char **p,
|
||||
const unsigned char *end )
|
||||
{
|
||||
|
@ -3577,6 +3633,7 @@ static int ssl_parse_client_psk_identity( mbedtls_ssl_context *ssl, unsigned cha
|
|||
}
|
||||
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
@ -4014,6 +4071,7 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl )
|
|||
}
|
||||
|
||||
#if !defined(MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
|
||||
|
@ -4032,6 +4090,7 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl )
|
|||
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
|
||||
}
|
||||
#else /* !MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED */
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
|
||||
|
@ -4195,6 +4254,7 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl )
|
|||
#endif /* MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED */
|
||||
|
||||
#if defined(MBEDTLS_SSL_SESSION_TICKETS)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_write_new_session_ticket( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
|
|
@ -42,6 +42,7 @@
|
|||
* ProtocolVersion versions<2..254>;
|
||||
* } SupportedVersions;
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_write_supported_versions_ext( mbedtls_ssl_context *ssl,
|
||||
unsigned char *buf,
|
||||
unsigned char *end,
|
||||
|
@ -91,6 +92,7 @@ static int ssl_tls13_write_supported_versions_ext( mbedtls_ssl_context *ssl,
|
|||
return( 0 );
|
||||
}
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_parse_supported_versions_ext( mbedtls_ssl_context *ssl,
|
||||
const unsigned char *buf,
|
||||
const unsigned char *end )
|
||||
|
@ -120,6 +122,7 @@ static int ssl_tls13_parse_supported_versions_ext( mbedtls_ssl_context *ssl,
|
|||
}
|
||||
|
||||
#if defined(MBEDTLS_SSL_ALPN)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_parse_alpn_ext( mbedtls_ssl_context *ssl,
|
||||
const unsigned char *buf, size_t len )
|
||||
{
|
||||
|
@ -168,6 +171,7 @@ static int ssl_tls13_parse_alpn_ext( mbedtls_ssl_context *ssl,
|
|||
}
|
||||
#endif /* MBEDTLS_SSL_ALPN */
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_reset_key_share( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
uint16_t group_id = ssl->handshake->offered_group_id;
|
||||
|
@ -206,6 +210,7 @@ static int ssl_tls13_reset_key_share( mbedtls_ssl_context *ssl )
|
|||
/*
|
||||
* Functions for writing key_share extension.
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_get_default_group_id( mbedtls_ssl_context *ssl,
|
||||
uint16_t *group_id )
|
||||
{
|
||||
|
@ -255,6 +260,7 @@ static int ssl_tls13_get_default_group_id( mbedtls_ssl_context *ssl,
|
|||
* KeyShareEntry client_shares<0..2^16-1>;
|
||||
* } KeyShareClientHello;
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_write_key_share_ext( mbedtls_ssl_context *ssl,
|
||||
unsigned char *buf,
|
||||
unsigned char *end,
|
||||
|
@ -368,6 +374,7 @@ cleanup:
|
|||
* NamedGroup selected_group;
|
||||
* } KeyShareHelloRetryRequest;
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_parse_hrr_key_share_ext( mbedtls_ssl_context *ssl,
|
||||
const unsigned char *buf,
|
||||
const unsigned char *end )
|
||||
|
@ -442,6 +449,7 @@ static int ssl_tls13_parse_hrr_key_share_ext( mbedtls_ssl_context *ssl,
|
|||
* opaque key_exchange<1..2^16-1>;
|
||||
* } KeyShareEntry;
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_parse_key_share_ext( mbedtls_ssl_context *ssl,
|
||||
const unsigned char *buf,
|
||||
const unsigned char *end )
|
||||
|
@ -516,6 +524,7 @@ static int ssl_tls13_parse_key_share_ext( mbedtls_ssl_context *ssl,
|
|||
* a "cookie" extension in the new ClientHello. Clients MUST NOT use
|
||||
* cookies in their initial ClientHello in subsequent connections.
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_parse_cookie_ext( mbedtls_ssl_context *ssl,
|
||||
const unsigned char *buf,
|
||||
const unsigned char *end )
|
||||
|
@ -549,6 +558,7 @@ static int ssl_tls13_parse_cookie_ext( mbedtls_ssl_context *ssl,
|
|||
return( 0 );
|
||||
}
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_write_cookie_ext( mbedtls_ssl_context *ssl,
|
||||
unsigned char *buf,
|
||||
unsigned char *end,
|
||||
|
@ -642,6 +652,7 @@ int mbedtls_ssl_tls13_write_client_hello_exts( mbedtls_ssl_context *ssl,
|
|||
* \return 1 if the ServerHello contains a supported_versions extension
|
||||
* \return A negative value if an error occurred while parsing the ServerHello.
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_is_supported_versions_ext_present(
|
||||
mbedtls_ssl_context *ssl,
|
||||
const unsigned char *buf,
|
||||
|
@ -717,6 +728,7 @@ static int ssl_tls13_is_supported_versions_ext_present(
|
|||
* the server is TLS 1.3 capable but negotiating TLS 1.2 or below.
|
||||
* - 0 otherwise
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_is_downgrade_negotiation( mbedtls_ssl_context *ssl,
|
||||
const unsigned char *buf,
|
||||
const unsigned char *end )
|
||||
|
@ -749,6 +761,7 @@ static int ssl_tls13_is_downgrade_negotiation( mbedtls_ssl_context *ssl,
|
|||
*/
|
||||
#define SSL_SERVER_HELLO 0
|
||||
#define SSL_SERVER_HELLO_HRR 1
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_server_hello_is_hrr( mbedtls_ssl_context *ssl,
|
||||
const unsigned char *buf,
|
||||
const unsigned char *end )
|
||||
|
@ -788,6 +801,7 @@ static int ssl_server_hello_is_hrr( mbedtls_ssl_context *ssl,
|
|||
* - SSL_SERVER_HELLO_TLS1_2
|
||||
*/
|
||||
#define SSL_SERVER_HELLO_TLS1_2 2
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_preprocess_server_hello( mbedtls_ssl_context *ssl,
|
||||
const unsigned char *buf,
|
||||
const unsigned char *end )
|
||||
|
@ -878,6 +892,7 @@ cleanup:
|
|||
return( ret );
|
||||
}
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_check_server_hello_session_id_echo( mbedtls_ssl_context *ssl,
|
||||
const unsigned char **buf,
|
||||
const unsigned char *end )
|
||||
|
@ -925,6 +940,7 @@ static int ssl_tls13_check_server_hello_session_id_echo( mbedtls_ssl_context *ss
|
|||
* Extension extensions<6..2^16-1>;
|
||||
* } ServerHello;
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_parse_server_hello( mbedtls_ssl_context *ssl,
|
||||
const unsigned char *buf,
|
||||
const unsigned char *end,
|
||||
|
@ -1183,6 +1199,7 @@ cleanup:
|
|||
return( ret );
|
||||
}
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_postprocess_server_hello( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
@ -1258,6 +1275,7 @@ cleanup:
|
|||
return( ret );
|
||||
}
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_postprocess_hrr( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
@ -1281,6 +1299,7 @@ static int ssl_tls13_postprocess_hrr( mbedtls_ssl_context *ssl )
|
|||
* Wait and parse ServerHello handshake message.
|
||||
* Handler for MBEDTLS_SSL_SERVER_HELLO
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_process_server_hello( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
@ -1355,6 +1374,7 @@ cleanup:
|
|||
* Extension extensions<0..2^16-1>;
|
||||
* } EncryptedExtensions;
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_parse_encrypted_extensions( mbedtls_ssl_context *ssl,
|
||||
const unsigned char *buf,
|
||||
const unsigned char *end )
|
||||
|
@ -1436,6 +1456,7 @@ static int ssl_tls13_parse_encrypted_extensions( mbedtls_ssl_context *ssl,
|
|||
return( ret );
|
||||
}
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_process_encrypted_extensions( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret;
|
||||
|
@ -1486,6 +1507,7 @@ cleanup:
|
|||
* - SSL_CERTIFICATE_REQUEST_SKIP
|
||||
* indicating if a Certificate Request is expected or not.
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_certificate_request_coordinate( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
@ -1523,6 +1545,7 @@ static int ssl_tls13_certificate_request_coordinate( mbedtls_ssl_context *ssl )
|
|||
* Extension extensions<2..2^16-1>;
|
||||
* } CertificateRequest;
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_parse_certificate_request( mbedtls_ssl_context *ssl,
|
||||
const unsigned char *buf,
|
||||
const unsigned char *end )
|
||||
|
@ -1639,6 +1662,7 @@ decode_error:
|
|||
/*
|
||||
* Handler for MBEDTLS_SSL_CERTIFICATE_REQUEST
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_process_certificate_request( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
@ -1684,6 +1708,7 @@ cleanup:
|
|||
/*
|
||||
* Handler for MBEDTLS_SSL_SERVER_CERTIFICATE
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_process_server_certificate( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret;
|
||||
|
@ -1699,6 +1724,7 @@ static int ssl_tls13_process_server_certificate( mbedtls_ssl_context *ssl )
|
|||
/*
|
||||
* Handler for MBEDTLS_SSL_CERTIFICATE_VERIFY
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_process_certificate_verify( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret;
|
||||
|
@ -1715,6 +1741,7 @@ static int ssl_tls13_process_certificate_verify( mbedtls_ssl_context *ssl )
|
|||
/*
|
||||
* Handler for MBEDTLS_SSL_SERVER_FINISHED
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_process_server_finished( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret;
|
||||
|
@ -1746,6 +1773,7 @@ static int ssl_tls13_process_server_finished( mbedtls_ssl_context *ssl )
|
|||
/*
|
||||
* Handler for MBEDTLS_SSL_CLIENT_CERTIFICATE
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_write_client_certificate( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int non_empty_certificate_msg = 0;
|
||||
|
@ -1788,6 +1816,7 @@ static int ssl_tls13_write_client_certificate( mbedtls_ssl_context *ssl )
|
|||
/*
|
||||
* Handler for MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_write_client_certificate_verify( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret = mbedtls_ssl_tls13_write_certificate_verify( ssl );
|
||||
|
@ -1802,6 +1831,7 @@ static int ssl_tls13_write_client_certificate_verify( mbedtls_ssl_context *ssl )
|
|||
/*
|
||||
* Handler for MBEDTLS_SSL_CLIENT_FINISHED
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_write_client_finished( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret;
|
||||
|
@ -1825,6 +1855,7 @@ static int ssl_tls13_write_client_finished( mbedtls_ssl_context *ssl )
|
|||
/*
|
||||
* Handler for MBEDTLS_SSL_FLUSH_BUFFERS
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_flush_buffers( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "handshake: done" ) );
|
||||
|
@ -1835,6 +1866,7 @@ static int ssl_tls13_flush_buffers( mbedtls_ssl_context *ssl )
|
|||
/*
|
||||
* Handler for MBEDTLS_SSL_HANDSHAKE_WRAPUP
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_handshake_wrapup( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
|
||||
|
|
|
@ -31,6 +31,7 @@
|
|||
#include <string.h>
|
||||
|
||||
#include "ssl_misc.h"
|
||||
#include "ssl_tls13_invasive.h"
|
||||
#include "ssl_tls13_keys.h"
|
||||
#include "ssl_debug_helpers.h"
|
||||
|
||||
|
@ -156,6 +157,7 @@ static void ssl_tls13_create_verify_structure( const unsigned char *transcript_h
|
|||
*verify_buffer_len = idx;
|
||||
}
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_parse_certificate_verify( mbedtls_ssl_context *ssl,
|
||||
const unsigned char *buf,
|
||||
const unsigned char *end,
|
||||
|
@ -385,9 +387,11 @@ cleanup:
|
|||
*/
|
||||
|
||||
/* Parse certificate chain send by the server. */
|
||||
static int ssl_tls13_parse_certificate( mbedtls_ssl_context *ssl,
|
||||
const unsigned char *buf,
|
||||
const unsigned char *end )
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
MBEDTLS_STATIC_TESTABLE
|
||||
int mbedtls_ssl_tls13_parse_certificate( mbedtls_ssl_context *ssl,
|
||||
const unsigned char *buf,
|
||||
const unsigned char *end )
|
||||
{
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
size_t certificate_request_context_len = 0;
|
||||
|
@ -438,6 +442,7 @@ static int ssl_tls13_parse_certificate( mbedtls_ssl_context *ssl,
|
|||
|
||||
mbedtls_x509_crt_init( ssl->session_negotiate->peer_cert );
|
||||
|
||||
MBEDTLS_SSL_CHK_BUF_READ_PTR( p, end, certificate_list_len );
|
||||
certificate_list_end = p + certificate_list_len;
|
||||
while( p < certificate_list_end )
|
||||
{
|
||||
|
@ -517,9 +522,11 @@ exit:
|
|||
return( ret );
|
||||
}
|
||||
#else
|
||||
static int ssl_tls13_parse_certificate( mbedtls_ssl_context *ssl,
|
||||
const unsigned char *buf,
|
||||
const unsigned char *end )
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
MBEDTLS_STATIC_TESTABLE
|
||||
int mbedtls_ssl_tls13_parse_certificate( mbedtls_ssl_context *ssl,
|
||||
const unsigned char *buf,
|
||||
const unsigned char *end )
|
||||
{
|
||||
((void) ssl);
|
||||
((void) buf);
|
||||
|
@ -532,12 +539,15 @@ static int ssl_tls13_parse_certificate( mbedtls_ssl_context *ssl,
|
|||
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
|
||||
#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
|
||||
/* Validate certificate chain sent by the server. */
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_validate_certificate( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret = 0;
|
||||
int authmode = MBEDTLS_SSL_VERIFY_REQUIRED;
|
||||
mbedtls_x509_crt *ca_chain;
|
||||
mbedtls_x509_crl *ca_crl;
|
||||
const char *ext_oid;
|
||||
size_t ext_len;
|
||||
uint32_t verify_result = 0;
|
||||
|
||||
/* If SNI was used, overwrite authentication mode
|
||||
|
@ -626,12 +636,25 @@ static int ssl_tls13_validate_certificate( mbedtls_ssl_context *ssl )
|
|||
/*
|
||||
* Secondary checks: always done, but change 'ret' only if it was 0
|
||||
*/
|
||||
if( mbedtls_ssl_check_cert_usage( ssl->session_negotiate->peer_cert,
|
||||
ssl->handshake->ciphersuite_info,
|
||||
!ssl->conf->endpoint,
|
||||
&verify_result ) != 0 )
|
||||
if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate ( usage extensions )" ) );
|
||||
ext_oid = MBEDTLS_OID_SERVER_AUTH;
|
||||
ext_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_SERVER_AUTH );
|
||||
}
|
||||
else
|
||||
{
|
||||
ext_oid = MBEDTLS_OID_CLIENT_AUTH;
|
||||
ext_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_CLIENT_AUTH );
|
||||
}
|
||||
|
||||
if( ( mbedtls_x509_crt_check_key_usage(
|
||||
ssl->session_negotiate->peer_cert,
|
||||
MBEDTLS_X509_KU_DIGITAL_SIGNATURE ) != 0 ) ||
|
||||
( mbedtls_x509_crt_check_extended_key_usage(
|
||||
ssl->session_negotiate->peer_cert,
|
||||
ext_oid, ext_len ) != 0 ) )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate (usage extensions)" ) );
|
||||
if( ret == 0 )
|
||||
ret = MBEDTLS_ERR_SSL_BAD_CERTIFICATE;
|
||||
}
|
||||
|
@ -641,7 +664,8 @@ static int ssl_tls13_validate_certificate( mbedtls_ssl_context *ssl )
|
|||
* with details encoded in the verification flags. All other kinds
|
||||
* of error codes, including those from the user provided f_vrfy
|
||||
* functions, are treated as fatal and lead to a failure of
|
||||
* ssl_tls13_parse_certificate even if verification was optional. */
|
||||
* mbedtls_ssl_tls13_parse_certificate even if verification was optional.
|
||||
*/
|
||||
if( authmode == MBEDTLS_SSL_VERIFY_OPTIONAL &&
|
||||
( ret == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED ||
|
||||
ret == MBEDTLS_ERR_SSL_BAD_CERTIFICATE ) )
|
||||
|
@ -696,6 +720,7 @@ static int ssl_tls13_validate_certificate( mbedtls_ssl_context *ssl )
|
|||
return( ret );
|
||||
}
|
||||
#else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_validate_certificate( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
((void) ssl);
|
||||
|
@ -718,8 +743,8 @@ int mbedtls_ssl_tls13_process_certificate( mbedtls_ssl_context *ssl )
|
|||
&buf, &buf_len ) );
|
||||
|
||||
/* Parse the certificate chain sent by the peer. */
|
||||
MBEDTLS_SSL_PROC_CHK( ssl_tls13_parse_certificate( ssl, buf,
|
||||
buf + buf_len ) );
|
||||
MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_tls13_parse_certificate( ssl, buf,
|
||||
buf + buf_len ) );
|
||||
/* Validate the certificate chain and set the verification results. */
|
||||
MBEDTLS_SSL_PROC_CHK( ssl_tls13_validate_certificate( ssl ) );
|
||||
|
||||
|
@ -757,6 +782,7 @@ cleanup:
|
|||
* CertificateEntry certificate_list<0..2^24-1>;
|
||||
* } Certificate;
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_write_certificate_body( mbedtls_ssl_context *ssl,
|
||||
unsigned char *buf,
|
||||
unsigned char *end,
|
||||
|
@ -850,7 +876,6 @@ cleanup:
|
|||
/*
|
||||
* STATE HANDLING: Output Certificate Verify
|
||||
*/
|
||||
|
||||
int mbedtls_ssl_tls13_check_sig_alg_cert_key_match( uint16_t sig_alg,
|
||||
mbedtls_pk_context *key )
|
||||
{
|
||||
|
@ -902,6 +927,7 @@ int mbedtls_ssl_tls13_check_sig_alg_cert_key_match( uint16_t sig_alg,
|
|||
return( 0 );
|
||||
}
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_select_sig_alg_for_certificate_verify(
|
||||
mbedtls_ssl_context *ssl,
|
||||
mbedtls_pk_context *own_key,
|
||||
|
@ -931,6 +957,7 @@ static int ssl_tls13_select_sig_alg_for_certificate_verify(
|
|||
return( -1 );
|
||||
}
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_write_certificate_verify_body( mbedtls_ssl_context *ssl,
|
||||
unsigned char *buf,
|
||||
unsigned char *end,
|
||||
|
@ -1080,6 +1107,7 @@ cleanup:
|
|||
* Implementation
|
||||
*/
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_preprocess_finished_message( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret;
|
||||
|
@ -1099,6 +1127,7 @@ static int ssl_tls13_preprocess_finished_message( mbedtls_ssl_context *ssl )
|
|||
return( 0 );
|
||||
}
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_parse_finished_message( mbedtls_ssl_context *ssl,
|
||||
const unsigned char *buf,
|
||||
const unsigned char *end )
|
||||
|
@ -1177,6 +1206,7 @@ cleanup:
|
|||
* Implement
|
||||
*/
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_prepare_finished_message( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret;
|
||||
|
@ -1197,6 +1227,7 @@ static int ssl_tls13_prepare_finished_message( mbedtls_ssl_context *ssl )
|
|||
return( 0 );
|
||||
}
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_write_finished_message_body( mbedtls_ssl_context *ssl,
|
||||
unsigned char *buf,
|
||||
unsigned char *end,
|
||||
|
@ -1276,6 +1307,7 @@ void mbedtls_ssl_tls13_handshake_wrapup( mbedtls_ssl_context *ssl )
|
|||
*
|
||||
*/
|
||||
#if defined(MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_write_change_cipher_spec_body( mbedtls_ssl_context *ssl,
|
||||
unsigned char *buf,
|
||||
unsigned char *end,
|
||||
|
|
|
@ -25,7 +25,9 @@
|
|||
#include "psa/crypto.h"
|
||||
|
||||
#if defined(MBEDTLS_TEST_HOOKS)
|
||||
|
||||
int mbedtls_ssl_tls13_parse_certificate( mbedtls_ssl_context *ssl,
|
||||
const unsigned char *buf,
|
||||
const unsigned char *end );
|
||||
#endif /* MBEDTLS_TEST_HOOKS */
|
||||
|
||||
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
|
||||
|
|
|
@ -644,6 +644,7 @@ int mbedtls_ssl_tls13_key_schedule_stage_application( mbedtls_ssl_context *ssl )
|
|||
return( 0 );
|
||||
}
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_calc_finished_core( psa_algorithm_t hash_alg,
|
||||
unsigned char const *base_key,
|
||||
unsigned char const *transcript,
|
||||
|
@ -1071,6 +1072,7 @@ int mbedtls_ssl_tls13_key_schedule_stage_early( mbedtls_ssl_context *ssl )
|
|||
return( 0 );
|
||||
}
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int mbedtls_ssl_tls13_get_cipher_key_info(
|
||||
const mbedtls_ssl_ciphersuite_t *ciphersuite_info,
|
||||
size_t *key_len, size_t *iv_len )
|
||||
|
|
|
@ -121,6 +121,7 @@ extern const struct mbedtls_ssl_tls13_labels_struct mbedtls_ssl_tls13_labels;
|
|||
* \return A negative error code on failure.
|
||||
*/
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_tls13_hkdf_expand_label(
|
||||
psa_algorithm_t hash_alg,
|
||||
const unsigned char *secret, size_t secret_len,
|
||||
|
@ -159,6 +160,7 @@ int mbedtls_ssl_tls13_hkdf_expand_label(
|
|||
* \returns A negative error code on failure.
|
||||
*/
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_tls13_make_traffic_keys(
|
||||
psa_algorithm_t hash_alg,
|
||||
const unsigned char *client_secret,
|
||||
|
@ -205,6 +207,7 @@ int mbedtls_ssl_tls13_make_traffic_keys(
|
|||
* \returns \c 0 on success.
|
||||
* \returns A negative error code on failure.
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_tls13_derive_secret(
|
||||
psa_algorithm_t hash_alg,
|
||||
const unsigned char *secret, size_t secret_len,
|
||||
|
@ -255,6 +258,7 @@ int mbedtls_ssl_tls13_derive_secret(
|
|||
* \returns \c 0 on success.
|
||||
* \returns A negative error code on failure.
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_tls13_derive_early_secrets(
|
||||
psa_algorithm_t hash_alg,
|
||||
unsigned char const *early_secret,
|
||||
|
@ -300,6 +304,7 @@ int mbedtls_ssl_tls13_derive_early_secrets(
|
|||
* \returns \c 0 on success.
|
||||
* \returns A negative error code on failure.
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_tls13_derive_handshake_secrets(
|
||||
psa_algorithm_t hash_alg,
|
||||
unsigned char const *handshake_secret,
|
||||
|
@ -350,6 +355,7 @@ int mbedtls_ssl_tls13_derive_handshake_secrets(
|
|||
* \returns \c 0 on success.
|
||||
* \returns A negative error code on failure.
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_tls13_derive_application_secrets(
|
||||
psa_algorithm_t hash_alg,
|
||||
unsigned char const *master_secret,
|
||||
|
@ -380,6 +386,7 @@ int mbedtls_ssl_tls13_derive_application_secrets(
|
|||
* \returns \c 0 on success.
|
||||
* \returns A negative error code on failure.
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_tls13_derive_resumption_master_secret(
|
||||
psa_algorithm_t hash_alg,
|
||||
unsigned char const *application_secret,
|
||||
|
@ -453,6 +460,7 @@ int mbedtls_ssl_tls13_derive_resumption_master_secret(
|
|||
* \returns A negative error code on failure.
|
||||
*/
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_tls13_evolve_secret(
|
||||
psa_algorithm_t hash_alg,
|
||||
const unsigned char *secret_old,
|
||||
|
@ -482,6 +490,7 @@ int mbedtls_ssl_tls13_evolve_secret(
|
|||
* \returns \c 0 on success.
|
||||
* \returns A negative error code on failure.
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_tls13_create_psk_binder( mbedtls_ssl_context *ssl,
|
||||
const psa_algorithm_t hash_alg,
|
||||
unsigned char const *psk, size_t psk_len,
|
||||
|
@ -516,6 +525,7 @@ int mbedtls_ssl_tls13_create_psk_binder( mbedtls_ssl_context *ssl,
|
|||
* mbedtls_ssl_transform_encrypt().
|
||||
* \return A negative error code on failure.
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_tls13_populate_transform( mbedtls_ssl_transform *transform,
|
||||
int endpoint,
|
||||
int ciphersuite,
|
||||
|
@ -542,6 +552,7 @@ int mbedtls_ssl_tls13_populate_transform( mbedtls_ssl_transform *transform,
|
|||
* \returns \c 0 on success.
|
||||
* \returns A negative error code on failure.
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_tls13_key_schedule_stage_early( mbedtls_ssl_context *ssl );
|
||||
|
||||
/**
|
||||
|
@ -560,6 +571,7 @@ int mbedtls_ssl_tls13_key_schedule_stage_early( mbedtls_ssl_context *ssl );
|
|||
* \returns \c 0 on success.
|
||||
* \returns A negative error code on failure.
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_tls13_key_schedule_stage_handshake( mbedtls_ssl_context *ssl );
|
||||
|
||||
/**
|
||||
|
@ -574,6 +586,7 @@ int mbedtls_ssl_tls13_key_schedule_stage_handshake( mbedtls_ssl_context *ssl );
|
|||
* \returns \c 0 on success.
|
||||
* \returns A negative error code on failure.
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_tls13_generate_handshake_keys( mbedtls_ssl_context *ssl,
|
||||
mbedtls_ssl_key_set *traffic_keys );
|
||||
|
||||
|
@ -593,6 +606,7 @@ int mbedtls_ssl_tls13_generate_handshake_keys( mbedtls_ssl_context *ssl,
|
|||
* \returns \c 0 on success.
|
||||
* \returns A negative error code on failure.
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_tls13_key_schedule_stage_application( mbedtls_ssl_context *ssl );
|
||||
|
||||
/**
|
||||
|
@ -607,6 +621,7 @@ int mbedtls_ssl_tls13_key_schedule_stage_application( mbedtls_ssl_context *ssl )
|
|||
* \returns \c 0 on success.
|
||||
* \returns A negative error code on failure.
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_tls13_generate_application_keys(
|
||||
mbedtls_ssl_context* ssl, mbedtls_ssl_key_set *traffic_keys );
|
||||
|
||||
|
@ -620,6 +635,7 @@ int mbedtls_ssl_tls13_generate_application_keys(
|
|||
* \returns \c 0 on success.
|
||||
* \returns A negative error code on failure.
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_tls13_generate_resumption_master_secret(
|
||||
mbedtls_ssl_context *ssl );
|
||||
|
||||
|
@ -645,6 +661,7 @@ int mbedtls_ssl_tls13_generate_resumption_master_secret(
|
|||
* \returns \c 0 on success.
|
||||
* \returns A negative error code on failure.
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_tls13_calculate_verify_data( mbedtls_ssl_context *ssl,
|
||||
unsigned char *dst,
|
||||
size_t dst_len,
|
||||
|
@ -660,6 +677,7 @@ int mbedtls_ssl_tls13_calculate_verify_data( mbedtls_ssl_context *ssl,
|
|||
* \returns \c 0 on success.
|
||||
* \returns A negative error code on failure.
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_tls13_compute_handshake_transform( mbedtls_ssl_context *ssl );
|
||||
|
||||
/**
|
||||
|
@ -671,6 +689,7 @@ int mbedtls_ssl_tls13_compute_handshake_transform( mbedtls_ssl_context *ssl );
|
|||
* \returns \c 0 on success.
|
||||
* \returns A negative error code on failure.
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_tls13_compute_application_transform( mbedtls_ssl_context *ssl );
|
||||
|
||||
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
|
||||
|
|
|
@ -50,6 +50,7 @@
|
|||
* ProtocolVersion versions<2..254>;
|
||||
* } SupportedVersions;
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_parse_supported_versions_ext( mbedtls_ssl_context *ssl,
|
||||
const unsigned char *buf,
|
||||
const unsigned char *end )
|
||||
|
@ -106,6 +107,7 @@ static int ssl_tls13_parse_supported_versions_ext( mbedtls_ssl_context *ssl,
|
|||
* NamedGroup named_group_list<2..2^16-1>;
|
||||
* } NamedGroupList;
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_parse_supported_groups_ext( mbedtls_ssl_context *ssl,
|
||||
const unsigned char *buf,
|
||||
const unsigned char *end )
|
||||
|
@ -168,6 +170,7 @@ static int ssl_tls13_parse_supported_groups_ext( mbedtls_ssl_context *ssl,
|
|||
* be needed.
|
||||
* - A negative value for fatal errors.
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_parse_key_shares_ext( mbedtls_ssl_context *ssl,
|
||||
const unsigned char *buf,
|
||||
const unsigned char *end )
|
||||
|
@ -313,6 +316,7 @@ static void ssl_tls13_debug_print_client_hello_exts( mbedtls_ssl_context *ssl )
|
|||
}
|
||||
#endif /* MBEDTLS_DEBUG_C */
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_client_hello_has_exts( mbedtls_ssl_context *ssl,
|
||||
int exts_mask )
|
||||
{
|
||||
|
@ -320,6 +324,7 @@ static int ssl_tls13_client_hello_has_exts( mbedtls_ssl_context *ssl,
|
|||
return( masked == exts_mask );
|
||||
}
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_client_hello_has_exts_for_ephemeral_key_exchange(
|
||||
mbedtls_ssl_context *ssl )
|
||||
{
|
||||
|
@ -329,6 +334,7 @@ static int ssl_tls13_client_hello_has_exts_for_ephemeral_key_exchange(
|
|||
MBEDTLS_SSL_EXT_SIG_ALG ) );
|
||||
}
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_check_ephemeral_key_exchange( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
if( !mbedtls_ssl_conf_tls13_ephemeral_enabled( ssl ) )
|
||||
|
@ -348,6 +354,7 @@ static int ssl_tls13_check_ephemeral_key_exchange( mbedtls_ssl_context *ssl )
|
|||
* Pick best ( private key, certificate chain ) pair based on the signature
|
||||
* algorithms supported by the client.
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_pick_key_cert( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
mbedtls_ssl_key_cert *key_cert, *key_cert_list;
|
||||
|
@ -463,6 +470,7 @@ static int ssl_tls13_pick_key_cert( mbedtls_ssl_context *ssl )
|
|||
#define SSL_CLIENT_HELLO_OK 0
|
||||
#define SSL_CLIENT_HELLO_HRR_REQUIRED 1
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_parse_client_hello( mbedtls_ssl_context *ssl,
|
||||
const unsigned char *buf,
|
||||
const unsigned char *end )
|
||||
|
@ -804,6 +812,7 @@ static int ssl_tls13_parse_client_hello( mbedtls_ssl_context *ssl,
|
|||
|
||||
/* Update the handshake state machine */
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_postprocess_client_hello( mbedtls_ssl_context* ssl )
|
||||
{
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
@ -850,6 +859,7 @@ static int ssl_tls13_postprocess_client_hello( mbedtls_ssl_context* ssl )
|
|||
* Main entry point from the state machine; orchestrates the otherfunctions.
|
||||
*/
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_process_client_hello( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
|
||||
|
@ -888,6 +898,7 @@ cleanup:
|
|||
/*
|
||||
* Handler for MBEDTLS_SSL_SERVER_HELLO
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_prepare_server_hello( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
@ -923,6 +934,7 @@ static int ssl_tls13_prepare_server_hello( mbedtls_ssl_context *ssl )
|
|||
* ProtocolVersion selected_version;
|
||||
* } SupportedVersions;
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_write_server_hello_supported_versions_ext(
|
||||
mbedtls_ssl_context *ssl,
|
||||
unsigned char *buf,
|
||||
|
@ -960,6 +972,7 @@ static int ssl_tls13_write_server_hello_supported_versions_ext(
|
|||
|
||||
/* Generate and export a single key share. For hybrid KEMs, this can
|
||||
* be called multiple times with the different components of the hybrid. */
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_generate_and_write_key_share( mbedtls_ssl_context *ssl,
|
||||
uint16_t named_group,
|
||||
unsigned char *buf,
|
||||
|
@ -1013,6 +1026,7 @@ static int ssl_tls13_generate_and_write_key_share( mbedtls_ssl_context *ssl,
|
|||
* KeyShareEntry server_share;
|
||||
* } KeyShareServerHello;
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_write_key_share_ext( mbedtls_ssl_context *ssl,
|
||||
unsigned char *buf,
|
||||
unsigned char *end,
|
||||
|
@ -1056,6 +1070,7 @@ static int ssl_tls13_write_key_share_ext( mbedtls_ssl_context *ssl,
|
|||
return( 0 );
|
||||
}
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_write_hrr_key_share_ext( mbedtls_ssl_context *ssl,
|
||||
unsigned char *buf,
|
||||
unsigned char *end,
|
||||
|
@ -1131,6 +1146,7 @@ static int ssl_tls13_write_hrr_key_share_ext( mbedtls_ssl_context *ssl,
|
|||
* Extension extensions<6..2^16-1>;
|
||||
* } ServerHello;
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_write_server_hello_body( mbedtls_ssl_context *ssl,
|
||||
unsigned char *buf,
|
||||
unsigned char *end,
|
||||
|
@ -1257,6 +1273,7 @@ static int ssl_tls13_write_server_hello_body( mbedtls_ssl_context *ssl,
|
|||
return( ret );
|
||||
}
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_finalize_write_server_hello( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
@ -1272,6 +1289,7 @@ static int ssl_tls13_finalize_write_server_hello( mbedtls_ssl_context *ssl )
|
|||
return( ret );
|
||||
}
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_write_server_hello( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
@ -1319,6 +1337,7 @@ cleanup:
|
|||
/*
|
||||
* Handler for MBEDTLS_SSL_HELLO_RETRY_REQUEST
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_prepare_hello_retry_request( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
@ -1345,6 +1364,7 @@ static int ssl_tls13_prepare_hello_retry_request( mbedtls_ssl_context *ssl )
|
|||
return( 0 );
|
||||
}
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_write_hello_retry_request( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
@ -1398,6 +1418,7 @@ cleanup:
|
|||
* } EncryptedExtensions;
|
||||
*
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_write_encrypted_extensions_body( mbedtls_ssl_context *ssl,
|
||||
unsigned char *buf,
|
||||
unsigned char *end,
|
||||
|
@ -1436,6 +1457,7 @@ static int ssl_tls13_write_encrypted_extensions_body( mbedtls_ssl_context *ssl,
|
|||
return( 0 );
|
||||
}
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_write_encrypted_extensions( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
@ -1487,6 +1509,7 @@ cleanup:
|
|||
* indicating if the writing of the CertificateRequest
|
||||
* should be skipped or not.
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_certificate_request_coordinate( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int authmode;
|
||||
|
@ -1513,6 +1536,7 @@ static int ssl_tls13_certificate_request_coordinate( mbedtls_ssl_context *ssl )
|
|||
* } CertificateRequest;
|
||||
*
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_write_certificate_request_body( mbedtls_ssl_context *ssl,
|
||||
unsigned char *buf,
|
||||
const unsigned char *end,
|
||||
|
@ -1559,6 +1583,7 @@ static int ssl_tls13_write_certificate_request_body( mbedtls_ssl_context *ssl,
|
|||
return( 0 );
|
||||
}
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_write_certificate_request( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
@ -1606,6 +1631,7 @@ cleanup:
|
|||
/*
|
||||
* Handler for MBEDTLS_SSL_SERVER_CERTIFICATE
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_write_server_certificate( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
@ -1631,6 +1657,7 @@ static int ssl_tls13_write_server_certificate( mbedtls_ssl_context *ssl )
|
|||
/*
|
||||
* Handler for MBEDTLS_SSL_CERTIFICATE_VERIFY
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_write_certificate_verify( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret = mbedtls_ssl_tls13_write_certificate_verify( ssl );
|
||||
|
@ -1644,6 +1671,7 @@ static int ssl_tls13_write_certificate_verify( mbedtls_ssl_context *ssl )
|
|||
/*
|
||||
* Handler for MBEDTLS_SSL_SERVER_FINISHED
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_write_server_finished( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
@ -1679,6 +1707,7 @@ static int ssl_tls13_write_server_finished( mbedtls_ssl_context *ssl )
|
|||
/*
|
||||
* Handler for MBEDTLS_SSL_CLIENT_FINISHED
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_process_client_finished( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
@ -1701,6 +1730,7 @@ static int ssl_tls13_process_client_finished( mbedtls_ssl_context *ssl )
|
|||
/*
|
||||
* Handler for MBEDTLS_SSL_HANDSHAKE_WRAPUP
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_handshake_wrapup( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "handshake: done" ) );
|
||||
|
|
|
@ -166,6 +166,10 @@ int main( int argc, char *argv[] )
|
|||
goto exit;
|
||||
}
|
||||
|
||||
/* Ensure no stdio buffering of secrets, as such buffers cannot be wiped. */
|
||||
mbedtls_setbuf( fin, NULL );
|
||||
mbedtls_setbuf( fout, NULL );
|
||||
|
||||
/*
|
||||
* Read the Cipher and MD from the command line
|
||||
*/
|
||||
|
|
|
@ -56,6 +56,7 @@
|
|||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
|
||||
#include "mbedtls/platform.h" // for mbedtls_setbuf
|
||||
#include "mbedtls/platform_util.h" // for mbedtls_platform_zeroize
|
||||
|
||||
#include <psa/crypto.h>
|
||||
|
@ -177,6 +178,8 @@ static psa_status_t save_key( psa_key_id_t key,
|
|||
key_data, sizeof( key_data ),
|
||||
&key_size ) );
|
||||
SYS_CHECK( ( key_file = fopen( output_file_name, "wb" ) ) != NULL );
|
||||
/* Ensure no stdio buffering of secrets, as such buffers cannot be wiped. */
|
||||
mbedtls_setbuf( key_file, NULL );
|
||||
SYS_CHECK( fwrite( key_data, 1, key_size, key_file ) == key_size );
|
||||
SYS_CHECK( fclose( key_file ) == 0 );
|
||||
key_file = NULL;
|
||||
|
@ -231,6 +234,8 @@ static psa_status_t import_key_from_file( psa_key_usage_t usage,
|
|||
unsigned char extra_byte;
|
||||
|
||||
SYS_CHECK( ( key_file = fopen( key_file_name, "rb" ) ) != NULL );
|
||||
/* Ensure no stdio buffering of secrets, as such buffers cannot be wiped. */
|
||||
mbedtls_setbuf( key_file, NULL );
|
||||
SYS_CHECK( ( key_size = fread( key_data, 1, sizeof( key_data ),
|
||||
key_file ) ) != 0 );
|
||||
if( fread( &extra_byte, 1, 1, key_file ) != 0 )
|
||||
|
@ -372,6 +377,8 @@ static psa_status_t wrap_data( const char *input_file_name,
|
|||
|
||||
/* Find the size of the data to wrap. */
|
||||
SYS_CHECK( ( input_file = fopen( input_file_name, "rb" ) ) != NULL );
|
||||
/* Ensure no stdio buffering of secrets, as such buffers cannot be wiped. */
|
||||
mbedtls_setbuf( input_file, NULL );
|
||||
SYS_CHECK( fseek( input_file, 0, SEEK_END ) == 0 );
|
||||
SYS_CHECK( ( input_position = ftell( input_file ) ) != -1 );
|
||||
#if LONG_MAX > SIZE_MAX
|
||||
|
@ -418,6 +425,8 @@ static psa_status_t wrap_data( const char *input_file_name,
|
|||
|
||||
/* Write the output. */
|
||||
SYS_CHECK( ( output_file = fopen( output_file_name, "wb" ) ) != NULL );
|
||||
/* Ensure no stdio buffering of secrets, as such buffers cannot be wiped. */
|
||||
mbedtls_setbuf( output_file, NULL );
|
||||
SYS_CHECK( fwrite( &header, 1, sizeof( header ),
|
||||
output_file ) == sizeof( header ) );
|
||||
SYS_CHECK( fwrite( buffer, 1, ciphertext_size,
|
||||
|
@ -453,6 +462,8 @@ static psa_status_t unwrap_data( const char *input_file_name,
|
|||
|
||||
/* Load and validate the header. */
|
||||
SYS_CHECK( ( input_file = fopen( input_file_name, "rb" ) ) != NULL );
|
||||
/* Ensure no stdio buffering of secrets, as such buffers cannot be wiped. */
|
||||
mbedtls_setbuf( input_file, NULL );
|
||||
SYS_CHECK( fread( &header, 1, sizeof( header ),
|
||||
input_file ) == sizeof( header ) );
|
||||
if( memcmp( &header.magic, WRAPPED_DATA_MAGIC,
|
||||
|
@ -509,6 +520,8 @@ static psa_status_t unwrap_data( const char *input_file_name,
|
|||
|
||||
/* Write the output. */
|
||||
SYS_CHECK( ( output_file = fopen( output_file_name, "wb" ) ) != NULL );
|
||||
/* Ensure no stdio buffering of secrets, as such buffers cannot be wiped. */
|
||||
mbedtls_setbuf( output_file, NULL );
|
||||
SYS_CHECK( fwrite( buffer, 1, plaintext_size,
|
||||
output_file ) == plaintext_size );
|
||||
SYS_CHECK( fclose( output_file ) == 0 );
|
||||
|
|
|
@ -101,6 +101,10 @@ void nss_keylog_export( void *p_expkey,
|
|||
goto exit;
|
||||
}
|
||||
|
||||
/* Ensure no stdio buffering of secrets, as such buffers cannot be
|
||||
* wiped. */
|
||||
mbedtls_setbuf( f, NULL );
|
||||
|
||||
if( fwrite( nss_keylog_line, 1, len, f ) != len )
|
||||
{
|
||||
fclose( f );
|
||||
|
@ -305,6 +309,9 @@ uint16_t ssl_sig_algs_for_test[] = {
|
|||
#if defined(MBEDTLS_SHA224_C)
|
||||
MBEDTLS_SSL_SIG_ALG( MBEDTLS_SSL_HASH_SHA224 )
|
||||
#endif
|
||||
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_SHA256_C)
|
||||
MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA256,
|
||||
#endif /* MBEDTLS_RSA_C && MBEDTLS_SHA256_C */
|
||||
#if defined(MBEDTLS_SHA1_C)
|
||||
/* Allow SHA-1 as we use it extensively in tests. */
|
||||
MBEDTLS_SSL_SIG_ALG( MBEDTLS_SSL_HASH_SHA1 )
|
||||
|
|
|
@ -34,6 +34,7 @@
|
|||
#define mbedtls_printf printf
|
||||
#define mbedtls_fprintf fprintf
|
||||
#define mbedtls_snprintf snprintf
|
||||
#define mbedtls_setbuf setbuf
|
||||
#define mbedtls_exit exit
|
||||
#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
|
||||
#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
|
||||
|
|
|
@ -2253,6 +2253,7 @@ component_test_no_platform () {
|
|||
scripts/config.py unset MBEDTLS_PLATFORM_SNPRINTF_ALT
|
||||
scripts/config.py unset MBEDTLS_PLATFORM_TIME_ALT
|
||||
scripts/config.py unset MBEDTLS_PLATFORM_EXIT_ALT
|
||||
scripts/config.py unset MBEDTLS_PLATFORM_SETBUF_ALT
|
||||
scripts/config.py unset MBEDTLS_PLATFORM_NV_SEED_ALT
|
||||
scripts/config.py unset MBEDTLS_ENTROPY_NV_SEED
|
||||
scripts/config.py unset MBEDTLS_FS_IO
|
||||
|
@ -2904,6 +2905,18 @@ component_test_tls13_only () {
|
|||
if_build_succeeded tests/ssl-opt.sh
|
||||
}
|
||||
|
||||
component_test_tls13_only_with_hooks () {
|
||||
msg "build: default config with MBEDTLS_SSL_PROTO_TLS1_3 and MBEDTLS_TEST_HOOKS, without MBEDTLS_SSL_PROTO_TLS1_2"
|
||||
scripts/config.py set MBEDTLS_TEST_HOOKS
|
||||
make CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only.h\"'"
|
||||
|
||||
msg "test: default config with MBEDTLS_SSL_PROTO_TLS1_3 enabled, without MBEDTLS_SSL_PROTO_TLS1_2"
|
||||
if_build_succeeded make test
|
||||
|
||||
msg "ssl-opt.sh (TLS 1.3)"
|
||||
if_build_succeeded tests/ssl-opt.sh
|
||||
}
|
||||
|
||||
component_test_tls13 () {
|
||||
msg "build: default config with MBEDTLS_SSL_PROTO_TLS1_3 enabled, without padding"
|
||||
scripts/config.py set MBEDTLS_SSL_PROTO_TLS1_3
|
||||
|
|
213
tests/ssl-opt.sh
213
tests/ssl-opt.sh
|
@ -6211,7 +6211,6 @@ run_test "keyUsage srv: RSA, digitalSignature -> (EC)DHE-RSA" \
|
|||
0 \
|
||||
-c "Ciphersuite is TLS-[EC]*DHE-RSA-WITH-"
|
||||
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
run_test "keyUsage srv: RSA, keyEncipherment -> RSA" \
|
||||
"$P_SRV key_file=data_files/server2.key \
|
||||
|
@ -6346,6 +6345,78 @@ run_test "keyUsage cli: DigitalSignature, RSA: fail, soft" \
|
|||
-c "Ciphersuite is TLS-" \
|
||||
-c "! Usage does not match the keyUsage extension"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
|
||||
requires_openssl_tls1_3
|
||||
requires_config_disabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
run_test "keyUsage cli 1.3: DigitalSignature+KeyEncipherment, RSA: OK" \
|
||||
"$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key data_files/server2.key \
|
||||
-cert data_files/server2.ku-ds_ke.crt" \
|
||||
"$P_CLI debug_level=3" \
|
||||
0 \
|
||||
-C "bad certificate (usage extensions)" \
|
||||
-C "Processing of the Certificate handshake message failed" \
|
||||
-c "Ciphersuite is"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
|
||||
requires_openssl_tls1_3
|
||||
requires_config_disabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
run_test "keyUsage cli 1.3: KeyEncipherment, RSA: fail" \
|
||||
"$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key data_files/server2.key \
|
||||
-cert data_files/server2.ku-ke.crt" \
|
||||
"$P_CLI debug_level=1" \
|
||||
1 \
|
||||
-c "bad certificate (usage extensions)" \
|
||||
-c "Processing of the Certificate handshake message failed" \
|
||||
-C "Ciphersuite is"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
|
||||
requires_openssl_tls1_3
|
||||
requires_config_disabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
run_test "keyUsage cli 1.3: KeyAgreement, RSA: fail" \
|
||||
"$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key data_files/server2.key \
|
||||
-cert data_files/server2.ku-ka.crt" \
|
||||
"$P_CLI debug_level=1" \
|
||||
1 \
|
||||
-c "bad certificate (usage extensions)" \
|
||||
-c "Processing of the Certificate handshake message failed" \
|
||||
-C "Ciphersuite is"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
|
||||
requires_openssl_tls1_3
|
||||
requires_config_disabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
run_test "keyUsage cli 1.3: DigitalSignature, ECDSA: OK" \
|
||||
"$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key data_files/server5.key \
|
||||
-cert data_files/server5.ku-ds.crt" \
|
||||
"$P_CLI debug_level=3" \
|
||||
0 \
|
||||
-C "bad certificate (usage extensions)" \
|
||||
-C "Processing of the Certificate handshake message failed" \
|
||||
-c "Ciphersuite is"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
|
||||
requires_openssl_tls1_3
|
||||
requires_config_disabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
run_test "keyUsage cli 1.3: KeyEncipherment, ECDSA: fail" \
|
||||
"$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key data_files/server5.key \
|
||||
-cert data_files/server5.ku-ke.crt" \
|
||||
"$P_CLI debug_level=1" \
|
||||
1 \
|
||||
-c "bad certificate (usage extensions)" \
|
||||
-c "Processing of the Certificate handshake message failed" \
|
||||
-C "Ciphersuite is"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
|
||||
requires_openssl_tls1_3
|
||||
requires_config_disabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
run_test "keyUsage cli 1.3: KeyAgreement, ECDSA: fail" \
|
||||
"$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key data_files/server5.key \
|
||||
-cert data_files/server5.ku-ka.crt" \
|
||||
"$P_CLI debug_level=1" \
|
||||
1 \
|
||||
-c "bad certificate (usage extensions)" \
|
||||
-c "Processing of the Certificate handshake message failed" \
|
||||
-C "Ciphersuite is"
|
||||
|
||||
# Tests for keyUsage in leaf certificates, part 3:
|
||||
# server-side checking of client cert
|
||||
|
||||
|
@ -6355,6 +6426,7 @@ run_test "keyUsage cli-auth: RSA, DigitalSignature: OK" \
|
|||
"$O_CLI -key data_files/server2.key \
|
||||
-cert data_files/server2.ku-ds.crt" \
|
||||
0 \
|
||||
-s "Verifying peer X.509 certificate... ok" \
|
||||
-S "bad certificate (usage extensions)" \
|
||||
-S "Processing of the Certificate handshake message failed"
|
||||
|
||||
|
@ -6382,6 +6454,7 @@ run_test "keyUsage cli-auth: ECDSA, DigitalSignature: OK" \
|
|||
"$O_CLI -key data_files/server5.key \
|
||||
-cert data_files/server5.ku-ds.crt" \
|
||||
0 \
|
||||
-s "Verifying peer X.509 certificate... ok" \
|
||||
-S "bad certificate (usage extensions)" \
|
||||
-S "Processing of the Certificate handshake message failed"
|
||||
|
||||
|
@ -6394,6 +6467,52 @@ run_test "keyUsage cli-auth: ECDSA, KeyAgreement: fail (soft)" \
|
|||
-s "bad certificate (usage extensions)" \
|
||||
-S "Processing of the Certificate handshake message failed"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
|
||||
requires_openssl_tls1_3
|
||||
requires_config_disabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
run_test "keyUsage cli-auth 1.3: RSA, DigitalSignature: OK" \
|
||||
"$P_SRV debug_level=1 auth_mode=optional" \
|
||||
"$O_NEXT_CLI_NO_CERT -key data_files/server2.key \
|
||||
-cert data_files/server2.ku-ds.crt" \
|
||||
0 \
|
||||
-s "Verifying peer X.509 certificate... ok" \
|
||||
-S "bad certificate (usage extensions)" \
|
||||
-S "Processing of the Certificate handshake message failed"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
|
||||
requires_openssl_tls1_3
|
||||
requires_config_disabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
run_test "keyUsage cli-auth 1.3: RSA, KeyEncipherment: fail (soft)" \
|
||||
"$P_SRV debug_level=1 auth_mode=optional" \
|
||||
"$O_NEXT_CLI_NO_CERT -key data_files/server2.key \
|
||||
-cert data_files/server2.ku-ke.crt" \
|
||||
0 \
|
||||
-s "bad certificate (usage extensions)" \
|
||||
-S "Processing of the Certificate handshake message failed"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
|
||||
requires_openssl_tls1_3
|
||||
requires_config_disabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
run_test "keyUsage cli-auth 1.3: ECDSA, DigitalSignature: OK" \
|
||||
"$P_SRV debug_level=1 auth_mode=optional" \
|
||||
"$O_NEXT_CLI_NO_CERT -key data_files/server5.key \
|
||||
-cert data_files/server5.ku-ds.crt" \
|
||||
0 \
|
||||
-s "Verifying peer X.509 certificate... ok" \
|
||||
-S "bad certificate (usage extensions)" \
|
||||
-S "Processing of the Certificate handshake message failed"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
|
||||
requires_openssl_tls1_3
|
||||
requires_config_disabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
run_test "keyUsage cli-auth 1.3: ECDSA, KeyAgreement: fail (soft)" \
|
||||
"$P_SRV debug_level=1 auth_mode=optional" \
|
||||
"$O_NEXT_CLI_NO_CERT -key data_files/server5.key \
|
||||
-cert data_files/server5.ku-ka.crt" \
|
||||
0 \
|
||||
-s "bad certificate (usage extensions)" \
|
||||
-S "Processing of the Certificate handshake message failed"
|
||||
|
||||
# Tests for extendedKeyUsage, part 1: server-side certificate/suite selection
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
|
@ -6466,6 +6585,54 @@ run_test "extKeyUsage cli: codeSign -> fail" \
|
|||
-c "Processing of the Certificate handshake message failed" \
|
||||
-C "Ciphersuite is TLS-"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
|
||||
requires_openssl_tls1_3
|
||||
requires_config_disabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
run_test "extKeyUsage cli 1.3: serverAuth -> OK" \
|
||||
"$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key data_files/server5.key \
|
||||
-cert data_files/server5.eku-srv.crt" \
|
||||
"$P_CLI debug_level=1" \
|
||||
0 \
|
||||
-C "bad certificate (usage extensions)" \
|
||||
-C "Processing of the Certificate handshake message failed" \
|
||||
-c "Ciphersuite is"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
|
||||
requires_openssl_tls1_3
|
||||
requires_config_disabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
run_test "extKeyUsage cli 1.3: serverAuth,clientAuth -> OK" \
|
||||
"$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key data_files/server5.key \
|
||||
-cert data_files/server5.eku-srv_cli.crt" \
|
||||
"$P_CLI debug_level=1" \
|
||||
0 \
|
||||
-C "bad certificate (usage extensions)" \
|
||||
-C "Processing of the Certificate handshake message failed" \
|
||||
-c "Ciphersuite is"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
|
||||
requires_openssl_tls1_3
|
||||
requires_config_disabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
run_test "extKeyUsage cli 1.3: codeSign,anyEKU -> OK" \
|
||||
"$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key data_files/server5.key \
|
||||
-cert data_files/server5.eku-cs_any.crt" \
|
||||
"$P_CLI debug_level=1" \
|
||||
0 \
|
||||
-C "bad certificate (usage extensions)" \
|
||||
-C "Processing of the Certificate handshake message failed" \
|
||||
-c "Ciphersuite is"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
|
||||
requires_openssl_tls1_3
|
||||
requires_config_disabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
run_test "extKeyUsage cli 1.3: codeSign -> fail" \
|
||||
"$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key data_files/server5.key \
|
||||
-cert data_files/server5.eku-cs.crt" \
|
||||
"$P_CLI debug_level=1" \
|
||||
1 \
|
||||
-c "bad certificate (usage extensions)" \
|
||||
-c "Processing of the Certificate handshake message failed" \
|
||||
-C "Ciphersuite is"
|
||||
|
||||
# Tests for extendedKeyUsage, part 3: server-side checking of client cert
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
|
@ -6513,6 +6680,50 @@ run_test "extKeyUsage cli-auth: codeSign -> fail (hard)" \
|
|||
-s "bad certificate (usage extensions)" \
|
||||
-s "Processing of the Certificate handshake message failed"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
|
||||
requires_openssl_tls1_3
|
||||
requires_config_disabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
run_test "extKeyUsage cli-auth 1.3: clientAuth -> OK" \
|
||||
"$P_SRV debug_level=1 auth_mode=optional" \
|
||||
"$O_NEXT_CLI_NO_CERT -key data_files/server5.key \
|
||||
-cert data_files/server5.eku-cli.crt" \
|
||||
0 \
|
||||
-S "bad certificate (usage extensions)" \
|
||||
-S "Processing of the Certificate handshake message failed"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
|
||||
requires_openssl_tls1_3
|
||||
requires_config_disabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
run_test "extKeyUsage cli-auth 1.3: serverAuth,clientAuth -> OK" \
|
||||
"$P_SRV debug_level=1 auth_mode=optional" \
|
||||
"$O_NEXT_CLI_NO_CERT -key data_files/server5.key \
|
||||
-cert data_files/server5.eku-srv_cli.crt" \
|
||||
0 \
|
||||
-S "bad certificate (usage extensions)" \
|
||||
-S "Processing of the Certificate handshake message failed"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
|
||||
requires_openssl_tls1_3
|
||||
requires_config_disabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
run_test "extKeyUsage cli-auth 1.3: codeSign,anyEKU -> OK" \
|
||||
"$P_SRV debug_level=1 auth_mode=optional" \
|
||||
"$O_NEXT_CLI_NO_CERT -key data_files/server5.key \
|
||||
-cert data_files/server5.eku-cs_any.crt" \
|
||||
0 \
|
||||
-S "bad certificate (usage extensions)" \
|
||||
-S "Processing of the Certificate handshake message failed"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
|
||||
requires_openssl_tls1_3
|
||||
requires_config_disabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
run_test "extKeyUsage cli-auth 1.3: codeSign -> fail (soft)" \
|
||||
"$P_SRV debug_level=1 auth_mode=optional" \
|
||||
"$O_NEXT_CLI_NO_CERT -key data_files/server5.key \
|
||||
-cert data_files/server5.eku-cs.crt" \
|
||||
0 \
|
||||
-s "bad certificate (usage extensions)" \
|
||||
-S "Processing of the Certificate handshake message failed"
|
||||
|
||||
# Tests for DHM parameters loading
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
|
|
|
@ -67,12 +67,18 @@ mpi_read_write_string:16:"":16:"":4:0:0
|
|||
Test mpi_read_write_string #9 (Empty MPI hex -> dec)
|
||||
mpi_read_write_string:16:"":10:"0":4:0:0
|
||||
|
||||
Test mpi_read_write_string #9 (Empty MPI hex -> base 2)
|
||||
mpi_read_write_string:16:"":2:"0":4:0:0
|
||||
|
||||
Test mpi_read_write_string #8 (Empty MPI dec -> hex)
|
||||
mpi_read_write_string:10:"":16:"":4:0:0
|
||||
|
||||
Test mpi_read_write_string #9 (Empty MPI dec -> dec)
|
||||
mpi_read_write_string:10:"":10:"0":4:0:0
|
||||
|
||||
Test mpi_read_write_string #9 (Empty MPI dec -> base 2)
|
||||
mpi_read_write_string:16:"":2:"0":4:0:0
|
||||
|
||||
Test mpi_write_string #10 (Negative hex with odd number of digits)
|
||||
mpi_read_write_string:16:"-1":16:"":3:0:MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL
|
||||
|
||||
|
@ -1216,9 +1222,15 @@ mbedtls_mpi_mod_int:10:"1000":2:0:0
|
|||
Test mbedtls_mpi_mod_int: 0 (null) % 1
|
||||
mbedtls_mpi_mod_int:16:"":1:0:0
|
||||
|
||||
Test mbedtls_mpi_mod_int: 0 (null) % 2
|
||||
mbedtls_mpi_mod_int:16:"":2:0:0
|
||||
|
||||
Test mbedtls_mpi_mod_int: 0 (null) % -1
|
||||
mbedtls_mpi_mod_int:16:"":-1:0:MBEDTLS_ERR_MPI_NEGATIVE_VALUE
|
||||
|
||||
Test mbedtls_mpi_mod_int: 0 (null) % -2
|
||||
mbedtls_mpi_mod_int:16:"":-2:0:MBEDTLS_ERR_MPI_NEGATIVE_VALUE
|
||||
|
||||
Base test mbedtls_mpi_exp_mod #1
|
||||
mbedtls_mpi_exp_mod:10:"23":10:"13":10:"29":10:"24":0
|
||||
|
||||
|
|
|
@ -3429,3 +3429,24 @@ raw_key_agreement_fail:1
|
|||
|
||||
Force a bad session id length
|
||||
force_bad_session_id_len
|
||||
|
||||
Cookie parsing: nominal run
|
||||
cookie_parsing:"16fefd0000000000000000002F010000de000000000000011efefd7b7272727272727272727272727272727272727272727272727272727272727d00200000000000000000000000000000000000000000000000000000000000000000":MBEDTLS_ERR_SSL_INTERNAL_ERROR
|
||||
|
||||
Cookie parsing: cookie_len overflow
|
||||
cookie_parsing:"16fefd000000000000000000ea010000de000000000000011efefd7b7272727272727272727272727272727272727272727272727272727272727db97b7373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737db963":MBEDTLS_ERR_SSL_DECODE_ERROR
|
||||
|
||||
Cookie parsing: non-zero fragment offset
|
||||
cookie_parsing:"16fefd00000000000000000032010000de000072000000011efefd7b7272727272727272727272727272727272727272727272727272727272727d01730143":MBEDTLS_ERR_SSL_DECODE_ERROR
|
||||
|
||||
Cookie parsing: sid_len overflow
|
||||
cookie_parsing:"16fefd00000000000000000032010000de000000000000011efefd7b7272727272727272727272727272727272727272727272727272727272727dFF730143":MBEDTLS_ERR_SSL_DECODE_ERROR
|
||||
|
||||
Cookie parsing: record too short
|
||||
cookie_parsing:"16fefd0000000000000000002f010000de000000000000011efefd7b7272727272727272727272727272727272727272727272727272727272727dFF":MBEDTLS_ERR_SSL_DECODE_ERROR
|
||||
|
||||
Cookie parsing: one byte overread
|
||||
cookie_parsing:"16fefd0000000000000000002F010000de000000000000011efefd7b7272727272727272727272727272727272727272727272727272727272727d0001":MBEDTLS_ERR_SSL_DECODE_ERROR
|
||||
|
||||
TLS 1.3 srv Certificate msg - wrong vector lengths
|
||||
tls13_server_certificate_msg_invalid_vector_len
|
||||
|
|
|
@ -139,6 +139,23 @@ void free_handshake_options( handshake_test_options *opts )
|
|||
(void) opts;
|
||||
#endif
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_TEST_HOOKS)
|
||||
static void set_chk_buf_ptr_args(
|
||||
mbedtls_ssl_chk_buf_ptr_args *args,
|
||||
unsigned char *cur, unsigned char *end, size_t need )
|
||||
{
|
||||
args->cur = cur;
|
||||
args->end = end;
|
||||
args->need = need;
|
||||
}
|
||||
|
||||
static void reset_chk_buf_ptr_args( mbedtls_ssl_chk_buf_ptr_args *args )
|
||||
{
|
||||
memset( args, 0, sizeof( *args ) );
|
||||
}
|
||||
#endif /* MBEDTLS_TEST_HOOKS */
|
||||
|
||||
/*
|
||||
* Buffer structure for custom I/O callbacks.
|
||||
*/
|
||||
|
@ -2383,6 +2400,119 @@ exit:
|
|||
}
|
||||
#endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */
|
||||
|
||||
#if defined(MBEDTLS_TEST_HOOKS)
|
||||
/*
|
||||
* Tweak vector lengths in a TLS 1.3 Certificate message
|
||||
*
|
||||
* \param[in] buf Buffer containing the Certificate message to tweak
|
||||
* \param[in]]out] end End of the buffer to parse
|
||||
* \param tweak Tweak identifier (from 1 to the number of tweaks).
|
||||
* \param[out] expected_result Error code expected from the parsing function
|
||||
* \param[out] args Arguments of the MBEDTLS_SSL_CHK_BUF_READ_PTR call that
|
||||
* is expected to fail. All zeroes if no
|
||||
* MBEDTLS_SSL_CHK_BUF_READ_PTR failure is expected.
|
||||
*/
|
||||
int tweak_tls13_certificate_msg_vector_len(
|
||||
unsigned char *buf, unsigned char **end, int tweak,
|
||||
int *expected_result, mbedtls_ssl_chk_buf_ptr_args *args )
|
||||
{
|
||||
/*
|
||||
* The definition of the tweaks assume that the certificate list contains only
|
||||
* one certificate.
|
||||
*/
|
||||
|
||||
/*
|
||||
* struct {
|
||||
* opaque cert_data<1..2^24-1>;
|
||||
* Extension extensions<0..2^16-1>;
|
||||
* } CertificateEntry;
|
||||
*
|
||||
* struct {
|
||||
* opaque certificate_request_context<0..2^8-1>;
|
||||
* CertificateEntry certificate_list<0..2^24-1>;
|
||||
* } Certificate;
|
||||
*/
|
||||
unsigned char *p_certificate_request_context_len = buf;
|
||||
size_t certificate_request_context_len = buf[0];
|
||||
|
||||
unsigned char *p_certificate_list_len = buf + 1 + certificate_request_context_len;
|
||||
unsigned char *certificate_list = p_certificate_list_len + 3;
|
||||
size_t certificate_list_len = MBEDTLS_GET_UINT24_BE( p_certificate_list_len, 0 );
|
||||
|
||||
unsigned char *p_cert_data_len = certificate_list;
|
||||
unsigned char *cert_data = p_cert_data_len + 3;
|
||||
size_t cert_data_len = MBEDTLS_GET_UINT24_BE( p_cert_data_len, 0 );
|
||||
|
||||
unsigned char *p_extensions_len = cert_data + cert_data_len;
|
||||
unsigned char *extensions = p_extensions_len + 2;
|
||||
size_t extensions_len = MBEDTLS_GET_UINT16_BE( p_extensions_len, 0 );
|
||||
|
||||
*expected_result = MBEDTLS_ERR_SSL_DECODE_ERROR;
|
||||
|
||||
switch( tweak )
|
||||
{
|
||||
case 1:
|
||||
/* Failure when checking if the certificate request context length and
|
||||
* certificate list length can be read
|
||||
*/
|
||||
*end = buf + 3;
|
||||
set_chk_buf_ptr_args( args, buf, *end, 4 );
|
||||
break;
|
||||
|
||||
case 2:
|
||||
/* Invalid certificate request context length.
|
||||
*/
|
||||
*p_certificate_request_context_len =
|
||||
certificate_request_context_len + 1;
|
||||
reset_chk_buf_ptr_args( args );
|
||||
break;
|
||||
|
||||
case 3:
|
||||
/* Failure when checking if certificate_list data can be read. */
|
||||
MBEDTLS_PUT_UINT24_BE( certificate_list_len + 1,
|
||||
p_certificate_list_len, 0 );
|
||||
set_chk_buf_ptr_args( args, certificate_list, *end,
|
||||
certificate_list_len + 1 );
|
||||
break;
|
||||
|
||||
case 4:
|
||||
/* Failure when checking if the cert_data length can be read. */
|
||||
MBEDTLS_PUT_UINT24_BE( 2, p_certificate_list_len, 0 );
|
||||
set_chk_buf_ptr_args( args, p_cert_data_len, certificate_list + 2, 3 );
|
||||
break;
|
||||
|
||||
case 5:
|
||||
/* Failure when checking if cert_data data can be read. */
|
||||
MBEDTLS_PUT_UINT24_BE( certificate_list_len - 3 + 1,
|
||||
p_cert_data_len, 0 );
|
||||
set_chk_buf_ptr_args( args, cert_data,
|
||||
certificate_list + certificate_list_len,
|
||||
certificate_list_len - 3 + 1 );
|
||||
break;
|
||||
|
||||
case 6:
|
||||
/* Failure when checking if the extensions length can be read. */
|
||||
MBEDTLS_PUT_UINT24_BE( certificate_list_len - extensions_len - 1,
|
||||
p_certificate_list_len, 0 );
|
||||
set_chk_buf_ptr_args( args, p_extensions_len,
|
||||
certificate_list + certificate_list_len - extensions_len - 1, 2 );
|
||||
break;
|
||||
|
||||
case 7:
|
||||
/* Failure when checking if extensions data can be read. */
|
||||
MBEDTLS_PUT_UINT16_BE( extensions_len + 1, p_extensions_len, 0 );
|
||||
|
||||
set_chk_buf_ptr_args( args, extensions,
|
||||
certificate_list + certificate_list_len, extensions_len + 1 );
|
||||
break;
|
||||
|
||||
default:
|
||||
return( -1 );
|
||||
}
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
#endif /* MBEDTLS_TEST_HOOKS */
|
||||
/* END_HEADER */
|
||||
|
||||
/* BEGIN_DEPENDENCIES
|
||||
|
@ -5574,6 +5704,34 @@ exit:
|
|||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_SSL_SRV_C:MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE:MBEDTLS_TEST_HOOKS */
|
||||
void cookie_parsing( data_t *cookie, int exp_ret )
|
||||
{
|
||||
mbedtls_ssl_context ssl;
|
||||
mbedtls_ssl_config conf;
|
||||
size_t len;
|
||||
|
||||
mbedtls_ssl_init( &ssl );
|
||||
mbedtls_ssl_config_init( &conf );
|
||||
TEST_EQUAL( mbedtls_ssl_config_defaults( &conf, MBEDTLS_SSL_IS_SERVER,
|
||||
MBEDTLS_SSL_TRANSPORT_DATAGRAM,
|
||||
MBEDTLS_SSL_PRESET_DEFAULT ),
|
||||
0 );
|
||||
|
||||
TEST_EQUAL( mbedtls_ssl_setup( &ssl, &conf ), 0 );
|
||||
TEST_EQUAL( mbedtls_ssl_check_dtls_clihlo_cookie( &ssl, ssl.cli_id,
|
||||
ssl.cli_id_len,
|
||||
cookie->x, cookie->len,
|
||||
ssl.out_buf,
|
||||
MBEDTLS_SSL_OUT_CONTENT_LEN,
|
||||
&len ),
|
||||
exp_ret );
|
||||
|
||||
mbedtls_ssl_free( &ssl );
|
||||
mbedtls_ssl_config_free( &conf );
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_TIMING_C:MBEDTLS_HAVE_TIME */
|
||||
void timing_final_delay_accessor( )
|
||||
{
|
||||
|
@ -5735,3 +5893,87 @@ exit:
|
|||
USE_PSA_DONE( );
|
||||
}
|
||||
/* END_CASE */
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS:MBEDTLS_SSL_PROTO_TLS1_3:!MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_CLI_C:MBEDTLS_SSL_SRV_C:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED */
|
||||
void tls13_server_certificate_msg_invalid_vector_len( )
|
||||
{
|
||||
int ret = -1;
|
||||
mbedtls_endpoint client_ep, server_ep;
|
||||
unsigned char *buf, *end;
|
||||
size_t buf_len;
|
||||
int step = 0;
|
||||
int expected_result;
|
||||
mbedtls_ssl_chk_buf_ptr_args expected_chk_buf_ptr_args;
|
||||
|
||||
/*
|
||||
* Test set-up
|
||||
*/
|
||||
USE_PSA_INIT( );
|
||||
|
||||
ret = mbedtls_endpoint_init( &client_ep, MBEDTLS_SSL_IS_CLIENT,
|
||||
MBEDTLS_PK_ECDSA, NULL, NULL, NULL, NULL );
|
||||
TEST_EQUAL( ret, 0 );
|
||||
|
||||
ret = mbedtls_endpoint_init( &server_ep, MBEDTLS_SSL_IS_SERVER,
|
||||
MBEDTLS_PK_ECDSA, NULL, NULL, NULL, NULL );
|
||||
TEST_EQUAL( ret, 0 );
|
||||
|
||||
ret = mbedtls_mock_socket_connect( &(client_ep.socket),
|
||||
&(server_ep.socket), 1024 );
|
||||
TEST_EQUAL( ret, 0 );
|
||||
|
||||
while( 1 )
|
||||
{
|
||||
mbedtls_test_set_step( ++step );
|
||||
|
||||
ret = mbedtls_move_handshake_to_state( &(server_ep.ssl),
|
||||
&(client_ep.ssl),
|
||||
MBEDTLS_SSL_CERTIFICATE_VERIFY );
|
||||
TEST_EQUAL( ret, 0 );
|
||||
|
||||
ret = mbedtls_ssl_flush_output( &(server_ep.ssl) );
|
||||
TEST_EQUAL( ret, 0 );
|
||||
|
||||
ret = mbedtls_move_handshake_to_state( &(client_ep.ssl),
|
||||
&(server_ep.ssl),
|
||||
MBEDTLS_SSL_SERVER_CERTIFICATE );
|
||||
TEST_EQUAL( ret, 0 );
|
||||
|
||||
ret = mbedtls_ssl_tls13_fetch_handshake_msg( &(client_ep.ssl),
|
||||
MBEDTLS_SSL_HS_CERTIFICATE,
|
||||
&buf, &buf_len );
|
||||
TEST_EQUAL( ret, 0 );
|
||||
|
||||
end = buf + buf_len;
|
||||
|
||||
/*
|
||||
* Tweak server Certificate message and parse it.
|
||||
*/
|
||||
|
||||
ret = tweak_tls13_certificate_msg_vector_len(
|
||||
buf, &end, step, &expected_result, &expected_chk_buf_ptr_args );
|
||||
|
||||
if( ret != 0 )
|
||||
break;
|
||||
|
||||
ret = mbedtls_ssl_tls13_parse_certificate( &(client_ep.ssl), buf, end );
|
||||
TEST_EQUAL( ret, expected_result );
|
||||
|
||||
TEST_ASSERT( mbedtls_ssl_cmp_chk_buf_ptr_fail_args(
|
||||
&expected_chk_buf_ptr_args ) == 0 );
|
||||
|
||||
mbedtls_ssl_reset_chk_buf_ptr_fail_args( );
|
||||
|
||||
ret = mbedtls_ssl_session_reset( &(client_ep.ssl) );
|
||||
TEST_EQUAL( ret, 0 );
|
||||
|
||||
ret = mbedtls_ssl_session_reset( &(server_ep.ssl) );
|
||||
TEST_EQUAL( ret, 0 );
|
||||
}
|
||||
|
||||
exit:
|
||||
mbedtls_ssl_reset_chk_buf_ptr_fail_args( );
|
||||
mbedtls_endpoint_free( &client_ep, NULL );
|
||||
mbedtls_endpoint_free( &server_ep, NULL );
|
||||
USE_PSA_DONE( );
|
||||
}
|
||||
/* END_CASE */
|
||||
|
|
Loading…
Reference in a new issue