From 0c6105bc9ed69a02706abd28b9ec92eec4796e4b Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Fri, 12 Aug 2022 17:26:40 +0800 Subject: [PATCH] empty pre_shared_key functions To easy review Signed-off-by: Jerry Yu --- library/ssl_tls13_client.c | 365 ++++--------------------------------- 1 file changed, 39 insertions(+), 326 deletions(-) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index 40e3cfd70d..645479b830 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -665,56 +665,6 @@ static int ssl_tls13_write_psk_key_exchange_modes_ext( mbedtls_ssl_context *ssl, return ( 0 ); } -/* Check if we have any PSK to offer, returns 0 if a PSK is available. */ -MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_tls13_get_psk_to_offer( - const mbedtls_ssl_context *ssl, - int *psk_type, - const unsigned char **psk, size_t *psk_len, - const unsigned char **psk_identity, size_t *psk_identity_len ) -{ - *psk = NULL; - *psk_len = 0; - *psk_identity = NULL; - *psk_identity_len = 0; - *psk_type = MBEDTLS_SSL_TLS1_3_PSK_EXTERNAL; - -#if defined(MBEDTLS_SSL_SESSION_TICKETS) - /* Check if a ticket has been configured. */ - if( ssl->session_negotiate != NULL && - ssl->session_negotiate->ticket != NULL ) - { -#if defined(MBEDTLS_HAVE_TIME) - mbedtls_time_t now = mbedtls_time( NULL ); - if( ssl->session_negotiate->ticket_received <= now && - (uint64_t)( now - ssl->session_negotiate->ticket_received ) - <= ssl->session_negotiate->ticket_lifetime ) - { - *psk_type = MBEDTLS_SSL_TLS1_3_PSK_RESUMPTION; - *psk = ssl->session_negotiate->resumption_key; - *psk_len = ssl->session_negotiate->resumption_key_len; - *psk_identity = ssl->session_negotiate->ticket; - *psk_identity_len = ssl->session_negotiate->ticket_len; - return( 0 ); - } -#endif /* MBEDTLS_HAVE_TIME */ - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ticket expired" ) ); - } -#endif - - /* Check if an external PSK has been configured. */ - if( ssl->conf->psk != NULL ) - { - *psk = ssl->conf->psk; - *psk_len = ssl->conf->psk_len; - *psk_identity = ssl->conf->psk_identity; - *psk_identity_len = ssl->conf->psk_identity_len; - return( 0 ); - } - - return( MBEDTLS_ERR_ERROR_GENERIC_ERROR ); -} - /* * mbedtls_ssl_tls13_write_identities_of_pre_shared_key_ext() structure: * @@ -743,204 +693,53 @@ int mbedtls_ssl_tls13_write_identities_of_pre_shared_key_ext( unsigned char *buf, unsigned char *end, size_t *out_len, size_t *binders_len ) { - unsigned char *p = buf; - const unsigned char *psk; - size_t psk_len; - const unsigned char *psk_identity; - size_t psk_identity_len; - int psk_type; - const mbedtls_ssl_ciphersuite_t *ciphersuite_info = NULL; - const int *ciphersuites; - psa_algorithm_t psa_hash_alg; - int hash_len = 0; - size_t identities_len, l_binders_len; - uint32_t obfuscated_ticket_age = 0; - - *out_len = 0; - *binders_len = 0; - - /* Check if we have any PSKs to offer. If so, return the first. - * - * NOTE: Ultimately, we want to be able to offer multiple PSKs, - * in which case we want to iterate over them here. - * - * As it stands, however, we only ever offer one, chosen - * by the following heuristic: - * - If a ticket has been configured, offer the corresponding PSK. - * - If no ticket has been configured by an external PSK has been - * configured, offer that. - * - Otherwise, skip the PSK extension. - */ - if( ssl_tls13_get_psk_to_offer( ssl, &psk_type, &psk, &psk_len, - &psk_identity, &psk_identity_len ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "skip pre_shared_key extensions" ) ); - return( 0 ); - } - - if( psk_type == MBEDTLS_SSL_TLS1_3_PSK_EXTERNAL ) - { - /* - * Ciphersuite list - */ - ciphersuites = ssl->conf->ciphersuite_list; - for( int i = 0; ciphersuites[i] != 0; i++ ) - { - ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( - ciphersuites[i] ); - - if( mbedtls_ssl_validate_ciphersuite( - ssl, ciphersuite_info, - MBEDTLS_SSL_VERSION_TLS1_3, - MBEDTLS_SSL_VERSION_TLS1_3 ) != 0 ) - continue; - - /* In this implementation we only add one pre-shared-key - * extension. - */ - ssl->session_negotiate->ciphersuite = ciphersuites[i]; - break; - } - } - else -#if defined(MBEDTLS_SSL_SESSION_TICKETS) - if( psk_type == MBEDTLS_SSL_TLS1_3_PSK_RESUMPTION ) - { -#if defined(MBEDTLS_HAVE_TIME) - mbedtls_time_t now = mbedtls_time( NULL ); - - obfuscated_ticket_age = - ( (uint32_t)( now - ssl->session_negotiate->ticket_received ) * 1000 ) - + ssl->session_negotiate->ticket_age_add; -#endif - } - else -#endif /* MBEDTLS_SSL_SESSION_TICKETS */ - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "write_identities_of_pre_shared_key_ext: " - "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } - - - ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( - ssl->session_negotiate->ciphersuite ); - /* No suitable ciphersuite for the PSK */ - if( ciphersuite_info == NULL ) - return( 0 ); - - psa_hash_alg = mbedtls_psa_translate_md( ciphersuite_info->mac ); - hash_len = PSA_HASH_LENGTH( psa_hash_alg ); - if( hash_len == -1 ) - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - - /* Check if we have space to write the extension, binder included. - * - extension_type (2 bytes) - * - extension_data_len (2 bytes) - * - identities_len (2 bytes) - * - identity_len (2 bytes) - * - identity (psk_identity_len bytes) - * - obfuscated_ticket_age (4 bytes) - * - binders_len (2 bytes) - * - binder_len (1 byte) - * - binder (hash_len bytes) - */ - - identities_len = 6 + psk_identity_len; - l_binders_len = 1 + hash_len; - - MBEDTLS_SSL_DEBUG_MSG( 3, - ( "client hello, adding pre_shared_key extension, " - "omitting PSK binder list" ) ); - - /* Extension header */ - MBEDTLS_SSL_CHK_BUF_PTR( p, end, 8 ); - MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_PRE_SHARED_KEY, p, 0 ); - MBEDTLS_PUT_UINT16_BE( 2 + identities_len + 2 + l_binders_len , p, 2 ); - - MBEDTLS_PUT_UINT16_BE( identities_len, p, 4 ); - MBEDTLS_PUT_UINT16_BE( psk_identity_len, p, 6 ); - p += 8; - MBEDTLS_SSL_CHK_BUF_PTR( p, end, psk_identity_len ); - memcpy( p, psk_identity, psk_identity_len ); - p += psk_identity_len; - - /* add obfuscated ticket age */ - MBEDTLS_SSL_CHK_BUF_PTR( p, end, 4 ); - MBEDTLS_PUT_UINT32_BE( obfuscated_ticket_age, p, 0 ); - p += 4; - - MBEDTLS_SSL_CHK_BUF_PTR( p, end, 2 + l_binders_len ); - *out_len = ( p - buf ) + l_binders_len + 2; - *binders_len = l_binders_len + 2; - - ssl->handshake->extensions_present |= MBEDTLS_SSL_EXT_PRE_SHARED_KEY; - + ((void) ssl); + ((void) buf); + ((void) end); + ((void) out_len); + ((void) binders_len); return( 0 ); } int mbedtls_ssl_tls13_write_binders_of_pre_shared_key_ext( - mbedtls_ssl_context *ssl, - unsigned char *buf, unsigned char *end ) + mbedtls_ssl_context *ssl, unsigned char *buf, unsigned char *end ) { - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - unsigned char *p = buf; - const unsigned char *psk_identity; - size_t psk_identity_len; - const mbedtls_ssl_ciphersuite_t *ciphersuite_info = NULL; - psa_algorithm_t psa_hash_alg; - int hash_len = 0; - const unsigned char *psk = NULL; - size_t psk_len = 0; - int psk_type; - unsigned char transcript[MBEDTLS_MD_MAX_SIZE]; - size_t transcript_len; - - if( ssl_tls13_get_psk_to_offer( ssl, &psk_type, &psk, &psk_len, - &psk_identity, &psk_identity_len ) != 0 ) - { - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } - - ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( - ssl->session_negotiate->ciphersuite ); - if( ciphersuite_info == NULL ) - return( 0 ); - - psa_hash_alg = mbedtls_psa_translate_md( ciphersuite_info->mac ); - hash_len = PSA_HASH_LENGTH( psa_hash_alg ); - if( ( hash_len == -1 ) || ( ( end - buf ) != 3 + hash_len ) ) - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding PSK binder list" ) ); - - MBEDTLS_SSL_CHK_BUF_PTR( p, end, 3 + hash_len ); - /* 2 bytes length field for array of psk binders */ - MBEDTLS_PUT_UINT16_BE( hash_len + 1, p, 0 ); - p += 2; - - /* 1 bytes length field for next psk binder */ - *p++ = MBEDTLS_BYTE_0( hash_len ); - - /* Get current state of handshake transcript. */ - ret = mbedtls_ssl_get_handshake_transcript( ssl, ciphersuite_info->mac, - transcript, sizeof( transcript ), - &transcript_len ); - if( ret != 0 ) - return( ret ); - - ret = mbedtls_ssl_tls13_create_psk_binder( ssl, - mbedtls_psa_translate_md( ciphersuite_info->mac ), - psk, psk_len, psk_type, - transcript, p ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_tls13_create_psk_binder", ret ); - return( ret ); - } + ((void) ssl); + ((void) buf); + ((void) end); return( 0 ); } + +/* + * struct { + * opaque identity<1..2^16-1>; + * uint32 obfuscated_ticket_age; + * } PskIdentity; + * + * opaque PskBinderEntry<32..255>; + * + * struct { + * + * select (Handshake.msg_type) { + * ... + * case server_hello: uint16 selected_identity; + * }; + * + * } PreSharedKeyExtension; + * + */ +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_tls13_parse_server_pre_shared_key_ext( mbedtls_ssl_context *ssl, + const unsigned char *buf, + const unsigned char *end ) +{ + ((void) ssl); + ((void) buf); + ((void) end); + return( 0 ); +} + #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */ int mbedtls_ssl_tls13_write_client_hello_exts( mbedtls_ssl_context *ssl, @@ -1299,92 +1098,6 @@ static int ssl_tls13_check_server_hello_session_id_echo( mbedtls_ssl_context *ss return( 0 ); } -#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) -/* - * struct { - * opaque identity<1..2^16-1>; - * uint32 obfuscated_ticket_age; - * } PskIdentity; - * - * opaque PskBinderEntry<32..255>; - * - * struct { - * - * select (Handshake.msg_type) { - * ... - * case server_hello: uint16 selected_identity; - * }; - * - * } PreSharedKeyExtension; - * - */ - -MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_tls13_parse_server_pre_shared_key_ext( mbedtls_ssl_context *ssl, - const unsigned char *buf, - const unsigned char *end ) -{ - int ret = 0; - size_t selected_identity; - - int psk_type; - const unsigned char *psk; - size_t psk_len; - const unsigned char *psk_identity; - size_t psk_identity_len; - - /* Check which PSK we've offered. - * - * NOTE: Ultimately, we want to offer multiple PSKs, and in this - * case, we need to iterate over them here. - */ - if( ssl_tls13_get_psk_to_offer( ssl, &psk_type, &psk, &psk_len, - &psk_identity, &psk_identity_len ) != 0 ) - { - /* If we haven't offered a PSK, the server must not send - * a PSK identity extension. */ - return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); - } - - MBEDTLS_SSL_CHK_BUF_PTR( buf, end, 2 ); - selected_identity = MBEDTLS_GET_UINT16_BE( buf, 0 ); - - /* We have offered only one PSK, so the only valid choice - * for the server is PSK index 0. - * - * This will change once we support multiple PSKs. */ - if( selected_identity > 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Server's chosen PSK identity out of range" ) ); - - if( ( ret = mbedtls_ssl_send_alert_message( ssl, - MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ) ) != 0 ) - { - return( ret ); - } - - return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); - } - - /* Set the chosen PSK - * - * TODO: We don't have to do this in case we offered 0-RTT and the - * server accepted it, because in this case we've already - * set the handshake PSK. */ - ret = mbedtls_ssl_set_hs_psk( ssl, psk, psk_len ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_set_hs_psk", ret ); - return( ret ); - } - - ssl->handshake->extensions_present |= MBEDTLS_SSL_EXT_PRE_SHARED_KEY; - return( 0 ); -} - -#endif - /* Parse ServerHello message and configure context * * struct {