Add select ciphersuite entry function
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
This commit is contained in:
Jerry Yu
parent
dd1bef788e
commit
f35ba384ff
1 changed files with 102 additions and 80 deletions
|
|
@ -46,6 +46,25 @@
|
|||
#include "ssl_tls13_keys.h"
|
||||
#include "ssl_debug_helpers.h"
|
||||
|
||||
|
||||
static const mbedtls_ssl_ciphersuite_t *ssl_tls13_get_ciphersuite_info_by_id(
|
||||
mbedtls_ssl_context *ssl,
|
||||
uint16_t cipher_suite )
|
||||
{
|
||||
const mbedtls_ssl_ciphersuite_t *ciphersuite_info;
|
||||
if( ! mbedtls_ssl_tls13_cipher_suite_is_offered( ssl, cipher_suite ) )
|
||||
return( NULL );
|
||||
|
||||
ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( cipher_suite );
|
||||
if( ( mbedtls_ssl_validate_ciphersuite( ssl, ciphersuite_info,
|
||||
ssl->tls_version,
|
||||
ssl->tls_version ) != 0 ) )
|
||||
{
|
||||
return( NULL );
|
||||
}
|
||||
return( ciphersuite_info );
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
|
||||
/* From RFC 8446:
|
||||
*
|
||||
|
|
@ -188,88 +207,98 @@ static int ssl_tls13_offered_psks_check_binder_match( mbedtls_ssl_context *ssl,
|
|||
return( SSL_TLS1_3_OFFERED_PSK_NOT_MATCH );
|
||||
}
|
||||
|
||||
static const mbedtls_ssl_ciphersuite_t *ssl_tls13_get_ciphersuite_info_by_id(
|
||||
mbedtls_ssl_context *ssl,
|
||||
uint16_t cipher_suite )
|
||||
{
|
||||
const mbedtls_ssl_ciphersuite_t *ciphersuite_info;
|
||||
if( ! mbedtls_ssl_tls13_cipher_suite_is_offered( ssl, cipher_suite ) )
|
||||
return( NULL );
|
||||
|
||||
ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( cipher_suite );
|
||||
if( ( mbedtls_ssl_validate_ciphersuite( ssl, ciphersuite_info,
|
||||
ssl->tls_version,
|
||||
ssl->tls_version ) != 0 ) )
|
||||
{
|
||||
return( NULL );
|
||||
}
|
||||
return( ciphersuite_info );
|
||||
}
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_psk_external_check_ciphersuites( mbedtls_ssl_context *ssl,
|
||||
const unsigned char *buf,
|
||||
const unsigned char *end,
|
||||
size_t binder_len,
|
||||
uint16_t *selected_cipher_suite )
|
||||
static int ssl_tls13_select_ciphersuite_for_psk(
|
||||
mbedtls_ssl_context *ssl,
|
||||
const unsigned char *cipher_suites,
|
||||
const unsigned char *cipher_suites_end,
|
||||
uint16_t *selected_ciphersuite,
|
||||
const mbedtls_ssl_ciphersuite_t **selected_ciphersuite_info )
|
||||
{
|
||||
mbedtls_md_type_t psk_alg;
|
||||
psa_algorithm_t psk_hash_alg = PSA_ALG_SHA_256;
|
||||
|
||||
*selected_cipher_suite = 0;
|
||||
/* RFC 8446, page 55.
|
||||
*
|
||||
* For externally established PSKs, the Hash algorithm MUST be set when the
|
||||
* PSK is established or default to SHA-256 if no such algorithm is defined.
|
||||
*
|
||||
*/
|
||||
psk_hash_alg = PSA_ALG_SHA_256;
|
||||
|
||||
switch( binder_len )
|
||||
{
|
||||
#if defined(MBEDTLS_SHA256_C)
|
||||
case 32:
|
||||
psk_alg = MBEDTLS_MD_SHA256;
|
||||
break;
|
||||
#endif
|
||||
#if defined(MBEDTLS_SHA384_C)
|
||||
case 48:
|
||||
psk_alg = MBEDTLS_MD_SHA384;
|
||||
break;
|
||||
#endif
|
||||
default:
|
||||
return( MBEDTLS_SSL_ALERT_MSG_DECRYPT_ERROR );
|
||||
}
|
||||
/*
|
||||
* Search for a matching ciphersuite
|
||||
*/
|
||||
for ( const unsigned char *p = buf ; p < end ; p += 2 )
|
||||
for ( const unsigned char *p = cipher_suites ;
|
||||
p < cipher_suites_end ; p += 2 )
|
||||
{
|
||||
uint16_t cipher_suite;
|
||||
const mbedtls_ssl_ciphersuite_t* ciphersuite_info;
|
||||
|
||||
MBEDTLS_SSL_CHK_BUF_READ_PTR( p, end, 2 );
|
||||
const mbedtls_ssl_ciphersuite_t *ciphersuite_info;
|
||||
|
||||
cipher_suite = MBEDTLS_GET_UINT16_BE( p, 0 );
|
||||
if( ! mbedtls_ssl_tls13_cipher_suite_is_offered( ssl, cipher_suite ) )
|
||||
ciphersuite_info = ssl_tls13_get_ciphersuite_info_by_id(
|
||||
ssl,cipher_suite );
|
||||
if( ciphersuite_info == NULL )
|
||||
continue;
|
||||
|
||||
ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( cipher_suite );
|
||||
if( ( mbedtls_ssl_validate_ciphersuite(
|
||||
ssl, ciphersuite_info, ssl->tls_version,
|
||||
ssl->tls_version ) != 0 ) )
|
||||
{
|
||||
continue;
|
||||
}
|
||||
|
||||
/* MAC of selected ciphersuite MUST be same with PSK binder if exist.
|
||||
* Otherwise, client should reject.
|
||||
*/
|
||||
if( psk_alg != MBEDTLS_MD_NONE && psk_alg != ciphersuite_info->mac )
|
||||
continue;
|
||||
|
||||
*selected_cipher_suite = cipher_suite;
|
||||
|
||||
MBEDTLS_SSL_DEBUG_MSG( 5, ( "PSK matched ciphersuite: %04x - %s",
|
||||
cipher_suite,
|
||||
ciphersuite_info->name ) );
|
||||
if( psk_hash_alg == mbedtls_psa_translate_md( ciphersuite_info->mac ) )
|
||||
{
|
||||
*selected_ciphersuite = cipher_suite;
|
||||
*selected_ciphersuite_info = ciphersuite_info;
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
|
||||
}
|
||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "No matched ciphersuite" ) );
|
||||
return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE );
|
||||
}
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_select_ciphersuite_for_resumption(
|
||||
mbedtls_ssl_context *ssl,
|
||||
const unsigned char *cipher_suites,
|
||||
const unsigned char *cipher_suites_end,
|
||||
mbedtls_ssl_session *session,
|
||||
uint16_t *selected_ciphersuite,
|
||||
const mbedtls_ssl_ciphersuite_t **selected_ciphersuite_info )
|
||||
{
|
||||
((void) ssl);
|
||||
((void) session);
|
||||
((void) cipher_suites);
|
||||
((void) cipher_suites_end);
|
||||
((void) selected_ciphersuite);
|
||||
((void) selected_ciphersuite_info);
|
||||
return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
|
||||
}
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_select_ciphersuite(
|
||||
mbedtls_ssl_context *ssl,
|
||||
const unsigned char *cipher_suites,
|
||||
const unsigned char *cipher_suites_end,
|
||||
int psk_type,
|
||||
mbedtls_ssl_session *session,
|
||||
uint16_t *selected_ciphersuite,
|
||||
const mbedtls_ssl_ciphersuite_t **selected_ciphersuite_info )
|
||||
{
|
||||
*selected_ciphersuite = 0;
|
||||
*selected_ciphersuite_info = NULL;
|
||||
switch( psk_type )
|
||||
{
|
||||
case MBEDTLS_SSL_TLS1_3_PSK_EXTERNAL:
|
||||
return( ssl_tls13_select_ciphersuite_for_psk(
|
||||
ssl, cipher_suites, cipher_suites_end,
|
||||
selected_ciphersuite, selected_ciphersuite_info ) );
|
||||
case MBEDTLS_SSL_TLS1_3_PSK_RESUMPTION:
|
||||
return( ssl_tls13_select_ciphersuite_for_resumption(
|
||||
ssl, cipher_suites, cipher_suites_end, session,
|
||||
selected_ciphersuite, selected_ciphersuite_info ) );
|
||||
}
|
||||
|
||||
return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
|
||||
}
|
||||
|
||||
/* Parser for pre_shared_key extension in client hello
|
||||
* struct {
|
||||
* opaque identity<1..2^16-1>;
|
||||
|
|
@ -367,27 +396,20 @@ static int ssl_tls13_parse_pre_shared_key_ext( mbedtls_ssl_context *ssl,
|
|||
if( ret != SSL_TLS1_3_OFFERED_PSK_MATCH )
|
||||
continue;
|
||||
|
||||
if( psk_type == MBEDTLS_SSL_TLS1_3_PSK_EXTERNAL )
|
||||
{
|
||||
ret = ssl_tls13_psk_external_check_ciphersuites(
|
||||
ssl, ciphersuites, ciphersuites_end,
|
||||
binder_len, &cipher_suite );
|
||||
if( ret < 0 )
|
||||
MBEDTLS_SSL_DEBUG_MSG( 4, ( "found matched identity" ) );
|
||||
ret = ssl_tls13_select_ciphersuite( ssl, ciphersuites, ciphersuites_end,
|
||||
psk_type, NULL, &cipher_suite,
|
||||
&ciphersuite_info );
|
||||
if( ret != 0 )
|
||||
{
|
||||
/* See below, no cipher_suite available, abort handshake */
|
||||
MBEDTLS_SSL_PEND_FATAL_ALERT(
|
||||
MBEDTLS_SSL_ALERT_MSG_DECRYPT_ERROR,
|
||||
MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE );
|
||||
MBEDTLS_SSL_DEBUG_RET(
|
||||
2, "ssl_tls13_select_ciphersuite_for_psk", ret );
|
||||
return( ret );
|
||||
}
|
||||
ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( cipher_suite );
|
||||
}
|
||||
else
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 4, ( "`psk_type = %d` not support yet",
|
||||
psk_type ) );
|
||||
return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
|
||||
}
|
||||
|
||||
ret = ssl_tls13_offered_psks_check_binder_match(
|
||||
ssl, binder, binder_len, psk_type,
|
||||
|
|
|
|||
Loading…
Reference in a new issue