diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index c77119b02..36db2e819 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -119,6 +119,7 @@ int main( void ) #define DFL_MFL_CODE MBEDTLS_SSL_MAX_FRAG_LEN_NONE #define DFL_TRUNC_HMAC -1 #define DFL_TICKETS MBEDTLS_SSL_SESSION_TICKETS_ENABLED +#define DFL_TICKET_ROTATE 0 #define DFL_TICKET_TIMEOUT 86400 #define DFL_TICKET_AEAD MBEDTLS_CIPHER_AES_256_GCM #define DFL_CACHE_MAX -1 @@ -286,6 +287,7 @@ int main( void ) #if defined(MBEDTLS_SSL_SESSION_TICKETS) #define USAGE_TICKETS \ " tickets=%%d default: 1 (enabled)\n" \ + " ticket_rotate=%%d default: 0 (disabled)\n" \ " ticket_timeout=%%d default: 86400 (one day)\n" \ " ticket_aead=%%s default: \"AES-256-GCM\"\n" #else @@ -613,6 +615,7 @@ struct options unsigned char mfl_code; /* code for maximum fragment length */ int trunc_hmac; /* accept truncated hmac? */ int tickets; /* enable / disable session tickets */ + int ticket_rotate; /* session ticket rotate (code coverage) */ int ticket_timeout; /* session ticket lifetime */ int ticket_aead; /* session ticket protection */ int cache_max; /* max number of session cache entries */ @@ -1542,6 +1545,7 @@ int main( int argc, char *argv[] ) opt.mfl_code = DFL_MFL_CODE; opt.trunc_hmac = DFL_TRUNC_HMAC; opt.tickets = DFL_TICKETS; + opt.ticket_rotate = DFL_TICKET_ROTATE; opt.ticket_timeout = DFL_TICKET_TIMEOUT; opt.ticket_aead = DFL_TICKET_AEAD; opt.cache_max = DFL_CACHE_MAX; @@ -1915,6 +1919,12 @@ int main( int argc, char *argv[] ) if( opt.tickets < 0 || opt.tickets > 1 ) goto usage; } + else if( strcmp( p, "ticket_rotate" ) == 0 ) + { + opt.ticket_rotate = atoi( q ); + if( opt.ticket_rotate < 0 || opt.ticket_rotate > 1 ) + goto usage; + } else if( strcmp( p, "ticket_timeout" ) == 0 ) { opt.ticket_timeout = atoi( q ); @@ -2737,6 +2747,24 @@ int main( int argc, char *argv[] ) mbedtls_ssl_ticket_write, mbedtls_ssl_ticket_parse, &ticket_ctx ); + + /* exercise manual ticket rotation (not required for typical use) + * (used for external synchronization of session ticket encryption keys) + */ + if( opt.ticket_rotate ) { + #define MAX_KEY_BYTES 32 /* 256 bits *//* library/ssl_ticket.c */ + unsigned char kbuf[MAX_KEY_BYTES]; + unsigned char name[4]; /* match mbedtls_ssl_ticket_key name[4] */ + if( ( ret = rng_get( &rng, name, sizeof( name ) ) ) != 0 || + ( ret = rng_get( &rng, kbuf, sizeof( kbuf ) ) ) != 0 || + ( ret = mbedtls_ssl_ticket_rotate( &ticket_ctx, + name, sizeof(name), kbuf, sizeof(kbuf), + opt.ticket_timeout ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_ticket_rotate returned %d\n\n", ret ); + goto exit; + } + } } #endif diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 4ec62ae1a..2480713fd 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -2707,6 +2707,21 @@ run_test "Session resume using tickets: basic" \ -s "a session has been resumed" \ -c "a session has been resumed" +requires_config_disabled MBEDTLS_USE_PSA_CRYPTO +run_test "Session resume using tickets: manual rotation" \ + "$P_SRV debug_level=3 tickets=1 ticket_rotate=1" \ + "$P_CLI debug_level=3 tickets=1 reconnect=1" \ + 0 \ + -c "client hello, adding session ticket extension" \ + -s "found session ticket extension" \ + -s "server hello, adding session ticket extension" \ + -c "found session_ticket extension" \ + -c "parse new session ticket" \ + -S "session successfully restored from cache" \ + -s "session successfully restored from ticket" \ + -s "a session has been resumed" \ + -c "a session has been resumed" + run_test "Session resume using tickets: cache disabled" \ "$P_SRV debug_level=3 tickets=1 cache_max=0" \ "$P_CLI debug_level=3 tickets=1 reconnect=1" \